NSX-T Data Center API Guide

NSX-T Data Center 2.5.0

Table of Contents

  1. Overview
  2. API Methods
    1. AAA
    2. Cloud Service Manager
      1. AWS
        1. VPCS
          1. Security Groups
          2. Service Endpoints
      2. AWS Accounts
      3. AWS Gateway AMIS
      4. AWS Gateways
      5. AWS Key Pairs
      6. AWS Regions
      7. AWS Resources
      8. AWS VPCS
      9. Accounts Statistics
      10. Azure
        1. Security Groups
        2. Vnets
          1. Service Endpoints
      11. Azure Accounts
      12. Azure Gateways
      13. Azure IP Allocations
      14. Azure Regions
      15. Azure Resources
      16. Azure Vnets
      17. Cloud Service Manager
      18. NSX Manager Accounts
      19. Proxy Server Profile
      20. VPN
      21. Virtual Machines
    3. Management Plane API
      1. AAA
      2. API Services
        1. API Request Batching
        2. Authentication
        3. Task Management
      3. Aggregation Service
        1. Configuration
      4. App Discovery
      5. Appliance Management
      6. Associations
      7. Capacity Dashboard
      8. Cluster
        1. Nodes
          1. Deployments
      9. Configs
        1. Inventory
      10. Dashboard
      11. Directory Service
      12. Error Resolver
      13. Fabric
        1. Compute Collections
        2. Compute Managers
        3. Container Applications
        4. Container Clusters
        5. Container Projects
        6. Discovered Nodes
        7. Nodes
        8. VIFS
        9. Virtual Machines
      14. Global-Configs
      15. Grouping Objects
        1. IP Sets
        2. MAC Sets
        3. NS Groups
        4. NS Profiles
        5. NS Service Groups
        6. NS Services
      16. Identity Firewall
        1. Configuration
        2. Monitoring
        3. Realization Data
      17. Licensing
      18. Logical Routing And Services
        1. BFD Peers
        2. DHCP Relay
        3. DHCP Relay Profiles
        4. Logical Router Ports
        5. Logical Routers
        6. NAT
        7. Routing BFD Configuration
        8. Routing Configuration
      19. Logical Switching
        1. Logical Switch Ports
        2. Logical Switches
        3. Switching Profiles
      20. Migration
        1. Feedback
        2. Group
        3. Migrationunits
        4. Nodes
        5. Plan
        6. Setup
        7. Stats
        8. Status
        9. User Inputs
      21. NSX Component Administration
        1. Appliance
        2. Appliance Management
        3. Backup Restore Management
          1. Backup
          2. Restore
        4. Cluster Management
        5. NSX Administration
        6. System Properties
        7. Trust Management
          1. CRL
          2. CSR
          3. Certificate
      22. NSX Notifications
      23. Network Transport
        1. Bridge Clusters
        2. Bridge Endpoint Profiles
        3. Bridge Endpoints
        4. Cluster Profiles
        5. Edge Clusters
        6. Failure Domains
        7. Hostswitch Profiles
        8. Transport Node Collections
        9. Transport Node Profiles
        10. Transport Nodes
        11. Transport Profiles
        12. Transport Zones
      24. Normalization
      25. Operations
        1. IPFIX
        2. LLDP
      26. Pool Management
        1. IP Blocks
        2. IP Pools
        3. MAC Pools
        4. VNI Pools
        5. VTEP Label Pools
      27. Proxy Configuration
      28. Realization
      29. Service Config
      30. Services
        1. DHCP
        2. DNS
        3. Firewall
        4. Loadbalancer
        5. Metadata Proxy
        6. Policy Based Routing
        7. Service Insertion
      31. Telemetry Configuration
      32. Troubleshooting And Monitoring
        1. Healthcheck
        2. IPFIX
        3. Packet Capture
        4. Port Connection
        5. Port Mirroring
        6. Traceflow
      33. Unified Nsgroup Profile Management
        1. Profiles
      34. Upgrade
        1. Bundle
        2. Bundles
        3. Group
        4. History
        5. Nodes
        6. Plan
        7. Status
        8. Upgrade Units
      35. VPN
        1. IPSEC
          1. DPD Profiles
          2. IKE Profiles
          3. Local Endpoints
          4. Peer Endpoints
          5. Services
          6. Sessions
          7. Tunnel Profiles
        2. L2VPN
          1. Services
          2. Sessions
        3. Statistics
          1. IKE Service
          2. IKE Sessions Status
          3. L2VPN Remote MACS
          4. L2VPN Session Statistics
          5. L2VPN Session Status
          6. L2VPN Sessions Summary
          7. Reset Sessions Statistics
          8. Sessions Statistics
          9. Sessions Summary
    4. Nsx-Intelligence
      1. Deployments
      2. Host
    5. Policy
      1. Draft
      2. Infra
        1. Certificates
          1. Certification Revocation List
        2. Constraints
        3. Deployment Zones
        4. Domains
          1. Domain Deployment Maps
        5. Enforcement Points
        6. Global Config
        7. Hierarchical API
        8. Labels
        9. Sites
      3. Inventory
        1. Context Profiles
        2. Groups
          1. Group Members
        3. Services
      4. Networking
        1. Connectivity
          1. Routing
            1. Bgp
            2. Community List
            3. Prefix List
            4. Route Map
            5. Static Routes
            6. Tiers-0 Gateways
              1. Tiers-0 Deployment Maps
              2. Tiers-0 Locale Services
            7. Tiers-1 Gateways
          2. Segment Profiles
            1. Discovery Profile Binding
            2. IP Discovery Profiles
            3. MAC Discovery Profiles
            4. Monitoring Profile Binding
            5. QOS
            6. QOS Profile Binding
            7. Security Profile Binding
            8. Segment Security Profiles
            9. Spoofguard Profiles
          3. Segments
        2. IP Management
          1. DHCP
            1. DHCP Relay Configs
            2. DHCP Server Configs
          2. DNS
            1. DNS Forwarder
          3. IP Address Pools
            1. IP Blocks
            2. IP Pools
          4. IPV6 Profiles
        3. Network Services
          1. Forwarding Policies
          2. Load Balancing
            1. Load Balancer Pools
            2. Load Balancer Profiles
              1. Load Balancer Application Profiles
              2. Load Balancer Monitor Profiles
              3. Load Balancer Persistence Profiles
              4. Load Balancer SSL Profiles
                1. Load Balancer Client SSL Profiles
                2. Load Balancer SSL Ciphers And Protocols
                3. Load Balancer Server SSL Profiles
            3. Load Balancer Services
            4. Load Balancer Usage
              1. Statistics
              2. Status
              3. Usage
            5. Load Balancer Virtual Servers
          3. NAT
          4. VPN
            1. IPSEC
              1. DPD Profiles
              2. IKE Profiles
              3. IPSEC Profiles
              4. Local Endpoints
              5. Services
              6. Sessions
              7. Statistics
              8. Status
            2. L2VPN
              1. Services
              2. Sessions
              3. Statistics
              4. Status
      5. Operations
        1. Compliance
        2. Finetuning
        3. IPFIX
          1. Firewall IPFIX Collectors
          2. Firewall IPFIX Profiles
          3. Switch IPFIX Collectors
          4. Switch IPFIX Profiles
        4. Port Mirroring
      6. Realized State
      7. Security
        1. Distributed Firewall
          1. Statistics
        2. Firewall Config
        3. Gateway Firewall
          1. Statistics
        4. Guest Introspection
        5. Profiles
          1. DNS Security
          2. Flood Protection
          3. Monitoring Profiles
          4. Session Timer
        6. Service Insertion
          1. Partner Services
          2. Redirection Policies
          3. Service Chains
          4. Service Definitions
          5. Service Instances
          6. Service References
    6. Upgrade
      1. Node Upgrade
  3. API Types
  4. API Type Schemas
  5. API Errors
  6. Deprecated Types and Methods


Overview

Introduction

NSX-T Data Center provides a programmatic API to automate management activities. The API follows a resource-oriented Representational State Transfer (REST) architecture, using JSON object encoding. Clients interact with the API using RESTful web service calls over the HTTPS protocol.

Each API method is identified by a request method and URI. Method parameters are specified as key-value pairs appended to the URI. Unless otherwise noted, request and response bodies are encoded using JSON, and must conform to the JSON schema associated with each method. The content type of each request and reply is "application/json" unless otherwise specified. Each request that can be made is documented in the API Methods section. The associated request and response body schemas are documented in the API Schemas section.

Some APIs may be marked as deprecated. This indicates that the functionality provided by the API has been removed or replaced with a different API. The description of the API will indicate what API(s) to call instead.

Some APIs may be marked as experimental. This indicates that the API may be changed or removed without notice in a future NSX-T Data Center release.

It is possible for any request to fail. Errors are reported using standard HTTP response codes. It should be assumed the following errors could be returned by any API method: 301 Moved Permanently, 307 Temporary Redirect, 400 Bad Request, 401 Unauthorized, 403 Forbidden, 500 Internal Server Error, 503 Service Unavailable. Where other errors may be returned, the type of error is indicated in the API method description. All errors are documented in the API Errors section.

Request Authentication

Most API calls require authentication. This API supports several different authentication schemes, which are documented in this section. Multiple authentication schemes may not be used concurrently.

HTTP Basic Authentication

To authenticate a request using HTTP Basic authentication, the caller's credentials are passed using the 'Authorization' header. The header content should consist of a base64-encoded string containing the username and password separated by a single colon (":") character, as specified in RFC 1945 section 11.1.

For example, to authenticate a request using the credentials of user admin with password admin, include the following header with the request:

Authorization: Basic YWRtaW46YWRtaW4=

The following cURL command will authenticate to the manager using basic authentication and will issue a GET request for logical ports:

curl -k -u USERNAME:PASSWORD https://MANAGER/api/v1/logical-ports

where:
USERNAME is the user to authenticate as,
PASSWORD is the password to provide, and
MANAGER is the IP address or host name of the NSX manager

For example:

curl -k -u admin:secretPw99 https://192.168.22.32/api/v1/logical-ports

Note: the -k argument instructs cURL to skip verifying the manager's self-signed X.509 certificate. It is more secure to verify that the server's certificate is signed by a Certificate Authority (CA) that you trust. To do that, omit the -k argument and use the --cacert <ca-file> option, where <ca-file> is a PEM-formatted file containing the CA certificate to trust.

For example:

curl --cacert /home/me/certs/rootca.crt -u admin:secretPw99 https://192.168.22.32/api/v1/logical-ports

Additional cURL examples below use the -k flag, but you can always substitute the --rootca <ca-file> argument for additional security.

Authenticating to vIDM

When NSX-T is configured to use VMware Identity Manager (vIDM) for authentication, you supply an Authorization header with an authentication type of "Remote". The header content should consist of a base64-encoded string containing the username@domain and password separated by a single colon (":") character, as specified in RFC 1945 section 11.1.

For example, to authenticate a request using the credentials of user jsmith@example.com with password Sk2LkPM!, include the following header with the request:

Authorization: Remote anNtaXRoQGV4YW1wbGUuY29tOlNrMkxrUE0h

The following cURL command will authenticate to the manager using basic authentication and will issue a GET request for logical ports:

curl -k -H "Authorization: Remote BASE64" https://MANAGER/api/v1/logical-ports

where:
BASE64 is the base64-encoded string containing the username@domain and password separated by a single colon (":"), and
MANAGER is the IP address or host name of the NSX manager

For example:

curl -k H "Authorization: Remote anNtaXRoQGV4YW1wbGUuY29tOlNrMkxrUE0h" https://192.168.22.32/api/v1/logical-ports

Note: the -k argument instructs cURL to skip verifying the manager's self-signed X.509 certificate.

Session-Based Authentication

Session-based authentication is used by calling the /api/session/create authentication API to manage a session cookie. The session cookie returned in the result of a successful login must be provided in subsequent requests in order to associate those requests with the session.

Session state is local to the server responding to the API request. Idle sessions will automatically time-out, or can be terminated immediately using the POST /api/session/destroy API.

To obtain a session cookie, POST form data to the server using the application/x-ww-form-urlencoded media type, with fields "j_username" and "j_password" containing the username and password separated by an ampersand. Since an ampersand is a UNIX shell metacharacter, you may need to surround the argument with single quotes.

The following cURL command will authenticate to the server, will deposit the session cookie in the file "cookies.txt", and will write all HTTP response headers to the file headers.txt. One of these headers is the X-XSRF-TOKEN header that you will need to provide in subsequent requests.

curl -k -c cookies.txt -D headers.txt -X POST -d 'j_username=USERNAME&j_password=PASSWORD' https://MANAGER/api/session/create

For example:

curl -k -c cookies.txt -D headers.txt -X POST -d 'j_username=admin&j_password=secretPw99' https://192.168.22.32/api/session/create

The manager will respond with the roles and permissions granted to the user, and cURL will deposit the session cookie into the file "cookies.txt".

In subsequent cURL requests, use the -b argument to specify the cookie file. You also need to pass the X-XSRF-TOKEN header that was saved to the headers.txt file, using cURL's -H option:

curl -k -b cookies.txt -H "`grep X-XSRF-TOKEN headers.txt`" https://192.168.22.32/api/v1/logical-ports

When the session expires, the manager will respond with a 403 Forbidden HTTP response, at which point you must obtain a new session cookie and X-XSRF-TOKEN.

Session cookies can be destroyed by using the /api/session/destroy API:

curl -k -b cookies.txt -H "`grep X-XSRF-TOKEN headers.txt`" -X POST https://MANAGER/api/session/destroy

Authentication in VMware Cloud on AWS (VMC)

To make API calls to an NSX-T Manager in the VMware Cloud on AWS service (VMC), you need to gather a few pieces of information:

  1. Your VMC Organization ID
  2. Your Software Defined Data Center (SDDC) ID
  3. Your API token

All of this information is available in the VMC web console, https://console.cloud.vmware.com

In VMC, you always exchange your API token for a limited-duration authentication token, which you then pass in a header with your API calls. This authentication token is valid for 30 minutes. After that time, you must obtain a new authentication token using your API token. If you use an expired authentication token, the API call will be rejected.

To obtain an authentication token, you issue a POST request to the URL https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize, passing your API token in a form. To do this with cURL:

curl https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize -d refresh_token=<token>

For example, if your refresh token is aB1jtC5yk2rDL6A1KPxzM0W4D7OeHFUNuXFHZidufYS3fIwn60ZRag0Y9dvX15Qv, the command will be:

curl https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize -d refresh_token=aB1jtC5yk2rDL6A1KPxzM0W4D7OeHFUNuXFHZidufYS3fIwn60ZRag0Y9dvX15Qv

You will receive a JSON response with several properties. The "access_token" property contains the token you will need to provide with your API requests. An easy way to parse this token out of the response is to use the "jq" utility. For example:

curl https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize -d refresh_token=aB1jtC5yk2rDL6A1KPxzM0W4D7OeHFUNuXFHZidufYS3fIwn60ZRag0Y9dvX15Qv | jq --raw-output '.access_token'

produces just the access token. You can set an environment variable with the correct authentication header with:

export AUTH_HDR="csp-auth-token: `curl https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize -d refresh_token=aB1jtC5yk2rDL6A1KPxzM0W4D7OeHFUNuXFHZidufYS3fIwn60ZRag0Y9dvX15Qv | jq --raw-output '.access_token'`"

The AUTH_HDR environment variable now contains the authentication header. The token itself will be a long string of characters and digits.

Once you have your authentication token, you need to determine the URL for accessing the NSX-T manager in your SDDC. To do that, you issue a GET request to the endpoint https://vmc.vmware.com/vmc/api/orgs/<org-id>/sddcs/<sddc-id>, where <org-id> is your organization's ID and <sddc-id> is your SDDC's ID. The URL of the NSX-T manager will be in the resource_config.nsx_api_public_endpoint_url property. For example, if your organizations's ID is a003c3a5-3f68-4a8c-a74f-f79a0625da17 and your SDDC is 449369c7-7936-4f7f-b46e-624cdb2a0a99:

curl -H "$AUTH_HDR" https://vmc.vmware.com/vmc/api/orgs/a003c3a5-3f68-4a8c-a74f-f79a0625da17/sddcs/449369c7-7936-4f7f-b46e-624cdb2a0a99 | jq --raw-output ".resource_config.nsx_api_public_endpoint_url"

The output will look like:

https://nsx-52-41-15-143.rp.vmwarevmc.com/vmc/reverse-proxy/api/orgs/a003c3a5-3f68-4a8c-a74f-f79a0625da17/sddcs/449369c7-7936-4f7f-b46e-624cdb2a0a99/sks-nsxt-manager

This is the URL you should use to access your NSX-T manager from the internet. Append the particular API's URL to this base URL. For example, to list all domains, the API is "/policy/api/v1/infra/domains", so the full request will look like the following:

curl -q -H "$AUTH_HDR" https://nsx-52-41-15-143.rp.vmwarevmc.com/vmc/reverse-proxy/api/orgs/a003c3a5-3f68-4a8c-a74f-f79a0625da17/sddcs/449369c7-7936-4f7f-b46e-624cdb2a0a99/sks-nsxt-manager/policy/api/v1/infra/domains

Example Requests and Responses

Example requests and responses are provided for most of the API calls below. Your actual response might differ from the example in the number of fields returned because optional empty fields are not returned when you make an API call.

Restrictions on Certain Fields in a Request

When configuring layer 2 switching, the following fields can contain any character except semicolon (;), vertical bar (|), equal sign (=), comma (,), tilde (~), and the "at" sign (@). They also have a length limitation as specified below:

Optimistic Concurrency Control and the _revision property

Overview

In order to prevent one client from overwriting another client's updates, NSX-T employs a technique called optimistic concurrency control.

All REST payloads contain a property named "_revision". This is an integer that is incremented each time an existing resource is updated. Clients must provide this property in PUT requests and it must match the current _revision or the update will be rejected. This guards against the following situation:

Client 1 reads resource A.

Client 2 reads resource A.

Client 1 replaces the display_name property of resource A and does a PUT to replace the resource.

Client 2 replaces is different property of resource A and attempts to perform a PUT operation.

Without optimistic concurrency control, Client 2's update would overwrite Client 1's update to the display_name property. Instead, Client 2 receives a 409 Conflict error. To recover, Client 2 must fetch the resource again, apply the change, and perform a PUT.

Exceptions for /policy APIs

APIs whose URI begins with /policy have slightly different behavior. For those APIs, the _revision property must not be set when PUT is used to create a new resource. Once the resource is created, however, the _revision property must be provided with PUT operations.

PATCH and _revision for /policy APIs

APIs whose URI begins with /policy support the PATCH operation. Those APIs do not require that the _revision property be provided. A client can, however, request that the _revision property be checked when it is performing a PATCH in the /infra path. To do this, the client should pass the query parameter enforce_revision_check, e.g. PATCH /infra?enforce_revision_check=true.

Partial patching of objects is not allowed using the PATCH operation unless explicitly mentioned. In other words, the entire payload of object is expected to be provided in both PUT and PATCH operations for the /policy APIs.

OpenAPI Specification of NSX-T APIs

You can download OpenAPI specifications for the various NSX-T APIs at the following URLs:

NSX-T Data Center Manager API:
APIs for NSX-T administration; node and cluster management APIs and fabric management APIs for on-premise customers.

NSX-T Data Center Manager API:
APIs for managing logical networking in NSX-T for on-premise customers. NSX VMC Policy API:
APIs for managing logical networking in NSX-T for VMware Cloud on AWS customers. NSX VMC AWS Integration API:
APIs for managing AWS underlay networking for VMware Cloud on AWS customers.


API Methods

Toggle all tables +

AAA

Associated URIs:

Get effective object permissions to object specified by path for current user. (Experimental)

Returns none if user doesn't have access or feature_name from required request parameter
is empty/invalid/doesn't match with object-path provided.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/aaa/effective-permissions
Request Headers:
n/a
Query Parameters:
FeaturePermissionRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/effective-permissions?object_path=infra/domains/mgw&feature_name=infra_admin Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PathPermissionGroup+

Example Response: { "operation": "crud", "object_path": "infra/domains/MGW" } Required Permissions: none Feature: policy_rbac Additional Errors:

Delete object-permissions entries (Experimental)

This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/aaa/object-permissions
Request Headers:
n/a
Query Parameters:
ObjectRolePermissionGroupListRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/aaa/object-permissions?role_name=cloud_admin&path_prefix=infra/domains/MGW Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_rbac Additional Errors:

Get list of Object-level RBAC entries. (Experimental)

This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/aaa/object-permissions
Request Headers:
n/a
Query Parameters:
ObjectRolePermissionGroupListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/object-permissions?path_prefix=infra/domains/MGW Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ObjectRolePermissionGroupListResult+

Example Response: { "result_count": 2, "results": [ { "role_name": "cloud_admin", "operation": "crud", "path_prefix": "infra/domains/MGW" }, { "role_name": "cloud_auditor", "operation": "none", "path_prefix": "infra/domains/MGW/CommunicationProfile1" } ] } Required Permissions: read Feature: policy_rbac Additional Errors:

Create/update object permission mappings (Experimental)

This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/aaa/object-permissions
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ObjectRolePermissionGroup+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/aaa/object-permissions { "role_name": "cloud_admin", "operation": "crud", "path_prefix": "infra/MGW" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_rbac Additional Errors:

Cloud Service Manager

Cloud Service Manager: AWS Accounts

Associated URIs:

Add a AWS account to cloud serivce manager

Request:
Method:
POST
URI Path:
/api/v1/csm/aws/accounts
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsAccount+

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/accounts { "display_name": "Account ABC", "cloud_type": "AWS", "cloud_tags_enabled" : true, "tenant_id": "123", "auth_method": "CREDENTIALS", "credentials": { "access_key": "A1B1C1", "secret_key": "a2b2c2", "gateway_role": "test-role" } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsAccount+

Example Response: { "id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "display_name": "Account ABC", "tenant_id": "123", "cloud_type": "AWS", "cloud_tags_enabled" : true, "auth_method": "CREDENTIALS", "credentials": { "gateway_role": "test-role" } "instance_stats": { "managed": 0, "unmanaged": 0, "error": 0 }, "vpc_stats": { "managed": 0, "unmanged": 0 }, "regions_count": 0, "status": { "inventory_sync_status": "IN_PROGRESS", "inventory_sync_state": "SYNCING_AWS_REGIONS" } } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Return a list of all AWS accounts

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/accounts
Request Headers:
n/a
Query Parameters:
AwsAccountsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/accounts?region_id=us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsAccountsListResult+

Example Response: { "all_accounts_vpc_stats": { "managed": 2, "unmanaged": 4 }, "all_accounts_instance_stats": { "managed": 12, "unmanaged": 22, "error": 1 } } Required Permissions: read Feature: cloud_accounts Additional Errors:

Update a AWS account information

Request:
Method:
PUT
URI Path:
/api/v1/csm/aws/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsAccount+

Example Request: PUT https://<nsx-csm>/api/v1/csm/aws/accounts/9174ffd1-41b1-42d6-a28d-05c61a0698e2 { "display_name": "New Name", "cloud_type": "AWS" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsAccount+

Example Response: { "id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "display_name": "New Name", "tenant_id": "123", "cloud_type": "AWS", "cloud_tags_enabled" : true, "auth_method": "CREDENTIALS", "credentials": { "gateway_role": "test-role" } "instance_stats": { "managed": 63, "unmanaged": 25, "error": 1 }, "vpc_stats": { "managed": 4, "unmanaged": 7 }, "regions_count": 4, "status": { "inventory_sync_status": "SYNCED", "inventory_sync_state": "NOT_APPLICABLE", "credentials_status": "VALID" } } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Returns the details of the particular AWS account

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/accounts/9174ffd1-41b1-42d6-a28d-05c61a0698e2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsAccount+

Example Response: { "id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "display_name": "Account ABC", "tenant_id": "123", "cloud_type": "AWS", "cloud_tags_enabled" : true, "auth_method": "CREDENTIALS", "credentials": { "gateway_role": "test-role" } "instance_stats": { "managed": 63, "unmanaged": 25, "error": 1 }, "vpc_stats": { "managed": 4, "unmanaged": 7 }, "regions_count": 4, "status": { "inventory_sync_status": "SYNCED", "inventory_sync_state": "NOT_APPLICABLE", "credentials_status": "VALID" } } Required Permissions: read Feature: cloud_accounts Additional Errors:

Delete AWS account information

Request:
Method:
DELETE
URI Path:
/api/v1/csm/aws/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-csm>/api/v1/csm/aws/accounts/ DELETE https://<nsx-csm>/api/v1/csm/aws/accounts/?force=true Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_accounts Additional Errors:

Return status of the account like credentials validity, inventory synchronization status and inventory synchronization state

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/accounts/<account-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/accounts/ d02af61a-e212-486e-b6c8-10462ccfbad6/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsAccountStatus+

Example Response: { "inventory_sync_status": "IN_PROGRESS", "inventory_sync_state": "SYNCING_AWS_VPCS", "credentials_status": "VALID" } Required Permissions: read Feature: cloud_accounts Additional Errors:

Synchronizes Aws account related inventory like Regions, Vpcs, Instances Status of inventory synchronization can be known from Aws account status api

Request:
Method:
POST
URI Path:
/api/v1/csm/aws/accounts/<account-id>?action=sync_inventory
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/accounts/ d02af61a-e212-486e-b6c8-10462ccfbad6?action=sync_inventory Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_accounts Additional Errors:

Cloud Service Manager: AWS Gateway AMIS

Associated URIs:

DEPRECATED. This API is needed only in NSX Cloud as a Service workflow, which is discontinued. Registers a AWS Gateway AMI for the region specified in the body. One can register only one gateway AMI ID per region. If a gateway AMI is already registered with a region, user is expected to use update API to overwrite the registerd AMI for a region. (Deprecated)

Request:
Method:
POST
URI Path:
/api/v1/csm/aws/gateway-amis
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsGatewayAmiInfo+

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/gateway-amis { "region_id": "us-west-2", "ami_id": "ami-123" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayAmiInfo+

Example Response: { "region_id": "us-west-2", "ami_id": "ami-123", "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: ami_region_mapping Additional Errors:

DEPRECATED. This API is needed only in NSX Cloud as a Service workflow, which is discontinued. Returns a list of Aws Gateway Amis. (Deprecated)

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/gateway-amis
Request Headers:
n/a
Query Parameters:
AwsGatewayAmisListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/gateway-amis/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayAmisListResult+

Example Response: { "results": [ { "region_id": "us-west-1", "ami_id": "ami-789", "_protection": "NOT_PROTECTED", "_revision": 0 }, { "region_id": "us-west-2", "ami_id": "ami-123", "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: ami_region_mapping Additional Errors:

DEPRECATED. This API is needed only in NSX Cloud as a Service workflow, which is discontinued. Returns AWS Gateway AMI for a particular region. (Deprecated)

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/gateway-amis/<region-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/gateway-amis/us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayAmiInfo+

Example Response: { "region_id": "us-west-2", "ami_id": "ami-123", "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: ami_region_mapping Additional Errors:

DEPRECATED. This API is needed only in NSX Cloud as a Service workflow, which is discontinued. Update a AWS Gateway AMI. (Deprecated)

Request:
Method:
PUT
URI Path:
/api/v1/csm/aws/gateway-amis/<region-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsGatewayAmiInfo+

Example Request: PUT https://<nsx-csm>/api/v1/csm/aws/gateway-amis/us-west-2 { "region_id": "us-west-2", "ami_id": "ami-456", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayAmiInfo+

Example Response: { "region_id": "us-west-2", "ami_id": "ami-123", "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: ami_region_mapping Additional Errors:

DEPRECATED. This API is needed only in NSX Cloud as a Service workflow, which is discontinued. Delete a AWS Gateway AMI. (Deprecated)

Request:
Method:
DELETE
URI Path:
/api/v1/csm/aws/gateway-amis/<region-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-csm>/api/v1/csm/aws/gateway-amis/us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: ami_region_mapping Additional Errors:

Cloud Service Manager: AWS Gateways

Associated URIs:

Returns configuration information for all gateways

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/gateways
Request Headers:
n/a
Query Parameters:
AwsGatewaysListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/gateways Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewaysListResult+

Example Response: { "results": [ { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "configuration": { "gateway_ha_configuration": [ { "availability_zone": "us-west-2a", "uplink_subnet": "subnet-4b1e122f", "management_subnet": "subnet-ea1e128e", "downlink_subnet": "subnet-041e1260", "gateway_ha_index": 0 } ], "default_quarantine_policy_enabled": false, "managed_without_agents": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "dns_settings": { "dns_mode": "DHCP" }, "nsx_manager_connection": "PUBLIC_IP", "ami_id": "ami-123", "key_pair_name": "test-key", "is_ha_enabled": false }, "vpc_id": "vpc-c35dbaa4" }, { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "configuration": { "gateway_ha_configuration": [ { "availability_zone": "us-west-1b", "uplink_subnet": "subnet-5b1e124h", "management_subnet": "subnet-a1e128t", "downlink_subnet": "subnet-141e1266", "gateway_ha_index": 0 }, { "availability_zone": "us-west-1a", "uplink_subnet": "subnet-7b1e932d", "management_subnet": "subnet-w1e128h", "downlink_subnet": "subnet-a41e1264", "gateway_ha_index": 0 } ], "default_quarantine_policy_enabled": true, "managed_without_agents": false, "nsx_manager_connection": "PRIVATE_IP", "ami_id": "ami-456", "key_pair_name": "test-key", "is_ha_enabled": true }, "vpc_id": "vpc-d76nfie6" } ] } Required Permissions: read Feature: gateway_deployment Additional Errors:

Updates configuration for primary gateway and secondary gateway for the vpc, if exists.

Request:
Method:
PUT
URI Path:
/api/v1/csm/aws/gateways/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsGatewayDeployConfig+

Example Request: PUT https://<nsx-csm>/api/v1/csm/aws/gateways/vpc-1234 { "configuration": { "default_quarantine_policy_enabled": true, "managed_without_agents": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "is_ha_enabled": false }, "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "vpc_id": "vpc-c35dbaa4" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayDeployConfig+

Example Response: { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "configuration": { "gateway_ha_configuration": [ { "availability_zone": "us-west-2a", "uplink_subnet": "subnet-4b1e122f", "management_subnet": "subnet-ea1e128e", "downlink_subnet": "subnet-041e1260", "gateway_ha_index": 0 } ], "default_quarantine_policy_enabled": true, "managed_without_agents": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "dns_settings": { "dns_mode": "DHCP" }, "nsx_manager_connection": "PUBLIC_IP", "ami_id": "ami-123", "key_pair_name": "test-key", "is_ha_enabled": false }, "vpc_id": "vpc-c35dbaa4" } Required Permissions: crud Feature: quarantine_policy Additional Errors:

Returns configuration for primary gateway and secondary gateway for the vpc,if exists.

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/gateways/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/gateways/vpc-1234 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayDeployConfig+

Example Response: { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "configuration": { "gateway_ha_configuration": [ { "availability_zone": "us-west-2a", "uplink_subnet": "subnet-4b1e122f", "management_subnet": "subnet-ea1e128e", "downlink_subnet": "subnet-041e1260", "gateway_ha_index": 0 } ], "default_quarantine_policy_enabled": false, "managed_without_agents": false, "proxy_server_profile":"a491bc83-5fc8-4e05-adb1-af8274422141", "nsx_manager_connection": "PUBLIC_IP", "ami_id": "ami-123", "key_pair_name": "test-key", "is_ha_enabled": false }, "vpc_id": "vpc-c35dbaa4" } Required Permissions: read Feature: gateway_deployment Additional Errors:

Returns status information for primary gateway and secondary gateway for the vpc, if exists.

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/gateways/<vpc-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/gateways/vpc-1234/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayStatus+

Example Response: { "gateway_instances_status": [ { "gateway_status": "DEPLOYING", "gateway_instance_id": "i-176", "gateway_ha_index": 0, "deployment_status": 80, "deployment_state": "CONFIGURING_GATEWAY", "gateway_name": "nsxc-gw-vpc-c35dbaa4-preferred-active" } ] } Required Permissions: read Feature: gateway_deployment Additional Errors:

Deploys gateway for the specified VPC

All the required configuration to deploy AWS gateways will be absorbed
as a part of request body in this API and gateway deployment will be
triggered. Deployment progress can be known from GetAwsGatewayStatus API.
Upon successful deployment of a gateway, the deployment_step will be
DEPLOYMENT_SUCCESSFUL gateway_status will be UP and op_status of the VPC
will be NSX_MANAGED_BY_GATEWAY. If any error is encountered during
deployment, corresponding error_code and error_message will be populated
in gateway_instances_status. To manage a compute VPC using transit VPC,
user needs to undeploy gateway and onboard the compute VPC
using /csm/aws/vpcs/?action=onboard API.
Request:
Method:
POST
URI Path:
/api/v1/csm/aws/gateways?action=deploy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsGatewayDeployConfig+

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/gateways?action=deploy { "configuration": { "ami_id": "ami-123", "nsx_manager_connection": "PUBLIC_IP", "default_quarantine_policy_enabled": false, "managed_without_agents": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "key_pair_name": "test-key", "is_ha_enabled": false, "gateway_ha_configuration": [{ "availability_zone": "us-west-2a", "uplink_subnet": "subnet-4b1e122f", "downlink_subnet": "subnet-041e1260", "management_subnet": "subnet-ea1e128e", "gateway_ha_index": 0, "public_ip_settings": { "ip_allocation_mode": "ALLOCATE_NEW", "public_ip": "1.2.3.4" }, "uplink_public_ip_settings" : { "public_ip" : "104.210.53.56", "ip_allocation_mode" : "USE_EXISTING" } }], "dns_settings": { "dns_mode": "DHCP", "dns_list": ["10.162.204.1", "10.166.1.1"] }}, "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "vpc_id": "vpc-c35dbaa4" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsGatewayDeployConfig+

Example Response: { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "configuration": { "gateway_ha_configuration": [ { "availability_zone": "us-west-2a", "uplink_subnet": "subnet-4b1e122f", "management_subnet": "subnet-ea1e128e", "downlink_subnet": "subnet-041e1260", "gateway_ha_index": 0, "public_ip_settings": { "public_ip": "1.2.3.4" }, "uplink_public_ip_settings" : { "public_ip" : "104.210.53.56" } } ], "default_quarantine_policy_enabled": false, "managed_without_agents": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "dns_settings": { "dns_mode": "DHCP", "dns_list": ["10.162.204.1", "10.166.1.1"] }, "nsx_manager_connection": "PUBLIC_IP", "ami_id": "ami-123", "key_pair_name": "test-key", "is_ha_enabled": false }, "vpc_id": "vpc-c35dbaa4" } Required Permissions: crud Feature: gateway_deployment Additional Errors:

Undeploys gateway for the specified VPC

All the required configuration to undeploy AWS gateway will be absorbed
as a part of request body in this API and gateway undeployment will be
triggered. Undeployment progress can be known from GetAwsGatewayStatus
API. Upon successful undeployment of a gateway, the deployment_step will be
UNDEPLOYMENT_SUCCESSFUL and gateway_status will be NOT_AVAILABLE. If any
error is encountered during undeployment, corresponding error_code and
error_message will be populated in gateway_instances_status
Request:
Method:
POST
URI Path:
/api/v1/csm/aws/gateways?action=undeploy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsGatewayUndeployConfig+

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/gateways?action=undeploy { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "instance_id": "i-0c2ab8e25221bcf7c" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: gateway_deployment Additional Errors:

Cloud Service Manager: AWS Key Pairs

Associated URIs:

Returns a list of Aws Key Pairs

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/key-pairs
Request Headers:
n/a
Query Parameters:
AwsKeyPairListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/key-pairs? account_id=7324800c-a41a-4cb4-b988-51fa3d093397®ion_id=ap-southeast-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsKeyPairList+

Example Response: { "results": [ { "name": "test-key-1" }, { "name": "test-key-2" }, { "name": "test-key-3" } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns a list of subnets

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/subnets
Request Headers:
n/a
Query Parameters:
AwsSubnetListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/subnets? account_id=7324800c-a41a-4cb4-b988-51fa3d093397& vpc_id=vpc-c35dbaa4&availability_zone_name=us-west-2a Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsSubnetListResult+

Example Response: { "results": [ { "display_name": "test-subnet-3", "availability_zone": "us-west-2a", "cidr": "10.0.3.0/24", "id": "subnet-ea1e128e" }, { "display_name": "test-subnet-2", "availability_zone": "us-west-2a", "cidr": "10.0.2.0/24", "id": "subnet-041e1260" }, { "display_name": "test-subnet-1", "availability_zone": "us-west-2a", "cidr": "10.0.1.0/24", "id": "subnet-4b1e122f" } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: AWS Regions

Associated URIs:

Returns a list of Aws regions

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/regions
Request Headers:
n/a
Query Parameters:
AwsRegionsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/regions Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsRegionsListResult+

Example Response: { "cursor": "000214", "sort_ascending": true, "result_count": 2, "results": [ { "id": "us-west-2", "display_name": "us-west-2", "vpc_stats": { "managed": 5, "unmanaged": 7 }, "gateway_stats": { "deploying": 1, "up": 4, "down": 1 }, "availability_zones": [ { "id": "us-west-2a", "display_name": "us-west-2a" }, { "id": "us-west-2b", "display_name": "us-west-2b" }, { "id": "us-west-2c", "display_name": "us-west-2c" } ], "instance_stats": { "managed": 21, "unmanaged": 32, "error": 1 } }, { "id": "ap-south-1", "display_name": "ap-south-1", "vpc_stats": { "managed": 0, "unmanaged": 0 }, "gateway_stats": { "deploying": 0, "up": 0, "down": 0 }, "availability_zones": [ { "id": "ap-south-1b", "display_name": "ap-south-1b" }, { "id": "ap-south-1a", "display_name": "ap-south-1a" } ], "instance_stats": { "managed": 0, "unmanaged": 0, "error": 0 } } } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns information about the particular Aws Region

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/regions/<region-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/regions/us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsRegion+

Example Response: { "id": "us-west-2", "display_name": "us-west-2", "vpc_stats": { "managed": 5, "unmanaged": 7 }, "gateway_stats": { "deploying": 1, "up": 4, "down": 1 }, "availability_zones": [ { "id": "us-west-2a", "display_name": "us-west-2a" }, { "id": "us-west-2b", "display_name": "us-west-2b" }, { "id": "us-west-2c", "display_name": "us-west-2c" } ], "instance_stats": { "managed": 21, "unmanaged": 32, "error": 1 } } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: AWS Resources

Associated URIs:

Returns a list of AWS public IPs

Returns a list of AWS public IPs. These ip addresses are available
to be allocated.
Request:
Method:
GET
URI Path:
/api/v1/csm/aws/public-ips
Request Headers:
n/a
Query Parameters:
AwsResourcesListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/public-ips? account_id=7324800c-a41a-4cb4-b988-51fa3d093397®ion_id=us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsPublicIpListResult+

Example Response: { "results": [ "104.209.46.64", "104.40.87.204", "40.112.184.178", "13.91.55.98" ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns a list of AWS security groups. Deprecated: Please use /csm/aws/vpcs//security-groups instead. (Deprecated)

Returns a list of AWS security groups. Deprecated: Please use
/csm/aws/vpcs//security-groups instead.
Request:
Method:
GET
URI Path:
/api/v1/csm/aws/vpcs/security-groups
Request Headers:
n/a
Query Parameters:
AwsSecurityGroupsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/vpcs/security-groups? account_id=7324800c-a41a-4cb4-b988-51fa3d093397®ion_id=us-west-2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsSecurityGroupsListResult+

Example Response: { "results": [ "default-sg", "quarantine-sg" ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: AWS VPCS

Associated URIs:

Returns the list of configuration of the compute VPC. The configuration contains quarantine policy and fall back security group of compute VPC and the information related to transit VPC.

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/compute-vpcs
Request Headers:
n/a
Query Parameters:
AwsComputeVpcListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/compute-vpcs { "cursor": "00011", "sort_ascending": true, "result_count": 1, "results": [ { "resource_type": "AwsComputeVpcConfig", "id": "vpc-0aabad6533afb42b4", "display_name": "vpc-0aabad6533afb42b4", "default_quarantine_policy_enabled": false, "managed_without_agents": false, "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "configuration": { "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "vpc_id": "vpc-560a242f" }, "_create_user": "system", "_create_time": 1540475272491, "_last_modified_user": "admin", "_last_modified_time": 1540475431491, "_system_owned": false, "_revision": 2 } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsComputeVpcListResult+

Required Permissions: read Feature: gateway_deployment Additional Errors:

Onboards a compute VPC to be NSX managed by a transit VPC.

Onboard a compute VPC to be NSX managed using a transit VPC.
Hence, user can manage the workload VMs in a compute
VPC by the public cloud gateways deployed in a transit VPC.
Onboarding status can be obtained from
/csm/aws/compute-vpcs//status API. Upon successful onboarding
of the VPC, the onboard_step will be ONBOARD_SUCCESSFUL and op_status
will be NSX_MANAGED_BY_TRANSIT_VPC. If any error is encountered during
onboarding, corresponding error_code and error_message will be populated.
To manage compute VPC using NSX gateway, user needs to offboard the
compute VPC and deploy gateway using /csm/aws/gateways?action=deploy API.
Request:
Method:
POST
URI Path:
/api/v1/csm/aws/compute-vpcs/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsComputeVpcConfig+

Example Request: POST https://<nsx-csm>/api/v1/csm/aws/compute-vpcs/ { "default_quarantine_policy_enabled": false, "managed_without_agents": false, "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "configuration": { "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "vpc_id": "vpc-560a242f" } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: gateway_deployment Additional Errors:

Returns the configuration of the compute VPC. The configuration contains quarantine policy and fall back security group of compute VPC and the information related to transit VPC.

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/compute-vpcs/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsComputeVpcConfig+

Example Response: GET https://<nsx-csm>/api/v1/csm/aws/vpcs/ { "resource_type": "AwsComputeVpcConfig", "id": "vpc-0aabad6533afb", "display_name": "vpc-0aabad6533afb", "default_quarantine_policy_enabled": false, "managed_without_agents": false, "configuration": { "vpc_id": "vpc-560a242f" }, "_create_user": "system", "_create_time": 1540475272491, "_last_modified_user": "admin", "_last_modified_time": 1540475431491, "_system_owned": false, "_revision": 2 } Required Permissions: read Feature: gateway_deployment Additional Errors:

Offboards a compute VPC.

Offboards a compute VPC to be NSX unmanaged from a transit VPC.
All the VMs in the compute VPC need to be untagged before offboarding
the compute VPC. Offboarding status can be obtained from
/csm/aws/compute-vpcs//status API. Upon successful offboarding
compute VPC, the onboard_step will be OFFBOARD_SUCCESSFUL
and op_status will be NOT_AVAILABLE. If any error is encountered
during offboarding, corresponding error_code and error_message
will be populated.
Request:
Method:
DELETE
URI Path:
/api/v1/csm/aws/compute-vpcs/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-csm>/api/v1/csm/aws/compute-vpcs/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: gateway_deployment Additional Errors:

Updates the NSX configuration related to managed compute VPC using a transit VPC.

Update the configurations such as default_quarantine_policy and
cloud_fallback_security_group_id for the NSX managed compute VPC.
Request:
Method:
PUT
URI Path:
/api/v1/csm/aws/compute-vpcs/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AwsComputeVpcConfig+

Example Request: PUT https://<nsx-csm>/api/v1/csm/aws/compute-vpcs/ { "resource_type": "AwsComputeVpcConfig", "id": "vpc-0aabad6533afb", "display_name": "vpc-0aabad6533afb", "default_quarantine_policy_enabled": false, "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "configuration": { "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "vpc_id": "vpc-560a242f" }, "_create_user": "system", "_create_time": 1540475272491, "_last_modified_user": "admin", "_last_modified_time": 1540475431491, "_system_owned": false, "_revision": 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsComputeVpcConfig+

Example Response: { "resource_type": "AwsComputeVpcConfig", "id": "vpc-0aabad6533afb42b4", "display_name": "vpc-0aabad6533afb42b4", "default_quarantine_policy_enabled": true, "managed_without_agents": false, "configuration": { "vpc_id": "vpc-560a242f" }, "_create_user": "system", "_create_time": 1540475272491, "_last_modified_user": "admin", "_last_modified_time": 1540475431491, "_system_owned": false, "_revision": 3 } Required Permissions: crud Feature: quarantine_policy Additional Errors:

Returns the status of the compute vpc. The status corresponds to onboard or offboard status of a compute VPC.

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/compute-vpcs/<vpc-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/compute-vpcs//status { "onboard_step": "ONBOARD_SUCCESSFUL", "virtual_private_cloud_name": "ComputeVPC-Peering", "status": "UP", "configuration": { "default_quarantine_policy_enabled": false, "managed_without_agents": false } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsComputeVpcStatus+

Required Permissions: read Feature: gateway_deployment Additional Errors:

Returns a list of Vpcs. Support optional query parameters like account_id, region_id, cidr and/or op_status

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/vpcs
Request Headers:
n/a
Query Parameters:
AwsVpcListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/vpcs Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsVpcListResult+

Example Response: { "cursor": "0003147", "sort_ascending": true, "result_count": 3, "results": [ { "id": "vpc-c35dbaa2", "display_name": "VPC Abc", "is_management_vpc": false, "region_id": "us-east-1", "cidr": "172.31.0.0/16", "instance_stats": { "managed": 0, "unmanaged": 21, "error": 0 }, "op_status": "NSX_UNMANAGED" }, { "id": "vpc-c35dbaa3", "display_name": "VPC Acb", "is_management_vpc": false, "region_id": "us-west-2", "cidr": "172.31.0.0/16", "associated_transit_vpc": { "virtual_private_cloud_id": "vpc-c35dbade", "associated_account_ids: ["cd1f2633-e67e-46bd-b546"] }, "instance_stats": { "managed": 0, "unmanaged": 21, "error": 0 }, "op_status": "NSX_MANAGED_BY_TRANSIT_VPC" }, { "id": "vpc-c35dbaa4", "display_name": "VPC Def", "is_management_vpc": true, "transport_zones": [ { "is_underlay_transport_zone": false, "logical_switches": [ { "is_default_logical_switch": false, "instances_count": 0, "nsx_switch_tag": "cd1f2633-e67e-46bd-b546-0dc26a07c56b#8uNQpU1EWLcVjXKHr6ga7axvYBnf2Dwc+I+Js3DEhi4=", "logical_switch_display_name": "DefaultSwitch-Overlay-CSM-vpc-c35dbaa4", "logical_switch_id": "cd1f2633-e67e-46bd-b546-0dc26a07c56b" } ], "transport_zone_id": "d4ccc56a-ab51-4059-b3fb-9af3719b6f51", "transport_zone_display_name": "CSM-vpc-c35dbaa4-Overlay" }, { "is_underlay_transport_zone": true, "logical_switches": [ { "is_default_logical_switch": true, "instances_count": 0, "nsx_switch_tag": "default", "logical_switch_display_name": "DefaultSwitch-VLAN-CSM-vpc-c35dbaa4", "logical_switch_id": "1711f8db-95b8-4df8-bba6-dcac63b08b38" } ], "transport_zone_id": "870fb686-7d42-48c4-9189-8997b4f2df21", "transport_zone_display_name": "CSM-vpc-c35dbaa4-VLAN" } ], "region_id": "us-west-2", "cidr": "10.0.0.0/16", "instance_stats": { "managed": 1, "unmanaged": 4, "error": 0 }, "managed_vpcs": [ { "virtual_private_cloud_id": "vpc-c35dbade", "associated_account_ids: ["cd1f2633-e67e-46bd-b546"] }, { "virtual_private_cloud_id": "vpc-c35dbadf", "associated_account_ids: ["cd1f2633-e67e-46bd-b543"] } ], "op_status": "NSX_MANAGED", "gateway_info": { "configuration": { "default_quarantine_policy_enabled": false, "managed_without_agents": false, "proxy_server_profile":"a491bc83-5fc8-4e05-adb1-af8274422141", "nsx_manager_connection": "PUBLIC_IP", "ami_id": "ami-649e0b04", "is_ha_enabled": false }, "gateway_status": { "gateway_cluster_id": "b8ab1a4b-3d85-4a84-b92d-eacdc4402528", "gateway_instances_status": [ { "gateway_tn_id": "ef900bfc-1303-11e7-8cf5-021fa9379409", "gateway_node_id": "ef900bfc-1303-11e7-8cf5-021fa9379409", "gateway_status": "UP", "gateway_instance_id": "i-0b62834659a30fc21", "gateway_ha_index": 0, "deployment_state": "DEPLOYMENT_SUCCESSFUL", "gateway_name": "nsx-gw-vpc-c35dbaa4-preferred-active" } ] } } } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns Vpc information

Request:
Method:
GET
URI Path:
/api/v1/csm/aws/vpcs/<vpc-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/vpcs/vpc-ccfe44ab Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsVpc+

Example Response: { "id": "vpc-ccfe44ab", "display_name": "VPC Abc, "is_management_vpc": false, "region_id": "us-west-2", "cidr": "50.0.0.0/16", "instance_stats": { "managed": 0, "unmanaged": 1, "error": 0 }, "op_status": "NSX_UNMANAGED" } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: AWS: VPCS

Cloud Service Manager: AWS: VPCS: Security Groups

Associated URIs:

Returns a list of AWS security groups corresponding to a VPC

Returns a list of AWS security groups corresponding to a VPC with
information about each security group like inbound rules, outbound rules
and cloud_tags.
Request:
Method:
GET
URI Path:
/api/v1/csm/aws/vpcs/<vpc-id>/security-groups
Request Headers:
n/a
Query Parameters:
SecurityGroupListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/vpcs//security-groups Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsSecurityGroupsListResult+

Required Permissions: read Feature: cloud_resources Additional Errors:

Returns information about a particular AWS security group

Returns information about AWS security group like inbound rules,
outbound rules and cloud_tags.
Request:
Method:
GET
URI Path:
/api/v1/csm/aws/vpcs/<vpc-id>/security-groups/<security-group-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/vpcs//security-groups/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsSecurityGroup+

Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: AWS: VPCS: Service Endpoints

Associated URIs:

Returns list of AWS serivce endpoints corresponding to a VPC

Returns a list of AWS serivce endpoints corresponding to VPC. NSX supported
services are currently limited to Simple Storage Service (S3), Relational
Database Service (RDS), DynamoDB and Elastic Load Balancing.
Request:
Method:
GET
URI Path:
/api/v1/csm/aws/vpcs/<vpc-id>/service-endpoints
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/vpcs//service-endpoints Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsServiceEndpointsListResult+

Required Permissions: read Feature: cloud_resources Additional Errors:

Returns information about a particular AWS serivce endpoint

Returns information about an AWS serivce endpoint like
service_endpoint_type, status and corresponding cidrs. NSX supported
services are currently limited to Simple Storage Service (S3),
Relational Database Service (RDS), DynamoDB and Elastic Load Balancing.
Request:
Method:
GET
URI Path:
/api/v1/csm/aws/vpcs/<vpc-id>/service-endpoints/<service-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/aws/vpcs//service-endpoints/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsServiceEndpoint+

Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Accounts Statistics

Associated URIs:

Returns statistics for all Accounts

Returns statistics aggregated over all accounts managed by CSM.
Request:
Method:
GET
URI Path:
/api/v1/csm/accounts/statistics
Request Headers:
n/a
Query Parameters:
AllAccountsStatisticsRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/accounts/statistics Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AllAccountsStatisticsListResult+

Example Response: { "results": [ { "resource_type": "AWS", "accounts_count": 3, "accounts_status": { "sync_in_progress": 1 }, "instance_stats": { "managed": 63, "unmanaged": 25, "error": 1 }, "vpc_stats": { "managed": 4, "unmanaged": 7 }, "regions_count": 4 }, { "resource_type": "AZURE", "accounts_count": 2, "accounts_status": { "sync_in_progress": 1 }, "instance_stats": { "managed": 42, "unmanaged": 25, "error": 3 }, "vnet_stats": { "managed": 2, "unmanaged": 1 }, "regions_count": 5 } ] } Required Permissions: read Feature: cloud_accounts Additional Errors:

Cloud Service Manager: Azure Accounts

Associated URIs:

Add a Azure account to cloud serivce manager

This api adds a Azure account to cloud service manager. Have to pass
one of the authorization methods in auth_method property as part of
request body followed by appropriate data.
Request:
Method:
POST
URI Path:
/api/v1/csm/azure/accounts
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureAccount+

Example Request: POST https://<nsx-csm>/api/v1/csm/azure/accounts { "cloud_type":"AZURE", "regions_count":"", "auth_method":"CREDENTIALS", "display_name": "Account ABC", "credentials":{ "client_id":"789", "key":"012", "subscription_id":"456", "tenant_id":"123", "gateway_role": "NSX role" }, "has_managed_vnet":false, "_revision":0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureAccount+

Example Response: { "id": "9174ffd1-41b1-42d6-a28d", "display_name": "Account ABC", "tenant_id": "123", "cloud_type": "AZURE", "cloud_tags_enabled": true, "instance_stats": { "total": 92, "managed": 0, "unmanaged": 82, "error": 0, "powered_off": 10 }, "auth_method": "CREDENTIALS", "credentials": { "tenant_id": "123", "subscription_id": "456", "client_id": "789", "gateway_role": "NSX role" }, "vnet_stats": { "managed": 1, "unmanaged": 42 }, "regions_count": 2, "status": { "inventory_sync_status": "IN_PROGRESS", "credentials_status": "VALID", "inventory_sync_step": "SYNCING_VMS" }, "has_managed_vnet": true, "_protection": "NOT_PROTECTED" } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Returns a list of Azure accounts

Returns a list of Azure accounts with information about each account like
status and statistics. Optional query parameters can be utilized to filter
the list.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/accounts
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/accounts Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureAccountsListResult+

Example Response: { "cursor" : "00011", "sort_ascending" : true, "result_count" : 1, "results" : [ { "id" : "28984eef-d296-4a40-979e", "display_name" : "Account ABC", "tenant_id" : "123", "cloud_type" : "AZURE", "cloud_tags_enabled" : true, "instance_stats" : { "total" : 92, "managed" : 0, "unmanaged" : 82, "error" : 0, "powered_off" : 10 }, "auth_method" : "CREDENTIALS", "credentials" : { "tenant_id" : "123", "subscription_id" : "456", "client_id" : "789", "gateway_role": "NSX role" }, "vnet_stats" : { "managed" : 1, "unmanaged" : 42 }, "regions_count" : 2, "status" : { "inventory_sync_status" : "SYNCED", "credentials_status" : "VALID", "inventory_sync_step" : "NOT_APPLICABLE" }, "has_managed_vnet" : true, "_protection": "NOT_PROTECTED" } ] } Required Permissions: read Feature: cloud_accounts Additional Errors:

Update a Azure account information

This api updates a Azure account which is added to cloud service manager.
Have to pass one of the authorization methods in auth_method property as part of
request body followed by appropriate data.
Request:
Method:
PUT
URI Path:
/api/v1/csm/azure/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureAccount+

Example Request: PUT https://<nsx-csm>/api/v1/csm/azure/accounts/9174ffd1-41b1-42d6-a28d { "cloud_type":"AZURE", "display_name": "Account XYZ" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureAccount+

Example Response: { "id": "9174ffd1-41b1-42d6-a28d", "display_name": "Account XYZ", "tenant_id": "123", "cloud_type": "AZURE", "cloud_tags_enabled": true, "instance_stats": { "total": 92, "managed": 0, "unmanaged": 82, "error": 0, "powered_off": 10 }, "auth_method": "CREDENTIALS", "credentials": { "tenant_id": "123", "subscription_id": "456", "client_id": "789", "gateway_role": "NSX role" }, "vnet_stats": { "managed": 1, "unmanaged": 42 }, "regions_count": 2, "status": { "inventory_sync_status": "IN_PROGRESS", "credentials_status": "VALID", "inventory_sync_step": "SYNCING_VMS" }, "has_managed_vnet": true, "_protection": "NOT_PROTECTED" } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Delete Azure account information

Deletes Azure account information from cloud service manager Request:
Method:
DELETE
URI Path:
/api/v1/csm/azure/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-csm>/api/v1/csm/azure/accounts/ DELETE https://<nsx-csm>/api/v1/csm/azure/accounts/?force=true Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_accounts Additional Errors:

Returns information about a particular Azure account

Returns information about an Azure account including status and
statistics
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/accounts/9174ffd1-41b1-42d6-a28d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureAccount+

Example Response: { "id": "9174ffd1-41b1-42d6-a28d", "display_name": "Account ABC", "tenant_id": "123", "cloud_type": "AZURE", "cloud_tags_enabled": true, "instance_stats": { "total": 92, "managed": 0, "unmanaged": 82, "error": 0, "powered_off": 10 }, "auth_method": "CREDENTIALS", "credentials": { "tenant_id": "123", "subscription_id": "456", "client_id": "789", "gateway_role": "NSX role" }, "vnet_stats": { "managed": 1, "unmanaged": 42 }, "regions_count": 2, "status": { "inventory_sync_status": "IN_PROGRESS", "credentials_status": "VALID", "inventory_sync_step": "SYNCING_VMS" }, "has_managed_vnet": true, "_protection": "NOT_PROTECTED" } Required Permissions: read Feature: cloud_accounts Additional Errors:

Returns the status of Azure account

Return status of the account like credentials validity, inventory
synchronization status and inventory synchronization state
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/accounts/<account-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/accounts/9174ffd1-41b1-42d6-a28d/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureAccountStatus+

Example Response: { "inventory_sync_status": "SYNCED", "credentials_status": "VALID", "inventory_sync_step": "NOT_APPLICABLE" } Required Permissions: read Feature: cloud_accounts Additional Errors:

Synchronizes Azure account inventory

Synchronizes Azure account related inventory like Regions, Virtual Networks,
Instances. Status of inventory synchronization can be known from Azure
account status api
Request:
Method:
POST
URI Path:
/api/v1/csm/azure/accounts/<account-id>?action=sync_inventory
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-csm>/api/v1/csm/azure/accounts/9174ffd1-41b1-42d6-a28d?action=sync_inventory Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_accounts Additional Errors:

Cloud Service Manager: Azure Gateways

Associated URIs:

Returns configuration information for all Azure gateways

Returns a list of Azure gateways with information about each gateway like
subnet configuration and corresponding virtual network. Optional query
parameters can be utilized to filter the list.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/gateways
Request Headers:
n/a
Query Parameters:
AzureGatewaysListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/gateways Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureGatewaysListResult+

Example Response: { "results": [ { "configuration": { "default_quarantine_policy_enabled": false, "managed_without_agents": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": false, "gateway_ha_configuration": [], "dns_settings": { "dns_mode": "DHCP" }, "ssh_key": "ssh-rsa +SD2/sC/qQXtRj1fVShsolTrLtT5uIRWV3P+4fG2PNR6Wz0/QagHG/+jK8Acw== abc@xyz.com", "image_id": "https://abcxyz.windows.net/public-cloud-gateway/nsx-public-gateway.vhd" }, "vnet_id": "e8e719ff-6a40-48e2-8cf7" } ] } Required Permissions: read Feature: gateway_deployment Additional Errors:

Returns configuration of the Azure gateway

Returns configuration for primary gateway and secondary gateway for the
virtual network, if deployed gateways exist for the specified virtual
network.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/gateways/<vnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/gateways/e8e719ff-6a40-48e2-8cf7 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureGatewayDeployConfig+

Example Response: { "account_id": "28984eef-d296-4a40-979e", "configuration": { "default_quarantine_policy_enabled": false, "managed_without_agents": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": false, "gateway_ha_configuration": [], "dns_settings": { "dns_mode": "DHCP" }, "ssh_key": "ssh-rsa +SD2/sC/qQXtRj1fVShsolTrLtT5uIRWV3P+4fG2PNR6Wz0/QagHG/+jK8Acw== abc@xyz.com", "image_id": "https://abcxyz.windows.net/public-cloud-gateway/nsx-public-gateway.vhd" }, "vnet_id": "e8e719ff-6a40-48e2-8cf7" } Required Permissions: read Feature: gateway_deployment Additional Errors:

Updates Azure gateway configuration

Updates configuration for primary gateway and secondary gateway for the
virutal network, if deployed gateways exist for the specified virtual network.
Request:
Method:
PUT
URI Path:
/api/v1/csm/azure/gateways/<vnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureGatewayDeployConfig+

Example Request: PUT https://<nsx-csm>/api/v1/csm/azure/gateways/e8e719ff-6a40-48e2-8cf7 { "account_id": "28984eef-d296-4a40-979e", "vnet_id": "e8e719ff-6a40-48e2-8cf7", "configuration": { "default_quarantine_policy_enabled": false, "managed_without_agents": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "auto_agent_install_enabled": false } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureGatewayDeployConfig+

Example Response: { "account_id": "28984eef-d296-4a40-979e", "configuration": { "default_quarantine_policy_enabled": false, "managed_without_agents": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": false, "gateway_ha_configuration": [], "dns_settings": { "dns_mode": "DHCP" }, "ssh_key": "ssh-rsa +SD2/sC/qQXtRj1fVShsolTrLtT5uIRWV3P+4fG2PNR6Wz0/QagHG/+jK8Acw== abc@xyz.com", "image_id": "https://abcxyz.windows.net/public-cloud-gateway/nsx-public-gateway.vhd", "auto_agent_install_enabled": false }, "vnet_id": "e8e719ff-6a40-48e2-8cf7" } Required Permissions: crud Feature: quarantine_policy Additional Errors:

Return the status of Azure gateway

Returns status information for primary gateway and secondary gateway
for the virtual network, if deployed gateways exist for the specified
virtual network ID.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/gateways/<vnet-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/gateways/e8e719ff-6a40-48e2-8cf7/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureGatewayStatus+

Example Response: { "gateway_cluster_id": "7fe9e2fd-2dce-478f-84b4", "gateway_instances_status": [ { "gateway_tn_id": "1c95f5ea-1eec-11e8-9342", "deployment_step": "DEPLOYMENT_SUCCESSFUL", "public_ip": "1.2.3.4", "gateway_node_id": "1c95f5ea-1eec-11e8-9342", "gateway_status": "UP", "gateway_instance_id": "a61b6dea-46a4-4c09-9ada", "private_ip": "4.3.2.1", "gateway_ha_index": 0, "is_gateway_active": false, "gateway_name": "nsx-gw-customer-gateway" } ] } Required Permissions: read Feature: gateway_deployment Additional Errors:

Deploys gateway for the specified virtual network

All the required configuration to deploy Azure gateways will be absorbed
as a part of request body in this API and gateway deployment will be
triggered. Deployment progress can be known from GetAzureGatewayStatus API.
Upon successful deployment of a gateway, the deployment_step will be
DEPLOYMENT_SUCCESSFUL gateway_status will be UP and op_status of the VNET
will be NSX_MANAGED_BY_GATEWAY. If any error is encountered during
deployment, corresponding error_code and error_message will be populated
in gateway_instances_status. To manage a compute VNET using transit VNET,
user needs to undeploy gateway and onboard the compute VNET
using /csm/azure/vnets/?action=onboard API.
Request:
Method:
POST
URI Path:
/api/v1/csm/azure/gateways?action=deploy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureGatewayDeployConfig+

Example Request: POST https://<nsx-csm>/api/v1/csm/azure/gateways?action=deploy { "account_id": "04e2a29a-90f9-4ce0-ae69", "vnet_id": "e8e719ff-6a40-48e2-8cf7", "configuration": { "image_id": "https://abcxyz.windows.net/public-cloud-gateway/nsx-public-gateway.vhd", "default_quarantine_policy_enabled": true, "managed_without_agents": false, "proxy_server_profile":"a491bc83-5fc8-4e05-adb1-af8274422141", "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": true, "ssh_key": "ssh-rsa +SD2/sC/qQXtRj1fVShsolTrLtT5uIRWV3P+4fG2PNR6Wz0/QagHG/+jK8Acw== abc@xyz.com", "gateway_ha_configuration": [ { "uplink_subnet": "uplink1", "management_subnet": "Mgmt", "downlink_subnet": "vtep1", "gateway_ha_index": 0, "public_ip_settings": { "ip_allocation_mode": "ALLOCATE_NEW", "public_ip": "1.2.3.4" }, "uplink_public_ip_settings" : { "public_ip" : "104.210.53.56", "ip_allocation_mode" : "USE_EXISTING" } }, { "uplink_subnet": "uplink2", "management_subnet": "Mgmt", "downlink_subnet": "vtep2", "gateway_ha_index": 1, "public_ip_settings": { "ip_allocation_mode": "ALLOCATE_NEW", "public_ip": "4.3.2.1" }, "uplink_public_ip_settings" : { "public_ip" : "104.210.53.56", "ip_allocation_mode" : "USE_EXISTING" } } ], "dns_settings": { "dns_mode": "DHCP", "dns_list": ["10.162.204.1", "10.166.1.1"] } } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureGatewayDeployConfig+

Example Response: { "account_id": "28984eef-d296-4a40-979e", "configuration": { "image_id": "https://abcxyz.windows.net/public-cloud-gateway/nsx-public-gateway.vhd", "default_quarantine_policy_enabled": true, "managed_without_agents": false, "proxy_server_profile": "a491bc83-5fc8-4e05-adb1-af8274422141", "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": true, "ssh_key": "ssh-rsa +SD2/sC/qQXtRj1fVShsolTrLtT5uIRWV3P+4fG2PNR6Wz0/QagHG/+jK8Acw== abc@xyz.com", "gateway_ha_configuration": [ { "uplink_subnet": "uplink1", "management_subnet": "Mgmt", "downlink_subnet": "vtep1", "gateway_ha_index": 0, "public_ip_settings": { "public_ip": "1.2.3.4" }, "uplink_public_ip_settings" : { "public_ip" : "104.210.53.56" } }, { "uplink_subnet": "uplink2", "management_subnet": "Mgmt", "downlink_subnet": "vtep2", "gateway_ha_index": 1, "public_ip_settings": { "public_ip": "4.3.2.1" }, "uplink_public_ip_settings" : { "public_ip" : "104.210.53.56" } } ], "dns_settings": { "dns_mode": "DHCP", "dns_list": ["10.162.204.1", "10.166.1.1"] } }, "vnet_id": "e8e719ff-6a40-48e2-8cf7" } Required Permissions: crud Feature: gateway_deployment Additional Errors:

Undeploys gateway for the specified virtual network

All the required configuration to undeploy Azure gateway will be absorbed
as a part of request body in this API and gateway undeployment will be
triggered. Undeployment progress can be known from GetAzureGatewayStatus
API. Upon successful undeployment of a gateway, the deployment_step will be
UNDEPLOYMENT_SUCCESSFUL and gateway_status will be NOT_AVAILABLE. If any
error is encountered during undeployment, corresponding error_code and
error_message will be populated in gateway_instances_status
Request:
Method:
POST
URI Path:
/api/v1/csm/azure/gateways?action=undeploy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureGatewayUndeployConfig+

Example Request: POST https://<nsx-csm>/api/v1/csm/azure/gateways?action=undeploy { "account_id": "28984eef-d296-4a40-979e" "instance_id": "a61b6dea-46a4-4c09-9ada" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: gateway_deployment Additional Errors:

Cloud Service Manager: Azure IP Allocations

Associated URIs:

Allocates IPs in the specified Azure Vnet

All the required configuration to allocate public/link local IPs for cloud
will be absorbed as a part of request body in this API and IP allocation
will be triggered. Allocation progress can be known from
GetIpAllocationStatus API. Upon successful allocation, the
ip_allocation_state will be ALLOCATION_SUCCESSFUL. This operation is only
supported for containers.
Request:
Method:
POST
URI Path:
/api/v1/csm/azure/gateways/ip-mappings
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureIpAllocationConfig+

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureIpAllocationMappings+

Required Permissions: crud Feature: cloud_resources Additional Errors:

Returns IP allocations for all Azure Vnets. This operation is only supported for containers.

Request:
Method:
GET
URI Path:
/api/v1/csm/azure/gateways/ip-mappings
Request Headers:
n/a
Query Parameters:
AzureIpMappingsListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureIpMappingsListResult+

Required Permissions: read Feature: cloud_resources Additional Errors:

Releases allocated IPs in the specified Azure Vnet

All the allocations for the specified Azure Vnet and mapping_id will be
released. This operation is only supported for containers.
Request:
Method:
DELETE
URI Path:
/api/v1/csm/azure/gateways/ip-mappings/<mapping-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_resources Additional Errors:

Returns status information for primary gateway and secondary gateway for the vnet, if exists. This operation is only supported for containers.

Request:
Method:
GET
URI Path:
/api/v1/csm/azure/gateways/ip-mappings/<mapping-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureIpAllocationMappings+

Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Azure Regions

Associated URIs:

Returns a list of Azure regions

Returns a list of Azure regions with information about each region like
gateway statistics, instance statistics and vnet statistics. Optional query
parameters can be utilized to filter the list.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/regions
Request Headers:
n/a
Query Parameters:
AzureRegionsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/regions Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureRegionsListResult+

Example Response: { "cursor": "000002", "sort_ascending": true, "result_count": 2, "results": [ { "resource_type": "AzureRegion", "id": "westus", "display_name": "westus", "associated_account_ids": [ "28984eef-d296-4a40-979e" ], "vnet_stats": { "managed": 1, "unmanaged": 10 }, "gateway_stats": { "deploying": 0, "up": 1, "down": 0 }, "instance_stats": { "total": 17, "managed": 0, "unmanaged": 8, "error": 0, "powered_off": 9 }, "has_managed_vnet": true, "_protection": "NOT_PROTECTED" }, { "resource_type": "AzureRegion", "id": "eastus2", "display_name": "eastus2", "associated_account_ids": [], "vnet_stats": { "managed": 0, "unmanaged": 0 }, "gateway_stats": { "deploying": 0, "up": 0, "down": 0 }, "instance_stats": { "total": 0, "managed": 0, "unmanaged": 0, "error": 0, "powered_off": 0 }, "_protection": "NOT_PROTECTED" } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns information about a particular Azure region

Returns information about Azure region like gateway statistics, instance
statistics and vnet statistics.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/regions/<region-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/regions/westus Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureRegion+

Example Response: { "resource_type": "AzureRegion", "id": "westus", "display_name": "westus", "associated_account_ids": [ "28984eef-d296-4a40-979e" ], "vnet_stats": { "managed": 1, "unmanaged": 10 }, "gateway_stats": { "deploying": 0, "up": 1, "down": 0 }, "instance_stats": { "total": 17, "managed": 0, "unmanaged": 8, "error": 0, "powered_off": 9 }, "has_managed_vnet": true, "_protection": "NOT_PROTECTED" } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Azure Resources

Associated URIs:

Returns a list of Azure public IPs

Returns a list of Azure public IPs. These ip addresses are available
to be allocated.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/public-ips
Request Headers:
n/a
Query Parameters:
AzurePublicIpListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/public-ips? account_id=7324800c-a41a-4cb4-b988-51fa3d093397®ion_id=westus Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzurePublicIpListResult+

Example Response: { "results": [ "104.209.46.64", "104.40.87.204", "40.112.184.178", "13.91.55.98" ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns a list of Azure security groups

Returns a list of Azure security groups.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/resource-groups
Request Headers:
n/a
Query Parameters:
AzureResourcesListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/resource-groups? account_id=7324800c-a41a-4cb4-b988-51fa3d093397 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureResourceGroupsListResult+

Example Response: { "results": [ "RG-1", "RG-2" ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns a list of Azure Storage Accounts

Request:
Method:
GET
URI Path:
/api/v1/csm/azure/storage-accounts
Request Headers:
n/a
Query Parameters:
AzureStorageAccountsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/storage-accounts? account_id=7324800c-a41a-4cb4-b988®ion_id=westus Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureStorageAccountList+

Example Response: { "results": [ { "name": "storage-account-1" }, { "name": "storage-account-2" }, { "name": "storage-account-3" } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns a list of Azure subnets

Returns a list Azure subnets with information about each subnet like ID,
virtual network ID and address space
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/subnets
Request Headers:
n/a
Query Parameters:
AzureSubnetListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/subnets? account_id=7324800c-a41a-4cb4-b988&vnet_id=3054a504-4c09-4df7-8420 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureSubnetListResult+

Example Response: { "results": [ { "display_name": "vtep1", "address_space": "172.20.10.0/24", "vnet_id": "3054a504-4c09-4df7-8420", "id": "/subscriptions/1234567890/resourceGroups/NSX-Vnet-3-RG/providers/Microsoft.Network/virtualNetworks/NSX-Vnet-3/subnets/vtep1" }, { "display_name": "vtep2", "address_space": "172.20.11.0/24", "vnet_id": "3054a504-4c09-4df7-8420", "id": "/subscriptions/1234567890/resourceGroups/NSX-Vnet-3-RG/providers/Microsoft.Network/virtualNetworks/NSX-Vnet-3/subnets/vtep2" } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Azure Vnets

Associated URIs:

Returns the configuration of the compute VNet. The configuration contains quarantine policy and fall back security group of compute VNet and the information related to transit VNet.

Request:
Method:
GET
URI Path:
/api/v1/csm/azure/compute-vnets
Request Headers:
n/a
Query Parameters:
AzureComputeVNetListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/compute-vnets { "cursor": "00011", "sort_ascending": true, "result_count": 1, "results": [ { "resource_type": "AzureComputeVNetConfig", "id": "41e9e760-1c60-4b35-89c2", "display_name": "41e9e760-1c60-4b35-89c2", "default_quarantine_policy_enabled": false, "managed_without_agents": false, "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "configuration": { "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "vnet_id": "41e9e760-1c60-4b35-89" }, "_create_user": "system", "_create_time": 1540475272491, "_last_modified_user": "admin", "_last_modified_time": 1540475431491, "_system_owned": false, "_revision": 2 } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureComputeVNetListResult+

Required Permissions: read Feature: gateway_deployment Additional Errors:

Updates the NSX configuration related to managed compute VNET using a transit VNET.

Update the configurations such as default_quarantine_policy,
cloud_fallback_security_group_id and auto_agent_install_enabled
for the NSX managed compute VNET.
Request:
Method:
PUT
URI Path:
/api/v1/csm/azure/compute-vnets/<vnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureComputeVNetConfig+

Example Request: PUT https://<nsx-csm>/api/v1/csm/azure/compute-vnets/ { "resource_type": "AzureComputeVNetConfig", "id": "41e9e760-1c60-4b35-89c2", "display_name": "41e9e760-1c60-4b35-89c2", "default_quarantine_policy_enabled": false, "managed_without_agents": false, "configuration": { "vnet_id": "41e9e760-1c60-4b35-89d4" }, "_create_user": "system", "_create_time": 1540475272491, "_last_modified_user": "admin", "_last_modified_time": 1540475431491, "_system_owned": false, "_revision": 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureComputeVNetConfig+

Example Response: { "resource_type": "AzureComputeVNetConfig", "id": "41e9e760-1c60-4b35-89c2", "display_name": "41e9e760-1c60-4b35-89c2", "default_quarantine_policy_enabled": false, "managed_without_agents": false, "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "configuration": { "account_id": "fa043e3d-256d-446f-9c5c-665dcfdb33c9", "vnet_id": "41e9e760-1c60-4b35-89d4" }, "_create_user": "system", "_create_time": 1540475272491, "_last_modified_user": "admin", "_last_modified_time": 1540475431491, "_system_owned": false, "_revision": 3 } Required Permissions: crud Feature: quarantine_policy Additional Errors:

Returns the configuration of the compute VNet. The configuration contains quarantine policy and fall back security group of compute VNet and the information related to transit VNet.

Request:
Method:
GET
URI Path:
/api/v1/csm/azure/compute-vnets/<vnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureComputeVNetConfig+

Example Response: GET https://<nsx-csm>/api/v1/csm/azure/compute-vnets/ { "resource_type": "AzureComputeVNetConfig", "id": "41e9e760-1c60-4b35-89c2", "display_name": "41e9e760-1c60-4b35-89c2", "default_quarantine_policy_enabled": false, "managed_without_agents": false, "configuration": { "vnet_id": "41e9e760-1c60-4b35-89d4" }, "_create_user": "system", "_create_time": 1540475272491, "_last_modified_user": "admin", "_last_modified_time": 1540475431491, "_system_owned": false, "_revision": 2 } Required Permissions: read Feature: gateway_deployment Additional Errors:

Onboards a compute VNet to be NSX managed by a transit VNet.

Onboard a compute VNet to be NSX managed using a transit VNet.
Hence, the public cloud gateways deployed in a transit VNet can
manage the workload VMs in a computeVNet.
Onboarding status can be obtained from
/csm/azure/compute-vnets//status API.
Upon successful onboarding of the VNet, the onboard_step will be
ONBOARD_SUCCESSFUL and op_status will be NSX_MANAGED_BY_TRANSIT_VNet.
If any error is encountered during onboarding, corresponding error_code
and error_message will be populated. To manage compute VNet using
NSX gateway, offboard the compute VNet and deploy gateway
using /csm/azure/gateways?action=deploy API.
Request:
Method:
POST
URI Path:
/api/v1/csm/azure/compute-vnets/<vnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AzureComputeVNetConfig+

Example Request: POST https://<nsx-csm>/api/v1/csm/azure/compute-vnets/ { "configuration": { "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6", "vnet_id": "41e9e760-1c60-4b35-89c2" }, "account_id": "d02af61a-e212-486e-b6c8-10462ccfbad6" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: gateway_deployment Additional Errors:

Offboards a compute VNet.

Offboards a compute VNet to be NSX unmanaged from a transit VNet.
All the VMs in the compute VNet need to be untagged before offboarding
the compute VNet. Offboarding status can be obtained from
/csm/azure/compute-vnets//status API. Upon successful offboarding
compute VNet, the onboard_step will be OFFBOARD_SUCCESSFUL
and op_status will be NOT_AVAILABLE. If any error is encountered
during offboarding, corresponding error_code and error_message
will be populated.
Request:
Method:
DELETE
URI Path:
/api/v1/csm/azure/compute-vnets/<vnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-csm>/api/v1/csm/azure/compute-vnets/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: gateway_deployment Additional Errors:

Returns the status of the compute VNet. The status corresponds to onboard or offboard status of a compute VNet.

Request:
Method:
GET
URI Path:
/api/v1/csm/azure/compute-vnets/<vnet-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/vnets//status { "onboard_step": "ONBOARD_SUCCESSFUL", "virtual_private_cloud_name": "ComputeVNet-Peering", "status": "UP", "configuration": { "default_quarantine_policy_enabled": false, "managed_without_agents": false, "auto_agent_install_enabled": false } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureComputeVnetStatus+

Required Permissions: read Feature: gateway_deployment Additional Errors:

Returns a list of Azure virtual networks

Returns a list of Azure virtual networks with information about each
virtual network like IPv4 CIDR, gateway information and transport zones.
Optional query parameters can be utilized to filter the list.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/vnets
Request Headers:
n/a
Query Parameters:
AzureVnetListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/vnets Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureVnetListResult+

Example Response: { "cursor": "000002", "sort_ascending": true, "result_count": 3, "results": [ { "resource_type": "AzureVnet", "id": "3054a504-4c09-4df7-8420", "display_name": "NSX-Vnet-1", "cidr_blocks": [ "10.59.1.224/28", "172.20.10.0/24", "172.20.11.0/24", "172.20.12.0/24", "172.20.13.0/24", "172.20.14.0/24" ], "resource_group": "NSX-Vnet-1-RG", "associated_account_ids": [ "28984eef-d296-4a40-979e" ], "region_id": "westus", "resource_id": "/subscriptions/1234567890/resourceGroups/NSX-Vnet-1-RG/providers/Microsoft.Network/virtualNetworks/NSX-Vnet-1", "instance_stats": { "total": 6, "managed": 0, "unmanaged": 5, "error": 0, "powered_off": 1 }, "op_status": "NSX_UNMANAGED", "gateway_info": { "gateway_status": { "gateway_cluster_id": "" } }, "is_management_vnet": false, "_protection": "NOT_PROTECTED" }, { "resource_type": "AzureVnet", "id": "e8e719ff-6a40-48e2-8cf7", "display_name": "NSX-Int-Vnet-Ind-3", "cidr_blocks": [ "10.59.4.112/28", "172.18.35.0/24", "172.18.36.0/24", "172.18.37.0/24", "172.18.38.0/24", "172.18.39.0/24" ], "resource_group": "NSX-Vnet-2-RG", "associated_account_ids": [ "28984eef-d296-4a40-979e" ], "transport_zones": [ { "is_underlay_transport_zone": false, "logical_switches": [ { "is_default_logical_switch": false, "instances_count": 0, "nsx_switch_tag": "a2aad0f1-a48a-474b-8423-41767f538ee0#/E=", "logical_switch_display_name": "DefaultSwitch-Overlay-NSX-Vnet-2", "logical_switch_id": "ls54321" } ], "transport_zone_id": "tz54321", "transport_zone_display_name": "NSX-Vnet-2-Overlay" }, { "is_underlay_transport_zone": true, "logical_switches": [ { "is_default_logical_switch": true, "instances_count": 0, "nsx_switch_tag": "default", "logical_switch_display_name": "DefaultSwitch-VLAN-NSX-Vnet-2", "logical_switch_id": "ls12345" } ], "transport_zone_id": "tz12345", "transport_zone_display_name": "NSX-Vnet-2-VLAN" } ], "region_id": "westus", "resource_id": "/subscriptions/1234567890/resourceGroups/NSX-Vnet-2-RG/providers/Microsoft.Network/virtualNetworks/NSX-Vnet-2", "instance_stats": { "total": 6, "managed": 0, "unmanaged": 6, "error": 0, "powered_off": 0 }, "managed_vnets": [ { "virtual_private_cloud_id": "3034a504-4509-4df7-8429", "associated_account_ids: ["28984eef-d296-4a40-979e"], "virtual_private_cloud_name": "NSX-Vnet-4" } ], "op_status": "NSX_MANAGED", "gateway_info": { "configuration": { "default_quarantine_policy_enabled": false, "managed_without_agents": false, "proxy_server_profile":"a491bc83-5fc8-4e05-adb1-af8274422141", "nsx_manager_connection": "PRIVATE_IP", "is_ha_enabled": false, "gateway_ha_configuration": [], "dns_settings": { "dns_mode": "DHCP" }, "ssh_key": "abcxyzabcxyz", "image_id": "https://abcxyz.windows.net/public-cloud-gateway2/nsx-public-gateway.vhd" }, "gateway_status": { "gateway_cluster_id": "abc123", "gateway_instances_status": [ { "gateway_tn_id": "abcde12345", "deployment_step": "DEPLOYMENT_SUCCESSFUL", "public_ip": "1.2.3.4", "gateway_node_id": "12345abcde", "gateway_status": "UP", "gateway_instance_id": "abcde12345", "private_ip": "4.3.2.1", "gateway_ha_index": 0, "is_gateway_active": false, "gateway_name": "nsx-gw-test" } ] } }, "is_management_vnet": false, "_protection": "NOT_PROTECTED" }, { "resource_type": "AzureVnet", "id": "3034a504-4509-4df7-8429", "display_name": "NSX-Vnet-4", "cidr_blocks": [ "10.59.1.224/28", "172.20.10.0/24" ], "resource_group": "NSX-Vnet-4-RG", "associated_account_ids": [ "28984eef-d296-4a40-979e" ], "region_id": "westus", "resource_id": "/subscriptions/1234567890/resourceGroups/NSX-Vnet-4-RG/providers/Microsoft.Network/virtualNetworks/NSX-Vnet-4", "instance_stats": { "total": 6, "managed": 0, "unmanaged": 5, "error": 0, "powered_off": 1 }, "associated_transit_vnet": { "virtual_private_cloud_id": "e8e719ff-6a40-48e2-8cf7", "associated_account_ids: ["28984eef-d296-4a40-979e"], "virtual_private_cloud_name": "NSX-Int-Vnet-Ind-3" }, "op_status": "NSX_MANAGED_BY_TRANSIT_VNET", "gateway_info": { "gateway_status": { "gateway_cluster_id": "" } }, "is_management_vnet": false, "_protection": "NOT_PROTECTED" }, ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns information about a particular Azure virtual network

Returns information about Azure region like virtual network like IPv4 CIDR,
gateway information and transport zones.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/vnets/<vnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/vnets/41e9e760-1c60-4b35-89c2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureVnet+

Example Response: { "resource_type": "AzureVnet", "id": "41e9e760-1c60-4b35-89c2", "display_name": "NSX-Vnet-1", "cidr_blocks": [ "10.59.4.80/28", "172.18.25.0/24", "172.18.26.0/24", "172.18.27.0/24", "172.18.28.0/24", "172.18.29.0/24" ], "resource_group": "NSX-Vnet-1-RG", "associated_account_ids": [ "28984eef-d296-4a40-979e" ], "region_id": "westus", "resource_id": "/subscriptions/1234567890/resourceGroups/NSX-Vnet-1-RG/providers/Microsoft.Network/virtualNetworks/NSX-Vnet-1", "instance_stats": { "total": 1, "managed": 0, "unmanaged": 1, "error": 0, "powered_off": 0 }, "op_status": "NSX_UNMANAGED", "gateway_info": { "gateway_status": { "gateway_cluster_id": "" } }, "is_management_vnet": false, "_protection": "NOT_PROTECTED" } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Azure

Cloud Service Manager: Azure: Security Groups

Associated URIs:

Returns a list of Azure security groups corresponding to a VNet

Returns a list of Azure security groups corresponding to VNet with
information about each security group like inbound rules, outbound rules
and priority.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/security-groups
Request Headers:
n/a
Query Parameters:
AzureResourcesListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/security-groups Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureSecurityGroupsListResult+

Required Permissions: read Feature: cloud_resources Additional Errors:

Returns information about a particular Azure security group

Returns information about a Azure security group like inbound rules,
outbound rules and priority.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/security-groups/<security-group-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/security-groups/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureSecurityGroup+

Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Azure: Vnets

Cloud Service Manager: Azure: Vnets: Service Endpoints

Associated URIs:

Returns a list of Azure service endpoints corresponding to a VNet

Returns a list of Azure service endpoints corresponding to a VNet. NSX
supported services are currently limited to Azure Storage, Azure SQL
Database, Azure Cosmos DB and Azure Load Balancer.
Request:
Method:
GET
URI Path:
/api/v1/csm/azure/vnets/<vnet-id>/service-endpoints
Request Headers:
n/a
Query Parameters:
AzureServiceEndpointsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/azure/vnets//service-endpoints Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AzureServiceEndpointsListResult+

Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Cloud Service Manager

Associated URIs:

Refreshes encryption keys

This API can be used to refresh the encryption keys used by Cloud Service
Manager to encrypt sensitive data. This action should generally be done
during maintenance windows.
Request:
Method:
POST
URI Path:
/api/v1/csm/csmconfig/encryption-keys?action=refresh
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-csm>/api/v1/csm/csmconfig/encryption-keys?action=refresh Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: csm_node_config Additional Errors:

Return Csm status information

Returns information about cloud service manager
Request:
Method:
GET
URI Path:
/api/v1/csm/csmstatus
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/csmstatus Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CsmStatus+

Example Response: { "id": "a180989d-48fa-4624-af84-d3c7f120d383", "display_name": "CSM Instance", "ip_address": "192.168.122.1", "version": "1.0", "managed_by_vmware": true, "supported_clouds": [ { "cloud_type": "aws" } ] } Required Permissions: read Feature: csm_node_config Additional Errors:

Cloud Service Manager: NSX Manager Accounts

Associated URIs:

Returns a list of NSX Manager accounts

Request:
Method:
GET
URI Path:
/api/v1/csm/nsx-manager-accounts
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/nsx-manager-accounts Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NsxManagerAccountsListResult+

Example Response: { "results": [ { "id": "a491bc83-5fc8-4e05-adb1-af8274422141", "public_ip": "34.208.244.2", "tenant_id": "345", "thumbprint": "12a76e1ff8d7d6d95ce02dddece11134e402bc436454b7bf4fa61a28418330a1", "username": "admin" } ] } Required Permissions: read Feature: nsx_integration Additional Errors:

Create a NSX Manager account

Request:
Method:
POST
URI Path:
/api/v1/csm/nsx-manager-accounts
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NsxManagerAccount+

Example Request: POST https://<nsx-csm>/api/v1/csm/nsx-manager-accounts { "tenant_id": "345", "public_ip": "34.208.244.2", "thumbprint": "12a76e1ff8d7d6d95ce02dddece11134e402bc436454b7bf4fa61a28418330a1", "username": "admin", "password": "12423dsgfe3" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NsxManagerAccount+

Example Response: { "id": "a491bc83-5fc8-4e05-adb1-af8274422141", "tenant_id": "345", "public_ip": "34.208.244.2", "thumbprint": "12a76e1ff8d7d6d95ce02dddece11134e402bc436454b7bf4fa61a28418330a1", "username": "admin" } Required Permissions: crud Feature: nsx_integration Additional Errors:

Update a NSX Manager account

Request:
Method:
PUT
URI Path:
/api/v1/csm/nsx-manager-accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NsxManagerAccount+

Example Request: PUT https://<nsx-csm>/api/v1/csm/nsx-manager-accounts/a491bc83-5fc8-4e05-adb1-af8274422141 { "public_ip": "52.1.1.12", "thumbprint": "12a76e1ff8d7d6d95ce02dddece11134e402bc436454b7bf4fa61a28418330a1", "username": "admin", "password": "12423dsgfe3" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NsxManagerAccount+

Example Response: { "id": "a491bc83-5fc8-4e05-adb1-af8274422141", "tenant_id": "123", "public_ip": "52.1.1.12", "thumbprint": "12a76e1ff8d7d6d95ce02dddece11134e402bc436454b7bf4fa61a28418330a1", "username": "New Name" } Required Permissions: crud Feature: nsx_integration Additional Errors:

Delete a NSX Manager account

Request:
Method:
DELETE
URI Path:
/api/v1/csm/nsx-manager-accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-csm>/api/v1/csm/nsx-manager-accounts/a491bc83-5fc8-4e05-adb1-af8274422141 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nsx_integration Additional Errors:

Returns the particular NSX Manager account information

Request:
Method:
GET
URI Path:
/api/v1/csm/nsx-manager-accounts/<account-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/nsx-manager-accounts/a491bc83-5fc8-4e05-adb1-af8274422141 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NsxManagerAccount+

Example Response: { "id": "a491bc83-5fc8-4e05-adb1-af8274422141", "public_ip": "34.208.244.2", "tenant_id": "345", "thumbprint": "12a76e1ff8d7d6d95ce02dddece11134e402bc436454b7bf4fa61a28418330a1", "username": "admin" } Required Permissions: read Feature: nsx_integration Additional Errors:

Cloud Service Manager: Proxy Server Profile

Associated URIs:

Create a Proxy Server Profile

Request:
Method:
POST
URI Path:
/api/v1/csm/proxy-server-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ProxyServerProfileInfo+

Example Request: POST https://<nsx-csm>/api/v1/csm/proxy-server-profiles { "profilename":"test", "username": "admin", "password": "test123", "host": "1.0.0.0", "port": "3382", "is_default":"true" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ProxyServerProfileInfo+

Example Response: { "id": "a491bc83-5fc8-4e05-adb1-af8274422141", "profilename": "test", "username": "admin", "host": "1.0.0.0", "port": "3382", "is_default": "true" } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Returns a list of Proxy Server Profiles

Request:
Method:
GET
URI Path:
/api/v1/csm/proxy-server-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/proxy-server-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ProxyServerProfilesListResult+

Example Response: { "results": [ { "id": "a491bc83-5fc8-4e05-adb1-af8274422141", "profilename": "test" "username": "admin", "host": "1.0.0.0", "port": "3382", "is_default": "true" }, { "id": "b491bc83-5fc8-4e05-tdc1-ef8274422141", "profilename": "proxy-with-certificate", "username": "admin", "host": "2.0.0.0", "port": "3382", "is_default": "true", "tls_certificate":"----BEGIN CERTIFICATE-------" } ] } Required Permissions: read Feature: cloud_accounts Additional Errors:

Update a Proxy Server Profile

Request:
Method:
PUT
URI Path:
/api/v1/csm/proxy-server-profiles/<profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ProxyServerProfileInfo+

Example Request: PUT https://<nsx-csm>/api/v1/csm/proxy-server-profiles/a491bc83-5fc8-4e05-adb1-af8274422141 { "profilename": "test", "username": "admin", "password": "test123", "host": "1.0.0.0", "port": "3382", "is_default": "false", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ProxyServerProfileInfo+

Example Response: { "id": "a491bc83-5fc8-4e05-adb1-af8274422141", "profilename": "test", "username": "admin", "host": "1.0.0.0", "port": "3382", "is_default": "false", "_revision": 0 } Required Permissions: crud Feature: cloud_accounts Additional Errors:

Returns the particular Proxy Server Profile information

Request:
Method:
GET
URI Path:
/api/v1/csm/proxy-server-profiles/<profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/proxy-server-profiles/a491bc83-5fc8-4e05-adb1-af8274422141 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ProxyServerProfileInfo+

Example Response: { "profilename": "test", "username": "admin", "host": "1.0.0.0", "port": "3382", "is_default": "true", "_revision": 0 } Required Permissions: read Feature: cloud_accounts Additional Errors:

Delete a Proxy Server Profile

Request:
Method:
DELETE
URI Path:
/api/v1/csm/proxy-server-profiles/<profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-csm>/api/v1/csm/proxy-server_profiles/a491bc83-5fc8-4e05-adb1-af8274422141 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cloud_accounts Additional Errors:

Cloud Service Manager: VPN

Associated URIs:

Returns the state of the public cloud routing tables from a VPN point of view.

Request:
Method:
GET
URI Path:
/api/v1/csm/vpn/routing-tables/state
Request Headers:
n/a
Query Parameters:
VpnRoutingTablesStateListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/vpn/routing-tables/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VpnRoutingTableStateListResult+

Example Response: { "cursor": "0008236", "sort_ascending": true, "result_count": 3, "resource_type": "VpnRoutingTableStateListResult", "results": [ { "id" : "rtb-fa00d882", "managed_for_vpn" : true }, { "id" : "rtb-9f7b06e7", "managed_for_vpn" : false, "reason_for_not_managed" : "RT_CONTAINS_UPLINK_SUBNET" }, { "id" : "rtb-ac08dcd4", "managed_for_vpn" : false, "reason_for_not_managed" : "UNSELECTED" } ], "_last_modified_user": "admin", "_last_modified_time": 1435284879143, "_create_time": 1435284566908, "_create_user": "admin", "_revision": 1 } Required Permissions: read Feature: cloud_resources Additional Errors:

Cloud Service Manager: Virtual Machines

Associated URIs:

Returns the list of all virtual machines created or imported under a particular account id. Supports optional query parameters like region id, vpc id, public_ip, is_gateway.

Request:
Method:
GET
URI Path:
/api/v1/csm/virtual-machines
Request Headers:
n/a
Query Parameters:
CloudVirtualMachinesListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/virtual-machines Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CloudVirtualMachinesListResult+

Example Response: { "cursor": "0003348", "sort_ascending": true, "result_count": 348, "results": [ { "description": "t2.micro", "id": "i-027c0b32cbe631ec9", "display_name": "vm-2", "is_gateway": false, "private_ip": "13.14.41.253", "cloud_tags": [], "os_type": "AMAZON_LINUX", "agent_status": "NO_AGENT", "os_details": "", "availability_zone": "us-west-2c", "vpc": "vpc-f4ddaf93", "vm_config_status": { "whitelist": { "whitelisted": "YES" } } }, { "description": "c4.xlarge", "id": "i-0b62834659a30fc21", "display_name": "nsx-gw-vpc-c35dbaa4-preferred-active", "public_ip": "52.89.33.233", "is_gateway": true, "private_ip": "10.0.1.97", "is_gateway_active": true, "cloud_tags": [], "gateway_status": "UP", "os_type": "UBUNTU", "os_details": "LTS 14.04", "availability_zone": "us-west-2a", "vpc": "vpc-c35dbaa4", "vm_config_status": { "whitelist": { "whitelisted": "NO" } } } ] } Required Permissions: read Feature: cloud_resources Additional Errors:

Returns information about the particular virtual machine

Request:
Method:
GET
URI Path:
/api/v1/csm/virtual-machines/<virtual-machine-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-csm>/api/v1/csm/virtual-machines/i-027c0b32cbe631ec9 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AwsVirtualMachine+
AzureVirtualMachine+
CloudVirtualMachine+

Example Response: { "description": "t2.micro", "id": "i-027c0b32cbe631ec9", "display_name": "vm-2", "is_gateway": false, "private_ip": "13.14.41.253", "cloud_tags": [], "os_type": "AMAZON_LINUX", "agent_status": "NO_AGENT", "os_details": "", "availability_zone": "us-west-2c", "vpc": "vpc-f4ddaf93", "vm_config_status": { "whitelist": { "whitelisted": "NO" } } } Required Permissions: read Feature: cloud_resources Additional Errors:

Update virtual machine config

Updates user configurable nsx properties of virtual machines.
Request:
Method:
POST
URI Path:
/api/v1/csm/virtual-machines?action=update_config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
VirtualMachineConfigList+

Example Request: POST https://<nsx-csm>/api/v1/csm/virtual-machines?action=update_config { "virtual_machines": [ { "vm_id": "i-027c0b32cbe631ec9" "vm_config_properties": { "whitelisted" : true } }, { "vm_id": "a491bc83-5fc8-4e05-adb1-af8274422141" "vm_config_properties": { "whitelisted" : true } } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VirtualMachineConfigList+

Required Permissions: crud Feature: cloud_resources Additional Errors:

Management Plane API

Management Plane API: AAA

Associated URIs:

Create registration access token

The privileges of the registration token will be the same as the caller. Request:
Method:
POST
URI Path:
/api/v1/aaa/registration-token
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/aaa/registration-token Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RegistrationToken+

Example Response: { "token": "e9112e46-a54a-486f-82bb-043b89228c1b", "roles":[ "network_engineer" ] } Required Permissions: crud Feature: nodes_edges Additional Errors:

Get registration access token

Request:
Method:
GET
URI Path:
/api/v1/aaa/registration-token/<token>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/aaa/registration-token/e9112e46-a54a-486f-82bb-043b89228c1b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RegistrationToken+

Example Response: { "token": "e9112e46-a54a-486f-82bb-043b89228c1b", "roles": [ "network_engineer" ] } Required Permissions: read Feature: nodes_edges Additional Errors:

Delete registration access token

Request:
Method:
DELETE
URI Path:
/api/v1/aaa/registration-token/<token>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/aaa/registration-token/e9112e46-a54a-486f-82bb-043b89228c1b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: nodes_edges Additional Errors:

Get all users and groups with their roles

Request:
Method:
GET
URI Path:
/api/v1/aaa/role-bindings
Request Headers:
n/a
Query Parameters:
RoleBindingRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/role-bindings?page_size=1 GET https://<-mgr>/api/v1/aaa/role-bindings?page_size=1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleBindingListResult+

Example Response: { "sort_ascending": true, "sort_by": "id", "result_count": 2, "results": [ { "resource_type": "RoleBinding", "description": "", "id": "0395447b-480a-4091-9075-4070138e0cee", "display_name": "rt-group1", "tags": [], "roles": [ { "role": "auditor" } ], "name": "rt-group1", "type": "remote_group", "_create_user": "admin", "_create_time": 1493963048438, "_last_modified_user": "admin", "_last_modified_time": 1493963048438, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "RoleBinding", "description": "", "id": "7e672b0e-f0bd-48bc-b579-9e6f1b2b3969", "display_name": "local_admin@System Domain", "tags": [], "roles": [ { "role": "enterprise_admin" } ], "name": "local_admin@System Domain", "type": "remote_user", "_create_user": "admin", "_create_time": 1493960803006, "_last_modified_user": "admin", "_last_modified_time": 1493960803006, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: users_role_assignments Additional Errors:

Assign roles to User or Group

When assigning a user role, specify the user name with the same
case as it appears in vIDM to access the NSX-T user interface.
For example, if vIDM has the user name User1@example.com then
the name attribute in the API call must be be User1@example.com
and cannot be user1@example.com.
Request:
Method:
POST
URI Path:
/api/v1/aaa/role-bindings
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RoleBinding+

Example Request: POST https://<policy-mgr>/policy/api/v1/aaa/role-bindings { "name": "local_admin@System Domain", "type": "remote_user", "roles":[ { "role": "auditor" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleBinding+

Example Response: { "resource_type": "RoleBinding", "description": "", "id": "7e672b0e-f0bd-48bc-b579-9e6f1b2b3969", "display_name": "local_admin@System Domain", "tags": [], "roles": [ { "role": "auditor" } ], "name": "local_admin@System Domain", "type": "remote_user", "_create_user": "admin", "_create_time": 1493960803006, "_last_modified_user": "admin", "_last_modified_time": 1493960803006, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: users_role_assignments Additional Errors:

Get user/group's role information

Request:
Method:
GET
URI Path:
/api/v1/aaa/role-bindings/<binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/role-bindings/5c669dc6-47a8-4508-3077-6a48f26c5a4g GET https://<nsx-mgr>/api/v1/aaa/role-bindings/5c669dc6-47a8-4508-3077-6a48f26c5a4g Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleBinding+

Example Response: { "resource_type": "RoleBinding", "description": "", "id": "7e672b0e-f0bd-48bc-b579-9e6f1b2b3969", "display_name": "local_admin@System Domain", "tags": [], "roles": [ { "role": "enterprise_admin" } ], "name": "local_admin@System Domain", "type": "remote_user", "_create_user": "admin", "_create_time": 1493960803006, "_last_modified_user": "admin", "_last_modified_time": 1493960803006, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: users_role_assignments Additional Errors:

Delete user/group's roles assignment

Request:
Method:
DELETE
URI Path:
/api/v1/aaa/role-bindings/<binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/aaa/role-bindings/5c669dc6-47a8-4508-3077-6a48f26c5a4g Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: users_role_assignments Additional Errors:

Update User or Group's roles

Request:
Method:
PUT
URI Path:
/api/v1/aaa/role-bindings/<binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RoleBinding+

Example Request: PUT https://<policy-mgr>/policy/api/v1/aaa/role-bindings/5c669dc6-47a8-4508-3077-6a48f26c5a4g { "name": "local_admin@System Domain", "type": "remote_user", "_revision": 0, "roles":[ { "role": "enterprise_admin" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleBinding+

Example Response: { "resource_type": "RoleBinding", "description": "", "id": "7e672b0e-f0bd-48bc-b579-9e6f1b2b3969", "display_name": "local_admin@System Domain", "tags": [], "roles": [ { "role": "enterprise_admin" } ], "name": "local_admin@System Domain", "type": "remote_user", "_create_user": "admin", "_create_time": 1493960803006, "_last_modified_user": "admin", "_last_modified_time": 1493960803006, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: users_role_assignments Additional Errors:

Delete all stale role assignments

Request:
Method:
POST
URI Path:
/api/v1/aaa/role-bindings?action=delete_stale_bindings
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<policy-mgr>/policy/api/v1/aaa/role-bindings?action=delete_stale_bindings Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: users_role_assignments Additional Errors:

Get information about all roles

Request:
Method:
GET
URI Path:
/api/v1/aaa/roles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/roles GET https://<nsx-mgr>/api/v1/aaa/roles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleListResult+

Example Response: { "results": [ { "role": "enterprise_admin" }, { "role": "security_op" }, { "role": "auditor" }, { "role": "security_engineer" }, { "role": "network_op" }, { "role": "network_engineer" } ] } Required Permissions: read Feature: users_configuration Additional Errors:

Get role information

Request:
Method:
GET
URI Path:
/api/v1/aaa/roles/<role>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/roles/auditor GET https://<nsx-mgr>/api/v1/aaa/roles/auditor Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoleWithFeatures+

Example Response: { "role": "auditor", "features": [ { "feature": "groups_ip_sets", "permission": "read" }, { "feature": "groups_mac_sets", "permission": "read" }, { "feature": "groups_ip_pools", "permission": "read" }, { "feature": "groups", "permission": "read" }, { "feature": "services", "permission": "read" } ] } Required Permissions: read Feature: users_configuration Additional Errors:

Get information about logged-in user. The permissions parameter of the NsxRole has been deprecated.

Request:
Method:
GET
URI Path:
/api/v1/aaa/user-info
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/user-info GET https://<nsx-mgr>/api/v1/aaa/user-info Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UserInfo+

Example Response: { "user_name": "admin", "roles": [ { "role": "enterprise_admin" } ] } Required Permissions: none Feature: users_configuration Additional Errors:

Get all the User Groups where vIDM display name matches the search key case insensitively. The search key is checked to be a substring of display name. This is a non paginated API.

Request:
Method:
GET
URI Path:
/api/v1/aaa/vidm/groups
Request Headers:
n/a
Query Parameters:
VidmInfoSearchRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/vidm/groups?search_string=clay_group GET https://<nsx-mgr>/api/v1/aaa/vidm/groups?search_string=clay_group Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VidmInfoListResult+

Example Response: { "result_count": 3, "results": [ { "name": "clay_group_EA@testad2.local", "type": "remote_group", "display_name": "clay_group_EA@testad2.local" }, { "name": "clay_group_SE@testad2.local", "type": "remote_group", "display_name": "clay_group_SE@testad2.local" }, { "name": "clay_group_AU@testad2.local", "type": "remote_group", "display_name": "clay_group_AU@testad2.local" } ] } Required Permissions: read Feature: users_role_assignments Additional Errors:

Get all the users and groups from vIDM matching the search key case insensitively. The search key is checked to be a substring of name or given name or family name of user and display name of group. This is a non paginated API.

Request:
Method:
POST
URI Path:
/api/v1/aaa/vidm/search
Request Headers:
n/a
Query Parameters:
VidmInfoSearchRequestParameters+
Request Body:
n/a

Example Request: POST https://<policy-mgr>/policy/api/v1/aaa/vidm/search?search_string=John POST https://<nsx-mgr>/api/v1/aaa/vidm/search?search_string=John Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VidmInfoListResult+

Example Response: { "result_count": 3, "results": [ { "name": "John_doe@testad2.local", "type": "remote_user", "display_name": "John Doe" }, { "name": "Johnd@testad2.local", "type": "remote_user", "display_name": "John Roe" }, { "name": "Johns_group@testad2.local", "type": "remote_group", "display_name": "John's Group" } ] } Required Permissions: read Feature: users_role_assignments Additional Errors:

Get all the users from vIDM whose userName, givenName or familyName matches the search key case insensitively. The search key is checked to be a substring of name or given name or family name. This is a non paginated API.

Request:
Method:
GET
URI Path:
/api/v1/aaa/vidm/users
Request Headers:
n/a
Query Parameters:
VidmInfoSearchRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/aaa/vidm/users?search_string=John GET https://<nsx-mgr>/api/v1/aaa/vidm/users?search_string=John Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VidmInfoListResult+

Example Response: { "result_count": 2, "results": [ { "name": "John_doe@testad2.local", "type": "remote_user", "display_name": "John Doe" }, { "name": "John_roe@testad2.local", "type": "remote_user", "display_name": "John Roe" } ] } Required Permissions: read Feature: users_role_assignments Additional Errors:

Management Plane API: API Services

Management Plane API: API Services: API Request Batching

Associated URIs:

Register a Collection of API Calls at a Single End Point

Enables you to make multiple API requests using a single request. The batch
API takes in an array of logical HTTP requests represented as JSON arrays.
Each request has a method (GET, PUT, POST, or DELETE), a relative_url (the
portion of the URL after https://<nsx-mgr>/api/), optional headers
array (corresponding to HTTP headers) and an optional body (for POST and PUT
requests). The batch API returns an array of logical HTTP responses
represented as JSON arrays. Each response has a status code, an optional
headers array and an optional body (which is a JSON-encoded string).
Request:
Method:
POST
URI Path:
/api/v1/batch
Request Headers:
n/a
Query Parameters:
BatchParameter+
Request Body:
BatchRequest+

Example Request: POST https://<nsx-mgr>/api/v1/batch { "requests":[ { "method":"POST", "uri":"/v1/switching-profiles", "body": { "resource_type": "SpoofGuardSwitchingProfile", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": ["LSWITCH_BINDINGS"] } }, { "method":"GET", "uri":"/v1/switching-profiles" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BatchResponse+

Example Response: { "results": [ { "body": { "_revision": 0, "id": "9e6e5375-d7d9-48b4-9118-b1121757f1e3", "display_name": "custom1-qos-switching-profile", "code": 201, "body": { "resource_type": "SpoofGuardSwitchingProfile", "id": "02d866d7-495c-47f4-b945-61a8559219b9", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": [ "LSWITCH_BINDINGS" ], "_last_modified_time": 1458772318447, "_create_time": 1458772318447, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } }, { "code": 200, "body": { "cursor": "00361b53de57-0313-4f3d-b494-635c58b1d986spoof-guard-lswitch-bindings", "result_count": 4, "results": [ { "_revision": 0, "id": "9e6e5375-d7d9-48b4-9118-b1121757f1e3", "display_name": "custom1-qos-switching-profile", "resource_type": "QosSwitchingProfile", "description": "", "id": "7f39bf67-ccf5-4613-8993-506ec89d893a", "display_name": "TT", "tags": [], "dscp": { "mode": "TRUSTED", "priority": 0 }, "shaper_configuration": [ { "resource_type": "IngressRateShaper", "enabled": false, "average_bandwidth_mbps": 0, "peak_bandwidth_mbps": 0, "burst_size_bytes": 0 }, { "resource_type": "IngressBroadcastRateShaper", "enabled": false, "burst_size_bytes": 0, "peak_bandwidth_kbps": 0, "average_bandwidth_kbps": 0 }, { "resource_type": "EgressRateShaper", "enabled": false, "average_bandwidth_mbps": 0, "peak_bandwidth_mbps": 0, "burst_size_bytes": 0 } ], "class_of_service": 2, "_last_modified_time": 1457999948761, "_create_time": 1457999948761, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_last_modified_user": "admin" }, "code": 201 }, { "body": { "result_count": 9, "results": [ { "resource_type": "IpfixSwitchingProfile", "_revision": 0, "id": "cb317635-939b-430a-ae50-005fc4c6ac14", "display_name": "nsx-default-ipfix-global-profile", "enabled": false, "_last_modified_time": 1413324646801, "_create_time": 1413324646801, "_create_user": "system", "_last_modified_user": "system" }, { "resource_type": "QosSwitchingProfile", "_revision": 0, "id": "9e6e5375-d7d9-48b4-9118-b1121757f1e3", "display_name": "custom1-qos-switching-profile", "system_defined": false, "dscp": { "priority": 1, "mode": "UNTRUSTED" }, "burst_size": 20, "class_of_service": 1, "peak_bandwidth": 400, "average_bandwidth": 200, "_last_modified_time": 1413349096169, "_create_time": 1413349096169, "_create_user": "admin", "_last_modified_user": "admin" }, { "resource_type": "IpDiscoverySwitchingProfile", "_revision": 0, "id": "64814784-7896-3901-9741-badeff705639", "display_name": "nsx-default-ip-discovery-overlay-profile", "system_defined": true, "arp_snooping_enabled": true, "dhcp_snooping_enabled": true, "_last_modified_time": 1413324646789, "_create_time": 1413324646789, "_create_user": "system", "_last_modified_user": "system" }, { "resource_type": "IpDiscoverySwitchingProfile", "_revision": 0, "id": "64814874-6987-1093-1479-badeff705639", "display_name": "nsx-default-ip-discovery-vlan-profile", "system_defined": true, "arp_snooping_enabled": false, "dhcp_snooping_enabled": false, "_last_modified_time": 1413324646800, "_create_time": 1413324646800, "_create_user": "system", "_last_modified_user": "system" }, { "resource_type": "QosSwitchingProfile", "_revision": 0, "id": "f313290b-eba8-4262-bd93-fab5026e9495", "display_name": "nsx-default-qos-switching-profile", "system_defined": true, "dscp": { "priority": 0, "mode": "TRUSTED" }, "burst_size": 0, "class_of_service": 0, "peak_bandwidth": 0, "average_bandwidth": 0, "_last_modified_time": 1413324646729, "_create_time": 1413324646729, "_create_user": "system", "_last_modified_user": "system" }, { "resource_type": "PortMirroringSwitchingProfile", "_revision": 1, "id": "93b4b7e8-f116-415d-a50c-3364611b5d09", "display_name": "nsx-default-port-mirroring-profile", "system_defined": false, "direction": "INGRESS", "_last_modified_time": 1413345541673, "_create_time": 1413324646767, "_create_user": "system", "_last_modified_user": "admin" } ] }, "code": 200 "_revision": 0 }, { "resource_type": "SpoofGuardSwitchingProfile", "id": "ff45644f-9dda-4970-b1e3-30ac11ff0582", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": [ "LSWITCH_BINDINGS" ], "_last_modified_time": 1458754361177, "_create_time": 1458754361177, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 }, { "resource_type": "SpoofGuardSwitchingProfile", "id": "02d866d7-495c-47f4-b945-61a8559219b9", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": [ "LSWITCH_BINDINGS" ], "_last_modified_time": 1458772318447, "_create_time": 1458772318447, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 }, { "resource_type": "SpoofGuardSwitchingProfile", "id": "1b53de57-0313-4f3d-b494-635c58b1d986", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": [ "LSWITCH_BINDINGS" ], "_last_modified_time": 1458754382102, "_create_time": 1458754382102, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } ] } } Required Permissions: none Feature: no_rbac Additional Errors:

Management Plane API: API Services: Authentication

Associated URIs:

Update node authentication policy configuration

Update the currently configured authentication policy on the node.
If any of api_max_auth_failures, api_failed_auth_reset_period, or
api_failed_auth_lockout_period are modified, the http service is
automatically restarted.
Request:
Method:
PUT
URI Path:
/api/v1/node/aaa/auth-policy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AuthenticationPolicyProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/aaa/auth-policy { "minimum_password_length": 12 } Successful Response:
Response Code:
202 Accepted
Response Headers:
Content-type: application/json
Response Body:
AuthenticationPolicyProperties+

Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AuthenticationPolicyProperties+

Example Response: { "minimum_password_length": 12 } Required Permissions: crud Feature: system_administration Additional Errors:

Read node authentication policy configuration

Returns information about the currently configured authentication
policies on the node.
Request:
Method:
GET
URI Path:
/api/v1/node/aaa/auth-policy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/aaa/auth-policy Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AuthenticationPolicyProperties+

Example Response: { "_schema": "AuthenticationPolicyProperties", "_self": { "href": "/node/aaa/auth-policy", "rel": "self" }, "api_failed_auth_lockout_period": 900, "api_failed_auth_reset_period": 900, "api_max_auth_failures": 5, "cli_failed_auth_lockout_period": 900, "cli_max_auth_failures": 5, "minimum_password_length": 8 } Required Permissions: read Feature: system_administration Additional Errors:

Management Plane API: API Services: Task Management

Associated URIs:

Get information about all tasks

Request:
Method:
GET
URI Path:
/api/v1/tasks
Request Headers:
n/a
Query Parameters:
TaskQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/tasks Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TaskListResult+

Example Response: { "result_count" : 1, "results" : [ { "start_time" : 1478646470253, "async_response_available" : true, "cancelable" : false, "end_time" : 1478646470344, "progress" : 100, "id" : "59c7d6c8-7d64-4f0e-8af5-0b5e92bc3330", "user" : "admin", "status" : "SUCCESS" } ] } Required Permissions: read Feature: utilities_tasks Additional Errors:

Get information about the specified task

Request:
Method:
GET
URI Path:
/api/v1/tasks/<task-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/tasks/ab265781-c826-4da7-9487-48a5c713a481 Successful Response:
Response Code:
200 OK, 303 See Other
Response Headers:
Content-type: application/json
Response Body:
TaskProperties+

Example Response: { "progress" : 100, "id" : "ab265781-c826-4da7-9487-48a5c713a481", "end_time" : 1416959364977, "status" : "success", "async_response_available" : false, "cancelable" : false, "start_time" : 1416959362874 } Required Permissions: read Feature: utilities_tasks Additional Errors:

Get the response of a task

Request:
Method:
GET
URI Path:
/api/v1/tasks/<task-id>/response
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/tasks59c7d6c8-7d64-4f0e-8af5-0b5e92bc3330/response Successful Response:
Response Code:
200 OK, 303 See Other
Response Headers:
Content-type: application/json
Response Body:
object

Example Response: { "cursor" : "", "sort_ascending" : true, "sort_by" : "displayName", "result_count" : 0, "results" : [ ] } Required Permissions: read Feature: utilities_tasks Additional Errors:

Management Plane API: Aggregation Service

Management Plane API: Aggregation Service: Configuration

Associated URIs:

List all health performance monitoring feature stacks

Request:
Method:
GET
URI Path:
/api/v1/hpm/features
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/hpm/features Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FeatureStackCollectionConfigurationList+

Example Response: { "results": [ { "feature_stack_name": "HostNodeStatusVertical" "client_type_collection_configurations": [ { "client_type": "CONTROL_PLANE" "collection_type_configurations": [ { "collection_type": "STATUS" "collection_frequency": 60 }, { "collection_type": "STATISTICS" "collection_frequency": 300 } }, { "client_type": "MANAGEMENT_PLANE" "collection_type_configurations": [ { "collection_type": "STATUS" "collection_frequency": 60 }, { "collection_type": "STATISTICS" "collection_frequency": 300 } } ] } ] } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Read health performance monitoring configuration for feature stack

Returns the complete set of client type data collection
configuration records for the specified feature stack.
Request:
Method:
GET
URI Path:
/api/v1/hpm/features/<feature-stack-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/hpm/features/HostNodeStatusVertical Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FeatureStackCollectionConfiguration+

Example Response: { "resource_type" : "FeatureStackCollectionConfiguration", "id" : "78c2b5d5-a591-4bfc-ba9b-c2a9ed63091b", "display_name" : "HostNodeStatusVertical", "feature_stack_name" : "HostNodeStatusVertical", "client_type_collection_configurations" : [ { "client_type" : "HYPERVISOR", "data_type_configurations" : [ { "collection_frequency" : 61, "data_type" : "STATISTICS" }, { "collection_frequency" : 60, "data_type" : "STATUS" } ] }, { "client_type" : "MANAGEMENT_PLANE", "data_type_configurations" : [ { "collection_frequency" : 61, "data_type" : "STATISTICS" }, { "collection_frequency" : 15, "data_type" : "STATUS" } ] }, { "client_type" : "MANAGEMENT_PLANE_PLATFORM", "data_type_configurations" : [ { "collection_frequency" : 61, "data_type" : "STATISTICS" }, { "collection_frequency" : 15, "data_type" : "STATUS" } ] }, { "client_type" : "EDGE", "data_type_configurations" : [ { "collection_frequency" : 61, "data_type" : "STATISTICS" }, { "collection_frequency" : 60, "data_type" : "STATUS" } ] }, { "client_type" : "CONTROL_PLANE_PLATFORM", "data_type_configurations" : [ { "collection_frequency" : 61, "data_type" : "STATISTICS" }, { "collection_frequency" : 15, "data_type" : "STATUS" } ] } ], "_revision" : 1 } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Update health performance monitoring configuration for feature stack

Apply the data collection configuration for the specified
feature stack.
Request:
Method:
PUT
URI Path:
/api/v1/hpm/features/<feature-stack-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FeatureStackCollectionConfiguration+

Example Request: PUT https://<nsx-mgr>/api/v1/hpm/features/FabricStats { "resource_type": "FeatureStackCollectionConfiguration", "display_name": "FabricStats", "feature_stack_name": "FabricStats", "client_type_collection_configurations": [ { "client_type": "HYPERVISOR", "data_type_configurations": [ { "collection_frequency": 120, "data_type": "STATUS" } ] } ], "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FeatureStackCollectionConfiguration+

Example Response: { "resource_type": "FeatureStackCollectionConfiguration", "id": "01b0e1fe-a8c9-4a76-af6a-d59890141145", "display_name": "FabricStats", "feature_stack_name": "FabricStats", "client_type_collection_configurations": [ { "client_type": "HYPERVISOR", "data_type_configurations": [ { "collection_frequency": 120, "data_type": "STATUS" } ] } ], "_revision": 2 } Required Permissions: crud Feature: aggregation_service_health_monitoring Additional Errors:

Reset the data collection frequency configuration setting to the default values

Request:
Method:
POST
URI Path:
/api/v1/hpm/features/<feature-stack-name>?action=reset_collection_frequency
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/hpm/features/FabricStats?action=reset_collection_frequency Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FeatureStackCollectionConfiguration+

Example Response: { "resource_type": "FeatureStackCollectionConfiguration", "id": "1d8b2673-dbba-4368-a1fd-c97edbb04c7d", "display_name": "FabricStats", "feature_stack_name": "FabricStats", "client_type_collection_configurations": [ { "client_type": "HYPERVISOR", "data_type_configurations": [ { "collection_frequency": 60, "data_type": "STATUS" } ] } ], "_revision": 1 } Required Permissions: crud Feature: aggregation_service_health_monitoring Additional Errors:

Set the global configuration for aggregation service related data collection

Request:
Method:
PUT
URI Path:
/api/v1/hpm/global-config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
GlobalCollectionConfiguration+

Example Request: PUT https://<nsx-mgr>/api/v1/hpm/global-config { "resource_type": "GlobalCollectionConfiguration", "id": "74d59b24-c433-4d3d-bb92-6870bb35b037", "display_name": "Global Data Collection Configuration", "is_data_collection_enabled": true, "modified_feature_stack_collection_configurations": { "results": [] }, "aggregated_data_collection_frequency": 400, "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GlobalCollectionConfiguration+

Example Response: { "resource_type": "GlobalCollectionConfiguration", "id": "74d59b24-c433-4d3d-bb92-6870bb35b037", "display_name": "Global Data Collection Configuration", "is_data_collection_enabled": true, "modified_feature_stack_collection_configurations": { "results": [] }, "aggregated_data_collection_frequency": 400, "_last_modified_time": 1458245693232, "_create_time": 1457468839463, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "system", "_revision": 2 } Required Permissions: crud Feature: aggregation_service_health_monitoring Additional Errors:

Read global health performance monitoring configuration

Request:
Method:
GET
URI Path:
/api/v1/hpm/global-config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/hpm/global-config Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GlobalCollectionConfiguration+

Example Response: { "resource_type": "GlobalCollectionConfiguration", "id": "74d59b24-c433-4d3d-bb92-6870bb35b037", "display_name": "Global Data Collection Configuration", "is_data_collection_enabled": true, "modified_feature_stack_collection_configurations": { "results": [] }, "aggregated_data_collection_frequency": 300, "_last_modified_time": 1457468839463, "_create_time": 1457468839463, "_last_modified_user": "system", "_system_owned": false, "_create_user": "system", "_revision": 1 } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Management Plane API: App Discovery

Associated URIs:

Returns list of app profile IDs created

Returns list of app profile IDs created
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/app-profiles
Request Headers:
n/a
Query Parameters:
AppProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/app-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppProfileListResult+

Example Response: { "result_count": 2, "results": [ { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "web_tier", "app_profile_category": "web server", "app_profile_criteria": [ "Tomcat1.0" ], "default_app_profile": false }, { "id": "p2926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "db_tier", "app_profile_category": "database server", "app_profile_criteria": [ "Postgresql" ], "default_app_profile": false } ] } Required Permissions: read Feature: app_discovery Additional Errors:

Adds a new app profile

Adds a new app profile
Request:
Method:
POST
URI Path:
/api/v1/app-discovery/app-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AppProfile+

Example Request: POST https://<nsx-mgr>/api/v1/app-discovery/app-profiles { "display_name": "web_tier", "app_profile_category": "web server, web client", "app_profile_criteria": [ "Tomcat1.0" ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
AppProfile+

Example Response: { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "web_tier", "app_profile_category": "web server, web client", "app_profile_criteria": [ "Tomcat1.0" ] } Required Permissions: crud Feature: app_discovery Additional Errors:

Returns detail of the app profile

Returns detail of the app profile
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/app-profiles/<app-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/app-profiles/ac926c72-daf2-4bb5-ac07-9ab70afded67 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppProfile+

Example Response: { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "web_tier", "app_profile_category": "web server", "app_profile_criteria": [ "Tomcat1.0" ], "default_app_profile": false } Required Permissions: read Feature: app_discovery Additional Errors:

Update AppProfile

Update AppProfile
Request:
Method:
PUT
URI Path:
/api/v1/app-discovery/app-profiles/<app-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AppProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/app-discovery/app-profiles/ac926c72-daf2-4bb5-ac07-9ab70afded67 { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "web_tier", "app_profile_category": "web server, web client", "app_profile_criteria": [ "Tomcat1.0" ], "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppProfile+

Required Permissions: crud Feature: app_discovery Additional Errors:

Delete App Profile

Deletes the specified AppProfile.
Request:
Method:
DELETE
URI Path:
/api/v1/app-discovery/app-profiles/<app-profile-id>
Request Headers:
n/a
Query Parameters:
AppProfileDeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/app-discovery/app-profiles/ac926c72-daf2-4bb5-ac07-9ab70afded67 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: app_discovery Additional Errors:

Returns the list of the application discovery sessions available

Returns the list of the application discovery sessions available
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions
Request Headers:
n/a
Query Parameters:
AppDiscoverySessionsParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppDiscoverySessionsListResult+

Example Response: { "result_count": 1, "results": [ { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "status": "FINISHED", "reclassification": "NOT_REQUIRED", "start_timestamp": 1457518122686, "end_timestamp": 1457518125699 } ] } Required Permissions: read Feature: app_discovery Additional Errors:

Starts the discovery of application discovery session

Starts the discovery of application discovery session
Request:
Method:
POST
URI Path:
/api/v1/app-discovery/sessions
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
StartAppDiscoverySessionParameters+

Example Request: POST https://<nsx-mgr>/api/v1/app-discovery/sessions { "ns_group_ids": ["ns_group_id_1", "ns_group_id_2"], "app_profile_ids": ["app_profile_id_1", "app_profile_id_1"] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
AppDiscoverySession+

Example Response: { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "status": "STARTING", "start_timestamp": 1457518122686, "end_timestamp": 1457518125699 } Required Permissions: crud Feature: app_discovery Additional Errors:

Cancel and delete the application discovery session

Cancel and delete the application discovery session
Request:
Method:
DELETE
URI Path:
/api/v1/app-discovery/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: app_discovery Additional Errors:

Returns the status of the application discovery session and other details

Returns the status of the application discovery session and other details
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppDiscoverySession+

Example Response: { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "status": "FINISHED", "reclassification": "NOT_REQUIRED", "start_timestamp": 1457518122686, "end_timestamp": 1457518125699 } Required Permissions: read Feature: app_discovery Additional Errors:

application profiles in this application discovery session

Returns the application profiles that was part of the application discovery session |
while it was started.
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions/<session-id>/app-profiles
Request Headers:
n/a
Query Parameters:
AppProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/app-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppProfileListResult+

Example Response: { "result_count": 2, "results": [ { "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "web_tier", "app_profile_category": "web server", "app_profile_criteria": [ "Tomcat1.0" ], "default_app_profile": false }, { "id": "p2926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "db_tier", "app_profile_category": "database server", "app_profile_criteria": [ "Postgresql" ], "default_app_profile": false } ] } Required Permissions: read Feature: app_discovery Additional Errors:

Returns the details of the installed apps for the app profile ID in that session

Returns the details of the installed apps for the app profile ID in that session
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions/<session-id>/installed-apps
Request Headers:
n/a
Query Parameters:
InstalledAppsParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/installed-apps?app_profile_id=app-profile-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppInfoListResult+

Example Response: { "sort_ascending": true, "sort_by":"name", "result_count": 2, "results": [ { "name": "Chrome", "manufacturer": "Google", "version": "1.0.1", "os_type": "WINDOWS" }, { "name": "MS Word", "manufacturer": "Microsoft", "version": "1.0.1", "os_type": "LINUX" } ] } Required Permissions: read Feature: app_discovery Additional Errors:

ns-groups in this application discovery session

Returns the ns groups that was part of the application discovery session |
while it was started
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions/<session-id>/ns-groups
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/ns-groups Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSGroupMetaInfoListResult+

Example Response: { "result_count": 1, "results": [ { "ns_group_id" : "ns_group_1", "no_of_vms" : 35 } ] } Required Permissions: read Feature: app_discovery Additional Errors:

vms in the ns-group of the application discovery session

Returns the vms in the ns-group of the application discovery session
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions/<session-id>/ns-groups/<ns-group-id>/members
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/ns-groups/ac926c72-daf2-4bb5-ac07-9ab70afded68/members Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppDiscoveryVmInfoListResult+

Example Response: { "result_count": 1, "results": [ { "vm_name" : "vm_name1", "vm_external_id" : "36926c72-daf2-4bb5-ac07-9ab70afded67", "os_type": "WINDOWS", "os_properties": ["key1, value1", "key2, value2"] } ] } Required Permissions: read Feature: app_discovery Additional Errors:

Re-classify a completed application discovery session.

Re-classify completed application discovery session against input
AppProfiles. If no AppProfiles are specified then we use the previous
AppProfiles of that session.
Request:
Method:
POST
URI Path:
/api/v1/app-discovery/sessions/<session-id>/re-classify
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SessionReclassificationParameter+

Example Request: PUT https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/re-classify { "app_profile_ids": ["app_profile_id_1", "app_profile_id_2"] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppDiscoverySessionResultSummary+

Example Response: { "id": "8ee9a038-f33e-4d5a-b630-0e492d20db04", "status": "FINISHED", "app_profile_summary_list": [ { "display_name": "Apps", "app_profile_id": "app_profile_id_1", "installed_apps_count": 12 }, { "display_name": "Web tier apps", "app_profile_id": "app_profile_id_2", "installed_apps_count": 1 } ] } Required Permissions: crud Feature: app_discovery Additional Errors:

Export app discovery results in CSV format

Returns app discovery results in CSV format, each row contains discovered app information
and the id of the vms this app is discovered from for a given set of vms
(or for all vms belong to this session when no vm id is passed in)
Request:
Method:
POST
URI Path:
/api/v1/app-discovery/sessions/<session-id>/report/app-info-and-vm?format=csv
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ReportAppResultsForVmsRequestParameters+

Example Request: POST https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/report/app-info-and-vm?format=csv { "vm_ids": ["ac926c72-daf2-4bb5-ac07-9ab70afded67", "ac926c72-daf2-4bb5-ac07-9ab70afded68"] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
AppInfoHostVmListInCsvFormat+

Example Response: id, display_name, name, version, manufacturer, os_type, host_vms 56b-496-13d-6091, Java 7 Update 17 (64-bit), 7.0.170, Oracle, WINDOWS, ac926c72-daf2-4bb5-ac07-9ab70afded67|ac926c72-daf2-4bb5-ac07-9ab70afded68 Required Permissions: read Feature: app_discovery Additional Errors:

Export app profiles in CSV format for a given sessiom

Returns app profiles information for a given session in CSV format
Each row will contain detailed info of an app profile, and the id of
apps which is member of this app profile in this session
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions/<session-id>/report/app-profile-and-app-info?format=csv
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/report/app-profile-and-app?format=csv Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
AppProfileMemberAppsListInCsvFormat+

Example Response: display_name, description, app_profile_category, app_profile_criteria, member_apps Web Server, , Server, Apache HTTP|IIS|SharePoint|Nginx|, 5893-11j6-2345|4384-sf6g-3dg6| Required Permissions: read Feature: app_discovery Additional Errors:

Returns the summary of the application discovery session

Returns the summary of the application discovery session
Request:
Method:
GET
URI Path:
/api/v1/app-discovery/sessions/<session-id>/summary
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/app-discovery/sessions/ac926c72-daf2-4bb5-ac07-9ab70afded67/summary Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AppDiscoverySessionResultSummary+

Example Response: { "id": "8ee9a038-f33e-4d5a-b630-0e492d20db04", "status": "FINISHED", "reclassification": "NOT_REQUIRED", "start_timestamp": 1457518122686, "end_timestamp": 1457518125699, "app_profile_summary_list": [ { "display_name": "Apps", "app_profile_id": "1dd3b941-e384-4ed5-88c9-0289ea3a6b41", "installed_apps_count": 12 }, { "display_name": "Web tier apps", "app_profile_id": "476da1be-f74a-49f7-96ab-9809e3c5f96a", "installed_apps_count": 1 }, { "display_name": "Miscellaneous applications", "app_profile_id": "181eb68e-811c-4dd3-8260-ed72f923084b", "installed_apps_count": 26 } ], "app_profiles": [ { "app_profile_id" : "1dd3b941-e384-4ed5-88c9-0289ea3a6b41", "app_profile_name" : "Apps", "app_profile_category" : "Server" }, { "app_profile_id" : "476da1be-f74a-49f7-96ab-9809e3c5f96a", "app_profile_name" : "Web tier apps", "app_profile_category" : "Server" }, { "app_profile_id" : "181eb68e-811c-4dd3-8260-ed72f923084b", "app_profile_name" : "Miscellaneous applications", "app_profile_category" : "Client" } ] } Required Permissions: read Feature: app_discovery Additional Errors:

Management Plane API: Appliance Management

Associated URIs:

List available node logs

Returns the number of log files and lists the log files that reside on the
NSX virtual appliance. The list includes the filename, file size,
and last-modified time in milliseconds since epoch (1 January 1970) for each
log file. Knowing the last-modified time with millisecond accuracy since
epoch is helpful when you are comparing two times, such as the time of a
POST request and the end time on a server.
Request:
Method:
GET
URI Path:
/api/v1/node/logs
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/logs Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeLogPropertiesListResult+

Example Response: { "result_count": 70, "results": [ ... { "last_modified_time": 1442255851363, "log_name": "kern.log", "log_size": 175171 }, ... { "last_modified_time": 1442257962797, "log_name": "syslog", "log_size": 221701 }, ... ] } Required Permissions: read Feature: system_log Additional Errors:

Read node log properties

For a single specified log file, lists the filename, file size, and
last-modified time.
Request:
Method:
GET
URI Path:
/api/v1/node/logs/<log-name>
Request Headers:
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/logs/syslog Successful Response:
Response Code:
200 OK, 206 Partial Content
Response Headers:
Content-type: application/json
Content-type: application/octet-stream
Response Body:
NodeLogProperties+

Example Response: { "last_modified_time": 1442258255032, "log_name": "syslog", "log_size": 224075 } Required Permissions: read Feature: system_log Additional Errors:

Read node log contents

For a single specified log file, returns the content of the log file.
This method supports byte-range requests. To request just a portion of a
log file, supply an HTTP Range header, e.g. "Range: bytes=-".
is optional, and, if omitted, the file contents from start to the
end of the file are returned.'
Request:
Method:
GET
URI Path:
/api/v1/node/logs/<log-name>/data
Request Headers:
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/logs/syslog/data Successful Response:
Response Code:
200 OK, 206 Partial Content
Response Headers:
FileRequestHeaders
Content-type: application/octet-stream
Response Body:
n/a

Example Response: 2015-09-14T19:35:23.688Z 10.160.30.117 NSX - - - UserName:'admin@10.36.1.186', ModuleName:'ACCESS_CONTROL', Operation:'LOGIN', Operation status:'success' 2015-09-14T19:35:23.817Z nsx-manager NSX - - - "GET /api/v1/node/status HTTP/1.1" 200 2550 "" "" 0.123531 Required Permissions: read Feature: system_log Additional Errors:

Management Plane API: Associations

Associated URIs:

Get ResourceReference objects to which the given resource belongs to

Returns information about resources that are associated with the given
resource. Id and type of the resource for which associated resources are
to be fetched are to be specified as query parameter in the URI. Resource
type of the associated resources must be specified as query
parameter.
Request:
Method:
GET
URI Path:
/api/v1/associations
Request Headers:
n/a
Query Parameters:
AssociationListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/associations?resource_id= bf250578-c0a5-4ca0-b237-0375966d23ce&resource_type=MACSet&associated_resource_type=NSGroup Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AssociationListResult+

Example Response: { "sort_by": "displayName", "sort_ascending": true, "result_count": 1, "results": [ { "target_type": "NSGroup", "target_display_name": "testNSGroup", "target_id": "4f3ba7e3-4876-45ef-882a-34bdcb1a1ac8" } ] } Required Permissions: read Feature: groups_groups Additional Errors:

Management Plane API: Capacity Dashboard

Associated URIs:

Returns warning threshold(s) set for NSX Objects.

Returns warning threshold(s) set for NSX Objects. Request:
Method:
GET
URI Path:
/api/v1/capacity/threshold
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/capacity/threshold Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CapacityThresholdList+

Example Response: { "capacity_thresholds": [ { "threshold_type": "NUMBER_OF_PREFIX_LIST", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_VCENTER_CLUSTERS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_SYSTEM_WIDE_VIFS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_NAT_RULES", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_EDGE_CLUSTERS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_DHCP_IP_POOLS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_IPSETS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_EDGE_NODES", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "GLOBAL_DEFAULT", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_TIER1_ROUTERS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_PREPARED_HOSTS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_ACTIVE_DIRECTORY_GROUPS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_LOGICAL_SWITCHES", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_DFW_SECTIONS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_FIREWALL_RULES", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_LOGICAL_PORTS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_DFW_RULES", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_TIER1_WITH_NAT_RULE", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_ACTIVE_DIRECTORY_DOMAINS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_GI_PROTECTED_HOSTS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_DHCP_SERVERS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_NSGROUP", "min_threshold_percentage": 10, "max_threshold_percentage": 20 }, { "threshold_type": "NUMBER_OF_FIREWALL_SECTIONS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_GROUPS_BASED_ON_IP_SETS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_TIER0_ROUTERS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_GI_PROTECTED_VMS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 } ], } Required Permissions: read Feature: capacity_usage Additional Errors:

Updates the warning threshold(s) for NSX Objects.

Updates the warning threshold(s) for NSX Objects specified, and returns
new threshold(s). Threshold list in the request must contain value for GLOBAL_DEFAULT
threshold_type which represents global thresholds.
Request:
Method:
PUT
URI Path:
/api/v1/capacity/threshold
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
CapacityThresholdList+

Example Request: PUT https://<nsx-mgr>/api/v1/capacity/threshold { "capacity_thresholds": [ { "threshold_type": "NUMBER_OF_PREFIX_LIST", "min_threshold_percentage": 50, "max_threshold_percentage": 90 }, { "threshold_type": "NUMBER_OF_VCENTER_CLUSTERS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_SYSTEM_WIDE_VIFS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_NAT_RULES", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_EDGE_CLUSTERS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_DHCP_IP_POOLS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_IPSETS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_EDGE_NODES", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "GLOBAL_DEFAULT", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_TIER1_ROUTERS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_PREPARED_HOSTS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_ACTIVE_DIRECTORY_GROUPS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_LOGICAL_SWITCHES", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_DFW_SECTIONS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_FIREWALL_RULES", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_LOGICAL_PORTS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_DFW_RULES", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_TIER1_WITH_NAT_RULE", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_ACTIVE_DIRECTORY_DOMAINS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_GI_PROTECTED_HOSTS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_DHCP_SERVERS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_NSGROUP", "min_threshold_percentage": 10, "max_threshold_percentage": 20 }, { "threshold_type": "NUMBER_OF_FIREWALL_SECTIONS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_GROUPS_BASED_ON_IP_SETS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_TIER0_ROUTERS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_GI_PROTECTED_VMS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 } ], "resource_type": "CapacityThresholdList", "id": "CapacityThresholdIdentifier", "display_name": "CapacityThresholdIdentifier", "_create_user": "system", "_create_time": 1553595058401, "_last_modified_user": "admin", "_last_modified_time": 1553636408045, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 17 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CapacityThresholdList+

Example Response: { "capacity_thresholds": [ { "threshold_type": "NUMBER_OF_PREFIX_LIST", "min_threshold_percentage": 50, "max_threshold_percentage": 90 }, { "threshold_type": "NUMBER_OF_VCENTER_CLUSTERS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_SYSTEM_WIDE_VIFS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_NAT_RULES", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_EDGE_CLUSTERS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_DHCP_IP_POOLS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_IPSETS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_EDGE_NODES", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "GLOBAL_DEFAULT", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_TIER1_ROUTERS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_PREPARED_HOSTS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_ACTIVE_DIRECTORY_GROUPS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_LOGICAL_SWITCHES", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_DFW_SECTIONS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_FIREWALL_RULES", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_LOGICAL_PORTS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_DFW_RULES", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_TIER1_WITH_NAT_RULE", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_ACTIVE_DIRECTORY_DOMAINS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_GI_PROTECTED_HOSTS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_DHCP_SERVERS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_NSGROUP", "min_threshold_percentage": 10, "max_threshold_percentage": 20 }, { "threshold_type": "NUMBER_OF_FIREWALL_SECTIONS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_GROUPS_BASED_ON_IP_SETS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_TIER0_ROUTERS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 }, { "threshold_type": "NUMBER_OF_GI_PROTECTED_VMS", "min_threshold_percentage": 50, "max_threshold_percentage": 80 } ], "resource_type": "CapacityThresholdList", "id": "CapacityThresholdIdentifier", "display_name": "CapacityThresholdIdentifier", "_create_user": "system", "_create_time": 1553595058401, "_last_modified_user": "admin", "_last_modified_time": 1554048374877, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 18 } Required Permissions: crud Feature: capacity_usage Additional Errors:

Returns capacity usage data for NSX objects (Experimental)

Request:
Method:
GET
URI Path:
/api/v1/capacity/usage
Request Headers:
n/a
Query Parameters:
CapacityUsageRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/capacity/usage Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CapacityUsageResponse+

Example Response: { "capacity_usage": [ { "usage_type": "NUMBER_OF_EDGE_CLUSTERS", "display_name": "Edge Clusters", "current_usage_count": 0, "max_supported_count": 16, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_EDGE_NODES", "display_name": "System Wide Edge Nodes", "current_usage_count": 0, "max_supported_count": 160, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_TIER0_ROUTERS", "display_name": "Tier 0 Logical Routers", "current_usage_count": 0, "max_supported_count": 80, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_TIER1_ROUTERS", "display_name": "Tier 1 Logical Routers", "current_usage_count": 0, "max_supported_count": 2000, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_PREFIX_LIST", "display_name": "Prefix Lists", "current_usage_count": 0, "max_supported_count": 500, "min_threshold_percentage": 50, "max_threshold_percentage": 90, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_NAT_RULES", "display_name": "System wide NAT rules", "current_usage_count": 0, "max_supported_count": 25000, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_DHCP_SERVERS", "display_name": "DHCP Servers", "current_usage_count": 0, "max_supported_count": 10000, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_DHCP_IP_POOLS", "display_name": "System-wide DHCP Ranges/Pools", "current_usage_count": 0, "max_supported_count": 20000, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_TIER1_WITH_NAT_RULE", "display_name": "Tier 1 Logical Routers with NAT enabled", "current_usage_count": 0, "max_supported_count": 2000, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_NSGROUP", "display_name": "Network and Security Groups", "current_usage_count": 2004, "max_supported_count": 10000, "min_threshold_percentage": 10, "max_threshold_percentage": 20, "current_usage_percentage": 20.04, "severity": "CRITICAL" }, { "usage_type": "NUMBER_OF_IPSETS", "display_name": "IP Sets", "current_usage_count": 5001, "max_supported_count": 10000, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 50.01, "severity": "WARNING" }, { "usage_type": "NUMBER_OF_GROUPS_BASED_ON_IP_SETS", "display_name": "Groups based on Ip Sets", "current_usage_count": 1002, "max_supported_count": 10000, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 10.02, "severity": "INFO" }, { "usage_type": "NUMBER_OF_VCENTER_CLUSTERS", "display_name": "Number of vCenter clusters", "current_usage_count": 0, "max_supported_count": 640, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_PREPARED_HOSTS", "display_name": "Hypervisor Hosts", "current_usage_count": 0, "max_supported_count": 1024, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_SYSTEM_WIDE_VIFS", "display_name": "System Wide Virtual Interfaces", "current_usage_count": 0, "max_supported_count": 20000, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_ACTIVE_DIRECTORY_GROUPS", "display_name": "Active Directory Groups", "current_usage_count": 0, "max_supported_count": 100000, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_ACTIVE_DIRECTORY_DOMAINS", "display_name": "Active Directory Domains", "current_usage_count": 0, "max_supported_count": 15, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_FIREWALL_SECTIONS", "display_name": "System Wide Firewall Sections", "current_usage_count": 2, "max_supported_count": 10000, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0.02, "severity": "INFO" }, { "usage_type": "NUMBER_OF_FIREWALL_RULES", "display_name": "System Wide Firewall Rules", "current_usage_count": 2, "max_supported_count": 100000, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_DFW_SECTIONS", "display_name": "Distributed Firewall Sections", "current_usage_count": 2, "max_supported_count": 10000, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0.02, "severity": "INFO" }, { "usage_type": "NUMBER_OF_DFW_RULES", "display_name": "Distributed Firewall Rules", "current_usage_count": 2, "max_supported_count": 100000, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_LOGICAL_SWITCHES", "display_name": "Logical Switches", "current_usage_count": 0, "max_supported_count": 10000, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" }, { "usage_type": "NUMBER_OF_LOGICAL_PORTS", "display_name": "System Wide Logical Switch Ports", "current_usage_count": 0, "max_supported_count": 20000, "min_threshold_percentage": 50, "max_threshold_percentage": 80, "current_usage_percentage": 0, "severity": "INFO" } ], "meta_info": { "last_updated_timestamp": 1554048375022, "min_global_threshold_percentage": 50, "max_global_threshold_percentage": 80 }, "_protection": "NOT_PROTECTED" } Required Permissions: read Feature: capacity_usage Additional Errors:

Management Plane API: Cluster: Nodes

Management Plane API: Cluster: Nodes: Deployments

Associated URIs:

Synchronizes the repository data between nsx managers.

Attempts to synchronize the repository partition on nsx manager. Repository partition contains packages required for the
install and upgrade of nsx components.Normally there is no need to call this API explicitely by the user.
Request:
Method:
POST
URI Path:
/api/v1/cluster/node?action=repo_sync
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/cluster/node?action=repo_sync Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: deployment_nodes_cluster Additional Errors:

Synchronizes the repository data between nsx managers.

Returns the synchronization status for the manager represented by given .
Request:
Method:
GET
URI Path:
/api/v1/cluster/nodes/<node-id>/repo_sync/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/nodes/12f563af-af9f-48f3-848e-e9257c8740b0/repo_sync/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RepoSyncStatusReport+

Required Permissions: read Feature: deployment_nodes_cluster Additional Errors:

Deploy and register a cluster node VM

Deploys a cluster node VM as specified by the deployment config.
Once the VM is deployed and powered on, it will automatically join the
existing cluster.
Request:
Method:
POST
URI Path:
/api/v1/cluster/nodes/deployments
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AddClusterNodeVMInfo+

Example Request: POST https://<nsx-mgr>/api/v1/cluster/nodes/deployments { "deployment_requests": [ { "roles": ["CONTROLLER", "MANAGER"], "form_factor": "MEDIUM", "user_settings": { "cli_password": "CLIp4$$w4rd", "root_password": "ROOTp4$$w4rd" }, "deployment_config": { "placement_type": "VsphereClusterNodeVMDeploymentConfig", "vc_id": "69874c95-51ed-4775-bba8-e0d13bdb4fed", "management_network_id": "network-13", "hostname": "node-0", "compute_id": "domain-s9", "storage_id": "datastore-12", "default_gateway_addresses":[ "10.33.79.253" ], "management_port_subnets":[ { "ip_addresses":[ "10.33.79.64" ], "prefix_length": 22 } ], "dns_servers": [ "10.33.38.2" ] } }, { "roles": ["CONTROLLER", "MANAGER"], "form_factor": "MEDIUM", "user_settings": { "cli_password": "CLIp4$$w4rd", "root_password": "ROOTp4$$w4rd", }, "deployment_config": { "placement_type": "VsphereClusterNodeVMDeploymentConfig", "vc_id": "69874c95-51ed-4775-bba8-e0d13bdb4fed", "management_network_id": "network-13", "hostname": "node-1", "compute_id": "domain-s9", "storage_id": "datastore-12", "default_gateway_addresses":[ "10.33.79.253" ], "management_port_subnets":[ { "ip_addresses":[ "10.33.79.65" ], "prefix_length": 22 } ], "dns_servers": [ "10.33.38.2" ] } } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ClusterNodeVMDeploymentRequestList+

Example Response: { "result_count": 2, "results": [ { "vm_id": "71f02260-644f-4482-aa9a-ab8570bb49a3", "roles": [ "CONTROLLER", "MANAGER" ], "deployment_config": { "placement_type": "VsphereClusterNodeVMDeploymentConfig", "vc_id": "69874c95-51ed-4775-bba8-e0d13bdb4fed", "management_network_id": "network-13", "default_gateway_addresses": [ "10.33.79.253" ], "hostname": "node-0", "compute_id": "domain-s9", "storage_id": "datastore-12", "management_port_subnets": [ { "ip_addresses": [ "10.33.79.64" ], "prefix_length": 22 } ], "dns_servers": [ "10.33.38.2" ] }, "form_factor": "MEDIUM" }, { "vm_id": "38029a2b-b9bc-467f-8138-aef784e802cc", "roles": [ "CONTROLLER", "MANAGER" ], "deployment_config": { "placement_type": "VsphereClusterNodeVMDeploymentConfig", "vc_id": "69874c95-51ed-4775-bba8-e0d13bdb4fed", "management_network_id": "network-13", "default_gateway_addresses":[ "10.33.79.253" ], "hostname": "node-1", "compute_id": "domain-s9", "storage_id": "datastore-12", "management_port_subnets":[ { "ip_addresses":[ "10.33.79.65" ], "prefix_length": 22 } ], "dns_servers": [ "10.33.38.2" ] }, "form_factor": "MEDIUM" } ] } Required Permissions: crud Feature: deployment_nodes_cluster Additional Errors:

Returns info for all cluster node VM auto-deployment attempts

Returns request information for every attempted deployment of a cluster
node VM.
Request:
Method:
GET
URI Path:
/api/v1/cluster/nodes/deployments
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/nodes/deployments Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterNodeVMDeploymentRequestList+

Example Response: { "result_count": 2, "results": [ { "roles": [ "CONTROLLER", "MANAGER" ], "deployment_config": { "placement_type": "VsphereClusterNodeVMDeploymentConfig", "vc_id": "15145422-47a1-4c55-81da-01d953151d1f", "management_network_id": "network-158", "default_gateway_addresses": [ "10.33.79.253" ], "hostname": "node-0", "compute_id": "domain-c154", "storage_id": "datastore-157", "management_port_subnets": [ { "ip_addresses": [ "10.33.79.64" ], "prefix_length": 22 } ], "dns_servers": [ "10.33.38.2" ] }, "form_factor": "MEDIUM" }, { "roles": [ "CONTROLLER", "MANAGER" ], "deployment_config": { "placement_type": "VsphereClusterNodeVMDeploymentConfig", "vc_id": "feb17651-49a7-4ce6-88b4-41d3f624e53b", "management_network_id": "network-158", "default_gateway_addresses": [ "10.33.79.253" ], "hostname": "node-0", "compute_id": "domain-c154", "storage_id": "datastore-157", "management_port_subnets": [ { "ip_addresses": [ "10.33.79.64" ], "prefix_length": 22 } ], "dns_servers": [ "10.33.38.2" ] }, "form_factor": "MEDIUM" } ] } Required Permissions: read Feature: deployment_nodes_cluster Additional Errors:

Returns info for a cluster-node VM auto-deployment attempt

Returns deployment request information for a specific attempted
deployment of a cluster node VM.
Request:
Method:
GET
URI Path:
/api/v1/cluster/nodes/deployments/<node-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/nodes/deployments/12f563af-af9f-48f3-848e-e9257c8740b0 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterNodeVMDeploymentRequest+

Example Response: { "vm_id": "12f563af-af9f-48f3-848e-e9257c8740b0", "roles": [ "CONTROLLER", "MANAGER" ], "deployment_config": { "placement_type": "VsphereClusterNodeVMDeploymentConfig", "vc_id": "15145422-47a1-4c55-81da-01d953151d1f", "management_network_id": "network-158", "default_gateway_addresses": [ "10.33.79.253" ], "hostname": "node-0", "compute_id": "domain-c154", "storage_id": "datastore-157", "management_port_subnets": [ { "ip_addresses": [ "10.33.79.64" ], "prefix_length": 22 } ], "dns_servers": [ "10.33.38.2" ] }, "form_factor": "MEDIUM" } Required Permissions: read Feature: deployment_nodes_cluster Additional Errors:

Returns the status of the VM creation/deletion

Returns the current deployment or undeployment status for a VM along with
any other relevant current information, such as error messages.
Request:
Method:
GET
URI Path:
/api/v1/cluster/nodes/deployments/<node-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/nodes/deployments/12f563af-af9f-48f3-848e-e9257c8740b0/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterNodeVMDeploymentStatusReport+

Example Response: { "status": "VM_POWER_ON_FAILED", "failure_message": "The deletion of cluster node VM has failed.", "failure_code": 21005 } Required Permissions: read Feature: deployment_nodes_cluster Additional Errors:

Attempt to delete an auto-deployed cluster node VM

Attempts to unregister and undeploy a specified auto-deployed cluster
node VM. If it is a member of a cluster, then the VM will be automatically
detached from the cluster before being unregistered and undeployed.
Alternatively, if the original deployment attempt failed or the VM is
not found, cleans up the deployment information associated with the
deployment attempt.
Note: If a VM has been successfully auto-deployed, then the associated
deployment information will not be deleted unless and until the VM is
successfully deleted.
Request:
Method:
POST
URI Path:
/api/v1/cluster/nodes/deployments/<node-id>?action=delete
Request Headers:
n/a
Query Parameters:
ClusterNodeVMDeletionParameters+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/cluster/nodes/deployments/12f563af-af9f-48f3-848e-e9257c8740b0?action=delete Successful Response:
Response Code:
202 Accepted
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: deployment_nodes_cluster Additional Errors:

Management Plane API: Configs

Management Plane API: Configs: Inventory

Associated URIs:

Return inventory configuration

Supports retrieving following configuration of inventory module
1. Soft limit on number of compute managers that can be registered.
Request:
Method:
GET
URI Path:
/api/v1/configs/inventory
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/configs/inventory Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
InventoryConfig+

Example Response: { "compute_managers_soft_limit":5 } Required Permissions: read Feature: vm_vm_info Additional Errors:

Management Plane API: Dashboard

Associated URIs:

Returns the Views based on query criteria defined in ViewQueryParameters.

If no query params are specified then all the views entitled for the user
are returned. The views to which a user is entitled to include the views
created by the user and the shared views.
Request:
Method:
GET
URI Path:
/policy/api/v1/ui-views
Request Headers:
n/a
Query Parameters:
ViewQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ui-views Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ViewList+

Example Response: { "views": [ { "id": "View_0de8406c", "resource_type": "View", "display_name": "My View 1", "shared": true, "weight": 19020, "widgets": [{ "widget_id": "DonutConfiguration_Host-Nodes-Deployment", "label": { "text": "Deployment" }, "weight": 9531 },{ "widget_id": "DonutConfiguration_Host-Nodes-Connectivity", "label": { "text": "Connectivity" }, "weight": 9535 }], "_create_user": "admin", "_create_time": 1496911709362, "_last_modified_user": "admin", "_last_modified_time": 1496911709362, "_system_owned": false, "_revision": 0 },{ "id": "View_abe34406a", "resource_type": "View", "display_name": "My View 2", "shared": true, "weight": 19021, "widgets": [{ "widget_id": "DonutConfiguration_Edge-Nodes-Deployment", "label": { "text": "Deployment" }, "weight": 9532 },{ "widget_id": "DonutConfiguration_Edge-Nodes-Connectivity", "label": { "text": "Connectivity" }, "weight": 9536 }], "_create_user": "admin", "_create_time": 1496911709362, "_last_modified_user": "admin", "_last_modified_time": 1496911709362, "_system_owned": false, "_revision": 0 }] } Required Permissions: read Feature: nsx_dashboard Additional Errors:

Creates a new View.

Request:
Method:
POST
URI Path:
/policy/api/v1/ui-views
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
View+

Example Request: POST https://<nsx-mgr>/api/v1/ui-views { "resource_type": "View", "display_name": "My View 1", "shared": true, "weight": 19020, "widgets": [{ "widget_id": "DonutConfiguration_Host-Nodes-Deployment", "label": { "text": "Deployment" }, "weight": 9531 },{ "widget_id": "DonutConfiguration_Host-Nodes-Connectivity", "label": { "text": "Connectivity" }, "weight": 9535 }] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
View+

Example Response: { "id": "View_0de8406c", "resource_type": "View", "display_name": "My View 1", "shared": true, "weight": 19020, "widgets": [{ "widget_id": "DonutConfiguration_Host-Nodes-Deployment", "label": { "text": "Deployment" }, "weight": 9531 },{ "widget_id": "DonutConfiguration_Host-Nodes-Connectivity", "label": { "text": "Connectivity" }, "weight": 9535 }], "_create_user": "admin", "_create_time": 1496911709362, "_last_modified_user": "admin", "_last_modified_time": 1496911709362, "_system_owned": false, "_revision": 0 } Required Permissions: crud Feature: nsx_dashboard Additional Errors:

Returns View Information

Returns Information about a specific View.
Request:
Method:
GET
URI Path:
/policy/api/v1/ui-views/<view-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ui-views/View_abe34406a Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
View+

Example Response: { "id": "View_abe34406a", "resource_type": "View", "display_name": "My View 2", "shared": true, "weight": 19021, "widgets": [{ "widget_id": "DonutConfiguration_Edge-Nodes-Deployment", "label": { "text": "Deployment" }, "weight": 9532 },{ "widget_id": "DonutConfiguration_Edge-Nodes-Connectivity", "label": { "text": "Connectivity" }, "weight": 9536 }], "_create_user": "admin", "_create_time": 1496911709362, "_last_modified_user": "admin", "_last_modified_time": 1496911709362, "_system_owned": false, "_revision": 0 } Required Permissions: read Feature: nsx_dashboard Additional Errors:

Update View

Request:
Method:
PUT
URI Path:
/policy/api/v1/ui-views/<view-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
View+

Example Request: PUT https://<nsx-mgr>/api/v1/ui-views/View_0de8406c { "resource_type": "View", "display_name": "My View 1 Updated", "shared": true, "weight": 19020, "widgets": [{ "widget_id": "DonutConfiguration_Host-Nodes-Deployment", "label": { "text": "Deployment" }, "weight": 9531 },{ "widget_id": "DonutConfiguration_Host-Nodes-Connectivity", "label": { "text": "Connectivity" }, "weight": 9535 }], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
View+

Example Response: { "id": "View_0de8406c", "resource_type": "View", "display_name": "My View 1 Updated", "shared": true, "weight": 19020, "widgets": [{ "widget_id": "DonutConfiguration_Host-Nodes-Deployment", "label": { "text": "Deployment" }, "weight": 9531 },{ "widget_id": "DonutConfiguration_Host-Nodes-Connectivity", "label": { "text": "Connectivity" }, "weight": 9535 }], "_create_user": "admin", "_create_time": 1496911709362, "_last_modified_user": "admin", "_last_modified_time": 1496911902685, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: nsx_dashboard Additional Errors:

Delete View

Request:
Method:
DELETE
URI Path:
/policy/api/v1/ui-views/<view-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/ui-views/View_0de8406c Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nsx_dashboard Additional Errors:

Creates a new Widget Configuration.

Creates a new Widget Configuration and adds it to the specified view.
Supported resource_types are LabelValueConfiguration, DonutConfiguration,
GridConfiguration, StatsConfiguration, MultiWidgetConfiguration,
GraphConfiguration and ContainerConfiguration.

Note: Expressions should be given in a single line. If an expression spans
multiple lines, then form the expression in a single line.
For label-value pairs, expressions are evaluated as follows:
a. First, render configurations are evaluated in their order of
appearance in the widget config. The 'field' is evaluated at the end.
b. Second, when render configuration is provided then the order of
evaluation is
1. If expressions provided in 'condition' and 'display value' are
well-formed and free of runtime-errors such as 'null pointers' and
evaluates to 'true'; Then remaining render configurations are not
evaluated, and the current render configuration's 'display value'
is taken as the final value.
2. If expression provided in 'condition' of render configuration is
false, then next render configuration is evaluated.
3. Finally, 'field' is evaluated only when every render configuration
evaluates to false and no error occurs during steps 1 and 2 above.

If an error occurs during evaluation of render configuration, then an
error message is shown. The display value corresponding to that label is
not shown and evaluation of the remaining render configurations continues
to collect and show all the error messages (marked with the 'Label' for
identification) as 'Error_Messages: {}'.

If during evaluation of expressions for any label-value pair an error
occurs, then it is marked with error. The errors are shown in the report,
along with the label value pairs that are error-free.

Important: For elements that take expressions, strings should be provided
by escaping them with a back-slash. These elements are - condition, field,
tooltip text and render_configuration's display_value.
Request:
Method:
POST
URI Path:
/policy/api/v1/ui-views/<view-id>/widgetconfigurations
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ContainerConfiguration+
DonutConfiguration+
GraphConfiguration+
GridConfiguration+
LabelValueConfiguration+
MultiWidgetConfiguration+
StatsConfiguration+
WidgetConfiguration+

Example Request: POST https://<nsx-mgr>/api/v1/ui-views/dashboard_custom/widgetconfigurations { "resource_type": "LabelValueConfiguration", "display_name": "Backups", "datasources": [{ "urls": [{ "alias": "config", "url": "api/v1/cluster/backups/config" },{ "alias": "status", "url": "api/v1/cluster/backups/history" }], "display_name": "default" }], "navigation": "nsxapi/index.html#view=systemAdmin/utilities/backup", "footer": { "actions": [{ "dock_to_container_footer": true, "label": { "text": "Configure Backups" }, "url": "nsxapi/index.html#view=systemAdmin/utilities/backup" }] }, "properties": [{ "condition": "#{default.config.backup_enabled} == true", "field": "\"Automatic Backups Enabled\"", "heading": true, "render_configuration": [{ "icons": [{ "type": "SUCCESS" }] }], "type": "String" },{ "condition": "#{default.config.backup_enabled} == false", "field": "\"Automatic Backups Disabled\"", "heading": true, "render_configuration": [{ "icons": [{ "type": "NOT_AVAILABLE" },{ "type": "DETAIL", "placement": "POST", "tooltip": [{ "text": "\"Please enable automatic backups\"" }] }] }], "type": "String" },{ "condition": "#{default.status.node_backup_statuses}.size() == 0", "field": "\"Not Configured\"", "heading": false, "render_configuration": [{ "icons": [{ "type": "WARNING" }] }], "label": { "text": "Node" }, "type": "String" },{ "condition": "#{default.status.node_backup_statuses}.size() != 0", "field": "#{default.status.node_backup_statuses[0].end_time}", "heading": false, "render_configuration": [{ "condition": "#{default.status.node_backup_statuses[0].success}", "icons": [{ "type": "SUCCESS" }] },{ "condition": "#{default.status.node_backup_statuses[0].success} == false", "icons": [{ "type": "ERROR" }] }], "label": { "text": "Node" }, "type": "Date" }] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ContainerConfiguration+
DonutConfiguration+
GraphConfiguration+
GridConfiguration+
LabelValueConfiguration+
MultiWidgetConfiguration+
StatsConfiguration+
WidgetConfiguration+

Example Response: { "id": "LabelValueConfiguration_0de8406c-ab4a-4973-83ef-a1c7a6655c13", "resource_type": "LabelValueConfiguration", "display_name": "Backups", "datasources": [{ "urls": [{ "alias": "config", "url": "api/v1/cluster/backups/config" },{ "alias": "status", "url": "api/v1/cluster/backups/history" }], "display_name": "default" }], "navigation": "nsxapi/index.html#view=systemAdmin/utilities/backup", "footer": { "actions": [{ "dock_to_container_footer": true, "label": { "text": "Configure Backups" }, "url": "nsxapi/index.html#view=systemAdmin/utilities/backup" }] }, "properties": [{ "condition": "#{default.config.backup_enabled} == true", "field": "\"Automatic Backups Enabled\"", "heading": true, "render_configuration": [{ "icons": [{ "type": "SUCCESS" }] }], "type": "String" },{ "condition": "#{default.config.backup_enabled} == false", "field": "\"Automatic Backups Disabled\"", "heading": true, "render_configuration": [{ "icons": [{ "type": "NOT_AVAILABLE" },{ "type": "DETAIL", "placement": "POST", "tooltip": [{ "text": "\"Please enable automatic backups\"" }] }] }], "type": "String" },{ "condition": "#{default.status.node_backup_statuses}.size() == 0", "field": "\"Not Configured\"", "heading": false, "render_configuration": [{ "icons": [{ "type": "WARNING" }] }], "label": { "text": "Node" }, "type": "String" },{ "condition": "#{default.status.node_backup_statuses}.size() != 0", "field": "#{default.status.node_backup_statuses[0].end_time}", "heading": false, "render_configuration": [{ "condition": "#{default.status.node_backup_statuses[0].success}", "icons": [{ "type": "SUCCESS" }] },{ "condition": "#{default.status.node_backup_statuses[0].success} == false", "icons": [{ "type": "ERROR" }] }], "label": { "text": "Node" }, "type": "Date" }], "_create_user": "admin", "_create_time": 1496911709362, "_last_modified_user": "admin", "_last_modified_time": 1496911709362, "_system_owned": false, "_revision": 0 } Required Permissions: crud Feature: nsx_dashboard Additional Errors:

Returns the Widget Configurations based on query criteria defined in WidgetQueryParameters.

If no query params are specified then all the Widget Configurations of
the specified view are returned.
Request:
Method:
GET
URI Path:
/policy/api/v1/ui-views/<view-id>/widgetconfigurations
Request Headers:
n/a
Query Parameters:
WidgetQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ui-views/dashboard/widgetconfigurations Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
WidgetConfigurationList+

Example Response: { "widgetconfigurations": [ { "id": "LabelValueConfiguration_0de8406c-ab4a-4973-83ef-a1c7a6655c13", "resource_type": "LabelValueConfiguration", "display_name": "Backups", "datasources": [{ "urls": [{ "alias": "config", "url": "api/v1/cluster/backups/config" },{ "alias": "status", "url": "api/v1/cluster/backups/history" }], "display_name": "default" }], "navigation": "nsxapi/index.html#view=systemAdmin/utilities/backup", "footer": { "actions": [{ "dock_to_container_footer": true, "label": { "text": "Configure Backups" }, "url": "nsxapi/index.html#view=systemAdmin/utilities/backup" }] }, "properties": [{ "condition": "#{default.config.backup_enabled} == true", "field": "\"Automatic Backups Enabled\"", "heading": true, "render_configuration": [{ "icons": [{ "type": "SUCCESS" }] }], "type": "String" },{ "condition": "#{default.config.backup_enabled} == false", "field": "\"Automatic Backups Disabled\"", "heading": true, "render_configuration": [{ "icons": [{ "type": "NOT_AVAILABLE" },{ "type": "DETAIL", "placement": "POST", "tooltip": [{ "text": "\"Please enable automatic backups\"" }] }] }], "type": "String" },{ "condition": "#{default.status.node_backup_statuses}.size() == 0", "field": "\"Not Configured\"", "heading": false, "render_configuration": [{ "icons": [{ "type": "WARNING" }] }], "label": { "text": "Node" }, "type": "String" },{ "condition": "#{default.status.node_backup_statuses}.size() != 0", "field": "#{default.status.node_backup_statuses[0].end_time}", "heading": false, "render_configuration": [{ "condition": "#{default.status.node_backup_statuses[0].success}", "icons": [{ "type": "SUCCESS" }] },{ "condition": "#{default.status.node_backup_statuses[0].success} == false", "icons": [{ "type": "ERROR" }] }], "label": { "text": "Node" }, "type": "Date" }], "_create_user": "admin", "_create_time": 1496911709362, "_last_modified_user": "admin", "_last_modified_time": 1496911709362, "_system_owned": false, "_revision": 0 },{ "resource_type": "DonutConfiguration", "id": "DonutConfiguration_1bc7406c-ab4a-4973-aed5-a1c7a6659a87", "display_name": "Transport Nodes", "datasources": [{ "urls": [{ "alias": "status", "url": "api/v1/transport-nodes/status" }], "display_name": "default" }], "navigation": "nsxapi/index.html#view=fabric/nodes/transportnodes&id=", "label": { "text": "Nodes" }, "sections": [{ "template": false, "parts": [{ "field": "#{default.status.degraded_count}", "tooltip": [{ "text": "\"Degraded\"" },{ "text": "#{default.status.degraded_count} + \" Nodes \"" }], "render_configuration": [{ "color": "YELLOW" }], "label": { "text": "Degraded" } },{ "field": "#{default.status.down_count}", "tooltip": [{ "text": "\"Down\"" },{ "text": "#{default.status.down_count} + \" Nodes \"" }], "render_configuration": [{ "color": "RED" }], "label": { "text": "Down" } },{ "field": "#{default.status.up_count}", "tooltip": [{ "text": "\"Up\"" },{ "text": "#{default.status.up_count} + \" Nodes \"" }], "render_configuration": [{ "color": "GREEN" }], "label": { "text": "Up" } },{ "field": "#{default.status.unknown_count}", "tooltip": [{ "text": "\"Unknown\"" },{ "text": "#{default.status.unknown_count} + \" Nodes \"" }], "render_configuration": [{ "color": "GREY" }], "label": { "text": "Unknown" } }] }], "_create_time": 1490707552434, "_create_user": "admin", "_last_modified_time": 1490707552434, "_last_modified_user": "admin", "_system_owned": true, "_revision": 3 }] } Required Permissions: read Feature: nsx_dashboard Additional Errors:

Delete Widget Configuration

Detaches widget from a given view. If the widget is no longer part of any
view, then it will be purged.
Request:
Method:
DELETE
URI Path:
/policy/api/v1/ui-views/<view-id>/widgetconfigurations/<widgetconfiguration-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/ui-views/dashboard_custom/ widgetconfigurations/LabelValueConfiguration_BackupStatus Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nsx_dashboard Additional Errors:

Returns Widget Configuration Information

Returns Information about a specific Widget Configuration.
Request:
Method:
GET
URI Path:
/policy/api/v1/ui-views/<view-id>/widgetconfigurations/<widgetconfiguration-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ui-views/dashboard/widgetconfigurations/ LabelValueConfiguration_BackupStatus Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerConfiguration+
DonutConfiguration+
GraphConfiguration+
GridConfiguration+
LabelValueConfiguration+
MultiWidgetConfiguration+
StatsConfiguration+
WidgetConfiguration+

Example Response: { "id": "LabelValueConfiguration_0de8406c-ab4a-4973-83ef-a1c7a6655c13", "resource_type": "LabelValueConfiguration", "display_name": "Backups", "datasources": [{ "urls": [{ "alias": "config", "url": "api/v1/cluster/backups/config" },{ "alias": "status", "url": "api/v1/cluster/backups/history" }], "display_name": "default" }], "navigation": "nsxapi/index.html#view=systemAdmin/utilities/backup", "footer": { "actions": [{ "dock_to_container_footer": true, "label": { "text": "Configure Backups" }, "url": "nsxapi/index.html#view=systemAdmin/utilities/backup" }] }, "properties": [{ "condition": "#{default.config.backup_enabled} == true", "field": "\"Automatic Backups Enabled\"", "heading": true, "render_configuration": [{ "icons": [{ "type": "SUCCESS" }] }], "type": "String" },{ "condition": "#{default.config.backup_enabled} == false", "field": "\"Automatic Backups Disabled\"", "heading": true, "render_configuration": [{ "icons": [{ "type": "NOT_AVAILABLE" },{ "type": "DETAIL", "placement": "POST", "tooltip": [{ "text": "\"Please enable automatic backups\"" }] }] }], "type": "String" },{ "condition": "#{default.status.node_backup_statuses}.size() == 0", "field": "\"Not Configured\"", "heading": false, "render_configuration": [{ "icons": [{ "type": "WARNING" }] }], "label": { "text": "Node" }, "type": "String" },{ "condition": "#{default.status.node_backup_statuses}.size() != 0", "field": "#{default.status.node_backup_statuses[0].end_time}", "heading": false, "render_configuration": [{ "condition": "#{default.status.node_backup_statuses[0].success}", "icons": [{ "type": "SUCCESS" }] },{ "condition": "#{default.status.node_backup_statuses[0].success} == false", "icons": [{ "type": "ERROR" }] }], "label": { "text": "Node" }, "type": "Date" }], "_create_user": "admin", "_create_time": 1496911709362, "_last_modified_user": "admin", "_last_modified_time": 1496911709362, "_system_owned": false, "_revision": 0 } Required Permissions: read Feature: nsx_dashboard Additional Errors:

Update Widget Configuration

Updates the widget at the given view. If the widget is referenced by other
views, then the widget will be updated in all the views that it is part of.
Request:
Method:
PUT
URI Path:
/policy/api/v1/ui-views/<view-id>/widgetconfigurations/<widgetconfiguration-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ContainerConfiguration+
DonutConfiguration+
GraphConfiguration+
GridConfiguration+
LabelValueConfiguration+
MultiWidgetConfiguration+
StatsConfiguration+
WidgetConfiguration+

Example Request: PUT https://<nsx-mgr>/api/v1/ui-views/dashboard_custom/widgetconfigurations/ LabelValueConfiguration_0de8406c-ab4a-4973-83ef-a1c7a6655c13 { "id": "LabelValueConfiguration_0de8406c-ab4a-4973-83ef-a1c7a6655c13", "resource_type": "LabelValueConfiguration", "display_name": "Backups Updated", "datasources": [{ "urls": [{ "alias": "config", "url": "api/v1/cluster/backups/config" },{ "alias": "status", "url": "api/v1/cluster/backups/history" }], "display_name": "default" }], "navigation": "nsxapi/index.html#view=systemAdmin/utilities/backup", "footer": { "actions": [{ "dock_to_container_footer": true, "label": { "text": "Configure Backups" }, "url": "nsxapi/index.html#view=systemAdmin/utilities/backup" }] }, "properties": [{ "condition": "#{default.config.backup_enabled} == true", "field": "\"Automatic Backups Enabled\"", "heading": true, "render_configuration": [{ "icons": [{ "type": "SUCCESS" }] }], "type": "String" },{ "condition": "#{default.config.backup_enabled} == false", "field": "\"Automatic Backups Disabled\"", "heading": true, "render_configuration": [{ "icons": [{ "type": "NOT_AVAILABLE" },{ "type": "DETAIL", "placement": "POST", "tooltip": [{ "text": "\"Please enable automatic backups\"" }] }] }], "type": "String" },{ "condition": "#{default.status.node_backup_statuses}.size() == 0", "field": "\"Not Configured\"", "heading": false, "render_configuration": [{ "icons": [{ "type": "WARNING" }] }], "label": { "text": "Node" }, "type": "String" },{ "condition": "#{default.status.node_backup_statuses}.size() != 0", "field": "#{default.status.node_backup_statuses[0].end_time}", "heading": false, "render_configuration": [{ "condition": "#{default.status.node_backup_statuses[0].success}", "icons": [{ "type": "SUCCESS" }] },{ "condition": "#{default.status.node_backup_statuses[0].success} == false", "icons": [{ "type": "ERROR" }] }], "label": { "text": "Node" }, "type": "Date" }], "_create_user": "admin", "_create_time": 1496911709362, "_last_modified_user": "admin", "_last_modified_time": 1496911709362, "_system_owned": false, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerConfiguration+
DonutConfiguration+
GraphConfiguration+
GridConfiguration+
LabelValueConfiguration+
MultiWidgetConfiguration+
StatsConfiguration+
WidgetConfiguration+

Example Response: { "id": "LabelValueConfiguration_0de8406c-ab4a-4973-83ef-a1c7a6655c13", "resource_type": "LabelValueConfiguration", "display_name": "Backups Updated", "datasources": [{ "urls": [{ "alias": "config", "url": "api/v1/cluster/backups/config" },{ "alias": "status", "url": "api/v1/cluster/backups/history" }], "display_name": "default" }], "navigation": "nsxapi/index.html#view=systemAdmin/utilities/backup", "footer": { "actions": [{ "dock_to_container_footer": true, "label": { "text": "Configure Backups" }, "url": "nsxapi/index.html#view=systemAdmin/utilities/backup" }] }, "properties": [{ "condition": "#{default.config.backup_enabled} == true", "field": "\"Automatic Backups Enabled\"", "heading": true, "render_configuration": [{ "icons": [{ "type": "SUCCESS" }] }], "type": "String" },{ "condition": "#{default.config.backup_enabled} == false", "field": "\"Automatic Backups Disabled\"", "heading": true, "render_configuration": [{ "icons": [{ "type": "NOT_AVAILABLE" },{ "type": "DETAIL", "placement": "POST", "tooltip": [{ "text": "\"Please enable automatic backups\"" }] }] }], "type": "String" },{ "condition": "#{default.status.node_backup_statuses}.size() == 0", "field": "\"Not Configured\"", "heading": false, "render_configuration": [{ "icons": [{ "type": "WARNING" }] }], "label": { "text": "Node" }, "type": "String" },{ "condition": "#{default.status.node_backup_statuses}.size() != 0", "field": "#{default.status.node_backup_statuses[0].end_time}", "heading": false, "render_configuration": [{ "condition": "#{default.status.node_backup_statuses[0].success}", "icons": [{ "type": "SUCCESS" }] },{ "condition": "#{default.status.node_backup_statuses[0].success} == false", "icons": [{ "type": "ERROR" }] }], "label": { "text": "Node" }, "type": "Date" }], "_create_user": "admin", "_create_time": 1496911718391, "_last_modified_user": "admin", "_last_modified_time": 1496911718391, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: nsx_dashboard Additional Errors:

Management Plane API: Directory Service

Associated URIs:

List all configured domains

Request:
Method:
GET
URI Path:
/api/v1/directory/domains
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/directory/domains Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DirectoryDomainListResults+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "DirectoryAdDomain", "description": "Active directory domain nimbustest.com", "id": "876f66eb-64c1-4b0c-9489-ae8c6ebfcc32", "display_name": "NIMBUS TEST", "ldap_servers": [ { "resource_type": "DirectoryLdapServer", "id": "a8dacae0-6e4f-46b6-a962-eeeea7a3ea37", "display_name": "nimbus ldap test", "protocol": "LDAP", "port": 389, "host": "10.192.210.96", "thumbprint": "3b1f4f3b636569d648a3092fc5b5b00fe4f6ec6abd34de86ae657f4bba22913e", "_last_modified_user": "admin", "_last_modified_time": 1531939962738, "_system_owned": false, "_create_user": "admin", "_create_time": 1531939962738, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "name": "nimbustest.com", "sync_settings": { "delta_sync_interval": 100 }, "base_distinguished_name": "DC=nimbustest,DC=com", "netbios_name": "NIMBUSTEST", "_last_modified_user": "admin", "_last_modified_time": 1531939962695, "_system_owned": false, "_create_user": "admin", "_create_time": 1531936487738, "_protection": "NOT_PROTECTED", "_revision": 2 } ] } Required Permissions: read Feature: directory_service Additional Errors:

Create a directory domain

Request:
Method:
POST
URI Path:
/api/v1/directory/domains
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DirectoryAdDomain+
DirectoryDomain+

Example Request: POST https://<nsx-mgr>/api/v1/directory/domains { "resource_type": "DirectoryAdDomain", "description": "Active directory domain nimbustest.com", "display_name": "NIMBUS TEST", "base_distinguished_name": "DC=nimbustest,DC=com", "netbios_name": "NIMBUSTEST", "name": "nimbustest.com", "ldap_servers": [ { "resource_type": "DirectoryAdLdapServer", "display_name": "nimbus ldap", "host": "10.192.210.96", "username": "dummy", "password": "dummy", "thumbprint": "3b1f4f3b636569d648a3092fc5b5b00fe4f6ec6abd34de86ae657f4bba22913e", "port": 389, "protocol": "LDAP" } ], "sync_settings": { "delta_sync_interval": 100 } } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
DirectoryAdDomain+
DirectoryDomain+

Example Response: { "resource_type": "DirectoryAdDomain", "description": "Active directory domain nimbustest.com", "id": "876f66eb-64c1-4b0c-9489-ae8c6ebfcc32", "name": "nimbustest.com", "display_name": "NIMBUS TEST", "base_distinguished_name": "DC=nimbustest,DC=com", "netbios_name": "NIMBUSTEST", "ldap_servers": [ { "resource_type": "DirectoryLdapServer", "id": "a8dacae0-6e4f-46b6-a962-eeeea7a3ea37", "display_name": "nimbus ldap test", "protocol": "LDAP", "port": 389, "host": "10.192.210.96", "thumbprint": "3b1f4f3b636569d648a3092fc5b5b00fe4f6ec6abd34de86ae657f4bba22913e", "_last_modified_user": "admin", "_last_modified_time": 1531939962738, "_system_owned": false, "_create_user": "admin", "_create_time": 1531939962738, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "sync_settings": { "delta_sync_interval": 100 }, "_last_modified_user": "admin", "_last_modified_time": 1531939962695, "_system_owned": false, "_create_user": "admin", "_create_time": 1531936487738, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: directory_service Additional Errors:

Get a specific domain with given identifier

Request:
Method:
GET
URI Path:
/api/v1/directory/domains/<domain-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/directory/domains/e38b4362-0638-4bbe-89ad-c76cd9b3167d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DirectoryAdDomain+
DirectoryDomain+

Example Response: { "resource_type": "DirectoryAdDomain", "description": "Active directory domain nimbustest.com", "id": "876f66eb-64c1-4b0c-9489-ae8c6ebfcc32", "name": "nimbustest.com", "base_distinguished_name": "DC=nimbustest,DC=com", "netbios_name": "NIMBUSTEST", "display_name": "NIMBUS TEST", "ldap_servers": [ { "resource_type": "DirectoryLdapServer", "id": "fe97b278-e8d9-46f2-81c1-e2ee9a75ec39", "display_name": "nimbus ldap", "protocol": "LDAP", "port": 389, "host": "10.192.210.96", "thumbprint": "3b1f4f3b636569d648a3092fc5b5b00fe4f6ec6abd34de86ae657f4bba22913e", "_last_modified_user": "admin", "_last_modified_time": 1531936690168, "_system_owned": false, "_create_user": "admin", "_create_time": 1531936690168, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "sync_settings": { "delta_sync_interval": 100 }, "_last_modified_user": "admin", "_last_modified_time": 1531936690111, "_system_owned": false, "_create_user": "admin", "_create_time": 1531936487738, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: read Feature: directory_service Additional Errors:

Update a directory domain

Update to any field in the directory domain will trigger a full sync Request:
Method:
PUT
URI Path:
/api/v1/directory/domains/<domain-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DirectoryAdDomain+
DirectoryDomain+

Example Request: PUT https://<nsx-mgr>/api/v1/directory/domains/e38b4362-0638-4bbe-89ad-c76cd9b3167d { "resource_type": "DirectoryAdDomain", "description": "Active directory domain nimbustest.com", "display_name": "NIMBUS TEST", "base_distinguished_name": "DC=nimbustest,DC=com", "netbios_name": "NIMBUSTEST", "name": "nimbustest.com", "ldap_servers": [ { "resource_type": "DirectoryAdLdapServer", "display_name": "nimbus ldap test", "host": "10.192.210.96", "username": "dummy", "password": "dummy", "thumbprint": "3b1f4f3b636569d648a3092fc5b5b00fe4f6ec6abd34de86ae657f4bba22913e", "port": 389, "protocol": "LDAP" } ], "sync_settings": { "delta_sync_interval": 100 }, "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DirectoryAdDomain+
DirectoryDomain+

Example Response: { "resource_type": "DirectoryAdDomain", "description": "Active directory domain nimbustest.com", "id": "876f66eb-64c1-4b0c-9489-ae8c6ebfcc32", "name": "nimbustest.com", "display_name": "NIMBUS TEST", "base_distinguished_name": "DC=nimbustest,DC=com", "netbios_name": "NIMBUSTEST", "ldap_servers": [ { "resource_type": "DirectoryLdapServer", "id": "a8dacae0-6e4f-46b6-a962-eeeea7a3ea37", "display_name": "nimbus ldap test", "protocol": "LDAP", "port": 389, "host": "10.192.210.96", "thumbprint": "3b1f4f3b636569d648a3092fc5b5b00fe4f6ec6abd34de86ae657f4bba22913e", "_last_modified_user": "admin", "_last_modified_time": 1531939962738, "_system_owned": false, "_create_user": "admin", "_create_time": 1531939962738, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "sync_settings": { "delta_sync_interval": 100 }, "_last_modified_user": "admin", "_last_modified_time": 1531939962695, "_system_owned": false, "_create_user": "admin", "_create_time": 1531936487738, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: crud Feature: directory_service Additional Errors:

Invoke full sync or delta sync for a specific domain, with additional delay in seconds if needed. Stop sync will try to stop any pending sync if any to return to idle state.

Request:
Method:
POST
URI Path:
/api/v1/directory/domains/<domain-id>
Request Headers:
n/a
Query Parameters:
DirectoryDomainSyncRequest+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/directory/123e4567-e89b-12d3-a456-42665544000?action=FULL_SYNC&delay=100 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: directory_service Additional Errors:

Delete a specific domain with given identifier

Request:
Method:
DELETE
URI Path:
/api/v1/directory/domains/<domain-id>
Request Headers:
n/a
Query Parameters:
DirectoryDomanDeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/directory/domains/e38b4362-0638-4bbe-89ad-c76cd9b3167d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: directory_service Additional Errors:

Search for directory groups within a domain based on the substring of a distinguished name. (e.g. CN=User,DC=acme,DC=com) The search filter pattern can optionally support multiple (up to 100 maximum) search pattern separated by '|' (url encoded %7C). In this case, the search results will be returned as the union of all matching criteria. (e.g. CN=Ann,CN=Users,DC=acme,DC=com|CN=Bob,CN=Users,DC=acme,DC=com)

Request:
Method:
GET
URI Path:
/api/v1/directory/domains/<domain-id>/groups
Request Headers:
n/a
Query Parameters:
DirectorySearchFilterValue+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/directory/domains/123e4567-e89b-12d3-a456-42665544000/groups?filter_value=move Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DirectoryGroupListResults+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 2, "results": [ { "resource_type": "DirectoryGroup", "id": "a436e3ca-cf95-444e-bfa9-c36462063c02", "display_name": "movegrp1", "domain_id": "63329cea-99ae-4060-a5ae-f0da6ab67ef6", "distinguished_name": "CN=movegrp1,CN=Users,DC=nimbustest,DC=com", "_create_user": "system", "_create_time": 1516656516152, "_last_modified_user": "system", "_last_modified_time": 1516656517034, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 }, { "resource_type": "DirectoryGroup", "id": "ff56d298-8a9d-4da2-81ac-043f34fd2e15", "display_name": "movegrp2", "domain_id": "63329cea-99ae-4060-a5ae-f0da6ab67ef6", "distinguished_name": "CN=movegrp2,CN=Users,DC=nimbustest,DC=com", "_create_user": "system", "_create_time": 1516656516151, "_last_modified_user": "system", "_last_modified_time": 1516656517034, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: directory_service Additional Errors:

List members of a directory group

A member group could be either direct member of the group specified by group_id or nested member of it. Both direct member groups and nested member groups are returned. Request:
Method:
GET
URI Path:
/api/v1/directory/domains/<domain-id>/groups/<group-id>/member-groups
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/directory/domains/123e4567-e89b-12d3-a456-42665544000/groups/1abfda06-fc00-11e7-8450-fea9aa178066/member-groups Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DirectoryGroupMemberListResults+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "DirectoryGroupMember", "id": "877c5fd0-7ee2-424e-9bff-66a169f6ded4", "display_name": "877c5fd0-7ee2-424e-9bff-66a169f6ded4", "group_id": "1bd85e69-6eac-416c-80c0-bd8203d76146", "group_distinguished_name": "CN=test6grp,CN=Users,DC=nimbustest,DC=com", "member_group_id": "2cab9258-3413-4787-8d9e-60986985cd3a", "member_group_distinguished_name": "CN=test5grp,CN=Users,DC=nimbustest,DC=com", "_last_modified_user": "system", "_last_modified_time": 1516663042822, "_system_owned": false, "_create_user": "system", "_create_time": 1516661730906, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: directory_service Additional Errors:

Create a LDAP server for directory domain

More than one LDAP server can be created and only one LDAP server is used to synchronize directory objects. If more than one LDAP server is configured, NSX will try all the servers until it is able to successfully connect to one. Request:
Method:
POST
URI Path:
/api/v1/directory/domains/<domain-id>/ldap-servers
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DirectoryLdapServer+

Example Request: POST https://<nsx-mgr>/api/v1/directory/domains/756c3f9f-c03a-43fc-9414-400a1891a239/ldap-servers { "host": "10.161.34.143", "username": "dummy", "password": "dummy", "display_name": "nimbus LDAP", "thumbprint": "3b1f4f3b636569d648a3092fc5b5b00fe4f6ec6abd34de86ae657f4bba22913e", "port": 389, "protocol": "LDAP", "enabled": true } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
DirectoryLdapServer+

Example Response: { "resource_type": "DirectoryLdapServer", "id": "01ad13c6-23c1-4175-ad3f-881eac8e45ef", "display_name": "nimbus LDAP", "protocol": "LDAP", "port": 389, "host": "10.161.34.143", "thumbprint": "3b1f4f3b636569d648a3092fc5b5b00fe4f6ec6abd34de86ae657f4bba22913e", "enabled": true, "_create_user": "admin", "_create_time": 1521154561239, "_last_modified_user": "admin", "_last_modified_time": 1521154561239, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: directory_service Additional Errors:

List all configured domain LDAP servers

Request:
Method:
GET
URI Path:
/api/v1/directory/domains/<domain-id>/ldap-servers
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/directory/domains/756c3f9f-c03a-43fc-9414-400a1891a239/ldap-servers Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DirectoryLdapServerListResults+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "DirectoryLdapServer", "id": "01ad13c6-23c1-4175-ad3f-881eac8e45ef", "display_name": "nimbus test LDAP", "protocol": "LDAP", "port": 389, "host": "10.161.34.143", "thumbprint": "3b1f4f3b636569d648a3092fc5b5b00fe4f6ec6abd34de86ae657f4bba22913e", "enabled": true, "_create_user": "admin", "_create_time": 1521154561239, "_last_modified_user": "admin", "_last_modified_time": 1521154779064, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: directory_service Additional Errors:

Test a LDAP server connection for directory domain

The API tests a LDAP server connection for an already configured domain. If the connection is successful, the response will be HTTP status 200. Otherwise the response will be HTTP status 500 and corresponding error message will be returned. Request:
Method:
POST
URI Path:
/api/v1/directory/domains/<domain-id>/ldap-servers/<server-id>
Request Headers:
n/a
Query Parameters:
DirectoryLdapServerTestParameters+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/directory/domains/756c3f9f-c03a-43fc-9414-400a1891a239/ldap-servers/01ad13c6-23c1-4175-ad3f-881eac8e45ef?action=CONNECTIVITY Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: directory_service Additional Errors:

Delete a LDAP server for directory domain

Request:
Method:
DELETE
URI Path:
/api/v1/directory/domains/<domain-id>/ldap-servers/<server-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/directory/domains/123e4567-e89b-12d3-a456-42665544000/ldap-servers/01ad13c6-23c1-4175-ad3f-881eac8e45ef Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: directory_service Additional Errors:

Update a LDAP server for directory domain

Request:
Method:
PUT
URI Path:
/api/v1/directory/domains/<domain-id>/ldap-servers/<server-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DirectoryLdapServer+

Example Request: PUT https://<nsx-mgr>/api/v1/directory/domains/756c3f9f-c03a-43fc-9414-400a1891a239/ldap-servers/01ad13c6-23c1-4175-ad3f-881eac8e45ef { "host": "10.161.34.143", "username": "dummy", "password": "dummy", "display_name": "nimbus test LDAP", "thumbprint": "3b1f4f3b636569d648a3092fc5b5b00fe4f6ec6abd34de86ae657f4bba22913e", "port": 389, "protocol": "LDAP", "enabled": true "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DirectoryLdapServer+

Example Response: { "resource_type": "DirectoryLdapServer", "id": "01ad13c6-23c1-4175-ad3f-881eac8e45ef", "display_name": "nimbus test LDAP", "protocol": "LDAP", "port": 389, "host": "10.161.34.143", "thumbprint": "3b1f4f3b636569d648a3092fc5b5b00fe4f6ec6abd34de86ae657f4bba22913e", "enabled": true, "_create_user": "admin", "_create_time": 1521154561239, "_last_modified_user": "admin", "_last_modified_time": 1521154779064, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: directory_service Additional Errors:

Get a specific LDAP server for a given directory domain

Request:
Method:
GET
URI Path:
/api/v1/directory/domains/<domain-id>/ldap-servers/<server-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/directory/domains/756c3f9f-c03a-43fc-9414-400a1891a239/ldap-servers/01ad13c6-23c1-4175-ad3f-881eac8e45ef Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DirectoryLdapServer+

Example Response: { "resource_type": "DirectoryLdapServer", "id": "01ad13c6-23c1-4175-ad3f-881eac8e45ef", "display_name": "nimbus test LDAP", "protocol": "LDAP", "port": 389, "host": "10.161.34.143", "thumbprint": "3b1f4f3b636569d648a3092fc5b5b00fe4f6ec6abd34de86ae657f4bba22913e", "enabled": true, "_create_user": "admin", "_create_time": 1521154561239, "_last_modified_user": "admin", "_last_modified_time": 1521154779064, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: read Feature: directory_service Additional Errors:

Get domain sync statistics for the given identifier

Request:
Method:
GET
URI Path:
/api/v1/directory/domains/<domain-id>/sync-stats
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/directory/domains/123e4567-e89b-12d3-a456-426655440000/sync-stats Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DirectoryDomainSyncStats+

Example Response: { "current_state": "FULL_SYNC", "current_state_begin_time": 1507573933, "avg_full_sync_time": 25, "num_full_sync": 234, "avg_delta_sync_time": 2, "num_delta_sync": 12345, "prev_sync_type": "DeltaSync", "prev_sync_status": "Success", "prev_sync_error": "Failed due to improper LDAP server", "prev_sync_finish_time": 1507578611, } Required Permissions: read Feature: directory_service Additional Errors:

Test a directory domain LDAP server connectivity

This API tests a LDAP server connectivity before the actual domain or LDAP server is configured. If the connectivity is good, the response will be HTTP status 200. Otherwise the response will be HTTP status 500 and corresponding error message will be returned. Request:
Method:
POST
URI Path:
/api/v1/directory/ldap-server
Request Headers:
n/a
Query Parameters:
DirectoryLdapServerTestParameters+
Request Body:
DirectoryLdapServer+

Example Request: POST https://<nsx-mgr>/api/v1/directory/ldap-server?action=CONNECTIVITY { "domain_name": "nimbustest.com", "username": "dummy", "password": "dummy", "host": "10.161.34.143", "display_name": "nimbus LDAP", "thumbprint": "3b1f4f3b636569d648a3092fc5b5b00fe4f6ec6abd34de86ae657f4bba22913e", "port": 389, "protocol": "LDAP", "enabled": true } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DirectoryLdapServerStatus+

Example Response: { "error_id": 38519, "error_message": "LDAP server 1.1.1.1 connection failed during verification." } Required Permissions: crud Feature: directory_service Additional Errors:

Management Plane API: Error Resolver

Associated URIs:

Fetches a list of metadata for all the registered error resolvers

Returns a list of metadata for all the error resolvers registered.
Request:
Method:
GET
URI Path:
/api/v1/error-resolver
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/error-resolver Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ErrorResolverInfoList+

Example Response: { "results": [ { "user_metadata": { "user_input_list": [ { "property_value": "1000", "property_name": "connectTimeout", "data_type": "NUMBER" } ] }, "error_id": 1002, "resolver_present": true }, { "user_metadata": {}, "error_id": 1001, "resolver_present": true } ] } Required Permissions: read Feature: error_resolver Additional Errors:

Fetches metadata about the given error_id

Returns some metadata about the given error_id. This includes
information of whether there is a resolver present for the
given error_id and its associated user input data
Request:
Method:
GET
URI Path:
/api/v1/error-resolver/<error_id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/error-resolver/1002 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ErrorResolverInfo+

Example Response: { "user_metadata": { "user_input_list": [ { "property_value": "1000", "property_name": "connectTimeout", "data_type": "NUMBER" } ] }, "error_id": 1002, "resolver_present": true } Required Permissions: read Feature: error_resolver Additional Errors:

Resolves the error

Invokes the corresponding error resolver for the
given error(s) present in the payload
Request:
Method:
POST
URI Path:
/api/v1/error-resolver?action=resolve_error
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ErrorResolverMetadataList+

Example Request: POST https://<nsx-mgr>/api/v1/error-resolver?action=resolve_error { "errors": [ { "user_metadata": { "user_input_list": [ { "property_value": "default", "property_name": "password", "data_type": "PASSWORD" }, { } ] }, "error_id": 1001, "entity_id": "a123-b234-c355-d3333" } ] } Successful Response:
Response Code:
204 No Content
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: error_resolver Additional Errors:

Management Plane API: Fabric

Management Plane API: Fabric: Compute Collections

Associated URIs:

Create a compute collection fabric template

Fabric templates are fabric configurations applied at the compute collection level. This configurations is used to decide what automated operations should be a run when a host membership changes. Request:
Method:
POST
URI Path:
/api/v1/fabric/compute-collection-fabric-templates
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ComputeCollectionFabricTemplate+

Example Request: POST https://<nsx-mgr>/api/v1/fabric/compute-collection-fabric-templates { "compute_collection_id" : "ead58c04-d19a-11e6-bf26-cec0c932ce01", "auto_install_nsx": true } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ComputeCollectionFabricTemplate+

Example Response: { "id": "5c669dc6-47a8-4508-3077-6a48f26c5a4g", "compute_collection_id" : "ead58c04-d19a-11e6-bf26-cec0c932ce01", "auto_install_nsx": true "_last_modified_time": 1457984381234, "_create_time": 1457984381234, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Get compute collection fabric templates

Returns compute collection fabric templates Request:
Method:
GET
URI Path:
/api/v1/fabric/compute-collection-fabric-templates
Request Headers:
n/a
Query Parameters:
ComputeCollectionFabricTemplateListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/compute-collection-fabric-templates?compute_collection_id=ead58c04-d19a-11e6-bf26-cec0c932ce01 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeCollectionFabricTemplateListResult+

Example Response: { "results": [ { "id": "5c669dc6-47a8-4508-3077-6a48f26c5a4g", "compute_collection_id" : "ead58c04-d19a-11e6-bf26-cec0c932ce01", "auto_install_nsx": true "_last_modified_time": 1457984381234, "_create_time": 1457984381234, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 1 } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Deletes compute collection fabric template

Deletes compute collection fabric template for the given id Request:
Method:
DELETE
URI Path:
/api/v1/fabric/compute-collection-fabric-templates/<fabric-template-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/fabric/compute-collection-fabric-templates/5c669dc6-47a8-4508-3077-6a48f26c5a4g Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Get compute collection fabric template by id

Get compute collection fabric template for the given id Request:
Method:
GET
URI Path:
/api/v1/fabric/compute-collection-fabric-templates/<fabric-template-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/compute-collection-fabric-templates/5c669dc6-47a8-4508-3077-6a48f26c5a4g Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeCollectionFabricTemplate+

Example Response: { "id": "5c669dc6-47a8-4508-3077-6a48f26c5a4g", "compute_collection_id" : "ead58c04-d19a-11e6-bf26-cec0c932ce01", "auto_install_nsx": true "_last_modified_time": 1457984381234, "_create_time": 1457984381234, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 1 } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Updates compute collection fabric template

Updates compute collection fabric template for the given id Request:
Method:
PUT
URI Path:
/api/v1/fabric/compute-collection-fabric-templates/<fabric-template-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ComputeCollectionFabricTemplate+

Example Request: PUT https://<nsx-mgr>/api/v1/fabric/compute-collection-fabric-templates/5c669dc6-47a8-4508-3077-6a48f26c5a4g { "compute_collection_id" : "ead58c04-d19a-11e6-bf26-cec0c932ce01", "auto_install_nsx": true, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeCollectionFabricTemplate+

Example Response: { "id": "5c669dc6-47a8-4508-3077-6a48f26c5a4g", "compute_collection_id" : "ead58c04-d19a-11e6-bf26-cec0c932ce01", "auto_install_nsx": true "_last_modified_time": 1457984381234, "_create_time": 1457984381234, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Return the List of Compute Collections

Returns information about all compute collections. Request:
Method:
GET
URI Path:
/api/v1/fabric/compute-collections
Request Headers:
n/a
Query Parameters:
ComputeCollectionListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/compute-collections Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeCollectionListResult+

Example Response: { "cursor": "003653b55e00-e5c1-11e5-a549-005056b18ef8", "result_count": 2, "results": [ { "display_name": "cluster-2", "origin_type": "VC_Cluster", "external_id": "b0ba10c8-d193-11e6-bf26-cec0c932ce01:domain-c34", "origin_id": "b0ba10c8-d193-11e6-bf26-cec0c932ce01", "cm_local_id": "domain-c34", "origin_properties": [] }, { "display_name": "cluster-1", "origin_type": "VC_Cluster", "external_id": "b0ba10c8-d193-11e6-bf26-cec0c932ce01:domain-c32", "origin_id": "b0ba10c8-d193-11e6-bf26-cec0c932ce01", "cm_local_id": "domain-c32", "origin_properties": [] } ] } Required Permissions: read Feature: compute_managers_inventory Additional Errors:

Perform action specific to NSX on the compute-collection. cc-ext-id should be of type VC_Cluster.

Request:
Method:
POST
URI Path:
/api/v1/fabric/compute-collections/<cc-ext-id>
Request Headers:
n/a
Query Parameters:
ComputeCollectionAction+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/fabric/compute-collections/5c669dc6-47a8-4508-3077-6a48f26c5a4g?action=remove_nsx Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: compute_managers_inventory Additional Errors:

Return Compute Collection Information

Returns information about a specific compute collection. Request:
Method:
GET
URI Path:
/api/v1/fabric/compute-collections/<cc-ext-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/compute-collections/ead58c04-d19a-11e6-bf26-cec0c932ce01:domain-c32 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeCollection+

Example Response: { "display_name": "cluster-1", "origin_type": "VC_Cluster", "external_id": "b0ba10c8-d193-11e6-bf26-cec0c932ce01:domain-c32", "origin_id": "b0ba10c8-d193-11e6-bf26-cec0c932ce01", "cm_local_id": "domain-c32", "origin_properties": [] } Required Permissions: read Feature: compute_managers_inventory Additional Errors:

Get status of member host nodes of the compute-collection. Only nsx prepared host nodes in the specified compute-collection are included in the response. cc-ext-id should be of type VC_Cluster.

Request:
Method:
GET
URI Path:
/api/v1/fabric/compute-collections/<cc-ext-id>/member-status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/compute-collections/5c669dc6-47a8-4508-3077-6a48f26c5a4g/member-status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
HostNodeStatusListResult+

Example Response: { "results": [ { "node_id": "44db0cc5-1aa3-431f-9071-e05f1f52bc2e", "configStatus": "success", "deployment_status": "INSTALL_SUCCESSFUL" }, { "node_id": "51afc1db-cb8c-4082-84aa-c586fca8a3c4", "deployment_status": "UNINSTALL_IN_PROGRESS" } ] } Required Permissions: read Feature: compute_managers_inventory Additional Errors:

List the Physical Network Interface for all discovered nodes

Returns list of physical network interfaces for all discovered nodes in
compute collection. Interface information includes PNIC name, hostswitch
name it's attached to(if any) and MAC address.
Request:
Method:
GET
URI Path:
/api/v1/fabric/compute-collections/<cc-ext-id>/network/physical-interfaces
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/compute-collections/06ffbcc9-3c2d-4a23-88e6-abcf450f972f:domain-c8/network/physical-interfaces Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeCollectionNetworkInterfacesListResult+

Example Response: { "result_count": 1, "results": [ { "discovered_node_id": "06ffbcc9-3c2d-4a23-88e6-abcf450f972f:host-21", "network_interfaces": [ { "physical_address": "02:00:45:81:31:c2" "interface_id": "vmnic0", "connected_switch": "vSwitch0" }, { "physical_address": "02:00:45:b1:cf:e8" "interface_id": "vmnic1", "connected_switch": "nsxvswitch" } ] } ] } Required Permissions: read Feature: compute_managers_inventory Additional Errors:

Management Plane API: Fabric: Compute Managers

Associated URIs:

Return the List of Compute managers

Returns information about all compute managers. Request:
Method:
GET
URI Path:
/api/v1/fabric/compute-managers
Request Headers:
n/a
Query Parameters:
ComputeManagerListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/compute-managers Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeManagerListResult+

Example Response: { "cursor": "00364a60d899-7b2b-4983-8254-41be3aba6472cm1", "result_count": 2, "results": [ { "id": "cf1f01db-e5b3-4688-9c1e-5f47d335fb01", "server": "192.168.210.54", "origin_type": "vCenter", "credential" : { "credential_type" : "UsernamePasswordLoginCredential", "thumbprint": "3A:21:22:A6:72:28:DA:EC:9D:05:AF:0B:B5:C6:44:CC:52:8D:54:AC" } "origin_properties": [] }, { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7", "server": "10.112.3.45", "origin_type": "vCenter", "credential" : { "credential_type" : "UsernamePasswordLoginCredential", "thumbprint": "4B:67:22:A6:72:28:DA:EC:9D:05:AF:0B:B5:C6:44:CC:52:8D:54:AC" } "origin_properties": [] } } Required Permissions: read Feature: compute_managers_compute_managers Additional Errors:

Register compute manager with NSX

Registers compute manager with NSX. Inventory service will collect
data from the registered compute manager
Request:
Method:
POST
URI Path:
/api/v1/fabric/compute-managers
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ComputeManager+

Example Request: POST https://<nsx-mgr>/api/v1/fabric/compute-managers { "server": "192.168.210.54", "origin_type": "vCenter", "credential" : { "credential_type" : "UsernamePasswordLoginCredential", "username": "user1", "password": "password", "thumbprint": "3A:21:22:A6:72:28:DA:EC:9D:05:AF:0B:B5:C6:44:CC:52:8D:54:AC" } } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ComputeManager+

Example Response: { "id": "cf1f01db-e5b3-4688-9c1e-5f47d335fb01", "server": "192.168.210.54", "origin_type": "vCenter", "credential" : { "credential_type" : "UsernamePasswordLoginCredential", "thumbprint": "3A:21:22:A6:72:28:DA:EC:9D:05:AF:0B:B5:C6:44:CC:52:8D:54:AC" } "origin_properties": [] } Required Permissions: crud Feature: compute_managers_compute_managers Additional Errors:

Return compute manager Information

Returns information about a specific compute manager Request:
Method:
GET
URI Path:
/api/v1/fabric/compute-managers/<compute-manager-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/compute-managers/564dab50-63a0-8b4f-a1f8-20e4d36efc3b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeManager+

Example Response: { "id": "cf1f01db-e5b3-4688-9c1e-5f47d335fb01", "server": "192.168.210.54", "origin_type": "vCenter", "credential" : { "credential_type" : "UsernamePasswordLoginCredential", "thumbprint": "3A:21:22:A6:72:28:DA:EC:9D:05:AF:0B:B5:C6:44:CC:52:8D:54:AC" } "origin_properties": [] } Required Permissions: read Feature: compute_managers_compute_managers Additional Errors:

Update compute manager

Updates a specified compute manager
Request:
Method:
PUT
URI Path:
/api/v1/fabric/compute-managers/<compute-manager-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ComputeManager+

Example Request: PUT https://<nsx-mgr>/api/v1/fabric/compute-managers/cf1f01db-e5b3-4688-9c1e-5f47d335fb01 { "id": "cf1f01db-e5b3-4688-9c1e-5f47d335fb01", "server": "10.112.3.45", "origin_type": "vCenter", "credential" : { "credential_type" : "UsernamePasswordLoginCredential", "username": "user2", "password": "somepassword", "thumbprint": "3A:21:22:A6:72:28:DA:EC:9D:05:AF:0B:B5:C6:44:CC:52:8D:54:AC" }, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeManager+

Example Response: { "id": "cf1f01db-e5b3-4688-9c1e-5f47d335fb01", "server": "10.112.3.45", "origin_type": "vCenter", "credential" : { "credential_type" : "UsernamePasswordLoginCredential", "thumbprint": "3A:21:22:A6:72:28:DA:EC:9D:05:AF:0B:B5:C6:44:CC:52:8D:54:AC" } "origin_properties": [], "_revision": 1 } Required Permissions: crud Feature: compute_managers_compute_managers Additional Errors:

Unregister a compute manager

Unregisters a specified compute manager
Request:
Method:
DELETE
URI Path:
/api/v1/fabric/compute-managers/<compute-manager-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/fabric/compute-managers/564dab50-63a0-8b4f-a1f8-20e4d36efc3b Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: compute_managers_compute_managers Additional Errors:

Get the realized state of a compute manager

Request:
Method:
GET
URI Path:
/api/v1/fabric/compute-managers/<compute-manager-id>/state
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/compute-managers/8538f119-ba45-4fb1-9cf1-ee849e4cf168/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ConfigurationState+

Example Response: { "details": [], "state": "success" } Required Permissions: read Feature: compute_managers_compute_managers Additional Errors:

Return runtime status information for a compute manager

Returns connection and version information about a compute manager
Request:
Method:
GET
URI Path:
/api/v1/fabric/compute-managers/<compute-manager-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/compute-managers/90b3ee63-82fe-11e5-b403-fd59414c0c52/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeManagerStatus+

Example Response: { "id": "cf1f01db-e5b3-4688-9c1e-5f47d335fb01", "last_sync_time": 1446675283540, "version" : "6.5", "connection_status": "DOWN", "connection_status": "Cannot connect to VC", "registration_status" : "UNREGISTERED", "registration_errors" : [ { "error_message" : "Compute manager registration failed with server 10.192.188.95 due to error in rest call.", "timestamp" : 1493784925269 } ] } Required Permissions: read Feature: compute_managers_compute_managers Additional Errors:

Management Plane API: Fabric: Container Applications

Associated URIs:

Return the list of container application instance

Returns information about all container application instance. Request:
Method:
GET
URI Path:
/api/v1/fabric/container-application-instances
Request Headers:
n/a
Query Parameters:
ContainerApplicationInstanceListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/container-application-instances Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerApplicationInstanceListResult+

Example Response: { "results": [ { "external_id": "a2068f56-6026-11e9-980c-dca9048e157d", "container_cluster_id": "a19ad270-6026-11e9-980c-dca9048e157d", "container_project_id": "a1ba2e72-6026-11e9-980c-dca9048e157d", "container_application_ids": [ "a1e60b5a-6026-11e9-980c-dca9048e157d" ], "tags": [ { "scope": "dis:k8s:key0", "tag": "val0" } ], "origin_properties": [ { "key": "prop0", "value": "val0" } ], "status": "UP", "resource_type": "ContainerApplicationInstance", "display_name": "app-instance-1", "_last_sync_time": 1555405475693 }, { "external_id": "a206a4dc-6026-11e9-980c-dca9048e157d", "container_cluster_id": "a19ad270-6026-11e9-980c-dca9048e157d", "container_project_id": "a1ba31a6-6026-11e9-980c-dca9048e157d", "container_application_ids": [ "a1e6144c-6026-11e9-980c-dca9048e157d" ], "tags": [ { "scope": "dis:k8s:key1", "tag": "val1" } ], "origin_properties": [ { "key": "prop0", "value": "val0" } ], "status": "UNKNOWN", "resource_type": "ContainerApplicationInstance", "display_name": "app-instance-2", "_last_sync_time": 1555405475703 } ], "result_count": 2, "sort_by": "displayName", "sort_ascending": true } Required Permissions: read Feature: containers_inventory Additional Errors:

Return a container application instance

Returns information about a specific container application instance. Request:
Method:
GET
URI Path:
/api/v1/fabric/container-application-instances/<container-application-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/container-application-instances/a2068f56-6026-11e9-980c-dca9048e157d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerApplicationInstance+

Example Response: { "external_id": "a2068f56-6026-11e9-980c-dca9048e157d", "container_cluster_id": "a19ad270-6026-11e9-980c-dca9048e157d", "container_project_id": "a1ba2e72-6026-11e9-980c-dca9048e157d", "container_application_ids": [ "a1e60b5a-6026-11e9-980c-dca9048e157d" ], "tags": [ { "scope": "dis:k8s:key", "tag": "val" } ], "origin_properties": [ { "key": "prop0", "value": "val0" } ], "status": "UP", "resource_type": "ContainerApplicationInstance", "display_name": "app-instance-1", "_last_sync_time": 1555405475693 } Required Permissions: read Feature: containers_inventory Additional Errors:

Return the List of Container Applications

Returns information about all Container Applications. Request:
Method:
GET
URI Path:
/api/v1/fabric/container-applications
Request Headers:
n/a
Query Parameters:
ContainerObjectsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/container-applications Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerApplicationListResult+

Example Response: { "results": [ { "external_id": "a1e60b5a-6026-11e9-980c-dca9048e157d", "container_cluster_id": "a19ad270-6026-11e9-980c-dca9048e157d", "container_project_id": "a1ba2e72-6026-11e9-980c-dca9048e157d", "tags": [ { "scope": "dis:k8s:key1", "tag": "val1" } ], "origin_properties": [ { "key": "prop0", "value": "val0" } ], "status": "UP", "resource_type": "ContainerApplication", "display_name": "app-1", "_last_sync_time": 1555405471800 }, { "external_id": "a1e623a6-6026-11e9-980c-dca9048e157d", "container_cluster_id": "a19ad644-6026-11e9-980c-dca9048e157d", "container_project_id": "a1ba3688-6026-11e9-980c-dca9048e157d", "tags": [ { "scope": "dis:k8s:key", "tag": "val" } ], "origin_properties": [ { "key": "prop0", "value": "val0" } ], "status": "DOWN", "resource_type": "ContainerApplication", "display_name": "app-2", "_last_sync_time": 1555405472878 } ], "result_count": 2, "sort_by": "displayName", "sort_ascending": true } Required Permissions: read Feature: containers_inventory Additional Errors:

Return a Container Application within a container project

Returns information about a specific Container Application within a project. Request:
Method:
GET
URI Path:
/api/v1/fabric/container-applications/<container-application-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/container-applications/a1e60b5a-6026-11e9-980c-dca9048e157d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerApplication+

Example Response: { "external_id": "a1e60b5a-6026-11e9-980c-dca9048e157d", "container_cluster_id": "a19ad270-6026-11e9-980c-dca9048e157d", "container_project_id": "a1ba2e72-6026-11e9-980c-dca9048e157d", "tags": [ { "scope": "dis:k8s:key", "tag": "val" } ], "origin_properties": [ { "key": "prop0", "value": "val0" } ], "status": "UP", "resource_type": "ContainerApplication", "display_name": "app-1", "_last_sync_time": 1555405471800 } Required Permissions: read Feature: containers_inventory Additional Errors:

Management Plane API: Fabric: Container Clusters

Associated URIs:

Return the list of container cluster nodes

Returns information about all container cluster nodes. Request:
Method:
GET
URI Path:
/api/v1/fabric/container-cluster-nodes
Request Headers:
n/a
Query Parameters:
ContainerClusterFilterParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/container-cluster-nodes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerClusterNodeListResult+

Example Response: { "results": [ { "external_id": "cdd8569c-5934-11e9-b657-000c296a0506", "container_cluster_id": "a19ad270-6026-11e9-980c-dca9048e157d", "tags": [ { "scope": "dis:k8s:key", "tag": "val" } ], "origin_properties": [], "resource_type": "ContainerClusterNode", "display_name": "sc2-rdops-vm02-dhcp-70-93", "_last_sync_time": 1555666926606 } ], "result_count": 1, "sort_by": "displayName", "sort_ascending": true } Required Permissions: read Feature: containers_inventory Additional Errors:

Return a container cluster node

Returns information about a specific container cluster node. Request:
Method:
GET
URI Path:
/api/v1/fabric/container-cluster-nodes/<container-cluster-node-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/container-cluster-nodes/cdd8569c-5934-11e9-b657-000c296a0506 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerClusterNode+

Example Response: { "external_id": "cdd8569c-5934-11e9-b657-000c296a0506", "container_cluster_id": "b8b0889f-338c-5c65-98bd-a5642ae2aa00", "tags": [ { "scope": "dis:k8s:key", "tag": "val" } ], "origin_properties": [], "resource_type": "ContainerClusterNode", "display_name": "sc2-rdops-vm02-dhcp-70-93", "_last_sync_time": 1555666926606 } Required Permissions: read Feature: containers_inventory Additional Errors:

Return the List of Container Clusters

Returns information about all Container Clusters. Request:
Method:
GET
URI Path:
/api/v1/fabric/container-clusters
Request Headers:
n/a
Query Parameters:
ContainerClusterPropertiesFilterParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/container-clusters Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerClusterListResult+

Example Response: { "results": [ { "external_id": "b8b0889f-338c-5c65-98bd-a5642ae2aa03", "cluster_type": "PKS", "infrastructure": { "infra_type": "AWS" }, "origin_properties": [ { "key": "prop1", "value": "val1" } ], "resource_type": "ContainerCluster", "display_name": "Cluster-1", "_last_sync_time": 1555405468523 }, { "external_id": "b8b0889f-338c-5c65-98bd-a5642ae2aa04", "cluster_type": "Kubernetes", "infrastructure": { "infra_type": "vSphere" }, "origin_properties": [ { "key": "prop2", "value": "val2" } ], "resource_type": "ContainerCluster", "display_name": "Cluster-2", "_last_sync_time": 1555405468659 }, ], "result_count": 2, "sort_by": "displayName", "sort_ascending": true } Required Permissions: read Feature: containers_inventory Additional Errors:

Return a container cluster

Returns information about a specific container cluster Request:
Method:
GET
URI Path:
/api/v1/fabric/container-clusters/<container-cluster-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/container-clusters/a19ad270-6026-11e9-980c-dca9048e157d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerCluster+

Example Response: { "external_id": "a19ad270-6026-11e9-980c-dca9048e157d", "cluster_type": "Kubernetes", "infrastructure": { "infra_type": "vSphere" }, "origin_properties": [], "resource_type": "ContainerCluster", "display_name": "cluster-1", "_last_sync_time": 1555405468523 } Required Permissions: read Feature: containers_inventory Additional Errors:

Return the List of Container Ingress Policies

Returns information about all ingress policies. Request:
Method:
GET
URI Path:
/api/v1/fabric/container-ingress-policies
Request Headers:
n/a
Query Parameters:
ContainerObjectsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/container-ingress-policies Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerIngressPolicyListResult+

Example Response: { "results": [ { "external_id": "a241768e-6026-11e9-980c-dca9048e157d", "container_cluster_id": "a19ad270-6026-11e9-980c-dca9048e157d", "container_project_id": "a1ba2e72-6026-11e9-980c-dca9048e157d", "spec": "!!python/unicode 'podSelector':\n !!python/unicode 'matchLabels': {!!python/unicode 'app': !!python/unicode 'mgmtapp'}\n!!python/unicode 'policyTypes': [!!python/unicode 'Ingress']\n", "origin_properties": [ { "key": "prop0", "value": "val0" } ], "resource_type": "ContainerIngressPolicy", "display_name": "ingress-1", "_last_sync_time": 1555405484377 }, { "external_id": "a2418f70-6026-11e9-980c-dca9048e157d", "container_cluster_id": "a19ad644-6026-11e9-980c-dca9048e157d", "container_project_id": "a1ba3688-6026-11e9-980c-dca9048e157d", "spec": "!!python/unicode 'podSelector':\n !!python/unicode 'matchLabels': {!!python/unicode 'app': !!python/unicode 'mgmtapp'}\n!!python/unicode 'policyTypes': [!!python/unicode 'Ingress']\n", "origin_properties": [ { "key": "prop0", "value": "val0" } ], "resource_type": "ContainerIngressPolicy", "display_name": "ingress-2", "_last_sync_time": 1555405485742 } ], "result_count": 2, "sort_by": "displayName", "sort_ascending": true } Required Permissions: read Feature: containers_inventory Additional Errors:

Returns an ingress policy spec

Returns information about a specific ingress policy. Request:
Method:
GET
URI Path:
/api/v1/fabric/container-ingress-policies/<ingress-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/container-ingress-policies/a241768e-6026-11e9-980c-dca9048e157d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerIngressPolicy+

Example Response: { "external_id": "a241768e-6026-11e9-980c-dca9048e157d", "container_cluster_id": "a19ad270-6026-11e9-980c-dca9048e157d", "container_project_id": "a1ba2e72-6026-11e9-980c-dca9048e157d", "spec": "!!python/unicode 'podSelector':\n !!python/unicode 'matchLabels': {!!python/unicode 'app': !!python/unicode 'mgmtapp'}\n!!python/unicode 'policyTypes': [!!python/unicode 'Ingress']\n", "origin_properties": [ { "key": "prop0", "value": "val0" } ], "resource_type": "ContainerIngressPolicy", "display_name": "ingress-1", "_last_sync_time": 1555405484377 } Required Permissions: read Feature: containers_inventory Additional Errors:

Return the List of Container Network Policies

Returns information about all network policies. Request:
Method:
GET
URI Path:
/api/v1/fabric/container-network-policies
Request Headers:
n/a
Query Parameters:
ContainerObjectsListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/container-network-policies Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerNetworkPolicyListResult+

Example Response: { "results": [ { "external_id": "a2228fbc-6026-11e9-980c-dca9048e157d", "container_cluster_id": "a19ad270-6026-11e9-980c-dca9048e157d", "container_project_id": "a1ba2e72-6026-11e9-980c-dca9048e157d", "spec": "!!python/unicode 'podSelector':\n !!python/unicode 'matchLabels': {!!python/unicode 'app': !!python/unicode 'mgmtapp'}\n!!python/unicode 'policyTypes': [!!python/unicode 'Ingress']\n", "policy_type": "NETWORK_POLICY", "origin_properties": [ { "key": "prop0", "value": "val0" } ], "resource_type": "ContainerNetworkPolicy", "display_name": "policy-1", "_last_sync_time": 1555405480267 }, { "external_id": "a222a89e-6026-11e9-980c-dca9048e157d", "container_cluster_id": "a19ad644-6026-11e9-980c-dca9048e157d", "container_project_id": "a1ba3688-6026-11e9-980c-dca9048e157d", "spec": "!!python/unicode 'podSelector':\n !!python/unicode 'matchLabels': {!!python/unicode 'app': !!python/unicode 'mgmtapp'}\n!!python/unicode 'policyTypes': [!!python/unicode 'Ingress']\n", "policy_type": "NETWORK_POLICY", "origin_properties": [ { "key": "prop0", "value": "val0" } ], "resource_type": "ContainerNetworkPolicy", "display_name": "policy-2", "_last_sync_time": 1555405481623 } ], "result_count": 2, "sort_by": "displayName", "sort_ascending": true } Required Permissions: read Feature: containers_inventory Additional Errors:

Return a network policy spec

Returns information about a specific network policy. Request:
Method:
GET
URI Path:
/api/v1/fabric/container-network-policies/<network-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/container-network-policies/a2228fbc-6026-11e9-980c-dca9048e157d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerNetworkPolicy+

Example Response: { "external_id": "a2228fbc-6026-11e9-980c-dca9048e157d", "container_cluster_id": "a19ad270-6026-11e9-980c-dca9048e157d", "container_project_id": "a1ba2e72-6026-11e9-980c-dca9048e157d", "spec": "!!python/unicode 'podSelector':\n !!python/unicode 'matchLabels': {!!python/unicode 'app': !!python/unicode 'mgmtapp'}\n!!python/unicode 'policyTypes': [!!python/unicode 'Ingress']\n", "policy_type": "NETWORK_POLICY", "origin_properties": [ { "key": "prop0", "value": "val0" } ], "resource_type": "ContainerNetworkPolicy", "display_name": "policy-1", "_last_sync_time": 1555405480267 } Required Permissions: read Feature: containers_inventory Additional Errors:

Management Plane API: Fabric: Container Projects

Associated URIs:

Return the list of container projects

Returns information about all container projects Request:
Method:
GET
URI Path:
/api/v1/fabric/container-projects
Request Headers:
n/a
Query Parameters:
ContainerClusterFilterParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/container-projects Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerProjectListResult+

Example Response: { "results": [ { "external_id": "a1ba2e72-6026-11e9-980c-dca9048e157d", "tags": [ { "scope": "dis:k8s:key1", "tag": "val1" } ], "origin_properties": [ { "key": "prop0", "value": "val0" } ], "container_cluster_id": "a19ad270-6026-11e9-980c-dca9048e157d", "resource_type": "ContainerProject", "display_name": "project-1", "_last_sync_time": 1555405468523 }, { "external_id": "a1ba31a6-6026-11e9-980c-dca9048e157d", "tags": [ { "scope": "dis:k8s:key2", "tag": "val2" } ], "origin_properties": [ { "key": "prop0", "value": "val0" } ], "container_cluster_id": "a19ad270-6026-11e9-980c-dca9048e157d", "resource_type": "ContainerProject", "display_name": "project-2", "_last_sync_time": 1555405468524 } ], "result_count": 2, "sort_by": "displayName", "sort_ascending": true } Required Permissions: read Feature: containers_inventory Additional Errors:

Return a container project

Returns information about a specific project Request:
Method:
GET
URI Path:
/api/v1/fabric/container-projects/<container-project-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/container-projects/a1ba2e72-6026-11e9-980c-dca9048e157d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ContainerProject+

Example Response: { "external_id": "a1ba2e72-6026-11e9-980c-dca9048e157d", "tags": [ { "scope": "dis:k8s:key", "tag": "val" } ], "origin_properties": [ { "key": "prop0", "value": "val0" } ], "container_cluster_id": "a19ad270-6026-11e9-980c-dca9048e157d", "resource_type": "ContainerProject", "display_name": "project-1", "_last_sync_time": 1555405468523 } Required Permissions: read Feature: containers_inventory Additional Errors:

Management Plane API: Fabric: Discovered Nodes

Associated URIs:

Return the List of Discovered Nodes

Returns information about all discovered nodes. Request:
Method:
GET
URI Path:
/api/v1/fabric/discovered-nodes
Request Headers:
n/a
Query Parameters:
DiscoveredNodeListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/discovered-nodes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DiscoveredNodeListResult+

Example Response: { "cursor": "003653b55e00-e5c1-11e5-a549-005056b18ef8", "result_count": 2, "results": [ { "display_name": "192.168.210.53", "ip_addresses": ["192.168.210.53"], "external_id": "b0ba10c8-d193-11e6-bf26-cec0c932ce01:host-91", "origin_id": "b0ba10c8-d193-11e6-bf26-cec0c932ce01", "cm_local_id": "host-91", "node_type": "HostNode", "parent_compute_collection": "b0ba10c8-d193-11e6-bf26-cec0c932ce01:domain-c32", "origin_properties": [] }, { "display_name": "192.168.110.37", "ip_addresses": ["192.168.110.37"], "external_id": "d2071ed8-d193-11e6-bf26-cec0c932ce01:host-92", "origin_id": "d2071ed8-d193-11e6-bf26-cec0c932ce01", "cm_local_id": "host-91", "node_type": "HostNode", "parent_compute_collection": "b0ba10c8-d193-11e6-bf26-cec0c932ce01:domain-c1", "origin_properties": [] } ] } Required Permissions: read Feature: compute_managers_inventory Additional Errors:

Return Discovered Node Information

Returns information about a specific discovered node. Request:
Method:
GET
URI Path:
/api/v1/fabric/discovered-nodes/<node-ext-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/discovered-nodes/74730a28-e52d-11e5-936e-6f061d405a28:host-91 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DiscoveredNode+

Example Response: { "display_name": "192.168.210.53", "ip_addresses": ["192.168.210.53"], "external_id": "b0ba10c8-d193-11e6-bf26-cec0c932ce01:host-91", "origin_id": "b0ba10c8-d193-11e6-bf26-cec0c932ce01", "cm_local_id": "host-91", "node_type": "HostNode", "parent_compute_collection": "b0ba10c8-d193-11e6-bf26-cec0c932ce01:domain-c32", "origin_properties": [] } Required Permissions: read Feature: compute_managers_inventory Additional Errors:

Created Transport Node for Discovered Node

NSX components are installaed on host and transport node is created with given configurations. Request:
Method:
POST
URI Path:
/api/v1/fabric/discovered-nodes/<node-ext-id>?action=create_transport_node
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TransportNode+

Example Request: POST https://<nsx-mgr>/api/v1/fabric/discovered-nodes/5c669dc6-47a8-4508-3077-6a48f26c5a4g?action=create_transport_node { "resource_type": "TransportNode", "description": "", "display_name":"TN2", "host_switch_spec":{ "resource_type":"StandardHostSwitchSpec", "host_switches":[ { "host_switch_name":"nsxvswitch", "host_switch_profile_ids":[ { "key":"UplinkHostSwitchProfile", "value":"0a26d126-7116-11e5-9d70-feff819cdc9f" } ], "pnics":[ { "device_name":"vmnic3", "uplink_name":"uplink-1" } ], "ip_assignment_spec":{ "resource_type":"AssignedByDhcp" } } ] }, "transport_zone_endpoints":[ { "transport_zone_id":"3ed51543-7fd4-4885-8fe8-55d8317b4777" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNode+

Example Response: { "resource_type": "TransportNode", "description": "Updated NSX configured Test Transport Node", "id": "77816de2-39c3-436c-b891-54d31f580961", "display_name": "NSX Configured TN", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" }, { "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb", "key": "LldpHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "ip_assignment_spec": { "resource_type": "StaticIpPoolSpec", "ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92" }, "vmknics": [ { "device_name": "vmk1", "logical_switch_id": "849e339e-64b7-47cb-9480-33068f70dc5a" } ] } ] }, "transport_zone_endpoints": [ { "transport_zone_id": "e14c6b8a-9edd-489f-b624-f9ef12afbd8f", "transport_zone_profile_ids": [] } ], "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" }, { "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb", "key": "LldpHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "static_ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92" } ], "node_id": "41a4eebd-d6b9-11e6-b722-875041b9955d", "node_deployment_info": { "resource_type": "HostNode", "id": "41a4eebd-d6b9-11e6-b722-875041b9955d", "display_name": "FN1", "fqdn": "sc2-rdops-vm03-dhcp-110-133.eng.vmware.com", "ip_addresses": [ "10.192.156.199" ], "external_id": "a5113680-6a56-4386-9017-adffbe56c99e", "discovered_ip_addresses": [], "os_type": "ESXI", "os_version": "", "managed_by_server": "", "_create_time": 1538632396987, "_last_modified_user": "admin", "_protection": "NOT_PROTECTED", "_last_modified_time": 1538632396987, "_create_user": "admin", "_revision": 0 }, "_create_time": 1485299990773, "_last_modified_user": "admin", "_last_modified_time": 1485301913130, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

(Deprecated) Prepares discovered Node for NSX (Deprecated)

Prepares(hostprep) discovered node for NSX. NSX LCP bundles are installed on this discovered node. This API is deprecated. Use /fabric/discovered-nodes/?action=create_transport_node Request:
Method:
POST
URI Path:
/api/v1/fabric/discovered-nodes/<node-ext-id>?action=hostprep
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/fabric/discovered-nodes/5c669dc6-47a8-4508-3077-6a48f26c5a4g?action=hostprep Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EdgeNode+
HostNode+
Node+
PublicCloudGatewayNode+

Example Response: { "resource_type" : "HostNode", "description" : "", "id" : "73aabd55-7c9a-4015-a769-47e2e95f0045", "display_name" : "comp-02b", "tags" : [ ], "fqdn" : "", "ip_addresses" : [ "192.168.210.54" ], "external_id" : "73aabd55-7c9a-4015-a769-47e2e95f0045", "discovered_ip_addresses" : [ ], "os_type" : "ESXI", "os_version" : "", "managed_by_server" : "", "_create_time" : 1478050967406, "_create_user" : "admin", "_last_modified_user" : "admin", "_last_modified_time" : 1478050967406, "_revision" : 0 } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Apply cluster level config on Discovered Node

When transport node profile (TNP) is applied to a cluster, if any validation fails (e.g. VMs running on host) then transport node (TN) is not created. In that case after the required action is taken (e.g. VMs powered off), you can call this API to try to create TN for that discovered node.
Do not call this API if Transport Node already exists for the discovered node. In that case use API on transport node. /transport-nodes/?action=restore_cluster_config Request:
Method:
POST
URI Path:
/api/v1/fabric/discovered-nodes/<node-ext-id>?action=reapply_cluster_config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/fabric/discovered-nodes/5c669dc6-47a8-4508-3077-6a48f26c5a4g?action=reapply_cluster_config Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNode+

Example Response: { "resource_type": "TransportNode", "description": "Updated NSX configured Test Transport Node", "id": "77816de2-39c3-436c-b891-54d31f580961", "display_name": "NSX Configured TN", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" }, { "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb", "key": "LldpHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "ip_assignment_spec": { "resource_type": "StaticIpPoolSpec", "ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92" }, "vmknics": [ { "device_name": "vmk1", "logical_switch_id": "849e339e-64b7-47cb-9480-33068f70dc5a" } ] } ] }, "transport_zone_endpoints": [ { "transport_zone_id": "e14c6b8a-9edd-489f-b624-f9ef12afbd8f", "transport_zone_profile_ids": [] } ], "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" }, { "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb", "key": "LldpHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "static_ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92" } ], "node_id": "41a4eebd-d6b9-11e6-b722-875041b9955d", "node_deployment_info": { "resource_type": "HostNode", "id": "41a4eebd-d6b9-11e6-b722-875041b9955d", "display_name": "FN1", "fqdn": "sc2-rdops-vm03-dhcp-110-133.eng.vmware.com", "ip_addresses": [ "10.192.156.199" ], "external_id": "a5113680-6a56-4386-9017-adffbe56c99e", "discovered_ip_addresses": [], "os_type": "ESXI", "os_version": "", "managed_by_server": "", "_create_time": 1538632396987, "_last_modified_user": "admin", "_protection": "NOT_PROTECTED", "_last_modified_time": 1538632396987, "_create_user": "admin", "_revision": 0 }, "_create_time": 1485299990773, "_last_modified_user": "admin", "_last_modified_time": 1485301913130, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Management Plane API: Fabric: Nodes

Associated URIs:

Return the List of Nodes (Deprecated)

Returns information about all fabric nodes (hosts and edges).
This api is deprecated as part of FN+TN unification. Please use Transport Node API
GET /transport-nodes to list all fabric nodes.
Request:
Method:
GET
URI Path:
/api/v1/fabric/nodes
Request Headers:
n/a
Query Parameters:
NodeListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/nodes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeListResult+

Example Response: { "result_count": 2, "results": [ { "resource_type": "HostNode", "id": "74730a28-e52d-11e5-936e-6f061d405a28", "display_name": "comp-01b", "fqdn": "comp-01b.eng.abc.com", "ip_addresses": [ "192.168.210.53" ], "discovered_ip_addresses": [ "192.168.210.53" ], "external_id": "74730a28-e52d-11e5-936e-6f061d405a28", "os_type": "ESXI", "os_version": "6.0.0", "managed_by_server": "192.168.110.24", "_last_modified_time": 1457470683936, "_create_time": 1457470683936, "_last_modified_user": "admin", "_create_user": "admin", "_revision": 0 }, { "resource_type": "EdgeNode", "id": "53b55e00-e5c1-11e5-a549-005056b18ef8", "display_name": "nsx-edge2", "fqdn": "nsx-edge2.eng.abc.com", "ip_addresses": [ "192.168.110.37" ], "discovered_ip_addresses": [ "192.168.110.37" ], "external_id": "53b55e00-e5c1-11e5-a549-005056b18ef8", "deployment_type": "VIRTUAL_MACHINE", "_last_modified_time": 1457505420494, "_create_time": 1457505420494, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } ] } Required Permissions: read Feature: nodes_nodes Additional Errors:

Register and Install NSX Components on a Node (Deprecated)

Creates a host node (hypervisor) or edge node (router) in the transport
network.

When you run this command for a host, NSX Manager attempts to install the
NSX kernel modules, which are packaged as VIB, RPM, or DEB files. For the
installation to succeed, you must provide the host login credentials and the
host thumbprint.

To get the ESXi host thumbprint, SSH to the host and run the
openssl x509 -in /etc/vmware/ssl/rui.crt -fingerprint -sha256 -noout
command.

To generate host key thumbprint using SHA-256 algorithm please follow the
steps below.

Log into the host, making sure that the connection is not vulnerable to a
man in the middle attack. Check whether a public key already exists.
Host public key is generally located at '/etc/ssh/ssh_host_rsa_key.pub'.
If the key is not present then generate a new key by running the following
command and follow the instructions.

ssh-keygen -t rsa

Now generate a SHA256 hash of the key using the following command. Please
make sure to pass the appropriate file name if the public key is stored with
a different file name other than the default 'id_rsa.pub'.

awk '{print $2}' id_rsa.pub | base64 -d | sha256sum -b | sed 's/ .*$//' | xxd -r -p | base64
This api is deprecated as part of FN+TN unification. Please use Transport Node API
POST /transport-nodes to install NSX components on a node.
Request:
Method:
POST
URI Path:
/api/v1/fabric/nodes
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
EdgeNode+
HostNode+
Node+
PublicCloudGatewayNode+

Example Request: POST https://<nsx-mgr>/api/v1/fabric/nodes { "resource_type": "HostNode", "display_name": "Host ABC123", "ip_addresses": [ "192.168.210.54" ], "os_type": "ESXI", "os_version": "6.0.0", "host_credential": { "username": "user1", "password": "password", "thumbprint": "3b1f4f3b636569d648a3092fc5b5b00fe4f6ec6abd34de86ae657f4bba22913e" } } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
EdgeNode+
HostNode+
Node+
PublicCloudGatewayNode+

Example Response: { "resource_type": "HostNode", "display_name": "Host ABC123", "fqdn": "host-abc-123.eng.abc.com", "id": "cf1f01db-e5b3-4688-9c1e-5f47d335fb01", "ip_addresses": [ "192.168.210.54" ], "external_id": "cf1f01db-e5b3-4688-9c1e-5f47d335fb01", "discovered_ip_addresses": [ "192.168.210.54" ], "os_type": "ESXI", "os_version": "6.0.0", "managed_by_server": "192.168.110.24", "_create_time": 1446577081344, "_last_modified_user": "admin", "_last_modified_time": 1446577081344, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: nodes_nodes Additional Errors:

Perform an Action on Fabric Node (Deprecated)

The supported fabric node actions are enter_maintenance_mode,
exit_maintenance_mode for EdgeNode.
This API is deprecated, please call TransportNode maintenance mode API to
update maintenance mode, refer to "Update transport node maintenance mode".
Request:
Method:
POST
URI Path:
/api/v1/fabric/nodes/<node-id>
Request Headers:
n/a
Query Parameters:
NodeActionParameters+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/fabric/nodes/53b55e00-e5c1-11e5-a549-005056b18ef8?action=enter_maintenance_mode Successful Response:
Response Code:
202 Accepted
Response Headers:
Content-type: application/json
Response Body:
EdgeNode+
HostNode+
Node+
PublicCloudGatewayNode+

Example Response: { "resource_type": "EdgeNode", "id": "53b55e00-e5c1-11e5-a549-005056b18ef8", "display_name": "nsx-edge2", "fqdn": "nsx-edge2.eng.abc.com", "ip_addresses": [ "192.168.110.37" ], "discovered_ip_addresses": [ "192.168.110.37" ], "external_id": "53b55e00-e5c1-11e5-a549-005056b18ef8", "deployment_type": "VIRTUAL_MACHINE", "_last_modified_time": 1457505420494, "_create_time": 1457505420494, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Return Node Information (Deprecated)

Returns information about a specific fabric node (host or edge).
This api is deprecated, use Transport Node API
GET /transport-nodes/<transport-node-id> to get fabric
node information.
Request:
Method:
GET
URI Path:
/api/v1/fabric/nodes/<node-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/nodes/564dab50-63a0-8b4f-a1f8-20e4d36efc3b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EdgeNode+
HostNode+
Node+
PublicCloudGatewayNode+

Example Response: { "resource_type": "HostNode", "id": "564dab50-63a0-8b4f-a1f8-20e4d36efc3b", "display_name": "pnq1-vm-eng-dhcp-203-201.eng.vmware.com", "fqdn": "pnq1-vm-eng-dhcp-203-201.eng.vmware.com", "external_id": "564dab50-63a0-8b4f-a1f8-20e4d36efc3b", "ip_addresses": [ "10.41.40.41", "10.50.51.50" ], "discovered_ip_addresses": [ "10.41.40.41", "10.50.51.50" ], "managed_by_server": "10.41.203.17", "os_version": "6.0.0", "os_type": "ESXI", "_last_modified_time": 1413358186953, "_create_time": 1413358186953, "_create_user": "admin", "_last_modified_user": "admin", "_revision": 0 } Required Permissions: read Feature: nodes_nodes Additional Errors:

Update a Node (Deprecated)

Modifies attributes of a fabric node (host or edge).
This api is deprecated as part of FN+TN unification. Please use Transport Node
API PUT /transport-nodes/<transport-node-id> to update fabric node details.
API PUT /transport-nodes/ to update fabric node details.
Request:
Method:
PUT
URI Path:
/api/v1/fabric/nodes/<node-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
EdgeNode+
HostNode+
Node+
PublicCloudGatewayNode+

Example Request: PUT https://<nsx-mgr>/api/v1/fabric/nodes/8538f119-ba45-4fb1-9cf1-ee849e4cf168 { "resource_type": "EdgeNode", "id": "8538f119-ba45-4fb1-9cf1-ee849e4cf168", "display_name": "edge-node5", "ip_addresses": [ "192.168.110.37", "192.168.110.38" ], "_create_time": 1446579085852, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1446579085852, "_create_user": "admin", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EdgeNode+
HostNode+
Node+
PublicCloudGatewayNode+

Example Response: { "resource_type": "EdgeNode", "id": "8538f119-ba45-4fb1-9cf1-ee849e4cf168", "display_name": "edge-node5", "fqdn": "edge-node5.eng.abc.com", "ip_addresses": [ "192.168.110.37", "192.168.110.38" ], "discovered_ip_addresses": [ "192.168.110.37", "192.168.110.38" ], "_create_time": 1446579085852, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1446660509297, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: nodes_nodes Additional Errors:

Delete a Node (Deprecated)

Removes a specified fabric node (host or edge).
A fabric node may only be deleted when it is no longer referenced
by a Transport Node. If unprepare_host option is set to false, the
host will be deleted without uninstalling the NSX components from
the host.
This api is deprecated, use Transport Node API
DELETE /transport-nodes/<transport-node-id> to delete FN.
DELETE /transport-nodes/ to delete FN.
Request:
Method:
DELETE
URI Path:
/api/v1/fabric/nodes/<node-id>
Request Headers:
n/a
Query Parameters:
HostNodeDeleteParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/fabric/nodes/564dab50-63a0-8b4f-a1f8-20e4d36efc3b Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_nodes Additional Errors:

Return the List of Capabilities of a Single Node (Deprecated)

Returns information about capabilities of a single fabric host node. Edge nodes do not have capabilities. This api is deprecated, use GET /transport-nodes/<transportnode-id>/capabilities if FN is converted to TN. Request:
Method:
GET
URI Path:
/api/v1/fabric/nodes/<node-id>/capabilities
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/nodes/c8778638-818a-11e4-a4d5-210df118b5e2/capabilities Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeCapabilitiesResult+

Example Response: { "capabilities": [ { "description": "Capability of supporting rate limiting in switch security switching profile", "version": 1, "value": "true", "key": "switchingprofile.switch-security.rate-limiting" }, { "description": "Capability of supporting multiple LACP groups in uplink host switch profile", "version": 1, "value": "true", "key": "hostswitchprofile.multi-lag" }, { "description": "Capability of supporting egress shaper in QoS switching profile", "version": 1, "value": "true", "key": "switchingprofile.qos.shaper.egress" }, { "description": "Capability of supporting LLDP in lldp host switch profile", "version": 1, "value": "true", "key": "hostswitchprofile.lldp" }, { "description": "Capability of supporting broadcast shaper in QoS switching profile", "version": 1, "value": "true", "key": "switchingprofile.qos.shaper.broadcast" } ] } Required Permissions: read Feature: nodes_nodes Additional Errors:

Get the module details of a Fabric Node This api is deprecated, use Transport Node API GET /transport-nodes/<transportnode-id>/modules to get fabric node modules. (Deprecated)

Request:
Method:
GET
URI Path:
/api/v1/fabric/nodes/<node-id>/modules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/nodes/8538f119-ba45-4fb1-9cf1-ee849e4cf168/modules Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SoftwareModuleResult+

Example Response: { "software_modules": [ { "module_name": "nsx-aggservice", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsx-da", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsx-esx-datapath", "module_version": "1.1.0.0.0-4320347" }, { "module_name": "nsx-exporter", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsx-host", "module_version": "1.1.0.0.0-4320389" }, { "module_name": "nsx-lldp", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsx-mpa", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsx-netcpa", "module_version": "1.1.0.0.0-4320340" }, { "module_name": "nsx-python-protobuf", "module_version": "2.4.1-1" }, { "module_name": "nsx-sfhc", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsx-support-bundle-client", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsxa", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsxcli", "module_version": "1.1.0.0.0-4320339" } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

List the specified node's Network Interfaces (Deprecated)

Returns the number of interfaces on the node and detailed
information about each interface. Interface information includes MTU,
broadcast and host IP addresses, link and admin status, MAC address, network
mask, and the IP configuration method (static or DHCP).
This api is deprecated. Please use Transport Node API
GET /transport-nodes//network/interfaces
to list node network interfaces for the corresponding TN.
Request:
Method:
GET
URI Path:
/api/v1/fabric/nodes/<node-id>/network/interfaces
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/nodes/<node-id>/network/interfaces Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeInterfacePropertiesListResult+

Example Response: { "result_count": 6, "results": [ { "interface_id": "vmnic0", "admin_status": "UP", "link_status": "UP", "source": "cached", "mtu": 1500, "interface_alias": [ { "physical_address": "02:00:06:3e:44:bf" } ], "interface_type": "PHYSICAL", "connected_switch": "vSwitch0" }, { "interface_id": "vmnic1", "admin_status": "UP", "link_status": "UP", "source": "cached", "mtu": 1600, "interface_alias": [ { "physical_address": "02:00:06:8c:49:0a" } ], "interface_type": "PHYSICAL", "connected_switch": "nsxvswitch" }, { "interface_id": "vmnic2", "admin_status": "UP", "link_status": "DOWN", "source": "cached", "mtu": 1500, "interface_alias": [ { "physical_address": "02:00:06:89:28:d0" } ], "interface_type": "PHYSICAL", "connected_switch": "" }, { "interface_alias": [ { "physical_address": "54:9f:35:0b:d0:84", "netmask": "255.255.255.0", "ip_address": "192.168.210.53", "ip_configuration": "STATIC", "broadcast_address": "192.168.210.255" } ], "interface_id": "vmk0", "admin_status": "UP", "link_status": "UP", "source": "cached", "mtu": 1500 }, { "interface_alias": [ { "physical_address": "00:50:56:68:91:ad", "netmask": "255.255.255.0", "ip_address": "10.20.20.53", "ip_configuration": "STATIC", "broadcast_address": "10.20.20.255" } ], "interface_id": "vmk1", "admin_status": "UP", "link_status": "UP", "source": "cached", "mtu": 1500, "host_managed": true, "interface_type": "VIRTUAL", "lport_attachment_id": "" }, { "interface_alias": [ { "physical_address": "00:50:56:65:f5:fc", "netmask": "255.255.255.0", "ip_address": "192.168.250.102", "ip_configuration": "STATIC", "broadcast_address": "192.168.250.255" } ], "interface_id": "vmk2", "admin_status": "UP", "link_status": "UP", "source": "cached", "mtu": 1600, "host_managed": true, "backing_nsx_managed": true, "interface_type": "VIRTUAL", "lport_attachment_id": "1ea55bbd-0a06-42ac-9ffc-fea15a28cd7e" } ] } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Read the node's Network Interface (Deprecated)

Returns detailed information about the specified interface. Interface
information includes MTU, broadcast and host IP addresses, link and admin
status, MAC address, network mask, and the IP configuration method (static
or DHCP).
This api is deprecated as part of FN+TN unification. Please use Transport
Node API GET /transport-nodes//network/interfaces/
to get interface details of a node.
Request:
Method:
GET
URI Path:
/api/v1/fabric/nodes/<node-id>/network/interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/nodes/<node-id>/network/interfaces/vmk2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeInterfaceProperties+

Example Response: { "interface_alias": [ { "physical_address": "00:50:56:65:f5:fc", "netmask": "255.255.255.0", "ip_address": "192.168.250.102", "ip_configuration": "STATIC", "broadcast_address": "192.168.250.255" } ], "interface_id": "vmk2", "admin_status": "UP", "link_status": "UP", "source": "cached", "mtu": 1600, "host_managed": true, "backing_nsx_managed": true, "interface_type": "VIRTUAL", "lport_attachment_id": "1ea55bbd-0a06-42ac-9ffc-fea15a28cd7e" } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Read the NSX Manager's Network Interface Statistics (Deprecated)

On the specified interface, returns the number of received (rx), transmitted
(tx), and dropped packets; the number of bytes and errors received and
transmitted on the interface; and the number of detected collisions.
This api is deprecated as part of FN+TN unification. Please use
/transport-nodes//network/interfaces//stats to
read network interface statistics with contraint FN is converted to TN.
Request:
Method:
GET
URI Path:
/api/v1/fabric/nodes/<node-id>/network/interfaces/<interface-id>/stats
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/nodes/<node-id>/network/interfaces/<interface-id>/stats Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeInterfaceStatisticsProperties+

Example Response: { "tx_errors": 0, "rx_frame": 0, "tx_carrier": 0, "tx_bytes": 31611, "rx_dropped": 1813, "tx_packets": 261, "rx_packets": 91656, "interface_id": "mgmt", "tx_dropped": 0, "tx_colls": 0, "rx_errors": 0, "rx_bytes": 7360718 } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Get the Realized State of a Fabric Node. (Deprecated)

For edge nodes, returns the current install
state when deployment is in progress, NODE_READY
when deployment is complete and the failure state
when deployment has failed.
This api is deprecated. Please use /transport-nodes/<transportnode-id>/state
to get realized state of a Fabric Node.
Request:
Method:
GET
URI Path:
/api/v1/fabric/nodes/<node-id>/state
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/nodes/8538f119-ba45-4fb1-9cf1-ee849e4cf168/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ConfigurationState+

Example Response: { "details": [], "state": "success" } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Return Runtime Status Information for a Node (Deprecated)

Returns connectivity, heartbeat, and version information about a fabric node
(host or edge). Note that the LCP connectivity status remains down until
after the fabric node has been added as a transpot node and the NSX host
switch has been successfully installed. See POST /api/v1/transport-nodes.
This api is deprecated, use GET /api/v1/transport-nodes/<node-id>/status to
get status information of a node with constraint FN is converted to TN.
Request:
Method:
GET
URI Path:
/api/v1/fabric/nodes/<node-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/nodes/90b3ee63-82fe-11e5-b403-fd59414c0c52/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeStatus+

Example Response: { "last_heartbeat_timestamp": 1446675283540, "lcp_connectivity_status": "UP", "mpa_connectivity_status": "UP", "system_status": { "mem_used": 2551264, "system_time": 1446649452000, "file_systems": [ { "file_system": "root", "total": 32768, "used": 476, "type": "ramdisk", "mount": "/" }, { "file_system": "etc", "total": 28672, "used": 220, "type": "ramdisk", "mount": "/etc" }, { "file_system": "opt", "total": 32768, "used": 1040, "type": "ramdisk", "mount": "/opt" }, { "file_system": "var", "total": 49152, "used": 1196, "type": "ramdisk", "mount": "/var" }, { "file_system": "tmp", "total": 262144, "used": 24136, "type": "ramdisk", "mount": "/tmp" }, { "file_system": "hostdstats", "total": 302080, "used": 2072, "type": "ramdisk", "mount": "/var/lib/vmware/hostd/stats" } ], "load_average": [ 0.17000000178813934, 0.17000000178813934, 0.15000000596046448 ], "swap_total": 0, "mem_cache": 0, "cpu_cores": 16, "source": "cached", "mem_total": 25119208, "swap_used": 0, "uptime": 7213000 }, "last_sync_time": 1473837914408, "mpa_connectivity_status_details": "Client is responding to heartbeats", "software_version": "1.1.0.0.0.3195008", "host_node_deployment_status": "INSTALL_SUCCESSFUL", "lcp_connectivity_status_details": [ { "control_node_ip": "192.168.110.34", "failure_status": "UNKNOWN_FAILURE_STATUS", "status": "UP" } ], "inventory_sync_paused": false } Required Permissions: read Feature: nodes_nodes Additional Errors:

Restart the inventory sync for the node if it is paused currently. (Deprecated)

Restart the inventory sync for the node if it is currently internally paused.
After this action the next inventory sync coming from the node is processed.
This api is deprecated as part of FN+TN unification. Please use Transport Node API
POST /transport-nodes/<transport-node-id>?action=restart_inventory_sync
to restart inventory sync of node.
Request:
Method:
POST
URI Path:
/api/v1/fabric/nodes/<node-id>?action=restart_inventory_sync
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_nodes Additional Errors:

Perform a service deployment upgrade on a host node

Request:
Method:
POST
URI Path:
/api/v1/fabric/nodes/<node-id>?action=upgrade_infra
Request Headers:
n/a
Query Parameters:
UpgradeInfraRequestParameters+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/fabric/nodes/4c8101d8-a129-11e6-961f-005056a99106?action=upgrade_infra Successful Response:
Response Code:
202 Accepted
Response Headers:
Content-type: application/json
Response Body:
EdgeNode+
HostNode+
Node+
PublicCloudGatewayNode+

Example Response: { "resource_type" : "HostNode", "description" : "", "id" : "73aabd55-7c9a-4015-a769-47e2e95f0045", "display_name" : "comp-02b", "tags" : [ ], "fqdn" : "", "ip_addresses" : [ "192.168.210.54" ], "external_id" : "73aabd55-7c9a-4015-a769-47e2e95f0045", "discovered_ip_addresses" : [ ], "os_type" : "ESXI", "os_version" : "", "managed_by_server" : "", "_create_time" : 1478050967406, "_create_user" : "admin", "_last_modified_user" : "admin", "_last_modified_time" : 1478050967406, "_revision" : 0 } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Return Runtime Status Information for given Nodes (Deprecated)

Returns connectivity, heartbeat, and version information about all fabric nodes
(host or edge).
This api is deprecated as part of FN+TN unification. Please use Transport Node
Status API /transport-nodes/<node-id>/status to get status information of a node
and to get all transport nodes ids use GET /transport-nodes.
Request:
Method:
GET
URI Path:
/api/v1/fabric/nodes/status
Request Headers:
n/a
Query Parameters:
ReadNodesStatusRequestQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/nodes/status?node_ids= a73784e4-4396-11e8-b118-b3f64eb2d83d,a6de45a6-4396-11e8-8ea6-59414c08f900 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeStatusListResult+

Example Response: { "results": [ { "last_heartbeat_timestamp": 1446675283540, "lcp_connectivity_status": "UP", "mpa_connectivity_status": "UP", "system_status": { "mem_used": 2551264, "system_time": 1446649452000, "file_systems": [ { "file_system": "root", "total": 32768, "used": 476, "type": "ramdisk", "mount": "/" }, { "file_system": "etc", "total": 28672, "used": 220, "type": "ramdisk", "mount": "/etc" }, { "file_system": "opt", "total": 32768, "used": 1040, "type": "ramdisk", "mount": "/opt" } ], "load_average": [ 0.17000000178813934, 0.17000000178813934, 0.15000000596046448 ], "swap_total": 0, "mem_cache": 0, "cpu_cores": 16, "source": "cached", "mem_total": 25119208, "swap_used": 0, "uptime": 7213000 }, "last_sync_time": 1473837914408, "mpa_connectivity_status_details": "Client is responding to heartbeats", "software_version": "1.1.0.0.0.3195008", "host_node_deployment_status": "INSTALL_SUCCESSFUL", "lcp_connectivity_status_details": [ { "control_node_ip": "192.168.110.34", "failure_status": "UNKNOWN_FAILURE_STATUS", "status": "UP" } ], "inventory_sync_paused": false "external_id": "b342511e-d0b4-475c-89f4-edfb7a494437", } }, { "last_heartbeat_timestamp": 1446675283540, "lcp_connectivity_status": "UP", "mpa_connectivity_status": "UP", "last_sync_time": 1473837914408, "mpa_connectivity_status_details": "Client is responding to heartbeats", "software_version": "1.1.0.0.0.3195008", "host_node_deployment_status": "INSTALL_SUCCESSFUL", "lcp_connectivity_status_details": [ { "control_node_ip": "192.168.110.34", "failure_status": "UNKNOWN_FAILURE_STATUS", "status": "UP" } ], "inventory_sync_paused": false "external_id": "9ec4e9e1-ae56-4b04-8ee7-836d7216c81b", } } ] } Required Permissions: read Feature: nodes_nodes Additional Errors:

Return list of supported host OS types

Returns names of all supported host OS. Request:
Method:
GET
URI Path:
/api/v1/fabric/ostypes
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SupportedHostOSListResult+

Required Permissions: read Feature: utilities_upgrade Additional Errors:

Management Plane API: Fabric: VIFS

Associated URIs:

Return the List of Virtual Network Interfaces (VIFs)

Returns information about all VIFs. A virtual network interface aggregates
network interfaces into a logical interface unit that is indistinuishable
from a physical network interface.
Request:
Method:
GET
URI Path:
/api/v1/fabric/vifs
Request Headers:
n/a
Query Parameters:
VifListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/vifs Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VirtualNetworkInterfaceListResult+

Example Response: { "result_count": 2, "results": [ { "resource_type": "VirtualNetworkInterface", "device_key": "4000", "device_name": "Network adapter 1", "ip_address_info": [ { "ip_addresses": [ "172.16.20.10", "fe80::250:56ff:fe86:f2b2" ], "source": "VM_TOOLS" } ], "vm_local_id_on_host": "1", "mac_address": "00:50:56:86:f2:b2", "owner_vm_id": "5006d98a-352f-134f-df6b-33e7f8d5de65", "external_id": "5006d98a-352f-134f-df6b-33e7f8d5de65-4000", "lport_attachment_id": "3d4b208c-b986-47f7-8a29-a74610d33a13", "host_id": "74730a28-e52d-11e5-936e-6f061d405a28" }, { "resource_type": "VirtualNetworkInterface", "device_key": "4000", "device_name": "Network adapter 1", "ip_address_info": [ { "ip_addresses": [ "172.16.20.11", "fe80::250:56ff:feb1:705e" ], "source": "VM_TOOLS" } ], "vm_local_id_on_host": "3", "mac_address": "00:50:56:b1:70:5e", "owner_vm_id": "50314b00-d422-d5d0-0cb2-d8a904a31c16", "external_id": "50314b00-d422-d5d0-0cb2-d8a904a31c16-4000", "lport_attachment_id": "d0649784-6fb8-43f9-be9e-88d3ee357f6e", "host_id": "65bcd211-e570-11e5-8472-991cc87d670e" } ] } Required Permissions: read Feature: vm_vm_info Additional Errors:

Management Plane API: Fabric: Virtual Machines

Associated URIs:

Return the List of Virtual Machines

Returns information about all virtual machines. Request:
Method:
GET
URI Path:
/api/v1/fabric/virtual-machines
Request Headers:
n/a
Query Parameters:
VirtualMachineListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/virtual-machines Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VirtualMachineListResult+

Example Response: { "result_count" : 1, "results" : [ { "display_name" : "Iws-2", "resource_type" : "VirtualMachine", "local_id_on_host": "1", "external_id" : "420e72c9-55e7-a4f7-81bf-673a2af1a6cf", "host_id" : "cf0ffd7a-818a-11e4-9ab1-cb7a79b0af39", "compute_ids" : [ "locationId:420e72c9-55e7-a4f7-81bf-673a2af1a6cf", "instanceUuid:500e0c08-2ecc-2609-d9ba-ed489e48c787", "biosUuid:420e72c9-55e7-a4f7-81bf-673a2af1a6cf", "externalId:420e72c9-55e7-a4f7-81bf-673a2af1a6cf", "hostLocalId:1", "moIdOnHost:1" ], "source" : { "target_display_name" : "sc2-rdops-vm03-dhcp-102-35.eng.vmware.com", "is_valid" : true, "target_type" : "HostNode", "target_id" : "3d0574b8-267c-11e7-9126-0febdf149b8c" }, "type" : "REGULAR", "power_state" : "VM_RUNNING", "guest_info": { "os_name": "Ubuntu Linux (64-bit)", "computer_name": "app-vm" }, "_last_sync_time" : 1493291539130 } ] } { "result_count": 1, "results": [ { "resource_type": "VirtualMachine", "display_name": "app-vm", "compute_ids": [ "instanceUuid:5006d98a-352f-134f-df6b-33e7f8d5de65", "moIdOnHost:1", "externalId:5006d98a-352f-134f-df6b-33e7f8d5de65", "hostLocalId:1", "locationId:564d1012-15a8-dd22-9c13-f53d697678a8", "biosUuid:4206a555-5a2f-edaa-d215-dac9508da942" ], "external_id": "5006d98a-352f-134f-df6b-33e7f8d5de65", "source" : { "target_display_name" : "sc2-rdops-vm03-dhcp-102-35.eng.vmware.com", "is_valid" : true, "target_type" : "HostNode", "target_id" : "3d0574b8-267c-11e7-9126-0febdf149b8c" }, "type": "REGULAR", "host_id": "74730a28-e52d-11e5-936e-6f061d405a28", "local_id_on_host": "1", "power_state" : "VM_RUNNING", "guest_info": { "os_name": "Ubuntu Linux (64-bit)", "computer_name": "app-vm" }, "_last_sync_time" : 1493291539130 } ] } { "result_count": 1, "results": [ { "resource_type": "VirtualMachine", "display_name": "web-vm", "compute_ids": [ "instanceUuid:50069c43-e024-9fce-6017-001a87ef32be", "moIdOnHost:1", "externalId:50069c43-e024-9fce-6017-001a87ef32be", "hostLocalId:1", "locationId:564d6439-4abb-e39c-1a2f-d2524e3cc3e1", "biosUuid:42060137-3f57-15bb-1bfc-293c4ba89050" ], "external_id": "50069c43-e024-9fce-6017-001a87ef32be", "source" : { "target_display_name" : "sc2-rdops-vm03-dhcp-102-35.eng.vmware.com", "is_valid" : true, "target_type" : "HostNode", "target_id" : "3d0574b8-267c-11e7-9126-0febdf149b8c" }, "type": "REGULAR", "host_id": "65bcd211-e570-11e5-8472-991cc87d670e", "local_id_on_host": "1", "power_state" : "VM_RUNNING", "guest_info": { "os_name": "Ubuntu Linux (64-bit)", "computer_name": "web-vm" }, "_last_sync_time" : 1493291539130 } ] } { "result_count": 1, "results": [ { "resource_type": "VirtualMachine", "display_name": "db-vm-new", "compute_ids": [ "instanceUuid:50314b00-d422-d5d0-0cb2-d8a904a31c16", "moIdOnHost:3", "externalId:50314b00-d422-d5d0-0cb2-d8a904a31c16", "hostLocalId:3", "locationId:564d90f6-8f73-1baa-8226-82d85cc9c5c8", "biosUuid:4231c15f-ca24-b567-65b4-17bf1c0dd20e" ], "external_id": "50314b00-d422-d5d0-0cb2-d8a904a31c16", "source" : { "target_display_name" : "sc2-rdops-vm03-dhcp-102-35.eng.vmware.com", "is_valid" : true, "target_type" : "HostNode", "target_id" : "3d0574b8-267c-11e7-9126-0febdf149b8c" }, "type": "REGULAR", "host_id": "65bcd211-e570-11e5-8472-991cc87d670e", "local_id_on_host": "3", "power_state" : "VM_RUNNING", "guest_info": { "os_name": "Microsoft Windows 10 (64-bit)", "computer_name": "db-vm" }, "_last_sync_time" : 1493291539130 } ] } Required Permissions: read Feature: vm_vm_info Additional Errors:

Return the list of tools and agents installed in VMs.

This API returns the list of tools and agents installed in VMs. Request:
Method:
GET
URI Path:
/api/v1/fabric/virtual-machines/tools-info
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/fabric/virtual-machines/tools-info Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VmToolsInfoListResult+

Example Response: { "result_count": 1, "results": [ { "resource_type": "VmToolsInfo", "external_id": "a46b3633-22b3-49f9-87bd-b888b1bd0656", "host_local_id": "vm-1", "source": { "target_display_name": "192.168.0.2", "is_valid": true, "target_type": "HostNode", "target_id": "d25ae6ce-e599-4c66-8583-b10e31fcdf48" }, "file_agent_version": "10.3.5.0", "network_agent_version": "1.9.1", "vmtools_version": "10.7.1.0" } ] } Required Permissions: read Feature: vm_vm_info Additional Errors:

Update tags applied to a virtual machine

Update tags applied to the virtual machine. External id of the virtual machine will be specified in the request body. Request body should contain all the tags to be applied. To clear all tags, provide an empty list. User can apply maximum 25 tags on a virtual machine. The remaining 5 are reserved for system defined tags. Request:
Method:
POST
URI Path:
/api/v1/fabric/virtual-machines?action=update_tags
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
VirtualMachineTagUpdate+

Example Request: POST https://<nsx-mgr>/api/v1/fabric/virtual-machines?action=update_tags { "external_id": "ID-0", "tags": [ {"scope": "os", "tag": "win32"}, {"scope": "security", "tag": "PCI"} ] } Successful Response:
Response Code:
204 No Content
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: vm_vm_tags Additional Errors:

Management Plane API: Global-Configs

Associated URIs:

List global configurations of a NSX domain

Returns global configurations of a NSX domain grouped by the config types.
These global configurations are valid across NSX domain for their respective
types unless they are overridden by a more granular configurations.
Request:
Method:
GET
URI Path:
/api/v1/global-configs
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/global-configs Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GlobalConfigsListResult+

Example Response: { "results": [ { "resource_type": "RoutingGlobalConfig", "id": "8f567175-4aba-4c2f-a3af-a96d2c540041", "display_name": "8f567175-4aba-4c2f-a3af-a96d2c540041", "l3_forwarding_mode": "IPV4_ONLY", "logical_uplink_mtu": 1700, "_create_user": "system", "_create_time": 1534489264413, "_last_modified_user": "system", "_last_modified_time": 1534489264437, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 }, { "resource_type": "SwitchingGlobalConfig", "id": "872ecc01-416d-4c99-86a4-21ee63ca3720", "display_name": "872ecc01-416d-4c99-86a4-21ee63ca3720", "physical_uplink_mtu": 1600, "global_replication_mode_enabled": false, "_create_user": "system", "_create_time": 1534489283861, "_last_modified_user": "system", "_last_modified_time": 1534489283898, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 }, { "resource_type": "OperationCollectorGlobalConfig", "collectors" : [ { "collector_ip" : "192.168.0.11", "collector_port" : 4944 } ], "id": "afa6ff65-6cb9-49a6-96a9-81f163653b09", "display_name": "afa6ff65-6cb9-49a6-96a9-81f163653b09", "_create_user": "system", "_create_time": 1534489283861, "_last_modified_user": "system", "_last_modified_time": 1534489283898, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2, } ] } Required Permissions: read Feature: global_configs_global_configs Additional Errors:

Get global configs for a config type

Returns global configurations that belong to the config type
Request:
Method:
GET
URI Path:
/api/v1/global-configs/<config-type>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/global-configs/SwitchingGlobalConfig Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EsxGlobalOpaqueConfig+
FipsGlobalConfig+
FirewallGlobalConfig+
OperationCollectorGlobalConfig+
RoutingGlobalConfig+
SecurityGlobalConfig+
SwitchingGlobalConfig+

Example Response: { "resource_type": "SwitchingGlobalConfig", "id": "aeb822b6-7778-40e1-8415-1aef6d87c618", "display_name": "aeb822b6-7778-40e1-8415-1aef6d87c618", "physical_uplink_mtu": 1850, "global_replication_mode_enabled": false, "_create_user": "system", "_create_time": 1534221197344, "_last_modified_user": "admin", "_last_modified_time": 1534306102612, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 5 } Required Permissions: read Feature: global_configs_global_configs Additional Errors:

Update global configurations of a config type

Updates global configurations that belong to a config type. The request must
include the updated values along with the unmodified values. The values that
are updated(different) would trigger update to config-type specific state.
However, the realization of the new configurations is config-type specific.
Refer to config-type specific documentation for details about the config-
uration push state.
Policy api will overwrite the fipsGlobalConfig set using MP api. Always use
https:///policy/api/v1/infra/global-config to update fips config-
uration.
Request:
Method:
PUT
URI Path:
/api/v1/global-configs/<config-type>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
EsxGlobalOpaqueConfig+
FipsGlobalConfig+
FirewallGlobalConfig+
OperationCollectorGlobalConfig+
RoutingGlobalConfig+
SecurityGlobalConfig+
SwitchingGlobalConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/global-configs/SwitchingGlobalConfig { "_revision": 5, "resource_type": "SwitchingGlobalConfig", "physical_uplink_mtu": 1950 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EsxGlobalOpaqueConfig+
FipsGlobalConfig+
FirewallGlobalConfig+
OperationCollectorGlobalConfig+
RoutingGlobalConfig+
SecurityGlobalConfig+
SwitchingGlobalConfig+

Example Response: { "resource_type": "SwitchingGlobalConfig", "id": "aeb822b6-7778-40e1-8415-1aef6d87c618", "display_name": "aeb822b6-7778-40e1-8415-1aef6d87c618", "physical_uplink_mtu": 1950, "global_replication_mode_enabled": false, "_create_user": "system", "_create_time": 1534221197344, "_last_modified_user": "admin", "_last_modified_time": 1534306102612, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 6 } Required Permissions: crud Feature: global_configs_global_configs Additional Errors:

Resyncs global configurations of a config-type

It is similar to update global configurations but this request would trigger
update even if the configs are unmodified. However, the realization of the
new configurations is config-type specific. Refer to config-type
specific documentation for details about the configuration push state.
Request:
Method:
PUT
URI Path:
/api/v1/global-configs/<config-type>?action=resync_config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
EsxGlobalOpaqueConfig+
FipsGlobalConfig+
FirewallGlobalConfig+
OperationCollectorGlobalConfig+
RoutingGlobalConfig+
SecurityGlobalConfig+
SwitchingGlobalConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/global-configs/SwitchingGlobalConfig?action=resync_config { "_revision": 5, "resource_type": "SwitchingGlobalConfig", "physical_uplink_mtu": 1950 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EsxGlobalOpaqueConfig+
FipsGlobalConfig+
FirewallGlobalConfig+
OperationCollectorGlobalConfig+
RoutingGlobalConfig+
SecurityGlobalConfig+
SwitchingGlobalConfig+

Example Response: { "resource_type": "SwitchingGlobalConfig", "id": "aeb822b6-7778-40e1-8415-1aef6d87c618", "display_name": "aeb822b6-7778-40e1-8415-1aef6d87c618", "physical_uplink_mtu": 1950, "global_replication_mode_enabled": false, "_create_user": "system", "_create_time": 1534221197344, "_last_modified_user": "admin", "_last_modified_time": 1534306102612, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 6 } Required Permissions: crud Feature: global_configs_global_configs Additional Errors:

Management Plane API: Grouping Objects

Management Plane API: Grouping Objects: IP Sets

Associated URIs:

Create IPSet

Creates a new IPSet that can group either IPv4 or IPv6 individual ip addresses,
ranges or subnets.
Request:
Method:
POST
URI Path:
/api/v1/ip-sets
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSet+

Example Request: POST https://<nsx-mgr>/api/v1/ip-sets { "display_name":"testIPSet", "ip_addresses":["192.168.1.1-192.168.1.6","192.168.1.8","192.168.4.8/24"] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IPSet+

Example Response: { "id": "96ebbc9f-6eae-4009-b709-532820dbba2a", "display_name": "testIPSet", "resource_type": "IPSet", "ip_addresses": [ "192.168.1.1-192.168.1.6", "192.168.1.8", "192.168.4.8/24" ], "_last_modified_user": "a;a", "_last_modified_time": 1439879046475, "_create_time": 1439879046475, "_system_owned": false, "_create_user": "a;a", "_revision": 0 } Required Permissions: crud Feature: groups_ip_sets Additional Errors:

List IPSets

Returns paginated list of IPSets
Request:
Method:
GET
URI Path:
/api/v1/ip-sets
Request Headers:
n/a
Query Parameters:
IPSetListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ip-sets Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSetListResult+

Example Response: { "sort_by": "displayName", "sort_ascending": true, "result_count": 1, "results": [ { "id": "96ebbc9f-6eae-4009-b709-532820dbba2a", "display_name": "testIPSet", "resource_type": "IPSet", "ip_addresses": [ "192.168.1.1-192.168.1.6", "192.168.1.8", "192.168.4.8/24" ], "_last_modified_user": "a;a", "_last_modified_time": 1439879046475, "_create_time": 1439879046475, "_system_owned": false, "_create_user": "a;a", "_revision": 0 } ] } Required Permissions: read Feature: groups_ip_sets Additional Errors:

Delete IPSet

Deletes the specified IPSet. By default, if the IPSet is added to an
NSGroup, it won't be deleted. In such situations, pass "force=true" as
query param to force delete the IPSet.
Request:
Method:
DELETE
URI Path:
/api/v1/ip-sets/<ip-set-id>
Request Headers:
n/a
Query Parameters:
IPSetDeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/ip-sets/22dc1d1a-adcb-4c58-874e-6e783df02790 DELETE https://<nsx-mgr>/api/v1/ip-sets/22dc1d1a-adcb-4c58-874e-6e783df02790 ?force=true Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: groups_ip_sets Additional Errors:

Read IPSet

Returns information about the specified IPSet
Request:
Method:
GET
URI Path:
/api/v1/ip-sets/<ip-set-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ip-sets/2ffea46a-b537-4d71-98f5-6fedb7f3c28b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSet+

Example Response: { "id": "2ffea46a-b537-4d71-98f5-6fedb7f3c28b", "display_name": "testIPSet", "resource_type": "IPSet", "ip_addresses": [ "192.168.1.1-192.168.1.6", "192.168.1.8", "192.168.4.8/24" ], "_last_modified_user": "a;a", "_last_modified_time": 1439892910866, "_create_time": 1439892910866, "_system_owned": false, "_create_user": "a;a", "_revision": 0 } Required Permissions: read Feature: groups_ip_sets Additional Errors:

Add a IP address to a IPSet

Add/Remove an individual IP address to an IPSet
Request:
Method:
POST
URI Path:
/api/v1/ip-sets/<ip-set-id>
Request Headers:
n/a
Query Parameters:
IPMemberAction+
Request Body:
IPAddressElement+

Example Request: POST https://<nsx-mgr>/api/v1/ip-sets/183e372b-854c-4fcc-a24e-05721ce89a60?action=add_ip { "ip_address":"192.23.243.1" } example_response: | { "ip_address": "192.23.243.1", "_revision": 2 } POST https://<nsx-mgr>/api/v1/ip-sets/183e372b-854c-4fcc-a24e-05721ce89a60?action=remove_ip { "ip_address":"192.23.243.1" } example_response: | { "ip_address": "192.23.243.1", "_revision": 2 } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IPAddressElement+

Required Permissions: crud Feature: groups_ip_sets Additional Errors:

Update IPSet

Updates the specified IPSet. Modifiable parameters include description,
display_name and ip_addresses.
Request:
Method:
PUT
URI Path:
/api/v1/ip-sets/<ip-set-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSet+

Example Request: PUT https://<nsx-mgr>/api/v1/ip-sets/e8102843-dc86-47d4-903f-5911ea48deb7 { "resource_type": "IPSet", "display_name": "West Customers", "ip_addresses": [ "192.168.1.1-192.168.1.6", "192.168.1.0/24", "192.168.4.0/24" ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSet+

Example Response: { "resource_type": "IPSet", "id": "e8102843-dc86-47d4-903f-5911ea48deb7", "display_name": "West Customers", "ip_addresses": [ "192.168.1.1-192.168.1.6", "192.168.1.0/24", "192.168.4.0/24" ], "_last_modified_time": 1458326830542, "_create_time": 1458326554714, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: groups_ip_sets Additional Errors:

Get all IPAddresses in a IPSet

List all IP addresses in a IPSet
Request:
Method:
GET
URI Path:
/api/v1/ip-sets/<ip-set-id>/members
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ip-sets/183e372b-854c-4fcc-a24e-05721ce89a60/members Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPAddressElementListResult+

Example Response: { "result_count": 4, "results": [ { "ip_address": "12.234.21.231" }, { "ip_address": "10.192.23.11" }, { "ip_address": "10.11.123.21" }, { "ip_address": "23.12.32.11" } ] } Required Permissions: read Feature: groups_ip_sets Additional Errors:

Management Plane API: Grouping Objects: MAC Sets

Associated URIs:

List MACSets

Returns paginated list of MACSets
Request:
Method:
GET
URI Path:
/api/v1/mac-sets
Request Headers:
n/a
Query Parameters:
MACSetListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/mac-sets Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MACSetListResult+

Example Response: { "cursor": "003602cf0d81-4c1c-45fb-87b3-fb52ec89a8a4test-mac-set", "result_count": 1, "results": [ { "resource_type": "MACSet", "id": "02cf0d81-4c1c-45fb-87b3-fb52ec89a8a4", "display_name": "test-mac-set", "mac_addresses": [ "01:23:45:67:89:AB", "00:14:22:01:23:45", "01:66:48:21:97:AC", "00:57:82:44:12:99" ], "_create_time": 1454015311172, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1454015311172, "_create_user": "admin", "_revision": 0 } ] } Required Permissions: read Feature: groups_mac_sets Additional Errors:

Create MACSet

Creates a new MACSet that can group individual MAC addresses.
Request:
Method:
POST
URI Path:
/api/v1/mac-sets
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MACSet+

Example Request: POST https://<nsx-mgr>/api/v1/mac-sets { "display_name":"testMACSet", "mac_addresses":["01:23:45:67:89:ab","00:14:22:01:23:45"] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
MACSet+

Example Response: { "resource_type": "MACSet", "id": "c20eb62d-9ff1-4d64-8506-134e603e01f9", "display_name": "testMACSet", "mac_addresses": [ "01:23:45:67:89:AB", "00:14:22:01:23:45" ], "_last_modified_time": 1458327532700, "_create_time": 1458327532700, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: groups_mac_sets Additional Errors:

Read MACSet

Returns information about the specified MACSet
Request:
Method:
GET
URI Path:
/api/v1/mac-sets/<mac-set-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/mac-sets/183e372b-854c-4fcc-a24e-05721ce89a60 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MACSet+

Example Response: { "_revision": 0, "id": "183e372b-854c-4fcc-a24e-05721ce89a60", "display_name":"testMACSet", "resource_type": "MACSet", "mac_addresses":["01:23:45:67:89:ab","00:14:22:01:23:45"], "_create_user": "system", "_last_modified_user": "system", "_last_modified_time": 1414057732203, "_create_time": 1414057732203 } Required Permissions: read Feature: groups_mac_sets Additional Errors:

Delete MACSet

Deletes the specified MACSet. By default, if the MACSet is added to an
NSGroup, it won't be deleted. In such situations, pass "force=true" as
query param to force delete the MACSet.
Request:
Method:
DELETE
URI Path:
/api/v1/mac-sets/<mac-set-id>
Request Headers:
n/a
Query Parameters:
MACSetDeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/mac-sets/183e372b-854c-4fcc-a24e-05721ce89a60 DELETE https://<nsx-mgr>/api/v1/mac-sets/183e372b-854c-4fcc-a24e-05721ce89a60 ?force=true Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: groups_mac_sets Additional Errors:

Update MACSet

Updates the specified MACSet. Modifiable parameters include the
description, display_name and mac_addresses.
Request:
Method:
PUT
URI Path:
/api/v1/mac-sets/<mac-set-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MACSet+

Example Request: PUT https://<nsx-mgr>/api/v1/mac-sets/d95da628-8677-4d26-b593-76b51c6439c2 { "resource_type": "MACSet", "display_name": "Lab A MACs", "mac_addresses": [ "01:23:45:67:89:AB", "00:14:22:01:23:45" ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MACSet+

Example Response: { "resource_type": "MACSet", "id": "d95da628-8677-4d26-b593-76b51c6439c2", "display_name": "Lab A MACs", "mac_addresses": [ "01:23:45:67:89:AB", "00:14:22:01:23:45" ], "_last_modified_time": 1458327141731, "_create_time": 1458167290173, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: groups_mac_sets Additional Errors:

Add a MAC address to a MACSet

Add an individual MAC address to a MACSet
Request:
Method:
POST
URI Path:
/api/v1/mac-sets/<mac-set-id>/members
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MACAddressElement+

Example Request: POST https://<nsx-mgr>/api/v1/mac-sets/183e372b-854c-4fcc-a24e-05721ce89a60/members { "mac_address":"01:23:45:67:89:ab" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
MACAddressElement+

Example Response: { "mac_address": "01:23:45:67:89:AB", "_revision": 2 } Required Permissions: crud Feature: groups_mac_sets Additional Errors:

Get all MACAddresses in a MACSet

List all MAC addresses in a MACSet
Request:
Method:
GET
URI Path:
/api/v1/mac-sets/<mac-set-id>/members
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/mac-sets/183e372b-854c-4fcc-a24e-05721ce89a60/members Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MACAddressElementListResult+

Example Response: { "result_count": 4, "results": [ { "mac_address": "01:23:45:67:89:AB" }, { "mac_address": "00:14:22:01:23:45" }, { "mac_address": "01:66:48:21:97:AC" }, { "mac_address": "00:57:82:44:12:99" } ] } Required Permissions: read Feature: groups_mac_sets Additional Errors:

Remove a MAC address from given MACSet

Remove an individual MAC address from a MACSet
Request:
Method:
DELETE
URI Path:
/api/v1/mac-sets/<mac-set-id>/members/<mac-address>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/mac-sets/183e372b-854c-4fcc-a24e-05721ce89a60/members/01:23:45:67:89:ab Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: groups_mac_sets Additional Errors:

Management Plane API: Grouping Objects: NS Groups

Associated URIs:

List NSGroups

List the NSGroups in a paginated format. The page size is restricted
to 50 NSGroups so that the size of the response remains small even
in the worst case.
Optionally, specify valid member types as request parameter to filter NSGroups.
Request:
Method:
GET
URI Path:
/api/v1/ns-groups
Request Headers:
n/a
Query Parameters:
NSGroupListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ ns-groups/ GET https://<nsx-mgr>/api/v1/ ns-groups?member_types=LogicalPort,LogicalSwitch,VirtualMachine Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSGroupListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 2, "results": [ { "resource_type": "NSGroup", "id": "71d33895-cebf-4ebe-bb84-5cd6f478cf44", "display_name": "NSGroup-1", "membership_criteria": [ { "resource_type": "NSGroupComplexExpression", "expressions": [ { "resource_type": "NSGroupTagExpression", "scope": "S1", "target_type": "LogicalSwitch", "tag": "T1", "scope_op": "EQUALS", "tag_op": "EQUALS" }, { "resource_type": "NSGroupTagExpression", "scope": "S2", "target_type": "LogicalSwitch", "tag": "T2", "scope_op": "EQUALS", "tag_op": "EQUALS" } ] } ], "members": [ { "resource_type": "NSGroupSimpleExpression", "op": "EQUALS", "target_resource": { "is_valid": true }, "target_type": "LogicalPort", "value": "8a042cca-ea22-4592-a816-c0365acd8a1a", "target_property": "id" } ], "member_count": 1, "_create_user": "admin", "_create_time": 1500424817903, "_last_modified_user": "admin", "_last_modified_time": 1500482503554, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 }, { "resource_type": "NSGroup", "id": "b350f55a-efb4-4040-a356-cc8438744e59", "display_name": "NSGroup-2", "membership_criteria": [ { "resource_type": "NSGroupTagExpression", "scope": "S1", "target_type": "LogicalSwitch", "tag": "T1", "scope_op": "EQUALS", "tag_op": "EQUALS" }, { "resource_type": "NSGroupTagExpression", "scope": "S2", "target_type": "LogicalSwitch", "tag": "T2", "scope_op": "EQUALS", "tag_op": "EQUALS" } ], "_create_user": "admin", "_create_time": 1500424859142, "_last_modified_user": "admin", "_last_modified_time": 1500424859148, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } { "sort_ascending": true, "sort_by": "displayName", "result_count": 1, "results": [ { "resource_type": "NSGroup", "id": "a21f8e31-52e9-4790-9574-0c5f52f24096", "display_name": "test-ns-group-4", "members": [ { "resource_type": "NSGroupSimpleExpression", "op": "EQUALS", "target_resource": { "target_display_name": "test-ipset-1", "is_valid": true, "target_type": "IPSet", "target_id": "8c0ab37c-c8db-4d69-99c9-21b6762a86f6" }, "target_type": "IPSet", "value": "8c0ab37c-c8db-4d69-99c9-21b6762a86f6", "target_property": "id" } ], "membership_criteria": [ {"resource_type": "NSGroupComplexExpression", "expressions" : [ { "resource_type" :"NSGroupTagExpression", "target_type": "LogicalPort", "scope": "S1", "tag": "T1" }, { "resource_type" : "NSGroupTagExpression", "target_type": "LogicalPort", "scope": "S2", "tag": "T2" } ] }, { "resource_type" : "NSGroupTagExpression", "target_type": "LogicalSwitch", "scope": "S3", "tag": "T3" } ] } ], "_create_user": "admin", "_create_time": 1445584267531, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1445584267531, "_revision": 0 } ] } Required Permissions: read Feature: groups_groups Additional Errors:

Create NSGroup

Creates a new NSGroup that can group NSX resources - VIFs, Lports
and LSwitches as well as the grouping objects - IPSet, MACSet and other
NSGroups.
For NSGroups containing VM criteria(both static and dynamic), system VMs will
not be included as members. This filter applies at VM level only.
Exceptions are as follows:
1. LogicalPorts and VNI of System VMs will be included in NSGroup if the criteria
is based on LogicalPort, LogicalSwitch or VNI directly.
Request:
Method:
POST
URI Path:
/api/v1/ns-groups
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NSGroup+

Example Request: POST https://<nsx-mgr>/api/v1/ns-groups { "display_name":"testNSGroup", "members":[ { "resource_type": "NSGroupSimpleExpression", "target_type": "IPSet", "target_property": "id", "op": "EQUALS", "value": "183e372b-854c-4fcc-a24e-05721ce89a60" } ], "membership_criteria": [ { "resource_type": "NSGroupComplexExpression", "expressions": [ { "resource_type": "NSGroupTagExpression", "target_type": "LogicalPort", "scope": "S1", "tag": "T1" }, { "resource_type": "NSGroupTagExpression", "target_type": "LogicalPort", "scope": "S2", "tag": "T2" } ] }, { "resource_type": "NSGroupTagExpression", "target_type": "LogicalSwitch", "scope": "S1", "tag": "T1" } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
NSGroup+

Required Permissions: crud Feature: groups_groups Additional Errors:

Add NSGroup expression

Add/remove the expressions passed in the request body to/from the NSGroup
Request:
Method:
POST
URI Path:
/api/v1/ns-groups/<ns-group-id>
Request Headers:
n/a
Query Parameters:
MemberAction+
Request Body:
NSGroupExpressionList+

Example Request: POST https://<nsx-mgr>/api/v1/ ns-groups/183e372b-854c-4fcc-a24e-05721ce89a60?action=ADD_MEMBERS { "members": [ { "resource_type": "NSGroupSimpleExpression", "op": "EQUALS", "target_type": "IPSet", "value": "cd1b2ced-3d2c-4145-b54a-bf613c090aa", "target_property": "id" } ] } POST https://<nsx-mgr>/api/v1/ ns-groups/183e372b-854c-4fcc-a24e-05721ce89a60?action=REMOVE_MEMBERS { "members": [ { "resource_type": "NSGroupSimpleExpression", "op": "EQUALS", "target_type": "IPSet", "value": "cd1b2ced-3d2c-4145-b54a-bf613c090aa", "target_property": "id" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSGroup+

Required Permissions: crud Feature: groups_groups Additional Errors:

Update NSGroup

Updates the specified NSGroup. Modifiable parameters include the
description, display_name and members.
For NSGroups containing VM criteria(both static and dynamic), system VMs will
not be included as members. This filter applies at VM level only.
Exceptions are as follows.
1. LogicalPorts and VNI of system VMs will be included in NSGroup if the criteria
is based on LogicalPort, LogicalSwitch or VNI directly.
Request:
Method:
PUT
URI Path:
/api/v1/ns-groups/<ns-group-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NSGroup+

Example Request: PUT https://<nsx-mgr>/api/v1/ ns-groups/183e372b-854c-4fcc-a24e-05721ce89a60 { "resource_type": "NSGroup", "id": "71d33895-cebf-4ebe-bb84-5cd6f478cf44", "display_name": "NSGroup-1", "membership_criteria": [ { "resource_type": "NSGroupComplexExpression", "expressions": [ { "resource_type": "NSGroupTagExpression", "scope": "S1", "target_type": "LogicalSwitch", "tag": "T1", "scope_op": "EQUALS", "tag_op": "EQUALS" }, { "resource_type": "NSGroupTagExpression", "scope": "S2", "target_type": "LogicalSwitch", "tag": "T2", "scope_op": "EQUALS", "tag_op": "EQUALS" } ] } ], "members": [ { "resource_type": "NSGroupSimpleExpression", "op": "EQUALS", "target_resource": { "is_valid": true }, "target_type": "LogicalPort", "value": "8a042cca-ea22-4592-a816-c0365acd8a1a", "target_property": "id" } ], "member_count": 1, "_create_user": "admin", "_create_time": 1500424817903, "_last_modified_user": "admin", "_last_modified_time": 1500482503554, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSGroup+

Required Permissions: crud Feature: groups_groups Additional Errors:

Delete NSGroup

Deletes the specified NSGroup. By default, if the NSGroup is added to
another NSGroup, it won't be deleted. In such situations, pass
"force=true" as query param to force delete the NSGroup.
Request:
Method:
DELETE
URI Path:
/api/v1/ns-groups/<ns-group-id>
Request Headers:
n/a
Query Parameters:
NSGroupDeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/ ns-groups/183e372b-854c-4fcc-a24e-05721ce89a60 DELETE https://<nsx-mgr>/api/v1/ ns-groups/183e372b-854c-4fcc-a24e-05721ce89a60?force=true Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: groups_groups Additional Errors:

Read NSGroup

Returns information about the specified NSGroup.
Request:
Method:
GET
URI Path:
/api/v1/ns-groups/<ns-group-id>
Request Headers:
n/a
Query Parameters:
NSGroupRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ ns-groups/183e372b-854c-4fcc-a24e-05721ce89a60 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSGroup+

Example Response: { "resource_type": "NSGroup", "id": "71d33895-cebf-4ebe-bb84-5cd6f478cf44", "display_name": "NSGroup-1", "membership_criteria": [ { "resource_type": "NSGroupComplexExpression", "expressions": [ { "resource_type": "NSGroupTagExpression", "scope": "S1", "target_type": "LogicalSwitch", "tag": "T1", "scope_op": "EQUALS", "tag_op": "EQUALS" }, { "resource_type": "NSGroupTagExpression", "scope": "S2", "target_type": "LogicalSwitch", "tag": "T2", "scope_op": "EQUALS", "tag_op": "EQUALS" } ] } ], "members": [ { "resource_type": "NSGroupSimpleExpression", "op": "EQUALS", "target_resource": { "is_valid": true }, "target_type": "LogicalPort", "value": "8a042cca-ea22-4592-a816-c0365acd8a1a", "target_property": "id" } ], "member_count": 1, "_create_user": "admin", "_create_time": 1500424817903, "_last_modified_user": "admin", "_last_modified_time": 1500482503554, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } { "resource_type": "NSGroup", "id": "a21f8e31-52e9-4790-9574-0c5f52f24096", "display_name": "test-ns-group-4", "members": [ { "resource_type": "NSGroupSimpleExpression", "op": "EQUALS", "target_resource": { "target_display_name": "test-ipset-1", "is_valid": true, "target_type": "IPSet", "target_id": "8c0ab37c-c8db-4d69-99c9-21b6762a86f6" }, "target_type": "IPSet", "value": "8c0ab37c-c8db-4d69-99c9-21b6762a86f6", "target_property": "id" } ], "membership_criteria": [ {"resource_type": "NSGroupComplexExpression", "expressions" : [ { "resource_type" :"NSGroupTagExpression", "target_type": "LogicalPort", "scope": "S1", "tag": "T1" }, { "resource_type" : "NSGroupTagExpression", "target_type": "LogicalPort", "scope": "S2", "tag": "T2" } ] }, { "resource_type" : "NSGroupTagExpression", "target_type": "LogicalSwitch", "scope": "S3", "tag": "T3" } ], "_create_user": "admin", "_create_time": 1445584267531, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1445584267531, "_revision": 0 } Required Permissions: read Feature: groups_groups Additional Errors:

Get Effective Directory Groups of the specified NSGroup.

Returns effective directory groups which are members of the specified NSGroup.
This API is applicable only for NSGroups containing DirectoryGroup member type.
For NSGroups containing other member types,it returns an empty list.
Request:
Method:
GET
URI Path:
/api/v1/ns-groups/<ns-group-id>/effective-directory-group-members
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EffectiveMemberResourceListResult+

Example Response: { "cursor": "00361f148bdc-fe7c-4320-8ef3-594e28d57c87Iws-2", "sort_ascending": true, "result_count": 2, "results": [ { "target_id" : "fcb51d1d-b141-4f5b-a0b9-1063a1470a63", "target_display_name" : "ADGroup1", "target_type" : "DirectoryGroup", }, { "id" : "3eecac54-15e7-4a0d-b418-001052fcfdcd", "display_name" : "ADGroup2", "target_type" : "DirectoryGroup" } ] } Required Permissions: read Feature: groups_groups Additional Errors:

Get Effective IPAddress translated from the NSGroup

Returns effective ip address members of the specified NSGroup.
This API is applicable only for NSGroups containing either
VirtualMachine, VIF, LogicalSwitch, LogicalPort or IPSet member type.
For NSGroups containing other member types,it returns an empty list.
Request:
Method:
GET
URI Path:
/api/v1/ns-groups/<ns-group-id>/effective-ip-address-members
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EffectiveIPAddressMemberListResult+

Example Response: { "cursor": "00012", "sort_ascending": true, "result_count": 2, "results": [ "10.112.1.1", "10.112.1.2/24" ] } Required Permissions: read Feature: groups_groups Additional Errors:

Get Effective IPSets of the specified NSGroup.

Returns effective IPSets which are members of the specified NSGroup.
This API is applicable only for NSGroups containing IPSet member type.
For NSGroups containing other member types,it returns an empty list.
Request:
Method:
GET
URI Path:
/api/v1/ns-groups/<ns-group-id>/effective-ipset-members
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EffectiveMemberResourceListResult+

Example Response: { "cursor": "00361f148bdc-fe7c-4320-8ef3-594e28d57c87Iws-2", "sort_ascending": true, "result_count": 2, "results": [ { "target_id" : "fcb51d1d-b141-4f5b-a0b9-1063a1470a63", "target_display_name" : "IPSet1", "target_type" : "IPSet", }, { "id" : "3eecac54-15e7-4a0d-b418-001052fcfdcd", "display_name" : "IPSet2", "target_type" : "IPSet" } ] } Required Permissions: read Feature: groups_groups Additional Errors:

Get Effective Logical Ports translated from the NSgroup

Returns effective logical port members of the specified NSGroup.
This API is applicable only for NSGroups containing either VirtualMachines,
LogicalSwitch or LogicalPort member types.For NSGroups containing other
member types,it returns an empty list.
Request:
Method:
GET
URI Path:
/api/v1/ns-groups/<ns-group-id>/effective-logical-port-members
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EffectiveMemberResourceListResult+

Example Response: { "cursor": "00012", "sort_ascending": true, "result_count": 2, "results": [ { "target_id" : "20c1ac1f-58b5-4241-a352-f8e82c4a8c65", "target_display_name" : "LP-HR1", "target_type" : "LogicalPort", "is_valid": true }, { "target_id" : "c07005fe-4a9a-47f1-9a1e-2db65a285124", "target_display_name" : "LP-HR2", "target_type" : "LogicalPort" "is_valid": true } ] } Required Permissions: read Feature: groups_groups Additional Errors:

Get Effective switch members translated from the NSGroup

Returns effective logical switch members of the specified NSGroup.
This API is applicable for NSGroups containing LogicalSwitch members.
For NSGroups containing other member types,it returns an empty list.
Request:
Method:
GET
URI Path:
/api/v1/ns-groups/<ns-group-id>/effective-logical-switch-members
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EffectiveMemberResourceListResult+

Example Response: { "cursor": "00012", "sort_ascending": true, "result_count": 2, "results": [ { "target_id" : "20c1ac1f-58b5-4241-a352-f8e82c4a8c65", "target_display_name" : "LS-HR1", "target_type" : "LogicalSwitch" "is_valid": true }, { "target_id" : "c07005fe-4a9a-47f1-9a1e-2db65a285124", "target_display_name" : "LS-HR2", "target_type" : "LogicalSwitch" "is_valid": true } ] } Required Permissions: read Feature: groups_groups Additional Errors:

Get effective transport node members translated from the NSGroup

Returns effective transport node members of the specified NSGroup.
This API is applicable only for NSGroups containing TransportNode member type.
For NSGroups containing other member types,it returns an empty list.
Request:
Method:
GET
URI Path:
/api/v1/ns-groups/<ns-group-id>/effective-transport-node-members
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EffectiveMemberResourceListResult+

Example Response: { "sort_ascending": true, "sort_by": "target_display_name", "result_count": 1, "results": [ { "target_id": "5327b241-7fdd-4d41-9e93-76e006b8a4c2", "target_display_name" : "TransportNode-1", "target_type": "TransportNode", "is_valid": true } ] } Required Permissions: read Feature: groups_groups Additional Errors:

Get effective VIF members translated from the NSGroup

Returns effective VIF members of the specified NSGroup.
This API is applicable only for NSGroups containing either
VirtualMachines or VIF member type. For NSGroups containing other
member types,it returns an empty list.
Request:
Method:
GET
URI Path:
/api/v1/ns-groups/<ns-group-id>/effective-vif-members
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VirtualNetworkInterfaceListResult+

Example Response: { "cursor": "00012", "sort_ascending": true, "result_count": 1, "results": [ { "external_id": "7df47d56-cd7c-44b0-8291-aa83555ca2e8-4001", "lport_attachment_id": "8c7d1036-0b86-47b3-b808-663d0d382618" } ] ] } Required Permissions: read Feature: groups_groups Additional Errors:

Get Effective Virtual Machine members of the specified NSGroup.

Returns effective virtual machine members of the specified NSGroup.
This API is applicable only for NSGroups containing VirtualMachine member type.
For NSGroups containing other member types,it returns an empty list.
Request:
Method:
GET
URI Path:
/api/v1/ns-groups/<ns-group-id>/effective-virtual-machine-members
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VirtualMachineListResult+

Example Response: { "cursor" : "00361f148bdc-fe7c-4320-8ef3-594e28d57c87Iws-2", "result_count" : 1, "results" : [ { "display_name" : "Iws-2", "resource_type" : "VirtualMachine", "local_id_on_host": "1", "external_id" : "420e72c9-55e7-a4f7-81bf-673a2af1a6cf", "host_id" : "cf0ffd7a-818a-11e4-9ab1-cb7a79b0af39", "compute_ids" : [ "locationId:420e72c9-55e7-a4f7-81bf-673a2af1a6cf", "instanceUuid:500e0c08-2ecc-2609-d9ba-ed489e48c787", "biosUuid:420e72c9-55e7-a4f7-81bf-673a2af1a6cf", "externalId:420e72c9-55e7-a4f7-81bf-673a2af1a6cf", "hostLocalId:1", "moIdOnHost:1" ], "tags" :[ { "Scope" : "S1" "Tag" : "T1" }, ] "type" : "REGULAR", "powerState" : "VM_RUNNING", } ] } Required Permissions: read Feature: groups_groups Additional Errors:

Get member types from NSGroup

Returns member types for a specified NSGroup including child NSGroups.
This considers static members and members added via membership criteria only
Request:
Method:
GET
URI Path:
/api/v1/ns-groups/<ns-group-id>/member-types
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ ns-groups/183e372b-854c-4fcc-a24e-05721ce89a60/member-types Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EffectiveMemberTypeListResult+

Example Response: { "result_count": 3, "results": [ "IPSet", "LogicalPort", "LogicalSwitch" ] } Required Permissions: read Feature: groups_groups Additional Errors:

Get services to which the given nsgroup belongs to

Returns information about services that are associated with the given NSGroup.
The service name is passed by service_type parameter
Request:
Method:
GET
URI Path:
/api/v1/ns-groups/<nsgroup-id>/service-associations
Request Headers:
n/a
Query Parameters:
NSGroupServiceAssociationListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ns-groups/bf250578-c0a5-4ca0-b237-0375966d23ce/service-associations?service_type=firewall&fetch_parentgroup_associations=true Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceAssociationListResult+

Example Response: { "cursor": "003600000000-0000-0000-0000-0000000000022305843009213694015", "sort_by": "priority", "result_count": 2, "results": [ { "id": "111616", "display_name": "allow-icmp", "notes": "", "destinations_excluded": false, "destinations": [ { "target_display_name": "app-switch", "is_valid": true, "target_type": "NSgroup", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" }, { "target_display_name": "web-switch", "is_valid": true, "target_type": "NSgroup", "target_id": "b489b427-9f14-401e-81db-d1105a1917fe" } ], "services": [ { "service": { "resource_type": "ICMPTypeNSService", "icmp_type": 8, "protocol": "ICMPv4", "icmp_code": 0 } } ], "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 3 }, { "id": "2", "display_name": "00000000-0000-0000-0000-000000000002", "notes": "", "destinations_excluded": false, "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 3 } ] } Required Permissions: read Feature: services_services Additional Errors:

Get the list of all the virtual machines that are not a part of any existing NSGroup.

Get the list of all the virtual machines that are not a part of any existing NSGroup.
Request:
Method:
GET
URI Path:
/api/v1/ns-groups/unassociated-virtual-machines
Request Headers:
n/a
Query Parameters:
VirtualMachineListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UnassociatedVMListResult+

Example Response: { "cursor" : "00361f148bdc-fe7c-4320-8ef3-594e28d57c87Iws-2", "result_count" : 1, "last_update_timestamp": 1488437880015 "results" : [ { "display_name" : "Iws-2", "resource_type" : "VirtualMachine", "local_id_on_host": "1", "external_id" : "420e72c9-55e7-a4f7-81bf-673a2af1a6cf", "host_id" : "cf0ffd7a-818a-11e4-9ab1-cb7a79b0af39", "compute_ids" : [ "locationId:420e72c9-55e7-a4f7-81bf-673a2af1a6cf", "instanceUuid:500e0c08-2ecc-2609-d9ba-ed489e48c787", "biosUuid:420e72c9-55e7-a4f7-81bf-673a2af1a6cf", "externalId:420e72c9-55e7-a4f7-81bf-673a2af1a6cf", "hostLocalId:1", "moIdOnHost:1" ], "tags" :[ { "Scope" : "tenant", "Tag" : "Customer1" }, ] "type" : "REGULAR", "powerState" : "VM_RUNNING", } ] } Required Permissions: read Feature: groups_groups Additional Errors:

Management Plane API: Grouping Objects: NS Profiles

Associated URIs:

List NSProfiles

List the NSProfiles created in a paginated format.The page size is restricted
to 50 NSProfiles, so that the size of the response remains small even
when there are high number of NSProfiles with multiple attributes and
multiple attribute values for each attribute.
Request:
Method:
GET
URI Path:
/api/v1/ns-profiles
Request Headers:
n/a
Query Parameters:
NSProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ns-profiles GET https://<nsx-mgr>/api/v1/ns-profiles?attribute_type=APP_ID Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "NSProfile", "description": "Test NS Profile", "id": "56f40812-d617-4053-a07b-c91be36f1e15", "display_name": "MixedProfile", "nsprofile_attribute": [ { "attributes_data": { "datatype": "STRING", "value": [ "SSL" ], "key": "APP_ID" }, "sub_attributes": [ { "datatype": "STRING", "value": [ "SSL_V3", " TLS_V10" ], "key": "TLS_VERSION" }, { "datatype": "STRING", "value": [ "TLS_RSA_EXPORT_WITH_RC4_40_MD5 ", " TLS_RSA_WITH_IDEA_CBC_SHA" ], "key": "TLS_CIPHER_SUITE" } ] }, { "attributes_data": { "datatype": "STRING", "value": [ "*.skype.com" ], "key": "DOMAIN_NAME" } } ], "_create_user": "admin", "_create_time": 1537532908456, "_last_modified_user": "admin", "_last_modified_time": 1537532908456, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: groups_groups Additional Errors:

Create NSProfile

Creates a new NSProfile which allows users to encapsulate attribute and
sub-attributes of network services.
Rules for using attributes and sub-attributes in single NSProfile
1. One type of attribute can't have multiple occurrences. ( Example -
Attribute type APP_ID can be used only once per NSProfile.)
2. Values for an attribute are mentioned as array of strings.
( Example - For type APP_ID , values can be mentioned as ["SSL","FTP"].)
3. If sub-attribtes are mentioned for an attribute, then only single
value is allowed for that attribute.
4. To get a list of supported
attributes and sub-attributes fire the following REST API
GET https://<nsx-mgr>/api/v1/ns-profiles/attributes
Request:
Method:
POST
URI Path:
/api/v1/ns-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NSProfile+

Example Request: POST https://<nsx-mgr>/api/v1/ns-profiles { "resource_type":"NSProfile", "display_name":"MixedProfile", "description":"Test NS Profile", "nsprofile_attribute":[ { "attributes_data":{ "key":"APP_ID", "value":["SSL"], "datatype":"STRING" }, "sub_attributes":[ { "key":"TLS_VERSION", "value":["SSL_V3, TLS_V10"], "datatype":"STRING" }, { "key":"TLS_CIPHER_SUITE", "value":["TLS_RSA_EXPORT_WITH_RC4_40_MD5 , TLS_RSA_WITH_IDEA_CBC_SHA"], "datatype":"STRING" } ] }, { "attributes_data":{ "key":"DOMAIN_NAME", "value":["*.skype.com"], "datatype":"STRING" } } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
NSProfile+

Required Permissions: crud Feature: groups_groups Additional Errors:

Delete NSProfile

Deletes the specified NSProfile. By default, if the NSProfile is
consumed in a Firewall rule, it won't get deleted. In such
situations, pass "force=true" as query param to force delete
the NSProfile.
Request:
Method:
DELETE
URI Path:
/api/v1/ns-profiles/<ns-profile-id>
Request Headers:
n/a
Query Parameters:
NSProfileDeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/ ns-profiles/183e372b-854c-4fcc-a24e-05721ce89a60 DELETE https://<nsx-mgr>/api/v1/ ns-profiles/183e372b-854c-4fcc-a24e-05721ce89a60?force=true Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: groups_groups Additional Errors:

Update NSProfile

Updates the specified NSProfile.
Rules for using attributes and sub-attributes in single NSProfile
1. One type of attribute can't have multiple occurrences. ( Example -
Attribute type APP_ID can be used only once per NSProfile.)
2. Values for an attribute are mentioned as array of strings.
( Example - For type APP_ID , values can be mentioned as ["SSL","FTP"].)
3. If sub-attribtes are mentioned for an attribute, then only single
value is allowed for that attribute.
4. To get a list of supported
attributes and sub-attributes fire the following REST API
GET https://<nsx-mgr>/api/v1/ns-profiles/attributes
Request:
Method:
PUT
URI Path:
/api/v1/ns-profiles/<ns-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NSProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/ ns-profiles/183e372b-854c-4fcc-a24e-05721ce89a60 { "resource_type":"NSProfile", "display_name":"MixedProfile", "description":"Test NS Profile", "nsprofile_attribute":[ { "attributes_data":{ "key":"APP_ID", "value":["SSH"], "datatype":"STRING" } } ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSProfile+

Example Response: { "resource_type": "NSProfile", "description": "Test NS Profile", "id": "56f40812-d617-4053-a07b-c91be36f1e15", "display_name": "MixedProfile", "nsprofile_attribute": [ { "attributes_data": { "datatype": "STRING", "value": [ "SSH" ], "key": "APP_ID" } } ], "_create_user": "admin", "_create_time": 1537532908456, "_last_modified_user": "admin", "_last_modified_time": 1537534166578, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: groups_groups Additional Errors:

Read NSProfile

Returns information about the specified NSProfile.
Request:
Method:
GET
URI Path:
/api/v1/ns-profiles/<ns-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ ns-profiles/ed5d47fc-3d90-461d-bc78-9be38cf2d1b9 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSProfile+

Example Response: { "resource_type": "NSProfile", "description": "Test NS Profile", "id": "56f40812-d617-4053-a07b-c91be36f1e15", "display_name": "MixedProfile", "nsprofile_attribute": [ { "attributes_data": { "datatype": "STRING", "value": [ "SSL" ], "key": "APP_ID" }, "sub_attributes": [ { "datatype": "STRING", "value": [ "SSL_V3", " TLS_V10" ], "key": "TLS_VERSION" }, { "datatype": "STRING", "value": [ "TLS_RSA_EXPORT_WITH_RC4_40_MD5 ", " TLS_RSA_WITH_IDEA_CBC_SHA" ], "key": "TLS_CIPHER_SUITE" } ] }, { "attributes_data": { "datatype": "STRING", "value": [ "*.skype.com" ], "key": "DOMAIN_NAME" } } ], "_create_user": "admin", "_create_time": 1537532908456, "_last_modified_user": "admin", "_last_modified_time": 1537532908456, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: groups_groups Additional Errors:

List NSProfile supported attribute types

Returns supported attribute type strings for NSProfile.
Request:
Method:
GET
URI Path:
/api/v1/ns-profiles/attribute-types
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ns-profiles/attribute-types Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSSupportedAttributeTypesResult+

Example Response: { "attribute_types": [ "APP_ID", "DOMAIN_NAME" ] } Required Permissions: read Feature: groups_groups Additional Errors:

List NSProfile supported attribute and sub-attributes

Returns supported attribute and sub-attributes for specified
attribute type with their supported values, if provided in query/request
parameter, else will fetch all supported attribute and sub-attributes for
all supported attribute types.
Request:
Method:
GET
URI Path:
/api/v1/ns-profiles/attributes
Request Headers:
n/a
Query Parameters:
NSSupportedAttributesListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ns-profiles/attributes GET https://<nsx-mgr>/api/v1/ns-profiles /attributes?attribute_type=APP_ID Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSSupportedAttributesListResult+

Example Response: { "result_count": 1, "results": [ { "attributes_data": { "datatype": "STRING", "value": [ "FTP" ], "key": "APP_ID" } }, { "attributes_data": { "datatype": "STRING", "value": [ "CIFS" ], "key": "APP_ID" }, "sub_attributes": [ { "datatype": "STRING", "value": [ "CIFS_SMB_V1" ], "key": "CIFS_SMB_VERSION" }, { "datatype": "STRING", "value": [ "CIFS_SMB_V2" ], "key": "CIFS_SMB_VERSION" } ] }, { "attributes_data": { "datatype": "STRING", "value": [ "outlook.office.com" ], "key": "DOMAIN_NAME" } } ] ...[output truncated for brevity] } Required Permissions: read Feature: groups_groups Additional Errors:

Management Plane API: Grouping Objects: NS Service Groups

Associated URIs:

Create NSServiceGroup

Creates a new NSServiceGroup which can contain NSServices.
A given NSServiceGroup can contain either only ether type of NSServices
or only non-ether type of NSServices, i.e. an NSServiceGroup cannot
contain a mix of both ether and non-ether types of NSServices.
Request:
Method:
POST
URI Path:
/api/v1/ns-service-groups
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NSServiceGroup+

Example Request: POST https://<nsx-mgr>/api/v1/ns-service-groups { "display_name":"testNSServiceGroup", "members":[{"target_id": "183e372b-854c-4fcc-a24e-05721ce89a61", "target_type": "NSService"}] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
NSServiceGroup+

Example Response: { "id": "8525429d-1e5b-4846-9684-d57fe83f4ea8", "display_name": "testNSServiceGroup", "resource_type": "NSServiceGroup", "service_type": "ETHER", "members": [ { "target_type": "NSService", "target_display_name": "testNSService", "is_valid": true, "target_id": "8c669da6-47a4-4508-9077-6a48d26c5a4b" } ], "_create_user": "a;a", "_last_modified_user": "a;a", "_last_modified_time": 1439966963844, "_create_time": 1439966963844, "_system_owned": false, "_revision": 0 } Required Permissions: crud Feature: services_services Additional Errors:

List all NSServiceGroups

Returns paginated list of NSServiceGroups
Request:
Method:
GET
URI Path:
/api/v1/ns-service-groups
Request Headers:
n/a
Query Parameters:
NSServiceGroupListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ns-service-groups Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSServiceGroupListResult+

Example Response: { "sort_ascending": true, "sort_by": "displayName", "result_count": 39, "results": [ { "resource_type": "NSServiceGroup", "description": "Data Recovery Appliance", "id": "6525a2c3-32a8-4560-84fd-0fe3482b845b", "display_name": "Data Recovery Appliance", "service_type": "NON_ETHER", "default_service": true, "members": [ { "target_display_name": "VMware-DataRecovery", "is_valid": true, "target_type": "NSService", "target_id": "37d6cc1d-4ceb-4802-8e20-e41556af7b59" }, { "target_display_name": "VMware-ESXi5.x-TCP", "is_valid": true, "target_type": "NSService", "target_id": "06c173a6-4067-4c98-a4db-62969cd59298" }, { "target_display_name": "HTTPS", "is_valid": true, "target_type": "NSService", "target_id": "3705b545-81b8-4c0f-b77a-fec77f6bf134" } ], "_last_modified_time": 1457468830239, "_create_time": 1457468830239, "_last_modified_user": "system", "_system_owned": true, "_create_user": "system", "_revision": 0 } ...[output truncated for brevity] Required Permissions: read Feature: services_services Additional Errors:

Update NSServiceGroup

Updates the specified NSService. Modifiable parameters include the description,
display_name and members.
Request:
Method:
PUT
URI Path:
/api/v1/ns-service-groups/<ns-service-group-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NSServiceGroup+

Example Request: PUT https://<nsx-mgr>/api/v1/ns-service-groups/12dd0d9d-fac3-457e-ba91-8121aa67e3dd { "resource_type": "NSServiceGroup", "id": "12dd0d9d-fac3-457e-ba91-8121aa67e3dd", "display_name": "test", "service_type": "NON_ETHER", "default_service": false, "members": [ { "target_display_name": "Active Directory Server UDP", "is_valid": true, "target_type": "NSService", "target_id": "d0f1a6c1-9a61-49ef-bcbf-ed8213058361" } ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSServiceGroup+

Example Response: { "resource_type": "NSServiceGroup", "id": "12dd0d9d-fac3-457e-ba91-8121aa67e3dd", "display_name": "test", "service_type": "NON_ETHER", "default_service": false, "members": [ { "target_display_name": "Active Directory Server UDP", "is_valid": true, "target_type": "NSService", "target_id": "d0f1a6c1-9a61-49ef-bcbf-ed8213058361" } ], "_create_time": 1457123992088, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1457124154584, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: services_services Additional Errors:

Read NSServiceGroup

Returns information about the specified NSServiceGroup
Request:
Method:
GET
URI Path:
/api/v1/ns-service-groups/<ns-service-group-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ns-service-groups/8525429d-1e5b-4846-9684-d57fe83f4ea8 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSServiceGroup+

Example Response: { "id": "8525429d-1e5b-4846-9684-d57fe83f4ea8", "display_name": "testNSServiceGroup", "resource_type": "NSServiceGroup", "service_type": "ETHER", "members": [ { "target_type": "NSService", "target_display_name": "testNSService", "is_valid": true, "target_id": "8c669da6-47a4-4508-9077-6a48d26c5a4b" } ], "_create_user": "a;a", "_last_modified_user": "a;a", "_last_modified_time": 1439966963844, "_create_time": 1439966963844, "_system_owned": false, "_revision": 0 } Required Permissions: read Feature: services_services Additional Errors:

Delete NSServiceGroup

Deletes the specified NSServiceGroup. By default, if the NSServiceGroup is
consumed in a Firewall rule, it won't get deleted. In such situations, pass
"force=true" as query param to force delete the NSServiceGroup.
Request:
Method:
DELETE
URI Path:
/api/v1/ns-service-groups/<ns-service-group-id>
Request Headers:
n/a
Query Parameters:
NSServiceGroupDeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/ns-service-groups/183e372b-854c-4fcc-a24e-05721ce89a60 DELETE https://<nsx-mgr>/api/v1/ns-service-groups/183e372b-854c-4fcc-a24e-05721ce89a60 ?force=true Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: services_services Additional Errors:

Management Plane API: Grouping Objects: NS Services

Associated URIs:

Create NSService

Creates a new NSService which allows users to specify characteristics to use
for matching network traffic.
Request:
Method:
POST
URI Path:
/api/v1/ns-services
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NSService+

Example Request: POST https://<nsx-mgr>/api/v1/ns-services # Ether type NSService { "display_name":"testNSService", "nsservice_element":{"ether_type": 5463, "resource_type": "EtherTypeNSService"} } # IPProtocol NSService { "display_name":"testNSService", "nsservice_element":{"protocol_number": 3, "resource_type": "IPProtocolNSService"} } # IGMP type NSService { "display_name":"testNSService", "nsservice_element":{"resource_type": "IGMPTypeNSService"} } # ICMP type NSService { "display_name":"testNSService", "nsservice_element":{"protocol": "ICMPv4", "icmp_code": 3, "icmp_type": 0, "resource_type": "ICMPTypeNSService"} } # ALG type NSService { "display_name":"testNSService", "nsservice_element":{"alg": "FTP", "destination_ports": [ "21" ], "resource_type": "ALGTypeNSService"} } # L4PortSet NSService { "display_name":"testNSService", "nsservice_element":{"l4_protocol": "TCP", "source_ports": [ "31-34" ], "destination_ports": [ "81-88", "96" ], "resource_type": "L4PortSetNSService"} } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
NSService+

Example Response: # Ether type NSService { "id": "8c669da6-47a4-4508-9077-6a48d26c5a4b", "display_name": "testNSService", "resource_type": "NSService", "nsservice_element": { "resource_type": "EtherTypeNSService", "ether_type": 5463 }, "_last_modified_user": "a;a", "_last_modified_time": 1439882177929, "_create_time": 1439882177929, "_system_owned": false, "_create_user": "a;a", "_revision": 0 } # IPProtocol NSService { "id": "c4e164f8-914d-49ad-a7ff-8af6f5d7cbcb", "display_name": "testNSService", "resource_type": "NSService", "nsservice_element": { "resource_type": "IPProtocolNSService", "protocol_number": 3 }, "_last_modified_user": "a;a", "_last_modified_time": 1439883547301, "_create_time": 1439883547301, "_system_owned": false, "_create_user": "a;a", "_revision": 0 } # IGMP type NSService { "id": "11d98458-c901-4e28-8393-81f8d84d3271", "display_name": "testNSService", "resource_type": "NSService", "nsservice_element": { "resource_type": "IGMPTypeNSService" }, "_last_modified_user": "a;a", "_last_modified_time": 1439883753153, "_create_time": 1439883753153, "_system_owned": false, "_create_user": "a;a", "_revision": 0 } # ICMP type NSService { "id": "7cebfa0f-8021-417c-b087-f5eff9c69202", "display_name": "testNSService", "resource_type": "NSService", "nsservice_element": { "resource_type": "ICMPTypeNSService", "protocol": "ICMPv4", "icmp_code": 3, "icmp_type": 0 }, "_last_modified_user": "a;a", "_last_modified_time": 1439886066914, "_create_time": 1439886066914, "_system_owned": false, "_create_user": "a;a", "_revision": 0 } # ALG type NSService { "id": "7e69a479-7c8e-4c4e-995c-95b6c7bbd701", "display_name": "testNSService", "resource_type": "NSService", "nsservice_element": { "resource_type": "ALGTypeNSService", "alg": "FTP", "destination_ports": [ "21" ] }, "_last_modified_user": "a;a", "_last_modified_time": 1439886283296, "_create_time": 1439886283296, "_system_owned": false, "_create_user": "a;a", "_revision": 0 } # L4PortSet NSService { "id": "ea66a379-f007-4488-b9be-cbdd380e1e07", "display_name": "testNSService", "resource_type": "NSService", "nsservice_element": { "resource_type": "L4PortSetNSService", "destination_ports": [ "81-88", "96" ], "source_ports": [ "31-34" ], "l4_protocol": "TCP" }, "_last_modified_user": "a;a", "_last_modified_time": 1439886580319, "_create_time": 1439886580319, "_system_owned": false, "_create_user": "a;a", "_revision": 0 } Required Permissions: crud Feature: services_services Additional Errors:

List all NSServices

Returns paginated list of NSServices
Request:
Method:
GET
URI Path:
/api/v1/ns-services
Request Headers:
n/a
Query Parameters:
NSServiceListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ns-services Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSServiceListResult+

Example Response: { "cursor": "0036a88532ec-5cfe-457a-9ca0-24673372d387iSQLPlus 10g (5580)", "sort_ascending": true, "sort_by": "displayName", "result_count": 364, "results": [ { "resource_type": "NSService", "description": "AD Server", "id": "ed5d47fc-3d90-461d-bc78-9be38cf2d1b9", "display_name": "AD Server", "default_service": true, "nsservice_element": { "resource_type": "L4PortSetNSService", "destination_ports": [ "1024" ], "l4_protocol": "TCP" }, "_create_time": 1455764626691, "_last_modified_user": "system", "_system_owned": true, "_last_modified_time": 1455764626691, "_create_user": "system", "_revision": 0 } ...[output truncated for brevity] Required Permissions: read Feature: services_services Additional Errors:

Delete NSService

Deletes the specified NSService. By default, if the NSService is being
referred in an NSServiceGroup, it can't be deleted. In such situations,
pass "force=true" as a parameter to force delete the NSService. System
defined NSServices can't be deleted using "force" flag.
Request:
Method:
DELETE
URI Path:
/api/v1/ns-services/<ns-service-id>
Request Headers:
n/a
Query Parameters:
NSServiceDeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/ns-services/183e372b-854c-4fcc-a24e-05721ce89a60 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: services_services Additional Errors:

Update NSService

Updates the specified NSService. Modifiable parameters include the description,
display_name and the NSService element. The system defined NSServices can't be
modified
Request:
Method:
PUT
URI Path:
/api/v1/ns-services/<ns-service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NSService+

Example Request: PUT https://<nsx-mgr>/api/v1/ns-services/12dd0d9d-fac3-457e-ba91-8121aa67e3dd { "resource_type": "NSService", "display_name": "test", "nsservice_element": { "resource_type": "EtherTypeNSService", "ether_type": 33011 }, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSService+

Example Response: { "resource_type": "NSService", "id": "1353063b-f5e1-42fa-88c3-16fe89d55361", "display_name": "test", "default_service": false, "nsservice_element": { "resource_type": "EtherTypeNSService", "ether_type": 33011 }, "_create_user": "admin", "_create_time": 1520406838970, "_last_modified_user": "admin", "_last_modified_time": 1520406866064, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: services_services Additional Errors:

Read NSService

Returns information about the specified NSService
Request:
Method:
GET
URI Path:
/api/v1/ns-services/<ns-service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ns-services/183e372b-854c-4fcc-a24e-05721ce89a60 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NSService+

Example Response: { "id": "8c669da6-47a4-4508-9077-6a48d26c5a4b", "display_name": "testNSService", "resource_type": "NSService", "nsservice_element": { "resource_type": "EtherTypeNSService", "ether_type": 5463 }, "_last_modified_user": "a;a", "_last_modified_time": 1439882177929, "_create_time": 1439882177929, "_system_owned": false, "_create_user": "a;a", "_revision": 0 } Required Permissions: read Feature: services_services Additional Errors:

Management Plane API: Identity Firewall

Management Plane API: Identity Firewall: Configuration

Associated URIs:

List all Identity firewall compute collections

List all Identity firewall compute collections.
Request:
Method:
GET
URI Path:
/api/v1/idfw/idfw-compute-collections
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/idfw/idfw-compute-collections Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwEnabledComputeCollectionListResult+

Example Response: { "result_count": 2, "results": [ { "compute_collection_id": "7a9dff19-9f35-4dd5-8a7f-1763c76527fe:domain-c8", "enabled": true, "_protection": "NOT_PROTECTED", "_revision": 1 }, { "compute_collection_id": "2e7ee6c6-eb69-40c2-9690-46263c33d73e:domain-c8", "enabled": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: identity_firewall Additional Errors:

Update IDFW compute collection

Enable/disable individual compute collections for IDFW.
Request:
Method:
PUT
URI Path:
/api/v1/idfw/idfw-compute-collections/<cc-ext-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IdfwEnabledComputeCollection+

Example Request: PUT https://<nsx-mgr>/api/v1/idfw/idfw-compute-collections/840927af-a0e1-4342-b4b3-2491f38e157d:domain-c8 { "_revision" : 0, "compute_collection_id" : "840927af-a0e1-4342-b4b3-2491f38e157d:domain-c8", "enabled" : true, "_create_time": 1537790838188, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_last_modified_time": 1537790838188, "_create_user": "admin" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwEnabledComputeCollection+

Example Response: { "_revision" : 1, "compute_collection_id" : "840927af-a0e1-4342-b4b3-2491f38e157d:domain-c8", "enabled" : true "_create_time": 1537790838188, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_last_modified_time": 1537790838188, "_create_user": "admin" } Required Permissions: crud Feature: identity_firewall Additional Errors:

Get IDFW compute collection.

Get enable/disable status of individual compute collections for IDFW.
Request:
Method:
GET
URI Path:
/api/v1/idfw/idfw-compute-collections/<cc-ext-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/idfw/idfw-compute-collections/840927af-a0e1-4342-b4b3-2491f38e157d:domain-c8 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwEnabledComputeCollection+

Example Response: { "_revision" : 1, "compute_collection_id" : "840927af-a0e1-4342-b4b3-2491f38e157d:domain-c8", "compute_collection_name" : "cluster-1", "enabled" : true, "_create_time": 1537790838188, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_last_modified_time": 1537790838188, "_create_user": "admin" } Required Permissions: crud Feature: identity_firewall Additional Errors:

Update IDFW master switch setting enabled/disabled

Update Identity Firewall master switch setting (true=enabled / false=disabled).
Identity Firewall master switch setting enables or disables Identity Firewall
feature across the system. It affects compute collections, hypervisor and
virtual machines. This operation is expensive and also has big impact and
implication on system perforamce.
Request:
Method:
PUT
URI Path:
/api/v1/idfw/master-switch-setting
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IdfwMasterSwitchSetting+

Example Request: PUT https://<nsx-mgr>/api/v1/idfw/master-switch-setting { "idfw_master_switch_enabled" : false } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwMasterSwitchSetting+

Example Response: { "idfw_master_switch_enabled" : false } Required Permissions: crud Feature: identity_firewall Additional Errors:

Get Identity Firewall master switch enabled/disabled

Fetches IDFW master switch setting to check whether master switch is enabled
or disabled
Request:
Method:
GET
URI Path:
/api/v1/idfw/master-switch-setting
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/idfw/master-switch-setting Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwMasterSwitchSetting+

Example Response: { "idfw_master_switch_enabled" : false } Required Permissions: read Feature: identity_firewall Additional Errors:

Update IDFW master switch setting enabled/disabled

Update Identity Firewall standalone hosts switch setting
(true=enabled / false=disabled).
Request:
Method:
PUT
URI Path:
/api/v1/idfw/standalone-host-switch-setting
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IdfwStandaloneHostsSwitchSetting+

Example Request: PUT https://<nsx-mgr>/api/v1/idfw/standalone-host-switch-setting { "_revision" : 0, "standalone_hosts_enabled" : false, "_create_time": 1537790838188, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_last_modified_time": 1537790838188, "_create_user": "admin" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwStandaloneHostsSwitchSetting+

Example Response: { "_revision" : 0, "standalone_hosts_enabled" : false, "_create_time": 1537790838188, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_last_modified_time": 1537790838188, "_create_user": "admin" } Required Permissions: crud Feature: identity_firewall Additional Errors:

Get Standalone hosts switch enabled/disabled

Fetches IDFW standalone hosts switch setting to check whether standalone
hosts is enabled or disabled
Request:
Method:
GET
URI Path:
/api/v1/idfw/standalone-host-switch-setting
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/idfw/standalone-host-switch-setting Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwStandaloneHostsSwitchSetting+

Example Response: { "_revision" : 0, "standalone_hosts_enabled" : false, "_create_time": 1537790838188, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_last_modified_time": 1537790838188, "_create_user": "admin" } Required Permissions: read Feature: identity_firewall Additional Errors:

Management Plane API: Identity Firewall: Monitoring

Associated URIs:

List all transport node and statuses based on idfw enabled ComputeCollection ID.

Retrieve all the transport node and status by idfw enabled
ComputeCollection ID in the request.
Request:
Method:
GET
URI Path:
/api/v1/idfw/compute-collections/<cc-ext-id>/transport-nodes/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/idfw/compute-collections/581574eb-b2b4-4ba1-9973-0f6c60d48bdd:domain:c8/transport-nodes/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwTransportNodeStatusListResult+

Example Response: { "results":[ { "transport_node_id":"345df56h-55e7-a4f7-81bf-673a2af1dfg", "transport_node_status":[ { "status":"UP" }, { "status":"IDFW_DISABLED" } ] }, { "transport_node_id":"234df56h-55e7-a4f7-81bf-673a2af5kso", "transport_node_status":[ { "status":"DOWN" }, { "status":"IDFW_DISABLED" } ] } ] } Required Permissions: read Feature: identity_firewall Additional Errors:

Get list of compute collections and status.

Retrieve the compute collection status by ID.
Request:
Method:
GET
URI Path:
/api/v1/idfw/compute-collections/<compute-collection-ext-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/idfw/compute-collections/ 581574eb-b2b4-4ba1-9973-0f6c60d48bdd:domain-c8/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwComputeCollectionStatus+

Example Response: { "compute_collection_id":"581574eb-b2b4-4ba1-9973-0f6c60d48bdd:domain-c8", "compute_collection_status":[ { "status":"UP" }, { "status":"IDFW_ENABLED" } ] } Required Permissions: read Feature: identity_firewall Additional Errors:

List all IDFW enabled ComputeCollection statuses.

Retrieve all the Compute collection status.
Request:
Method:
GET
URI Path:
/api/v1/idfw/compute-collections/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/idfw/compute-collections/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwComputeCollectionListResult+

Example Response: { "results":[ { "compute_collection_id":"23fdr4eb-b2b4-4ba1-9973-0f6c60d75hsn :domain:c3", "compute_collection_status":[ { "status":"UP" }, { "status":"IDFW_DISABLED" } ] }, { "compute_collection_id":"98fje4eb-b2b4-4ba1-9973-0f6c60d75nlj :domain:c4", "compute_collection_status":[ { "status_detail":"Compute Collection is unstable", "status":"DOWN" }, { "status":"IDFW_DISABLED" } ] } ] } Required Permissions: read Feature: identity_firewall Additional Errors:

List all VM and statuses based on transport node ID of idfw enabled compute collection.

Retrieve all the VM and status by transport node ID of idfw enabled compute
collection in the request.
Request:
Method:
GET
URI Path:
/api/v1/idfw/transport-nodes/<transport-node-id>/vms/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/idfw/transport-nodes/581574eb-b2b4-4ba1-9973-0f6c60d48bdd/vms/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwVirtualMachineStatusListResult+

Example Response: { "results":[ { "vm_id":"420e72c9-55e7-a4f7-81bf-673a2af1a6cf", "vm_status":[ { "status":"UP" }, { "status":"IDFW_DISABLED" } ] }, { "vm_id":"344e72c9-55e7-a4f7-81bf-673a2af1adee", "vm_status":[ { "status":"IDFW_NOT_SUPPORTED" } ] } ] } Required Permissions: read Feature: identity_firewall Additional Errors:

Management Plane API: Identity Firewall: Realization Data

Associated URIs:

Get all IDFW NSGroup VM details for a given NSGroup

Get all Identity Firewall NSGroup VM details for a given NSGroup. Request:
Method:
GET
URI Path:
/api/v1/idfw/nsgroup-vm-details/<group-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/idfw/nsgroup-vm-details/01570794-4fbc-4ccf-baa3-903a22ac5fbb Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwNsgroupVmDetailListResult+

Example Response: { "ns_group_id": "01570794-4fbc-4ccf-baa3-903a22ac5fbb", "results": [ { "vm_ext_id": "52e289c8-ec57-36cc-e2c8-357e781694e7", "user_sessions": [ { "id": "fbd74e98-ab41-4a5a-8071-cd93847b26a6", "domain_name": "JARVISAD", "user_name": "200x50-User-0001", "user_id": "76822fdd-eae8-47c6-b216-b8d7af50d82f", "vm_ext_id": "52e289c8-ec57-36cc-e2c8-357e781694e7", "user_session_id": 1, "login_time": 1549058320362, "logout_time": 0 } ] } ], "result_count": 1 } Required Permissions: read Feature: identity_firewall Additional Errors:

Get IDFW system statistics data

Get IDFW system statistics data. Request:
Method:
GET
URI Path:
/api/v1/idfw/system-stats
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/idfw/system-stats Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwSystemStats+

Example Response: { "num_user_sessions": 2, "num_concurrent_users": 1 } Required Permissions: read Feature: identity_firewall Additional Errors:

Get user session data

Get user session data. Request:
Method:
GET
URI Path:
/api/v1/idfw/user-session-data
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/idfw/user-session-data Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwUserSessionDataAndMappings+

Example Response: { "active_user_sessions": { "result_count": 1, "results": [ { "domain_name": "nimbustest.com", "vm_ext_id": "a6bc2d10-e98c-4a0c-a2e7-936eaec657e0", "user_id": { "is_valid": true, "target_type": "DirectoryUser", "target_id": "bee4cf12-9cb8-4b24-8604-a088d12efe0d" }, "user_name": "test6", "login_time": 1539209859091, "logout_time": 0, "user_session_id": 2 } ] }, "dir_group_to_user_session_data_mappings": { "result_count": 1, "results": [ { "user_session_data_id": { "is_valid": true, "target_type": "UserSessionData", "target_id": "89625058-f33e-41df-8b66-d937dc9f4666" }, "dir_group_id": { "is_valid": true, "target_type": "DirectoryGroup", "target_id": "cb97bcf9-1d16-468f-9bdc-14b90f87b00c" } } ] }, "archived_user_sessions": { "result_count": 1, "results": [ { "domain_name": "nimbustest.com", "vm_ext_id": "a6bc2d10-e98c-4a0c-a2e7-936eaec657e0", "user_id": { "is_valid": true, "target_type": "DirectoryUser", "target_id": "bee4cf12-9cb8-4b24-8604-a088d12efe0d" }, "user_name": "test6", "login_time": 1539209850318, "logout_time": 1539209852692, "user_session_id": 1 } ] } } Required Permissions: read Feature: identity_firewall Additional Errors:

Get IDFW user login events for a given user

Get IDFW user login events for a given user (all active plus up to 5 most
recent archived entries).
Request:
Method:
GET
URI Path:
/api/v1/idfw/user-stats/<user-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/idfw/user-stats/bee4cf12-9cb8-4b24-8604-a088d12efe0d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwUserStats+

Example Response: { "active_sessions": [ { "domain_name": "nimbustest.com", "vm_ext_id": "a6bc2d10-e98c-4a0c-a2e7-936eaec657e0", "user_id": { "is_valid": true, "target_type": "DirectoryUser", "target_id": "bee4cf12-9cb8-4b24-8604-a088d12efe0d" }, "user_name": "test6", "login_time": 1539209859091, "logout_time": 0, "user_session_id": 2 } ], "user": { "is_valid": true, "target_type": "DirectoryUser", "target_id": "bee4cf12-9cb8-4b24-8604-a088d12efe0d" }, "archived_sessions": [ { "domain_name": "nimbustest.com", "vm_ext_id": "a6bc2d10-e98c-4a0c-a2e7-936eaec657e0", "user_id": { "is_valid": true, "target_type": "DirectoryUser", "target_id": "bee4cf12-9cb8-4b24-8604-a088d12efe0d" }, "user_name": "test6", "login_time": 1539209850318, "logout_time": 1539209852692, "user_session_id": 1 } ] } Required Permissions: read Feature: identity_firewall Additional Errors:

Get IDFW user login events for a given VM

Get IDFW user login events for a given VM (all active plus up to 5 most
recent archived entries).
Request:
Method:
GET
URI Path:
/api/v1/idfw/vm-stats/<vm-ext-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/idfw/vm-stats/a6bc2d10-e98c-4a0c-a2e7-936eaec657e0 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwVmStats+

Example Response: { "vm_ext_id": "a6bc2d10-e98c-4a0c-a2e7-936eaec657e0", "active_sessions": [ { "domain_name": "nimbustest.com", "vm_ext_id": "a6bc2d10-e98c-4a0c-a2e7-936eaec657e0", "user_id": { "is_valid": true, "target_type": "DirectoryUser", "target_id": "bee4cf12-9cb8-4b24-8604-a088d12efe0d" }, "user_name": "test6", "login_time": 1539209859091, "logout_time": 0, "user_session_id": 2 } ], "archived_sessions": [ { "domain_name": "nimbustest.com", "vm_ext_id": "a6bc2d10-e98c-4a0c-a2e7-936eaec657e0", "user_id": { "is_valid": true, "target_type": "DirectoryUser", "target_id": "bee4cf12-9cb8-4b24-8604-a088d12efe0d" }, "user_name": "test6", "login_time": 1539209850318, "logout_time": 1539209852692, "user_session_id": 1 } ] } Required Permissions: read Feature: identity_firewall Additional Errors:

Management Plane API: Licensing

Associated URIs:

Accept end user license agreement

Accept end user license agreement
Request:
Method:
POST
URI Path:
/api/v1/eula/accept
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: execute Feature: system_eula Additional Errors:

Return the acceptance status of end user license agreement

Return the acceptance status of end user license agreement
Request:
Method:
GET
URI Path:
/api/v1/eula/acceptance
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/eula/acceptance Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EULAAcceptance+

Example Response: { "acceptance": false } Required Permissions: read Feature: system_eula Additional Errors:

Return the content of end user license agreement

Return the content of end user license agreement in the specified format.
By default, it's pure string without line break
Request:
Method:
GET
URI Path:
/api/v1/eula/content
Request Headers:
n/a
Query Parameters:
EULAOutputFormatRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/eula/content?value_format=html Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EULAContent+

Example Response: { "content": "End User License Agreement
" } Required Permissions: read Feature: system_eula Additional Errors:

Deprecated. Return the Enterprise License (Deprecated)

Deprecated. Use the GET /licenses API instead.
Request:
Method:
GET
URI Path:
/api/v1/license
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/license Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
License+

Example Response: { "capacity_type": "VM", "is_expired": false, "quantity": 5, "is_eval": false, "description": "NSX for vSphere - Enterprise", "expiry": 0, "license_key": "00000-00000-00000-00000-00000" } Required Permissions: read Feature: system_configuration_license Additional Errors:

Deprecated. Assign an Updated Enterprise License Key (Deprecated)

Deprecated. Use the POST /licenses API instead
Request:
Method:
PUT
URI Path:
/api/v1/license
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
License+

Example Request: PUT https://<nsx-mgr>/api/v1/license { "license_key": "00000-00000-00000-00000-00000" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
License+

Example Response: { "capacity_type": "CPU", "is_expired": false, "quantity": 4, "is_eval": false, "description": "NSX for vSphere - Standard", "expiry": 0, "license_key": "00000-00000-00000-00000-00000" } Required Permissions: crud Feature: system_configuration_license Additional Errors:

Get all licenses

Returns all licenses.
Request:
Method:
GET
URI Path:
/api/v1/licenses
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/licenses Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LicensesListResult+

Example Response: { "result_count": 2, "results": [ { "capacity_type": "VM", "is_expired": false, "quantity": 5, "is_eval": false, "description": "NSX for vSphere - Enterprise", "expiry": 0, "license_key": "00000-00000-00000-00000-00000" }, { "capacity_type": "CPU", "is_expired": false, "quantity": 4, "is_eval": false, "description": "NSX for vSphere - Standard", "expiry": 0, "license_key": "00000-00000-00000-00000-00000" } ] } Required Permissions: read Feature: system_configuration_license Additional Errors:

Add a new license key

This will add a license key to the system.
The API supports adding only one license key for each license edition
type - Standard, Advanced or Enterprise. If a new license key is tried
to add for an edition for which the license key already exists,
then this API will return an error.
Request:
Method:
POST
URI Path:
/api/v1/licenses
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
License+

Example Request: POST https://<nsx-mgr>/api/v1/licenses { "license_key": "11111-22222-33333-44444-55555" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
License+

Example Response: { "capacity_type": "VM" "quantity": 1, "is_eval": false, "description" : "NSX for vSphere - Standard" "expiry": 1458688231359, "license_key": "11111-22222-33333-44444-55555" } Required Permissions: crud Feature: system_configuration_license Additional Errors:

Deprecated. Remove a license identified by the license-key (Deprecated)

Deprecated. Use POST /licenses?action=delete API instead.
Request:
Method:
DELETE
URI Path:
/api/v1/licenses/<license-key>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/licenses/11111-22222-33333-44444-55555 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_configuration_license Additional Errors:

Deprecated. Get license properties for license identified by the license-key (Deprecated)

Deprecated. Use GET /licenses API instead. Request:
Method:
GET
URI Path:
/api/v1/licenses/<license-key>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/licenses/11111-22222-33333-44444-55555 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
License+

Example Response: { "capacity_type": "VM", "is_expired": false, "quantity": 5, "is_eval": false, "description": "NSX for vSphere - Enterprise", "expiry": 0, "license_key": "11111-22222-33333-44444-55555" } Required Permissions: read Feature: system_configuration_license Additional Errors:

Get usage report of all registered modules

Returns usage report of all registered modules
Request:
Method:
GET
URI Path:
/api/v1/licenses/licenses-usage
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/licenses/licenses-usage Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FeatureUsageList+

Example Response: { "feature_usage_info": [{ "capacity_usage": [{ "capacity_type": "VM", "usage_count": 10 }, { "capacity_type": "CPU", "usage_count": 10 }], "feature": "VxLAN" }, { "capacity_usage": [{ "capacity_type": "VM", "usage_count": 10 }, { "capacity_type": "CPU", "usage_count": 10 }], "feature": "DFW" }] } Required Permissions: read Feature: system_configuration_license Additional Errors:

Get usage report of all registred modules in CSV format

Returns usage report of all registered modules in CSV format
Request:
Method:
GET
URI Path:
/api/v1/licenses/licenses-usage?format=csv
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/licenses/licenses-usage?format=csv Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
FeatureUsageListInCsvFormat+

Example Response: feature,vm_usage_count,cpu_usage_count DFW,10,8 VXLAN,10,10 Required Permissions: read Feature: system_configuration_license Additional Errors:

Remove a license

This will delete the license key identified in the request body
by "license_key" and its properties from the system.
Attempting to delete the last license key will result in an error.
Request:
Method:
POST
URI Path:
/api/v1/licenses?action=delete
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
License+

Example Request: POST https://<nsx-mgr>/api/v1/licenses?action=delete { "license_key": "11111-22222-33333-44444-55555" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_configuration_license Additional Errors:

Management Plane API: Logical Routing And Services

Management Plane API: Logical Routing And Services: BFD Peers

Associated URIs:

List static routes BFD Peers

Returns information about all BFD peers created on specified logical router for static routes.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/static-routes/bfd-peers
Request Headers:
n/a
Query Parameters:
StaticHopBfdPeerListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/f962173f-ac03-4d08-8366-56a41779f61d/routing/static-routes/bfd-peers Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StaticHopBfdPeerListResult+

Example Response: { "result_count": 1, "results": [ { "id": "ab6e173e-ac03-5d09-8888-46a41779f633" "peer_ip_address": "10.10.10.10", "enabled": true, "bfd_config": { "receive_interval": 1000, "transmit_interval": 1000, "declare_dead_multiple": 3 }, "_revision": 1 } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Create a static hop BFD peer

Creates a BFD peer for static route. The required parameters includes peer IP address.
Request:
Method:
POST
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/static-routes/bfd-peers
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
StaticHopBfdPeer+

Example Request: POST https://<nsx-mgr>/api/v1/logical-routers/f962173f-ac03-4d08-8366-56a41779f61d/routing/static-routes/bfd-peers { "peer_ip_address": "10.10.10.10", "enabled": true, "bfd_config": { "receive_interval": 1000, "transmit_interval": 1000, "declare_dead_multiple": 3 } } Successful Response:
Response Code:
201 Created
Response Headers:
Location
Content-type: application/json
Response Body:
StaticHopBfdPeer+

Example Response: { "id": "ab6e173e-ac03-5d09-8888-46a41779f633", "peer_ip_address": "10.10.10.10", "enabled": true, "bfd_config": { "receive_interval": 1000, "transmit_interval": 1000, "declare_dead_multiple": 3 }, "_create_time": 1460092633898, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1460092633898, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: routing_routers Additional Errors:

Read a static route BFD peer

Read the BFD peer having specified ID.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/static-routes/bfd-peers/<bfd-peer-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/f962173f-ac03-4d08-8366-56a41779f61d/routing/static-routes/bfd-peers/723c1e3e-c82c-4243-bba0-2e1ef4815143 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StaticHopBfdPeer+

Example Response: { "id": "ab6e173e-ac03-5d09-8888-46a41779f633", "peer_ip_address": "10.10.10.10", "enabled": true, "bfd_config": { "receive_interval": 1000, "transmit_interval": 1000, "declare_dead_multiple": 3 }, "_revision": 0 } Required Permissions: read Feature: routing_routers Additional Errors:

Update a static route BFD peer

Modifies the static route BFD peer.
Modifiable parameters includes peer IP, enable flag and configuration of the BFD peer.
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/static-routes/bfd-peers/<bfd-peer-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
StaticHopBfdPeer+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/f962173f-ac03-4d08-8366-56a41779f61d/routing/static-routes/bfd-peers/723c1e3e-c82c-4243-bba0-2e1ef4815143 { "id": "ab6e173e-ac03-5d09-8888-46a41779f633", "peer_ip_address": "10.10.10.10", "enabled": true, "bfd_config": { "receive_interval": 1000, "transmit_interval": 1000, "declare_dead_multiple": 3 } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StaticHopBfdPeer+

Example Response: { "id": "ab6e173e-ac03-5d09-8888-46a41779f633", "peer_ip_address": "10.10.10.10", "enabled": true, "bfd_config": { "receive_interval": 1000, "transmit_interval": 1000, "declare_dead_multiple": 3 }, "_revision": 43 } Required Permissions: crud Feature: routing_routers Additional Errors:

Delete a specified static route BFD peer cofigured on a specified logical router

Deletes the specified BFD peer present on specified logical router.
Request:
Method:
DELETE
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/static-routes/bfd-peers/<bfd-peer-id>
Request Headers:
n/a
Query Parameters:
StaticHopBfdPeerDeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/logical-routers/f962173f-ac03-4d08-8366-56a41779f61d/routing/static-rooutes/bfd-peers/ab6e173e-ac03-5d09-8888-46a41779f633 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: routing_routers Additional Errors:

Management Plane API: Logical Routing And Services: DHCP Relay

Associated URIs:

Create a DHCP Relay Service

Creates a dhcp relay service.
Request:
Method:
POST
URI Path:
/api/v1/dhcp/relays
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DhcpRelayService+

Example Request: POST https://<nsx-mgr>/api/v1/dhcp/relays { "dhcp_relay_profile_id": "bbfa30e4-87b6-41b8-8da5-771055967da1" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
DhcpRelayService+

Example Response: { "resource_type" : "DhcpRelayService", "_revision": 0, "id": "fac2f67e-a860-4a9f-842b-a3cb6e34bb73", "dhcp_relay_profile_id": "bbfa30e4-87b6-41b8-8da5-771055967da1", "_last_modified_user": "admin", "_last_modified_time": 1414704710165, "_create_time": 1414704710165, "_create_user": "admin" } Required Permissions: crud Feature: dhcp_relay_services Additional Errors:

List all DHCP Relay Services

Returns information about all configured dhcp relay services.
Request:
Method:
GET
URI Path:
/api/v1/dhcp/relays
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/dhcp/relays Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpRelayServiceListResult+

Example Response: { "result_count": 1, "results": [ { "resource_type" : "DhcpRelayService", "_revision": 0, "id": "fac2f67e-a860-4a9f-842b-a3cb6e34bb73", "dhcp_relay_profile_id": "bbfa30e4-87b6-41b8-8da5-771055967da1", "_last_modified_user": "admin", "_last_modified_time": 1414704710165, "_create_time": 1414704710165, "_create_user": "admin" } ] } Required Permissions: read Feature: dhcp_relay_services Additional Errors:

Update a DHCP Relay Service

Modifies the specified dhcp relay service.
Request:
Method:
PUT
URI Path:
/api/v1/dhcp/relays/<relay-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DhcpRelayService+

Example Request: PUT https://<nsx-mgr>/api/v1/dhcp/relays/fac2f67e-a860-4a9f-842b-a3cb6e34bb73 { "_revision": 1, "dhcp_relay_profile_id": "bbfa30e4-87b6-41b8-8da5-771055967da1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpRelayService+

Example Response: { "resource_type" : "DhcpRelayService", "_revision": 2, "id": "fac2f67e-a860-4a9f-842b-a3cb6e34bb73", "dhcp_relay_profile_id": "bbfa30e4-87b6-41b8-8da5-771055967da1", "_last_modified_user": "admin", "_last_modified_time": 1414705228041, "_create_time": 1414704710165, "_create_user": "admin" } Required Permissions: crud Feature: dhcp_relay_services Additional Errors:

Read a DHCP Relay Service

Returns the dhcp relay service information. Request:
Method:
GET
URI Path:
/api/v1/dhcp/relays/<relay-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/dhcp/relays/bbfa30e4-87b6-41b8-8da5-771055967da1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpRelayService+

Example Response: { "resource_type" : "DhcpRelayService", "_revision": 0, "id": "fac2f67e-a860-4a9f-842b-a3cb6e34bb73", "dhcp_relay_profile_id": "bbfa30e4-87b6-41b8-8da5-771055967da1", "_last_modified_user": "admin", "_last_modified_time": 1414704710165, "_create_time": 1414704710165, "_create_user": "admin" } Required Permissions: read Feature: dhcp_relay_services Additional Errors:

Delete a DHCP Relay Service

Deletes the specified dhcp relay service. Request:
Method:
DELETE
URI Path:
/api/v1/dhcp/relays/<relay-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/dhcp/relays/fac2f67e-a860-4a9f-842b-a3cb6e34bb73 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: dhcp_relay_services Additional Errors:

Management Plane API: Logical Routing And Services: DHCP Relay Profiles

Associated URIs:

List All DHCP Relay Profiles

Returns information about all dhcp relay profiles.
Request:
Method:
GET
URI Path:
/api/v1/dhcp/relay-profiles
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/dhcp/relay-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpRelayProfileListResult+

Example Response: { "result_count": 1, "results": [ { "resource_type": "DhcpRelayProfile", "_revision": 0, "id": "bbfa30e4-87b6-41b8-8da5-771055967da1", "display_name": "dhcp-relay-external-servers", "server_addresses": [ "10.1.1.1", "10.2.2.2", "10.3.3.3", "10.4.4.4" ], "_last_modified_user": "admin", "_last_modified_time": 1414623610509, "_create_time": 1414623610509, "_create_user": "admin" } ] } Required Permissions: read Feature: dhcp_relay_profile Additional Errors:

Create a DHCP Relay Profile

Creates a dhcp relay profile.
Request:
Method:
POST
URI Path:
/api/v1/dhcp/relay-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DhcpRelayProfile+

Example Request: POST https://<nsx-mgr>/api/v1/dhcp/relay-profiles { "server_addresses" : [ "10.1.1.1", "10.2.2.2", "10.3.3.3", "10.4.4.4" ], "display_name" : "dhcp-relay-external-servers", } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
DhcpRelayProfile+

Example Response: { "resource_type": "DhcpRelayProfile", "_revision": 0, "id": "bbfa30e4-87b6-41b8-8da5-771055967da1", "display_name": "dhcp-relay-external-servers", "server_addresses": [ "10.1.1.1", "10.2.2.2", "10.3.3.3", "10.4.4.4" ], "_last_modified_user": "admin", "_last_modified_time": 1414623610509, "_create_time": 1414623610509, "_create_user": "admin" } Required Permissions: crud Feature: dhcp_relay_profile Additional Errors:

Update a DHCP Relay Profile

Modifies the specified dhcp relay profile.
Request:
Method:
PUT
URI Path:
/api/v1/dhcp/relay-profiles/<relay-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DhcpRelayProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/dhcp/relay-profiles/bbfa30e4-87b6-41b8-8da5-771055967da1 { "_revision": 1, "display_name": "dhcp-relay-servers", "server_addresses": [ "10.10.1.1", "10.20.2.2", "10.30.3.3", "10.40.4.4" ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpRelayProfile+

Example Response: { "resource_type": "DhcpRelayProfile", "_revision": 2, "id": "bbfa30e4-87b6-41b8-8da5-771055967da1", "display_name": "dhcp-relay-servers", "server_addresses": [ "10.10.1.1", "10.20.2.2", "10.30.3.3", "10.40.4.4" ], "_last_modified_user": "admin", "_last_modified_time": 1414624153541, "_create_time": 1414623610509, "_create_user": "admin" } Required Permissions: crud Feature: dhcp_relay_profile Additional Errors:

Read a DHCP Relay Profile

Returns information about the specified dhcp relay profile. Request:
Method:
GET
URI Path:
/api/v1/dhcp/relay-profiles/<relay-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/dhcp/relay-profiles/bbfa30e4-87b6-41b8-8da5-771055967da1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpRelayProfile+

Example Response: { "resource_type": "DhcpRelayProfile", "_revision": 0, "id": "bbfa30e4-87b6-41b8-8da5-771055967da1", "display_name": "dhcp-relay-external-servers", "server_addresses": [ "10.1.1.1", "10.2.2.2", "10.3.3.3", "10.4.4.4" ], "_last_modified_user": "admin", "_last_modified_time": 1414623610509, "_create_time": 1414623610509, "_create_user": "admin" } Required Permissions: read Feature: dhcp_relay_profile Additional Errors:

Delete a DHCP Relay Profile

Deletes the specified dhcp relay profile. Request:
Method:
DELETE
URI Path:
/api/v1/dhcp/relay-profiles/<relay-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/dhcp/relay-profiles/bbfa30e4-87b6-41b8-8da5-771055967da1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: dhcp_relay_profile Additional Errors:

Management Plane API: Logical Routing And Services: Logical Router Ports

Associated URIs:

List Logical Router Ports

Returns information about all logical router ports. Information includes the
resource_type (LogicalRouterUpLinkPort, LogicalRouterDownLinkPort,
LogicalRouterLinkPort, LogicalRouterLoopbackPort, LogicalRouterCentralizedServicePort);
logical_router_id (the router to which each logical router port is assigned);
and any service_bindings (such as DHCP relay service).
The GET request can include a query parameter (logical_router_id
or logical_switch_id).
Request:
Method:
GET
URI Path:
/api/v1/logical-router-ports
Request Headers:
n/a
Query Parameters:
LogicalRouterPortsListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-router-ports?logical_router_id=723c1e3e-c82c-4243-bba0-2e1ef4815143 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouterPortListResult+

Example Response: { "cursor": "003681096324-23ba-408e-ae24-294a7ba07f60web-tier router", "result_count": 2, "results": [ { "resource_type": "LogicalRouterLinkPort", "_revision": 0, "id": "770ffb50-44f7-4d8c-a359-de0af1088932", "service_bindings": [ { "service_id": "dc5804f7-fdd9-4ef6-b5f8-80b1494ca183", "resource_type": "DhcpRelayService" } ] "logical_router_id": "b676dec7-5d78-4492-9b16-cb7cdcf65328", "_last_modified_user": "admin", "_last_modified_time": 1415746635953, "_create_time": 1415746635953, "_create_user": "admin" "resource_type": "LogicalRouterDownLinkPort", "id": "87db83ed-9a73-436b-91f1-a2a793ffaa31", "display_name": "app-tier router", "logical_router_id": "723c1e3e-c82c-4243-bba0-2e1ef4815143", "mac_address": "02:50:56:56:44:52", "linked_logical_switch_port_id": { "target_display_name": "5a3f8696-e7ed-4e01-9fa6-eba1db8d7371", "is_valid": true, "target_type": "LogicalPort", "target_id": "5a3f8696-e7ed-4e01-9fa6-eba1db8d7371" }, "subnets": [ { "ip_addresses": [ "172.16.20.1" ], "prefix_length": 24 } ], "_last_modified_time": 1457984402672, "_create_time": 1457984402672, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 }, { "resource_type": "LogicalRouterLinkPortOnTIER1", "description": "Port created on Tier-1 router for 'overlay-router'(ID: 723c1e3e-c82c-4243-bba0-2e1ef4815143)", "id": "6cafb2ac-27d1-415c-916a-b37e6b8a32e1", "display_name": "tier1 router link port", "logical_router_id": "723c1e3e-c82c-4243-bba0-2e1ef4815143", "mac_address": "02:50:56:00:00:04", "linked_logical_router_port_id": { "target_display_name": "tier0 router link port", "is_valid": true, "target_type": "LogicalRouterLinkPortOnTIER0", "target_id": "48f78319-00e4-47b1-b721-6c3d43df821c" }, "edge_cluster_member_index": [ 0 ], "subnets": [ { "ip_addresses": [ "100.126.240.1" ], "prefix_length": 31 } ], "_last_modified_time": 1457984951916, "_create_time": 1457984404360, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 1 } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Create a Logical Router Port

Creates a logical router port. The required parameters include resource_type
(LogicalRouterUpLinkPort, LogicalRouterDownLinkPort, LogicalRouterLinkPort,
LogicalRouterLoopbackPort, LogicalRouterCentralizedServicePort); and
logical_router_id (the router to which each logical router port is assigned).
The service_bindings parameter is optional.
Request:
Method:
POST
URI Path:
/api/v1/logical-router-ports
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LogicalRouterCentralizedServicePort+
LogicalRouterDownLinkPort+
LogicalRouterLinkPortOnTIER0+
LogicalRouterLinkPortOnTIER1+
LogicalRouterLoopbackPort+
LogicalRouterUpLinkPort+

Example Request: POST https://<nsx-mgr>/api/v1/logical-router-ports { "resource_type": "LogicalRouterDownLinkPort", "logical_router_id": "723c1e3e-c82c-4243-bba0-2e1ef4815143", "linked_logical_switch_port_id": { "target_type": "LogicalPort", "target_id": "18691381-b08f-4d90-8c0c-98d0e449b141" }, "subnets": [ { "ip_addresses": [ "172.16.40.1" ], "prefix_length": 24 } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Location
Content-type: application/json
Response Body:
LogicalRouterCentralizedServicePort+
LogicalRouterDownLinkPort+
LogicalRouterLinkPortOnTIER0+
LogicalRouterLinkPortOnTIER1+
LogicalRouterLoopbackPort+
LogicalRouterUpLinkPort+

Example Response: { "resource_type": "LogicalRouterLinkPort", "_revision": 0, "id": "4a0d8003-0958-4911-a32b-3a5a51f18d95", "logical_router_id": "7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c", "resource_type": "LogicalRouterDownLinkPort", "id": "b5ceef62-cc10-424a-96ed-8c2d5989cd50", "display_name": "b5ceef62-cc10-424a-96ed-8c2d5989cd50", "logical_router_id": "723c1e3e-c82c-4243-bba0-2e1ef4815143", "mac_address": "02:50:56:56:44:52", "linked_logical_switch_port_id": { "target_display_name": "db2-switch-to-t1-router", "is_valid": true, "target_type": "LogicalPort", "target_id": "18691381-b08f-4d90-8c0c-98d0e449b141" }, "subnets": [ { "ip_addresses": [ "172.16.40.1" ], "prefix_length": 24 } ], "_last_modified_time": 1458848284438, "_create_time": 1458848284438, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: routing_routers Additional Errors:

Delete a Logical Router Port

Deletes the specified logical router port. You must delete logical router
ports before you can delete the associated logical router. To Delete Tier0
router link port you must have to delete attached tier1 router link port,
otherwise pass "force=true" as query param to force delete the Tier0
router link port.
Request:
Method:
DELETE
URI Path:
/api/v1/logical-router-ports/<logical-router-port-id>
Request Headers:
n/a
Query Parameters:
LogicalRouterPortDeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/logical-router-ports/258c50b4-c960-4005-9023-f7946e302162 DELETE http://<nsx-mgr>/api/v1/logical-router-ports/258c50b4-c960-4005-9023-f7946e302162?force=true Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: None Required Permissions: crud Feature: routing_routers Additional Errors:

Update a Logical Router Port

Modifies the specified logical router port. Required parameters include the
resource_type and logical_router_id. Modifiable parameters include the
resource_type (LogicalRouterUpLinkPort, LogicalRouterDownLinkPort,
LogicalRouterLinkPort, LogicalRouterLoopbackPort, LogicalRouterCentralizedServicePort),
logical_router_id (to reassign the port to a different router), and service_bindings.
Request:
Method:
PUT
URI Path:
/api/v1/logical-router-ports/<logical-router-port-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LogicalRouterCentralizedServicePort+
LogicalRouterDownLinkPort+
LogicalRouterLinkPortOnTIER0+
LogicalRouterLinkPortOnTIER1+
LogicalRouterLoopbackPort+
LogicalRouterUpLinkPort+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-router-ports/258c50b4-c960-4005-9023-f7946e302162 { "resource_type": "LogicalRouterDownLinkPort", "id": "81096324-23ba-408e-ae24-294a7ba07f60", "display_name": "web-tier router", "logical_router_id": "723c1e3e-c82c-4243-bba0-2e1ef4815143", "mac_address": "02:50:56:56:44:52", "service_bindings": [ { "service_id": { "target_display_name": "DHCP Relay", "is_valid": true, "target_type": "LogicalService", "target_id": "fb5334a1-3c82-4d2b-8adf-65e52e09d2a1" } } ], "linked_logical_switch_port_id": { "target_display_name": "4630aadd-25d7-4c73-b03c-227ac314dfc4", "is_valid": true, "target_type": "LogicalPort", "target_id": "4630aadd-25d7-4c73-b03c-227ac314dfc4" }, "subnets": [ { "ip_addresses": [ "3001::1" ], "prefix_length": 64 } ], "ndra_prefix_config": [ { "network_prefix": { "3001::/64" }, "prefix_preferred_time": 2000, "prefix_valid_time": 5000 } ], "_revision": 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouterCentralizedServicePort+
LogicalRouterDownLinkPort+
LogicalRouterLinkPortOnTIER0+
LogicalRouterLinkPortOnTIER1+
LogicalRouterLoopbackPort+
LogicalRouterUpLinkPort+

Example Response: { "resource_type": "LogicalRouterUpLinkPort", "_revision": 3, "id": "258c50b4-c960-4005-9023-f7946e302162", "resource_type": "LogicalRouterDownLinkPort", "id": "81096324-23ba-408e-ae24-294a7ba07f60", "display_name": "web-tier router", "logical_router_id": "723c1e3e-c82c-4243-bba0-2e1ef4815143", "mac_address": "02:50:56:56:44:52", "service_bindings": [ { "service_id": { "target_display_name": "DHCP Relay", "is_valid": true, "target_type": "LogicalService", "target_id": "fb5334a1-3c82-4d2b-8adf-65e52e09d2a1" } } ], "linked_logical_switch_port_id": { "target_display_name": "4630aadd-25d7-4c73-b03c-227ac314dfc4", "is_valid": true, "target_type": "LogicalPort", "target_id": "4630aadd-25d7-4c73-b03c-227ac314dfc4" }, "subnets": [ { "ip_addresses": [ "3001::1", "3001::3bff:fe57:7d29" ], "prefix_length": 64 } ], "ndra_prefixtime_config": [ { "network_prefix": { "3001::/64" }, "prefix_preferred_time": 2000, "prefix_valid_time": 5000 } ], "_last_modified_time": 1458851284244, "_create_time": 1457984402461, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 3 } Required Permissions: crud Feature: routing_routers Additional Errors:

Read Logical Router Port

Returns information about the specified logical router port. Request:
Method:
GET
URI Path:
/api/v1/logical-router-ports/<logical-router-port-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-router-ports/c84f70b4-7500-4087-bb2d-3f68f5a32060 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouterCentralizedServicePort+
LogicalRouterDownLinkPort+
LogicalRouterLinkPortOnTIER0+
LogicalRouterLinkPortOnTIER1+
LogicalRouterLoopbackPort+
LogicalRouterUpLinkPort+

Example Response: { "resource_type": "LogicalRouterLinkPort", "_revision": 0, "id": "258c50b4-c960-4005-9023-f7946e302162", "logical_router_id": "7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c", "resource_type": "LogicalRouterUpLinkPort", "id": "c84f70b4-7500-4087-bb2d-3f68f5a32060", "display_name": "uplink for vlan-router", "logical_router_id": "7744a9f8-302d-4e80-a5d1-b7e556db9c19", "mac_address": "02:50:56:00:00:01", "linked_logical_switch_port_id": { "target_display_name": "b7f69e2c-f42f-4fee-9313-c486b35a6d41", "is_valid": true, "target_type": "LogicalPort", "target_id": "b7f69e2c-f42f-4fee-9313-c486b35a6d41" }, "edge_cluster_member_index": [ 0 ], "subnets": [ { "ip_addresses": [ "192.168.100.2" ], "prefix_length": 24 } ], "urpf_mode": "STRICT", "_last_modified_time": 1457984403882, "_create_time": 1457984403882, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } Required Permissions: read Feature: routing_routers Additional Errors:

Get the ARP table (IPv4) or Neighbor Discovery table (IPv6) for the Logical Router Port of the given id

Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) for the
Logical Router Port of the given id, on a node if a query parameter
"transport_node_id=" is given. The transport_node_id
parameter is mandatory if the router port is not uplink type.
Query parameter "source=realtime" is the only supported source.
Request:
Method:
GET
URI Path:
/api/v1/logical-router-ports/<logical-router-port-id>/arp-table
Request Headers:
n/a
Query Parameters:
ListByNodeIdParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-router-ports/9b2ec1c5-cb54-4d69-8d64-14ccad6ae3cf/arp-table?source=realtime&transport_node_id=f8431964-f400-4da5-8c18-4ce4e6bd5fa5 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouterPortArpTable+

Example Response: { "sort_ascending": true, "sort_by": "displayName", "result_count": 3, "logical_router_port_id": "9b2ec1c5-cb54-4d69-8d64-14ccad6ae3cf", "results": [ { "mac_address": "00:50:56:8e:b4:21", "ip": "172.16.10.21" }, { "mac_address": "02:50:56:56:44:52", "ip": "172.16.10.1" }, { "mac_address": "00:50:56:8e:91:12", "ip": "172.16.10.11" } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Get the ARP table (IPv4) or Neighbor Discovery table (IPv6) for the Logical Router Port of the given id

Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) in CSV format
for the Logical Router Port of the given id, on a node if a query
parameter "transport_node_id=" is given. The
transport_node_id parameter is mandatory if the router port is not uplink
type. Query parameter "source=realtime" is the only supported source.
Request:
Method:
GET
URI Path:
/api/v1/logical-router-ports/<logical-router-port-id>/arp-table?format=csv
Request Headers:
n/a
Query Parameters:
TransportNodeIdParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-router-ports/b3f74ac8-0c83-4174-b3c3-6d120423290d/arp-table?source=realtime&transport_node_id=ebe174ac-e4f1-4135-ba72-3dd2eb7099e3&format=csv Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
LogicalRouterPortArpTableInCsvFormat+

Example Response: mac_address,ip 02:50:56:56:44:52,172.16.20.1 Required Permissions: read Feature: routing_routers Additional Errors:

Get the Realized State of a Logical Router Port

Return realized state information of a logical router port.
Any configuration update that affects the logical router port can use this API
to get its realized state by passing a request_id returned by the
configuration change operation. e.g. Update configuration of logical router ports,
dhcp relays, etc.
Request:
Method:
GET
URI Path:
/api/v1/logical-router-ports/<logical-router-port-id>/state
Request Headers:
n/a
Query Parameters:
RealizationStateQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-router-ports/258c50b4-c960-4005-9023-f7946e302162/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouterPortState+

Example Response: { "details": [ { "sub_system_type": "TransportNode", "sub_system_id": "fe651e63-04bd-43a4-a8ec-45381a3b71b9", "state": "in_progress", "failure_message": "CCP Id:ab5958df-d98a-468e-a72b-d89dcdae5346, Message:State realization is in progress at the node." }, { "sub_system_type": "TransportNode", "sub_system_id": "ebe174ac-e4f1-4135-ba72-3dd2eb7099e3", "state": "in_sync" } ], "state": "in_progress", "failure_message": "The state realization is in progress at transport nodes." } Required Permissions: read Feature: routing_routers Additional Errors:

Get the statistics of a specified logical router port on all or a specified node

Returns the statistics for the Logical Router Port. If query parameter
"transport_node_id=" is given, only the statistics
from the given node for the logical router port will be returned.
Otherwise the statistics from each node for the same logical router port
will be returned. The transport_node_id is mandatory if the router port
is not uplink type.
The query parameter "source=cached" will be ignored and it will always return
realtime statistics of the logical router port.
Request:
Method:
GET
URI Path:
/api/v1/logical-router-ports/<logical-router-port-id>/statistics
Request Headers:
n/a
Query Parameters:
TransportNodeIdParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-router-ports/9b2ec1c5-cb54-4d69-8d64-14ccad6ae3cf/statistics?transport_node_id=f8431964-f400-4da5-8c18-4ce4e6bd5fa5 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouterPortStatistics+

Example Response: { "logical_router_port_id": "9b2ec1c5-cb54-4d69-8d64-14ccad6ae3cf", "per_node_statistics": [ { "tx": { "dropped_packets": 0, "total_bytes": 1193822, "total_packets": 19695 }, "last_update_timestamp": 1457125914113, "rx": { "dropped_packets": 0, "total_bytes": 1492866, "total_packets": 24077 }, "transport_node_id": "f8431964-f400-4da5-8c18-4ce4e6bd5fa5" } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Get the statistics summary of a specified logical router port

Returns the summation of statistics from all nodes for the Specified
Logical Router Port.
The query parameter "source=realtime" is not supported.
Request:
Method:
GET
URI Path:
/api/v1/logical-router-ports/<logical-router-port-id>/statistics/summary
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-router-ports/9b2ec1c5-cb54-4d69-8d64-14ccad6ae3cf/statistics/summary Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouterPortStatisticsSummary+

Example Response: { "tx": { "dropped_packets": 10, "total_bytes": 12172280, "total_packets": 60789 }, "last_update_timestamp": 1457125987869, "rx": { "dropped_packets": 8535, "total_bytes": 2085660, "total_packets": 33952 }, "logical_router_port_id": "9b2ec1c5-cb54-4d69-8d64-14ccad6ae3cf" } Required Permissions: read Feature: routing_routers Additional Errors:

Management Plane API: Logical Routing And Services: Logical Routers

Associated URIs:

List Logical Routers

Returns information about all logical routers, including the UUID, internal
and external transit network addresses, and the router type (TIER0 or
TIER1). You can get information for only TIER0 routers or only the TIER1
routers by including the router_type query parameter.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers
Request Headers:
n/a
Query Parameters:
LogicalRouterListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers?router_type=TIER0 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouterListResult+

Example Response: { "cursor": "00364c87219e-7361-4fa4-9b4e-c612ed56f1fdtier-0", "result_count": 1, "results": [ { "resource_type": "LogicalRouter", "description": "", "id": "4c87219e-7361-4fa4-9b4e-c612ed56f1fd", "display_name": "tier-0", "tags": [], "edge_cluster_id": "a9dc562c-effd-4225-883d-3f7d2c887c6b", "advanced_config": { "external_transit_networks": [ "100.64.0.0/10" ], "internal_transit_network": "169.254.0.0/28" }, "allocation_profile": { "enable_standby_relocation": false } "router_type": "TIER0", "high_availability_mode": "ACTIVE_ACTIVE", "_last_modified_time": 1457505773124, "_create_time": 1457505741221, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 1 } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Create a Logical Router

Creates a logical router. The required parameters are router_type (TIER0 or
TIER1) and edge_cluster_id (TIER0 only). Optional parameters include
internal and external transit network addresses.
Request:
Method:
POST
URI Path:
/api/v1/logical-routers
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LogicalRouter+

Example Request: POST https://<nsx-mgr>/api/v1/logical-routers { "resource_type": "LogicalRouter", "description": "Router West", "display_name": "tier-0", "edge_cluster_id": "a9dc562c-effd-4225-883d-3f7d2c887c6b", "advanced_config": { "external_transit_networks": [ "100.64.1.0/10" ], "internal_transit_network": "169.254.0.0/28" }, "allocation_profile": { "enable_standby_relocation": false }, "router_type": "TIER0", "high_availability_mode": "ACTIVE_ACTIVE" } Successful Response:
Response Code:
201 Created
Response Headers:
Location
Content-type: application/json
Response Body:
LogicalRouter+

Example Response: { "resource_type": "LogicalRouter", "description": "Router West", "id": "88a3c980-c433-43f7-80b8-987c8f80d9e1", "display_name": "tier-0", "edge_cluster_id": "a9dc562c-effd-4225-883d-3f7d2c887c6b", "advanced_config": { "external_transit_networks": [ "100.64.0.0/10" ], "internal_transit_network": "169.254.0.0/28" }, "allocation_profile": { "enable_standby_relocation": false }, "router_type": "TIER0", "high_availability_mode": "ACTIVE_ACTIVE", "_last_modified_time": 1457550246853, "_create_time": 1457550246853, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: routing_routers Additional Errors:

Update a Logical Router

Modifies the specified logical router. Modifiable attributes include the
internal_transit_network, external_transit_networks, and edge_cluster_id
(for TIER0 routers).
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LogicalRouter+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/f962173f-ac03-4d08-8366-56a41779f61d { "resource_type": "LogicalRouter", "description": "Router NortWest", "id": "88a3c980-c433-43f7-80b8-987c8f80d9e1", "display_name": "tier-0", "edge_cluster_id": "a9dc562c-effd-4225-883d-3f7d2c887c6b", "router_type": "TIER0", "high_availability_mode": "ACTIVE_ACTIVE", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouter+

Example Response: { "resource_type": "LogicalRouter", "description": "Router NortWest", "id": "88a3c980-c433-43f7-80b8-987c8f80d9e1", "display_name": "tier-0", "edge_cluster_id": "a9dc562c-effd-4225-883d-3f7d2c887c6b", "advanced_config": { "external_transit_networks": [ "100.64.0.0/10" ], "internal_transit_network": "169.254.0.0/28" }, "router_type": "TIER0", "high_availability_mode": "ACTIVE_ACTIVE", "_last_modified_time": 1457551370133, "_create_time": 1457550246853, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: routing_routers Additional Errors:

Delete a Logical Router

Deletes the specified logical router. You must delete associated logical
router ports before you can delete a logical router. Otherwise use force
delete which will delete all related ports and other entities associated
with that LR. To force delete logical router pass force=true in query param.
Request:
Method:
DELETE
URI Path:
/api/v1/logical-routers/<logical-router-id>
Request Headers:
n/a
Query Parameters:
LogicalRouterDeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/logical-routers/f962173f-ac03-4d08-8366-56a41779f61d DELETE https://<nsx-mgr>/api/v1/logical-routers/f962173f-ac03-4d08-8366-56a41779f61d?force=true Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: routing_routers Additional Errors:

Read Logical Router

Returns information about the specified logical router. Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/f962173f-ac03-4d08-8366-56a41779f61d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouter+

Example Response: { "_revision": 0, "id": "f962173f-ac03-4d08-8366-56a41779f61d", "resource_type": "LogicalRouter", "config": { "internal_transit_network": "169.0.0.0/28", "external_transit_networks": [ "100.64.1.0/24" ] }, "router_type": "TIER0", "_last_modified_user": "admin", "_last_modified_time": 1414620218840, "_create_time": 1414620218840, "_create_user": "admin" } Required Permissions: read Feature: routing_routers Additional Errors:

Get BGP neighbor advertised routes

Returns routes advertised by BGP neighbor from all edge transport nodes on which
this neighbor is currently enabled. It always returns realtime response.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors/<neighbor-id>/advertised-routes
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/875381be-a4c5-4173-8aa7-ab71695a8129/routing/bgp/neighbors/f8431964-f400-4da5-8c18-4ce4e6bd5fa5/advertised-routes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpNeighborRouteDetails+

Example Response: { "logical_router_id": "4cca3156-bcc0-4c77-9a6a-141cb33a3844", "neighbor_address": "40.40.40.10", "per_transport_node_routes": [{ "transport_node_id": "6c9e2815-ad34-4b9c-bb95-8af87990cf5a", "source_address": "10.10.10.1", "routes": [{ "network": "2.1.4.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "weight": 0, "med": 1, "as_path": 1000 }, { "network": "40.40.40.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "weight": 0, "med": 1, "as_path": 1000 }] }, { "transport_node_id": "7980e91e-ba6d-11e8-9bda-020009ead346", "source_address": "50.50.50.1", "routes": [{ "network": "2.1.4.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "weight": 0, "med": 1, "as_path": 1000 }, { "network": "40.40.40.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "weight": 0, "med": 1, "as_path": 1000 }] }] } Required Permissions: read Feature: routing_routers Additional Errors:

Get BGP neighbor advertised routes in CSV format

Returns routes advertised by BGP neighbor from all edge transport
nodes on which this neighbor is currently enabled in CSV format.
It always returns realtime response.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors/<neighbor-id>/advertised-routes?format=csv
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/875381be-a4c5-4173-8aa7-ab71695a8129/routing/bgp/neighbors/f8431964-f400-4da5-8c18-4ce4e6bd5fa5/advertised-routes?format=csv Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
BgpNeighborRouteDetailsInCsvFormat+

Example Response: logical_router_id,neighbor_id,neighbor_address,transport_node_id,source_address,network,next_hop,local_pref,weight,med,as_path "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,2.1.4.0/24,40.40.40.10,100,0,1," 1000 !" "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,10.160.64.0/19,40.40.40.10,100,0,1," 1000 !" "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,40.40.40.0/24,40.40.40.10,100,0,1," 1000 !" "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,90.90.90.0/24,40.40.40.10,100,0,1," 1000 !" Required Permissions: read Feature: routing_routers Additional Errors:

Get BGP neighbor learned routes

Returns routes learned by BGP neighbor from all edge transport nodes on which
this neighbor is currently enabled. It always returns realtime response.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors/<neighbor-id>/routes
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/875381be-a4c5-4173-8aa7-ab71695a8129/routing/bgp/neighbors/f8431964-f400-4da5-8c18-4ce4e6bd5fa5/routes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpNeighborRouteDetails+

Example Response: { "logical_router_id": "4cca3156-bcc0-4c77-9a6a-141cb33a3844", "neighbor_address": "40.40.40.10", "per_transport_node_routes": [{ "transport_node_id": "6c9e2815-ad34-4b9c-bb95-8af87990cf5a", "source_address": "10.10.10.1", "routes": [{ "network": "2.1.4.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "weight": 0, "med": 1, "as_path": 1000 }, { "network": "40.40.40.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "weight": 0, "med": 1, "as_path": 1000 }] }, { "transport_node_id": "7980e91e-ba6d-11e8-9bda-020009ead346", "source_address": "50.50.50.1", "routes": [{ "network": "2.1.4.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "weight": 0, "med": 1, "as_path": 1000 }, { "network": "40.40.40.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "weight": 0, "med": 1, "as_path": 1000 }] }] } Required Permissions: read Feature: routing_routers Additional Errors:

Get BGP neighbor learned routes in CSV format

Returns routes learned by BGP neighbor from all edge transport nodes on
which this neighbor is currently enabled in CSV format.
It always returns realtime response.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors/<neighbor-id>/routes?format=csv
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/875381be-a4c5-4173-8aa7-ab71695a8129/routing/bgp/neighbors/f8431964-f400-4da5-8c18-4ce4e6bd5fa5/routes?format=csv Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
BgpNeighborRouteDetailsInCsvFormat+

Example Response: logical_router_id,neighbor_id,neighbor_address,transport_node_id,source_address,network,next_hop,local_pref,weight,med,as_path "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,2.1.4.0/24,40.40.40.10,100,0,1," 1000 !" "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,10.160.64.0/19,40.40.40.10,100,0,1," 1000 !" "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,40.40.40.0/24,40.40.40.10,100,0,1," 1000 !" "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,90.90.90.0/24,40.40.40.10,100,0,1," 1000 !" Required Permissions: read Feature: routing_routers Additional Errors:

Get the status of all the BGP neighbors for the Logical Router of the given id

Returns the status of all the BGP neighbors for the Logical Router of the given id. To get BGP neighbors status for the logical router from particular node, parameter "transport_node_id=" needs to be specified. Query parameter "source=realtime" is the only supported source. Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors/status
Request Headers:
n/a
Query Parameters:
ListByOptionalNodeIdParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/875381be-a4c5-4173-8aa7-ab71695a8129/routing/bgp/neighbors/status?transport_node_id=f8431964-f400-4da5-8c18-4ce4e6bd5fa5&source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpNeighborsStatusListResult+

Example Response: { "cursor": "00361b9f1d54-2f05-441e-9851-c42518cc8b1dasdfds", "sort_ascending": true, "sort_by": "displayName", "result_count": 1, "logical_router_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "logical_router_name": "PLR", "results": [{ "lr_component_id": "70c955dd-22c0-4199-b3a9-8f312478116a", "transport_node_id": "7aaaaadd-22c0-4199-bddd-3aaaaaa8116a", "source_address": "10.1.1.1", "neighbor_address": "10.1.2.1", "remote_as_number": "1", "remote_port": 179, "local_port": 179, "connection_status": "CONNECTED", "messages_received": 12, "messages_sent": 10, "connection_drop_count": 0, "hold_time": 180, "keep_alive_time": 30, "graceful_restart": true, "last_updated_timestamp": 11999191991991 }] } Required Permissions: read Feature: routing_routers Additional Errors:

Get FIB table on a specified node for a logical router

Returns the FIB for the logical router on a node of the given transport-node-id.
Query parameter "transport_node_id=" is required.
To filter the result by network address, paramter "network_prefix="
needs to be specified.
Query parameter "source=realtime" is the only supported source.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/forwarding-table
Request Headers:
n/a
Query Parameters:
LogicalRouterFIBListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/875381be-a4c5-4173-8aa7-ab71695a8129/routing/forwarding-table?transport_node_id=f8431964-f400-4da5-8c18-4ce4e6bd5fa5&source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouterRouteTable+

Example Response: { "cursor": "00361b9f1d54-2f05-441e-9851-c42518cc8b1dasdfds", "sort_ascending": true, "sort_by": "displayName", "result_count": 7, "logical_router_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "results": [ { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "169.0.0.2", "logical_router_port_id": "70c955dd-22c0-4199-b3a9-8f312478116a", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "0.0.0.0/0" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "169.0.0.2", "logical_router_port_id": "70c955dd-22c0-4199-b3a9-8f312478116a", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "100.64.1.0/31" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "169.0.0.2", "logical_router_port_id": "70c955dd-22c0-4199-b3a9-8f312478116a", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "100.64.1.1/32" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "0.0.0.0", "logical_router_port_id": "70c955dd-22c0-4199-b3a9-8f312478116a", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "169.0.0.0/28" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "0.0.0.0", "logical_router_port_id": "9b2ec1c5-cb54-4d69-8d64-14ccad6ae3cf", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "172.16.10.0/24" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "0.0.0.0", "logical_router_port_id": "3fc52f87-60b8-4c64-b664-9383f9680006", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "172.16.20.0/24" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "0.0.0.0", "logical_router_port_id": "0d187b84-e1dc-4a49-9ac3-e500a69445c3", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "172.16.30.0/24" } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Get FIB table on a specified node for a logical router

Returns the FIB table in CSV format for the logical router on a node of the given
transport-node-id. Query parameter "transport_node_id=" is required.
To filter the result by network address, paramter "network_prefix="
needs to be specified.
Query parameter "source=realtime" is the only supported source.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/forwarding-table?format=csv
Request Headers:
n/a
Query Parameters:
LogicalRouterFIBRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/875381be-a4c5-4173-8aa7-ab71695a8129/routing/forwarding-table?transport_node_id=f8431964-f400-4da5-8c18-4ce4e6bd5fa5&format=csv&source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
LogicalRouterRouteTableInCsvFormat+

Example Response: network,logical_router_port_id,next_hop,admin_distance,lr_component_id,lr_component_type 0.0.0.0/0,,169.0.0.2,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER 100.64.1.0/31,,169.0.0.2,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER 100.64.1.1/32,,169.0.0.2,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER 169.0.0.0/28,,0.0.0.0,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER 172.16.10.0/24,,0.0.0.0,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER Required Permissions: read Feature: routing_routers Additional Errors:

Get route table on a given node for a logical router (Deprecated)

Deprecated - Please use /logical-routers//routing/routing-table for RIB and
/logical-routers//routing/forwarding-table for FIB.
Returns the route table for the logical router on a node of the given transport-node-id.
Query parameter "transport_node_id=" is required.
Query parameter "source=realtime" is the only supported source.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/route-table
Request Headers:
n/a
Query Parameters:
ListByRequiredNodeIdParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/875381be-a4c5-4173-8aa7-ab71695a8129/routing/route-table?transport_node_id=f8431964-f400-4da5-8c18-4ce4e6bd5fa5&source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouterRouteTable+

Example Response: { "cursor": "00361b9f1d54-2f05-441e-9851-c42518cc8b1dasdfds", "sort_ascending": true, "sort_by": "displayName", "result_count": 7, "logical_router_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "results": [ { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "169.0.0.2", "route_type": "NSX_INTERNAL", "logical_router_port_id": "70c955dd-22c0-4199-b3a9-8f312478116a", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "0.0.0.0/0" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "169.0.0.2", "route_type": "NSX_INTERNAL", "logical_router_port_id": "70c955dd-22c0-4199-b3a9-8f312478116a", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "100.64.1.0/31" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "169.0.0.2", "route_type": "NSX_INTERNAL", "logical_router_port_id": "70c955dd-22c0-4199-b3a9-8f312478116a", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "100.64.1.1/32" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "0.0.0.0", "route_type": "CONNECTED", "logical_router_port_id": "70c955dd-22c0-4199-b3a9-8f312478116a", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "169.0.0.0/28" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "0.0.0.0", "route_type": "CONNECTED", "logical_router_port_id": "9b2ec1c5-cb54-4d69-8d64-14ccad6ae3cf", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "172.16.10.0/24" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "0.0.0.0", "route_type": "CONNECTED", "logical_router_port_id": "3fc52f87-60b8-4c64-b664-9383f9680006", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "172.16.20.0/24" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "0.0.0.0", "route_type": "CONNECTED", "logical_router_port_id": "0d187b84-e1dc-4a49-9ac3-e500a69445c3", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "172.16.30.0/24" } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Get route table on a node for a logical router (Deprecated)

Deprecated - Please use /logical-routers//routing/routing-table for RIB and
/logical-routers//routing/forwarding-table for FIB.
Returns the route table in CSV format for the logical router on a node of the given
transport-node-id. Query parameter "transport_node_id=" is required.
Query parameter "source=realtime" is the only supported source.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/route-table?format=csv
Request Headers:
n/a
Query Parameters:
RequiredTransportNodeIdParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/875381be-a4c5-4173-8aa7-ab71695a8129/routing/route-table?transport_node_id=f8431964-f400-4da5-8c18-4ce4e6bd5fa5&format=csv&source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
LogicalRouterRouteTableInCsvFormat+

Example Response: route_type,network,logical_router_port_id,next_hop,admin_distance,lr_component_id,lr_component_type NSX_INTERNAL,0.0.0.0/0,,169.0.0.2,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER NSX_INTERNAL,100.64.1.0/31,,169.0.0.2,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER NSX_INTERNAL,100.64.1.1/32,,169.0.0.2,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER CONNECTED,169.0.0.0/28,,0.0.0.0,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER CONNECTED,172.16.10.0/24,,0.0.0.0,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER CONNECTED,172.16.20.0/24,,0.0.0.0,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER CONNECTED,172.16.30.0/24,,0.0.0.0,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER Required Permissions: read Feature: routing_routers Additional Errors:

Get RIB table on a specified node for a logical router

Returns the route table(RIB) for the logical router on a node of the given transport-node-id.
Query parameter "transport_node_id=" is required.
To filter the result by network address, parameter "network_prefix="
needs to be specified.
To filter the result by route source, parameter "route_source=" needs to be specified
where source_type can be BGP, STATIC, CONNECTED, NSX_STATIC, TIER1_NAT or TIER0_NAT.
It is also possible to filter the RIB table using both network address and
route source filter together.
Query parameter "source=realtime" is the only supported source.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/routing-table
Request Headers:
n/a
Query Parameters:
LogicalRouterRIBListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/875381be-a4c5-4173-8aa7-ab71695a8129/routing/routing-table?transport_node_id=f8431964-f400-4da5-8c18-4ce4e6bd5fa5&source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouterRouteTable+

Example Response: { "cursor": "00361b9f1d54-2f05-441e-9851-c42518cc8b1dasdfds", "sort_ascending": true, "sort_by": "displayName", "result_count": 7, "logical_router_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "results": [ { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "169.0.0.2", "route_type": "NSX_INTERNAL", "logical_router_port_id": "70c955dd-22c0-4199-b3a9-8f312478116a", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "0.0.0.0/0" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "169.0.0.2", "route_type": "NSX_INTERNAL", "logical_router_port_id": "70c955dd-22c0-4199-b3a9-8f312478116a", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "100.64.1.0/31" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "169.0.0.2", "route_type": "NSX_INTERNAL", "logical_router_port_id": "70c955dd-22c0-4199-b3a9-8f312478116a", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "100.64.1.1/32" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "0.0.0.0", "route_type": "CONNECTED", "logical_router_port_id": "70c955dd-22c0-4199-b3a9-8f312478116a", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "169.0.0.0/28" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "0.0.0.0", "route_type": "CONNECTED", "logical_router_port_id": "9b2ec1c5-cb54-4d69-8d64-14ccad6ae3cf", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "172.16.10.0/24" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "0.0.0.0", "route_type": "CONNECTED", "logical_router_port_id": "3fc52f87-60b8-4c64-b664-9383f9680006", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "172.16.20.0/24" }, { "lr_component_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "next_hop": "0.0.0.0", "route_type": "CONNECTED", "logical_router_port_id": "0d187b84-e1dc-4a49-9ac3-e500a69445c3", "admin_distance": 0, "lr_component_type": "DISTRIBUTED_ROUTER", "network": "172.16.30.0/24" } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Get RIB table on a specified node for a logical router

Returns the route table in CSV format for the logical router on a node of the given
transport-node-id. Query parameter "transport_node_id=" is required.
To filter the result by network address, paramter "network_prefix="
needs to be specified.
To filter the result by route source, parameter "route_source=" needs to be specified
where source_type can be BGP, STATIC, CONNECTED, NSX_STATIC, TIER1_NAT or TIER0_NAT.
It is also possible to filter the RIB table using both network address and
route source filter together.
Query parameter "source=realtime" is the only supported source.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/routing-table?format=csv
Request Headers:
n/a
Query Parameters:
LogicalRouterRIBRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/875381be-a4c5-4173-8aa7-ab71695a8129/routing/routing-table?transport_node_id=f8431964-f400-4da5-8c18-4ce4e6bd5fa5&format=csv&source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
LogicalRouterRouteTableInCsvFormat+

Example Response: route_type,network,logical_router_port_id,next_hop,admin_distance,lr_component_id,lr_component_type NSX_INTERNAL,0.0.0.0/0,,169.0.0.2,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER NSX_INTERNAL,100.64.1.0/31,,169.0.0.2,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER NSX_INTERNAL,100.64.1.1/32,,169.0.0.2,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER CONNECTED,169.0.0.0/28,,0.0.0.0,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER CONNECTED,172.16.10.0/24,,0.0.0.0,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER CONNECTED,1l72.16.20.0/24,,0.0.0.0,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER CONNECTED,172.16.30.0/24,,0.0.0.0,0,"875381be-a4c5-4173-8aa7-ab71695a8129",DISTRIBUTED_ROUTER Required Permissions: read Feature: routing_routers Additional Errors:

Get the Realized State of a Logical Service Router Cluster

Return realized state information of a logical service router cluster.
Any configuration update that affects the logical service router cluster can use
this API to get its realized state by passing a request_id returned by the
configuration change operation. e.g. Update configuration of nat, bgp, bfd, etc.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/service-cluster/state
Request Headers:
n/a
Query Parameters:
RealizationStateQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/service-cluster/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalServiceRouterClusterState+

Example Response: { "details": [ { "sub_system_type": "TransportNode", "sub_system_id": "fe651e63-04bd-43a4-a8ec-45381a3b71b9", "state": "in_progress", "failure_message": "CCP Id:ab5958df-d98a-468e-a72b-d89dcdae5346, Message:State realization is in progress at the node." }, { "sub_system_type": "TransportNode", "sub_system_id": "ebe174ac-e4f1-4135-ba72-3dd2eb7099e3", "state": "in_sync" } ], "state": "in_progress", "failure_message": "The state realization is in progress at transport nodes." } Required Permissions: read Feature: routing_routers Additional Errors:

Get the Realized State of a Logical Router

Return realized state information of a logical router.
Any configuration update that affects the logical router can use this API
to get its realized state by passing a request_id returned by the
configuration change operation. e.g. Update configuration of logical router,
static routes, etc.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/state
Request Headers:
n/a
Query Parameters:
RealizationStateQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouterState+

Example Response: { "details": [ { "sub_system_type": "TransportNode", "sub_system_id": "fe651e63-04bd-43a4-a8ec-45381a3b71b9", "state": "in_progress", "failure_message": "CCP Id:ab5958df-d98a-468e-a72b-d89dcdae5346, Message:State realization is in progress at the node." }, { "sub_system_type": "TransportNode", "sub_system_id": "ebe174ac-e4f1-4135-ba72-3dd2eb7099e3", "state": "in_sync" } ], "state": "in_progress", "failure_message": "The state realization is in progress at transport nodes." } Required Permissions: read Feature: routing_routers Additional Errors:

Get the status for the Logical Router of the given id

Returns status for the Logical Router of the given id. Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/875381be-a4c5-4173-8aa7-ab71695a8129/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouterStatus+

Example Response: { "logical_router_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "last_update_timestamp": 1457127071089, "per_node_status": [ { "service_router_id": "56eead22-3bb9-4586-8de3-9412941f9116", "high_availability_status": "STANDBY", "transport_node_id": "ca6fd559-198d-4a4a-a5be-7e4eda1d5af4" }, { "service_router_id": "56eead22-3bb9-4586-8de3-9412941f9116", "high_availability_status": "ACTIVE", "transport_node_id": "88324389-7991-4189-a4e9-3eaea4b97f61" } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Re allocate edge node placement of TIER1 service routers

API to re allocate edge node placement for TIER1 logical router. You can
re-allocate service routers of TIER1 in same edge cluster or different edge
cluster. You can also place edge nodes manually and provide maximum two
indices for HA mode ACTIVE_STANDBY. To re-allocate on new edge cluster you
must have existing edge cluster for TIER1 logical router. This will be
disruptive operation and all existing statistics of logical router will be
remove.
Request:
Method:
POST
URI Path:
/api/v1/logical-routers/<logical-router-id>?action=reallocate
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceRouterAllocationConfig+

Example Request: POST https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c?action=reallocate { "edge_cluster_id": "a9dc562c-effd-4225-883d-3f7d2c887c6b" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalRouter+

Example Response: { "resource_type": "LogicalRouter", "description": "Router EastWest", "id": "7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c", "display_name": "tier-1", "edge_cluster_id": "a9dc562c-effd-4225-883d-3f7d2c887c6b", "edge_cluster_member_indices": [ 0, 1 ], "advanced_config": { "internal_transit_network": "169.254.0.0/28" }, "router_type": "TIER1", "high_availability_mode": "ACTIVE_STANDBY", "_last_modified_time": 1457551370133, "_create_time": 1457550246853, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: routing_routers Additional Errors:

Reprocesses a logical router configuration and publish updates to controller

Reprocess logical router configuration and configuration of related entities like logical router ports, static routing, etc.
Any missing Updates are published to controller.
Request:
Method:
POST
URI Path:
/api/v1/logical-routers/<logical-router-id>?action=reprocess
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/logical-routers/875381be-a4c5-4173-8aa7-ab71695a8129?action=reprocess Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: routing_routers Additional Errors:

Management Plane API: Logical Routing And Services: NAT

Associated URIs:

List NAT rules of the logical router

Returns paginated list of all user defined NAT rules of the specific logical router
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/nat/rules
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/1977d30c-eee2-11e4-874d-0050569c7004/nat/rules Successful Response:
Response Code:
200 OK
Response Headers:
Location
Content-type: application/json
Response Body:
NatRuleListResult+

Example Response: { "cursor": "003601003000-0000-0404-0000-0000000000181024", "sort_by": "rule_priority", "result_count": 1, "results": [ { "resource_type": "NatRule", "id": "1028", "display_name": "01003000-0000-0404-0000-000000000018", "match_source_network": "80.80.80.1", "action": "SNAT", "logging": false, "translated_ports": "", "match_service": { "resource_type": "L4PortSetNSService", "destination_ports": [ "80", "8080" ], "l4_protocol": "TCP", "source_ports": [] }, "rule_priority": 1024, "translated_network": "172.16.10.10", "enabled": true, "nat_pass": true, "_last_modified_time": 1458852632857, "_create_time": 1458852302781, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 3 } ] } Required Permissions: read Feature: routing_nat Additional Errors:

Add a NAT rule in a specific logical router

Add a NAT rule in a specific logical router.
Request:
Method:
POST
URI Path:
/api/v1/logical-routers/<logical-router-id>/nat/rules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NatRule+

Example Request: POST https://<nsx-mgr>/api/v1/logical-routers/1977d30c-eee2-11e4-874d-0050569c7004/nat/rules { "action": "SNAT", "match_source_network": "192.168.1.1", "translated_network": "10.117.5.19", "match_service": { "resource_type": "L4PortSetNSService", "source_ports": ["9000"], "destination_ports": ["9000"], "l4_protocol": "TCP" }, "enabled": false } Successful Response:
Response Code:
201 Created
Response Headers:
Location
Content-type: application/json
Response Body:
NatRule+

Example Response: { "resource_type": "NatRule", "id": "1029", "display_name": "01003000-0000-0405-0000-000000000018", "match_source_network": "192.168.1.1", "action": "SNAT", "logging": false, "match_service": { "resource_type": "L4PortSetNSService", "destination_ports": [ "9000" ], "l4_protocol": "TCP", "source_ports": [ "9000" ] }, "rule_priority": 1024, "translated_network": "10.117.5.19", "enabled": false, "nat_pass": true, "_last_modified_time": 1458852877750, "_create_time": 1458852877750, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: routing_nat Additional Errors:

Delete a specific NAT rule from a logical router

Delete a specific NAT rule from a logical router
Request:
Method:
DELETE
URI Path:
/api/v1/logical-routers/<logical-router-id>/nat/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/logical-routers/1977d30c-eee2-11e4-874d-0050569c7004/nat/rules/1032 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: routing_nat Additional Errors:

Get a specific NAT rule from a given logical router

Get a specific NAT rule from a given logical router
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/nat/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/1977d30c-eee2-11e4-874d-0050569c7004/nat/rules/1032 Successful Response:
Response Code:
200 OK
Response Headers:
Location
Content-type: application/json
Response Body:
NatRule+

Example Response: { "resource_type": "NatRule", "id": "1032", "display_name": "01003000-0000-0408-0000-000000000018", "action": "DNAT", "logging": false, "rule_priority": 1024, "translated_network": "172.16.10.10", "enabled": true, "nat_pass": true, "match_destination_network": "80.80.80.1", "_last_modified_time": 1458853243886, "_create_time": 1458853243886, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } Required Permissions: read Feature: routing_nat Additional Errors:

Update a specific NAT rule from a given logical router

Update a specific NAT rule from a given logical router.
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>/nat/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NatRule+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/1977d30c-eee2-11e4-874d-0050569c7004/nat/rules/1032 { "resource_type": "NatRule", "id": "1032", "display_name": "01003000-0000-0408-0000-000000000018", "action": "DNAT", "logging": false, "translated_ports": "21", "rule_priority": 1024, "translated_network": "172.16.10.10", "enabled": true, "match_destination_network": "80.80.80.1", "nat_pass": false, "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Location
Content-type: application/json
Response Body:
NatRule+

Example Response: { "resource_type": "NatRule", "id": "1032", "display_name": "01003000-0000-0408-0000-000000000018", "action": "DNAT", "logging": false, "translated_ports": "21", "rule_priority": 1024, "translated_network": "172.16.10.10", "enabled": true, "nat_pass": false, "match_destination_network": "80.80.80.1", "_last_modified_time": 1458853572023, "_create_time": 1458853243886, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 2 } Required Permissions: crud Feature: routing_nat Additional Errors:

Get the statistics of a specified logical router NAT Rule

Returns the summation of statistics from all nodes for the Specified
Logical Router NAT Rule. Query parameter "source=realtime" is the only supported source.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/nat/rules/<rule-id>/statistics
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/de211ce9-291e-4876-ace6-606b3e32bf46/nat/rules/1026/statistics?source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NatStatisticsPerRule+

Example Response: { "total_bytes": 9240, "total_packets": 110, "active_sessions": 1, "logical_router_id": "de211ce9-291e-4876-ace6-606b3e32bf46", "last_update_timestamp": 1457541997577, "id": "1026" } Required Permissions: read Feature: routing_nat Additional Errors:

Get the statistics of all rules of the logical router

Returns the summation of statistics for all rules from all nodes for the Specified
Logical Router. Also gives the per transport node statistics for provided logical router.
The query parameter "source=realtime" is not supported.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/nat/rules/statistics
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/de211ce9-291e-4876-ace6-606b3e32bf46/nat/rules/statistics Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NatStatisticsPerLogicalRouter+

Example Response: { "logical_router_id": "de211ce9-291e-4876-ace6-606b3e32bf46", "last_update_timestamp": 1457506982295, "statistics_across_all_nodes": { "total_bytes": 23372, "total_packets": 306 }, "per_transport_node_statistics": [ { "total_bytes": 23372, "total_packets": 306, "last_update_timestamp": 1457506982295, "transport_node_id": "60898d58-07f0-4187-865e-07059bc2cbac" } ] } Required Permissions: read Feature: routing_nat Additional Errors:

Add multiple NAT rules in a specific logical router

Create multiple NAT rules in a specific logical router.
The API succeeds only when all rules are accepted and created successfully.
Any one validation voilation will fail the API, no rule will be created.
The ruleIds of each rules can be found from the responsed message.
Request:
Method:
POST
URI Path:
/api/v1/logical-routers/<logical-router-id>/nat/rules?action=create_multiple
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NatRuleList+

Example Request: POST https://<nsx-mgr>/api/v1/logical-routers/1977d30c-eee2-11e4-874d-0050569c7004/nat/rules?action=create_multiple { "rules" : [ { "action": "SNAT", "match_source_network": "192.168.1.1", "translated_network": "10.117.5.19", "match_service": { "resource_type": "L4PortSetNSService", "source_ports": ["9000"], "destination_ports": ["9000"], "l4_protocol": "TCP" }, "enabled": false }, { "action": "SNAT", "match_source_network": "192.168.1.2", "translated_network": "10.117.6.88", "match_service": { "resource_type": "L4PortSetNSService", "source_ports": ["9001"], "destination_ports": ["9001"], "l4_protocol": "TCP" }, "enabled": false } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
NatRuleList+

Example Response: { "rules": [ { "resource_type": "NatRule", "id": "1029", "display_name": "01003000-0000-0405-0000-000000000018", "match_source_network": "192.168.1.1", "action": "SNAT", "logging": false, "match_service": { "resource_type": "L4PortSetNSService", "destination_ports": [ "9000" ], "l4_protocol": "TCP", "source_ports": [ "9000" ] "rule_priority": 1024, "translated_network": "10.117.5.19", "enabled": false, "firewall_match": MATCH_EXTERNAL_ADDRESS, "_last_modified_time": 1458852877750, "_create_time": 1458852877750, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 }, { "resource_type": "NatRule", "id": "1030", "display_name": "01003000-0000-0309-0000-000000000020", "match_source_network": "192.168.1.2", "action": "SNAT", "logging": false, "match_service": { "resource_type": "L4PortSetNSService", "destination_ports": [ "9001" ], "l4_protocol": "TCP", "source_ports": [ "9001" ] "rule_priority": 1024, "translated_network": "10.117.6.88", "enabled": false, "firewall_match": MATCH_EXTERNAL_ADDRESS, "_last_modified_time": 1458853243886, "_create_time": 1458853243886, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } ] } Required Permissions: crud Feature: routing_nat Additional Errors:

Get statistics for all logical router NAT rules on a transport node

Returns the summation of statistics for all rules from all logical routers
which are present on given transport node. Only cached statistics are supported.
The query parameter "source=realtime" is not supported.
Request:
Method:
GET
URI Path:
/api/v1/transport-nodes/<node-id>/statistics/nat-rules
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes/fe651e63-04bd-43a4-a8ec-45381a3b71b9/statistics/nat-rules Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NatStatisticsPerTransportNode+

Example Response: { "total_bytes": 0, "total_packets": 0, "transport_node_id": "fe651e63-04bd-43a4-a8ec-45381a3b71b9" } Required Permissions: read Feature: routing_nat Additional Errors:

Management Plane API: Logical Routing And Services: Routing BFD Configuration

Associated URIs:

Update the BFD Configuration for BFD peers for routing

Modifies the BFD configuration for routing BFD peers. Note - the configuration |
changes apply only to those routing BFD peers for which the BFD configuration has |
not been overridden at Peer level.
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bfd-config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BfdConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/19e504e6-2d1f-4aec-a36d-80bd3eb4caed/routing/bfd-config { "enabled": true, "receive_interval": 600, "transmit_interval": 600, "declare_dead_multiple": 5, "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BfdConfig+

Example Response: { "enabled": true, "receive_interval": 600, "transmit_interval": 600, "declare_dead_multiple": 5, "_revision": 2 Required Permissions: crud Feature: routing_routers Additional Errors:

Read the Routing BFD Configuration

Returns the BFD configuration for all routing BFD peers. This will be inherited |
by all BFD peers for LogicalRouter unless overriden while configuring the Peer.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bfd-config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/0fdce4c3-135e-498c-9108-3a4ae17187cb/routing/bfd-config Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BfdConfig+

Example Response: { "enabled": true, "receive_interval": 300, "transmit_interval": 300, "declare_dead_multiple": 3, "_revision": 0 } Required Permissions: read Feature: routing_routers Additional Errors:

Management Plane API: Logical Routing And Services: Routing Configuration

Associated URIs:

Read All IPV6 DADProfiles

Returns all IPv6 DADProfiles.
Request:
Method:
GET
URI Path:
/api/v1/ipv6/dad-profiles
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ipv6/dad-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DADProfileListResult+

Example Response: { "result_count": 1, "results": [ { "id": "65fb67d8-0485-4c23-8e59-b9ccd8799a4c", "dad_mode": "LOOSE", "wait_time": 1, "ns_retries": 3, } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Create a new DADProfile

Adds a new DADProfile
Request:
Method:
POST
URI Path:
/api/v1/ipv6/dad-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DADProfile+

Example Request: POST https://<nsx-mgr>/api/v1/ipv6/dad-profiles { "resource_type": "DADProfile", "dad_mode": "LOOSE", "wait_time": 1, "ns_retries": 3, } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DADProfile+

Example Response: { "id": "65fb67d8-0485-4c23-8e59-b9ccd8799a4c", "resource_type": "DADProfile", "dad_mode": "LOOSE", "wait_time": 1, "ns_retries": 3, "_create_time": 1457391214234, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1457391214234, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: routing_routers Additional Errors:

Delete DAD Profile

Delete DADProfile
Request:
Method:
DELETE
URI Path:
/api/v1/ipv6/dad-profiles/<dad-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/ipv6/dad-profiles/65fb67d8-0485-4c23-8e59-b9ccd8799a4c Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: routing_routers Additional Errors:

Read specified IPV6 DADProfile

Returns information about specified IPv6 DADProfile.
Request:
Method:
GET
URI Path:
/api/v1/ipv6/dad-profiles/<dad-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ipv6/dad-profiles/65fb67d8-0485-4c23-8e59-b9ccd8799a4c Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DADProfile+

Example Response: { "id": "65fb67d8-0485-4c23-8e59-b9ccd8799a4c", "resource_type": "DADProfile", "dad_mode": "LOOSE", "wait_time": 1, "ns_retries": 3, "_create_time": 1457391214234, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1457391214234, "_create_user": "admin", "_revision": 0 } Required Permissions: read Feature: routing_routers Additional Errors:

Update DADProfile

Update DADProfile.
Request:
Method:
PUT
URI Path:
/api/v1/ipv6/dad-profiles/<dad-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DADProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/ipv6/dad-profiles/65fb67d8-0485-4c23-8e59-b9ccd8799a4c { "id": "65fb67d8-0485-4c23-8e59-b9ccd8799a4c", "resource_type": "DADProfile", "dad_mode": "STRICT", "wait_time": 1, "ns_retries": 3, } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DADProfile+

Example Response: { "id": "65fb67d8-0485-4c23-8e59-b9ccd8799a4c", "resource_type": "DADProfile", "dad_mode": "STRICT", "wait_time": 1, "ns_retries": 3, "_create_time": 1457391214234, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1457391214234, "_create_user": "admin", "_revision": 2 } Required Permissions: crud Feature: routing_routers Additional Errors:

Create a new NDRA Profile

Adds a new NDRAProfile
Request:
Method:
POST
URI Path:
/api/v1/ipv6/nd-ra-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NDRAProfile+

Example Request: POST https://<nsx-mgr>/api/v1/ipv6/nd-ra-profiles { "resource_type": "NDRAProfile", "ra_mode": "SLAAC_DNS_THROUGH_RA", "ra_config": { ra_interval": 600000, "hop_limit": 64, "router_lifetime": 1800, "prefix_lifetime": 2592000, "prefix_preferred_time": 604800 }, "dns_config": { "domain_name": []. "domain_name_lifetime": 1800000, "dns_server": []. "dns_server_lifetime": 1800000 }, "reachable_timer": 0, "retransmit_interval": 0, } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NDRAProfile+

Example Response: { "resource_type": "NDRAProfile", "id": "65fb67d8-0485-4c23-8e59-b9ccd8799a4c", "ra_mode": "SLAAC_DNS_THROUGH_RA", "ra_config": { ra_interval": 600000, "hop_limit": 64, "router_lifetime": 1800, "prefix_lifetime": 2592000, "prefix_preferred_time": 604800 }, "dns_config": { "domain_name": []. "domain_name_lifetime": 1800000, "dns_server": []. "dns_server_lifetime": 1800000 }, "reachable_timer": 0, "retransmit_interval": 0, "_create_time": 1457391214234, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1457391214234, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: routing_routers Additional Errors:

Read All IPV6 NDRA Profiles

Returns all IPv6 NDRA Profiles.
Request:
Method:
GET
URI Path:
/api/v1/ipv6/nd-ra-profiles
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ipv6/nd-ra-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NDRAProfileListResult+

Example Response: { "result_count": 1, "results": [ { "ra_mode": "SLAAC_DNS_THROUGH_RA", "ra_config": { "ra_interval": 600000, "hop_limit": 64, "router_lifetime": 1800, "prefix_lifetime": 2592000, "prefix_preferred_time": 604800 }, "dns_config": { "domain_name": []. "domain_name_lifetime": 1800000, "dns_server": []. "dns_server_lifetime": 1800000 }, "reachable_timer": 0, "retransmit_interval": 0, }, { "ra_mode": "SLAAC_DNS_THROUGH_RA", "ra_config": { "ra_interval": 600000, "hop_limit": 64, "router_lifetime": 1800, "prefix_lifetime": 2592000, "prefix_preferred_time": 604800 }, "dns_config": { "domain_name": []. "domain_name_lifetime": 1800000, "dns_server": []. "dns_server_lifetime": 1800000 }, "reachable_timer": 0, "retransmit_interval": 0, } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Update NDRA Profile

Update NDRAProfile
Request:
Method:
PUT
URI Path:
/api/v1/ipv6/nd-ra-profiles/<nd-ra-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NDRAProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/ipv6/nd-ra-profiles/65fb67d8-0485-4c23-8e59-b9ccd8799a4c { "resource_type": "NDRAProfile", "id": "65fb67d8-0485-4c23-8e59-b9ccd8799a4c", "ra_mode": "DISABLED", "ra_config": { ra_interval": 600000, "hop_limit": 64, "router_lifetime": 1800, "prefix_lifetime": 2592000, "prefix_preferred_time": 604800 }, "dns_config": { "domain_name": []. "domain_name_lifetime": 1800000, "dns_server": []. "dns_server_lifetime": 1800000 }, "reachable_timer": 0, "retransmit_interval": 0, } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NDRAProfile+

Example Response: { "resource_type": "NDRAProfile", "id": "65fb67d8-0485-4c23-8e59-b9ccd8799a4c", "ra_mode": "DISABLED", "ra_config": { ra_interval": 600000, "hop_limit": 64, "router_lifetime": 1800, "prefix_lifetime": 2592000, "prefix_preferred_time": 604800 }, "dns_config": { "domain_name": []. "domain_name_lifetime": 1800000, "dns_server": []. "dns_server_lifetime": 1800000 }, "reachable_timer": 0, "retransmit_interval": 0, "_create_time": 1457391214234, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1457391214234, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: routing_routers Additional Errors:

Read specified IPV6 NDRA Profile

Returns information about specified IPv6 NDRA Profile.
Request:
Method:
GET
URI Path:
/api/v1/ipv6/nd-ra-profiles/<nd-ra-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ipv6/nd-ra-profiles/65fb67d8-0485-4c23-8e59-b9ccd8799a4c Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NDRAProfile+

Example Response: { "resource_type": "NDRAProfile", "id": "65fb67d8-0485-4c23-8e59-b9ccd8799a4c", "ra_mode": "SLAAC_DNS_THROUGH_RA", "ra_config": { ra_interval": 600000, "hop_limit": 64, "router_lifetime": 1800, "prefix_lifetime": 2592000, "prefix_preferred_time": 604800 }, "dns_config": { "domain_name": []. "domain_name_lifetime": 1800000, "dns_server": []. "dns_server_lifetime": 1800000 }, "reachable_timer": 0, "retransmit_interval": 0, "_create_time": 1457391214234, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1457391214234, "_create_user": "admin", "_revision": 0 } Required Permissions: read Feature: routing_routers Additional Errors:

Delete NDRA Profile

Delete NDRAProfile
Request:
Method:
DELETE
URI Path:
/api/v1/ipv6/nd-ra-profiles/<nd-ra-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/ipv6/nd-ra-profiles/65fb67d8-0485-4c23-8e59-b9ccd8799a4c Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: routing_routers Additional Errors:

Read the debug information for the logical router

API to download below information as text which will be used
for debugging and troubleshooting.
1) Logical router sub-components and ports.
2) Routing configuration as sent to central control plane.
3) TIER1 advertised network information.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/debug-info?format=text
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/875381be-a4c5-4173-8aa7-ab71695a8129/debug-info?format=text Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/plain; charset=utf-8
Response Body:
string

Example Response: { "id" : "875381be-a4c5-4173-8aa7-ab71695a8129", "serviceRouterClusterId" : "00002000-0000-0000-0000-00000000040d", "componentInfo" : ...[content omitted for brevity] Required Permissions: read Feature: routing_routers Additional Errors:

Read the Routing Configuration

Returns the routing configuration for a specified logical router.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/0fdce4c3-135e-498c-9108-3a4ae17187cb/routing Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoutingConfig+

Example Response: { "id": "65950de0-5ee8-44e7-b7cc-3a6940736188", "display_name": "65950de0-5ee8-44e7-b7cc-3a6940736188", "resource_type": "RoutingConfig", "router_id": "1.1.1.1", "_last_modified_user": "admin", "_last_modified_time": 1433791848693, "_create_time": 1433790402867, "_create_user": "admin", "_revision": 0 } Required Permissions: read Feature: routing_routers Additional Errors:

Update the Routing Configuration

Modifies the routing configuration for a specified logical router.
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RoutingConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/19e504e6-2d1f-4aec-a36d-80bd3eb4caed/routing { "resource_type": "RoutingConfig", "id": "19e504e6-2d1f-4aec-a36d-80bd3eb4caed", "display_name": "19e504e6-2d1f-4aec-a36d-80bd3eb4caed", "forwarding_up_timer": 384, "_revision": 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoutingConfig+

Example Response: { "resource_type": "RoutingConfig", "id": "19e504e6-2d1f-4aec-a36d-80bd3eb4caed", "display_name": "19e504e6-2d1f-4aec-a36d-80bd3eb4caed", "forwarding_up_timer": 384, "_last_modified_user": "admin", "_last_modified_time": 1457390550411, "_revision": 3 } Required Permissions: crud Feature: routing_routers Additional Errors:

Update the Advertisement Configuration on a Logical Router

Modifies the route advertisement configuration on the specified logical router.
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/advertisement
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AdvertisementConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/f61f2197-0ccd-4c2d-972e-22fadab4e33a/routing/advertisement { "resource_type": "AdvertisementConfig", "description": "", "id": "77c6a05e-5602-46bc-a511-62da18fa0afe", "display_name": "77c6a05e-5602-46bc-a511-62da18fa0afe", "tags": [], "advertise_nsx_connected_routes": true, "advertise_static_routes": false, "advertise_nat_routes": true, "advertise_lb_vip": true, "advertise_lb_snat_ip": false, "enabled": true, "_revision": 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AdvertisementConfig+

Example Response: { "resource_type": "AdvertisementConfig", "description": "", "id": "77c6a05e-5602-46bc-a511-62da18fa0afe", "display_name": "77c6a05e-5602-46bc-a511-62da18fa0afe", "tags": [], "advertise_nsx_connected_routes": true, "advertise_static_routes": false, "advertise_nat_routes": true, "advertise_lb_vip": true, "advertise_lb_snat_ip": false, "enabled": true, "_last_modified_user": "admin", "_last_modified_time": 1457392728479, "_revision": 3 } Required Permissions: crud Feature: routing_routers Additional Errors:

Read the Advertisement Configuration on a Logical Router

Returns information about the routes to be advertised by the specified
TIER1 logical router.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/advertisement
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/f61f2197-0ccd-4c2d-972e-22fadab4e33a/routing/advertisement Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AdvertisementConfig+

Example Response: { "_revision": 1, "id": "f61f2197-0ccd-4c2d-972e-22fadab4efff", "resource_type": "AdvertisementConfig", "enabled": true, "advertise_route_static": false, "advertise_route_connected": false, "advertise_route_nat": false } Required Permissions: read Feature: routing_routers Additional Errors:

Update the Advertisement Rules on a Logical Router

Modifies the advertisement rules on the specified logical
router. The PUT request must include all the rules with the networks parameter. Modifiable
parameters are networks, display_name, and description. Set the rules list to empty to delete/clear all rules.
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/advertisement/rules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AdvertiseRuleList+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/77c6a05e-5602-46bc-a511-62da18fa0afe/routing/advertisement/rules { "resource_type": "AdvertiseRuleList", "id": "77c6a05e-5602-46bc-a511-62da18fa0afe", "display_name": "77c6a05e-5602-46bc-a511-62da18fa0afe", "rules": [ { "description":"Advertise all East routes", "display_name":"East routes", "networks": [ "10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24" ], "rule_filter": { "prefix_operator": "GE", "match_route_types": ["ANY"] } } ], "_create_time": 1456445680356, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1456445680356, "_create_user": "admin", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AdvertiseRuleList+

Example Response: { "resource_type": "AdvertiseRuleList", "id": "77c6a05e-5602-46bc-a511-62da18fa0afe", "display_name": "77c6a05e-5602-46bc-a511-62da18fa0afe", "rules": [ { "description": "Advertise all East routes", "networks": [ "10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24" ], "display_name": "East routes", "action": "ALLOW", "rule_filter": { "prefix_operator": "GE", "match_route_types": ["ANY"] } } ], "_last_modified_user": "admin", "_last_modified_time": 1457392997168, "_revision": 1 } Required Permissions: crud Feature: routing_routers Additional Errors:

Read the Advertisement Rules on a Logical Router

Returns the advertisement rule list for the specified
TIER1 logical router.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/advertisement/rules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/f61f2197-0ccd-4c2d-972e-22fadab4e33a/routing/advertisement/rules Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AdvertiseRuleList+

Example Response: { "_revision": 1, "id": "f61f2197-0ccd-4c2d-972e-22fadab4efff", "resource_type": "AdvertiseRuleList", "rules": [ { "networks": [ "192.168.100.0/24" ], "display_name": "Rule 1", "action": "DENY", "rule_filter": { "prefix_operator": "GE", "match_route_types": ["T1_LB_SNAT"] } }, { "networks": [ "192.168.10.0/24" ], "display_name": "Rule 2", "action": "ALLOW" } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Read the BGP Configuration on a Logical Router

Returns information about the BGP configuration on a specified logical
router. Information includes whether or not the BGP configuration is
enabled, the AS number, and whether or not graceful
restart is enabled.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/bgp Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpConfig+

Example Response: { "id": "7376250a-fa3c-4f69-8844-f5671e914882", "display_name": "7376250a-fa3c-4f69-8844-f5671e914882", "resource_type": "BgpConfig", "enabled": true, "ecmp": false, "hold_up_timer": 0, "graceful_restart": false, "_last_modified_user": "admin", "_last_modified_time": 1433791720444, "_create_time": 1433790402867, "_create_user": "admin", "_revision": 0 } Required Permissions: read Feature: routing_routers Additional Errors:

Update the BGP Configuration on a Logical Router

Modifies the BGP configuration on a specified TIER0 logical router.
Modifiable parameters include enabled, graceful_restart, as_number.
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BgpConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/bgp { "resource_type": "BgpConfig", "description": "Uplink to external", "id": "f2002b7e-e94b-4089-bef9-ef8e2a4fe2fb", "display_name": "Uplink to external", "as_num": "64520", "graceful_restart": true, "enabled": true, "ecmp": false, "_revision": 4 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpConfig+

Example Response: { "resource_type": "BgpConfig", "description": "Uplink to external", "id": "f2002b7e-e94b-4089-bef9-ef8e2a4fe2fb", "display_name": "Uplink to external", "as_num": "64520", "graceful_restart": true, "route_aggregation": [], "enabled": true, "ecmp": false, "_last_modified_user": "admin", "_last_modified_time": 1457392177631, "_revision": 5 } Required Permissions: crud Feature: routing_routers Additional Errors:

Paginated list of BGP community lists on a Logical Router

Paginated list of BGP Community Lists on a Logical Router
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/community-lists
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/bgp/community-lists Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BGPCommunityListListResult+

Example Response: { "cursor": "0036640912b0-4820-46f0-b7c2-7a9e2cb57505neighbor2", "result_count": 2, "results": [ { "id": "a9478c1d-d7ab-47c5-9e05-548920f4d88c", "resource_type": "BGPCommunityList" "communities": ["10:50", "10:52"], "community_type": "NormalBGPCommunity", "_last_modified_time": 1433948850593, "_create_time": 1433948850593, "_create_user": "admin", "_last_modified_user": "admin", "_revision": 0 }, { "id": "640912b0-4820-46f0-b7c2-7a9e2cb57505", "resource_type": "BGPCommunityList" "communities": ["11:09", "11:10"], "community_type": "NormalBGPCommunity", "_last_modified_time": 1433960878203, "_create_time": 1433949148014, "_create_user": "admin", "_last_modified_user": "admin", "_revision": 4 } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Create a new BGP community list on a Logical Router

Add a new BGP Community List on a Logical Router
Request:
Method:
POST
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/community-lists
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BGPCommunityList+

Example Request: POST https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/bgp/community-lists { "communities": ["10:50","10:52"], "community_type": "NormalBGPCommunity" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BGPCommunityList+

Example Response: { "id": "640912b0-4820-46f0-b7c2-7a9e2cb57505", "resource_type": "BGPCommunityList" "communities": ["10:50","10:52"], "community_type": "NormalBGPCommunity", "_last_modified_user": "admin", "_last_modified_time": 1433949148014, "_create_time": 1433949148014, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: routing_routers Additional Errors:

Delete a specific BGP community list from a Logical Router

Delete a specific BGP community list from a Logical Router
Request:
Method:
DELETE
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/community-lists/<community-list-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/bgp/community-lists/640912b0-4820-46f0-b7c2-7a9e2cb57505 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: routing_routers Additional Errors:

Update a specific BGP community list from a Logical Router

Update a specific BGP community list from a Logical Router
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/community-lists/<community-list-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BGPCommunityList+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/bgp/community-lists/640912b0-4820-46f0-b7c2-7a9e2cb57505 { "_revision": 1, "communities": ["10:50","10:52"], "community_type": "NormalBGPCommunity" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BGPCommunityList+

Example Response: { "id": "640912b0-4820-46f0-b7c2-7a9e2cb57505", "resource_type": "BGPCommunityList", "communities": ["10:50","10:52"], "community_type": "NormalBGPCommunity", "_last_modified_user": "admin", "_last_modified_time": 1433949148014, "_create_time": 1433949148014, "_create_user": "admin", "_revision": 2 } Required Permissions: crud Feature: routing_routers Additional Errors:

Read a specific BGP community list from a Logical Router

Read a specific BGP community list from a Logical Router
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/community-lists/<community-list-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/bgp/comunity-lists/640912b0-4820-46f0-b7c2-7a9e2cb57505 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BGPCommunityList+

Example Response: { "id": "a9478c1d-d7ab-47c5-9e05-548920f4d88c", "resource_type": "BGPCommunityList" "communities": ["10:50", "10:52"], "community_type": "NormalBGPCommunity", "_last_modified_time": 1433948850593, "_create_time": 1433948850593, "_create_user": "admin", "_last_modified_user": "admin", "_revision": 0 } Required Permissions: read Feature: routing_routers Additional Errors:

Update a specific BGP community list from a Logical Router (Deprecated)

Update a specific BGP community list from a Logical Router
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/communty-lists/<community-list-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BGPCommunityList+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/bgp/community-lists/640912b0-4820-46f0-b7c2-7a9e2cb57505 { "_revision": 1, "communities": ["10:50","10:52"], "community_type": "NormalBGPCommunity" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BGPCommunityList+

Example Response: { "id": "640912b0-4820-46f0-b7c2-7a9e2cb57505", "resource_type": "BGPCommunityList", "communities": ["10:50","10:52"], "community_type": "NormalBGPCommunity", "_last_modified_user": "admin", "_last_modified_time": 1433949148014, "_create_time": 1433949148014, "_create_user": "admin", "_revision": 2 } Required Permissions: crud Feature: routing_routers Additional Errors:

Paginated list of BGP Neighbors on a Logical Router

Paginated list of BGP Neighbors on a Logical Router
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/bgp/neighbors Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpNeighborListResult+

Example Response: { "cursor": "0036640912b0-4820-46f0-b7c2-7a9e2cb57505neighbor2", "result_count": 2, "neighbors": [ { "id": "a9478c1d-d7ab-47c5-9e05-548920f4d88c", "display_name": "neighbor2", "resource_type": "BgpNeighbor", "hold_down_timer": 180, "neighbor_address": "1.1.1.1", "keep_alive_timer": 60, "remote_as_num": "300", "address_families": [ { "type" : "IPV4_UNICAST", "enabled" : true } ], "_last_modified_time": 1433948850593, "_create_time": 1433948850593, "_create_user": "admin", "_last_modified_user": "admin", "_revision": 0 }, { "id": "640912b0-4820-46f0-b7c2-7a9e2cb57505", "display_name": "neighbor1", "resource_type": "BgpNeighbor", "hold_down_timer": 180, "neighbor_address": "2.2.2.2", "keep_alive_timer": 60, "remote_as_num": "200", "address_families": [ { "type" : "IPV4_UNICAST", "enabled" : true, "in_filter_ipprefixlist_id" : "ad879413-dbc3-4952-b77d-28386c3a5363" } ], "_last_modified_time": 1433960878203, "_create_time": 1433949148014, "_create_user": "admin", "_last_modified_user": "admin", "_revision": 4 } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Add a new BGP Neighbor on a Logical Router

Add a new BGP Neighbor on a Logical Router
Request:
Method:
POST
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BgpNeighbor+

Example Request: POST https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/bgp/neighbors { "display_name": "neighbor1", "neighbor_address": "2.2.2.2", "remote_as_num": "200", "address_families": [ { "type" : "IPV4_UNICAST", "enabled" : true, "in_filter_ipprefixlist_id" : "ad879413-dbc3-4952-b77d-28386c3a5363" } ], } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpNeighbor+

Example Response: { "id": "640912b0-4820-46f0-b7c2-7a9e2cb57505", "display_name": "neighbor1", "resource_type": "BgpNeighbor", "hold_down_timer": 180, "neighbor_address": "2.2.2.2", "keep_alive_timer": 60, "remote_as_num": "200", "address_families": [ { "type" : "IPV4_UNICAST", "enabled" : true, "in_filter_ipprefixlist_id" : "ad879413-dbc3-4952-b77d-28386c3a5363" } ], "_last_modified_user": "admin", "_last_modified_time": 1433949148014, "_create_time": 1433949148014, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: routing_routers Additional Errors:

Delete a specific BGP Neighbor on a Logical Router

Delete a specific BGP Neighbor on a Logical Router
Request:
Method:
DELETE
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors/<id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/bgp/neighbors/640912b0-4820-46f0-b7c2-7a9e2cb57505 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: routing_routers Additional Errors:

Update a specific BGP Neighbor on a Logical Router

Update a specific BGP Neighbor on a Logical Router
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors/<id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BgpNeighbor+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/bgp/neighbors/640912b0-4820-46f0-b7c2-7a9e2cb57505 { "_revision": 1, "hold_down_timer": 40, "neighbor_address": "10.30.1.1", "keep_alive_timer": 100, "source_addresses": ["192.168.0.1"], "remote_as_num": "64510", "address_families": [ { "type" : "IPV4_UNICAST", "enabled" : true, } ], "display_name": "neighbor A", "description": "to_neighbor_A", } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpNeighbor+

Example Response: { "id": "640912b0-4820-46f0-b7c2-7a9e2cb57505", "resource_type": "BgpNeighbor", "hold_down_timer": 40, "neighbor_address": "10.30.1.1", "keep_alive_timer": 100, "source_addresses": ["192.168.0.1"], "remote_as_num": "64510", "address_families": [ { "type" : "IPV4_UNICAST", "enabled" : true, } ], "display_name": "neighbor A", "description": "to_neighbor_A", "_last_modified_user": "admin", "_last_modified_time": 1433949148014, "_create_time": 1433949148014, "_create_user": "admin", "_revision": 2 } Required Permissions: crud Feature: routing_routers Additional Errors:

Read a specific BGP Neighbor on a Logical Router

Read a specific BGP Neighbor on a Logical Router
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors/<id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/bgp/neighbors/640912b0-4820-46f0-b7c2-7a9e2cb57505 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpNeighbor+

Example Response: { "id": "640912b0-4820-46f0-b7c2-7a9e2cb57505", "display_name": "neighbor1", "resource_type": "BgpNeighbor", "hold_down_timer": 180, "neighbor_address": "2.2.2.2", "keep_alive_timer": 60, "remote_as_num": "200", "address_families": [ { "type" : "IPV4_UNICAST", "enabled" : true, "in_filter_ipprefixlist_id" : "ad879413-dbc3-4952-b77d-28386c3a5363" } ], "_last_modified_user": "admin", "_last_modified_time": 1433949148014, "_create_time": 1433949148014, "_create_user": "admin", "_revision": 0 } Required Permissions: read Feature: routing_routers Additional Errors:

Unset/Delete password property on specific BGP Neighbor on Logical Router

Unset/Delete the password property on the specific BGP Neighbor.
No other property of the BgpNeighbor can be updated using this API
Request:
Method:
POST
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors/<id>
Request Headers:
n/a
Query Parameters:
ClearPasswordActionParameters+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/bgp/neighbors/640912b0-4820-46f0-b7c2-7a9e2cb57505?action=clear_password Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpNeighbor+

Example Response: { "id": "640912b0-4820-46f0-b7c2-7a9e2cb57505", "resource_type": "BgpNeighbor", "hold_down_timer": 40, "neighbor_address": "10.30.1.1", "keep_alive_timer": 100, "source_addresses": ["192.168.0.1"], "remote_as_num": "64510", "address_families": [ { "type" : "IPV4_UNICAST", "enabled" : true, } ], "display_name": "neighbor A", "description": "to_neighbor_A", "_last_modified_user": "admin", "_last_modified_time": 1433949148014, "_create_time": 1433949148014, "_create_user": "admin", "_revision": 2 } Required Permissions: crud Feature: routing_routers Additional Errors:

Read a specific BGP Neighbor with password on a Logical Router

Read a specific BGP Neighbor details with password on a Logical Router
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/bgp/neighbors/<id>?action=show-sensitive-data
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/bgp/neighbors/640912b0-4820-46f0-b7c2-7a9e2cb57505?action=show-sensitive-data Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpNeighbor+

Example Response: { "id": "640912b0-4820-46f0-b7c2-7a9e2cb57505", "display_name": "neighbor1", "resource_type": "BgpNeighbor", "hold_down_timer": 180, "neighbor_address": "2.2.2.2", "keep_alive_timer": 60, "remote_as_num": "200", "password": "Admin!23Admin", "address_families": [ { "type" : "IPV4_UNICAST", "enabled" : true, "in_filter_ipprefixlist_id" : "ad879413-dbc3-4952-b77d-28386c3a5363" } ], "_last_modified_user": "admin", "_last_modified_time": 1433949148014, "_create_time": 1433949148014, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: routing_routers Additional Errors:

Paginated List of IPPrefixLists

Paginated List of IPPrefixLists Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/ip-prefix-lists
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/ip-prefix-lists Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPPrefixListListResult+

Example Response: { "cursor": "00365f22f70e-5725-4df3-9e25-46358642848fip-prefix-list1", "result_count": 1, "results": [ { "resource_type": "IPPrefixList", "description": "", "id": "5f22f70e-5725-4df3-9e25-46358642848f", "display_name": "ip-prefix-list1", "tags": [], "prefixes": [ { "action": "DENY", "network": "192.168.110.0/24" }, { "action": "DENY", "network": "192.168.210.0/24" } ], "_create_time": 1457128258723, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1457128258723, "_create_user": "admin", "_revision": 0 } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Add IPPrefixList on a Logical Router

Adds a new IPPrefixList on a Logical Router
Request:
Method:
POST
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/ip-prefix-lists
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPPrefixList+

Example Request: POST https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/ip-prefix-lists { "resource_type": "IPPrefixList", "description": "IP prefix list 2", "display_name": "ip-prefix-list2", "tags": [], "prefixes": [ { "action": "DENY", "network": "192.168.220.0/24" }, { "action": "DENY", "network": "192.168.240.0/24" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPPrefixList+

Example Response: { "resource_type": "IPPrefixList", "description": "IP prefix list 2", "id": "5c45c18f-0221-4a86-a7c0-1460812564f4", "display_name": "ip-prefix-list2", "tags": [], "prefixes": [ { "action": "DENY", "network": "192.168.220.0/24" }, { "action": "DENY", "network": "192.168.240.0/24" } ], "_create_time": 1457128510078, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1457128510078, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: routing_routers Additional Errors:

Update a specific IPPrefixList on a Logical Router

Update a specific IPPrefixList on the specified logical router.
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/ip-prefix-lists/<id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPPrefixList+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/ip-prefix-lists/5f22f70e-5725-4df3-9e25-46358642848f { "resource_type": "IPPrefixList", "description": "IP Prefix List 1", "id": "5f22f70e-5725-4df3-9e25-46358642848f", "display_name": "ip-prefix-list1", "tags": [], "prefixes": [ { "action": "DENY", "network": "192.168.120.0/24" }, { "action": "DENY", "network": "192.168.220.0/24" } ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPPrefixList+

Example Response: { "resource_type": "IPPrefixList", "description": "IP Prefix List 1", "id": "5f22f70e-5725-4df3-9e25-46358642848f", "display_name": "ip-prefix-list1", "tags": [], "prefixes": [ { "action": "DENY", "network": "192.168.120.0/24" }, { "action": "DENY", "network": "192.168.220.0/24" } ], "_last_modified_user": "admin", "_last_modified_time": 1457128860172, "_revision": 1 } Required Permissions: crud Feature: routing_routers Additional Errors:

Get a specific IPPrefixList on a Logical Router

Read a specific IPPrefixList on the specified logical router.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/ip-prefix-lists/<id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/ip-prefix-lists/5f22f70e-5725-4df3-9e25-46358642848f Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPPrefixList+

Example Response: { "resource_type": "IPPrefixList", "description": "", "id": "5f22f70e-5725-4df3-9e25-46358642848f", "display_name": "ip-prefix-list1", "tags": [], "prefixes": [ { "action": "DENY", "network": "192.168.110.0/24" }, { "action": "DENY", "network": "192.168.210.0/24" } ], "_create_time": 1457128258723, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1457128258723, "_create_user": "admin", "_revision": 0 } Required Permissions: read Feature: routing_routers Additional Errors:

Delete a specific IPPrefixList on a Logical Router

Deletes a specific IPPrefixList on the specified logical router.
Request:
Method:
DELETE
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/ip-prefix-lists/<id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/ip-prefix-lists/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4444 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: routing_routers Additional Errors:

Update the Redistribution Configuration on a Logical Router

Modifies existing route redistribution rules for the specified TIER0 logical
router.
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/redistribution
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RedistributionConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/redistribution { "resource_type": "RedistributionConfig", "display_name": "BGP route redistribution", "bgp_enabled": false, "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RedistributionConfig+

Example Response: { "resource_type": "RedistributionConfig", "id": "5d007b29-70da-485e-be22-1c966d204607", "display_name": "BGP route redistribution", "bgp_enabled": false, "_last_modified_user": "admin", "_last_modified_time": 1457392490759, "_revision": 2 } Required Permissions: crud Feature: routing_routers Additional Errors:

Read the Redistribution Configuration on a Logical Router

Returns information about configured route redistribution for the specified
logical router.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/redistribution
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/redistribution Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RedistributionConfig+

Example Response: { "_revision": 1, "id": "67268324-0db6-4d4a-b00a-db1458e60da9", "resource_type": "RedistributionConfig", "bgp_enabled": true, "_last_modified_user": "admin", "_last_modified_time": 1415221811355, "_create_time": 1415221700736, "_create_user": "admin" } Required Permissions: read Feature: routing_routers Additional Errors:

Update All the Redistribution Rules on a Logical Router

Modifies all route redistribution rules for the specified TIER0 logical
router. Set the rules list to empty to delete/clear all rules.
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/redistribution/rules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RedistributionRuleList+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/redistribution/rules { "_revision": 14, "rules": [ { "display_name":"static/connected-into-bgp", "description":"BGP learns all static and connected routes", "destination":"BGP", "sources":["STATIC", "CONNECTED"] } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RedistributionRuleList+

Example Response: { "_revision": 15, "id": "67268324-0db6-4d4a-b00a-db1458e60da9", "resource_type": "RedistributionRuleList", "rules": [ { "display_name": "static/connected-into-bgp", "description": "BGP learns all static and connected routes", "sources": [ "STATIC", "CONNECTED" ], "destination": "BGP" } ], "_last_modified_user": "admin", "_last_modified_time": 1415221811355, "_create_time": 1415221700736, "_create_user": "admin" } Required Permissions: crud Feature: routing_routers Additional Errors:

Read All the Redistribution Rules on a Logical Router

Returns all the route redistribution rules for the specified
logical router.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/redistribution/rules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/redistribution/rules Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RedistributionRuleList+

Example Response: { "_revision": 15, "id": "67268324-0db6-4d4a-b00a-db1458e60da9", "resource_type": "RedistributionRuleList", "rules": [ { "display_name": "static/connected-into-bgp", "description": "BGP learns all static and connected routes", "sources": [ "STATIC", "CONNECTED" ], "destination": "BGP" } ], "_last_modified_user": "admin", "_last_modified_time": 1415221811355, "_create_time": 1415221700736, "_create_user": "admin" } Required Permissions: read Feature: routing_routers Additional Errors:

Paginated List of RouteMaps

Paginated List of RouteMaps Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/route-maps
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/route-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RouteMapListResult+

Example Response: { "cursor": "0036243cef41-bf97-493d-8a2d-703dca9de4dcroute map 1", "result_count": 1, "results": [ { "resource_type": "RouteMap", "description": "", "id": "243cef41-bf97-493d-8a2d-703dca9de4dc", "display_name": "route map 1", "tags": [], "sequences": [ { "match_criteria": { "ip_prefix_lists": [ "5f22f70e-5725-4df3-9e25-46358642848f", "5c45c18f-0221-4a86-a7c0-1460812564f4", "dfd1bc6e-570b-4531-a032-d5ed1c8b6261" ] }, "set_criteria": { "as_path_prepend" : "50", "weight" : 10, "multi_exit_discriminator" : 50, "add_community" : "30:40" }, "action": "PERMIT" }, { "match_criteria": { "ip_prefix_lists": [ "dfd1bc6e-570b-4531-a032-d5ed1c8b6262" ] }, "set_criteria": { "as_path_prepend" : "60", "weight" : 20, "multi_exit_discriminator" : 30, "add_community" : "NO_EXPORT" }, "action": "PERMIT" }, { "match_criteria": { "match_community_expression": { "expression": [ { "match_operator": "MATCH_REGEX", "regular_expression": "123:11.*" }, { "match_operator": "MATCH_ANY", "community_list_id": "c4b2b171-661b-4059-960c-fc931a612507" } ], "operator": "AND" } }, "set_criteria": { "as_path_prepend" : "60", "weight" : 20, "multi_exit_discriminator" : 30, "add_community" : "NO_EXPORT" }, "action": "PERMIT" } ], "_create_time": 1457129043915, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1457129043915, "_create_user": "admin", "_revision": 0 } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Add RouteMap on a Logical Router

Adds a new RouteMap on a Logical Router
Request:
Method:
POST
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/route-maps
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RouteMap+

Example Request: POST https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/route-maps { "resource_type": "RouteMap", "description": "Route Map for West Customers", "display_name": "route map West", "sequences": [ { "match_criteria": { "ip_prefix_lists": [ "5f22f70e-5725-4df3-9e25-46358642848f", "5c45c18f-0221-4a86-a7c0-1460812564f4", "dfd1bc6e-570b-4531-a032-d5ed1c8b6261" ] }, "set_criteria": { "as_path_prepend" : "50", "weight" : 10, "multi_exit_discriminator" : 50, "add_community" : "30:40" }, "action": "PERMIT" }, { "match_criteria": { "ip_prefix_lists": [ "dfd1bc6e-570b-4531-a032-d5ed1c8b6262" ] }, "set_criteria": { "as_path_prepend" : "60", "weight" : 20, "multi_exit_discriminator" : 30, "add_community" : "NO_EXPORT" }, "action": "PERMIT" }, { "match_criteria": { "match_community_expression": { "expression": [ { "match_operator": "MATCH_REGEX", "regular_expression": "123:11.*" }, { "match_operator": "MATCH_ANY", "community_list_id": "c4b2b171-661b-4059-960c-fc931a612507" } ], "operator": "AND" } }, "set_criteria": { "as_path_prepend" : "60", "weight" : 20, "multi_exit_discriminator" : 30, "add_community" : "NO_EXPORT" }, "action": "PERMIT" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RouteMap+

Example Response: { "resource_type": "RouteMap", "description": "Route Map for West Customers", "id": "3e744129-4712-4de3-9659-df69b4a312cb", "display_name": "route map West", "sequences": [ { "match_criteria": { "ip_prefix_lists": [ "5f22f70e-5725-4df3-9e25-46358642848f", "5c45c18f-0221-4a86-a7c0-1460812564f4", "dfd1bc6e-570b-4531-a032-d5ed1c8b6261" ] }, "set_criteria": { "as_path_prepend" : "50", "weight" : 10, "multi_exit_discriminator" : 50, "add_community" : "30:40" }, "action": "PERMIT" }, { "match_criteria": { "ip_prefix_lists": [ "dfd1bc6e-570b-4531-a032-d5ed1c8b6262" ] }, "set_criteria": { "as_path_prepend" : "60", "weight" : 20, "multi_exit_discriminator" : 30, "add_community" : "NO_EXPORT" }, "action": "PERMIT" } { "match_criteria": { "match_community_expression": { "expression": [ { "match_operator": "MATCH_REGEX", "regular_expression": "123:11.*" }, { "match_operator": "MATCH_ANY", "community_list_id": "c4b2b171-661b-4059-960c-fc931a612507" } ], "operator": "AND" } }, "set_criteria": { "as_path_prepend" : "60", "weight" : 20, "multi_exit_discriminator" : 30, "add_community" : "NO_EXPORT" }, "action": "PERMIT" } ], "_create_time": 1457393635951, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1457393635951, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: routing_routers Additional Errors:

Update a specific RouteMap on a Logical Router

Update a specific RouteMap on the specified logical router.
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/route-maps/<id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RouteMap+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/route-maps/243cef41-bf97-493d-8a2d-703dca9de4dc { "resource_type": "RouteMap", "description": "Route Map for East Customers", "display_name": "route map East", "sequences": [ { "match_criteria": { "ip_prefix_lists": [ "5f22f70e-5725-4df3-9e25-46358642848f", "5c45c18f-0221-4a86-a7c0-1460812564f4", "dfd1bc6e-570b-4531-a032-d5ed1c8b6261" ] }, "set_criteria": { "as_path_prepend" : "50", "weight" : 10, "multi_exit_discriminator" : 50, "add_community" : "30:40" }, "action": "PERMIT" }, { "match_criteria": { "ip_prefix_lists": [ "dfd1bc6e-570b-4531-a032-d5ed1c8b6262" ] }, "set_criteria": { "as_path_prepend" : "60", "weight" : 20, "multi_exit_discriminator" : 30, "add_community" : "NO_EXPORT" }, "action": "PERMIT" } { "match_criteria": { "match_community_expression": { "expression": [ { "match_operator": "MATCH_REGEX", "regular_expression": "123:11.*" }, { "match_operator": "MATCH_ANY", "community_list_id": "c4b2b171-661b-4059-960c-fc931a612507" } ], "operator": "AND" } }, "set_criteria": { "as_path_prepend" : "60", "weight" : 20, "multi_exit_discriminator" : 30, "add_community" : "NO_EXPORT" }, "action": "PERMIT" } ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RouteMap+

Example Response: { "resource_type": "RouteMap", "description": "Route Map for East Customers", "id": "243cef41-bf97-493d-8a2d-703dca9de4dc", "display_name": "route map East", "sequences": [ { "match_criteria": { "ip_prefix_lists": [ "5f22f70e-5725-4df3-9e25-46358642848f", "5c45c18f-0221-4a86-a7c0-1460812564f4", "dfd1bc6e-570b-4531-a032-d5ed1c8b6261" ] }, "set_criteria": { "as_path_prepend" : "50", "weight" : 10, "multi_exit_discriminator" : 50, "add_community" : "30:40" }, "action": "PERMIT" }, { "match_criteria": { "ip_prefix_lists": [ "dfd1bc6e-570b-4531-a032-d5ed1c8b6262" ] }, "set_criteria": { "as_path_prepend" : "60", "weight" : 20, "multi_exit_discriminator" : 30, "add_community" : "NO_EXPORT" }, "action": "PERMIT" } { "match_criteria": { "match_community_expression": { "expression": [ { "match_operator": "MATCH_REGEX", "regular_expression": "123:11.*" }, { "match_operator": "MATCH_ANY", "community_list_id": "c4b2b171-661b-4059-960c-fc931a612507" } ], "operator": "AND" } }, "set_criteria": { "as_path_prepend" : "60", "weight" : 20, "multi_exit_discriminator" : 30, "add_community" : "NO_EXPORT" }, "action": "PERMIT" } ], "_last_modified_user": "admin", "_last_modified_time": 1457391862599, "_revision": 1 } Required Permissions: crud Feature: routing_routers Additional Errors:

Delete a specific RouteMap on a Logical Router

Deletes a specific RouteMap on the specified logical router.
Request:
Method:
DELETE
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/route-maps/<id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/route-maps/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4444 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: routing_routers Additional Errors:

Get a specific RouteMap on a Logical Router

Read a specific RouteMap on the specified logical router.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/route-maps/<id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/route-maps/243cef41-bf97-493d-8a2d-703dca9de4dc Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RouteMap+

Example Response: { "resource_type": "RouteMap", "description": "Route Map for East Customers", "id": "243cef41-bf97-493d-8a2d-703dca9de4dc", "display_name": "route map East", "sequences": [ { "match_criteria": { "ip_prefix_lists": [ "5f22f70e-5725-4df3-9e25-46358642848f", "5c45c18f-0221-4a86-a7c0-1460812564f4", "dfd1bc6e-570b-4531-a032-d5ed1c8b6261" ] }, "set_criteria": { "as_path_prepend" : "50", "weight" : 10, "multi_exit_discriminator" : 50, "add_community" : "30:40" }, "action": "PERMIT" }, { "match_criteria": { "ip_prefix_lists": [ "dfd1bc6e-570b-4531-a032-d5ed1c8b6262" ] }, "set_criteria": { "as_path_prepend" : "60", "weight" : 20, "multi_exit_discriminator" : 30, "add_community" : "NO_EXPORT" }, "action": "PERMIT" } { "match_criteria": { "match_community_expression": { "expression": [ { "match_operator": "MATCH_REGEX", "regular_expression": "123:11.*" }, { "match_operator": "MATCH_ANY", "community_list_id": "c4b2b171-661b-4059-960c-fc931a612507" } ], "operator": "AND" } }, "set_criteria": { "as_path_prepend" : "60", "weight" : 20, "multi_exit_discriminator" : 30, "add_community" : "NO_EXPORT" }, "action": "PERMIT" } ], "_last_modified_user": "admin", "_last_modified_time": 1457391862599, "_revision": 1 } Required Permissions: read Feature: routing_routers Additional Errors:

Paginated List of Static Routes

Returns information about configured static routes, including the
network address and next hops for each static route.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/static-routes
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/static-routes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StaticRouteListResult+

Example Response: { "cursor": "0036e3023f7f-4794-40b5-87a8-51cf7df35aefe3023f7f-4794-40b5-87a8-51cf7df35aef", "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "StaticRoute", "description": "", "id": "e3023f7f-4794-40b5-87a8-51cf7df35aef", "display_name": "e3023f7f-4794-40b5-87a8-51cf7df35aef", "tags": [], "next_hops": [ { "administrative_distance": 1, "ip_address": "192.168.100.254" } ], "network": "192.168.100.0/24", "_create_time": 1457129209514, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1457129209514, "_create_user": "admin", "_revision": 0 } ] } Required Permissions: read Feature: routing_routers Additional Errors:

Add Static Routes on a Logical Router

Adds a new static route on a Logical Router
Request:
Method:
POST
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/static-routes
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
StaticRoute+

Example Request: POST https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/static-routes { "resource_type": "StaticRoute", "description": "", "display_name": "to customer A", "tags": [], "next_hops": [ { "administrative_distance": "2", "ip_address": "192.168.200.254" } ], "network": "192.168.200.0/24" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StaticRoute+

Example Response: { "resource_type": "StaticRoute", "description": "", "id": "65fb67d8-0485-4c23-8e59-b9ccd8799a4c", "display_name": "to customer A", "tags": [], "next_hops": [ { "administrative_distance": 2, "ip_address": "192.168.200.254" } ], "network": "192.168.200.0/24", "_create_time": 1457391214234, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1457391214234, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: routing_routers Additional Errors:

Delete a specific Static Route on a Logical Router

Deletes a specific static route on the specified logical router.
Request:
Method:
DELETE
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/static-routes/<id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/static-routes/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4444 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: routing_routers Additional Errors:

Update a specific Static Route Rule on a Logical Router

Update a specific static route on the specified logical router.
Request:
Method:
PUT
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/static-routes/<id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
StaticRoute+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/static-routes/65fb67d8-0485-4c23-8e59-b9ccd8799a4c { "resource_type": "StaticRoute", "description": "Static route to customer A", "display_name": "to customer A", "next_hops": [ { "administrative_distance": 2, "ip_address": "192.168.200.254" } ], "network": "192.168.200.0/24", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StaticRoute+

Example Response: { "resource_type": "StaticRoute", "description": "Static route to customer A", "id": "65fb67d8-0485-4c23-8e59-b9ccd8799a4c", "display_name": "to customer A", "next_hops": [ { "administrative_distance": 2, "ip_address": "192.168.200.254" } ], "network": "192.168.200.0/24", "_last_modified_user": "admin", "_last_modified_time": 1457391431538, "_revision": 1 } Required Permissions: crud Feature: routing_routers Additional Errors:

Get a specific Static Route on a Logical Router

Read a specific static routes on the specified logical router.
Request:
Method:
GET
URI Path:
/api/v1/logical-routers/<logical-router-id>/routing/static-routes/<id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-routers/7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c/routing/static-routes/65fb67d8-0485-4c23-8e59-b9ccd8799a4c Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StaticRoute+

Example Response: { "resource_type": "StaticRoute", "description": "Static route to customer A", "id": "65fb67d8-0485-4c23-8e59-b9ccd8799a4c", "display_name": "to customer A", "next_hops": [ { "administrative_distance": 2, "ip_address": "192.168.200.254" } ], "network": "192.168.200.0/24", "_last_modified_user": "admin", "_last_modified_time": 1457391431538, "_revision": 1 } Required Permissions: read Feature: routing_routers Additional Errors:

Management Plane API: Logical Switching

Management Plane API: Logical Switching: Logical Switch Ports

Associated URIs:

Create a Logical Port

Creates a new logical switch port. The required parameters are the
associated logical_switch_id and admin_state (UP or DOWN). Optional
parameters are the attachment and switching_profile_ids. If you don't
specify switching_profile_ids, default switching profiles are assigned to
the port. If you don't specify an attachment, the switch port remains
empty. To configure an attachment, you must specify an id, and
optionally you can specify an attachment_type (VIF or LOGICALROUTER).
The attachment_type is VIF by default.
Request:
Method:
POST
URI Path:
/api/v1/logical-ports
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LogicalPort+

Example Request: POST https://<nsx-mgr>/api/v1/logical-ports { "logical_switch_id":"849e339e-64b7-47cb-9480-33068f70dc5a", "attachment": {"attachment_type":"VIF","id":"vif1"}, "admin_state":"UP" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
LogicalPort+

Example Response: { "id": "95a93e66-4fb1-4f7d-9484-1c8fd521e741", "display_name": "95a93e66-4fb1-4f7d-9484-1c8fd521e741", "resource_type": "LogicalPort", "address_bindings": [], "logical_switch_id": "849e339e-64b7-47cb-9480-33068f70dc5a", "admin_state": "UP", "attachment": { "id": "vif1", "attachment_type": "VIF" }, "switching_profile_ids": [ { "value": "49781ebb-6f76-464a-9a7e-c365ba26128b", "key": "IpDiscoverySwitchingProfile" }, { "value": "fad98876-d7ff-11e4-b9d6-1681e6b88ec1", "key": "SpoofGuardSwitchingProfile" }, { "value": "93b4b7e8-f116-415d-a50c-3364611b5d09", "key": "PortMirroringSwitchingProfile" }, { "value": "fbc4fb17-83d9-4b53-a286-ccdf04301888", "key": "SwitchSecuritySwitchingProfile" }, { "value": "f313290b-eba8-4262-bd93-fab5026e9495", "key": "QosSwitchingProfile" } ], "_last_modified_user": "admin", "_last_modified_time": 1435284566908, "_create_time": 1435284566908, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: switching_ports Additional Errors:

List All Logical Ports

Returns information about all configured logical switch ports. Logical
switch ports connect to VM virtual network interface cards (NICs). Each
logical port is associated with one logical switch.
Request:
Method:
GET
URI Path:
/api/v1/logical-ports
Request Headers:
n/a
Query Parameters:
LogicalPortListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-ports Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalPortListResult+

Example Response: { "result_count": 2, "results": [ { "id": "2f904690-355a-4900-841e-645b3d7fee91", "display_name": "2f904690-355a-4900-841e-645b3d7fee91", "resource_type": "LogicalPort", "address_bindings": [], "logical_switch_id": "849e339e-64b7-47cb-9480-33068f70dc5a", "admin_state": "UP", "attachment": { "id": "f941da72-2b4a-4212-9183-74029d41377e", "attachment_type": "VIF" }, "switching_profile_ids": [ { "value": "49781ebb-6f76-464a-9a7e-c365ba26128b", "key": "IpDiscoverySwitchingProfile" }, { "value": "fad98876-d7ff-11e4-b9d6-1681e6b88ec1", "key": "SpoofGuardSwitchingProfile" }, { "value": "93b4b7e8-f116-415d-a50c-3364611b5d09", "key": "PortMirroringSwitchingProfile" }, { "value": "fbc4fb17-83d9-4b53-a286-ccdf04301888", "key": "SwitchSecuritySwitchingProfile" }, { "value": "f313290b-eba8-4262-bd93-fab5026e9495", "key": "QosSwitchingProfile" } ], "_last_modified_user": "system", "_last_modified_time": 1435282553271, "_create_time": 1435282553249, "_system_owned": true, "_create_user": "system", "_revision": 1 }, { "id": "9467676a-aeae-46f7-90f1-c771e02d1669", "display_name": "9467676a-aeae-46f7-90f1-c771e02d1669", "resource_type": "LogicalPort", "address_bindings": [], "logical_switch_id": "849e339e-64b7-47cb-9480-33068f70dc5a", "admin_state": "UP", "attachment": { "id": "65332f8d-efa2-4dd9-9c92-39ca0bfb1966", "attachment_type": "VIF" }, "switching_profile_ids": [ { "value": "49781ebb-6f76-464a-9a7e-c365ba26128b", "key": "IpDiscoverySwitchingProfile" }, { "value": "fad98876-d7ff-11e4-b9d6-1681e6b88ec1", "key": "SpoofGuardSwitchingProfile" }, { "value": "93b4b7e8-f116-415d-a50c-3364611b5d09", "key": "PortMirroringSwitchingProfile" }, { "value": "fbc4fb17-83d9-4b53-a286-ccdf04301888", "key": "SwitchSecuritySwitchingProfile" }, { "value": "f313290b-eba8-4262-bd93-fab5026e9495", "key": "QosSwitchingProfile" } ], "_last_modified_user": "system", "_last_modified_time": 1435282426932, "_create_time": 1435282426867, "_system_owned": true, "_create_user": "system", "_revision": 1 } ] } Required Permissions: read Feature: switching_ports Additional Errors:

Get Information About a Logical Port

Returns information about a specified logical port. Request:
Method:
GET
URI Path:
/api/v1/logical-ports/<lport-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-ports/9467676a-aeae-46f7-90f1-c771e02d1669 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalPort+

Example Response: { "id": "9467676a-aeae-46f7-90f1-c771e02d1669", "display_name": "9467676a-aeae-46f7-90f1-c771e02d1669", "resource_type": "LogicalPort", "address_bindings": [], "logical_switch_id": "849e339e-64b7-47cb-9480-33068f70dc5a", "admin_state": "UP", "attachment": { "id": "65332f8d-efa2-4dd9-9c92-39ca0bfb1966", "attachment_type": "VIF" }, "switching_profile_ids": [ { "value": "49781ebb-6f76-464a-9a7e-c365ba26128b", "key": "IpDiscoverySwitchingProfile" }, { "value": "fad98876-d7ff-11e4-b9d6-1681e6b88ec1", "key": "SpoofGuardSwitchingProfile" }, { "value": "93b4b7e8-f116-415d-a50c-3364611b5d09", "key": "PortMirroringSwitchingProfile" }, { "value": "fbc4fb17-83d9-4b53-a286-ccdf04301888", "key": "SwitchSecuritySwitchingProfile" }, { "value": "f313290b-eba8-4262-bd93-fab5026e9495", "key": "QosSwitchingProfile" } ], "_last_modified_user": "system", "_last_modified_time": 1435282426932, "_create_time": 1435282426867, "_system_owned": true, "_create_user": "system", "_revision": 1 } Required Permissions: read Feature: switching_ports Additional Errors:

Update a Logical Port

Modifies an existing logical switch port. Parameters that can be modified
include attachment_type (LOGICALROUTER, VIF), admin_state (UP or DOWN),
attachment id and switching_profile_ids. You cannot modify the logical_switch_id.
In other words, you cannot move an existing port from one switch to another switch.
Request:
Method:
PUT
URI Path:
/api/v1/logical-ports/<lport-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LogicalPort+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-ports/95a93e66-4fb1-4f7d-9484-1c8fd521e741 { "logical_switch_id":"849e339e-64b7-47cb-9480-33068f70dc5a", "address_bindings": [{"ip_address":"192.168.1.110", "mac_address":"aa:bb:cc:dd:ee:ff"}], "attachment": {"attachment_type":"VIF","id":"vif1"}, "admin_state": "UP", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalPort+

Example Response: { "id": "95a93e66-4fb1-4f7d-9484-1c8fd521e741", "display_name": "95a93e66-4fb1-4f7d-9484-1c8fd521e741", "resource_type": "LogicalPort", "address_bindings": [ { "mac_address": "aa:bb:cc:dd:ee:ff", "ip_address": "192.168.1.110", "vlan": 0 } ], "logical_switch_id": "849e339e-64b7-47cb-9480-33068f70dc5a", "admin_state": "UP", "attachment": { "id": "vif1", "attachment_type": "VIF" }, "switching_profile_ids": [ { "value": "49781ebb-6f76-464a-9a7e-c365ba26128b", "key": "IpDiscoverySwitchingProfile" }, { "value": "fad98876-d7ff-11e4-b9d6-1681e6b88ec1", "key": "SpoofGuardSwitchingProfile" }, { "value": "93b4b7e8-f116-415d-a50c-3364611b5d09", "key": "PortMirroringSwitchingProfile" }, { "value": "fbc4fb17-83d9-4b53-a286-ccdf04301888", "key": "SwitchSecuritySwitchingProfile" }, { "value": "f313290b-eba8-4262-bd93-fab5026e9495", "key": "QosSwitchingProfile" } ], "_last_modified_user": "admin", "_last_modified_time": 1435284879143, "_create_time": 1435284566908, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: switching_ports Additional Errors:

Delete a Logical Port

Deletes the specified logical switch port. By default, if logical port has
attachments, or it is added to any NSGroup, the deletion will be failed.
Option detach could be used for deleting logical port forcibly.
Request:
Method:
DELETE
URI Path:
/api/v1/logical-ports/<lport-id>
Request Headers:
n/a
Query Parameters:
LogicalPortDeleteParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/logical-ports/95a93e66-4fb1-4f7d-9484-1c8fd521e741 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: switching_ports Additional Errors:

Get MAC table of a logical port with a given port id (lport-id)

Returns MAC table of a specified logical port. If the target transport node id is not provided,
the NSX manager will ask the controller for the transport node where the logical port is located.
The query parameter "source=cached" is not supported. MAC table retrieval is not supported on
logical ports that are attached to a logical router.
Request:
Method:
GET
URI Path:
/api/v1/logical-ports/<lport-id>/mac-table
Request Headers:
n/a
Query Parameters:
ListByNodeIdParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-ports/<lport-id>/mac-table Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalPortMacAddressListResult+

Example Response: { "sort_ascending" : true, "sort_by" : "display_name", "result_count" : 1, "logical_port_id" : "44766063-7068-4c82-9411-4e16c36d7c46", "last_update_timestamp" : 1496342672613, "transport_node_id" : "5a9bb1be-3f1b-11e7-80b9-53f65a56b3df", "results" : [ { "mac_address" : "00:50:56:b7:e1:04", "mac_type" : "STATIC" } ] } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Get MAC table of a logical port with a given port id (lport-id)

Returns MAC table in CSV format of a specified logical port. If the target transport node id is not provided,
the NSX manager will ask the controller for the transport node where the logical port is located.
The query parameter "source=cached" is not supported. MAC table retrieval is not supported on
logical ports that are attached to a logical router.
Request:
Method:
GET
URI Path:
/api/v1/logical-ports/<lport-id>/mac-table?format=csv
Request Headers:
n/a
Query Parameters:
ListByNodeIdParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-ports/<lport-id>/mac-table?format=csv Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
LogicalPortMacAddressCsvListResult+

Example Response: mac_address,mac_type 00:50:56:b7:e1:04,STATIC Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Get realized state & location of a logical port

Returns transport node id for a specified logical port. Also returns
information about all address bindings of the specified logical port. This
includes address bindings discovered via various snooping methods like ARP
snooping, DHCP snooping etc. and addressing bindings that are realized
based on user configuration.
Request:
Method:
GET
URI Path:
/api/v1/logical-ports/<lport-id>/state
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-ports/9467676a-aeae-46f7-90f1-c771e02d1669/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalPortState+

Example Response: { "id": "9467676a-aeae-46f7-90f1-c771e02d1669", "transport_node_ids": [], "discovered_bindings": [ { "source": "ARP_SNOOPING" "binding": { ip_address: "192.168.1.10", mac_address: "aa:bb:cc:dd:ee:ff", vlan: "" } "binding_timestamp": 1457127071089 }, { "source": "DHCP_SNOOPING" "binding": { ip_address: "192.168.1.10", mac_address: "aa:bb:cc:dd:ee:ff", vlan: "" } "binding_timestamp": 1457127071089 } ], "realized_bindings": [ { "source": "USER_DEFINED" "binding": { ip_address: "192.168.1.10", mac_address: "aa:bb:cc:dd:ee:ff", vlan: "" } "binding_timestamp": 1117127071050 }, ] } Required Permissions: read Feature: switching_ports Additional Errors:

Get Statistics for Logical Port of a Given Port ID (lport-id)

Returns statistics of a specified logical port. If the logical port is attached to
a logical router port, query parameter "source=realtime" is not supported.
Request:
Method:
GET
URI Path:
/api/v1/logical-ports/<lport-id>/statistics
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-ports/<lport-id>/statistics Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalPortStatistics+

Example Response: { "tx_packets": { "total": 0, "dropped": 0, "multicast_broadcast": 0 }, "rx_bytes": { "total": 11473, "multicast_broadcast": 11473 }, "tx_bytes": { "total": 0, "multicast_broadcast": 0 }, "rx_packets": { "total": 56, "dropped": 0, "multicast_broadcast": 56 }, "logical_port_id": "04efc498-b872-40fc-83f8-ebf9317a2766", "last_update_timestamp": 1453500812476 } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Get Operational Status for Logical Port of a Given Port ID (lport-id)

Returns operational status of a specified logical port. Request:
Method:
GET
URI Path:
/api/v1/logical-ports/<lport-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-ports/<lport-id>/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalPortOperationalStatus+

Example Response: { "logical_port_id": "04efc498-b872-40fc-83f8-ebf9317a2766", "last_update_timestamp": 1453764613211, "status": "UP" } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Get Operational Status Summary of All Logical Ports in the System

Returns operational status of all logical ports.
The query parameter "source=realtime" is not supported.
Request:
Method:
GET
URI Path:
/api/v1/logical-ports/status
Request Headers:
n/a
Query Parameters:
LogicalPortListWithSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-ports/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalPortStatusSummary+

Example Response: { "up_ports": 6, "total_ports": 6 } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Management Plane API: Logical Switching: Logical Switches

Associated URIs:

Create a Logical Switch

Creates a new logical switch. The request must include the
transport_zone_id, display_name, and admin_state (UP or DOWN). The
replication_mode (MTEP or SOURCE) is required for overlay logical
switches, but not for VLAN-based logical switches. A vlan needs to be
provided for VLAN-based logical switches
Request:
Method:
POST
URI Path:
/api/v1/logical-switches
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LogicalSwitch+

Example Request: POST https://<nsx-mgr>/api/v1/logical-switches { "transport_zone_id":"cfaec4c7-45c2-439b-b7c6-2c3aeabd9976", "replication_mode": "MTEP", "admin_state":"UP", "display_name":"test-logical-switch", "hybrid": true } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
LogicalSwitch+

Example Response: { "id": "92225022-a786-4c7d-91d1-1f9afa6deebe", "display_name": "test-logical-switch", "resource_type": "LogicalSwitch", "address_bindings": [], "transport_zone_id": "cfaec4c7-45c2-439b-b7c6-2c3aeabd9976", "replication_mode": "MTEP", "admin_state": "UP", "vni": 56200, "hybrid": true, "switching_profile_ids": [ { "value": "64814784-7896-3901-9741-badeff705639", "key": "IpDiscoverySwitchingProfile" }, { "value": "fad98876-d7ff-11e4-b9d6-1681e6b88ec1", "key": "SpoofGuardSwitchingProfile" }, { "value": "93b4b7e8-f116-415d-a50c-3364611b5d09", "key": "PortMirroringSwitchingProfile" }, { "value": "fbc4fb17-83d9-4b53-a286-ccdf04301888", "key": "SwitchSecuritySwitchingProfile" }, { "value": "f313290b-eba8-4262-bd93-fab5026e9495", "key": "QosSwitchingProfile" } ], "_last_modified_user": "admin", "_last_modified_time": 1435285527986, "_create_time": 1435285527986, "_create_user": "admin", "_revision": 0, "_schema": "/v1/schema/LogicalSwitch" } Required Permissions: crud Feature: switching_switches Additional Errors:

List all Logical Switches

Returns information about all configured logical switches. Request:
Method:
GET
URI Path:
/api/v1/logical-switches
Request Headers:
n/a
Query Parameters:
LogicalSwitchListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-switches Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalSwitchListResult+

Example Response: { "result_count": 1, "results": [ { "id": "849e339e-64b7-47cb-9480-33068f70dc5a", "display_name": "ls-demo", "description": "1st logical Switch", "resource_type": "LogicalSwitch", "address_bindings": [], "transport_zone_id": "cfaec4c7-45c2-439b-b7c6-2c3aeabd9976", "replication_mode": "MTEP", "admin_state": "UP", "vni": 11144, "hybrid": false, "switching_profile_ids": [ { "value": "49781ebb-6f76-464a-9a7e-c365ba26128b", "key": "IpDiscoverySwitchingProfile" }, { "value": "fad98876-d7ff-11e4-b9d6-1681e6b88ec1", "key": "SpoofGuardSwitchingProfile" }, { "value": "93b4b7e8-f116-415d-a50c-3364611b5d09", "key": "PortMirroringSwitchingProfile" }, { "value": "fbc4fb17-83d9-4b53-a286-ccdf04301888", "key": "SwitchSecuritySwitchingProfile" }, { "value": "f313290b-eba8-4262-bd93-fab5026e9495", "key": "QosSwitchingProfile" } ], "_last_modified_user": "admin", "_last_modified_time": 1435282408187, "_create_time": 1435282408187, "_create_user": "admin", "_revision": 0, "_schema": "/v1/schema/LogicalSwitch" } ] } Required Permissions: read Feature: switching_switches Additional Errors:

Get Logical Switch associated with the provided id (lswitch-id)

Returns information about the specified logical switch Id. Request:
Method:
GET
URI Path:
/api/v1/logical-switches/<lswitch-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-switches/849e339e-64b7-47cb-9480-33068f70dc5a Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalSwitch+

Example Response: { "id": "849e339e-64b7-47cb-9480-33068f70dc5a", "display_name": "ls-demo", "description": "1st logical Switch", "resource_type": "LogicalSwitch", "address_bindings": [], "transport_zone_id": "cfaec4c7-45c2-439b-b7c6-2c3aeabd9976", "replication_mode": "MTEP", "admin_state": "UP", "vni": 11144, "hybrid": true, "switching_profile_ids": [ { "value": "49781ebb-6f76-464a-9a7e-c365ba26128b", "key": "IpDiscoverySwitchingProfile" }, { "value": "fad98876-d7ff-11e4-b9d6-1681e6b88ec1", "key": "SpoofGuardSwitchingProfile" }, { "value": "93b4b7e8-f116-415d-a50c-3364611b5d09", "key": "PortMirroringSwitchingProfile" }, { "value": "fbc4fb17-83d9-4b53-a286-ccdf04301888", "key": "SwitchSecuritySwitchingProfile" }, { "value": "f313290b-eba8-4262-bd93-fab5026e9495", "key": "QosSwitchingProfile" } ], "_last_modified_user": "admin", "_last_modified_time": 1435282408187, "_create_time": 1435282408187, "_create_user": "admin", "_revision": 0, "_schema": "/v1/schema/LogicalSwitch" } Required Permissions: read Feature: switching_switches Additional Errors:

Delete a Logical Switch

Removes a logical switch from the associated overlay or VLAN transport
zone. By default, a logical switch cannot be deleted if there are logical
ports on the switch, or it is added to a NSGroup.
Cascade option can be used to delete all ports and the logical switch.
Detach option can be used to delete the logical switch forcibly.
Request:
Method:
DELETE
URI Path:
/api/v1/logical-switches/<lswitch-id>
Request Headers:
n/a
Query Parameters:
LogicalSwitchDeleteParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/logical-switches/92225022-a786-4c7d-91d1-1f9afa6deebe Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: switching_switches Additional Errors:

Update a Logical Switch

Modifies attributes of an existing logical switch. Modifiable
attributes include admin_state, replication_mode, switching_profile_ids
and VLAN spec. You cannot modify the original transport_zone_id.
Request:
Method:
PUT
URI Path:
/api/v1/logical-switches/<lswitch-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LogicalSwitch+

Example Request: PUT https://<nsx-mgr>/api/v1/logical-switches/92225022-a786-4c7d-91d1-1f9afa6deebe { "transport_zone_id":"cfaec4c7-45c2-439b-b7c6-2c3aeabd9976", "replication_mode": "MTEP", "admin_state": "UP", "hybrid": false, "address_bindings":[{"ip_address":"192.168.1.0/24", "vlan": 10}], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalSwitch+

Example Response: { "id": "92225022-a786-4c7d-91d1-1f9afa6deebe", "display_name": "92225022-a786-4c7d-91d1-1f9afa6deebe", "resource_type": "LogicalSwitch", "address_bindings": [ { "ip_address": "192.168.1.0/24", "vlan": 10 } ], "transport_zone_id": "cfaec4c7-45c2-439b-b7c6-2c3aeabd9976", "replication_mode": "MTEP", "admin_state": "UP", "vni": 56200, "hybrid": false, "switching_profile_ids": [ { "value": "64814784-7896-3901-9741-badeff705639", "key": "IpDiscoverySwitchingProfile" }, { "value": "fad98876-d7ff-11e4-b9d6-1681e6b88ec1", "key": "SpoofGuardSwitchingProfile" }, { "value": "93b4b7e8-f116-415d-a50c-3364611b5d09", "key": "PortMirroringSwitchingProfile" }, { "value": "fbc4fb17-83d9-4b53-a286-ccdf04301888", "key": "SwitchSecuritySwitchingProfile" }, { "value": "f313290b-eba8-4262-bd93-fab5026e9495", "key": "QosSwitchingProfile" } ], "_last_modified_user": "admin", "_last_modified_time": 1435285886962, "_create_time": 1435285527986, "_create_user": "admin", "_revision": 1, "_schema": "/v1/schema/LogicalSwitch" } Required Permissions: crud Feature: switching_switches Additional Errors:

Get MAC Table for Logical Switch of the Given ID (lswitch-id)

Returns MAC table of a specified logical switch from the given transport
node if a transport node id is given in the query parameter from the
Central Controller Plane.
The query parameter "source=cached" is not supported.
Request:
Method:
GET
URI Path:
/api/v1/logical-switches/<lswitch-id>/mac-table
Request Headers:
n/a
Query Parameters:
ListByNodeIdParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-switches/<lswitch-id>/mac-table Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MacAddressListResult+

Example Response: { "sort_ascending": true, "sort_by": "displayName", "result_count": 1, "logical_switch_id": "2bcc9f42-0fb8-4a30-b4a6-db6d4abedf5a", "results": [ { "vtep_mac_address": "00:50:56:6b:e9:b5", "mac_address": "00:0c:29:ec:2b:ce", "vtep_ip": "159.213.45.33" } ] } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Get MAC Table for Logical Switch of the Given ID (lswitch-id)

Returns MAC table of a specified logical switch in CSV format from the given transport
node if a transport node id is given in the query parameter from the
Central Controller Plane.
The query parameter "source=cached" is not supported.
Request:
Method:
GET
URI Path:
/api/v1/logical-switches/<lswitch-id>/mac-table?format=csv
Request Headers:
n/a
Query Parameters:
TransportNodeIdParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-switches/<lswitch-id>/mac-table?format=csv&source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
MacAddressCsvListResult+

Example Response: mac_address,vtep_ip,vtep_mac_address 00:0c:29:ec:2b:ce,159.213.45.33,00:50:56:6b:e9:b5 Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Get the realized state associated with provided logical switch id

Returns current state of the logical switch configuration and details of only
out-of-sync transport nodes.
Request:
Method:
GET
URI Path:
/api/v1/logical-switches/<lswitch-id>/state
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-switches/cc5ff938-6f09-4841-8f0f-294e86415472/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalSwitchState+

Example Response: { "state" : "in_progress", "logical_switch_id": "cc5ff938-6f09-4841-8f0f-294e86415472", "details": [ { "state" : "in_progress", "sub_system_id" : "366048ba-89d9-435e-ac2e-2c7cf6ed0f33", "sub_system_type" : "TransportNode" } ] } Required Permissions: read Feature: switching_switches Additional Errors:

Get Statistics for Logical Switch of the Given ID (lswitch-id)

Returns statistics of a specified logical switch.
The query parameter "source=realtime" is not supported.
Request:
Method:
GET
URI Path:
/api/v1/logical-switches/<lswitch-id>/statistics
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-switches/<lswitch-id>/statistics Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalSwitchStatistics+

Example Response: { "tx_packets": { "total": 18, "dropped": 0, "multicast_broadcast": 0 }, "rx_bytes": { "total": 22358, "multicast_broadcast": 11473 }, "tx_bytes": { "total": 1068, "multicast_broadcast": 0 }, "rx_packets": { "total": 98, "dropped": 42, "multicast_broadcast": 56 }, "logical_switch_id": "2bcc9f42-0fb8-4a30-b4a6-db6d4abedf5a" } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Get Logical Switch runtime status info for a given logical switch

Returns the number of ports assigned to a logical switch. Request:
Method:
GET
URI Path:
/api/v1/logical-switches/<lswitch-id>/summary
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-switches/cc5ff938-6f09-4841-8f0f-294e86415472/summary Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalSwitchStatus+

Example Response: { "logical_switch_id": "cc5ff938-6f09-4841-8f0f-294e86415472", "num_logical_ports": 0 } Required Permissions: read Feature: switching_switches Additional Errors:

Get virtual tunnel endpoint table for logical switch of the given ID (lswitch-id)

Returns the virtual tunnel endpoint table of a specified logical switch
from the given transport node if a transport node id is given in the
query parameter, from the Central Controller Plane.
The query parameter "source=cached" is not supported.
Request:
Method:
GET
URI Path:
/api/v1/logical-switches/<lswitch-id>/vtep-table
Request Headers:
n/a
Query Parameters:
ListByNodeIdParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-switches/<lswitch-id>/vtep-table?source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VtepListResult+

Example Response: { "sort_ascending": true, "sort_by": "displayName", "result_count": 2, "logical_switch_id": "2bcc9f42-0fb8-4a30-b4a6-db6d4abedf5a", "results": [ { "vtep_mac_address": "00:50:56:6b:e9:b5", "vtep_label": 10241, "vtep_ip": "159.213.45.33", "segment_id": "159.213.45.0" }, { "vtep_mac_address": "04:00:9f:d5:2d:23", "vtep_label": 57345, "vtep_ip": "159.213.45.35", "segment_id": "159.213.45.0" } ] } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Get virtual tunnel endpoint table for logical switch of the given ID (lswitch-id)

Returns virtual tunnel endpoint table of a specified logical switch in
CSV format from the given transport node if a transport node id is
given in the query parameter from the Central Controller Plane.
The query parameter "source=cached" is not supported.
Request:
Method:
GET
URI Path:
/api/v1/logical-switches/<lswitch-id>/vtep-table?format=csv
Request Headers:
n/a
Query Parameters:
TransportNodeIdParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-switches/<lswitch-id>/vtep-table?format=csv&source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
VtepCsvListResult+

Example Response: vtep_label,vtep_ip,vtep_mac_address,segment_id 10241,159.213.45.33,00:50:56:6b:e9:b5,159.213.45.0 57345,159.213.45.35,04:00:9f:d5:2d:23,159.213.45.0 Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

List logical switches by realized state

Returns a list of logical switches states that have realized state as provided
as query parameter.
Request:
Method:
GET
URI Path:
/api/v1/logical-switches/state
Request Headers:
n/a
Query Parameters:
LogicalSwitchStateParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-switches/state?status=IN_PROGRESS Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalSwitchStateListResult+

Example Response: { "state" : "in_progress", "logical_switch_id": "cc5ff938-6f09-4841-8f0f-294e86415472", "details": [ { "state" : "in_progress", "sub_system_id" : "366048ba-89d9-435e-ac2e-2c7cf6ed0f33", "sub_system_type" : "TransportNode" } ] } Required Permissions: read Feature: switching_switches Additional Errors:

Get Status Summary of All Logical Switches in the System

Returns Operational status of all logical switches.
The query parameter "source=realtime" is not supported.
Request:
Method:
GET
URI Path:
/api/v1/logical-switches/status
Request Headers:
n/a
Query Parameters:
LogicalSwitchListWithSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-switches/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalSwitchStatusSummary+

Example Response: { "total_switches": 6, "fully_realized_switches": 6 } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Management Plane API: Logical Switching: Switching Profiles

Associated URIs:

Create a Switching Profile

Creates a new, custom qos, port-mirroring, spoof-guard or port-security
switching profile. You can override their default switching profile assignments
by creating a new switching profile and assigning it to one or more logical
switches. You cannot override the default ipfix or ip_discovery switching profiles.
Request:
Method:
POST
URI Path:
/api/v1/switching-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpDiscoverySwitchingProfile+
MacManagementSwitchingProfile+
PortMirroringSwitchingProfile+
QosSwitchingProfile+
SpoofGuardSwitchingProfile+
SwitchSecuritySwitchingProfile+

Example Request: POST https://<nsx-mgr>/api/v1/switching-profiles { "resource_type": "SpoofGuardSwitchingProfile", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": ["LSWITCH_BINDINGS"] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IpDiscoverySwitchingProfile+
MacManagementSwitchingProfile+
PortMirroringSwitchingProfile+
QosSwitchingProfile+
SpoofGuardSwitchingProfile+
SwitchSecuritySwitchingProfile+

Example Response: { "resource_type": "SpoofGuardSwitchingProfile", "id": "11a97fd4-b668-4f1c-932d-b3bd087550ea", "display_name": "spoof-guard-lswitch-bindings", "white_list_providers": [ "LSWITCH_BINDINGS" ], "_last_modified_user": "admin", "_last_modified_time": 1435288074327, "_create_time": 1435288074327, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: switching_switching_profiles Additional Errors:

List Switching Profiles

Returns information about the system-default and user-configured switching
profiles. Each switching profile has a unique ID, a display name, and
various other read-only and configurable properties. The default switching
profiles are assigned automatically to each switch.
Request:
Method:
GET
URI Path:
/api/v1/switching-profiles
Request Headers:
n/a
Query Parameters:
SwitchingProfileListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/switching-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SwitchingProfilesListResult+

Example Response: { "result_count": 7, "results": [ { "resource_type": "IpDiscoverySwitchingProfile", "id": "49781ebb-6f76-464a-9a7e-c365ba26128b", "display_name": "1-ipdiscoveryprofile-5", "arp_snooping_enabled": true, "dhcp_snooping_enabled": true, "arp_bindings_limit": 128, "vm_tools_enabled": true, "_last_modified_user": "admin", "_last_modified_time": 1435282351153, "_create_time": 1435282351153, "_create_user": "admin", "_revision": 0 }, { "resource_type": "IpDiscoverySwitchingProfile", "id": "64814784-7896-3901-9741-badeff705639", "display_name": "nsx-default-ip-discovery-overlay-profile", "arp_snooping_enabled": true, "dhcp_snooping_enabled": true, "arp_bindings_limit": 128, "vm_tools_enabled": false, "_last_modified_user": "system", "_last_modified_time": 1435280813950, "_create_time": 1435280813950, "_system_owned": true, "_create_user": "system", "_revision": 0 }, { "resource_type": "IpDiscoverySwitchingProfile", "id": "64814874-6987-1093-1479-badeff705639", "display_name": "nsx-default-ip-discovery-vlan-profile", "arp_snooping_enabled": true, "dhcp_snooping_enabled": true, "arp_bindings_limit": 128, "vm_tools_enabled": false, "_last_modified_user": "system", "_last_modified_time": 1435280813950, "_create_time": 1435280813950, "_system_owned": true, "_create_user": "system", "_revision": 0 }, { "resource_type": "PortMirroringSwitchingProfile", "id": "93b4b7e8-f116-415d-a50c-3364611b5d09", "display_name": "nsx-default-port-mirroring-profile", "destinations": [], "direction": "BIDIRECTIONAL", "key": 0, "_last_modified_user": "system", "_last_modified_time": 1435280813949, "_create_time": 1435280813949, "_system_owned": true, "_create_user": "system", "_revision": 0 }, { "resource_type": "QosSwitchingProfile", "id": "f313290b-eba8-4262-bd93-fab5026e9495", "display_name": "nsx-default-qos-switching-profile", "dscp": { "priority": 0, "mode": "TRUSTED" }, "class_of_service": 0, "shaper_configuration": [ { "resource_type": "IngressRateShaper", "enabled": false, "peak_bandwidth_mbps": 0, "burst_size_bytes": 0, "average_bandwidth_mbps": 0 }, { "resource_type": "IngressBroadcastRateShaper", "enabled": false, "peak_bandwidth_kbps": 0, "average_bandwidth_kbps": 0, "burst_size_bytes": 0 }, { "resource_type": "EgressRateShaper", "enabled": false, "peak_bandwidth_mbps": 0, "burst_size_bytes": 0, "average_bandwidth_mbps": 0 } ], "_last_modified_user": "system", "_last_modified_time": 1435280813947, "_create_time": 1435280813947, "_system_owned": true, "_create_user": "system", "_revision": 0 }, { "resource_type": "SpoofGuardSwitchingProfile", "id": "fad98876-d7ff-11e4-b9d6-1681e6b88ec1", "display_name": "nsx-default-spoof-guard-vif-profile", "white_list_providers": [], "_last_modified_user": "system", "_last_modified_time": 1435280813954, "_create_time": 1435280813954, "_system_owned": true, "_create_user": "system", "_revision": 0 }, { "resource_type": "SwitchSecuritySwitchingProfile", "id": "fbc4fb17-83d9-4b53-a286-ccdf04301888", "display_name": "nsx-default-switch-security-vif-profile", "dhcp_filter": { "client_block_enabled": false, "server_block_enabled": true }, "rate_limits": { "rx_broadcast": 0, "tx_broadcast": 0, "rx_multicast": 0, "tx_multicast": 0 }, "bpdu_filter": { "enabled": true, "white_list": [] }, "_last_modified_user": "system", "_last_modified_time": 1435280813955, "_create_time": 1435280813955, "_system_owned": true, "_create_user": "system", "_revision": 0 } ] } Required Permissions: read Feature: switching_switching_profiles Additional Errors:

Delete a Switching Profile

Deletes the specified switching profile. Request:
Method:
DELETE
URI Path:
/api/v1/switching-profiles/<switching-profile-id>
Request Headers:
n/a
Query Parameters:
SwitchingProfileDeleteParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/switching-profiles/11a97fd4-b668-4f1c-932d-b3bd087550ea Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: switching_switching_profiles Additional Errors:

Get Switching Profile by ID

Returns information about a specified switching profile. Request:
Method:
GET
URI Path:
/api/v1/switching-profiles/<switching-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/switching-profiles/f313290b-eba8-4262-bd93-fab5026e9495 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpDiscoverySwitchingProfile+
MacManagementSwitchingProfile+
PortMirroringSwitchingProfile+
QosSwitchingProfile+
SpoofGuardSwitchingProfile+
SwitchSecuritySwitchingProfile+

Example Response: { "resource_type": "QosSwitchingProfile", "id": "f313290b-eba8-4262-bd93-fab5026e9495", "display_name": "nsx-default-qos-switching-profile", "dscp": { "priority": 0, "mode": "TRUSTED" }, "class_of_service": 0, "shaper_configuration": [ { "resource_type": "IngressRateShaper", "enabled": false, "peak_bandwidth_mbps": 0, "burst_size_bytes": 0, "average_bandwidth_mbps": 0 }, { "resource_type": "IngressBroadcastRateShaper", "enabled": false, "peak_bandwidth_kbps": 0, "average_bandwidth_kbps": 0, "burst_size_bytes": 0 }, { "resource_type": "EgressRateShaper", "enabled": false, "peak_bandwidth_mbps": 0, "burst_size_bytes": 0, "average_bandwidth_mbps": 0 } ], "_last_modified_user": "system", "_last_modified_time": 1435280813947, "_create_time": 1435280813947, "_system_owned": true, "_create_user": "system", "_revision": 0 } Required Permissions: read Feature: switching_switching_profiles Additional Errors:

Update a Switching Profile

Updates the user-configurable parameters of a switching profile. Only the qos,
port-mirroring, spoof-guard and port-security switching profiles can be modified.
You cannot modify the ipfix or ip-discovery switching profiles.
Request:
Method:
PUT
URI Path:
/api/v1/switching-profiles/<switching-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpDiscoverySwitchingProfile+
MacManagementSwitchingProfile+
PortMirroringSwitchingProfile+
QosSwitchingProfile+
SpoofGuardSwitchingProfile+
SwitchSecuritySwitchingProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/switching-profiles/11a97fd4-b668-4f1c-932d-b3bd087550ea { "resource_type": "QosSwitchingProfile", "description": "", "id": "7f39bf67-ccf5-4613-8993-506ec89d893a", "display_name": "Medium priority", "tags": [], "dscp": { "mode": "TRUSTED", "priority": 0 }, "shaper_configuration": [ { "resource_type": "IngressRateShaper", "enabled": true, "average_bandwidth_mbps": 1000, "peak_bandwidth_mbps": 2000, "burst_size_bytes": 1250 }, { "resource_type": "IngressBroadcastRateShaper", "enabled": true, "burst_size_bytes": 1250, "peak_bandwidth_kbps": 2000, "average_bandwidth_kbps": 2000 }, { "resource_type": "EgressRateShaper", "enabled": false, "average_bandwidth_mbps": 1000, "peak_bandwidth_mbps": 2000, "burst_size_bytes": 1250 } ], "class_of_service": 2, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpDiscoverySwitchingProfile+
MacManagementSwitchingProfile+
PortMirroringSwitchingProfile+
QosSwitchingProfile+
SpoofGuardSwitchingProfile+
SwitchSecuritySwitchingProfile+

Example Response: { "resource_type": "QosSwitchingProfile", "description": "", "id": "7f39bf67-ccf5-4613-8993-506ec89d893a", "display_name": "Medium priority", "tags": [], "required_capabilities": [ "switchingprofile.qos.shaper.broadcast" ], "dscp": { "mode": "TRUSTED", "priority": 0 }, "shaper_configuration": [ { "resource_type": "IngressRateShaper", "enabled": true, "average_bandwidth_mbps": 1000, "peak_bandwidth_mbps": 2000, "burst_size_bytes": 1250 }, { "resource_type": "IngressBroadcastRateShaper", "enabled": true, "burst_size_bytes": 1250, "peak_bandwidth_kbps": 2000, "average_bandwidth_kbps": 2000 }, { "resource_type": "EgressRateShaper", "enabled": false, "average_bandwidth_mbps": 1000, "peak_bandwidth_mbps": 2000, "burst_size_bytes": 1250 } ], "class_of_service": 2, "_last_modified_time": 1458857995660, "_last_modified_user": "admin", "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: switching_switching_profiles Additional Errors:

Get Counts of Ports and Switches Using This Switching Profile

Request:
Method:
GET
URI Path:
/api/v1/switching-profiles/<switching-profile-id>/summary
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/switching-profiles/7f39bf67-ccf5-4613-8993-506ec89d893a/summary Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SwitchingProfileStatus+

Example Response: { "num_logical_ports": 1, "switching_profile_id": "7f39bf67-ccf5-4613-8993-506ec89d893a", "num_logical_switches": 0 } Required Permissions: read Feature: switching_switching_profiles Additional Errors:

Management Plane API: Migration

Management Plane API: Migration: Feedback

Associated URIs:

NSX-V feedback details

Get feedback details of NSX-V to be migrated.
Request:
Method:
GET
URI Path:
/api/v1/migration/feedback-requests
Request Headers:
n/a
Query Parameters:
FeedbackListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/feedback-requests Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationFeedbackRequestListResult+

Example Response: { "cursor" : "0036c5a1531e-9145-4818-bdb3-cf299a6558a5nnuullll", "result_count" : 2, "results": [ { "id": "e794562c-4d26-428a-9d19-9d79ddc4fb70", "hash": "5a1531e-9145-4818-bdb3-ca5nd197979dd" "vertical": "EDGE", "sub_-vertical": "L3VPN", "message": "IKE encryption algorithm 3des is not supported. Please provide valid algorithm for edge edge-2 L3VPN", "suggested_action": "change", "accepted_actions": [ "skip", "change" ], "suggested_value": "AES_256", "accepted_values": [ "AES_128", "AES_256", "AES_GCM_128" ], }, { "id": "e794562c-4d26-428a-9d19-9d79ddc4fb71", "hash": "4b1531e-9145-4818-bdb3-ca5nd197974da" "vertical": "HOST", "sub_vertical": "VIRTUALWIRE", "object_id": "virtualwire-2", "message": "Please provide TZ id for LS derived from virtualwire-2", "suggested_action": "change" } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Migration feedback response

Provide response for feedback queries needed for migration.
Request:
Method:
PUT
URI Path:
/api/v1/migration/feedback-response
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MigrationFeedbackResponseList+

Example Request: PUT https://<nsx-mgr>/api/v1/migration/feedback-response { "response_list" : [ { "id": "e794562c-4d26-428a-9d19-9d79ddc4fb70", "action": "change", "value": "4d26-428a-9d19-9d79ddc4fb70-7945625" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Accept default action for feedbacks

Pick default resolution for all feedback items.
Request:
Method:
POST
URI Path:
/api/v1/migration/feedback-response?action=accept-recommended
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/migration/feedback-response?action=accept-recommended Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Feedback request summary

Get feedback summary of NSX-V to be migrated.
Request:
Method:
GET
URI Path:
/api/v1/migration/feedback-summary
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/feedback-summary Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationFeedbackSummaryListResult+

Example Response: { "result_count" : 2, "results": [ {"category": "EDGE", "count": 5}, {"category": "LogicalSwitch", "count": 10} ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

NSX-V feedback details

Get feedback details of NSX-V to be migrated, grouped by feedback type.
Request:
Method:
GET
URI Path:
/api/v1/migration/grouped-feedback-requests
Request Headers:
n/a
Query Parameters:
FeedbackListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/grouped-feedback-requests Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GroupedMigrationFeedbackRequestListResult+

Example Response: { "cursor" : "0036c5a1531e-9145-4818-bdb3-cf299a6558a5nnuullll", "result_count" : 2, "results": [ { "hash": "5a1531e-9145-4818-bdb3-ca5nd197979dd" "message": "IKE encryption algorithm 3des is not supported. Please provide valid algorithm for edge edge-2 L3VPN", "suggested_action": "change", "accepted_actions": [ "skip", "change" ], "suggested_value": "AES_256", "accepted_values": [ "AES_128", "AES_256", "AES_GCM_128" ], "feedback_objects": [ {"id": "0036c5a1531e-9145-4818-bdb3-cf299a6558a5", "v_object_id": "virtualwire-2", "resolved": false}, {"id": "0036c5a1531e-9145-4818-bdb3-cf299a6558a5", "v_object_id": "virtualwire-2", "resolved": false} ] } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Management Plane API: Migration: Group

Associated URIs:

Return information of all migration unit groups

Return information of all migration unit groups in the
migration plan. If request parameter summary is set to true, then
only count of migration units will be returned, migration units list
will be empty. If request parameter component type is specified,
then all migration unit groups for that component will be returned.
Request:
Method:
GET
URI Path:
/api/v1/migration/migration-unit-groups
Request Headers:
n/a
Query Parameters:
MigrationUnitGroupListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/migration-unit-groups?component_type=HOST Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationUnitGroupListResult+

Example Response: { "cursor" : "0036cd429462-4716-4ada-a66b-e4c78504a399nnuullll", "result_count" : 1, "results": [ { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts", "type": "HOST", "parallel": "false", "enabled": "true", "migration_unit_count": 2, "migration_units": [ { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7", "display_name": "esx551", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] }, { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "display_name": "esx552", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] } ], "extended_configuration": [ { "key": "disable_vm_migration", "value": "true" } ] } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Create a group

Create a group of migration units.
Request:
Method:
POST
URI Path:
/api/v1/migration/migration-unit-groups
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MigrationUnitGroup+

Example Request: POST https://<nsx-mgr>/api/v1/migration/migration-unit-groups { "display_name": "esx55Hosts", "type": "HOST", "parallel": "false", "enabled": "true", "migration_units": [ { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7", }, { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", } ], "extended_configuration": [ { "key": "disable_vm_migration", "value": "true" } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
MigrationUnitGroup+

Example Response: { "resource_type": "MigrationUnitGroup", "id": "e794562c-4d26-428a-9d19-9d79ddc4fb70", "display_name": "Cluster 1", "migration_units": [ { "metadata": [ { "value": "ESXI", "key": "HYPERVISOR_OS" } ], "warnings": [], "current_version": "1.1.0.0.0.4788198", "id": "bf1c7b70-3709-11e7-9a39-fdf3dd0661a4", "display_name": "ESX 60 -2", "type": "HOST", "group": { "id": "e794562c-4d26-428a-9d19-9d79ddc4fb70", "display_name": "Cluster 1" } } ], "extended_configuration": [ { "value": "true", "key": "disable_vm_migration" } ], "parallel": false, "type": "HOST", "enabled": true, "migration_unit_count": 1 } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Get migration status for migration unit groups

Get migration status for migration unit groups Request:
Method:
GET
URI Path:
/api/v1/migration/migration-unit-groups-status
Request Headers:
n/a
Query Parameters:
MigrationComponentTypeListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/migration-unit-groups-status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationUnitGroupStatusListResult+

Example Response: { "cursor" : "0036cd429462-4716-4ada-a66b-e4c78504a399nnuullll", "result_count" : 3, "results": { [ { "group_id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "group_name": "PRECHECK", "migration_unit_count": 10, "status": "SUCCESS", "failed_count": 0, "percent_complete": 100 }, { "group_id": "a60445eb-32aa-4782-bded-9b6ba99ba2cd", "group_name": "CONFIG_MIGRATION", "migration_unit_count": 1, "status": "IN_PROGRESS", "failed_count": 0, "percent_complete": 40 }, { "group_id": "5346171c-1d77-401e-a2c4-9274b69cc342", "group_name": "Cluster 1", "migration_unit_count": 2, "status": "NOT_STARTED", "failed_count": 0, "percent_complete": 0 } ] } } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Return migration unit group information

Returns information about a specific migration unit group in the
migration plan. If request parameter summary is set to true, then
only count of migration units will be returned, migration units list
will be empty.
Request:
Method:
GET
URI Path:
/api/v1/migration/migration-unit-groups/<group-id>
Request Headers:
n/a
Query Parameters:
SummaryRequest+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/migration-unit-groups/d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationUnitGroup+

Example Response: { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts", "type": "HOST", "parallel": "false", "enabled": "true", "migration_unit_count": 2, "migration_units": [ { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7", "display_name": "esx551", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] }, { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "display_name": "esx552", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] } ], "extended_configuration": [ { "key": "disable_vm_migration", "value": "true" } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Update the migration unit group

Update the specified migration unit group. Removal of migration units from the group
using this is not allowed. An error will be returned in that case.
Request:
Method:
PUT
URI Path:
/api/v1/migration/migration-unit-groups/<group-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MigrationUnitGroup+

Example Request: PUT https://<nsx-mgr>/api/v1/migration/migration-unit-groups/d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5 { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55HostsGroup", "type": "HOST", "parallel": "true", "enabled": "false", "migration_units": [ { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7", }, { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", } ], "extended_configuration": [ { "key": "disable_vm_migration", "value": "false" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationUnitGroup+

Example Response: { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55HostsGroup", "type": "HOST", "parallel": "true", "enabled": "false", "migration_unit_count": 2, "migration_units": [ { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7", "display_name": "esx551", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] }, { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "display_name": "esx552", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] } ], "extended_configuration": [ { "key": "disable_vm_migration", "value": "false" } ] } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Delete the migration unit group

Delete the specified group.
NOTE - A group can be deleted only if it is empty.
If user tries to delete a group containing one
or more migration units, the operation will fail and an error
will be returned.
Request:
Method:
DELETE
URI Path:
/api/v1/migration/migration-unit-groups/<group-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/migration/migration-unit-groups/d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Reorder an migration unit within the migration unit group

Reorder an migration unit within the migration unit group by placing it
before/after the specified migration unit
Request:
Method:
POST
URI Path:
/api/v1/migration/migration-unit-groups/<group-id>/migration-unit/<migration-unit-id>?action=reorder
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ReorderMigrationRequest+

Example Request: POST https://<nsx-mgr>/api/v1/migration/migration-unit-groups/d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5/migration-unit/1f64e9f4-eeb3-4ebd-af78-e08757e593cf?action=reorder { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "is_before": "false" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Get migration status for group

Get migration status for migration units in the specified group. User can
specify whether to show only the migration units with errors.
Request:
Method:
GET
URI Path:
/api/v1/migration/migration-unit-groups/<group-id>/status
Request Headers:
n/a
Query Parameters:
MigrationGroupStatusListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/migration-unit-groups/d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationUnitStatusListResult+

Example Response: { "cursor" : "0036c5a1531e-9145-4818-bdb3-cf299a6558a5nnuullll", "result_count" : 2, "results": [ { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7", "display_name": "esx551", "status": "SUCCESS", "percent_complete": 100, "errors": [] }, { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "display_name": "esx552", "status": "IN_PROGRESS", "percent_complete": 50, "errors": [] } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Add migration units to specified migration unit group

Add migration units to specified migration unit group. The migration
units will be added at the end of the migration unit list.
Request:
Method:
POST
URI Path:
/api/v1/migration/migration-unit-groups/<group-id>?action=add_migration_units
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MigrationUnitList+

Example Request: POST https://<nsx-mgr>/api/v1/migration/migration-unit-groups/d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5?action=add_migration_units { "list": [ { "id": "e893085a-3709-11e7-ae6e-55850742a4d0", "group": { "display_name": "Two", "id": "ab1b2c01-97a6-44c6-b946-430728c0355d" } } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationUnitList+

Example Response: { "list": [ { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "display_name": "esx552", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] } ] } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Reorder migration unit group

Reorder an migration unit group by placing it before/after
the specified migration unit group.
Request:
Method:
POST
URI Path:
/api/v1/migration/migration-unit-groups/<group-id>?action=reorder
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ReorderMigrationRequest+

Example Request: POST https://<nsx-mgr>/api/v1/migration/migration-unit-groups/d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5?action=reorder { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "is_before": "false" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Return aggregate information of all migration unit groups

Return information of all migration unit groups in the
migration plan. If request parameter summary is set to true, then
only count of migration units will be returned, migration units list
will be empty. If request parameter component type is specified,
then all migration unit groups for that component will be returned.
Request:
Method:
GET
URI Path:
/api/v1/migration/migration-unit-groups/aggregate-info
Request Headers:
n/a
Query Parameters:
MigrationUnitGroupListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/migration-unit-groups/aggregate-info Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationUnitGroupAggregateInfoListResult+

Required Permissions: read Feature: utilities_upgrade Additional Errors:

Management Plane API: Migration: Migrationunits

Associated URIs:

Get migration units

Get migration units Request:
Method:
GET
URI Path:
/api/v1/migration/migration-units
Request Headers:
n/a
Query Parameters:
MigrationUnitListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/migration-units Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationUnitListResult+

Example Response: { "cursor" : "0036cd429462-4716-4ada-a66b-e4c78504a399nnuullll", "result_count" : 2, "results": [ { "id": "ConfigCollector", "display_name": "ConfigCollector", "type": "PRECHECK", "current_version": "NSX-v", "group": { "id": "PRECHECK", "display_name": "PRECHECK" }, "warnings": [], "metadata": [] }, { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "display_name": "esx552", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get migration units stats

Get migration units stats Request:
Method:
GET
URI Path:
/api/v1/migration/migration-units-stats
Request Headers:
n/a
Query Parameters:
MigrationUnitsStatsRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/migration-units-stats?sync=false Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationUnitTypeStatsList+

Example Response: { "results": { [ { "type": "PRECHECK", "version": "1.1.1.4245555", "node_count": 10, "node_with_issues_count": 0 }, { "type": "CONFIG_MIGRATION", "version": "1.1.1.1213223", "node_count": 2, "node_with_issues_count": 0 }, { "type": "HOST", "version": "1.1.1.1433223", "node_count": 2, "node_with_issues_count": 1 }, ] } } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get a specific migration unit

Get a specific migration unit Request:
Method:
GET
URI Path:
/api/v1/migration/migration-units/<migration-unit-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/migration-units/a95be8d6-4a76-46fe-9c9c-341e89973da7 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationUnit+

Example Response: { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7", "display_name": "esx551", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get migration units aggregate-info

Get migration units aggregate-info Request:
Method:
GET
URI Path:
/api/v1/migration/migration-units/aggregate-info
Request Headers:
n/a
Query Parameters:
MigrationUnitAggregateInfoListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/migration-units/aggregate-info Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationUnitAggregateInfoListResult+

Example Response: { "cursor" : "00011", "sort_ascending" : true, "result_count" : 1, "results" : [ { "warnings" : [ ], "current_version" : "1.1.0.0.0.5292903", "id" : "421B38AA-E390-64B9-3FFF-7AD6EBF59C40", "display_name" : "ESX 1", "type" : "HOST", "percent_complete" : 0.0, "errors" : [ ], "group" : { "id" : "4c0486b8-1575-4aa6-aa62-1ac50879467a", "display_name" : "Cluster 1" }, "status" : "NOT_STARTED" } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Management Plane API: Migration: Nodes

Associated URIs:

Get list of nodes across all types

Get list of nodes. If request parameter component type is specified, then
all nodes for that component will be returned. If request parameter component
version is specified, then all nodes at that version will be returned.
Request:
Method:
GET
URI Path:
/api/v1/migration/nodes
Request Headers:
n/a
Query Parameters:
MigrationNodeInfoListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/nodes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeInfoListResult+

Example Response: { "cursor" : "00017", "sort_ascending" : true, "result_count" : 7, "results" : [ { "id" : "CONFIG_COLLECTOR", "display_name" : "CONFIG_COLLECTOR", "type" : "PRECHECK", "component_version" : "1.1.0.0.0.5292922" }, { "id" : "07cd4582-189c-11e7-b77f-7f1dfdccba5e", "display_name" : "sc-rdops-vm05-dhcp-158-121.eng.vmware.com", "type" : "CONFIG_MIGRATION", "component_version" : "1.1.0.0.0.5292922" }, { "id" : "25c9fd3e-189c-11e7-baa0-02001ae66268", "display_name" : "utu1604template.eng.vmware.com", "type" : "HOST", "component_version" : "1.1.0.0.0.5292922" } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get summary of nodes

Get summary of nodes, which includes node count for each type and component version. Request:
Method:
GET
URI Path:
/api/v1/migration/nodes-summary
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/nodes-summary Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeSummaryList+

Example Response: { "results" : [ { "node_count" : 3, "type" : "PRECHECK", "component_version" : "1.1.0.0.0.5292902" }, { "node_count" : 1, "type" : "CONFIG_MIGRATION", "component_version" : "1.1.0.0.0.5292903" }, { "node_count" : 4, "type" : "HOST", "component_version" : "1.1.0.0.0.5292922" } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Management Plane API: Migration: Plan

Associated URIs:

Get migration plan settings for the component

Get the migration plan settings for the component.
Request:
Method:
GET
URI Path:
/api/v1/migration/plan/<component_type>/settings
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/plan/HOST/settings Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationPlanSettings+

Example Response: { "parallel" : "true", "pause_on_error" : "true", "pause_after_each_group" : "false" } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Update migration plan settings for the component

Update the migration plan settings for the component.
Request:
Method:
PUT
URI Path:
/api/v1/migration/plan/<component_type>/settings
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MigrationPlanSettings+

Example Request: PUT https://<nsx-mgr>/api/v1/migration/plan/HOST/settings { "parallel" : "false", "pause_on_error" : "true", "pause_after_each_group" : "false" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationPlanSettings+

Example Response: { "parallel" : "false", "pause_on_error" : "true", "pause_after_each_group" : "false" } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Abort migration

Resets all migration steps done so far, so that migration can be restarted
with new setup details.
Request:
Method:
POST
URI Path:
/api/v1/migration/plan?action=abort
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/migration/plan?action=abort Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Continue migration

Continue the migration. Resumes the migration from the point where
it was paused.
Request:
Method:
POST
URI Path:
/api/v1/migration/plan?action=continue
Request Headers:
n/a
Query Parameters:
ContinueMigrationRequestParameters+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/migration/plan?action=continue Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Mark completion of a migration cycle

This API marks the completion of one execution of migration workflow. This API resets internal
execution state and hence needs to be invoked before starting subsequent workflow run.
Request:
Method:
POST
URI Path:
/api/v1/migration/plan?action=finish
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/migration/plan?action=finish Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Pause migration

Pause the migration. Migration will be paused after migration of all
the nodes currently in progress is completed either successfully
or with failure. User can make changes in the migration plan when
the migration is paused.
Request:
Method:
POST
URI Path:
/api/v1/migration/plan?action=pause
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/migration/plan?action=pause Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Reset migration plan to default plan

Reset the migration plan to default plan. User has an option to change
the default plan. But if after making changes, user wants to go
back to the default plan, this is the way to do so.
Request:
Method:
POST
URI Path:
/api/v1/migration/plan?action=reset
Request Headers:
n/a
Query Parameters:
MigrationPlanResetRequest+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/migration/plan?action=reset&component_type=HOST Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Rollbabck migration

Roll back the migration. Changes applied to target NSX will be reverted.
Use the migration status API to monitor progress of roll back.
Request:
Method:
POST
URI Path:
/api/v1/migration/plan?action=rollback
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/migration/plan?action=rollback Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Start migration

Start the migration. Migration will start as per the migration plan.
Request:
Method:
POST
URI Path:
/api/v1/migration/plan?action=start
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/migration/plan?action=start Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Management Plane API: Migration: Setup

Associated URIs:

NSX-V setup details

Get setup details of NSX-V to be migrated.
Request:
Method:
GET
URI Path:
/api/v1/migration/setup
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/setup Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationSetupInfo+

Example Response: { "nsxv_list" : [ {"ip": "192.168.x.y"}, {"ip": "192.168.x.z"} ], "migration_mode" : "ONPREMISE_V2T" } Required Permissions: read Feature: utilities_upgrade Additional Errors:

NSX-V setup details

Provide setup details of NSX-V to be migrated.
Request:
Method:
PUT
URI Path:
/api/v1/migration/setup
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MigrationSetupInfo+

Example Request: PUT https://<nsx-mgr>/api/v1/migration/setup { "nsxv_list" : [ {"ip": "192.168.x.y", "auth_token": "XYZ"}, {"ip": "192.168.x.z", "auth_token": "PQR"} ], "migration_mode" : "ONPREMISE_V2T" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationSetupInfo+

Example Response: { "nsxv_list" : [ {"ip": "192.168.x.y"}, {"ip": "192.168.x.z"} ], "migration_mode" : "ONPREMISE_V2T" } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Management Plane API: Migration: Stats

Associated URIs:

Get migration stats for logical constructs phase

Get migration stats for logical constructs phase. This API can be polled for getting runtime progress of the migration from source to target. Request:
Method:
GET
URI Path:
/api/v1/migration/logical-constructs/stats
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/logical-constructs/stats Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalConstructMigrationStatsListResult+

Example Response: { "cursor" : "0036cd429462-4716-4ada-a66b-e4c78504a399", "result_count" : 1, "results": { [ { "source_type": "dvportgroup", "source_count": "50", "target_type": "Segment", "target_count": "18" } ] } } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Management Plane API: Migration: Status

Associated URIs:

Get migration status summary

Get migration status summary Request:
Method:
GET
URI Path:
/api/v1/migration/status-summary
Request Headers:
n/a
Query Parameters:
MigrationStatusSummaryRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/status-summary Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationStatus+

Example Response: { "component_status": [ { "component_type": "PRECHECK", "status": "IN_PROGRESS", "percent_complete": 40, "details": "Collecting config", "can_skip": false }, { "component_type": "CONFIG_MIGRATION", "status": "NOT_STARTED", "percent_complete": 0, "can_skip": false } { "component_type": "HOST", "status": "NOT_STARTED", "percent_complete": 0, "can_skip": false } } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get migration summary

Get migration summary Request:
Method:
GET
URI Path:
/api/v1/migration/summary
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/summary Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationSummary+

Example Response: { "migration_status" : "PAUSED", "component_target_versions" : [ { "component_type" : "PRECHECK", "target_version" : "2.0.0.0.0.5963423" }, { "component_type" : "CONFIG_MIGRATION", "target_version" : "2.0.0.0.0.5963333" }, { "component_type" : "HOST", "target_version" : "2.0.0.0.0.5963327" } ], "migration_coordinator_version" : "1.2.3.0.0.456789", "system_version" : "1.1.0.0.0.4787411", "target_version" : "2.0.0.0.0.5963330", "migration_bundle_file_name" : "VMware-NSX-migration-bundle-2.0.0.0.0.5963330.mmb" } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Management Plane API: Migration: User Inputs

Associated URIs:

Get the list of discovered switches (DVS, VSS)

Get the list of discovered switches (DVS, VSS) for the selected VC.
Request:
Method:
GET
URI Path:
/api/v1/migration/discovered-switches
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/discovered-switches Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationSwitchListResult+

Example Response: { "cursor": "0036c5a1531e-9145-4818-bdb3-cf299a6558a5nnuullll", "result_count": 3, "results" : [ { "id": "dvs1", "name":"DVSwitchA", "kind":"DVS", "pnic_count":10 }, { "id": "dvs2", "name":"DVSwitchB", "kind":"DVS", "pnic_count":0 }, { "id": "vss1", "name":"VSSwitchA", "kind":"VSS", "pnic_count":2 } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get the list of migrated switches (DVS, VSS)

Get the list of migrated switches (DVS, VSS) for the selected VC.
Request:
Method:
GET
URI Path:
/api/v1/migration/migrated-switches
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/migrated-switches Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationSwitchListResult+

Example Response: { "cursor": "0036c5a1531e-9145-4818-bdb3-cf299a6558a5nnuullll", "result_count": 3, "results" : [ { "id": "dvs1", "name":"DVSwitchA", "kind":"DVS", "pnic_count":10 }, { "id": "vss1", "name":"VSSwitchA", "kind":"VSS", "pnic_count":2 } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get the switch set as current scope for migration

The user is returned the switch (DVS/VSS) set as current scope of migration.
Request:
Method:
GET
URI Path:
/api/v1/migration/switch
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/migration/switch Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationSwitchInfo+

Example Response: { "id" : "dvs2", "name" : "DVSwitchB" "kind" : "DVS" } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Set the switch as current scope for migration

The user specifies a DVS / VSS as the current scope of migration.
Request:
Method:
PUT
URI Path:
/api/v1/migration/switch
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MigrationSwitchInfo+

Example Request: PUT https://<nsx-mgr>/api/v1/migration/switch { "id" : "dvs2", "name" : "DVSwitchB" "kind" : "DVS" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MigrationSwitchInfo+

Example Response: { "id" : "dvs2", "name" : "DVSwitchB" "kind" : "DVS" } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Management Plane API: NSX Component Administration

Management Plane API: NSX Component Administration: Appliance

Associated URIs:

NodeMode

Currently only a switch from "VMC_LOCAL" to "VMC" is supported.
Returns a new Node Mode, if the request successfuly changed it.
Request:
Method:
POST
URI Path:
/api/v1/configs/node/mode
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SwitchingToVmcModeParameters+

Example Request: POST https://<nsx-mgr>/api/v1/configs/node/mode { "mode_id": "VMC", "base_url": "https://console-stg.cloud.vmware.com", "csp_org_uri": "/csp/gateway/am/api/orgs", "auth_code": { "client_id": "some ID", "client_secret": "some secret" }, "csp_client_credential": { "client_id": "some ID2", "client_secret": "some secret2" }, "proxy_host": "127.0.0.1", "proxy_port": 8080, "default_org_id": "d56c8ab2-7aee-4e6e-8c68-6b99db496766", "ea_org": { "org_id": "nsxaas-enterprise", "org_role": "enterprise_admin" }, "gss_org": { "org_id": "nsxaas-gss", "org_role": "auditor" }, "sre_org": { "org_id": "nsxaas-sre", "org_role": "site_reliability_engineer" }, "sddc_id": "cd48ab2-7aee-4e6e-8c68-6b99db496766", "csp_client_incoming_credentials": [ "85ac8ab2-7aee-4e6e-8c68-6b99db496766", "6d3c8ab2-7aee-4e6e-8c68-6b99db496766", ... ], "service_definition_id": "ab481ab2-7aee-4e6e-8c68-6b99db496766", "csp_time_drift": 5000, "basic_auth_whitelist_ips": [ "10.0.1.2", "10.0.1.3", ... ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeMode+

Example Response: { "mode_id": "VMC" } Required Permissions: crud Feature: system_administration Additional Errors:

NodeMode

Returns current Node Mode.
Request:
Method:
GET
URI Path:
/api/v1/node/mode
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/mode Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeMode+

Example Response: { "mode_id": "VMC" } Required Permissions: read Feature: system_administration Additional Errors:

Set the node system time

Set the node system time to the given time in UTC in the RFC3339 format
'yyyy-mm-ddThh:mm:ssZ'.
Request:
Method:
POST
URI Path:
/api/v1/node?action=set_system_time
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeTime+

Example Request: POST https://<nsx-mgr>/api/v1/node?action=set_system_time { "system_datetime": "2019-03-06T00:19:35Z" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

Management Plane API: NSX Component Administration: Appliance Management

Associated URIs:

Collect audit logs from registered manager nodes

This API is executed on a manager node to display audit logs from all nodes
inside the management plane cluster. An audit log collection will be
triggered if the local master audit log is outdated.
Request:
Method:
POST
URI Path:
/api/v1/administration/audit-logs
Request Headers:
n/a
Query Parameters:
AuditLogQueryParameters+
Request Body:
AuditLogRequest+

Example Request: POST https://<nsx-mgr>/api/v1/administration/audit-logs?page_size=1 { "log_age_limit": 1, "log_filter": "", "log_filter_type": "TEXT" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AuditLogListResult+

Example Response: { "last_full_sync_timestamp": "2017-12-13T19:23:57.042633Z", "cursor": 1457, "result_count": 1, "results": [ { "appname": "NSX", "facility": 22, "full_log": "<182>1 2017-12-11T19:51:39.819Z junjiex-nsxmanager-sb-12479759-1-test7 NSX - SYSTEM [nsx@6876 audit=\"true\" comp=\"nsx-manager\" subcomp=\"manager\"] UserName:'admin@10.2.106.238', ModuleName:'ACCESS_CONTROL', Operation:'LOGIN', Operation status:'success'", "hostname": "junjiex-nsxmanager-sb-12479759-1-test7", "message": "UserName:'admin@10.2.106.238', ModuleName:'ACCESS_CONTROL', Operation:'LOGIN', Operation status:'success'", "msgid": "SYSTEM", "priority": 6, "procid": "-", "struct_data": { "audit": "true", "comp": "nsx-manager", "subcomp": "manager" }, "timestamp": "2017-12-11T19:51:39.819Z", "version": "1" } ] } Required Permissions: read Feature: system_log Additional Errors:

Collect support bundles from registered cluster and fabric nodes

Collect support bundles from registered cluster and fabric nodes. Request:
Method:
POST
URI Path:
/api/v1/administration/support-bundles?action=collect
Request Headers:
n/a
Query Parameters:
SupportBundleQueryParameter+
Request Body:
SupportBundleRequest+

Example Request: POST https://<nsx-mgr>/api/v1/administration/support-bundles?action=collect { "nodes": ["d7c33930-964c-42ca-851f-0d15c3c25fe2"] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Content-type: application/octet-stream
Response Body:
SupportBundleResult+

Example Response: Headers Content-Disposition: attachment;filename=nsx_support_archive_20170818_002715.tar Content-Type: application/octet-stream Date: Thu, 18 Aug 2017 00:28:07 GMT Server: NSX Manager Transfer-Encoding: chunked Vmw-Task-Id: 420bbcef-fbde-66b2-8c28-f15bd2b7bc3c_791c820f-6e84-47c7-aa87-b40be387a684 Required Permissions: read Feature: system_support_bundle Additional Errors:

Delete existing support bundles waiting to be downloaded

Delete existing support bundles waiting to be downloaded. Request:
Method:
POST
URI Path:
/api/v1/administration/support-bundles?action=delete_async_response
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/administration/support-bundles?action=delete_async_response Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: read Feature: system_support_bundle Additional Errors:

Invoke PUT request on target cluster node

Request:
Method:
PUT
URI Path:
/api/v1/cluster/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Invoke DELETE request on target cluster node

Request:
Method:
DELETE
URI Path:
/api/v1/cluster/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Invoke GET request on target cluster node

Request:
Method:
GET
URI Path:
/api/v1/cluster/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Invoke POST request on target cluster node

Request:
Method:
POST
URI Path:
/api/v1/cluster/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Invoke POST request on target fabric node

Request:
Method:
POST
URI Path:
/api/v1/fabric/nodes/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Invoke GET request on target fabric node

Request:
Method:
GET
URI Path:
/api/v1/fabric/nodes/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Invoke PUT request on target fabric node

Request:
Method:
PUT
URI Path:
/api/v1/fabric/nodes/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Invoke DELETE request on target fabric node

Request:
Method:
DELETE
URI Path:
/api/v1/fabric/nodes/<target-node-id>/<target-uri>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: none Feature: system_administration Additional Errors:

Collect alarms from all NSX nodes (Experimental)

This API is executed on a manager node to return current alarms from all NSX nodes.
Request:
Method:
GET
URI Path:
/api/v1/hpm/alarms
Request Headers:
n/a
Query Parameters:
AlarmQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/hpm/alarms Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AlarmListResult+

Example Response: { "cursor": 0, "result_count": 2, "results": [ { "id": "vmwNSXRoutingBgpNeighborStatus_80956404", "message": "BGP neighbor 00005000-0000-0003-0000-000000000002 with IP 40.40.40.10 status changed to down.", "severity": 3, "source_comp_id": "73fc267f9a7-11e7-a6dd-02004b9e97c4", "source_comp": "nsx-edge", "source_subcomp": "dcsms.msr", "sources": { "id": "00005000-0000-0003-0000-000000000002", "ip_address": "40.40.40.10" }, "state": 1, "timestamp": 1517533690 }, { "id": "vmwNSXPlatformSysDiskUsage_13571574", "message": "Disk usage for varlog partition is 90% for more than 10 minutes", "severity": 3, "source_comp_id": "420af0be-a4e0-caa8-5105-8627fd754a3f", "source_comp": "nsx-manager", "source_subcomp": "node_monitor", "sources": { "mount": "varlog" }, "state": 1, "timestamp": 1517940120 } ] } Required Permissions: read Feature: system_log Additional Errors:

Update node properties

Modifies NSX appliance properties. Modifiable properties include the
timezone, message of the day (motd), and hostname. The NSX appliance
node_version, system_time, and kernel_version are read only and cannot be
modified with this method.
Request:
Method:
PUT
URI Path:
/api/v1/node
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node { "motd":"Welcome to the NSX Manager" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeProperties+

Example Response: { "cli_timeout": 600, "hostname": "VMware_NSX_Manager", "kernel_version": "3.14.17-nn1-server", "motd": "Welcome to the NSX Manager", "node_version": "1.0.0.0.0.3063398", "system_time": 1442277530217, "timezone": "Etc/UTC" } Required Permissions: crud Feature: system_administration Additional Errors:

Read node properties

Returns information about the NSX appliance. Information includes
release number, time zone, system time, kernel version, message of the day
(motd), and host name.
Request:
Method:
GET
URI Path:
/api/v1/node
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeProperties+

Example Response: { "cli_timeout": 600, "export_type": "UNRESTRICTED", "hostname": "VMware_NSX_Manager", "kernel_version": "3.14.17-nn1-server", "motd": "", "node_version": "1.0.0.0.0.3063398", "system_time": 1442277320585, "timezone": "Etc/UTC" } Required Permissions: read Feature: system_administration Additional Errors:

Update AAA provider vIDM properties

Request:
Method:
PUT
URI Path:
/api/v1/node/aaa/providers/vidm
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeAuthProviderVidmProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/aaa/providers/vidm { "lb_enable": true, "vidm_enable": true, "host_name": "jt-vidm.eng.vmware.com", "thumbprint": "898b75618e3e56615d53f987a720ff22b6381f4b85bec1eb973214ff7361f8b8", "client_id": "OAuth2Client_NsxClientId", "client_secret": "OAuth2Client_NsxClientSecret", "node_host_name": "jt-nsx.eng.vmware.com" } Successful Response:
Response Code:
202 Accepted
Response Headers:
Content-type: application/json
Response Body:
NodeAuthProviderVidmProperties+

Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeAuthProviderVidmProperties+

Example Response: { "lb_enable": true, "vidm_enable": true, "host_name": "jt-vidm.eng.vmware.com", "thumbprint": "898b75618e3e56615d53f987a720ff22b6381f4b85bec1eb973214ff7361f8b8", "client_id": "OAuth2Client_NsxClientId", "node_host_name": "jt-nsx.eng.vmware.com" } Required Permissions: crud Feature: users_configuration Additional Errors:

Read AAA provider vIDM properties

Request:
Method:
GET
URI Path:
/api/v1/node/aaa/providers/vidm
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/aaa/providers/vidm Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeAuthProviderVidmProperties+

Example Response: { "lb_enable": true, "vidm_enable": true, "host_name": "jt-vidm.eng.vmware.com", "thumbprint": "898b75618e3e56615d53f987a720ff22b6381f4b85bec1eb973214ff7361f8b8", "client_id": "OAuth2Client_NsxClientId", "node_host_name": "jt-nsx.eng.vmware.com" } Required Permissions: read Feature: users_configuration Additional Errors:

Read AAA provider vIDM status

Request:
Method:
GET
URI Path:
/api/v1/node/aaa/providers/vidm/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/aaa/providers/vidm/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeAuthProviderVidmStatus+

Example Response: { "vidm_enable": true, "runtime_state": "ALL_OK" } Required Permissions: read Feature: users_configuration Additional Errors:

List node files

Request:
Method:
GET
URI Path:
/api/v1/node/file-store
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/file-store Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FilePropertiesListResult+

Example Response: { "_schema": "FilePropertiesListResult", "_self": "/node/file-store", "result_count": 2, "results": [ { "_schema": "FileProperties", "_self": "/node/file-store/test1.txt", "created_epoch_ms": 1457048893748, "modified_epoch_ms": 1457048860639, "name": "test1.txt", "size": 71 }, { "_schema": "FileProperties", "_self": "/node/file-store/test.txt", "created_epoch_ms": 1457048848624, "modified_epoch_ms": 1457048560936, "name": "test.txt", "size": 50 } ] } Required Permissions: read Feature: system_administration Additional Errors:

Upload a file to the file store

When you issue this API, the client must specify:
- HTTP header Content-Type:application/octet-stream.
- Request body with the contents of the file in the filestore.
In the CLI, you can view the filestore with the get files command.
Request:
Method:
POST
URI Path:
/api/v1/node/file-store/<file-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/file-store/test.txt This is a sentence that is added to the file test.txt. Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
FileProperties+

Example Response: { "_schema": "FileProperties", "_self": "/node/file-store/test.txt", "created_epoch_ms": 1457048560936, "modified_epoch_ms": 1457048560936, "name": "test.txt", "size": 54 } Required Permissions: crud Feature: system_administration Additional Errors:

Delete file

Request:
Method:
DELETE
URI Path:
/api/v1/node/file-store/<file-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

Read file properties

Request:
Method:
GET
URI Path:
/api/v1/node/file-store/<file-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/file-store/test1.txt Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FileProperties+

Example Response: { "_schema": "FileProperties", "_self": "/node/file-store/test1.txt", "created_epoch_ms": 1457049714901, "modified_epoch_ms": 1457048860639, "name": "test1.txt", "size": 71 } Required Permissions: read Feature: system_administration Additional Errors:

Replace file contents

Request:
Method:
PUT
URI Path:
/api/v1/node/file-store/<file-name>/data
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: PUT https://<nsx-mgr>/api/v1/node/file-store/test1.txt/data This is updated content that overwrites the former content. Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FileProperties+

Example Response: { "_schema": "FileProperties", "_self": "/node/file-store/test2.txt", "created_epoch_ms": 1457116797106, "modified_epoch_ms": 1457116797106, "name": "test2.txt", "size": 59 } Required Permissions: crud Feature: system_administration Additional Errors:

Read file contents

Request:
Method:
GET
URI Path:
/api/v1/node/file-store/<file-name>/data
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/file-store/test1.txt/data Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/octet-stream
Response Body:
n/a

Example Response: This content can include anything that would be in a text file. Required Permissions: read Feature: system_administration Additional Errors:

Read file thumbprint

Request:
Method:
GET
URI Path:
/api/v1/node/file-store/<file-name>/thumbprint
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/file-store/test1.txt/thumbprint Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FileThumbprint+

Example Response: { "_schema": "FileThumbprint", "_self": "/node/file-store/test1.txt/thumbprint", "name": "test1.txt", "sha1": "ec23cb4208447ce1f81f7cfd4acc9000e20d4949", "sha256": "bda2390dc831e66c4977bc6d16968ed630793031c51e9072297f1e9746b3aca5" } Required Permissions: read Feature: system_administration Additional Errors:

Copy a remote file to the file store

Copy a remote file to the file store. If you use scp or sftp,
you must provide the remote server's SSH fingerprint. See the
NSX-T Administration Guide for information and instructions
about finding the SSH fingerprint.
Request:
Method:
POST
URI Path:
/api/v1/node/file-store/<file-name>?action=copy_from_remote_file
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
CopyFromRemoteFileProperties+

Example Request: POST https://<nsx-mgr>/api/v1/node/file-store/file.txt?action=copy_from_remote_file { "port" : 22, "server": "192.168.120.151", "uri" : "/tmp/file.txt", "protocol" : { "name" : "scp", "ssh_fingerprint" : "b5:08:df:c6:55:62:e4:6e:95:70:7c:25:ba:f2:46:f1", "authentication_scheme" : { "scheme_name" : "password", "username" : "root", "password" : "s4druMuJEw" } } } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
FileProperties+

Example Response: { "_schema": "FileProperties", "_self": "/node/file-store/file.txt", "created_epoch_ms": 1459401409964, "modified_epoch_ms": 1459401409748, "name": "file.txt", "size": 19 } Required Permissions: crud Feature: system_administration Additional Errors:

Copy file in the file store to a remote file store

Copy a file in the file store to a remote server. If you use scp or
sftp, you must provide the remote server's SSH fingerprint. See the
NSX-T Administration Guide for information and instructions
about finding the SSH fingerprint.
Request:
Method:
POST
URI Path:
/api/v1/node/file-store/<file-name>?action=copy_to_remote_file
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
CopyToRemoteFileProperties+

Example Request: POST https://<nsx-mgr>/api/v1/node/file-store/supportbundle.tgz?action=copy_to_remote_file { "port" : 22, "server": "192.168.120.151", "uri" : "/tmp/supportbundle.tgz", "protocol" : { "name" : "scp", "ssh_fingerprint" : "b5:08:df:c6:55:62:e4:6e:95:70:7c:25:ba:f2:46:f1" , "authentication_scheme" : { "scheme_name" : "password", "username" : "root" , "password" : "s4druMuJEw" } } } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: read Feature: system_administration Additional Errors:

Create directory in remote file server

Create a directory on the remote remote server. Supports only SFTP.
You must provide the remote server's SSH fingerprint. See the
NSX Administration Guide for information and instructions
about finding the SSH fingerprint.
Request:
Method:
POST
URI Path:
/api/v1/node/file-store?action=create_remote_directory
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
CreateRemoteDirectoryProperties+

Example Request: POST https://<nsx-mgr>/api/v1/node/file-store?action=create_remote_directory { "port" : 22, "server": "192.168.120.151", "uri" : "/tmp/folder", "protocol" : { "name" : "sftp", "ssh_fingerprint" : "b5:08:df:c6:55:62:e4:6e:95:70:7c:25:ba:f2:46:f1" , "authentication_scheme" : { "scheme_name" : "password", "username" : "root" , "password" : "s4druMuJEw" } } } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: read Feature: system_administration Additional Errors:

Gets the enable status for Mandatory Access Control

Request:
Method:
GET
URI Path:
/api/v1/node/hardening-policy/mandatory-access-control
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/hardening-policy/mandatory-access-control Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MandatoryAccessControlProperties+

Example Response: { "status": "ENABLED" } Required Permissions: read Feature: system_administration Additional Errors:

Enable or disable Mandatory Access Control

Request:
Method:
PUT
URI Path:
/api/v1/node/hardening-policy/mandatory-access-control
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MandatoryAccessControlProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/hardening-policy/mandatory-access-control -d '{"enabled": true}' Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MandatoryAccessControlProperties+

Example Response: { "enabled": true, "status": "ENABLED_PENDING_REBOOT" } Required Permissions: crud Feature: system_administration Additional Errors:

Get the report for Mandatory Access Control

Request:
Method:
GET
URI Path:
/api/v1/node/hardening-policy/mandatory-access-control/report
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/hardening-policy/mandatory-access-control/report > mac.tar.gz Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/octet-stream
Response Body:
n/a

Required Permissions: read Feature: system_administration Additional Errors:

Read network configuration properties

Request:
Method:
GET
URI Path:
/api/v1/node/network
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/network Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeNetworkProperties+

Example Response: { "_schema": "NodeNetworkProperties", "_self": { "href": "/node/network", "rel": "self" } } Required Permissions: read Feature: system_administration Additional Errors:

List the NSX Manager's Network Interfaces

Returns the number of interfaces on the NSX Manager appliance and detailed
information about each interface. Interface information includes MTU,
broadcast and host IP addresses, link and admin status, MAC address, network
mask, and the IP configuration method (static or DHCP).
Request:
Method:
GET
URI Path:
/api/v1/node/network/interfaces
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/network/interfaces Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeNetworkInterfacePropertiesListResult+

Example Response: { "result_count": 2, "results": [ { "admin_status": "up", "interface_id": "lo", "ip_addresses": [ { "ip_address": "127.0.0.1", "netmask": "255.0.0.0" } ], "link_status": "up", "mtu": 65536, }, { "admin_status": "up", "broadcast_address": "10.160.31.255", "default_gateway": "10.160.31.253", "interface_id": "eth0", "ip_addresses": [ { "ip_address": "10.160.30.117", "netmask": "255.255.224.0" } ], "ip_configuration": "static", "link_status": "up", "mtu": 1500, "physical_address": "02:00:16:60:c7:8f" } ] } Required Permissions: read Feature: system_administration Additional Errors:

Read the NSX Manager's Network Interface

Returns detailed information about the specified interface. Interface
information includes MTU, broadcast and host IP addresses, link and admin
status, MAC address, network mask, and the IP configuration method.
Request:
Method:
GET
URI Path:
/api/v1/node/network/interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/network/interfaces/eth0 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeNetworkInterfaceProperties+

Example Response: { "admin_status": "up", "broadcast_address": "10.160.31.255", "default_gateway": "10.160.31.253", "interface_id": "eth0", "ip_addresses": [ { "ip_address": "10.160.30.117", "netmask": "255.255.224.0" } ], "ip_configuration": "static", "link_status": "up", "mtu": 1500, "physical_address": "02:00:16:60:c7:8f" } Required Permissions: read Feature: system_administration Additional Errors:

Update the NSX Manager's Network Interface

Updates the specified interface properties. You cannot change
the properties ip_configuration,
ip_addresses, or plane. NSX
Manager must have a static IP address.
You must use NSX CLI to configure a controller or an edge node.
Request:
Method:
PUT
URI Path:
/api/v1/node/network/interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeNetworkInterfaceProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/network/interfaces/eth0 { "interface_id": "eth0", "mtu": 1600 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeNetworkInterfaceProperties+

Example Response: { "admin_status": "up", "broadcast_address": "10.160.31.255", "default_gateway": "10.160.31.253", "interface_id": "eth0", "ip_addresses": [ { "ip_address": "10.160.30.117", "netmask": "255.255.224.0" } ], "ip_configuration": "static", "link_status": "up", "mtu": 1600, "physical_address": "02:00:16:60:c7:8f" } Required Permissions: crud Feature: system_administration Additional Errors:

Read the NSX Manager's Network Interface Statistics

On the specified interface, returns the number of received (rx), transmitted
(tx), and dropped packets; the number of bytes and errors received and
transmitted on the interface; and the number of detected collisions.
Request:
Method:
GET
URI Path:
/api/v1/node/network/interfaces/<interface-id>/stats
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/network/interfaces/eth0/stats Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeInterfaceStatisticsProperties+

Example Response: { "interface_id": "eth0", "rx_bytes": 7360718 "rx_dropped": 1813, "rx_errors": 0, "rx_frame": 0, "rx_packets": 91656, "tx_bytes": 31611, "tx_carrier": 0, "tx_colls": 0, "tx_dropped": 0, "tx_errors": 0, "tx_packets": 261, } Required Permissions: read Feature: system_administration Additional Errors:

Update the NSX Manager's Name Servers

Modifies the list of servers that the NSX Manager node uses to look up IP
addresses associated with given domain names. If DHCP is configured, this
method returns a 409 CONFLICT error, because DHCP manages the list of name
servers.
Request:
Method:
PUT
URI Path:
/api/v1/node/network/name-servers
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeNameServersProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/network/name-servers { "name_servers": [ "10.33.38.1", "10.33.38.2", "10.33.38.3" ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeNameServersProperties+

Example Response: { "name_servers": [ "10.33.38.1", "10.33.38.2", "10.33.38.3" ] } Required Permissions: crud Feature: system_administration Additional Errors:

Read the NSX Manager's Name Servers

Returns the list of servers that the NSX Manager node uses to look up IP
addresses associated with given domain names.
Request:
Method:
GET
URI Path:
/api/v1/node/network/name-servers
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/network/name-servers Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeNameServersProperties+

Example Response: { "name_servers": [ "10.33.38.1", "10.33.38.2" ] } Required Permissions: read Feature: system_administration Additional Errors:

List node network routes

Returns detailed information about each route in the NSX Manager routing
table. Route information includes the route type (default, static, and so
on), a unique route identifier, the route metric, the protocol from which
the route was learned, the route source (which is the preferred egress
interface), the route destination, and the route scope. The route scope
refers to the distance to the destination network: The "host" scope leads to
a destination address on the NSX Manager, such as a loopback address;
the "link" scope leads to a destination on the local network; and the
"global" scope leads to addresses that are more than one hop away.
Request:
Method:
GET
URI Path:
/api/v1/node/network/routes
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/network/routes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeRoutePropertiesListResult+

Example Response: { "result_count": 2, "results": [ { "gateway": "10.33.87.253", "interface_id": "eth0" "route_id": "default-10.33.87.253-eth0-0", "route_type": "default", }, { "destination": "10.33.84.0" "interface_id": "eth0", "netmask": "255.255.252.0", "proto": "kernel", "route_id": "static-10.33.84.0-eth0-0", "route_type": "static", "scope": "link", "src": "10.33.87.207", } ] } Required Permissions: read Feature: system_administration Additional Errors:

Create node network route

Add a route to the NSX Manager routing table. For static routes, the
route_type, interface_id, netmask, and destination are required parameters.
For default routes, the route_type, gateway address, and interface_id
are required. For blackhole routes, the route_type and destination are
required. All other parameters are optional. When you add a static route,
the scope and route_id are created automatically. When you add a default or
blackhole route, the route_id is created automatically. The route_id is
read-only, meaning that it cannot be modified. All other properties can be
modified by deleting and readding the route.
Request:
Method:
POST
URI Path:
/api/v1/node/network/routes
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeRouteProperties+

Example Request: POST https://<nsx-mgr>/api/v1/node/network/routes { "route_type": "static", "interface_id": "eth0", "netmask": "255.255.255.0", "destination": "10.33.85.0" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
NodeRouteProperties+

Example Response: { "destination": "10.33.85.0" "interface_id": "eth0", "netmask": "255.255.255.0", "route_id": "static-10.33.85.0-eth0-0", "route_type": "static", "scope": "link", } Required Permissions: crud Feature: system_administration Additional Errors:

Read node network route

Returns detailed information about a specified route in the NSX Manager
routing table.
Request:
Method:
GET
URI Path:
/api/v1/node/network/routes/<route-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/network/routes/default-10.33.87.253-eth0-0 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeRouteProperties+

Example Response: { "gateway": "10.33.87.253", "interface_id": "eth0" "route_id": "default-10.33.87.253-eth0-0", "route_type": "default", } Required Permissions: read Feature: system_administration Additional Errors:

Delete node network route

Delete a route from the NSX Manager routing table. You can modify an
existing route by deleting it and then posting the modified version of the
route. To verify, remove the route ID from the URI, issue a GET request, and
note the absense of the deleted route.
Request:
Method:
DELETE
URI Path:
/api/v1/node/network/routes/<route-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/node/network/routes/static-10.33.85.0-eth0-0 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

Update the NSX Manager's Search Domains

Modifies the list of domain names that the NSX Manager node uses to complete
unqualified host names. If DHCP is configured, this method returns
a 409 CONFLICT error, because DHCP manages the list of name servers.
Request:
Method:
PUT
URI Path:
/api/v1/node/network/search-domains
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeSearchDomainsProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/network/search-domains { "search_domains": [ "eng.company.com", "company.com", "eng-backup.company.com" ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeSearchDomainsProperties+

Example Response: { "search_domains": [ "eng.company.com", "company.com" "eng-backup.company.com" ] } Required Permissions: crud Feature: system_administration Additional Errors:

Read the NSX Manager's Search Domains

Returns the domain list that the NSX Manager node uses to complete
unqualified host names. When a host name does not include a fully
qualified domain name (FQDN), the NSX Management node appends the
first-listed domain name to the host name before the host name is looked
up. The NSX Management node continues this for each entry in the domain
list until it finds a match.
Request:
Method:
GET
URI Path:
/api/v1/node/network/search-domains
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/network/search-domains Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeSearchDomainsProperties+

Example Response: { "search_domains": [ "eng.company.com", "company.com" ] } Required Permissions: read Feature: system_administration Additional Errors:

List node processes

Returns the number of processes and information about each
process. Process information includes 1) mem_resident, which is roughly
equivalent to the amount of RAM, in bytes, currently used by the process,
2) parent process ID (ppid), 3) process name, 4) process up time in milliseconds,
5) mem_used, wich is the amount of virtual memory used by the process, in
bytes, 6) process start time, in milliseconds since epoch, 7) process ID
(pid), 8) CPU time, both user and the system, consumed by the process in
milliseconds.
Request:
Method:
GET
URI Path:
/api/v1/node/processes
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/processes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeProcessPropertiesListResult+

Example Response: { "result_count": 80, "results": [ { "cpu_time": 800, "mem_resident": 593920, "mem_used": 1871872, "pid": 1, "ppid": 0, "process_name": "init", "start_time": 1412624269865, "uptime": 279760 }, ...[content omitted for brevity] ] } Required Permissions: read Feature: system_administration Additional Errors:

Read node process

Returns information for a specified process ID (pid). Request:
Method:
GET
URI Path:
/api/v1/node/processes/<process-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/processes/1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeProcessProperties+

Example Response: { "cpu_time": 800, "mem_resident": 593920, "mem_used": 1871872, "pid": 1, "ppid": 0, "process_name": "init", "start_time": 1412624269865, "uptime": 279760 } Required Permissions: read Feature: system_administration Additional Errors:

Delete RabbitMQ management port

Request:
Method:
DELETE
URI Path:
/api/v1/node/rabbitmq-management-port
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/node/rabbitmq-management-port Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

Check if RabbitMQ management port is enabled or not

Returns status as true if RabbitMQ management port is enabled else false Request:
Method:
GET
URI Path:
/api/v1/node/rabbitmq-management-port
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/rabbitmq-management-port Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortStatus+

Example Response: { "enabled": false } Required Permissions: read Feature: system_administration Additional Errors:

Set RabbitMQ management port

Request:
Method:
POST
URI Path:
/api/v1/node/rabbitmq-management-port
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/rabbitmq-management-port Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

List node services

Returns a list of all services available on the NSX Manager applicance.
Request:
Method:
GET
URI Path:
/api/v1/node/services
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServicePropertiesListResult+

Example Response: { "result_count": 5, "results": [ { "service_name": "snmp" }, { "service_name": "syslog" }, { "service_name": "ntp" }, { "service_name": "ssh" }, { "service_name": "node-mgmt" } ] } Required Permissions: read Feature: system_administration Additional Errors:

Read cluster boot manager service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/cluster_manager
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Read cluster boot manager service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/cluster_manager/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Restart, start or stop the cluster boot manager service

Request:
Method:
POST
URI Path:
/api/v1/node/services/cluster_manager?action=start|stop|restart
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Read cm inventory service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/cm-inventory
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/cm-inventory Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceProperties+

Example Response: { "_schema": "NodeCminventoryServiceProperties", "_self": "/node/services/cm-inventory", "service_name": "cm-inventory" } Required Permissions: read Feature: system_administration Additional Errors:

Read manager service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/cm-inventory/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/cm-inventory/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": { "href": "/node/services/cm-inventory/status", "rel": "self" }, "monitor_pid": 1145, "monitor_runtime_state": "running", "pids": [ 1147 ], "runtime_state": "running" } Required Permissions: read Feature: system_administration Additional Errors:

Restart, start or stop the manager service

Request:
Method:
POST
URI Path:
/api/v1/node/services/cm-inventory?action=start|stop|restart
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/cm-inventory?action=restart Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Read controller service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/controller
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Read controller server certificate properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/controller/controller-certificate
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CertificateKeyPair+

Required Permissions: read Feature: system_administration Additional Errors:

Get the status (Enabled/Disabled) of controller profiler

Request:
Method:
GET
URI Path:
/api/v1/node/services/controller/profiler
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ControllerProfilerProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Enable or disable controller profiler

Request:
Method:
PUT
URI Path:
/api/v1/node/services/controller/profiler
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ControllerProfilerProperties+

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

Read controller service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/controller/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Restart, start or stop the controller service

Request:
Method:
POST
URI Path:
/api/v1/node/services/controller?action=restart|start|stop
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Update http service properties (Deprecated)

This API is deprecated. Make changes to the http service
configuration by calling the PUT /api/v1/cluster/api-service API.
Request:
Method:
PUT
URI Path:
/api/v1/node/services/http
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeHttpServiceProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/services/http { "service_name": "http", "service_properties": { "certificate": { "pem_encoded": "-BEGIN CERTIFICATE--END CERTIFICATE-\n" }, "cipher_suites": [ { "enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" }, { "enabled": false, "name": "TLS_RSA_WITH_AES_256_GCM_SHA384" }, { "enabled": true, "name": "TLS_RSA_WITH_AES_256_CBC_SHA" } ], "connection_timeout": 60000, "protocol_versions": [ { "enabled": true, "name": "TLSv1.1" }, { "enabled": true, "name": "TLSv1.2" } ], "redirect_host": "10.0.0.1", "session_timeout": 2400 } } Successful Response:
Response Code:
202 Accepted
Response Headers:
Content-type: application/json
Response Body:
NodeHttpServiceProperties+

Example Response: same as GET https://<nsx-mgr>/api/v1/node/services/http Required Permissions: crud Feature: system_administration Additional Errors:

Read http service properties (Deprecated)

This API is deprecated. Read the configuration of the
http service by calling the GET /api/v1/cluster/api-service API.
Request:
Method:
GET
URI Path:
/api/v1/node/services/http
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/http Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeHttpServiceProperties+

Example Response: { "_schema": "NodeHttpServiceProperties", "_self": { "href": "/node/services/http", "rel": "self" }, "service_name": "http", "service_properties": { "certificate": { "pem_encoded": "-BEGIN CERTIFICATE--END CERTIFICATE-\n" }, "cipher_suites": [ { "enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" }, { "enabled": false, "name": "TLS_RSA_WITH_AES_256_GCM_SHA384" }, { "enabled": true, "name": "TLS_RSA_WITH_AES_256_CBC_SHA" } ], "connection_timeout": 30000, "protocol_versions": [ { "enabled": true, "name": "TLSv1.1" }, { "enabled": true, "name": "TLSv1.2" } ], "redirect_host": "10.0.0.1", "session_timeout": 1800 } } Required Permissions: read Feature: system_administration Additional Errors:

Read http service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/http/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/http/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": { "href": "/node/services/http/status", "rel": "self" }, "monitor_pid": 21135, "monitor_runtime_state": "running", "pids": [ 21137 ], "runtime_state": "running" } Required Permissions: read Feature: system_administration Additional Errors:

Update http service certificate

Applies a security certificate to the http service. In the POST request,
the CERTIFICATE_ID references a certificate created with the
/api/v1/trust-management APIs. Issuing this request causes the http service
to restart so that the service can begin using the new certificate. When the
POST request succeeds, it doesn't return a valid response. The request times
out because of the restart.
Request:
Method:
POST
URI Path:
/api/v1/node/services/http?action=apply_certificate
Request Headers:
n/a
Query Parameters:
CertificateId+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/http?action=apply_certificate &certificate_id=$CERTIFICATE_ID$ (NOTE: remove line break) Successful Response:
Response Code:
202 Accepted
Response Headers:
n/a
Response Body:
n/a

Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: Required Permissions: crud Feature: system_administration Additional Errors:

Restart the http service

Request:
Method:
POST
URI Path:
/api/v1/node/services/http?action=restart
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/http?action=restart Successful Response:
Response Code:
202 Accepted
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Description:
Restart the http service.
Additional Errors:

Start the http service

Request:
Method:
POST
URI Path:
/api/v1/node/services/http?action=start
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/http?action=start Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": { "href": "/node/services/http", "rel": "self" }, "monitor_pid": 4782, "monitor_runtime_state": "running", "pids": [ 4786 ], "runtime_state": "running" } Required Permissions: crud Feature: system_administration Description:
Start the http service.
Additional Errors:

Stop the http service

Request:
Method:
POST
URI Path:
/api/v1/node/services/http?action=stop
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/http?action=stop Successful Response:
Response Code:
202 Accepted
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Description:
Stop the http service. NSX API requests will no longer be serviced. To restart the http service again, invoke the NSX CLI command <code>start service http</code>.
Additional Errors:

Read NSX install-upgrade service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/install-upgrade
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/install-upgrade Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeInstallUpgradeServiceProperties+

Example Response: { "_schema": "NodeInstallUpgradeServiceProperties", "_self": "/node/services/install-upgrade", "service_name": "install-upgrade", "service_properties": { "enabled": true, "enabled_on": "192.168.110.31" } } Required Permissions: read Feature: system_administration Additional Errors:

Update NSX install-upgrade service properties

Request:
Method:
PUT
URI Path:
/api/v1/node/services/install-upgrade
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeInstallUpgradeServiceProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/services/install-upgrade { "service_name": "install-upgrade", "service_properties": { "enabled": false } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeInstallUpgradeServiceProperties+

Example Response: { "_schema": "NodeInstallUpgradeServiceProperties", "_self": "/node/services/install-upgrade", "service_name": "install-upgrade", "service_properties": { "enabled": false, "enabled_on": "None" } } Required Permissions: crud Feature: system_administration Additional Errors:

Read NSX install-upgrade service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/install-upgrade/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/install-upgrade/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": "/node/services/install-upgrade/status", "pids": [ 12976 ], "runtime_state": "running" } Required Permissions: read Feature: system_administration Additional Errors:

Update UC state properties

Request:
Method:
PUT
URI Path:
/api/v1/node/services/install-upgrade/uc-state
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
UcStateProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/services/install-upgrade/uc-state Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

Restart, start or stop the NSX install-upgrade service

Request:
Method:
POST
URI Path:
/api/v1/node/services/install-upgrade?action=restart|start|stop
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/install-upgrade?action=restart Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": "/node/services/install-upgrade", "pids": [ 13787 ], "runtime_state": "running" } Required Permissions: crud Feature: system_administration Additional Errors:

Read liagent service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/liagent
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/liagent Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceProperties+

Example Response: { "_schema": "NodeServiceProperties", "_self": { "href": "/node/services/liagent", "rel": "self" }, "service_name": "liagent" } Required Permissions: read Feature: system_administration Additional Errors:

Read liagent service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/liagent/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/liagent/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": { "href": "/node/services/liagent/status", "rel": "self" }, "pids": [], "runtime_state": "stopped" } Required Permissions: read Feature: system_administration Additional Errors:

Restart, start or stop the liagent service

Request:
Method:
POST
URI Path:
/api/v1/node/services/liagent?action=restart|start|stop
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/liagent?action=restart Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Read service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/manager
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/manager Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeProtonServiceProperties+

Example Response: { "_schema": "NodeProtonServiceProperties", "_self": "/node/services/manager", "service_name": "manager", "service_properties": { "logging_level": "INFO", "package_logging_level": [ { "logging_level": "INFO", "package_name": "com.vmware.nsx" }, { "logging_level": "DEBUG", "package_name": "com.vmware.nsx.management.switching" }, { "logging_level": "DEBUG", "package_name": "com.vmware.nsx.management.edge" }, { "logging_level": "INFO", "package_name": "com.vmware.nsx.management.container.restartor" }, { "logging_level": "ERROR", "package_name": "org.springframework.amqp.rabbit.listener.SimpleMessageListenerContainer" } ] } } Required Permissions: read Feature: system_administration Additional Errors:

Update service properties

Request:
Method:
PUT
URI Path:
/api/v1/node/services/manager
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeProtonServiceProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/services/manager { "service_name": "manager", "service_properties": { "logging_level": "DEBUG", "package_logging_level": [ { "logging_level": "INFO", "package_name": "com.vmware.nsx" }, { "logging_level": "DEBUG", "package_name": "com.vmware.nsx.management.switching" }, { "logging_level": "DEBUG", "package_name": "com.vmware.nsx.management.edge" }, { "logging_level": "INFO", "package_name": "com.vmware.nsx.management.container.restartor" }, { "logging_level": "ERROR", "package_name": "org.springframework.amqp.rabbit.listener.SimpleMessageListenerContainer" } ] } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeProtonServiceProperties+

Example Response: { "_schema": "NodeProtonServiceProperties", "_self": "/node/services/manager", "service_name": "manager", "service_properties": { "logging_level": "DEBUG", "package_logging_level": [ { "logging_level": "INFO", "package_name": "com.vmware.nsx" }, { "logging_level": "DEBUG", "package_name": "com.vmware.nsx.management.switching" }, { "logging_level": "DEBUG", "package_name": "com.vmware.nsx.management.edge" }, { "logging_level": "ERROR", "package_name": "org.springframework.amqp.rabbit.listener.SimpleMessageListenerContainer" }, { "logging_level": "INFO", "package_name": "com.vmware.nsx.management.container.restartor" } ] } } Required Permissions: crud Feature: system_administration Additional Errors:

Read service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/manager/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/manager/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": "/node/services/manager/status", "monitor_pid": 1145, "monitor_runtime_state": "running", "pids": [ 1147 ], "runtime_state": "running" } Required Permissions: read Feature: system_administration Additional Errors:

Reset the logging levels to default values

Request:
Method:
POST
URI Path:
/api/v1/node/services/manager?action=reset-manager-logging-levels
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/manager?action=reset-manager-logging-levels Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

Restart, start or stop the service

Request:
Method:
POST
URI Path:
/api/v1/node/services/manager?action=start|stop|restart
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/manager?action=restart Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Read Rabbit MQ service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/mgmt-plane-bus
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/mgmt-plane-bus Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceProperties+

Example Response: { "_schema": "NodeServiceProperties", "_self": { "href": "/node/services/mgmt-plane-bus", "rel": "self" }, "service_name": "mgmt-plane-bus" } Required Permissions: read Feature: system_administration Additional Errors:

Read Rabbit MQ service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/mgmt-plane-bus/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/mgmt-plane-bus/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": { "href": "/node/services/mgmt-plane-bus/status", "rel": "self" }, "monitor_pid": 1501, "monitor_runtime_state": "running", "pids": [ 1816 ], "runtime_state": "running" } Required Permissions: read Feature: system_administration Additional Errors:

Restart, start or stop the Rabbit MQ service

Request:
Method:
POST
URI Path:
/api/v1/node/services/mgmt-plane-bus?action=restart|start|stop
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/mgmt-plane-bus?action=restart Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Read migration coordinator service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/migration-coordinator
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/migration-coordinator Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceProperties+

Example Response: { "_schema": "NodeMigrationCoordinatorServiceProperties", "_self": "/node/services/migration-coordinator", "service_name": "migration-coordinator" } Required Permissions: read Feature: system_administration Additional Errors:

Read migration coordinator service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/migration-coordinator/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/migration-coordinator/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": { "href": "/node/services/migration-coordinator/status", "rel": "self" }, "monitor_pid": 1145, "monitor_runtime_state": "running", "pids": [ 1147 ], "runtime_state": "running" } Required Permissions: read Feature: system_administration Additional Errors:

Restart, start or stop the migration coordinator service

Request:
Method:
POST
URI Path:
/api/v1/node/services/migration-coordinator?action=start|stop|restart
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/migration-coordinator?action=restart Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Read appliance management service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/node-mgmt
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/node-mgmt Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceProperties+

Example Response: { "_schema": "NodeServiceProperties", "_self": "/node/services/node-mgmt", "service_name": "node-mgmt" } Required Permissions: read Feature: system_administration Additional Errors:

Read appliance management service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/node-mgmt/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/node-mgmt/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": "/node/services/node-mgmt/status", "monitor_pid": 19189, "monitor_runtime_state": "running", "pids": [ 19190 ], "runtime_state": "running" } Required Permissions: read Feature: system_administration Additional Errors:

Restart the node management service

Request:
Method:
POST
URI Path:
/api/v1/node/services/node-mgmt?action=restart
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/node-mgmt?action=restart Successful Response:
Response Code:
202 Accepted
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

Read NSX node-stats service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/node-stats
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Read NSX node-stats service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/node-stats/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Restart, start or stop the NSX node-stats service

Request:
Method:
POST
URI Path:
/api/v1/node/services/node-stats?action=restart|start|stop
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Read NSX Message Bus service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/nsx-message-bus
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/nsx-message-bus Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceProperties+

Example Response: { "_schema": "NodeServiceProperties", "_self": "/node/services/nsx-message-bus", "service_name": "nsx-message-bus" } Required Permissions: read Feature: system_administration Additional Errors:

Read NSX Message Bus service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/nsx-message-bus/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/nsx-message-bus/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": "/node/services/nsx-message-bus/status", "monitor_pid": 1, "monitor_runtime_state": "running", "pids": [ 18318, 18328, 18329 ], "runtime_state": "running" } Required Permissions: read Feature: system_administration Additional Errors:

Restart, start or stop the NSX Message Bus service

Request:
Method:
POST
URI Path:
/api/v1/node/services/nsx-message-bus?action=restart|start|stop
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/nsx-message-bus?action=restart Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": "/node/services/nsx-message-bus", "monitor_pid": 1, "monitor_runtime_state": "running", "pids": [ 18318, 18328, 18329 ], "runtime_state": "running" } Required Permissions: crud Feature: system_administration Additional Errors:

Read NSX Platform Client service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/nsx-platform-client
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Read NSX Platform Client service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/nsx-platform-client/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Restart, start or stop the NSX Platform Client service

Request:
Method:
POST
URI Path:
/api/v1/node/services/nsx-platform-client?action=restart|start|stop
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Read NSX upgrade Agent service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/nsx-upgrade-agent
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/nsx-upgrade-agent Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceProperties+

Example Response: { "_schema": "NodeServiceProperties", "_self": "/node/services/nsx-upgrade-agent", "service_name": "nsx-upgrade-agent" } Required Permissions: read Feature: system_administration Additional Errors:

Read Nsx upgrade agent service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/nsx-upgrade-agent/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/nsx-upgrade-agent/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": "/node/services/nsx-upgrade-agent/status", "monitor_pid": 1, "monitor_runtime_state": "running", "pids": [ 17892 ], "runtime_state": "running" } Required Permissions: read Feature: system_administration Additional Errors:

Restart, start or stop the NSX upgrade agent service

Request:
Method:
POST
URI Path:
/api/v1/node/services/nsx-upgrade-agent?action=restart|start|stop
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/nsx-upgrade-agent?action=restart Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": "/node/services/nsx-upgrade-agent", "monitor_pid": 1, "monitor_runtime_state": "running", "pids": [ 17892 ], "runtime_state": "running" } Required Permissions: crud Feature: system_administration Additional Errors:

Update NTP service properties

Request:
Method:
PUT
URI Path:
/api/v1/node/services/ntp
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeNtpServiceProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/services/ntp { "service_name": "ntp", "service_properties": { "start_on_boot": true, "servers": [ "0.ubuntu.pool.ntp.org", "1.ubuntu.pool.ntp.org", "2.ubuntu.pool.ntp.org", "3.ubuntu.pool.ntp.org", "ntp.ubuntu.com", "192.168.110.10" ] } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeNtpServiceProperties+

Example Response: { "_schema": "NodeNtpServiceProperties", "_self": "/node/services/ntp", "service_name": "ntp", "service_properties": { "start_on_boot": true, "servers": [ "0.ubuntu.pool.ntp.org", "1.ubuntu.pool.ntp.org", "2.ubuntu.pool.ntp.org", "3.ubuntu.pool.ntp.org", "ntp.ubuntu.com", "192.168.110.10" ] } } Required Permissions: crud Feature: system_administration Additional Errors:

Read NTP service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/ntp
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/ntp Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeNtpServiceProperties+

Example Response: { "_schema": "NodeNtpServiceProperties", "_self": "/node/services/ntp", "service_name": "ntp", "service_properties": { "start_on_boot": true, "servers": [ "0.ubuntu.pool.ntp.org", "1.ubuntu.pool.ntp.org", "2.ubuntu.pool.ntp.org", "3.ubuntu.pool.ntp.org", "ntp.ubuntu.com" ] } } Required Permissions: read Feature: system_administration Additional Errors:

Read NTP service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/ntp/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/ntp/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": "/node/services/ntp/status", "pids": [ 6270, 6272 ], "runtime_state": "running" } Required Permissions: read Feature: system_administration Additional Errors:

Restart, start or stop the NTP service

Request:
Method:
POST
URI Path:
/api/v1/node/services/ntp?action=restart|start|stop
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/ntp?action=restart Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": "/node/services/ntp", "pids": [ 6035, 6270, 6272 ], "runtime_state": "running" } Required Permissions: crud Feature: system_administration Additional Errors:

Update service properties

Request:
Method:
PUT
URI Path:
/api/v1/node/services/policy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodePolicyServiceProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/services/policy { "service_name": "policy", "service_properties": { "logging_level": "DEBUG", "package_logging_level": [ { "logging_level": "INFO", "package_name": "com.vmware.nsx" }, { "logging_level": "DEBUG", "package_name": "com.vmware.nsx.management.switching" }, { "logging_level": "DEBUG", "package_name": "com.vmware.nsx.management.edge" }, { "logging_level": "INFO", "package_name": "com.vmware.nsx.management.container.restartor" }, { "logging_level": "ERROR", "package_name": "org.springframework.amqp.rabbit.listener.SimpleMessageListenerContainer" }, { "logging_level": "INFO", "package_name": "com.gemstone" } ] } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodePolicyServiceProperties+

Example Response: { "_schema": "NodePolicyServiceProperties", "_self": "/node/services/policy", "service_name": "policy", "service_properties": { "logging_level": "DEBUG", "package_logging_level": [ { "logging_level": "INFO", "package_name": "com.vmware.nsx" }, { "logging_level": "DEBUG", "package_name": "com.vmware.nsx.management.switching" }, { "logging_level": "DEBUG", "package_name": "com.vmware.nsx.management.edge" }, { "logging_level": "ERROR", "package_name": "org.springframework.amqp.rabbit.listener.SimpleMessageListenerContainer" }, { "logging_level": "INFO", "package_name": "com.vmware.nsx.management.container.restartor" }, { "logging_level": "INFO", "package_name": "com.gemstone" } ] } } Required Permissions: crud Feature: system_administration Additional Errors:

Read service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/policy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/policy Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodePolicyServiceProperties+

Example Response: { "_schema": "NodePolicyServiceProperties", "_self": "/node/services/policy", "service_name": "policy", "service_properties": { "logging_level": "INFO", "package_logging_level": [ { "logging_level": "INFO", "package_name": "com.vmware.nsx" }, { "logging_level": "DEBUG", "package_name": "com.vmware.nsx.management.switching" }, { "logging_level": "DEBUG", "package_name": "com.vmware.nsx.management.edge" }, { "logging_level": "INFO", "package_name": "com.vmware.nsx.management.container.restartor" }, { "logging_level": "ERROR", "package_name": "org.springframework.amqp.rabbit.listener.SimpleMessageListenerContainer" }, { "logging_level": "INFO", "package_name": "com.gemstone" } ] } } Required Permissions: read Feature: system_administration Additional Errors:

Read service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/policy/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/policy/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": "/node/services/policy/status", "monitor_pid": 1235, "monitor_runtime_state": "running", "pids": [ 1237 ], "runtime_state": "running" } Required Permissions: read Feature: system_administration Additional Errors:

Reset the logging levels to default values

Request:
Method:
POST
URI Path:
/api/v1/node/services/policy?action=reset-manager-logging-levels
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/policy?action=reset-manager-logging-levels Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

Restart, start or stop the service

Request:
Method:
POST
URI Path:
/api/v1/node/services/policy?action=start|stop|restart
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/policy?action=restart Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Read NSX Search service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/search
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Read NSX Search service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/search/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Restart, start or stop the NSX Search service

Request:
Method:
POST
URI Path:
/api/v1/node/services/search?action=restart|start|stop
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Update SNMP service properties

Request:
Method:
PUT
URI Path:
/api/v1/node/services/snmp
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeSnmpServiceProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/services/snmp { "service_name": "snmp", "service_properties": { "communities": [{"access": "read_only", "community_string": "snmpcommunity"}], "start_on_boot": true, "v3_auth_protocol": "SHA1", "v3_priv_protocol": "AES128", "v3_users": [ {"user_id": "user1, "auth_password": "password1", "priv_password": password2} ], "v2_configured": true, "v3_configured": true } } { "service_name": "snmp", "service_properties": { "start_on_boot": false "v3_auth_protocol": "SHA1", "v3_priv_protocol": "AES128", "v3_users": [ {"user_id": "user1, "auth_password": "password1", "priv_password": password2} ], "v2_configured": true, "v3_configured": true } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeSnmpServiceProperties+

Example Response: { "_schema": "NodeSnmpServiceProperties", "_self": "/node/services/snmp", "service_name": "snmp" "service_properties": { "start_on_boot": false "v3_auth_protocol": "SHA1", "v3_priv_protocol": "AES128", "v3_users": [ {"user_id": "user1"} ], "v2_configured": true, "v3_configured": true } } Required Permissions: crud Feature: system_administration Description:
Update SNMP service properties. The SNMP service is started if the communities property specifies a community or stopped if it contains an empty array. The start_on_boot property can only be true if a community is specified in the request or is already configured.
Additional Errors:

Read SNMP service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/snmp
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/snmp Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeSnmpServiceProperties+

Example Response: { "_schema": "NodeSnmpServiceProperties", "_self": "/node/services/snmp", "service_name": "snmp" "service_properties": { "start_on_boot": true "v3_auth_protocol": "SHA1", "v3_priv_protocol": "AES128", "v3_users": [ {"user_id": user1} ], "v2_configured": true, "v3_configured": true } } Required Permissions: read Feature: system_administration Additional Errors:

Read SNMP service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/snmp/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/snmp/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": "/node/services/snmp/status", "pids": [ 16754 ], "runtime_state": "running" } Required Permissions: read Feature: system_administration Additional Errors:

Update SNMP V3 Engine ID

Request:
Method:
PUT
URI Path:
/api/v1/node/services/snmp/v3-engine-id
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeSnmpV3EngineID+

Example Request: PUT https://<nsx-mgr>/api/v1/node/services/snmp/v3-engine-id { "service_name": "snmp", "v3_engine_id": "80001adc80992933638c48f75900000001" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeSnmpV3EngineID+

Example Response: { "_schema": "NodeSnmpV3EngineID", "_self": "/node/services/snmp/v3-engine-id", "service_name": "snmp" "v3_engine_id": "80001adc80992933638c48f75900000002", } } Required Permissions: crud Feature: system_administration Additional Errors:

Read SNMP V3 Engine ID

Request:
Method:
GET
URI Path:
/api/v1/node/services/snmp/v3-engine-id
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/snmp/v3-engine-id Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeSnmpV3EngineID+

Example Response: { "_schema": "NodeSnmpV3EngineID", "_self": "/node/services/snmp/v3-engine-id", "service_name": "snmp" "v3_engine_id": "80001adc80992933638c48f75900000001", } } Required Permissions: read Feature: system_administration Additional Errors:

Restart, start or stop the SNMP service

Request:
Method:
POST
URI Path:
/api/v1/node/services/snmp?action=restart|start|stop
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/snmp?action=restart Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": "/node/services/snmp", "pids": [ 16361 ], "runtime_state": "running" } Required Permissions: crud Feature: system_administration Additional Errors:

Update ssh service properties

Update ssh service properties. If the start_on_boot property is updated to true, existing ssh sessions if any are stopped and the ssh service is restarted. Request:
Method:
PUT
URI Path:
/api/v1/node/services/ssh
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeSshServiceProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/services/ssh { "service_name": "ssh", "service_properties": { "start_on_boot": false } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeSshServiceProperties+

Example Response: { "_schema": "NodeSshServiceProperties", "_self": "/node/services/ssh", "service_name": "ssh", "service_properties": { "start_on_boot": false } } Required Permissions: crud Feature: system_administration Additional Errors:

Read ssh service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/ssh
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/ssh Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeSshServiceProperties+

Example Response: { "_schema": "NodeSshServiceProperties", "_self": "/node/services/ssh", "service_name": "ssh", "service_properties": { "start_on_boot": true } } Required Permissions: read Feature: system_administration Additional Errors:

Read ssh service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/ssh/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/ssh/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": "/node/services/ssh/status", "pids": [ 868 ], "runtime_state": "running" } Required Permissions: read Feature: system_administration Additional Errors:

Remove a host's fingerprint from known hosts file

Request:
Method:
POST
URI Path:
/api/v1/node/services/ssh?action=remove_host_fingerprint
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
KnownHostParameter+

Example Request: POST https://<nsx-mgr>/api/v1/node/services/ssh?action=remove_host_fingerprint { "host": "192.168.110.105" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

Restart, start or stop the ssh service

Request:
Method:
POST
URI Path:
/api/v1/node/services/ssh?action=start|stop|restart
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/ssh?action=start Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": "/node/services/ssh", "pids": [ 15930 ], "runtime_state": "running" } Required Permissions: crud Feature: system_administration Additional Errors:

Read syslog service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/syslog
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/syslog Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceProperties+

Example Response: { "_schema": "NodeServiceProperties", "_self": { "href": "/node/services/syslog", "rel": "self" }, "service_name": "syslog" } Required Permissions: read Feature: system_administration Additional Errors:

Add node syslog exporter

Adds a rule for exporting syslog information to a specified server. The
required parameters are the rule name (exporter_name); severity level
(emerg, alert, crit, and so on); transmission protocol (TCP or UDP); and
server IP address or hostname. The optional parameters are the syslog port
number, which can be 1 through 65,535 (514, by default); facility level to
use when logging messages to syslog (kern, user, mail, and so on); and
message IDs (msgids), which identify the types of messages to export.
Request:
Method:
POST
URI Path:
/api/v1/node/services/syslog/exporters
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeSyslogExporterProperties+

Example Request: POST https://<nsx-mgr>/api/v1/node/services/syslog/exporters { "exporter_name": "syslog4", "facilities": ["KERN", "USER"], "level": "INFO", "msgids": ["tcpin", "tcpout"], "port": 514, "protocol": "TCP", "server": "192.168.0.4" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
NodeSyslogExporterProperties+

Example Response: { "exporter_name": "syslog4", "facilities": [ "KERN", "USER" ], "level": "INFO", "msgids": [ "tcpin", "tcpout" ], "port": 514, "protocol": "TCP", "server": "192.168.0.4" } Required Permissions: crud Feature: system_log Additional Errors:

List node syslog exporters

Returns the collection of registered syslog exporter rules, if any. The
rules specify the collector IP address and port, and the protocol to use.
Request:
Method:
GET
URI Path:
/api/v1/node/services/syslog/exporters
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/syslog/exporters Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeSyslogExporterPropertiesListResult+

Example Response: { "result_count": 2, "results": [ { "exporter_name": "syslog1", "level": "INFO", "port": 514, "protocol": "TCP", "server": "192.168.0.2" }, { "exporter_name": "syslog2", "level": "CRIT", "port": 514, "protocol": "TCP", "server": "192.168.0.1" } ] } Required Permissions: read Feature: system_log Additional Errors:

Delete node syslog exporter

Removes a specified rule from the collection of syslog exporter rules.
Request:
Method:
DELETE
URI Path:
/api/v1/node/services/syslog/exporters/<exporter-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/node/services/syslog/exporters/syslog4 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_log Additional Errors:

Read node syslog exporter

Returns information about a specific syslog collection point. Request:
Method:
GET
URI Path:
/api/v1/node/services/syslog/exporters/<exporter-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/syslog/exporters/syslog1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeSyslogExporterProperties+

Example Response: { "exporter_name": "syslog1", "level": "CRIT", "port": 514, "protocol": "TCP", "server": "192.168.0.1" } Required Permissions: read Feature: system_log Additional Errors:

Verify node syslog exporter

Collect iptables rules needed for all existing syslog exporters and verify
if the existing iptables rules are the same. If not, remove the stale rules
and add the new rules to make sure all exporters work properly.
Request:
Method:
POST
URI Path:
/api/v1/node/services/syslog/exporters?action=verify
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/syslog/exporters?action=verify Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_log Additional Errors:

Read syslog service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/syslog/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/services/syslog/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Example Response: { "_schema": "NodeServiceStatusProperties", "_self": { "href": "/node/services/syslog/status", "rel": "self" }, "pids": [ 661 ], "runtime_state": "running" } Required Permissions: read Feature: system_administration Additional Errors:

Restart, start or stop the syslog service

Request:
Method:
POST
URI Path:
/api/v1/node/services/syslog?action=restart|start|stop
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/services/syslog?action=restart Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Read Telemetry service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/telemetry
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Read Telemetry service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/telemetry/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Restart, start or stop Telemetry service

Request:
Method:
POST
URI Path:
/api/v1/node/services/telemetry?action=restart|start|stop
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Read ui service properties

Request:
Method:
GET
URI Path:
/api/v1/node/services/ui-service
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Read ui service status

Request:
Method:
GET
URI Path:
/api/v1/node/services/ui-service/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Restart, Start and Stop the ui service

Request:
Method:
POST
URI Path:
/api/v1/node/services/ui-service?action=restart|start|stop
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeServiceStatusProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Read node status

Returns information about the NSX Manager appliance's file system, CPU,
memory, disk usage, and uptime.
Request:
Method:
GET
URI Path:
/api/v1/node/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeStatusProperties+

Example Response: { "cpu_cores": 2, "file_systems": [ { "file_system": "/dev/sda2", "mount": "/", "total": 4790588, "type": "ext4", "used": 1402060 }, ...[content omitted for brevity] ], "load_average": [ 0.09, 0.1, 0.07 ], "mem_cache": 530348, "mem_total": 16430712, "mem_used": 3488064, "swap_total": 3997692, "swap_used": 0, "system_time": 1442278302776, "uptime": 22474490, "bootup_error": "\nBootup Errors:" } Required Permissions: read Feature: system_administration Additional Errors:

Update node status

Clear node bootup status
Request:
Method:
POST
URI Path:
/api/v1/node/status?action=clear_bootup_error
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node/status?action=clear_bootup_error Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeStatusProperties+

Example Response: { "cpu_cores": 2, "file_systems": [ { "file_system": "/dev/sda2", "mount": "/", "total": 4790588, "type": "ext4", "used": 1402060 }, ...[content omitted for brevity] ], "load_average": [ 0.09, 0.1, 0.07 ], "mem_cache": 530348, "mem_total": 16430712, "mem_used": 3488064, "swap_total": 3997692, "swap_used": 0, "system_time": 1442278302776, "uptime": 22474490 } Required Permissions: read Feature: system_administration Additional Errors:

Read node support bundle

Request:
Method:
GET
URI Path:
/api/v1/node/support-bundle
Request Headers:
n/a
Query Parameters:
SupportBundleQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/support-bundle Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/octet-stream
Response Body:
n/a

Example Response: Headers Content-Disposition : attachment;filename=nsx_support_bundle_20170818_002715.tgz Content-Type : application/x-tar Date : Thu, 18 Aug 2017 00:28:07 GMT Server : NSX Manager Transfer-Encoding : chunked Vmw-Task-Id : 421b38aa-e390-64b9-3fff-7ad6ebf59c40_10b1b5d6-0786-49a4-a61c-a1f64428b40e Required Permissions: read Feature: system_support_bundle Additional Errors:

List appliance management tasks

Request:
Method:
GET
URI Path:
/api/v1/node/tasks
Request Headers:
n/a
Query Parameters:
ApplianceManagementTaskQueryParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ApplianceManagementTaskListResult+

Required Permissions: read Feature: system_information Additional Errors:

Read task properties

Request:
Method:
GET
URI Path:
/api/v1/node/tasks/<task-id>
Request Headers:
n/a
Query Parameters:
ApplianceManagementSuppressRedirectQueryParameter+
Request Body:
n/a

Successful Response:
Response Code:
200 OK, 303 See Other
Response Headers:
Content-type: application/json
Response Body:
ApplianceManagementTaskProperties+

Required Permissions: read Feature: system_information Additional Errors:

Delete task

Request:
Method:
DELETE
URI Path:
/api/v1/node/tasks/<task-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: read Feature: system_administration Additional Errors:

Read asynchronous task response

Request:
Method:
GET
URI Path:
/api/v1/node/tasks/<task-id>/response
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK, 201 Created, 202 Accepted, 204 No Content, 303 See Other
Response Headers:
n/a
Response Body:
n/a

Required Permissions: read Feature: system_information Additional Errors:

Cancel specified task

Request:
Method:
POST
URI Path:
/api/v1/node/tasks/<task-id>?action=cancel
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: read Feature: system_administration Additional Errors:

List node users

Returns the list of users configued to log in to the NSX appliance.
Request:
Method:
GET
URI Path:
/api/v1/node/users
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/users Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeUserPropertiesListResult+

Example Response: { "result_count": 3, "results": [ { "full_name": "root", "userid": 0, "username": "root" }, { "full_name": "", "userid": 10000, "username": "admin" }, { "full_name": "", "userid": 10002, "username": "audit" } ] } Required Permissions: read Feature: system_administration Additional Errors:

Update node user

Updates attributes of an existing NSX appliance user. This method
cannot be used to add a new user. Modifiable attributes include the
username, full name of the user, and password. If you specify a password in
a PUT request, it is not returned in the response. Nor is it returned in a
GET request.
The specified password does not meet the following complexity requirements:
- minimum 12 characters in length
- minimum 1 uppercase character
- minimum 1 lowercase character
- minimum 1 numeric character
- minimum 1 special character
- minimum 5 unique characters
- default password complexity rules as enforced by the Linux PAM module
Request:
Method:
PUT
URI Path:
/api/v1/node/users/<userid>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NodeUserProperties+

Example Request: PUT https://<nsx-mgr>/api/v1/node/users/10000 { "full_name": "Jane L. Doe", "username": "admin1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeUserProperties+

Example Response: { "full_name": "Jane L. Doe" "userid": 10000, "username": "admin1" } Required Permissions: crud Feature: system_administration_passwd_mgmt Additional Errors:

Read node user

Returns information about a specified user who is configued to log in to the
NSX appliance
Request:
Method:
GET
URI Path:
/api/v1/node/users/<userid>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/users/10000 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeUserProperties+

Example Response: { "full_name": "", "userid": 10000, "username": "admin" } Required Permissions: read Feature: system_administration Additional Errors:

List SSH keys from authorized_keys file for node user

Returns a list of all SSH keys from authorized_keys file for node user
Request:
Method:
GET
URI Path:
/api/v1/node/users/<userid>/ssh-keys
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/users/10000/ssh-keys Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SshKeyPropertiesListResult+

Example Response: { "result_count": 2, "results": [ { "label": "user1@domain1" "type": "ssh-rsa" "value": "AAAAB3NzaC1yc2EAAAABIwAAAIEAywWhrwq4FjHt+UuwZcZePxtjtZOENFpOjufycaYso2nTlzNwnAQEQRfbqsUxKVtOtGxgApIkUvjRIjNBdJE6iOzvBXZhhJrM0GUDJragw7SMVIs/5xJBGAyHKJ1YUMGO7+nJTmsCLx6PFOlQYveuriiVVCCZerGCLH+UtSXK3z+l7hx9NiDg3/ylOLc3f3SLxrJKn0gMTgK7BHJFXo4PguuPjWZLVdUDX+XKiqtT2n4IsYs6N9qVFG3zUgNlEjZM47NK/ytAC0max98pK+QNzsuaQOo/IShJ1TOw5wwScflPArVJ2AyROqAe7cfQg7q12I9olASFd3U5NazfZCTYAvWA1kz9UZEWLJ1Br1XOkPqOleMM8KCp/PXzz8H0kISkMIji0/QuiZOPEBsKlszXjlALcXR8Mg1uiZVWy48i9JheyXyj1ToCj6cPScpgFHp3DAGSlKKbE1EFaVfeeyGAnHESuXC9wkSeFZCEyMJ+RgJxMkBXNZmyycbwsSqAeGJpMEUDlwzu2GD0obBz0HXqg9J1Xallop5AVDKfeszZcc=" }, { "label": "user2@domain2" "type": "ssh-rsa" "value": "AAAAB3NzaC1yc2EAAAABIwAAAIEA0KJDLOiiXj9XdMxiCT9KvaKfuxFQi+CIiklaN5hHsNgYOu7TijqyONEu5fONLoAo/cshLa+KuargyTrtizwcP4TPcTXZhhJrM0GUDJragw7SMVIs/5xJBGAyHKJ1YUMGO7+nJTmsCLx6PFOlQYveuriiVVCCZerGCLH+UtSXK3z+l7hx9NiDg3/ylOLc3f3SLxrJKn0gMTgK7BHJFXo4PguuPjWZLVdUDX+XKiqtT2n4IsYs6N9qVFG3zUgNlEjZM47NK/ytAC0max98pK+QNzsuaQOo/IShJ1TOw5wwScflPArVJ2AyROqAe7cfQg7q12I9olASFd3U5NazfZCTYAvWA1kz9UZEWLJ1Br1XOkPqOleMM8KCp/PXzz8H0kISkMIji0/QuiZOPEBsKlszXjlALcXR8Mg1uiZVWy48i9JheyXyj1ToCj6cPScpgFHp3DAGSlKKbE1EFaVfeeyGAnHESlnDDg3Gq5xSsB9Okqm3V5t8GpFaJbV68BxQ4BK6HJ21A3CinV4LdV3hR/OBUbDG2EcI+ZKRDjlpJuu4YU=" } ] } Required Permissions: read Feature: system_administration Additional Errors:

Add SSH public key to authorized_keys file for node user

Request:
Method:
POST
URI Path:
/api/v1/node/users/<userid>/ssh-keys?action=add_ssh_key
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SshKeyProperties+

Example Request: POST https://<nsx-mgr>/api/v1/node/users/10000/ssh-keys?action=add_ssh_key { "label": "user1@domain1", "type": "ssh-rsa", "value": "AAAAB3NzaC1yc2EAAAABIwAAAIEAywWhrwq4FjHt+UuwZcZePxtjtZOENFpOjufycaYso2nTlzNwnAQEQRfbqsUxKVtOtGxgApIkUvjRIjNBdJE6iOzvBXZhhJrM0GUDJragw7SMVIs/5xJBGAyHKJ1YUMGO7+nJTmsCLx6PFOlQYveuriiVVCCZerGCLH+UtSXK3z+l7hx9NiDg3/ylOLc3f3SLxrJKn0gMTgK7BHJFXo4PguuPjWZLVdUDX+XKiqtT2n4IsYs6N9qVFG3zUgNlEjZM47NK/ytAC0max98pK+QNzsuaQOo/IShJ1TOw5wwScflPArVJ2AyROqAe7cfQg7q12I9olASFd3U5NazfZCTYAvWA1kz9UZEWLJ1Br1XOkPqOleMM8KCp/PXzz8H0kISkMIji0/QuiZOPEBsKlszXjlALcXR8Mg1uiZVWy48i9JheyXyj1ToCj6cPScpgFHp3DAGSlKKbE1EFaVfeeyGAnHESuXC9wkSeFZCEyMJ+RgJxMkBXNZmyycbwsSqAeGJpMEUDlwzu2GD0obBz0HXqg9J1Xallop5AVDKfeszZcc=", "password": "Pa$$w0rd" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

Remove SSH public key from authorized_keys file for node user

Request:
Method:
POST
URI Path:
/api/v1/node/users/<userid>/ssh-keys?action=remove_ssh_key
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SshKeyBaseProperties+

Example Request: POST https://<nsx-mgr>/api/v1/node/users/10000/ssh-keys?action=remove_ssh_key { "label": "user1@domain1", "password": "Pa$$w0rd" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

Read node version

Request:
Method:
GET
URI Path:
/api/v1/node/version
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/version Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeVersion+

Example Response: { "node_version": "1.0.0.0.0.3063398" } Required Permissions: read Feature: system_information Additional Errors:

Restart or shutdown node

Restarts or shuts down the NSX appliance. Request:
Method:
POST
URI Path:
/api/v1/node?action=restart|shutdown
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/node?action=restart Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

Management Plane API: NSX Component Administration: Backup Restore Management

Management Plane API: NSX Component Administration: Backup Restore Management: Backup

Associated URIs:

Configure backup

Configure file server and timers for automated backup.
If secret fields are omitted (password, passphrase)
then use the previously set value.
Request:
Method:
PUT
URI Path:
/api/v1/cluster/backups/config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BackupConfiguration+

Example Request: PUT https://<nsx-mgr>/api/v1/cluster/backups/config { "backup_enabled" : true, "backup_schedule":{ "resource_type": "WeeklyBackupSchedule", "days_of_week":[ 1, 3, 5 ], "hour_of_day":0, "minute_of_day":0 }, "remote_file_server":{ "server":"10.1.2.3", "port":22, "protocol":{ "protocol_name":"sftp", "ssh_fingerprint":"SHA256:w2NgXhG2Nm76q9PL/bXWKkLbDS31uMLYttUe9eajPaA", "authentication_scheme":{ "scheme_name":"PASSWORD", "username":"admin", "password":"default" } }, "directory_path":"/nsx-backups" }, "passphrase":"swordfish", "inventory_summary_interval":300 }| PUT https://<nsx-mgr>/api/v1/cluster/backups/config { "backup_enabled" : true, "backup_schedule":{ "resource_type": "IntervalBackupSchedule", "seconds_between_backups":3600 }, "remote_file_server":{ "server":"10.1.2.3", "port":22, "protocol":{ "protocol_name":"sftp", "ssh_fingerprint":"SHA256:w2NgXhG2Nm76q9PL/bXWKkLbDS31uMLYttUe9eajPaA", "authentication_scheme":{ "scheme_name":"PASSWORD", "username":"admin", "password":"default" } }, "directory_path":"/nsx-backups" }, "passphrase":"swordfish", "inventory_summary_interval":300 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BackupConfiguration+

Required Permissions: crud Feature: utilities_backup Additional Errors:

Get backup configuration

Get a configuration of a file server and timers for automated backup.
Fields that contain secrets (password, passphrase) are not returned.
Request:
Method:
GET
URI Path:
/api/v1/cluster/backups/config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BackupConfiguration+

Example Response: { "backup_enabled" : true; "backup_schedule":{ "resource_type": "WeeklyBackupSchedule", "days_of_week":[ 1, 3, 5 ], "hour_of_day":0, "minute_of_day":0 }, "remote_file_server":{ "server":"10.1.2.3", "port":22, "protocol":{ "protocol_name":"sftp", "ssh_fingerprint":"SHA256:w2NgXhG2Nm76q9PL/bXWKkLbDS31uMLYttUe9eajPaA", "authentication_scheme":{ "scheme_name":"PASSWORD", "username":"admin" } }, "directory_path":"/nsx-backups" }, "inventory_summary_interval":300 } Required Permissions: read Feature: utilities_backup Additional Errors:

Get backup history

Get history of previous backup operations
Request:
Method:
GET
URI Path:
/api/v1/cluster/backups/history
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BackupOperationHistory+

Example Response: { "cluster_backup_statuses": [ { "backup_id" : "2128af2d-d763-4a27-80e0-4933af7e4824-1462221358", "start_time": 1523334840897, "end_time": 1523334916419, "success": true } ], "node_backup_statuses": [ { "backup_id" : "3128af2d-d763-4a27-80e0-4933af7e4824-1462221359", "start_time": 1523411768398, "end_time": 1523411844682, "success": false, "error_code": "BACKUP_SERVER_TIMEOUT", "error_message": "File server is not reachable, please check connectivity to file server" } ], "inventory_backup_statuses": [ { "backup_id" : "4128af2d-d763-4a27-80e0-4933af7e4824-1462221360", "start_time": 1523411625510, "end_time": 1523411701163, "success": true } ] } Required Permissions: read Feature: utilities_backup Additional Errors:

Get backup status

Get status of active backup operations
Request:
Method:
GET
URI Path:
/api/v1/cluster/backups/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CurrentBackupOperationStatus+

Example Response: { "operation_type": "backup", "backup_id": "fec18cee-ccf7-4d7c-bcc2-8634b08195cd-1523411326", "start_time": 1523411326952, "end_time": 1523411628558, "current_step": "BACKUP_CREATING_CLUSTER_BACKUP" } Required Permissions: read Feature: utilities_backup Additional Errors:

Get ssh fingerprint of remote(backup) server

Get SHA256 fingerprint of ECDSA key of remote server. The caller should
independently verify that the key is trusted.
Request:
Method:
POST
URI Path:
/api/v1/cluster/backups?action=retrieve_ssh_fingerprint
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RemoteServerFingerprintRequest+

Example Request: POST https://<nsx-mgr>/api/v1/cluster/backups?action=retrieve_ssh_fingerprint { "server":"10.1.2.3", "port":22 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RemoteServerFingerprint+

Example Response: { "server":"10.1.2.3", "port":22, "ssh_fingerprint":"SHA256:Apqs2qIrQ5r6U8xyv2czZjTniNsipz6SlCONf4kR/Gw" } Required Permissions: read Feature: utilities_backup Additional Errors:

Request one-time backup

Request one-time backup. The backup will be uploaded using the
same server configuration as for automatic backup.
Request:
Method:
POST
URI Path:
/api/v1/cluster?action=backup_to_remote
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/cluster?action=backup_to_remote Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_backup Additional Errors:

Request one-time inventory summary.

Request one-time inventory summary. The backup will be uploaded using the
same server configuration as for an automatic backup.
Request:
Method:
POST
URI Path:
/api/v1/cluster?action=summarize_inventory_to_remote
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/cluster?action=summarize_inventory_to_remote Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_backup Additional Errors:

Management Plane API: NSX Component Administration: Backup Restore Management: Restore

Associated URIs:

List timestamps of all available Cluster Backups.

Returns timestamps for all backup files that are available
on the SFTP server.
Request:
Method:
GET
URI Path:
/api/v1/cluster/restore/backuptimestamps
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/restore/backuptimestamps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterBackupInfoListResult+

Example Response: { "results": [ { "timestamp": 1482253939013, "ip_address": "64.233.187.105", "node_id": "21EA6850-217F-41A2-B3CF-F322A882C54E" }, { "timestamp": 1482081398404, "ip_address": "64.233.187.105", "node_id": "21EA6850-217F-41A2-B3CF-F322A882C54E" }, { "timestamp": 1481908598404, "ip_address": "64.233.187.105", "node_id": "21EA6850-217F-41A2-B3CF-F322A882C54E" }, { "timestamp": 1481735798404, "ip_address": "64.233.187.105", "node_id": "21EA6850-217F-41A2-B3CF-F322A882C54E" } ] } Required Permissions: read Feature: utilities_backup Additional Errors:

Configure Restore SFTP server credentials

Configure file server where the backed-up files used for the Restore
operation are available.
Request:
Method:
PUT
URI Path:
/api/v1/cluster/restore/config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RestoreConfiguration+

Example Request: PUT https://<nsx-mgr>/api/v1/cluster/restore/config { "remote_file_server":{ "server":"10.1.2.3", "port":22, "protocol":{ "protocol_name":"sftp", "ssh_fingerprint":"SHA256:w2NgXhG2Nm76q9PL/bXWKkLbDS31uMLYttUe9eajPaA", "authentication_scheme":{ "scheme_name":"PASSWORD", "username":"admin", "password":"default" } }, "directory_path":"/nsx-backups" }, "passphrase":"swordfish" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RestoreConfiguration+

Required Permissions: crud Feature: utilities_backup Additional Errors:

Get Restore configuration

Get configuration information for the file server used to store backed-up files.
Fields that contain secrets (password, passphrase) are not returned.
Request:
Method:
GET
URI Path:
/api/v1/cluster/restore/config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RestoreConfiguration+

Example Response: { "remote_file_server":{ "server":"10.1.2.3", "port":22, "protocol":{ "protocol_name":"sftp", "ssh_fingerprint":"SHA256:w2NgXhG2Nm76q9PL/bXWKkLbDS31uMLYttUe9eajPaA", "authentication_scheme":{ "scheme_name":"PASSWORD", "username":"admin" } }, "directory_path":"/nsx-backups" } } Required Permissions: read Feature: utilities_backup Additional Errors:

List resources for a given instruction, to be shown to/executed by users.

For restore operations requiring user input e.g. performing an action,
accepting/rejecting an action, etc. the information to be conveyed to users
is provided in this call.
Request:
Method:
GET
URI Path:
/api/v1/cluster/restore/instruction-resources
Request Headers:
n/a
Query Parameters:
ActionableResourceListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/restore/instruction-resources ?instruction_id=48F45150-038C-4664-B468-36FFE1B356F9 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ActionableResourceListResult+

Example Response: { "result_count": 2, "cursor": "00361b9f1d54-2f05-441e-9851-c42518cc8b1dasdfds", "results": [ { "id": "4630aadd-25d7-4c73-b03c-227ac314dfc4", "display_name": "db-server", "resource_type": "FabricNode", "ip_address": "10.23.12.77" }, { "id": "3cc5e971-0329-4f35-966a-7cd879171688", "display_name": "app-server", "resource_type": "FabricNode", "ip_address": "10.23.12.78" } ] } Required Permissions: read Feature: utilities_backup Additional Errors:

Query Restore Request Status

Returns status information for the specified NSX cluster restore request.
Request:
Method:
GET
URI Path:
/api/v1/cluster/restore/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/restore/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterRestoreStatus+

Example Response: { "id": "86e81e05-bc3c-4216-a0a2-3bf46ece68a3", "backup_timestamp": 1415830945573, "restore_start_time": 1415830945573, "restore_end_time": 1415830947433, "step": { "step_number": 7, "value": "MANAGER_RESTARTING", "description": "Restarting manager", "status": { "value": "RUNNING", "description": "The manager is restarting" } }, "status": { "value": "RUNNING", "description": "The operation is currently running" }, "total_steps": 11, #TODO: Fill in endpoints when state machine is finalized. "endpoints": [], "instructions": [ { "id": "48F45150-038C-4664-B468-36FFE1B356F9", "name": "Reset Fabric Nodes", "actions": [ "Log into these fabric nodes with root access and run reset_nsx_after_mp_restore.sh", "Restart node agent" ], "fields": ["display_name", "id", "resource_type", "IP"] }, { ... } ] } Required Permissions: read Feature: utilities_backup Additional Errors:

Advance any suspended restore operation

Advance any currently suspended restore operation. The operation might
have been suspended because (1) the user had suspended it previously, or
(2) the operation is waiting for user input, to be provided as a
part of the POST request body. This operation is only valid
when a GET cluster/restore/status returns a status with value SUSPENDED.
Otherwise, a 409 response is returned.
Request:
Method:
POST
URI Path:
/api/v1/cluster/restore?action=advance
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AdvanceClusterRestoreRequest+

Example Request: POST https://<nsx-mgr>/api/v1/cluster/restore?action=advance { "data": [ { "id": "423F4EBE-7D65-D782-4B7B-BD3EDEF111A4", "resoures": [ { "target_type": "LogicalSwitch", "target_display_name": "zone3LS", "is_valid": true, "target_id": "983B5FB6-C4E9-4FC9-81DC-1B27D5D09EC9" }, { "target_type": "LogicalSwitch", "target_display_name": "zone4LS", "is_valid": true, "target_id": "86f2b632-2d0e-46f2-9527-5baea8e273cd" } ] }, { "id": "52113C04-489E-4D47-B3FB-F3573155B24E", "resoures": [ { "target_type": "TransportNode", "target_display_name": "zone3TN", "is_valid": true, "target_id": "86f2b632-2d0e-46f2-9527-5baea8e273cd" } ] } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterRestoreStatus+

Example Response: { "id": "86e81e05-bc3c-4216-a0a2-3bf46ece68a3", "backup_timestamp": 1435298084391, "restore_start_time": 1483463180963, "restore_end_time": null, "step": { "step_number": 4, "value": "SFTP_COPY_START", "description": "Starting sftp copy" "status": { "value": "RUNNING", "description": "Sftp copy starting" } }, "status": { "value": "RUNNING", "description": "The operation is currently running" } "total_steps": 11, "endpoints": [ { action: POST, href: '/cluster/restore?action=suspend', rel: "self" }, { action: POST, href: '/cluster/restore?action=cancel', rel: "self" } ], "instructions": [] } Required Permissions: crud Feature: utilities_backup Additional Errors:

Cancel any running restore operation

This operation is only valid when a restore is in suspended state. The UI user
can cancel any restore operation when the restore is suspended either due
to an error, or for a user input. The API user would need to monitor the
progression of a restore by calling periodically
"/api/v1/cluster/restore/status" API. The response object
(ClusterRestoreStatus), contains a field "endpoints". The API user can cancel
the restore process if 'cancel' action is shown in the endpoint field. This
operation is only valid when a GET cluster/restore/status returns a status
with value SUSPENDED.
Request:
Method:
POST
URI Path:
/api/v1/cluster/restore?action=cancel
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/cluster/restore?action=cancel Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterRestoreStatus+

Example Response: { "id": "86e81e05-bc3c-4216-a0a2-3bf46ece68a3", "backup_timestamp": 1435298084391, "restore_start_time": 1483463180963, "restore_end_time": null, "step": { "step_number": 1, "value": "RESTORE_INITIATED", "description": "Starting cluster restore" "status": { "value": "RUNNING", "description": "Cluster restore initiated" } }, "status": { "value": "SUSPENDING", "description": "A suspend request is being processed" } "total_steps": 11, "endpoints": [ { action: POST, href: '/cluster/restore?action=resume', rel: "self" }, { action: POST, href: '/cluster/restore?action=cancel', rel: "self" } ], "instructions": [] } Required Permissions: crud Feature: utilities_backup Additional Errors:

Retry any failed restore operation

Retry any currently in-progress, failed restore operation. Only the last
step of the multi-step restore operation would have failed,and only that
step is retried. This operation is only valid when a
GET cluster/restore/status returns a status with value FAILED. Otherwise,
a 409 response is returned.
Request:
Method:
POST
URI Path:
/api/v1/cluster/restore?action=retry
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/cluster/restore?action=retry Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterRestoreStatus+

Example Response: { "id": "86e81e05-bc3c-4216-a0a2-3bf46ece68a3", "backup_timestamp": 1435298084391, "restore_start_time": 1483463180963, "restore_end_time": null, "step": { "step_number": 4, "value": "SFTP_COPY_START", "description": "Starting sftp copy" "status": { "value": "RUNNING", "description": "Sftp copy starting" } }, "status": { "value": "RUNNING", "description": "The operation is currently running" } "total_steps": 11, "endpoints": [ { action: POST, href: '/cluster/restore?action=suspend', rel: "self" }, { action: POST, href: '/cluster/restore?action=cancel', rel: "self" } ], "instructions": [] } Required Permissions: crud Feature: utilities_backup Additional Errors:

Initiate a restore operation

Start the restore of an NSX cluster, from some previously
backed-up configuration. This operation is only valid
when a GET cluster/restore/status returns a status with value NOT_STARTED.
Otherwise, a 409 response is returned.
Request:
Method:
POST
URI Path:
/api/v1/cluster/restore?action=start
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
InitiateClusterRestoreRequest+

Example Request: POST https://<nsx-mgr>/api/v1/cluster/restore?action=start { "node_id": "2128af2d-d763-4a27-80e0-4933af7e4824", "timestamp" : 1435298084391 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterRestoreStatus+

Example Response: { "id": "86e81e05-bc3c-4216-a0a2-3bf46ece68a3", "backup_timestamp": 1435298084391, "restore_start_time": 1483463180963, "restore_end_time": null, "step": { "step_number": 1, "value": "RESTORE_INITIATED", "description": "Starting cluster restore" "status": { "value": "RUNNING", "description": "The operation is currently running" } }, "status": { "value": "RUNNING", "description": "The operation is currently running" } "total_steps": 11, "endpoints": [ { action: POST, href: '/cluster/restore?action=suspend', rel: "self" }, { action: POST, href: '/cluster/restore?action=cancel', rel: "self" } ], "instructions": [] } Required Permissions: crud Feature: utilities_backup Additional Errors:

Suspend any running restore operation

Suspend any currently running restore operation. The restore operation is
made up of a number of steps. When this call is issued, any currently
running step is allowed to finish (successfully or with errors), and the
next step (and therefore the entire restore operation) is suspended until
a subsequent resume or cancel call is issued. This operation is only valid
when a GET cluster/restore/status returns a status with value RUNNING.
Otherwise, a 409 response is returned.
Request:
Method:
POST
URI Path:
/api/v1/cluster/restore?action=suspend
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/cluster/restore?action=suspend Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterRestoreStatus+

Example Response: { "id": "86e81e05-bc3c-4216-a0a2-3bf46ece68a3", "backup_timestamp": 1435298084391, "restore_start_time": 1483463180963, "restore_end_time": null, "step": { "step_number": 1, "value": "RESTORE_INITIATED", "description": "Starting cluster restore" "status": { "value": "RUNNING", "description": "Cluster restore initiated" } }, "status": { "value": "SUSPENDING", "description": "A suspend request is being processed" } "total_steps": 11, "endpoints": [ { action: POST, href: '/cluster/restore?action=resume', rel: "self" }, { action: POST, href: '/cluster/restore?action=cancel', rel: "self" } ], "instructions": [] } Required Permissions: crud Feature: utilities_backup Additional Errors:

Management Plane API: NSX Component Administration: Cluster Management

Associated URIs:

Read Cluster Configuration

Returns information about the NSX cluster configuration. An NSX cluster has
two functions or purposes, commonly referred to as "roles." These two roles
are control and management. Each NSX installation has a single cluster.
Separate NSX clusters do not share data. In other words, a given data-plane
node is attached to only one cluster, not to multiple clusters.
Request:
Method:
GET
URI Path:
/api/v1/cluster
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterConfig+

Example Response: { "cluster_id": "7c871014-bc27-4d7a-919a-45e762176f2b", "nodes": [ { "certificates": [ { "entity_type": "HTTPS", "certificate_sha256_thumbprint": "509bb72fdf46f3de24c99116d284f4222265197aae6b0a5a05512ea3c212b063", "certificate": "-----BEGIN CERTIFICATE-----\nMIICvTCCAaWgAwIBAgIEWxKYNDANBgkqhkiG9w0BAQsFADAOMQwwCgYDVQQDEwNh\ncGkwIBcNMTgxMDIzMTc1MTM4WhgPMjExODA5MjkxNzUxMzhaMA4xDDAKBgNVBAMT\nA2FwaTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJzoGfLgN7JjUGdD\n9/TiM1cHjlS7A1D6nRXFRFIxSD5TWNChPcYnsnkr3toMFfz79Lt6ye95cnN/kRLI\nC1bri9EZczmMaMIRMa+orUbQo38tiVGsheEuMfBOY+WyMW9TSNj6SWzSTQph0U70\nzt1HhT+yRWDxX9PYdMqk+xrT1EBYUM9vrrhnK2jJEe4SAwDOwYUKEtyETw20KDy6\nFn4eEZ5+SHEKzGk5v7bTeAAvQq5oR0CEYaGs6zYEiPPoYKf5I1Gk97kHbdmgKC1m\nGdvzI4AbG8soMz73JcaqOG+ND+NHznWkN2fvDuuWGgpPIz2IpvsS1gryuTVDZo9M\nELus2CsCAwEAAaMhMB8wHQYDVR0OBBYEFL4jv41Ul9CtDvWoSPYYvECkfjFkMA0G\nCSqGSIb3DQEBCwUAA4IBAQALAGXIEkG7uBpbB+gRZS4PmtE7hlN8dKByJyoWqlxx\n7JkbNnDN0Z8bYDo+WpTPWP2XyCvtBe+m8PV7Hf/oM6/EjOsXD6kOUf41uq3bmpyX\nbpy+5yLN79cMU07yD+yH9/TSoLDnYZ+uZ22mAeSGNkUpv0VYLDX3kYzcbDFp0iU4\ncCn68NgnD+pra1vLi0aNlSjNV5gLIgSz4VFRoFOgucgUm7/0p/0O5vOwQkqpaRtS\nGMpYB0DEZ9lnWvTLfGuwa1uNjg5JuShSqnOhD32K6lrLzmF3W3b9ew9JRO0mBZlu\nD1L/yiIlVhrLelYykMivlkpbMNl4hglAwbIOcKNIqB8c\n-----END CERTIFICATE-----\n" }, { "entity_type": "CONTROLLER", "certificate_sha256_thumbprint": "a8394d08e29dce3cfb2bf9689130c9cca89d1bdd0f5568342f7497e8b35d0025", "certificate": "-----BEGIN CERTIFICATE-----\nMIICvTCCAaWgAwIBAgIEXhWCCjANBgkqhkiG9w0BAQsFADAOMQwwCgYDVQQDEwNj\nY3AwIBcNMTgxMDIzMTc1MTQ0WhgPMjExODA5MjkxNzUxNDRaMA4xDDAKBgNVBAMT\nA2NjcDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANBBRVzGWjoslrXa\nbwBNpZbRvfi/qMBc+XiLxgSp2Jtn+J+yoBvmObdvrxNKcwyRi9aXQDEV7TyszpU6\nQs8oC8vnMCCeUN2Le5mOHY2HSs2xuDd6Gxv9I+DyEb1+j9qxIvEqiLzdfN1u3i2e\nx8SWPv8UrCD85lQLihTzH0eln57BPtqTJ/OL33jVp2S0Q6/uxmwiRfvn0DrcDw02\ntuL/qK7+zMJh861s73XY3+BtSNY75iZe/FjYcmphhLO4GestmudYEM7uYfXJ+74F\nQqTJ3RSqsHWCvXFK6+G39e27uiU+wfiUEiiBu4pJKaAyx565oiVEKPEiY9w4p+1R\nREGyWv8CAwEAAaMhMB8wHQYDVR0OBBYEFOz1lsjROruNyaAxcUN0lcyZ47FiMA0G\nCSqGSIb3DQEBCwUAA4IBAQB6XWvSv1P3VRZ0QDJGCpQ2tNLWshrmftHeLQKSBBCm\nZ+LJbDYHoiHWhJ6vyYYe24gIDwUGumZ1MqujYpGIW9wfJx1PE6Vn8cVftgcAUdfa\nPqwgXof2Yx30QHxElBMa67o98Xu2DPWKDq4IlJGKps+KbdlVpVQEYV7/xZ0Kyk8r\nY77jOY3bs6Mk2mnZ5rKJ/npg+eKg4AJPkTX0hj0A0dIH8JItr1TQgpSkwV8WyZpr\nJbTuwfEBpYqn3ka0eIXx4xvzWZBrY4Kb1DVEvtNOeyvZN4+DGDnUaoExWiyaSu4i\nwtX3bR0ZM0ssqhrCSIxXWIHIDL7t50mbW7SV1+y5irRm\n-----END CERTIFICATE-----\n" }, { "entity_type": "CLUSTER_BOOT_MANAGER", "certificate_sha256_thumbprint": "9aba23768e4dd5301dcba98181b3f22c8ac7bb1d39b80ec44636430f1f6a4b2d", "certificate": "-----BEGIN CERTIFICATE-----\nMIIC1TCCAb2gAwIBAgIEMGoU8TANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9j\nbHVzdGVyLW1hbmFnZXIwIBcNMTgxMDIzMTc1MTI5WhgPMjExODA5MjkxNzUxMjla\nMBoxGDAWBgNVBAMTD2NsdXN0ZXItbWFuYWdlcjCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAMDqNOyPD7c8VE7v0o0gBOg/2v5LB0lX3M+5uJeLF1hyaru0\n9c/HesjkEUz17lUEhhb177RHAeXIOIzeaxbSB0SvXv8F0cE8Y4CM7nhcWWd4t4rt\nx76xWb3C6R/JhyygDWRsiCUK/V/60LTcMToJ9Axsp4XuKXpu2WEPBlYMQIYxk3iC\n0bx2AvTJhDGLHwsRfhbN6hoZJGtyjMxHuQJuYUTuRRQQ7cGlQBTdidTod7Cp6SYn\ne48DSPtRFWiL0pZce1H0ZOlE2u76xi/uhFZuIP/gw7eyPS3Yd9ztEajy/RPGTLyn\nRhyrjr5Ev4Z9KgWfN9rTUw+jWxjfdBRik3dgrXsCAwEAAaMhMB8wHQYDVR0OBBYE\nFJhUp/WIyaZ5pm38YgQaQZHdmjCnMA0GCSqGSIb3DQEBCwUAA4IBAQAR8a3w+8om\nbkSs0/YG+p4EzLyS+Hz0UQjtNd4kkQ+iOZbVXAKQuixbHx2IOkwmI+QiC+2VSjba\nQr9KD/Lal0Bo0QmPdma/g/LzNgMx1jUwMhebP5LUNXrYRb1xqPxNRD8abxrf6Nez\nf/17T8rssMVY9gFcDtTRXEaoZyAHyFyVByLY0nUpvUdKSfBJM9YGb+g0C6lZpqEC\n2220qIRAklDKsLxHV62uEiydizxN0tTMaD2Af+sg4TbaKf9VGdwtXxk7EPNNiK3f\n8Z3s217H/5kCHXDRdmo6EwzIica1K/bzu+yVItPgFIpnCltYII8Ehrkq5FaVgNo7\nNP0EOvzlpH26\n-----END CERTIFICATE-----\n" }, { "entity_type": "DATASTORE", "certificate_sha256_thumbprint": "5eec1f2c2f02bbcca31429b7a91c45faece1933ef6fb9d0ee8b20e589d0728ae", "certificate": "-----BEGIN CERTIFICATE-----\nMIICwTCCAamgAwIBAgIEJb8g7DANBgkqhkiG9w0BAQsFADAQMQ4wDAYDVQQDEwVj\nb3JmdTAgFw0xODEwMjMxNzUyMDVaGA8yMTE4MDkyOTE3NTIwNVowEDEOMAwGA1UE\nAxMFY29yZnUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/MVvwFkXj\nSU5ShAmkZ3nbDIN7OvokdkvZSQoCiPaDFsYJNpRr2xEU3huSehJMPnqYN9Wbjf+Z\n3mQv9XuPaDcHtfEAjYlGh3+6yeZuvIcE5lKcvMB2LHFjZMBnXf5DT/wdMYtOOhda\nW9hKqIrLyDJZQuYW0acaUNU7dyYxBIFeHGXv1Nwls87dbahElyxbac7y0iMzV+lE\n1aF/xd218ozhooLYuT0n37KJuvN3wPdLrhA94g2zHWD17kL2ZOXuO+qiOFsHd0x7\nvebUmUgsmiBCrKjNADsnXqBwGfPtW8tUtuwkos1s4A9mI0k018H4UZqzbjJzfeSe\nT0J0Z/FKzEo3AgMBAAGjITAfMB0GA1UdDgQWBBRlf1gi/d7E0Xm62//2TO4JDWHT\nTjANBgkqhkiG9w0BAQsFAAOCAQEAFh+omRTX1yMUHcteGnPpxfiZSXnFaeAx+NzI\n8urQkOe/8B36OAU+quL0aEr2FVCizOS5sEjdSR0SXZ5VlcRyy+bPiaNGexvtRqzL\nV2sxCIZOCkfIweAEWFCqLWo0I3yj1ccqlHWw1vRSs2B2u7l8Bh0HKQqyCZ8neFS5\nuxSMxrpK0OEjoovqf2+reofRyDS3jX6IkkLdXj0tpZ/YODHy//O39jX/ntngTDKT\n29C0d6YdZzivAsLsl0o7AH+uRub4c5w5WPMTe1z5jRyvEq2kASnH+x6aHGL6NbiQ\nvYO6qoQ3CC4vc3JfRyCeL28sOgsFj3Izi4fTFoioL5m9jgF1/g==\n-----END CERTIFICATE-----\n" }, { "entity_type": "MANAGER", "certificate_sha256_thumbprint": "71515a155ce5679175eb176f22a99afc9a4f768d919555bd03254d3c7f09e19e", "certificate": "-----BEGIN CERTIFICATE-----\nMIICuzCCAaOgAwIBAgIEGhc3iDANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDEwJt\ncDAgFw0xODEwMjMxNzUxNTdaGA8yMTE4MDkyOTE3NTE1N1owDTELMAkGA1UEAxMC\nbXAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCayNg+xV6aO51s9UC3\nsPB3TNKhuNSPyZVN5uqH+dGdLGL5c2ZWtyjZbbliUP5AvHBlr2d6bGiVK5ySPGR/\n40navQaSvXTTvSaTyND/jg7hPQ5jR+Y/rZJRhvigi8EfQsYYvjaquO7GryfSiU4I\nPASkELzTFIj0F9t3+Ty3zPqokWqUa6bOCebut7IjV5xj2nTyg0jWouKP9wQNIhHI\nWijDEwQaRVXr61Fo7w8ZrMWMXi8LjQbRRBTywYZ2UDprhncGjb8mHqzsEl9MTSat\n2jEuWzS01YL/vKs04yJcANYNndZyiFHRkrfTy6VBLDKPzGIOregC7YjB0R6YduyY\nUjbDAgMBAAGjITAfMB0GA1UdDgQWBBQArCaW3t4t37jU10r9elEywMX7tTANBgkq\nhkiG9w0BAQsFAAOCAQEASKDXDjaNBu+SaKPurfdzdxP5F5KU5dlK9wDZy6DE/kx0\nhMFDXJPiFcs0tYbo2zKccRHJQ26qF3O0RtzD5h+yTc1GjNSdhuqql7BK7mOtNpaZ\nvK46+pUVJxjZz/ShTHHHMN7YWd/n7JPkb/uILhHOT0/GMGKSfvYycvYdSY+qrghi\nECmajbqN1nZyLmtx1rQvjCybUeDxPiOIZ1UFtfkNJ7s0rc3CsihUecuSW/UmDVCk\nXl8C+R3Pql8u6STvv5ofZ0DQCvknTlqhAvyQe33yevMpzH6AwAMLCMtE1Mmso9SX\nF151OMImswdz5aWSKsPc0ehnpHDrqXe26fSdT8jymA==\n-----END CERTIFICATE-----\n" }, { "entity_type": "POLICY", "certificate_sha256_thumbprint": "69e50eeeb95f14e8d27f873a37e6329674f7521310781e6461a41596d7cc5c1b", "certificate": "-----BEGIN CERTIFICATE-----\nMIICwzCCAaugAwIBAgIEQxB9PTANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDEwZw\nb2xpY3kwIBcNMTgxMDIzMTc1MTQ5WhgPMjExODA5MjkxNzUxNDlaMBExDzANBgNV\nBAMTBnBvbGljeTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMswAi2E\nP/2q/LI7yNaG9ao6XeKyTPbC+mzlAqAr6jra1pXyXpjJJSR6jCGvKg3dTnCFCNdp\nnKoVm+69Stp/ZuQn++CN2ekW9EVgiMRnyRvV3jCQE81B6/HWv3DWKvmeZqVwKlLj\nRvdtONpkZhD40BQBKrckCMF68nCjFTxHwP6FYeKoy5Om8gM4OcoHhwsKDehxZ662\n7WyZUwU7X7jkTJwGyB8AhpkLeUCVYgNoui3xiYE8HEUwNvOpFlzEoA531v6xmyG/\njbJvypCJVT7i7Lj7bZXMfFv5vQ2gdJK40Cl3iEJS9LLAI9TiKhP3WrBdLQjcxuWI\n9TvJFVOOvAzx/ScCAwEAAaMhMB8wHQYDVR0OBBYEFPIrdP1e/h9RG9HJAzEe+oFN\nR2jvMA0GCSqGSIb3DQEBCwUAA4IBAQCXszjV1L3ZJUCImpCia5H0xMKZhrb8U0aF\nAz4iWRpE10G8AxNi7lmY/dPc3ey2X8+7hAxoqC3TaRApTyQwCXwaJtdWHwyAqzyZ\ngzAhPEkUoEsZEySsJ0lmnL8VQNTRZKsTpycfz50crj4KsJJwwp1dYdhNqLWCHxaD\nbk4gkiR52JEdAz3dqOQCQcc+Cfrx2XNpqAbH1vhZMoxzWbA5vrimhuLc08V+zQfu\nLwmfuGK7fla82sNu52geXXWkjtVd5TxoTLWUj5yq0LaW3L1JJgsfJR1uf8FY9tBs\nlbk/xR9y0DUZbcyj8IfPJiXcNuzXtMGBe3Lz1Gw5NODRIjcG+S9D\n-----END CERTIFICATE-----\n" } ], "entities": [ { "entity_type": "HTTPS", "port": 443, "ip_address": "10.161.181.150" }, { "entity_type": "CONTROLLER", "port": 0, "ip_address": "10.161.181.150" }, { "entity_type": "CLUSTER_BOOT_MANAGER", "port": 0, "ip_address": "10.161.181.150" }, { "entity_type": "DATASTORE", "port": 9000, "ip_address": "10.161.181.150" }, { "entity_type": "MANAGER", "port": 0, "ip_address": "10.161.181.150" }, { "entity_type": "POLICY", "port": 0, "ip_address": "10.161.181.150" } ], "msg_clients": [ { "entity_type": "CONTROLLER", "clients": [ { "account_name": "cvn-ccp-mpa-05ee9070-1b1a-4479-a944-f6aad0115b39", "client_type": "MPA" }, { "account_name": "cvn-ccp-5b1e2888-d8a8-49cf-880f-cfbaf7228599", "client_type": "HOST" } ] }, { "entity_type": "MANAGER", "clients": [ { "account_name": "cvn-mp-mpa-eabac123-44a5-439b-9a68-1051e721771a", "client_type": "MPA" } ] } ], "node_uuid": "ad200842-02bd-fe4b-2810-885404ab32a7", "display_name": "ad200842-02bd-fe4b-2810-885404ab32a7", "fqdn": "nsx-a01.vmware.com" "status": "JOINED" } ], "mgmt_cluster_changes_allowed": true, "control_cluster_changes_allowed": true, "_revision": 0 } Required Permissions: read Feature: cluster_management Additional Errors:

Read cluster node configuration

Returns information about the specified NSX cluster node. Request:
Method:
GET
URI Path:
/api/v1/cluster/<node-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: https://<nsx-mgr>/api/v1/cluster/ad200842-02bd-fe4b-2810-885404ab32a7 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterNodeInfo+

Example Response: { "certificates": [ { "entity_type": "HTTPS", "certificate_sha256_thumbprint": "509bb72fdf46f3de24c99116d284f4222265197aae6b0a5a05512ea3c212b063", "certificate": "-----BEGIN CERTIFICATE-----\nMIICvTCCAaWgAwIBAgIEWxKYNDANBgkqhkiG9w0BAQsFADAOMQwwCgYDVQQDEwNh\ncGkwIBcNMTgxMDIzMTc1MTM4WhgPMjExODA5MjkxNzUxMzhaMA4xDDAKBgNVBAMT\nA2FwaTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJzoGfLgN7JjUGdD\n9/TiM1cHjlS7A1D6nRXFRFIxSD5TWNChPcYnsnkr3toMFfz79Lt6ye95cnN/kRLI\nC1bri9EZczmMaMIRMa+orUbQo38tiVGsheEuMfBOY+WyMW9TSNj6SWzSTQph0U70\nzt1HhT+yRWDxX9PYdMqk+xrT1EBYUM9vrrhnK2jJEe4SAwDOwYUKEtyETw20KDy6\nFn4eEZ5+SHEKzGk5v7bTeAAvQq5oR0CEYaGs6zYEiPPoYKf5I1Gk97kHbdmgKC1m\nGdvzI4AbG8soMz73JcaqOG+ND+NHznWkN2fvDuuWGgpPIz2IpvsS1gryuTVDZo9M\nELus2CsCAwEAAaMhMB8wHQYDVR0OBBYEFL4jv41Ul9CtDvWoSPYYvECkfjFkMA0G\nCSqGSIb3DQEBCwUAA4IBAQALAGXIEkG7uBpbB+gRZS4PmtE7hlN8dKByJyoWqlxx\n7JkbNnDN0Z8bYDo+WpTPWP2XyCvtBe+m8PV7Hf/oM6/EjOsXD6kOUf41uq3bmpyX\nbpy+5yLN79cMU07yD+yH9/TSoLDnYZ+uZ22mAeSGNkUpv0VYLDX3kYzcbDFp0iU4\ncCn68NgnD+pra1vLi0aNlSjNV5gLIgSz4VFRoFOgucgUm7/0p/0O5vOwQkqpaRtS\nGMpYB0DEZ9lnWvTLfGuwa1uNjg5JuShSqnOhD32K6lrLzmF3W3b9ew9JRO0mBZlu\nD1L/yiIlVhrLelYykMivlkpbMNl4hglAwbIOcKNIqB8c\n-----END CERTIFICATE-----\n" }, { "entity_type": "CONTROLLER", "certificate_sha256_thumbprint": "a8394d08e29dce3cfb2bf9689130c9cca89d1bdd0f5568342f7497e8b35d0025", "certificate": "-----BEGIN CERTIFICATE-----\nMIICvTCCAaWgAwIBAgIEXhWCCjANBgkqhkiG9w0BAQsFADAOMQwwCgYDVQQDEwNj\nY3AwIBcNMTgxMDIzMTc1MTQ0WhgPMjExODA5MjkxNzUxNDRaMA4xDDAKBgNVBAMT\nA2NjcDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANBBRVzGWjoslrXa\nbwBNpZbRvfi/qMBc+XiLxgSp2Jtn+J+yoBvmObdvrxNKcwyRi9aXQDEV7TyszpU6\nQs8oC8vnMCCeUN2Le5mOHY2HSs2xuDd6Gxv9I+DyEb1+j9qxIvEqiLzdfN1u3i2e\nx8SWPv8UrCD85lQLihTzH0eln57BPtqTJ/OL33jVp2S0Q6/uxmwiRfvn0DrcDw02\ntuL/qK7+zMJh861s73XY3+BtSNY75iZe/FjYcmphhLO4GestmudYEM7uYfXJ+74F\nQqTJ3RSqsHWCvXFK6+G39e27uiU+wfiUEiiBu4pJKaAyx565oiVEKPEiY9w4p+1R\nREGyWv8CAwEAAaMhMB8wHQYDVR0OBBYEFOz1lsjROruNyaAxcUN0lcyZ47FiMA0G\nCSqGSIb3DQEBCwUAA4IBAQB6XWvSv1P3VRZ0QDJGCpQ2tNLWshrmftHeLQKSBBCm\nZ+LJbDYHoiHWhJ6vyYYe24gIDwUGumZ1MqujYpGIW9wfJx1PE6Vn8cVftgcAUdfa\nPqwgXof2Yx30QHxElBMa67o98Xu2DPWKDq4IlJGKps+KbdlVpVQEYV7/xZ0Kyk8r\nY77jOY3bs6Mk2mnZ5rKJ/npg+eKg4AJPkTX0hj0A0dIH8JItr1TQgpSkwV8WyZpr\nJbTuwfEBpYqn3ka0eIXx4xvzWZBrY4Kb1DVEvtNOeyvZN4+DGDnUaoExWiyaSu4i\nwtX3bR0ZM0ssqhrCSIxXWIHIDL7t50mbW7SV1+y5irRm\n-----END CERTIFICATE-----\n" }, { "entity_type": "CLUSTER_BOOT_MANAGER", "certificate_sha256_thumbprint": "9aba23768e4dd5301dcba98181b3f22c8ac7bb1d39b80ec44636430f1f6a4b2d", "certificate": "-----BEGIN CERTIFICATE-----\nMIIC1TCCAb2gAwIBAgIEMGoU8TANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDEw9j\nbHVzdGVyLW1hbmFnZXIwIBcNMTgxMDIzMTc1MTI5WhgPMjExODA5MjkxNzUxMjla\nMBoxGDAWBgNVBAMTD2NsdXN0ZXItbWFuYWdlcjCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBAMDqNOyPD7c8VE7v0o0gBOg/2v5LB0lX3M+5uJeLF1hyaru0\n9c/HesjkEUz17lUEhhb177RHAeXIOIzeaxbSB0SvXv8F0cE8Y4CM7nhcWWd4t4rt\nx76xWb3C6R/JhyygDWRsiCUK/V/60LTcMToJ9Axsp4XuKXpu2WEPBlYMQIYxk3iC\n0bx2AvTJhDGLHwsRfhbN6hoZJGtyjMxHuQJuYUTuRRQQ7cGlQBTdidTod7Cp6SYn\ne48DSPtRFWiL0pZce1H0ZOlE2u76xi/uhFZuIP/gw7eyPS3Yd9ztEajy/RPGTLyn\nRhyrjr5Ev4Z9KgWfN9rTUw+jWxjfdBRik3dgrXsCAwEAAaMhMB8wHQYDVR0OBBYE\nFJhUp/WIyaZ5pm38YgQaQZHdmjCnMA0GCSqGSIb3DQEBCwUAA4IBAQAR8a3w+8om\nbkSs0/YG+p4EzLyS+Hz0UQjtNd4kkQ+iOZbVXAKQuixbHx2IOkwmI+QiC+2VSjba\nQr9KD/Lal0Bo0QmPdma/g/LzNgMx1jUwMhebP5LUNXrYRb1xqPxNRD8abxrf6Nez\nf/17T8rssMVY9gFcDtTRXEaoZyAHyFyVByLY0nUpvUdKSfBJM9YGb+g0C6lZpqEC\n2220qIRAklDKsLxHV62uEiydizxN0tTMaD2Af+sg4TbaKf9VGdwtXxk7EPNNiK3f\n8Z3s217H/5kCHXDRdmo6EwzIica1K/bzu+yVItPgFIpnCltYII8Ehrkq5FaVgNo7\nNP0EOvzlpH26\n-----END CERTIFICATE-----\n" }, { "entity_type": "DATASTORE", "certificate_sha256_thumbprint": "5eec1f2c2f02bbcca31429b7a91c45faece1933ef6fb9d0ee8b20e589d0728ae", "certificate": "-----BEGIN CERTIFICATE-----\nMIICwTCCAamgAwIBAgIEJb8g7DANBgkqhkiG9w0BAQsFADAQMQ4wDAYDVQQDEwVj\nb3JmdTAgFw0xODEwMjMxNzUyMDVaGA8yMTE4MDkyOTE3NTIwNVowEDEOMAwGA1UE\nAxMFY29yZnUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/MVvwFkXj\nSU5ShAmkZ3nbDIN7OvokdkvZSQoCiPaDFsYJNpRr2xEU3huSehJMPnqYN9Wbjf+Z\n3mQv9XuPaDcHtfEAjYlGh3+6yeZuvIcE5lKcvMB2LHFjZMBnXf5DT/wdMYtOOhda\nW9hKqIrLyDJZQuYW0acaUNU7dyYxBIFeHGXv1Nwls87dbahElyxbac7y0iMzV+lE\n1aF/xd218ozhooLYuT0n37KJuvN3wPdLrhA94g2zHWD17kL2ZOXuO+qiOFsHd0x7\nvebUmUgsmiBCrKjNADsnXqBwGfPtW8tUtuwkos1s4A9mI0k018H4UZqzbjJzfeSe\nT0J0Z/FKzEo3AgMBAAGjITAfMB0GA1UdDgQWBBRlf1gi/d7E0Xm62//2TO4JDWHT\nTjANBgkqhkiG9w0BAQsFAAOCAQEAFh+omRTX1yMUHcteGnPpxfiZSXnFaeAx+NzI\n8urQkOe/8B36OAU+quL0aEr2FVCizOS5sEjdSR0SXZ5VlcRyy+bPiaNGexvtRqzL\nV2sxCIZOCkfIweAEWFCqLWo0I3yj1ccqlHWw1vRSs2B2u7l8Bh0HKQqyCZ8neFS5\nuxSMxrpK0OEjoovqf2+reofRyDS3jX6IkkLdXj0tpZ/YODHy//O39jX/ntngTDKT\n29C0d6YdZzivAsLsl0o7AH+uRub4c5w5WPMTe1z5jRyvEq2kASnH+x6aHGL6NbiQ\nvYO6qoQ3CC4vc3JfRyCeL28sOgsFj3Izi4fTFoioL5m9jgF1/g==\n-----END CERTIFICATE-----\n" }, { "entity_type": "MANAGER", "certificate_sha256_thumbprint": "71515a155ce5679175eb176f22a99afc9a4f768d919555bd03254d3c7f09e19e", "certificate": "-----BEGIN CERTIFICATE-----\nMIICuzCCAaOgAwIBAgIEGhc3iDANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDEwJt\ncDAgFw0xODEwMjMxNzUxNTdaGA8yMTE4MDkyOTE3NTE1N1owDTELMAkGA1UEAxMC\nbXAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCayNg+xV6aO51s9UC3\nsPB3TNKhuNSPyZVN5uqH+dGdLGL5c2ZWtyjZbbliUP5AvHBlr2d6bGiVK5ySPGR/\n40navQaSvXTTvSaTyND/jg7hPQ5jR+Y/rZJRhvigi8EfQsYYvjaquO7GryfSiU4I\nPASkELzTFIj0F9t3+Ty3zPqokWqUa6bOCebut7IjV5xj2nTyg0jWouKP9wQNIhHI\nWijDEwQaRVXr61Fo7w8ZrMWMXi8LjQbRRBTywYZ2UDprhncGjb8mHqzsEl9MTSat\n2jEuWzS01YL/vKs04yJcANYNndZyiFHRkrfTy6VBLDKPzGIOregC7YjB0R6YduyY\nUjbDAgMBAAGjITAfMB0GA1UdDgQWBBQArCaW3t4t37jU10r9elEywMX7tTANBgkq\nhkiG9w0BAQsFAAOCAQEASKDXDjaNBu+SaKPurfdzdxP5F5KU5dlK9wDZy6DE/kx0\nhMFDXJPiFcs0tYbo2zKccRHJQ26qF3O0RtzD5h+yTc1GjNSdhuqql7BK7mOtNpaZ\nvK46+pUVJxjZz/ShTHHHMN7YWd/n7JPkb/uILhHOT0/GMGKSfvYycvYdSY+qrghi\nECmajbqN1nZyLmtx1rQvjCybUeDxPiOIZ1UFtfkNJ7s0rc3CsihUecuSW/UmDVCk\nXl8C+R3Pql8u6STvv5ofZ0DQCvknTlqhAvyQe33yevMpzH6AwAMLCMtE1Mmso9SX\nF151OMImswdz5aWSKsPc0ehnpHDrqXe26fSdT8jymA==\n-----END CERTIFICATE-----\n" }, { "entity_type": "POLICY", "certificate_sha256_thumbprint": "69e50eeeb95f14e8d27f873a37e6329674f7521310781e6461a41596d7cc5c1b", "certificate": "-----BEGIN CERTIFICATE-----\nMIICwzCCAaugAwIBAgIEQxB9PTANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDEwZw\nb2xpY3kwIBcNMTgxMDIzMTc1MTQ5WhgPMjExODA5MjkxNzUxNDlaMBExDzANBgNV\nBAMTBnBvbGljeTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMswAi2E\nP/2q/LI7yNaG9ao6XeKyTPbC+mzlAqAr6jra1pXyXpjJJSR6jCGvKg3dTnCFCNdp\nnKoVm+69Stp/ZuQn++CN2ekW9EVgiMRnyRvV3jCQE81B6/HWv3DWKvmeZqVwKlLj\nRvdtONpkZhD40BQBKrckCMF68nCjFTxHwP6FYeKoy5Om8gM4OcoHhwsKDehxZ662\n7WyZUwU7X7jkTJwGyB8AhpkLeUCVYgNoui3xiYE8HEUwNvOpFlzEoA531v6xmyG/\njbJvypCJVT7i7Lj7bZXMfFv5vQ2gdJK40Cl3iEJS9LLAI9TiKhP3WrBdLQjcxuWI\n9TvJFVOOvAzx/ScCAwEAAaMhMB8wHQYDVR0OBBYEFPIrdP1e/h9RG9HJAzEe+oFN\nR2jvMA0GCSqGSIb3DQEBCwUAA4IBAQCXszjV1L3ZJUCImpCia5H0xMKZhrb8U0aF\nAz4iWRpE10G8AxNi7lmY/dPc3ey2X8+7hAxoqC3TaRApTyQwCXwaJtdWHwyAqzyZ\ngzAhPEkUoEsZEySsJ0lmnL8VQNTRZKsTpycfz50crj4KsJJwwp1dYdhNqLWCHxaD\nbk4gkiR52JEdAz3dqOQCQcc+Cfrx2XNpqAbH1vhZMoxzWbA5vrimhuLc08V+zQfu\nLwmfuGK7fla82sNu52geXXWkjtVd5TxoTLWUj5yq0LaW3L1JJgsfJR1uf8FY9tBs\nlbk/xR9y0DUZbcyj8IfPJiXcNuzXtMGBe3Lz1Gw5NODRIjcG+S9D\n-----END CERTIFICATE-----\n" } ], "entities": [ { "entity_type": "HTTPS", "port": 443, "ip_address": "10.161.181.150" }, { "entity_type": "CONTROLLER", "port": 0, "ip_address": "10.161.181.150" }, { "entity_type": "CLUSTER_BOOT_MANAGER", "port": 0, "ip_address": "10.161.181.150" }, { "entity_type": "DATASTORE", "port": 9000, "ip_address": "10.161.181.150" }, { "entity_type": "MANAGER", "port": 0, "ip_address": "10.161.181.150" }, { "entity_type": "POLICY", "port": 0, "ip_address": "10.161.181.150" } ], "msg_clients": [ { "entity_type": "CONTROLLER", "clients": [ { "account_name": "cvn-ccp-mpa-05ee9070-1b1a-4479-a944-f6aad0115b39", "client_type": "MPA" }, { "account_name": "cvn-ccp-5b1e2888-d8a8-49cf-880f-cfbaf7228599", "client_type": "HOST" } ] }, { "entity_type": "MANAGER", "clients": [ { "account_name": "cvn-mp-mpa-eabac123-44a5-439b-9a68-1051e721771a", "client_type": "MPA" } ] } ], "node_uuid": "ad200842-02bd-fe4b-2810-885404ab32a7", "display_name": "ad200842-02bd-fe4b-2810-885404ab32a7", "status": "JOINED" } Required Permissions: read Feature: cluster_management Additional Errors:

Detach a node from the Cluster

Request:
Method:
POST
URI Path:
/api/v1/cluster/<node-id>?action=remove_node
Request Headers:
n/a
Query Parameters:
DetachClusterParameters+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/cluster/c69dd550-841d-4064-bc92-476e977ad04d?action=remove_node POST https://<nsx-mgr>/api/v1/cluster/c69dd550-841d-4064-bc92-476e977ad04d?action=remove_node&force=true POST https://<nsx-mgr>/api/v1/cluster/c69dd550-841d-4064-bc92-476e977ad04d?action=remove_node&ignore-repository-ip-check=true Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterConfiguration+

Required Permissions: crud Feature: cluster_management Additional Errors:

Read cluster certificate ID

Returns the ID of the certificate that is used as the cluster certificate for MP
Request:
Method:
GET
URI Path:
/api/v1/cluster/api-certificate
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/api-certificate Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterCertificateId+

Example Response: { "certificate_id": "d60c6a07-6e59-4873-8edb-339bf75711ac" } Required Permissions: read Feature: cluster_management Additional Errors:

Clear the cluster certificate (Deprecated)

Clears the certificate used for the MP cluster.
This does not affect the certificate itself.
This API is deprecated. Instead use the
/api/v1/cluster/api-certificate?action=set_cluster_certificate API to set
the cluster certificate to a different one.
It just means that from now on, individual certificates will be used on
each MP node. This affects all nodes in the cluster.
Request:
Method:
POST
URI Path:
/api/v1/cluster/api-certificate?action=clear_cluster_certificate
Request Headers:
n/a
Query Parameters:
ClusterCertificateId+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/cluster/api-certificate?action=clear_cluster_certificate&certificate_id= Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterCertificateId+

Example Response: { "certificate_id": null } Required Permissions: crud Feature: system_administration Additional Errors:

Set the cluster certificate

Sets the certificate used for the MP cluster.
Issuing this request causes the http service to restart so that the service
can begin using the new certificate. When the POST request succeeds, it
doesn't return a valid response. The request times out because of the restart.
This affects all nodes in the cluster.
Request:
Method:
POST
URI Path:
/api/v1/cluster/api-certificate?action=set_cluster_certificate
Request Headers:
n/a
Query Parameters:
ClusterCertificateId+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/cluster/api-certificate?action=set_cluster_certificate&certificate_id= Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterCertificateId+

Example Response: { "certificate_id": "d60c6a07-6e59-4873-8edb-339bf75711ac" } Required Permissions: crud Feature: system_administration Additional Errors:

Read API service properties

Read the configuration of the NSX API service.
Request:
Method:
GET
URI Path:
/api/v1/cluster/api-service
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/api-service Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ApiServiceConfig+

Example Response: { "global_api_concurrency_limit": 199, "client_api_rate_limit": 100, "client_api_concurrency_limit": 40, "connection_timeout": 30, "redirect_host": "", "cipher_suites": [ {"enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"}, {"enabled": true, "name": "TLS_RSA_WITH_AES_256_GCM_SHA384"}, {"enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"}, {"enabled": true, "name": "TLS_RSA_WITH_AES_128_GCM_SHA256"} {"enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384}", {"enabled": true, "name": "TLS_RSA_WITH_AES_256_CBC_SHA256"}, {"enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"}, {"enabled": true, "name": "TLS_RSA_WITH_AES_256_CBC_SHA"}, {"enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"}, {"enabled": true, "name": "TLS_RSA_WITH_AES_128_CBC_SHA256"}, {"enabled": false, "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"}, {"enabled": false, "name": "TLS_RSA_WITH_AES_128_CBC_SHA"} ], "protocol_versions": [ {"enabled": true, "name": "TLSv1.1"}, {"enabled": true, "name": "TLSv1.2"} ] } Required Permissions: read Feature: system_administration Additional Errors:

Update API service properties

Read the configuration of the NSX API service. Changes are applied to all nodes in the cluster. The API service on each node will restart after it is updated using this API. There may be a delay of up to a minute or so between the time this API call completes and when the new configuration goes into effect. Request:
Method:
PUT
URI Path:
/api/v1/cluster/api-service
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ApiServiceConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/cluster/api-service { "global_api_concurrency_limit": 199, "client_api_rate_limit": 100, "client_api_concurrency_limit": 40, "connection_timeout": 30, "redirect_host": "", "cipher_suites": [ {"enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"}, {"enabled": true, "name": "TLS_RSA_WITH_AES_256_GCM_SHA384"}, {"enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"}, {"enabled": true, "name": "TLS_RSA_WITH_AES_128_GCM_SHA256"} {"enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384}", {"enabled": true, "name": "TLS_RSA_WITH_AES_256_CBC_SHA256"}, {"enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"}, {"enabled": true, "name": "TLS_RSA_WITH_AES_256_CBC_SHA"}, {"enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"}, {"enabled": true, "name": "TLS_RSA_WITH_AES_128_CBC_SHA256"}, {"enabled": false, "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"}, {"enabled": false, "name": "TLS_RSA_WITH_AES_128_CBC_SHA"} ], "protocol_versions": [ {"enabled": true, "name": "TLSv1.1"}, {"enabled": false, "name": "TLSv1.2"} ] } Successful Response:
Response Code:
202 Accepted
Response Headers:
Content-type: application/json
Response Body:
ApiServiceConfig+

Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ApiServiceConfig+

Example Response: { "global_api_concurrency_limit": 199, "client_api_rate_limit": 100, "client_api_concurrency_limit": 40, "connection_timeout": 30, "redirect_host": "", "cipher_suites": [ {"enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"}, {"enabled": true, "name": "TLS_RSA_WITH_AES_256_GCM_SHA384"}, {"enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"}, {"enabled": true, "name": "TLS_RSA_WITH_AES_128_GCM_SHA256"} {"enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384}", {"enabled": true, "name": "TLS_RSA_WITH_AES_256_CBC_SHA256"}, {"enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"}, {"enabled": true, "name": "TLS_RSA_WITH_AES_256_CBC_SHA"}, {"enabled": true, "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"}, {"enabled": true, "name": "TLS_RSA_WITH_AES_128_CBC_SHA256"}, {"enabled": false, "name": "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"}, {"enabled": false, "name": "TLS_RSA_WITH_AES_128_CBC_SHA"} ], "protocol_versions": [ {"enabled": true, "name": "TLSv1.1"}, {"enabled": false, "name": "TLSv1.2"} ] } Required Permissions: crud Feature: system_administration Additional Errors:

Read cluster virtual IP address

Returns the configured cluster virtual IP address or null if not configured.
Request:
Method:
GET
URI Path:
/api/v1/cluster/api-virtual-ip
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/api-virtual-ip Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterVirtualIpProperties+

Example Response: { "_schema": "ClusterVirtualIpProperties", "_self": { "href": "/cluster/api-virtual-ip", "rel": "self" }, "ip_address": 0.0.0.0 } Required Permissions: read Feature: cluster_management Additional Errors:

Clear cluster virtual IP address

Clears the cluster virtual IP address.
Request:
Method:
POST
URI Path:
/api/v1/cluster/api-virtual-ip?action=clear_virtual_ip
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/cluster/api-virtual-ip?action=clear_virtual_ip Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterVirtualIpProperties+

Example Response: { "_schema": "ClusterVirtualIpProperties", "_self": { "href": "/cluster/api-virtual-ip", "rel": "self" }, "ip_address": 0.0.0.0 } Required Permissions: crud Feature: cluster_management Additional Errors:

Set cluster virtual IP address

Sets the cluster virtual IP address. Note, all nodes in the management
cluster must be in the same subnet. If not, a 409 CONFLICT status is
returned.
Request:
Method:
POST
URI Path:
/api/v1/cluster/api-virtual-ip?action=set_virtual_ip
Request Headers:
n/a
Query Parameters:
ClusterVirtualIpProperties+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/cluster/api-virtual-ip?action=set_virtual_ip&ip_address=10.0.0.251 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterVirtualIpProperties+

Example Response: { "_schema": "ClusterVirtualIpProperties", "_self": { "href": "/cluster/api-virtual-ip", "rel": "self" }, "ip_address": "10.0.0.251" } Required Permissions: crud Feature: cluster_management Additional Errors:

Add a controller to the cluster (Deprecated)

Add a new controller to the NSX cluster.
Deprecated. Use POST /cluster?action=join_cluster to join a node to cluster.
The controller comes with the new node.
Request:
Method:
POST
URI Path:
/api/v1/cluster/nodes
Request Headers:
n/a
Query Parameters:
AddClusterNodeAction+
Request Body:
AddClusterNodeSpec+

Example Request: Controller Node POST https://<nsx-mgr>/api/v1/cluster/nodes?action=add_cluster_node { "external_id": "4c539859-1451-439a-a920-f64492863b16", "controller_role_config": { "type": "AddControllerNodeSpec", "host_msg_client_info": { "shared_secret": "secret1" }, "mpa_msg_client_info": { "shared_secret": "secret1" } } } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ClusterNodeConfig+

Example Response: Controller Node { "_revision": 0, "id": "7e36956a-85c4-4c3e-a883-8d26592146f1", "resource_type": "ClusterNodeConfig", "external_id": "4c539859-1451-439a-a920-f64492863b16", "controller_role": { "type": "ControllerClusterRoleConfig", "host_msg_client_info": { "account_name": "cvn-ccp-7e36956a-85c4-4c3e-a883-8d26592146f1" }, "mpa_msg_client_info": { "account_name": "cvn-ccp-mpa-abcdef12-85c4-4c3e-a883-8d26592146f1" }, "control_cluster_listen_addr": { "port": 0 }, "control_plane_listen_addr": { "port": 0 } }, "_create_time": 1416221408704, "_create_user": "system", "_last_modified_user": "system", "_last_modified_time": 1416221408704 } Required Permissions: crud Feature: cluster_management Additional Errors:

List Cluster Node Configurations (Deprecated)

Returns information about all NSX cluster nodes.
Deprecated. Use GET /cluster to get cluster configuration.
Request:
Method:
GET
URI Path:
/api/v1/cluster/nodes
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/nodes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterNodeConfigListResult+

Example Response: { "result_count": 3, "results": [ { "resource_type": "ClusterNodeConfig", "id": "4206C988-8227-CEE9-D9AF-1C581AD84A03", "display_name": "4206C988-8227-CEE9-D9AF-1C581AD84A03", "manager_role": { "type": "ManagementClusterRoleConfig", "mgmt_cluster_listen_addr": { "port": 9090, "certificate_sha256_thumbprint": "64b99fac51f5b8996b158fc8c18af8d9379f6faa9b127a933446c701df809d24", "certificate": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "ip_address": "192.168.110.48" }, "mpa_msg_client_info": { "account_name": "cvn-mp-mpa-5d1212b4-6e1e-47d4-b9e7-2e38e018b8f2" }, "api_listen_addr": { "port": 443, "certificate_sha256_thumbprint": "e4c359bfb8f7ca827173effe52a726cf1df0209b7035a98a773a827a5b3365bd", "certificate": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "ip_address": "192.168.110.48" }, "mgmt_plane_listen_addr": { "port": 5671, "certificate_sha256_thumbprint": "7eda54d0dcee4463573f40b1869552f0e248dd47b9d6b47b727459b0ab0c40ba", "certificate": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "ip_address": "192.168.110.48" }, "appliance_connection_info" : { "ip_address" : "192.168.110.48", "port" : 1234, "certificate" : "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "certificate_sha256_thumbprint" : "b53e8e59ea8832d3afdc75a9baa68e73c29c199258c390474afe4fb11f821eeb", "service_endpoint_uuid" : "4ed8b446-260a-44ad-9cb7-76b07350ac43", "entities_hosted" : [ { "entity_type" : "MP", "entity_uuid" : "b46041ce-4c34-4639-891a-24b68c33c8db" } ] }, }, "appliance_mgmt_listen_addr": "192.168.110.48", "external_id": "4206C988-8227-CEE9-D9AF-1C581AD84A03", "_create_time": 1445540755333, "_last_modified_user": "node-mgmt", "_system_owned": false, "_last_modified_time": 1445540868201, "_create_user": "admin", "_revision": 5 }, { "resource_type": "ClusterNodeConfig", "id": "4206A8C8-36D0-F37E-54F0-76D206541B9C", "display_name": "4206A8C8-36D0-F37E-54F0-76D206541B9C", "manager_role": { "type": "ManagementClusterRoleConfig", "mgmt_cluster_listen_addr": { "port": 9090, "certificate_sha256_thumbprint": "f082b28c306c045f8663f9cf759fc047410e465c3403c05682f4fb2cafb961f8", "certificate": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "ip_address": "192.168.110.49" }, "mpa_msg_client_info": { "account_name": "cvn-mp-mpa-318813d1-e23f-4906-b5e3-ebb30f6f93ea" }, "api_listen_addr": { "port": 443, "certificate_sha256_thumbprint": "8fda7907ed769628887ccc55d4fc9391febad9ce8556ca78dc7abe0025e5571a", "certificate": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "ip_address": "192.168.110.49" }, "mgmt_plane_listen_addr": { "port": 5671, "certificate_sha256_thumbprint": "e93e093fe7e25d11eb4b5b0799d90e1285f7d87f333b2bcac3a32b65cd9ae6c8", "certificate": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "ip_address": "192.168.110.49" } "appliance_connection_info" : { "ip_address" : "192.168.110.49", "port" : 1234, "certificate" : "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "certificate_sha256_thumbprint" : "b53e8e59ea8832d3afdc75a9baa68e73c29c199258c390474afe4fb11f821eec", "service_endpoint_uuid" : "4ed8b446-260a-44ad-9cb7-76b07350ac44", "entities_hosted" : [ { "entity_type" : "MP", "entity_uuid" : "b46041ce-4c34-4639-891a-24b68c33c8dc" } ] }, }, "appliance_mgmt_listen_addr": "192.168.110.49", "external_id": "4206A8C8-36D0-F37E-54F0-76D206541B9C", "_create_time": 1445473397114, "_last_modified_user": "node-mgmt", "_system_owned": false, "_last_modified_time": 1445473423066, "_create_user": "system", "_revision": 1 }, { "resource_type": "ClusterNodeConfig", "id": "4206D639-8620-96DB-2A5A-F3DFEB4C03C0", "display_name": "4206D639-8620-96DB-2A5A-F3DFEB4C03C0", "manager_role": { "type": "ManagementClusterRoleConfig", "mgmt_cluster_listen_addr": { "port": 9090, "certificate_sha256_thumbprint": "923314e232c29ba15aef12c8e9df44a5ddfb206479d66ac13f9a47f78b7fcc02", "certificate": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "ip_address": "192.168.110.50" }, "mpa_msg_client_info": { "account_name": "cvn-mp-mpa-7deeae7c-b52c-49ce-b9da-4b05e46ba0d7" }, "api_listen_addr": { "port": 443, "certificate_sha256_thumbprint": "a5778682201f1256f385372fd803ceef1913b54617d442d311d17559bd13620e", "certificate": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "ip_address": "192.168.110.50" }, "mgmt_plane_listen_addr": { "port": 5671, "certificate_sha256_thumbprint": "f99a8263bae620ca0f4bd0e97398ddeb0456412d491a6f5c204fa01cd81febf6", "certificate": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "ip_address": "192.168.110.50" } "appliance_connection_info" : { "ip_address" : "192.168.110.50", "port" : 1234, "certificate" : "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "certificate_sha256_thumbprint" : "b53e8e59ea8832d3afdc75a9baa68e73c29c199258c390474afe4fb11f821eed", "service_endpoint_uuid" : "4ed8b446-260a-44ad-9cb7-76b07350ac45", "entities_hosted" : [ { "entity_type" : "MP", "entity_uuid" : "b46041ce-4c34-4639-891a-24b68c33c8dd" } ] }, }, "appliance_mgmt_listen_addr": "192.168.110.50", "external_id": "4206D639-8620-96DB-2A5A-F3DFEB4C03C0", "_create_time": 1445540972020, "_last_modified_user": "node-mgmt", "_system_owned": false, "_last_modified_time": 1445541093369, "_create_user": "admin", "_revision": 3 } ] } Required Permissions: read Feature: cluster_management Additional Errors:

Read Cluster Node Configuration (Deprecated)

Returns information about the specified NSX cluster node.
Deprecated. Use GET /cluster/ to get cluster node configuration.
Request:
Method:
GET
URI Path:
/api/v1/cluster/nodes/<node-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/nodes/4206C988-8227-CEE9-D9AF-1C581AD84A03 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterNodeConfig+

Example Response: { "resource_type": "ClusterNodeConfig", "id": "4206C988-8227-CEE9-D9AF-1C581AD84A03", "display_name": "4206C988-8227-CEE9-D9AF-1C581AD84A03", "manager_role": { "type": "ManagementClusterRoleConfig", "mgmt_cluster_listen_addr": { "port": 9090, "certificate_sha256_thumbprint": "64b99fac51f5b8996b158fc8c18af8d9379f6faa9b127a933446c701df809d24", "certificate": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "ip_address": "192.168.110.48" }, "mpa_msg_client_info": { "account_name": "cvn-mp-mpa-5d1212b4-6e1e-47d4-b9e7-2e38e018b8f2" }, "api_listen_addr": { "port": 443, "certificate_sha256_thumbprint": "e4c359bfb8f7ca827173effe52a726cf1df0209b7035a98a773a827a5b3365bd", "certificate": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "ip_address": "192.168.110.48" }, "mgmt_plane_listen_addr": { "port": 5671, "certificate_sha256_thumbprint": "7eda54d0dcee4463573f40b1869552f0e248dd47b9d6b47b727459b0ab0c40ba", "certificate": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "ip_address": "192.168.110.48" }, "appliance_connection_info" : { "ip_address" : "192.168.110.49", "port" : 1234, "certificate" : "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", "certificate_sha256_thumbprint" : "b53e8e59ea8832d3afdc75a9baa68e73c29c199258c390474afe4fb11f821eec", "service_endpoint_uuid" : "4ed8b446-260a-44ad-9cb7-76b07350ac44", "entities_hosted" : [ { "entity_type" : "MP", "entity_uuid" : "b46041ce-4c34-4639-891a-24b68c33c8dc" } ] }, }, "appliance_mgmt_listen_addr": "192.168.110.48", "external_id": "4206C988-8227-CEE9-D9AF-1C581AD84A03", "_create_time": 1445540755333, "_last_modified_user": "node-mgmt", "_system_owned": false, "_last_modified_time": 1445540868201, "_create_user": "admin", "_revision": 5 } Required Permissions: read Feature: cluster_management Additional Errors:

Remove a controller from the cluster (Deprecated)

Removes the specified controller from the NSX cluster. Before you can
remove a controller from the cluster, you must shut down the controller
service with the "stop service controller" command.
Deprecated. Use POST /cluster/?action=remove_node
to detach a node from cluster. The controller is removed with the node.
Request:
Method:
DELETE
URI Path:
/api/v1/cluster/nodes/<node-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/cluster/nodes/4845ae38-af61-4205-9998-5b0a026bb27e Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: cluster_management Additional Errors:

List the specified node's Network Interfaces

Returns the number of interfaces on the node and detailed
information about each interface. Interface information includes MTU,
broadcast and host IP addresses, link and admin status, MAC address, network
mask, and the IP configuration method (static or DHCP).
Request:
Method:
GET
URI Path:
/api/v1/cluster/nodes/<node-id>/network/interfaces
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/nodes/<node-id>/network/interfaces Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeInterfacePropertiesListResult+

Example Response: { "result_count": 2, "results": [ { "interface_alias": [ { "physical_address": "00:50:56:b1:d5:e0", "netmask": "255.255.255.0", "ip_address": "192.168.110.31", "ip_configuration": "STATIC", "broadcast_address": "192.168.110.255" } ], "interface_id": "eth0", "admin_status": "UP", "link_status": "UP", "source": "cached", "mtu": 1500 }, { "interface_alias": [ { "physical_address": "00:00:00:00:00:00", "netmask": "255.0.0.0", "ip_address": "127.0.0.1", "ip_configuration": "NOT_CONFIGURED", "broadcast_address": "0.0.0.0" } ], "interface_id": "lo", "admin_status": "UP", "link_status": "UP", "source": "cached", "mtu": 65536 } ] } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Read the node's Network Interface

Returns detailed information about the specified interface. Interface
information includes MTU, broadcast and host IP addresses, link and admin
status, MAC address, network mask, and the IP configuration method (static
or DHCP).
Request:
Method:
GET
URI Path:
/api/v1/cluster/nodes/<node-id>/network/interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/nodes/<node-id>/network/interfaces/eth0 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeInterfaceProperties+

Example Response: { "interface_alias": [ { "physical_address": "00:50:56:b1:d5:e0", "netmask": "255.255.255.0", "ip_address": "192.168.110.31", "ip_configuration": "STATIC", "broadcast_address": "192.168.110.255" } ], "interface_id": "eth0", "admin_status": "UP", "link_status": "UP", "source": "cached", "mtu": 1500 } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Read the NSX Manager/Controller's Network Interface Statistics

On the specified interface, returns the number of received (rx), transmitted
(tx), and dropped packets; the number of bytes and errors received and
transmitted on the interface; and the number of detected collisions.
Request:
Method:
GET
URI Path:
/api/v1/cluster/nodes/<node-id>/network/interfaces/<interface-id>/stats
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/nodes/<node-id>/network/interfaces/<interface-id>/stats Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeInterfaceStatisticsProperties+

Example Response: { "tx_errors": 0, "rx_frame": 0, "tx_carrier": 0, "tx_bytes": 31611, "rx_dropped": 1813, "tx_packets": 261, "rx_packets": 91656, "interface_id": "mgmt", "tx_dropped": 0, "tx_colls": 0, "rx_errors": 0, "rx_bytes": 7360718 } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Read cluster node runtime status

Read aggregated runtime status of cluster node.
Request:
Method:
GET
URI Path:
/api/v1/cluster/nodes/<node-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/nodes/<node-id>/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterNodeStatus+

Example Response: { "system_status": { "mem_used": 2498348, "system_time": 1445560337000, "file_systems": [ { "file_system": "/dev/sda2", "total": 4790588, "used": 1652564, "type": "ext4", "mount": "/" }, { "file_system": "none", "total": 4, "used": 0, "type": "tmpfs", "mount": "/sys/fs/cgroup" }, { "file_system": "udev", "total": 8206636, "used": 4, "type": "devtmpfs", "mount": "/dev" }, { "file_system": "tmpfs", "total": 1643052, "used": 716, "type": "tmpfs", "mount": "/run" }, { "file_system": "none", "total": 5120, "used": 0, "type": "tmpfs", "mount": "/run/lock" }, { "file_system": "none", "total": 8215252, "used": 0, "type": "tmpfs", "mount": "/run/shm" }, { "file_system": "none", "total": 102400, "used": 0, "type": "tmpfs", "mount": "/run/user" }, { "file_system": "/dev/sda1", "total": 967320, "used": 32672, "type": "ext4", "mount": "/boot" }, { "file_system": "/dev/sda3", "total": 4790588, "used": 9784, "type": "ext4", "mount": "/os_bak" }, { "file_system": "/dev/mapper/nsx-config", "total": 3869352, "used": 7808, "type": "ext4", "mount": "/config" }, { "file_system": "/dev/mapper/nsx-config__bak", "total": 3869352, "used": 7800, "type": "ext4", "mount": "/config_bak" }, { "file_system": "/dev/mapper/nsx-tmp", "total": 3869352, "used": 7944, "type": "ext4", "mount": "/tmp" }, { "file_system": "/dev/mapper/nsx-image", "total": 9710112, "used": 21988, "type": "ext4", "mount": "/image" }, { "file_system": "/dev/mapper/nsx-repository", "total": 24473988, "used": 180108, "type": "ext4", "mount": "/repository" }, { "file_system": "/dev/mapper/nsx-var", "total": 9710112, "used": 163268, "type": "ext4", "mount": "/var" } ], "load_average": [ 0.07000000029802322, 0.3700000047683716, 0.3499999940395355 ], "swap_total": 3997692, "mem_cache": 381336, "cpu_cores": 4, "source": "cached", "mem_total": 16430504, "swap_used": 0, "uptime": 91774000 }, "mgmt_cluster_status": { "mgmt_cluster_status": "CONNECTED" }, "version": "1.0.0.0.0.3154214" } Required Permissions: read Feature: cluster_management Additional Errors:

Read cluster runtime status (Deprecated)

Read aggregated runtime status of all cluster nodes.
Deprecated. Use GET /cluster/status instead.
Request:
Method:
GET
URI Path:
/api/v1/cluster/nodes/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClustersAggregateInfo+

Required Permissions: read Feature: cluster_management Additional Errors:

Read Cluster Status

Returns status information for the NSX cluster control role and management
role.
Request:
Method:
GET
URI Path:
/api/v1/cluster/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterStatus+

Example Response: { "control_cluster_status": { "status": "STABLE" }, "mgmt_cluster_status": { "online_nodes": [ { "mgmt_cluster_listen_ip_address": "192.168.110.31", "uuid": "42311EA1-D13F-C347-A2E4-7821B20F31BE" } ], "status": "STABLE" } } Required Permissions: read Feature: cluster_management Additional Errors:

Join this node to a NSX Cluster

Request:
Method:
POST
URI Path:
/api/v1/cluster?action=join_cluster
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
JoinClusterParameters+

Example Request: POST https://<nsx-mgr>/api/v1/cluster?action=join_cluster { "cluster_id": "066a0a85-9bd9-483d-8622-936aa9dffdbe", "ip_address": "10.145.162.255", "username": "admin", "password": "password1", "certficate_sha256_thumbprint": "f656452785a13d8e1431984a0a5137f1e27cdfa43e1cb08f46051a66733ca1b8" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterConfiguration+

Required Permissions: crud Feature: cluster_management Additional Errors:

Management Plane API: NSX Component Administration: NSX Administration

Associated URIs:

Update NSX Management nodes global configuration

Modifies the NSX Management nodes global configuration. Request:
Method:
PUT
URI Path:
/api/v1/configs/management
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ManagementConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/configs/management { "publish_fqdns": true, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ManagementConfig+

Example Response: { "publish_fqdns": true, "_revision": 1 } Required Permissions: crud Feature: manager Additional Errors:

Read NSX Management nodes global configuration.

Returns the NSX Management nodes global configuration.
Request:
Method:
GET
URI Path:
/api/v1/configs/management
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/configs/management Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ManagementConfig+

Example Response: { "publish_fqdns": true, "_revision": 0 } Required Permissions: read Feature: manager Additional Errors:

Management Plane API: NSX Component Administration: System Properties

Associated URIs:

Management plane this controller is communicating with (Experimental)

Request:
Method:
GET
URI Path:
/api/v1/node/management-plane
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ManagementPlaneProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Update management plane configuration (Experimental)

Request:
Method:
PUT
URI Path:
/api/v1/node/management-plane
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ManagementPlaneProperties+

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ManagementPlaneProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Delete the management_plane config

Request:
Method:
DELETE
URI Path:
/api/v1/node/management-plane
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

Delete the MPA config file

Request:
Method:
DELETE
URI Path:
/api/v1/node/mpa-config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: system_administration Additional Errors:

MPA config for the management plane this node is communicating with (Experimental)

Request:
Method:
GET
URI Path:
/api/v1/node/mpa-config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MPAConfigProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Update management plane agent configuration (Experimental)

Request:
Method:
PUT
URI Path:
/api/v1/node/mpa-config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MPAConfigProperties+

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MPAConfigProperties+

Required Permissions: crud Feature: system_administration Additional Errors:

Management Plane API: NSX Component Administration: Trust Management

Associated URIs:

Return the Properties of a Trust Manager

Returns information about the supported algorithms and key sizes. Request:
Method:
GET
URI Path:
/api/v1/trust-management
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/trust-management Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TrustManagementData+

Example Response: { "supported_algorithms": [ { "key_size": [ 2048, 3072 ], "name": "RSA" }, { "key_size": [ 2048 ], "name": "DSA" } ] } Required Permissions: read Feature: trust_certificates Additional Errors:

Create a Crl Distribution Point

Create an entity that will represent a Crl Distribution Point
Request:
Method:
POST
URI Path:
/api/v1/trust-management/crl-distribution-points
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
CrlDistributionPoint+

Example Request: POST https://<nsx-mgr>/api/v1/trust-management/crl-distribution-points { "issuer": "/C=US/ST=CA/O=NSX Test/OU=Platform Dev/CN=NSX Test Intermediate-CA", "cdp_uri": "URI:http://www.example.com/intermediate/intermediate.crl.pem" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
CrlDistributionPoint+

Example Response: { "issuer": "/C=US/ST=CA/O=NSX Test/OU=Platform Dev/CN=NSX Test Intermediate-CA", "cdp_uri": "URI:http://www.example.com/intermediate/intermediate.crl.pem", "_last_modified_time": 1413386249116, "_create_time": 1413386249116, "_create_user": "admin", "_last_modified_user": "admin" } Required Permissions: crud Feature: trust_crls Additional Errors:

Return the list of CrlDistributionPoints

Request:
Method:
GET
URI Path:
/api/v1/trust-management/crl-distribution-points
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/trust-management/crl-distribution-points Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CrlDistributionPointList+

Example Response: { "result_count": 2, "results": [ { "id": "abd3032d-728e-44d4-9914-d4f81c9972cc", "issuer": "/C=US/ST=CA/O=NSX Test/OU=Platform Dev/CN=NSX Test Intermediate-CA", "cdp_uri": "http://www.example.com/intermediate/intermediate.crl.pem", "_last_modified_time": 1413386249116, "_create_time": 1413386249116, "_create_user": "admin", "_last_modified_user": "admin" }, { "id": "dba3032d-728e-44d4-9914-d4f81c99cc27", "issuer": "/C=US/ST=CA/O=NSX/OU=NSBU/CN=nsx.vmware.com", "cdp_uri": "http://www.vmware.com/intermediate/intermediate.crl.pem", "_last_modified_time": 1413386249116, "_create_time": 1413386249116, "_create_user": "admin", "_last_modified_user": "admin" } ] } Required Permissions: read Feature: trust_crls Additional Errors:

Update CrlDistributionPoint with This allows updating the ManagedResource fields.

Request:
Method:
PUT
URI Path:
/api/v1/trust-management/crl-distribution-points/<crl-distribution-point-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
CrlDistributionPoint+

Example Request: PUT https://<nsx-mgr>/api/v1/trust-management/crl-distribution-points/abd3032d-728e-44d4-9914-d4f81c9972cc { "id": "abd3032d-728e-44d4-9914-d4f81c9972cc", "issuer": "/C=US/ST=CA/O=NSX Test/OU=Platform Dev/CN=NSX Test Intermediate-CA", "cdp_uri": "URI:http://www.example.com/intermediate/intermediate.crl.pem", "description": "some-description", "_revision": "0" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CrlDistributionPoint+

Example Response: { "id": "abd3032d-728e-44d4-9914-d4f81c9972cc", "issuer": "/C=US/ST=CA/O=NSX Test/OU=Platform Dev/CN=NSX Test Intermediate-CA", "cdp_uri": "URI:http://www.example.com/intermediate/intermediate.crl.pem", "_last_modified_time": 1413386249116, "_create_time": 1413386249116, "_create_user": "admin", "_last_modified_user": "admin" "description": "some-description", "_revision": "1" } Required Permissions: crud Feature: trust_crls Additional Errors:

Delete a CrlDistributionPoint

Delete a CrlDistributionPoint. It does not delete the actual CRL.
Request:
Method:
DELETE
URI Path:
/api/v1/trust-management/crl-distribution-points/<crl-distribution-point-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/trust-management/crl-distribution-points/ebd3032d-728e-44d4-9914-d4f81c9972cb Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: trust_crls Additional Errors:

Return the CrlDistributionPoint with

Request:
Method:
GET
URI Path:
/api/v1/trust-management/crl-distribution-points/<crl-distribution-point-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/trust-management/crl-distribution-points/abd3032d-728e-44d4-9914-d4f81c9972cc Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CrlDistributionPoint+

Example Response: { "id": "abd3032d-728e-44d4-9914-d4f81c9972cc", "issuer": "/C=US/ST=CA/O=NSX Test/OU=Platform Dev/CN=NSX Test Intermediate-CA", "cdp_uri": "URI:http://www.example.com/intermediate/intermediate.crl.pem", "_last_modified_time": 1413386249116, "_create_time": 1413386249116, "_create_user": "admin", "_last_modified_user": "admin" } Required Permissions: read Feature: trust_crls Additional Errors:

Return the status of the CrlDistributionPoint

Request:
Method:
GET
URI Path:
/api/v1/trust-management/crl-distribution-points/<crl-distribution-point-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/trust-management/crl-distribution-points/abd3032d-728e-44d4-9914-d4f81c9972cc/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CrlDistributionPointStatus+

Example Response: { "status": "ready" } Required Permissions: read Feature: trust_crls Additional Errors:

Return stored CRL in PEM format

Request:
Method:
POST
URI Path:
/api/v1/trust-management/crl-distribution-points/pem-file
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
CrlPemRequestType+

Example Request: POST https://<nsx-mgr>/api/v1/trust-management/crl-distribution-points/pem-file { "cdp_uri": "http://www.example.com/intermediate/intermediate.crl.pem" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/plain;charset=UTF-8
Response Body:
string

Example Response: -----BEGIN X509 CRL----------END X509 CRL----- Required Permissions: read Feature: trust_crls Additional Errors:

Register a name-certificate combination. (Deprecated)

Associates a principal's name with a certificate that is used to authenticate.
Deprecated, use POST /trust-management/principal-identities/with-certificate instead.
Request:
Method:
POST
URI Path:
/api/v1/trust-management/principal-identities
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PrincipalIdentity+

Example Request: POST https://<nsx-mgr>/api/v1/trust-management/principal-identities { "name": "open-stack", "node_id": "node-2", "role": "enterprise_admin", "is_protected": "true", "certificate_id" : "abd3032d-728e-44d4-9914-d4f81c9972cc" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
PrincipalIdentity+

Example Response: { "id": "ebd3032d-728e-44d4-9914-d4f81c9972cb", "name": "open-stack", "node_id": "node-2", "permission_group": "undefined", "role": "enterprise_admin", "is_protected": "true", "certificate_id" : "abd3032d-728e-44d4-9914-d4f81c9972cc" } Required Permissions: crud Feature: trust_principal_identities Additional Errors:

Return the list of principal identities

Returns the list of principals registered with a certificate. Request:
Method:
GET
URI Path:
/api/v1/trust-management/principal-identities
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/trust-management/principal-identities Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PrincipalIdentityList+

Example Response: { [ { "id": "ebd3032d-728e-44d4-9914-d4f81c9972cb", "name": "web-ui", "node_id": "node-1", "permission_group": "read_write_api_users", "role": "enterprise_admin", "is_protected": "true", "certificate_id" : "bbd3032d-728e-44d4-9914-d4f81c9972cc" }, { "id" : "ebd3032d-728e-44d4-9914-d4f81c6783ed", "name": "open-stack", "node_id": "node-2", "permission_group": "undefined", "role": "enterprise_admin", "is_protected": "true", "certificate_id" : "cbd3032d-728e-44d4-9914-d4f81c9972cc" } ] } Required Permissions: read Feature: trust_principal_identities Additional Errors:

Delete a principal identity

Delete a principal identity. It does not delete the certificate.
Request:
Method:
DELETE
URI Path:
/api/v1/trust-management/principal-identities/<principal-identity-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/trust-management/principal-identities/ebd3032d-728e-44d4-9914-d4f81c9972cb Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: trust_principal_identities Additional Errors:

Get a Principal Identity

Get a stored principal identity
Request:
Method:
GET
URI Path:
/api/v1/trust-management/principal-identities/<principal-identity-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/trust-management/principal-identities/ebd3032d-728e-44d4-9914-d4f81c9972cb Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PrincipalIdentity+

Example Response: { "id": "ebd3032d-728e-44d4-9914-d4f81c9972cb", "name": "open-stack", "node_id": "node-2", "permission_group": "undefined", "role": "network_engineer", "is_protected": "false", "certificate_id" : "abd3032d-728e-44d4-9914-d4f81c9972cc" } Required Permissions: read Feature: trust_principal_identities Additional Errors:

Register a name-certificate combination.

Create a Principal Identity with a new, unused, certificate.
Request:
Method:
POST
URI Path:
/api/v1/trust-management/principal-identities/with-certificate
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PrincipalIdentityWithCertificate+

Example Request: POST https://<nsx-mgr>/api/v1/trust-management/principal-identities/with-certificate { "name": "open-stack", "node_id": "node-2", "role": "enterprise_admin", "is_protected": "true", "certificate_pem" : "-----BEGIN CERTIFICATE----------END CERTIFICATE-----" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
PrincipalIdentity+

Example Response: { "id": "ebd3032d-728e-44d4-9914-d4f81c9972cb", "name": "open-stack", "node_id": "node-2", "permission_group": "undefined", "role": "enterprise_admin", "is_protected": "true", "certificate_id" : "abd3032d-728e-44d4-9914-d4f81c9972cc" } Required Permissions: crud Feature: trust_principal_identities Additional Errors:

Update a Principal Identity's certificate

Update a principal identity's certificate
Request:
Method:
POST
URI Path:
/api/v1/trust-management/principal-identities?action=update_certificate
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
UpdatePrincipalIdentityCertificateRequest+

Example Request: POST https://<nsx-mgr>/api/v1/trust-management/principal-identities?action=update_certificate { "principal_identity_id": "ebd3032d-728e-44d4-9914-d4f81c9972cb", "certificate_id" : "abd3032d-728e-44d4-9914-d4f81c9972cc" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PrincipalIdentity+

Example Response: { "id": "ebd3032d-728e-44d4-9914-d4f81c9972cb", "name": "open-stack", "node_id": "node-2", "permission_group": "undefined", "role": "network_engineer", "is_protected": "false", "certificate_id" : "abd3032d-728e-44d4-9914-d4f81c9972cc" } Required Permissions: crud Feature: trust_principal_identities Additional Errors:

Management Plane API: NSX Component Administration: Trust Management: CRL

Associated URIs:

Return All Added CRLs

Returns information about all CRLs. For additional information, include the
?details=true modifier at the end of the request URI.
Request:
Method:
GET
URI Path:
/api/v1/trust-management/crls
Request Headers:
n/a
Query Parameters:
ListCertParameter+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/trust-management/crls Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CrlList+

Example Response: { "result_count": 1, "results": [ { "id": "ebd3032d-728e-44d4-9914-d4f81c9972cb", "display_name": "igloo Certificate Authority", "resource_type": "crl", "pem_encoded": "-----BEGIN X509 CRL----------END X509 CRL-----\n", "_last_modified_time": 1413387436438, "_create_time": 1413386249116, "_create_user": "admin", "_last_modified_user": "admin" } ] } Required Permissions: read Feature: trust_crls Additional Errors:

Delete a CRL

Deletes an existing CRL. Request:
Method:
DELETE
URI Path:
/api/v1/trust-management/crls/<crl-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/trust-management/crls/ebd3032d-728e-44d4-9914-d4f81c9972cb Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: trust_crls Additional Errors:

Update CRL for the Given CRL ID

Updates an existing CRL. Request:
Method:
PUT
URI Path:
/api/v1/trust-management/crls/<crl-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Crl+

Example Request: PUT https://<nsx-mgr>/api/v1/trust-management/crls/ebd3032d-728e-44d4-9914-d4f81c9972cb { "id": "ebd3032d-728e-44d4-9914-d4f81c9972cb", "display_name": "igloo Certificate Authority", "pem_encoded": "-----BEGIN X509 CRL----------END X509 CRL-----\n" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Crl+

Example Response: { "id": "ebd3032d-728e-44d4-9914-d4f81c9972cb", "display_name": "igloo Certificate Authority", "resource_type": "crl", "pem_encoded": "-----BEGIN X509 CRL----------END X509 CRL-----\n", "_last_modified_time": 1413387436438, "_create_time": 1413386249116, "_create_user": "admin", "_last_modified_user": "admin" } Required Permissions: crud Feature: trust_crls Additional Errors:

Show CRL Data for the Given CRL ID

Returns information about the specified CRL. For additional information,
include the ?details=true modifier at the end of the request URI.
Request:
Method:
GET
URI Path:
/api/v1/trust-management/crls/<crl-id>
Request Headers:
n/a
Query Parameters:
GetCertParameter+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/trust-management/crls/ebd3032d-728e-44d4-9914-d4f81c9972cb?details=true Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Crl+

Example Response: { "id": "ebd3032d-728e-44d4-9914-d4f81c9972cb", "display_name": "igloo Certificate Authority", "resource_type": "crl", "pem_encoded": "-----BEGIN X509 CRL----------END X509 CRL-----\n", "details": { "next_update": "945220365000", "issuer": "1.2.840.113549.1.9.1=#161d726f6f744069676c6f6f2e6974732e756e696d656c622e6564752e6175,CN=igloo Certificate Authority,OU=Certificates Administration,O=igloo CA,L=Melbourne,ST=Victoria,C=AU", "version": "1" }, "_last_modified_user": "admin", "_last_modified_time": 1413387436438, "_create_time": 1413386249116, "_create_user": "admin" } Required Permissions: read Feature: trust_crls Additional Errors:

Add a New Certificate Revocation List

Adds a new certificate revocation list (CRL). The CRL is used to verify the
client certificate status against the revocation lists published by the CA.
For this reason, the administrator needs to add the CRL in certificate
repository as well.
Request:
Method:
POST
URI Path:
/api/v1/trust-management/crls?action=import
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
CrlObjectData+

Example Request: POST https://<nsx-mgr>/api/v1/trust-management/crls?action=import { "pem_encoded": "-----BEGIN X509 CRL----------END X509 CRL-----\n" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
CrlList+

Example Response: { "results": [ { "id": "ebd3032d-728e-44d4-9914-d4f81c9972cb", "resource_type": "crl", "pem_encoded": "-----BEGIN X509 CRL----------END X509 CRL-----\n", "_last_modified_time": 1413386249116, "_create_time": 1413386249116, "_create_user": "admin", "_last_modified_user": "admin" } ] } Required Permissions: crud Feature: trust_crls Additional Errors:

Management Plane API: NSX Component Administration: Trust Management: CSR

Associated URIs:

Generate a New Certificate Signing Request

Creates a new certificate signing request (CSR). A CSR is encrypted text that
contains information about your organization (organization name, country,
and so on) and your Web server's public key, which is a public certificate
the is generated on the server that can be used to forward this request to a
certificate authority (CA). A private key is also usually created at the
same time as the CSR.
Request:
Method:
POST
URI Path:
/api/v1/trust-management/csrs
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Csr+

Example Request: POST https://<nsx-mgr>/api/v1/trust-management/csrs { "subject": { "attributes": [ {"key":"CN","value":"Jane"}, {"key":"O","value":"VMware"}, {"key":"OU","value":"NSBU"}, {"key":"C","value":"US"}, {"key":"ST","value":"CA"}, {"key":"L","value":"PA"} ] }, "key_size": "2048", "algorithm": "RSA" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
Csr+

Example Response: { "id": "f1a858e1-fe70-41d0-a53b-32c43cec280f", "resource_type": "csr", "pem_encoded": "-----BEGIN CERTIFICATE REQUEST----------END CERTIFICATE REQUEST-----\n", "key_size": 2048, "subject": { "attributes": [ { "value": "Jane", "key": "CN" }, { "value": "VMware", "key": "O" }, { "value": "NSBU", "key": "OU" }, { "value": "US", "key": "C" }, { "value": "CA", "key": "ST" }, { "value": "PA", "key": "L" } ] }, "algorithm": "RSA", "_last_modified_time": 1413371717767, "_create_time": 1413371717767, "_create_user": "admin", "_last_modified_user": "admin" } Required Permissions: crud Feature: trust_csrs Additional Errors:

Return All the Generated CSRs

Returns information about all of the CSRs that have been created. Request:
Method:
GET
URI Path:
/api/v1/trust-management/csrs
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/trust-management/csrs Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CsrList+

Example Response: { "result_count": 2, "results": [ { "id": "f1a858e1-fe70-41d0-a53b-32c43cec280f", "resource_type": "csr", "pem_encoded": "-----BEGIN CERTIFICATE REQUEST----------END CERTIFICATE REQUEST-----\n", "key_size": 2048, "subject": { "attributes": [ { "value": "Jane", "key": "CN" }, { "value": "VMware", "key": "O" }, { "value": "NSBU", "key": "OU" }, { "value": "US", "key": "C" }, { "value": "CA", "key": "ST" }, { "value": "PA", "key": "L" } ] }, "algorithm": "RSA", "_last_modified_time": 1413371717767, "_create_time": 1413371717767, "_create_user": "admin", "_last_modified_user": "admin" }, { "id": "351bf766-dcd3-477a-87bb-e72139f77396", "resource_type": "csr", "pem_encoded": "-----BEGIN CERTIFICATE REQUEST----------END CERTIFICATE REQUEST-----\n", "key_size": 2048, "subject": { "attributes": [ { "value": "Joe", "key": "CN" }, { "value": "VMware", "key": "O" }, { "value": "NSBU", "key": "OU" }, { "value": "US", "key": "C" }, { "value": "CA", "key": "ST" }, { "value": "PA", "key": "L" } ] }, "algorithm": "DSA", "_last_modified_time": 1413384517993, "_create_time": 1413384517993, "_create_user": "admin", "_last_modified_user": "admin" } ] } Required Permissions: read Feature: trust_csrs Additional Errors:

Show CSR Data for the Given CSR ID

Returns information about the specified CSR. Request:
Method:
GET
URI Path:
/api/v1/trust-management/csrs/<csr-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/trust-management/csrs/170b0f6c-653b-4dcc-92bf-0ab8f3a00b08 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Csr+

Example Response: { "id": "170b0f6c-653b-4dcc-92bf-0ab8f3a00b08", "resource_type": "csr", "pem_encoded": "-----BEGIN CERTIFICATE REQUEST----------END CERTIFICATE REQUEST-----\n", "key_size": 2048, "subject": { "attributes": [ { "value": "Jane", "key": "CN" }, { "value": "VMware", "key": "O" }, { "value": "NSBU", "key": "OU" }, { "value": "US", "key": "C" }, { "value": "CA", "key": "ST" }, { "value": "PA", "key": "L" } ] }, "algorithm": "RSA", "_last_modified_time": 1413382501591, "_create_time": 1413382501591, "_create_user": "admin", "_last_modified_user": "admin" } Required Permissions: read Feature: trust_csrs Additional Errors:

Delete a CSR

Removes a specified CSR. If a CSR is not used for verification, you can
delete it. Note that the CSR import and upload POST actions automatically
delete the associated CSR.
Request:
Method:
DELETE
URI Path:
/api/v1/trust-management/csrs/<csr-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/trust-management/csrs/351bf766-dcd3-477a-87bb-e72139f77396 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: trust_csrs Additional Errors:

Get CSR PEM File for the Given CSR ID

Downloads the CSR PEM file for a specified CSR. Clients must include an Accept: text/plain request header. Request:
Method:
GET
URI Path:
/api/v1/trust-management/csrs/<csr-id>/pem-file
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/trust-management/csrs/f1a858e1-fe70-41d0-a53b-32c43cec280f/pem-file Accept: text/plain Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/plain;charset=UTF-8
Response Body:
string

Example Response: -----BEGIN CERTIFICATE REQUEST----------END CERTIFICATE REQUEST----- Required Permissions: read Feature: trust_csrs Additional Errors:

Import a Certificate Associated with an Approved CSR

Imports a certificate authority (CA)-signed certificate for a CSR. This
action links the certificate to the private key created by the CSR. The
pem_encoded string in the request body is the signed certificate provided by
your CA in response to the CSR that you provide to them. The import POST
action automatically deletes the associated CSR.
Request:
Method:
POST
URI Path:
/api/v1/trust-management/csrs/<csr-id>?action=import
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TrustObjectData+

Example Request: POST https://<nsx-mgr>/api/v1/trust-management/csrs/f1a858e1-fe70-41d0-a53b-32c43cec280f?action=import { "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
CertificateList+

Required Permissions: crud Feature: trust_csrs Additional Errors:

Self-Sign the CSR

Self-signs the previously generated CSR. This action is similar to the
import certificate action, but instead of using a public certificate signed
by a CA, the self_sign POST action uses a certificate that is signed with
NSX's own private key.
Request:
Method:
POST
URI Path:
/api/v1/trust-management/csrs/<csr-id>?action=self_sign
Request Headers:
n/a
Query Parameters:
SelfSignedActionParameter+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/trust-management/csrs/xxxx?action=self_sign "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n" Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
Certificate+

Example Response: { "id": "1b522350-832b-464b-9295-dff599dd5594", "resource_type": "certificate_self_signed", "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n", "_last_modified_time": 1413382597133, "_create_time": 1413382597133, "_create_user": "admin", "_last_modified_user": "admin" } Required Permissions: crud Feature: trust_csrs Additional Errors:

Upload the Certificate PEM File Signed by the CA Associated with a CSR

Uploads the certificate authority (CA)-signed certificate. After you send
the certificate request to the CA of your choice, and the CA sends back the
signed certificate, you can use the upload POST action to upload the signed
certificate. The upload action is similar to the import action, but the
upload action allows you to directly upload the PEM-encoded file (signed
certificate) provided by the CA. Like the import POST action, the upload
POST action automatically deletes the associated CSR.
Request:
Method:
POST
URI Path:
/api/v1/trust-management/csrs/<csr-id>?action=upload
Request Headers:
n/a
Query Parameters:
PemFile+
Request Body:
n/a

Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
CertificateList+

Required Permissions: crud Feature: trust_csrs Additional Errors:

Management Plane API: NSX Component Administration: Trust Management: Certificate

Associated URIs:

Return All the User-Facing Components' Certificates

Returns all certificate information viewable by the user, including each
certificate's UUID; resource_type (for example, certificate_self_signed,
certificate_ca, or certificate_signed); pem_encoded data; and history of the
certificate (who created or modified it and when). For additional
information, include the ?details=true modifier at the end of the request
URI.
Request:
Method:
GET
URI Path:
/api/v1/trust-management/certificates
Request Headers:
n/a
Query Parameters:
ListCertParameter+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/trust-management/certificates Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CertificateList+

Example Response: { "result_count": 2, "results": [ { "id": "2e15955d-acd1-4f49-abae-0c6ea65bf437", "resource_type": "certificate_ca", "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n", "_last_modified_time": 1413369285797, "_create_time": 1413369285797, "_create_user": "admin", "_last_modified_user": "admin" }, { "id": "506d00d6-bfd5-4ebe-8b7f-0236f8de4792", "resource_type": "certificate_signed", "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n", "_last_modified_time": 1413369285811, "_create_time": 1413369285811, "_create_user": "admin", "_last_modified_user": "admin" } ] } Required Permissions: read Feature: trust_certificates Additional Errors:

Delete Certificate for the Given Certificate ID

Removes the specified certificate. The private key associated with the
certificate is also deleted.
Request:
Method:
DELETE
URI Path:
/api/v1/trust-management/certificates/<cert-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/trust-management/certificates/7ded7754-a2fb-48cd-b534-f1f4a980d827 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: trust_certificates Additional Errors:

Show Certificate Data for the Given Certificate ID

Returns information for the specified certificate ID, including the
certificate's UUID; resource_type (for example, certificate_self_signed,
certificate_ca, or certificate_signed); pem_encoded data; and history of the
certificate (who created or modified it and when). For additional
information, include the ?details=true modifier at the end of the request
URI.
Request:
Method:
GET
URI Path:
/api/v1/trust-management/certificates/<cert-id>
Request Headers:
n/a
Query Parameters:
GetCertParameter+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/trust-management/certificates/506d00d6-bfd5-4ebe-8b7f-0236f8de4792 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Certificate+

Example Response: { "id": "506d00d6-bfd5-4ebe-8b7f-0236f8de4792", "resource_type": "certificate_signed", "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n", "_last_modified_time": 1413369285811, "_create_time": 1413369285811, "_create_user": "admin", "_last_modified_user": "admin" } Required Permissions: read Feature: trust_certificates Additional Errors:

Add a New Certificate

Adds a new private-public certificate or a chain of certificates (CAs) and,
optionally, a private key that can be applied to one of the user-facing
components (appliance management or edge). The certificate and the key
should be stored in PEM format. If no private key is provided, the
certificate is used as a client certificate in the trust store.
Request:
Method:
POST
URI Path:
/api/v1/trust-management/certificates?action=import
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TrustObjectData+

Example Request: POST https://<nsx-mgr>/api/v1/trust-management/certificates?action=import { "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n", "private_key": "-----BEGIN RSA PRIVATE KEY----------END RSA PRIVATE KEY-----\n", "passphrase": "1234" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
CertificateList+

Example Response: { "results": [ { "id": "2e15955d-acd1-4f49-abae-0c6ea65bf437", "resource_type": "certificate_ca", "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n", "_last_modified_time": 1413369285797, "_create_time": 1413369285797, "_create_user": "admin", "_last_modified_user": "admin" }, { "id": "506d00d6-bfd5-4ebe-8b7f-0236f8de4792", "resource_type": "certificate_signed", "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n", "_last_modified_time": 1413369285811, "_create_time": 1413369285811, "_create_user": "admin", "_last_modified_user": "admin" } ] } Required Permissions: crud Feature: trust_certificates Additional Errors:

Management Plane API: NSX Notifications

Associated URIs:

Add a new notification watcher. (Experimental)

Add a new notification watcher. Request:
Method:
POST
URI Path:
/api/v1/notification-watchers
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NotificationWatcher+

Example Request: POST /api/v1/notification-watchers { "server": "10.0.0.1", "method": "POST", "uri": "/nsx-notifications", "authentication_scheme": { "scheme_name": "BASIC_AUTH", "username": "nsx_notification_user", "password": "eZHc7k5Z7Gsa" } } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
NotificationWatcher+

Example Response: { "id": "daabc688-3a90-4545-9af8-23e1b045e6f3", "server": "10.0.0.1", "method": "POST", "uri": "/nsx-notifications", "authentication_scheme": { "scheme_name": "BASIC_AUTH", "username": "nsx_notification_user" } } Required Permissions: crud Feature: manager Additional Errors:

Returns a list of registered notification watchers. (Experimental)

Returns a list of registered notification watchers. Request:
Method:
GET
URI Path:
/api/v1/notification-watchers
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/notification-watchers Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NotificationWatcherListResult+

Example Response: { "result_count": 2, "results": [ { "id": "daabc688-3a90-4545-9af8-23e1b045e6f3", "server": "10.0.0.1", "use_https": false, "method": "POST", "uri": "/nsx-notifications", "authentication_scheme": { "scheme_name": "BASIC_AUTH", "username": "nsx_notification_user" } }, { "id": "8af5d6d7-e8bc-454d-90bd-4824782216ea", "server": "172.16.0.1", "use_https": true, "certificate_sha256_thumbprint": "1348931efa93b1de760e8854782260283132685e7656d67bf442782912e5790f", "method": "POST", "uri": "/notifications?action=add_notification", "authentication_scheme": { "scheme_name": "CERTIFICATE", "certificate_id": "5e1a209d-5319-4342-9222-8809499c4927" } } ] } Required Permissions: read Feature: manager Additional Errors:

Delete an existing Notification-Watcher. (Experimental)

Delete notification watcher.
Request:
Method:
DELETE
URI Path:
/api/v1/notification-watchers/<watcher-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE /api/v1/notification-watchers/daabc688-3a90-4545-9af8-23e1b045e6f3 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: manager Additional Errors:

Returns notification watcher by watcher id. (Experimental)

Returns notification watcher by watcher id. Request:
Method:
GET
URI Path:
/api/v1/notification-watchers/<watcher-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET /api/v1/notification-watchers/daabc688-3a90-4545-9af8-23e1b045e6f3 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NotificationWatcher+

Example Response: { "id": "daabc688-3a90-4545-9af8-23e1b045e6f3", "server": "10.0.0.1", "use_https": false, "method": "POST", "uri": "/nsx-notifications", "authentication_scheme": { "scheme_name": "BASIC_AUTH", "username": "nsx_notification_user" } } Required Permissions: read Feature: manager Additional Errors:

Update notification watcher. (Experimental)

Update notification watcher. Request:
Method:
PUT
URI Path:
/api/v1/notification-watchers/<watcher-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NotificationWatcher+

Example Request: PUT /api/v1/notification-watchers/daabc688-3a90-4545-9af8-23e1b045e6f3 { "id": "daabc688-3a90-4545-9af8-23e1b045e6f3", "server": "10.0.0.1", "use_https": true, "certificate_sha256_thumbprint": "1348931efa93b1de760e8854782260283132685e7656d67bf442782912e5790f", "method": "POST", "uri": "/nsx-notifications", "authentication_scheme": { "scheme_name": "CERTIFICATE", "certificate_id": "5e1a209d-5319-4342-9222-8809499c4927" } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NotificationWatcher+

Example Response: { "id": "daabc688-3a90-4545-9af8-23e1b045e6f3", "server": "10.0.0.1", "use_https": true, "certificate_sha256_thumbprint": "1348931efa93b1de760e8854782260283132685e7656d67bf442782912e5790f", "method": "POST", "uri": "/nsx-notifications", "authentication_scheme": { "scheme_name": "CERTIFICATE", "certificate_id": "5e1a209d-5319-4342-9222-8809499c4927" } } Required Permissions: crud Feature: manager Additional Errors:

Update notifications for the specified watcher ID. (Experimental)

Update notifications for the specified watcher ID. Request:
Method:
PUT
URI Path:
/api/v1/notification-watchers/<watcher-id>/notifications
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
NotificationsList+

Example Request: PUT /api/v1/notification-watchers/daabc688-3a90-4545-9af8-23e1b045e6f3/notifications { "notifications": [ { "notification_id": "notification.watcher", "uri_filters": ["/api/v1/notification-watchers/e678b8e7-c18e-4703-9748-7aa1cd47b00a", "/api/v1/notification-watchers/2d17e151-342f-4a03-a28e-98e112c1560f"] } { "notification_id": "group.change_notification", "uri_filters": ["/infra/domains/cgw/groups/multiple-expr-1"] } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NotificationsList+

Example Response: { "notifications": [ { "notification_id": "notification.watcher", "uri_filters": ["/api/v1/notification-watchers/e678b8e7-c18e-4703-9748-7aa1cd47b00a", "/api/v1/notification-watchers/2d17e151-342f-4a03-a28e-98e112c1560f"] } { "notification_id": "group.change_notification", "uri_filters": ["/infra/domains/cgw/groups/multiple-expr-1"] } ] } Required Permissions: crud Feature: manager Additional Errors:

Get notifications for the specified watcher ID. (Experimental)

Get notifications for the specified watcher ID. Request:
Method:
GET
URI Path:
/api/v1/notification-watchers/<watcher-id>/notifications
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET /api/v1/notification-watchers/daabc688-3a90-4545-9af8-23e1b045e6f3/notifications Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NotificationsList+

Example Response: { "notifications": [ { "notification_id": "notification.watcher", "uri_filters": ["/api/v1/notification-watchers/e678b8e7-c18e-4703-9748-7aa1cd47b00a"] } ] } Required Permissions: read Feature: manager Additional Errors:

Add uri filters for the specified watcher ID. (Experimental)

Add uri filters for the specified watcher ID. Request:
Method:
POST
URI Path:
/api/v1/notification-watchers/<watcher-id>/notifications?action=add_uri_filters
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Notification+

Example Request: POST /api/v1/notification-watchers/daabc688-3a90-4545-9af8-23e1b045e6f3/notifications?action=add_uri_filters { "notification_id": "notification.watcher", "uri_filters": ["/api/v1/notification-watchers/2fb7bc9b-b7e4-4643-952f-17eb10554842"] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NotificationsList+

Example Response: { "notifications": [ { "notification_id": "notification.watcher", "uri_filters": ["/api/v1/notification-watchers/2fb7bc9b-b7e4-4643-952f-17eb10554842", "/api/v1/notification-watchers/e678b8e7-c18e-4703-9748-7aa1cd47b00a", "/api/v1/notification-watchers/2d17e151-342f-4a03-a28e-98e112c1560f"] } { "notification_id": "group.change_notification", "uri_filters": ["/infra/domains/cgw/groups/multiple-expr-1"] } ] } Required Permissions: crud Feature: manager Additional Errors:

Delete uri filters for the specified watcher ID. (Experimental)

Delete uri filters for the specified watcher ID. Request:
Method:
POST
URI Path:
/api/v1/notification-watchers/<watcher-id>/notifications?action=delete_uri_filters
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Notification+

Example Request: POST /api/v1/notification-watchers/daabc688-3a90-4545-9af8-23e1b045e6f3/notifications?action=delete_uri_filters { "notification_id": "notification.watcher", "uri_filters": ["/api/v1/notification-watchers/e678b8e7-c18e-4703-9748-7aa1cd47b00a"] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NotificationsList+

Example Response: { "notifications": [ { "notification_id": "notification.watcher", "uri_filters": ["/api/v1/notification-watchers/2fb7bc9b-b7e4-4643-952f-17eb10554842","/api/v1/notification-watchers/2d17e151-342f-4a03-a28e-98e112c1560f"] } { "notification_id": "group.change_notification", "uri_filters": ["/infra/domains/cgw/groups/multiple-expr-1"] } ] } Required Permissions: crud Feature: manager Additional Errors:

Management Plane API: Network Transport

Management Plane API: Network Transport: Bridge Clusters

Associated URIs:

Create a Bridge Cluster

Creates a bridge cluster. It is collection of transport nodes
that will do the bridging for overlay network to vlan networks.
Bridge cluster may have one or more transport nodes
Request:
Method:
POST
URI Path:
/api/v1/bridge-clusters
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BridgeCluster+

Example Request: POST https://<nsx-mgr>/api/v1/bridge-clusters { "display_name":"bc1", "description":"Bridge Cluster 1", "bridge_nodes":[ { "transport_node_id":"49eab11e-84d2-4e86-a851-2d52750b813f" }, { "transport_node_id":"d64cf192-dbc1-49fa-91ef-e4049ec1f900" } ], "cluster_profile_bindings":[] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
BridgeCluster+

Example Response: { "id" : "22d04db4-b9b2-400c-bad6-9c20f2a0e5c9", "display_name" : "bc1", "description" : "Bridge Cluster 1", "resource_type" : "BridgeCluster", "cluster_profile_bindings" : [ { "profile_id" : "fc77aa06-3d41-51e4-43f5-24ffc73d07953", "resource_type" : "BridgeHighAvailabilityClusterProfile" } ], "bridge_nodes" : [ { "ha_mac" : "02:50:56:00:00:02", "transport_node_id" : "49eab11e-84d2-4e86-a851-2d52750b813f" }, { "ha_mac" : "02:50:56:00:00:03", "transport_node_id" : "d64cf192-dbc1-49fa-91ef-e4049ec1f900" } ], "_last_modified_time" : 1442859028014, "_create_time" : 1442859028014, "_system_owned" : false, "_create_user" : "admin;default", "_last_modified_user" : "admin;default", "_revision" : 0 } Required Permissions: crud Feature: nodes_bridges Additional Errors:

List All Bridge Clusters

Returns information about all configured bridge clusters
Request:
Method:
GET
URI Path:
/api/v1/bridge-clusters
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/bridge-clusters Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BridgeClusterListResult+

Example Response: { "result_count" : 2, "results" : [ { "id" : "07419c2e-3d0e-48af-b1d1-380ffb6f5943", "display_name" : "bc1", "description" : "Bridge Cluster 1", "resource_type" : "BridgeCluster", "cluster_profile_bindings" : [ { "profile_id" : "fc77aa06-3d41-51e4-43f5-24ffc73d07953", "resource_type" : "BridgeHighAvailabilityClusterProfile" } ], "bridge_nodes" : [ { "ha_mac" : "02:50:56:00:00:00", "transport_node_id" : "49eab11e-84d2-4e86-a851-2d52750b813f" }, { "ha_mac" : "02:50:56:00:00:01", "transport_node_id" : "d64cf192-dbc1-49fa-91ef-e4049ec1f900" } ], "_last_modified_time" : 1442859342696, "_create_time" : 1442859342696, "_system_owned" : false, "_create_user" : "admin;default", "_last_modified_user" : "admin;default", "_revision" : 0 }, { "id" : "0f473f0f-b5a3-4a97-bf0f-d855163667e1", "display_name" : "bc2", "description" : "Bridge Cluster 2", "resource_type" : "BridgeCluster", "cluster_profile_bindings" : [ { "profile_id" : "fc77aa06-3d41-51e4-43f5-24ffc73d07953", "resource_type" : "BridgeHighAvailabilityClusterProfile" } ], "bridge_nodes" : [ { "ha_mac" : "02:50:56:00:00:02", "transport_node_id" : "49eab11e-84d2-4e86-a851-2d52750b813f" } ], "_last_modified_time" : 1442859441496, "_create_time" : 1442859441496, "_system_owned" : false, "_create_user" : "admin;default", "_last_modified_user" : "admin;default", "_revision" : 0 } ] } Required Permissions: read Feature: nodes_bridges Additional Errors:

Update a Bridge Cluster

Modifies a existing bridge cluster. One of more transport nodes
can be added or removed from the bridge cluster using this API.
Request:
Method:
PUT
URI Path:
/api/v1/bridge-clusters/<bridgecluster-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BridgeCluster+

Example Request: PUT https://<nsx-mgr>/api/v1/bridge-clusters/22d04db4-b9b2-400c-bad6-9c20f2a0e5c9 { "display_name":"bc1-updated", "description":"Updated Bridge Cluster 1", "bridge_nodes":[ { "transport_node_id":"49eab11e-84d2-4e86-a851-2d52750b813f" } ], "cluster_profile_bindings":[], "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BridgeCluster+

Example Response: { "id" : "22d04db4-b9b2-400c-bad6-9c20f2a0e5c9", "display_name" : "bc1-updated", "description" : "Updated Bridge Cluster 1", "resource_type" : "BridgeCluster", "cluster_profile_bindings" : [ { "profile_id" : "fc77aa06-3d41-51e4-43f5-24ffc73d07953", "resource_type" : "BridgeHighAvailabilityClusterProfile" } ], "bridge_nodes" : [ { "ha_mac" : "02:50:56:00:00:02", "transport_node_id" : "49eab11e-84d2-4e86-a851-2d52750b813f" } ], "_last_modified_time" : 1442859249576, "_create_time" : 1442859028014, "_system_owned" : false, "_create_user" : "admin;default", "_last_modified_user" : "admin;default", "_revision" : 1 } Required Permissions: crud Feature: nodes_bridges Additional Errors:

Get Information about a bridge cluster

Returns information about a specified bridge cluster. Request:
Method:
GET
URI Path:
/api/v1/bridge-clusters/<bridgecluster-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/bridge-clusters/07419c2e-3d0e-48af-b1d1-380ffb6f5943 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BridgeCluster+

Example Response: { "id" : "07419c2e-3d0e-48af-b1d1-380ffb6f5943", "display_name" : "bc1", "description" : "Bridge Cluster 1", "resource_type" : "BridgeCluster", "cluster_profile_bindings" : [ { "profile_id" : "fc77aa06-3d41-51e4-43f5-24ffc73d07953", "resource_type" : "BridgeHighAvailabilityClusterProfile" } ], "bridge_nodes" : [ { "ha_mac" : "02:50:56:00:00:00", "transport_node_id" : "49eab11e-84d2-4e86-a851-2d52750b813f" }, { "ha_mac" : "02:50:56:00:00:01", "transport_node_id" : "d64cf192-dbc1-49fa-91ef-e4049ec1f900" } ], "_last_modified_time" : 1442859342696, "_create_time" : 1442859342696, "_system_owned" : false, "_create_user" : "admin;default", "_last_modified_user" : "admin;default", "_revision" : 0 } Required Permissions: read Feature: nodes_bridges Additional Errors:

Delete a Bridge Cluster

Removes the specified Bridge Cluster. Request:
Method:
DELETE
URI Path:
/api/v1/bridge-clusters/<bridgecluster-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/bridge-clusters/22d04db4-b9b2-400c-bad6-9c20f2a0e5c9 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_bridges Additional Errors:

Returns status of a specified Bridge Cluster

Get the status for the Bridge Cluster of the given cluster id Request:
Method:
GET
URI Path:
/api/v1/bridge-clusters/<cluster-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/bridge-clusters/e9a02047-9bc8-4d05-ad73-8d5552f48306/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BridgeClusterStatus+

Example Response: { "cluster_id": "e9a02047-9bc8-4d05-ad73-8d5552f48306", "last_update_timestamp": 1457547628680, "health": "DOWN" } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Management Plane API: Network Transport: Bridge Endpoint Profiles

Associated URIs:

Create a Bridge Endpoint Profile

Creates a Bridge Endpoint Profile. Profile contains edge cluster id,
indexes of the member nodes, fialover mode and high availability mode
for a Bridge EndPoint
Request:
Method:
POST
URI Path:
/api/v1/bridge-endpoint-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BridgeEndpointProfile+

Example Request: POST https://<nsx-mgr>/api/v1/bridge-endpoint-profiles { "display_name":"bep1", "description":"Bridge Endpoint Profile 1", "edge_cluster_id" : "07419c2e-3d0e-48af-b1d1-380ffb6f5943", "edge_cluster_member_indexes" : [0, 1], "failover_mode" : "PREEMPTIVE" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
BridgeEndpointProfile+

Example Response: { "id" : "3502cf40-630b-4ff6-864e-2af8acde2efd", "display_name" : "bep1", "description" : "Bridge Endpoint Profile 1", "resource_type" : "BridgeEndpointProfile", "edge_cluster_id" : "07419c2e-3d0e-48af-b1d1-380ffb6f5943", "edge_cluster_member_indexes" : [0, 1], "failover_mode" : "PREEMPTIVE", "_last_modified_time" : 1442859704276, "_create_time" : 1442859704276, "_system_owned" : false, "_create_user" : "admin", "_last_modified_user" : "admin", "_revision" : 0 } Required Permissions: crud Feature: nodes_bridges Additional Errors:

List All Bridge Endpoint Profiles

Returns information about all configured bridge endoint profiles
Request:
Method:
GET
URI Path:
/api/v1/bridge-endpoint-profiles
Request Headers:
n/a
Query Parameters:
BridgeEndpointProfileRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/bridge-endpoint-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BridgeEndpointProfileListResult+

Example Response: { "cursor" : "", "result_count" : 2, "results" : [ { "id" : "229f1617-289d-488b-8648-17caf588fe53", "display_name" : "bep2", "description" : "Bridge Endpoint Profile 2", "resource_type" : "BridgeEndpointProfile", "edge_cluster_id" : "0f473f0f-b5a3-4a97-bf0f-d855163667e1", "edge_cluster_member_indexes" : [1, 2], "failover_mode" : "PREEMPTIVE", "_last_modified_time" : 1442859910756, "_create_time" : 1442859910756, "_system_owned" : false, "_create_user" : "admin", "_last_modified_user" : "admin", "_revision" : 0 }, { "id" : "3502cf40-630b-4ff6-864e-2af8acde2efd", "display_name" : "bep1-updated", "description" : "Updated Bridge Endpoint Profile 1", "resource_type" : "BridgeEndpointProfile", "edge_cluster_id" : "07419c2e-3d0e-48af-b1d1-380ffb6f5943", "edge_cluster_member_indexes" : [0, 1], "failover_mode" : "PREEMPTIVE", "_last_modified_time" : 1442859802286, "_create_time" : 1442859704276, "_system_owned" : false, "_create_user" : "admin", "_last_modified_user" : "admin", "_revision" : 1 } ] } Required Permissions: read Feature: nodes_bridges Additional Errors:

Update a Bridge Endpoint Profile

Modifies a existing bridge endpoint profile.
Request:
Method:
PUT
URI Path:
/api/v1/bridge-endpoint-profiles/<bridgeendpointprofile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BridgeEndpointProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/bridge-endpoint-profiles/3502cf40-630b-4ff6-864e-2af8acde2efd { "display_name":"bep1-updated", "description":"Updated Bridge Endpoint Profile 1", "edge_cluster_id" : "07419c2e-3d0e-48af-b1d1-380ffb6f5943", "failover_mode" : "PREEMPTIVE", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BridgeEndpointProfile+

Example Response: { "id" : "3502cf40-630b-4ff6-864e-2af8acde2efd", "display_name" : "bep1-updated", "description" : "Updated Bridge Endpoint Profile 1", "resource_type" : "BridgeEndpoint", "edge_cluster_id" : "07419c2e-3d0e-48af-b1d1-380ffb6f5943", "edge_cluster_member_indexes" : [0, 1], "failover_mode" : "PREEMPTIVE", "_last_modified_time" : 1442859802286, "_create_time" : 1442859704276, "_system_owned" : false, "_create_user" : "admin", "_last_modified_user" : "admin", "_revision" : 1 } Required Permissions: crud Feature: nodes_bridges Additional Errors:

Get Information about a bridge endpoint Profile

Returns information about a specified bridge endpoint profile. Request:
Method:
GET
URI Path:
/api/v1/bridge-endpoint-profiles/<bridgeendpointprofile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/bridge-endpoint-profile/3502cf40-630b-4ff6-864e-2af8acde2efd Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BridgeEndpointProfile+

Example Response: { "id" : "3502cf40-630b-4ff6-864e-2af8acde2efd", "display_name" : "bep1-updated", "description" : "Updated Bridge Endpoint Profile 1", "resource_type" : "BridgeEndpointProfile", "edge_cluster_id" : "07419c2e-3d0e-48af-b1d1-380ffb6f5943", "edge_cluster_member_indexes" : [0, 1], "failover_mode" : "PREEMPTIVE", "_last_modified_time" : 1442859802286, "_create_time" : 1442859704276, "_system_owned" : false, "_create_user" : "admin", "_last_modified_user" : "admin", "_revision" : 1 } Required Permissions: read Feature: nodes_bridges Additional Errors:

Delete a Bridge Endpoint Profile

Deletes the specified Bridge Endpoint Profile. Request:
Method:
DELETE
URI Path:
/api/v1/bridge-endpoint-profiles/<bridgeendpointprofile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/bridge-endpoint-profiles/3502cf40-630b-4ff6-864e-2af8acde2efd Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_bridges Additional Errors:

Management Plane API: Network Transport: Bridge Endpoints

Associated URIs:

Create a Bridge Endpoint

Creates a Bridge Endpoint. It describes the physical attributes of the
bridge like vlan. A logical port can be attached to a vif providing
bridging functionality from the logical overlay network to the physical
vlan network
Request:
Method:
POST
URI Path:
/api/v1/bridge-endpoints
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BridgeEndpoint+

Example Request: POST https://<nsx-mgr>/api/v1/bridge-endpoints { "display_name":"be1", "description":"Bridge Endpoint 1", "vlan":1, "bridge_cluster_id":"07419c2e-3d0e-48af-b1d1-380ffb6f5943" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
BridgeEndpoint+

Example Response: { "id" : "3502cf40-630b-4ff6-864e-2af8acde2efd", "display_name" : "be1", "description" : "Bridge Endpoint 1", "resource_type" : "BridgeEndpoint", "bridge_cluster_id" : "07419c2e-3d0e-48af-b1d1-380ffb6f5943", "ha_enable" : false, "vlan" : 1, "_last_modified_time" : 1442859704276, "_create_time" : 1442859704276, "_system_owned" : false, "_create_user" : "admin", "_last_modified_user" : "admin", "_revision" : 0 } Required Permissions: crud Feature: nodes_bridges Additional Errors:

List All Bridge Endpoints

Returns information about all configured bridge endoints
Request:
Method:
GET
URI Path:
/api/v1/bridge-endpoints
Request Headers:
n/a
Query Parameters:
BridgeEndpointRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/bridge-endpoints Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BridgeEndpointListResult+

Example Response: { "result_count" : 3, "results" : [ { "id" : "229f1617-289d-488b-8648-17caf588fe53", "display_name" : "be2", "description" : "Bridge Endpoint 2", "resource_type" : "BridgeEndpoint", "bridge_cluster_id" : "0f473f0f-b5a3-4a97-bf0f-d855163667e1", "ha_enable" : false, "vlan" : 1, "_last_modified_time" : 1442859910756, "_create_time" : 1442859910756, "_system_owned" : false, "_create_user" : "admin", "_last_modified_user" : "admin", "_revision" : 0 }, { "id" : "3502cf40-630b-4ff6-864e-2af8acde2efd", "display_name" : "be1-updated", "description" : "Updated Bridge Endpoint 1", "resource_type" : "BridgeEndpoint", "bridge_cluster_id" : "07419c2e-3d0e-48af-b1d1-380ffb6f5943", "ha_enable" : false, "vlan" : 1, "_last_modified_time" : 1442859802286, "_create_time" : 1442859704276, "_system_owned" : false, "_create_user" : "admin", "_last_modified_user" : "admin", "_revision" : 1 } , { "id" : "3502cf40-630b-4ff6-864e-2af8acde2efd", "display_name" : "be3-edge cluster", "description" : "Bridge Endpoint 3", "resource_type" : "BridgeEndpoint", "vlan" : 1, "bridge_endpoint_profile_id" : "98a73f0f-b5a3-4a97-bf0f-d8551636654a", "vlan_transport_zone_id" : "7ac73f0f-b5a3-4a97-bf0f-d85598a9eb45", "_last_modified_time" : 1442859802286, "_create_time" : 1442859704276, "_system_owned" : false, "_create_user" : "admin", "_last_modified_user" : "admin", "_revision" : 1 }] } Required Permissions: read Feature: nodes_bridges Additional Errors:

Update a Bridge Endpoint

Modifies a existing bridge endpoint.
Request:
Method:
PUT
URI Path:
/api/v1/bridge-endpoints/<bridgeendpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BridgeEndpoint+

Example Request: PUT https://<nsx-mgr>/api/v1/bridge-endpoints/3502cf40-630b-4ff6-864e-2af8acde2efd { "display_name":"be1-updated", "description":"Updated Bridge Endpoint 1", "vlan":1, "bridge_cluster_id":"07419c2e-3d0e-48af-b1d1-380ffb6f5943", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BridgeEndpoint+

Example Response: { "id" : "3502cf40-630b-4ff6-864e-2af8acde2efd", "display_name" : "be1-updated", "description" : "Updated Bridge Endpoint 1", "resource_type" : "BridgeEndpoint", "bridge_cluster_id" : "07419c2e-3d0e-48af-b1d1-380ffb6f5943", "ha_enable" : false, "vlan" : 1, "_last_modified_time" : 1442859802286, "_create_time" : 1442859704276, "_system_owned" : false, "_create_user" : "admin", "_last_modified_user" : "admin", "_revision" : 1 } Required Permissions: crud Feature: nodes_bridges Additional Errors:

Delete a Bridge Endpoint

Deletes the specified Bridge Endpoint. Request:
Method:
DELETE
URI Path:
/api/v1/bridge-endpoints/<bridgeendpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/bridge-endpoints/3502cf40-630b-4ff6-864e-2af8acde2efd Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_bridges Additional Errors:

Get Information about a bridge endpoint

Returns information about a specified bridge endpoint. Request:
Method:
GET
URI Path:
/api/v1/bridge-endpoints/<bridgeendpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/bridge-endpoints/3502cf40-630b-4ff6-864e-2af8acde2efd Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BridgeEndpoint+

Example Response: { "id" : "3502cf40-630b-4ff6-864e-2af8acde2efd", "display_name" : "be1-updated", "description" : "Updated Bridge Endpoint 1", "resource_type" : "BridgeEndpoint", "bridge_cluster_id" : "07419c2e-3d0e-48af-b1d1-380ffb6f5943", "ha_enable" : false, "vlan" : 1, "_last_modified_time" : 1442859802286, "_create_time" : 1442859704276, "_system_owned" : false, "_create_user" : "admin", "_last_modified_user" : "admin", "_revision" : 1 } Required Permissions: read Feature: nodes_bridges Additional Errors:

Returns statistics of a specified Bridge Endpoint

Get the statistics for the Bridge Endpoint of the given Endpoint id (endpoint-id) Request:
Method:
GET
URI Path:
/api/v1/bridge-endpoints/<endpoint-id>/statistics
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/bridge-endpoints/15269939-779a-4fa4-9a0a-792dbf9fac12/statistics Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BridgeEndpointStatistics+

Example Response: { "tx_packets": { "total": 159, "dropped": 0, "multicast_broadcast": 0 }, "rx_bytes": { "total": 1028, "multicast_broadcast": 0 }, "tx_bytes": { "total": 10438, "multicast_broadcast": 0 }, "rx_packets": { "total": 11, "dropped": 0, "multicast_broadcast": 0 }, "last_update_timestamp": 1457518122686, "endpoint_id": "15269939-779a-4fa4-9a0a-792dbf9fac12" } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Returns status of a specified Bridge Endpoint

Get the status for the Bridge Endpoint of the given Endpoint id Request:
Method:
GET
URI Path:
/api/v1/bridge-endpoints/<endpoint-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/bridge-endpoints/15269939-779a-4fa4-9a0a-792dbf9fac12/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BridgeEndpointStatus+

Example Response: { "active_nodes": [ "ebe174ac-e4f1-4135-ba72-3dd2eb7099e3" ], "last_update_timestamp": 1457547568679, "endpoint_id": "15269939-779a-4fa4-9a0a-792dbf9fac12" } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Management Plane API: Network Transport: Cluster Profiles

Associated URIs:

Create a Cluster Profile

Create a cluster profile. The resource_type is required.
Request:
Method:
POST
URI Path:
/api/v1/cluster-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BridgeHighAvailabilityClusterProfile+
EdgeHighAvailabilityProfile+

Example Request: POST https://<nsx-mgr>/api/v1/cluster-profiles { "resource_type": "EdgeHighAvailabilityProfile", "display_name": "edge-cluster-profile-East", "bfd_probe_interval": 1000, "bfd_declare_dead_multiple": 3, "bfd_allowed_hops": 1, "standby_relocation_config": { "standby_relocation_threshold": 40 } } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
BridgeHighAvailabilityClusterProfile+
EdgeHighAvailabilityProfile+

Example Response: { "resource_type": "EdgeHighAvailabilityProfile", "id": "c5fc06d9-648e-4897-9483-21c3f1666d65", "display_name": "edge-cluster-profile-East", "bfd_probe_interval": 1000, "bfd_declare_dead_multiple": 3, "bfd_allowed_hops": 1, "standby_relocation_config": { "standby_relocation_threshold": 40 }, "_last_modified_time": 1458585978941, "_create_time": 1458585978941, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: profiles_cluster_profiles Additional Errors:

List Cluster Profiles

Returns paginated list of cluster profiles
Cluster profiles define policies for edge cluster and bridge cluster.
Request:
Method:
GET
URI Path:
/api/v1/cluster-profiles
Request Headers:
n/a
Query Parameters:
ClusterProfileListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster-profiles?include_system_owned=false Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ClusterProfileListResult+

Example Response: { "result_count": 1, "results": [ { "resource_type": "EdgeHighAvailabilityProfile", "description": "", "id": "a73723d4-24d5-4ea8-97a5-6c1a3853e838", "display_name": "edge-cluster-profile-West", "tags": [], "bfd_probe_interval": 2000, "bfd_declare_dead_multiple": 9, "bfd_allowed_hops": 3, "standby_relocation_config": { "standby_relocation_threshold": 40 }, "_last_modified_time": 1458585189556, "_create_time": 1458585189556, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } ] } Required Permissions: read Feature: profiles_cluster_profiles Additional Errors:

Delete a cluster profile

Delete a specified cluster profile. Request:
Method:
DELETE
URI Path:
/api/v1/cluster-profiles/<cluster-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/cluster-profiles/c5fc06d9-648e-4897-9483-21c3f1666d65 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: profiles_cluster_profiles Additional Errors:

Get cluster profile by Id

Returns information about a specified cluster profile. Request:
Method:
GET
URI Path:
/api/v1/cluster-profiles/<cluster-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/cluster-profiles/a73723d4-24d5-4ea8-97a5-6c1a3853e838 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BridgeHighAvailabilityClusterProfile+
EdgeHighAvailabilityProfile+

Example Response: { "resource_type": "EdgeHighAvailabilityProfile", "description": "", "id": "a73723d4-24d5-4ea8-97a5-6c1a3853e838", "display_name": "edge-cluster-profile-West", "tags": [], "bfd_probe_interval": 2000, "bfd_declare_dead_multiple": 9, "bfd_allowed_hops": 3, "standby_relocation_config": { "standby_relocation_threshold": 40 }, "_last_modified_time": 1458585189556, "_create_time": 1458585189556, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } Required Permissions: read Feature: profiles_cluster_profiles Additional Errors:

Update a cluster profile

Modifie a specified cluster profile. The body of the PUT request must
include the resource_type.
Request:
Method:
PUT
URI Path:
/api/v1/cluster-profiles/<cluster-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BridgeHighAvailabilityClusterProfile+
EdgeHighAvailabilityProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/cluster-profiles/c5fc06d9-648e-4897-9483-21c3f1666d65 { "resource_type": "EdgeHighAvailabilityProfile", "id": "c5fc06d9-648e-4897-9483-21c3f1666d65", "display_name": "edge-cluster-profile-East", "bfd_probe_interval": 1000, "bfd_declare_dead_multiple": 3, "tags": [{"scope": "home", "tag": "green"}], "bfd_allowed_hops": 1, "standby_relocation_config": { "standby_relocation_threshold": 40 }, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BridgeHighAvailabilityClusterProfile+
EdgeHighAvailabilityProfile+

Example Response: { "resource_type": "EdgeHighAvailabilityProfile", "id": "c5fc06d9-648e-4897-9483-21c3f1666d65", "display_name": "edge-cluster-profile-East", "tags": [ { "scope": "home", "tag": "green" } ], "bfd_probe_interval": 1000, "bfd_declare_dead_multiple": 3, "bfd_allowed_hops": 1, "standby_relocation_config": { "standby_relocation_threshold": 40 }, "_last_modified_time": 1458586622412, "_create_time": 1458585978941, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: profiles_cluster_profiles Additional Errors:

Management Plane API: Network Transport: Edge Clusters

Associated URIs:

List Edge Clusters

Returns information about the configured edge clusters, which enable you to
group together transport nodes of the type EdgeNode and apply fabric
profiles to all members of the edge cluster. Each edge node can participate
in only one edge cluster.
Request:
Method:
GET
URI Path:
/api/v1/edge-clusters
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/edge-clusters Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EdgeClusterListResult+

Example Response: { "cursor": "0036bf8d4daf-93f6-4c23-af38-63f6d372e14ennuullll", "result_count": 1, "results": [ { "_revision": 0, "id": "bf8d4daf-93f6-4c23-af38-63f6d372e14e", "resource_type": "EdgeCluster", "cluster_profile_bindings": [ { "resource_type": "EdgeHighAvailabilityProfile", "profile_id": "ee7e2008-3626-4373-9ba4-521887840984" } ], "members": [ { "transport_node_id": "7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c", "member_index": 0 } ], "_system_owned" : false, "deployment_type" : "VIRTUAL_MACHINE", "_last_modified_user": "admin", "_last_modified_time": 1415236663043, "_create_time": 1415236663043, "_create_user": "admin" } ] } Required Permissions: read Feature: nodes_edge_clusters Additional Errors:

Create Edge Cluster

Creates a new edge cluster.
It only supports homogeneous members.
The TransportNodes backed by EdgeNode are only allowed in cluster members.
DeploymentType (VIRTUAL_MACHINE|PHYSICAL_MACHINE) of these EdgeNodes is
recommended to be the same. EdgeCluster supports members of different
deployment types.
Request:
Method:
POST
URI Path:
/api/v1/edge-clusters
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
EdgeCluster+

Example Request: POST https://<nsx-mgr>/api/v1/edge-clusters { "cluster_profile_bindings": [ { "profile_id":"ee7e2008-3626-4373-9ba4-521887840984", "resource_type": "EdgeHighAvailabilityProfile" } ], "members": [ { "transport_node_id":"7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c" } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
EdgeCluster+

Example Response: { "_revision": 0, "id": "bf8d4daf-93f6-4c23-af38-63f6d372e14e", "resource_type": "EdgeCluster", "cluster_profile_bindings": [ { "resource_type": "EdgeHighAvailabilityProfile", "profile_id": "ee7e2008-3626-4373-9ba4-521887840984" } ], "members": [ { "transport_node_id": "7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c", "member_index": 0 } ], "_system_owned" : false, "deployment_type" : "VIRTUAL_MACHINE", "_last_modified_user": "admin", "_last_modified_time": 1415236663043, "_create_time": 1415236663043, "_create_user": "admin" } Required Permissions: crud Feature: nodes_edge_clusters Additional Errors:

Read Edge Cluster

Returns information about the specified edge cluster. Request:
Method:
GET
URI Path:
/api/v1/edge-clusters/<edge-cluster-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/edge-clusters/bf8d4daf-93f6-4c23-af38-63f6d372e14e Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EdgeCluster+

Example Response: { "_revision": 0, "id": "bf8d4daf-93f6-4c23-af38-63f6d372e14e", "resource_type": "EdgeCluster", "cluster_profile_bindings": [ { "resource_type": "EdgeHighAvailabilityProfile", "profile_id": "ee7e2008-3626-4373-9ba4-521887840984" } ], "members": [ { "transport_node_id": "7a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c", "member_index": 0 } ], "_system_owned" : false, "deployment_type" : "VIRTUAL_MACHINE", "_last_modified_user": "admin", "_last_modified_time": 1415236663043, "_create_time": 1415236663043, "_create_user": "admin" } Required Permissions: read Feature: nodes_edge_clusters Additional Errors:

Delete Edge Cluster

Deletes the specified edge cluster. Request:
Method:
DELETE
URI Path:
/api/v1/edge-clusters/<edge-cluster-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/edge-clusters/bf8d4daf-93f6-4c23-af38-63f6d372e14e Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_edge_clusters Additional Errors:

Update Edge Cluster

Modifies the specified edge cluster. Modifiable parameters include the
description, display_name, transport-node-id. If the optional
fabric_profile_binding is included, resource_type and profile_id are required.
User should do a GET on the edge-cluster and obtain the payload and retain the
member_index of the existing members as returning in the GET output. For new member
additions, the member_index cannot be defined by the user, user can read the system
allocated index to the new member in the output of this API call or by doing a GET call.
User cannot use this PUT api to replace the transport_node of an existing member because
this is a disruption action, we have exposed a explicit API for doing so, refer to
"ReplaceEdgeClusterMemberTransportNode"
EdgeCluster only supports homogeneous members. The TransportNodes backed by EdgeNode are
only allowed in cluster members. DeploymentType (VIRTUAL_MACHINE|PHYSICAL_MACHINE) of these
EdgeNodes is recommended to be the same. EdgeCluster supports members of different
deployment types.
Request:
Method:
PUT
URI Path:
/api/v1/edge-clusters/<edge-cluster-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
EdgeCluster+

Example Request: PUT https://<nsx-mgr>/api/v1/edge-clusters/bf8d4daf-93f6-4c23-af38-63f6d372e14e { "resource_type": "EdgeCluster", "id": "ba009179-4cc7-40d0-9149-6242d2838bab", "display_name": "comp2-edge-cluster", "deployment_type": "VIRTUAL_MACHINE", "members": [ { "member_index": 0, "transport_node_id": "4fa0d456-627d-4b62-9bfe-585d585dab1a" } ], "cluster_profile_bindings": [ { "profile_id": "91bcaa06-47a1-11e4-8316-17ffc770799b", "resource_type": "EdgeHighAvailabilityProfile" } ], "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EdgeCluster+

Example Response: { "resource_type": "EdgeCluster", "id": "ba009179-4cc7-40d0-9149-6242d2838bab", "display_name": "comp2-edge-cluster", "deployment_type": "VIRTUAL_MACHINE", "members": [ { "member_index": 0, "transport_node_id": "4fa0d456-627d-4b62-9bfe-585d585dab1a" } ], "cluster_profile_bindings": [ { "profile_id": "91bcaa06-47a1-11e4-8316-17ffc770799b", "resource_type": "EdgeHighAvailabilityProfile" } ], "_last_modified_time": 1458858792864, "_create_time": 1457984401856, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 2 } Required Permissions: crud Feature: nodes_edge_clusters Additional Errors:

Get the Allocation details of an edge cluster

Returns the allocation details of cluster and its members. Lists the edge
node members, active and standby services of each node, utilization details
of configured sub-pools. These allocation details can be monitored by
customers to trigger migration of certain service contexts to different
edge nodes, to balance the utilization of edge node resources.
Request:
Method:
GET
URI Path:
/api/v1/edge-clusters/<edge-cluster-id>/allocation-status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/edge-clusters/bf8d4daf-93f6-4c23-af38-63f6d372e14e/allocation-status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EdgeClusterAllocationStatus+

Required Permissions: read Feature: nodes_edge_clusters Additional Errors:

Get the Realized State of a Edge Cluster

Return realized state information of a edge cluster.
Any configuration update that affects the edge cluster can use this API
to get its realized state by passing a request_id returned by the
configuration change operation. e.g. Update configuration of edge cluster.
Request:
Method:
GET
URI Path:
/api/v1/edge-clusters/<edge-cluster-id>/state
Request Headers:
n/a
Query Parameters:
RealizationStateQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/edge-clusters/bf8d4daf-93f6-4c23-af38-63f6d372e14e/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EdgeClusterState+

Example Response: { "details": [ { "sub_system_type": "TransportNode", "sub_system_id": "fe651e63-04bd-43a4-a8ec-45381a3b71b9", "state": "in_progress", "failure_message": "CCP Id:ab5958df-d98a-468e-a72b-d89dcdae5346, Message:State realization is in progress at the node." }, { "sub_system_type": "TransportNode", "sub_system_id": "ebe174ac-e4f1-4135-ba72-3dd2eb7099e3", "state": "in_sync" } ], "state": "in_progress", "failure_message": "The state realization is in progress at transport nodes." } Required Permissions: read Feature: nodes_edge_clusters Additional Errors:

Get the status for the Edge cluster of the given id

Returns the aggregated status for the Edge cluster along with status of
all edge nodes in the cluster. Query parameter "source=realtime" is the
only supported source.
Request:
Method:
GET
URI Path:
/api/v1/edge-clusters/<edge-cluster-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/edge-clusters/875381be-a4c5-4173-8aa7-ab71695a8129/status?source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EdgeClusterStatus+

Example Response: { "edge_cluster_id": "875381be-a4c5-4173-8aa7-ab71695a8129", "member_status": [ { "transport_node_id": "56eead22-3bb9-4586-8de3-9412941f9116", "status": "UP" }, { "transport_node_id": "77eead22-3bb9-4586-8de3-9412941f9116", "status": "DOWN" } ], "last_update_timestamp": 1457117071089, "edge_cluster_status": "DEGRADED" } Required Permissions: read Feature: nodes_edge_clusters Additional Errors:

Replace the transport node in the specified member of the edge-cluster

Replace the transport node in the specified member of the edge-cluster.
This is a disruptive action. This will move all the LogicalRouterPorts(uplink and routerLink)
host on the old transport_node to the new transport_node. The transportNode cannot be
present in another member of any edgeClusters.
Request:
Method:
POST
URI Path:
/api/v1/edge-clusters/<edge-cluster-id>?action=replace_transport_node
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
EdgeClusterMemberTransportNode+

Example Request: POST http://10.33.86.160/api/v1/edge-clusters/bf8d4daf-93f6-4c23-af38-63f6d372e14e?action=replace_transport_node { "member_index": 0, "transport_node_id":"6a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EdgeCluster+

Example Response: { "_revision": 1, "id": "bf8d4daf-93f6-4c23-af38-63f6d372e14e", "resource_type": "EdgeCluster", "cluster_profile_bindings": [ { "resource_type": "EdgeHighAvailabilityProfile", "profile_id": "ee7e2008-3626-4373-9ba4-521887840984" } ], "members": [ { "transport_node_id": "6a62a0c5-1ea1-4b25-9d43-dce1c0fa4b8c", "member_index": 0 } ], "_system_owned" : false, "deployment_type" : "VIRTUAL_MACHINE", "_last_modified_user": "admin", "_last_modified_time": 1415236663043, "_create_time": 1415236663043, "_create_user": "admin" } Required Permissions: crud Feature: nodes_edge_clusters Additional Errors:

Management Plane API: Network Transport: Failure Domains

Associated URIs:

Create Failure Domain

Creates a new failure domain.
Request:
Method:
POST
URI Path:
/api/v1/failure-domains
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FailureDomain+

Example Request: POST https://<nsx-mgr>/api/v1/failure-domains/ { "display_name":"FD1", "description":"failure domain of rack1" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
FailureDomain+

Example Response: { "_revision": 0, "id": "795097bb-fb32-44f1-a074-73445ada5451", "display_name": "FD1", "description": "failure domain of rack1", "resource_type": "FailureDomain", "_last_modified_user": "admin", "_last_modified_time": 1414179082458, "_create_time": 1414179082458, "_create_user": "admin", "_schema": "/v1/schema/FailureDomain" } Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

List Failure Domains

Returns information about configured failure domains. Request:
Method:
GET
URI Path:
/api/v1/failure-domains
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/failure-domains/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FailureDomainListResult+

Example Response: { "results": [ { "_revision": 0, "id": "c08d57bf-247d-4a5e-9acd-c5f2860e2872", "resource_type": "FailureDomain", "display_name": "default-system-failure-domain", "description": "default system created failure domain", "_last_modified_user": "admin", "_last_modified_time": 1412873095391, "_create_time": 1412873095391, "_create_user": "admin", "_system_owned": "true", "_schema": "/v1/schema/FailureDomain" }, { "_revision": 0, "id": "7c57c5a7-c742-4ee2-8fae-a9ac6a01309c", "resource_type": "FailureDomain", "display_name": "FD2", "description": "failure domain of rack2", "preferred_active_edge_services": "true", "_last_modified_user": "admin", "_last_modified_time": 1412873062407, "_create_time": 1412873062407, "_create_user": "admin", "_schema": "/v1/schema/FailureDomain" }, { "_revision": 0, "id": "c55ec097-0b53-4103-9426-18e135250c29", "resource_type": "FailureDomain", "display_name": "FD3", "description": "failure domain of rack3", "preferred_active_edge_services": "false", "_last_modified_user": "admin", "_last_modified_time": 1412877285032, "_create_time": 1412877285032, "_create_user": "admin", "_schema": "/v1/schema/FailureDomain" } ] } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

Get a Failure Domain

Returns information about a single failure domain. Request:
Method:
GET
URI Path:
/api/v1/failure-domains/<failure-domain-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/failure-domains/795097bb-fb32-44f1-a074-73445ada5451 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FailureDomain+

Example Response: { "_revision": 0, "id": "795097bb-fb32-44f1-a074-73445ada5451", "resource_type": "FailureDomain", "display_name": "FD1", "description": "failure domain of rack1", "_last_modified_user": "admin", "_last_modified_time": 1412877285032, "_create_time": 1412877285032, "_create_user": "admin", "_schema": "/v1/schema/FailureDomain" } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

Delete Failure Domain

Deletes an existing failure domain. You can not delete system generated
default failure domain.
Request:
Method:
DELETE
URI Path:
/api/v1/failure-domains/<failure-domain-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/failure-domains/795097bb-fb32-44f1-a074-73445ada5451 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Update Failure Domain

Updates an existing failure domain. Modifiable parameters are
display_name, preferred_active_edge_services flag.
Request:
Method:
PUT
URI Path:
/api/v1/failure-domains/<failure-domain-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FailureDomain+

Example Request: PUT https://<nsx-mgr>/api/v1/failure-domains/795097bb-fb32-44f1-a074-73445ada5451 { "resource_type": "FailureDomain", "description": "failure domain of rack1", "display_name": "FD1", "id": "795097bb-fb32-44f1-a074-73445ada5451", "preferred_active_edge_services": "true", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FailureDomain+

Example Response: { "id": "795097bb-fb32-44f1-a074-73445ada5451", "resource_type": "FailureDomain", "description": "failure domain of rack1", "display_name": "FD1", "preferred_active_edge_services": "true", "_last_modified_time": 1458859590908, "_create_time": 1457984400279, "_last_modified_user": "admin", "_create_user": "admin", "_revision": 1, "_schema": "/v1/schema/FailureDomain" } Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Management Plane API: Network Transport: Hostswitch Profiles

Associated URIs:

Create a Hostswitch Profile

Creates a hostswitch profile. The resource_type is required. For uplink
profiles, the teaming and policy parameters are required. By default, the
mtu is 1600 and the transport_vlan is 0. The supported MTU range is 1280
through (uplink_mtu_threshold). (uplink_mtu_threshold) is 9000 by default.
Range can be extended by modifying (uplink_mtu_threshold) in
SwitchingGlobalConfig to the required upper threshold.
Request:
Method:
POST
URI Path:
/api/v1/host-switch-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ExtraConfigHostSwitchProfile+
LldpHostSwitchProfile+
NiocProfile+
UplinkHostSwitchProfile+

Example Request: POST https://<nsx-mgr>/api/v1/host-switch-profiles { "resource_type": "UplinkHostSwitchProfile", "display_name": "uplinkProfile2", "mtu": 1600, "teaming": { "standby_list": [], "active_list": [ { "uplink_name": "uplink3", "uplink_type": "PNIC" } ], "policy": "FAILOVER_ORDER" }, "transport_vlan": 0 } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ExtraConfigHostSwitchProfile+
LldpHostSwitchProfile+
NiocProfile+
UplinkHostSwitchProfile+

Example Response: { "resource_type": "UplinkHostSwitchProfile", "id": "fe3e8766-383c-42fc-bfa9-aa7d193c89d9", "display_name": "uplinkProfile2", "mtu": 1600, "teaming": { "standby_list": [], "active_list": [ { "uplink_name": "uplink1", "uplink_type": "PNIC" } ], "policy": "FAILOVER_ORDER" }, "transport_vlan": 0, "_last_modified_user": "admin", "_last_modified_time": 1433452542652, "_create_time": 1433452542652, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: profiles_host_switch_profiles Additional Errors:

List Hostswitch Profiles

Returns information about the configured hostswitch profiles. Hostswitch
profiles define networking policies for hostswitches (sometimes referred to
as bridges in OVS). Currently, only uplink teaming is supported. Uplink
teaming allows NSX to load balance traffic across different physical NICs
(PNICs) on the hypervisor hosts. Multiple teaming policies are supported,
including LACP active, LACP passive, load balancing based on source ID, and
failover order.
Request:
Method:
GET
URI Path:
/api/v1/host-switch-profiles
Request Headers:
n/a
Query Parameters:
HostSwitchProfileListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/host-switch-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
HostSwitchProfilesListResult+

Example Response: { "result_count" : 2, "results" : [ { "resource_type" : "LldpHostSwitchProfile", "id" : "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb", "display_name" : "LLDP [Send Packet Disabled]", "resource_type" : "LldpHostSwitchProfile", "send_enabled" : false, "_last_modified_user" : "system", "_last_modified_time" : 1433451663106, "_create_time" : 1433451663106, "_system_owned" : true, "_create_user" : "system", "_revision" : 0 }, { "resource_type" : "UplinkHostSwitchProfile", "id" : "4228a9e1-982c-4753-b386-44b9e3b42ca0", "display_name" : "uplinkProfile1", "resource_type" : "UplinkHostSwitchProfile", "mtu" : 1600, "teaming" : { "standby_list" : [ { "uplink_name" : "uplink2", "uplink_type" : "PNIC" } ], "active_list" : [ { "uplink_name" : "uplink1", "uplink_type" : "PNIC" } ], "policy" : "FAILOVER_ORDER" }, "transport_vlan" : 0, "_last_modified_user" : "admin", "_last_modified_time" : 1433452542652, "_create_time" : 1433452542652, "_create_user" : "admin", "_revision" : 0 } ] } Required Permissions: read Feature: profiles_host_switch_profiles Additional Errors:

Update a Hostswitch Profile

Modifies a specified hostswitch profile. The body of the PUT request must
include the resource_type. For uplink profiles, the put request must also
include teaming parameters. Modifiable attributes include display_name, mtu,
and transport_vlan. For uplink teaming policies, uplink_name and policy are
also modifiable.
Request:
Method:
PUT
URI Path:
/api/v1/host-switch-profiles/<host-switch-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ExtraConfigHostSwitchProfile+
LldpHostSwitchProfile+
NiocProfile+
UplinkHostSwitchProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/host-switch-profiles/fe3e8766-383c-42fc-bfa9-aa7d193c89d9 { "resource_type": "UplinkHostSwitchProfile", "display_name": "uplinkProfile2", "mtu": 1500, "teaming": { "standby_list": [ { "uplink_name": "uplink2", "uplink_type": "PNIC" } ], "active_list": [ { "uplink_name": "uplink3", "uplink_type": "PNIC" } ], "policy": "FAILOVER_ORDER" }, "transport_vlan": 500, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ExtraConfigHostSwitchProfile+
LldpHostSwitchProfile+
NiocProfile+
UplinkHostSwitchProfile+

Example Response: { "resource_type": "UplinkHostSwitchProfile", "id": "fe3e8766-383c-42fc-bfa9-aa7d193c89d9", "display_name": "uplinkProfile2", "mtu": 1500, "teaming": { "standby_list": [ { "uplink_name": "uplink2", "uplink_type": "PNIC" } ], "active_list": [ { "uplink_name": "uplink3", "uplink_type": "PNIC" } ], "policy": "FAILOVER_ORDER" }, "transport_vlan": 500, "_last_modified_time": 1414439262689, "_create_time": 1414438923426, "_create_user": "admin", "_last_modified_user": "admin", "_revision": 1 } Required Permissions: crud Feature: profiles_host_switch_profiles Additional Errors:

Get a Hostswitch Profile by ID

Returns information about a specified hostswitch profile. Request:
Method:
GET
URI Path:
/api/v1/host-switch-profiles/<host-switch-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/host-switch-profiles/4228a9e1-982c-4753-b386-44b9e3b42ca0 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ExtraConfigHostSwitchProfile+
LldpHostSwitchProfile+
NiocProfile+
UplinkHostSwitchProfile+

Example Response: { "resource_type": "UplinkHostSwitchProfile", "id": "4228a9e1-982c-4753-b386-44b9e3b42ca0", "display_name": "uplinkProfile1", "mtu": 1600, "teaming": { "standby_list": [ { "uplink_name": "uplink2", "uplink_type": "PNIC" } ], "active_list": [ { "uplink_name": "uplink1", "uplink_type": "PNIC" } ], "policy": "FAILOVER_ORDER" }, "transport_vlan": 0, "_last_modified_user": "admin", "_last_modified_time": 1433452542652, "_create_time": 1433452542652, "_create_user": "admin", "_revision": 0 } Required Permissions: read Feature: profiles_host_switch_profiles Additional Errors:

Delete a Hostswitch Profile

Deletes a specified hostswitch profile. Request:
Method:
DELETE
URI Path:
/api/v1/host-switch-profiles/<host-switch-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/host-switch-profiles/fe3e8766-383c-42fc-bfa9-aa7d193c89d9 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: profiles_host_switch_profiles Additional Errors:

Management Plane API: Network Transport: Transport Node Collections

Associated URIs:

List Transport Node collections

Returns all Transport Node collections Request:
Method:
GET
URI Path:
/api/v1/transport-node-collections
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-node-collections Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNodeCollectionListResult+

Example Response: { "result_count" : 1, "results": [{ "resource_type": "TransportNodeCollection", "description": "TransportNodeCollection 1", "id": "46ea1ae3-b067-4985-bd9e-6e1d4b1b2ec1", "display_name": "TransportNodeCollection-1", "compute_collection_id": "33dbf426-c282-42a0-9ae2-5e924b8a78b4:domain-c38", "transport_node_profile_id": "0840e9c6-3c7b-46a9-aea7-82bb1190709d", "_create_user": "admin", "_create_time": 1495147708462, "_last_modified_user": "admin", "_last_modified_time": 1495147708462, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }] } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

Create transport node collection by attaching Transport Node Profile to cluster.

When transport node collection is created the hosts which are part
of compute collection will be prepared automatically i.e. NSX Manager
attempts to install the NSX components on hosts. Transport nodes for these
hosts are created using the configuration specified in transport node
profile.
Request:
Method:
POST
URI Path:
/api/v1/transport-node-collections
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TransportNodeCollection+

Example Request: POST https://<nsx-mgr>/api/v1/transport-node-collections { "resource_type": "TransportNodeCollection", "display_name": "TransportNodeCollection-1", "description": "Transport Node Collections 1", "compute_collection_id": "33dbf426-c282-42a0-9ae2-5e924b8a78b4:domain-c38" "transport_node_profile_id": "0840e9c6-3c7b-46a9-aea7-82bb1190709d", } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
TransportNodeCollection+

Example Response: { "resource_type": "TransportNodeCollection", "display_name": "TransportNodeCollection-1", "description": "Transport Node Collections 1", "id": "46ea1ae3-b067-4985-bd9e-6e1d4b1b2ec1", "compute_collection_id": "33dbf426-c282-42a0-9ae2-5e924b8a78b4:domain-c38" "transport_node_profile_id": "0840e9c6-3c7b-46a9-aea7-82bb1190709d", "_create_user": "admin", "_create_time": 1495147708462, "_last_modified_user": "admin", "_last_modified_time": 1495147708462, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Update Transport Node collection

Attach different transport node profile to compute collection by updating
transport node collection.
Request:
Method:
PUT
URI Path:
/api/v1/transport-node-collections/<transport-node-collection-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TransportNodeCollection+

Example Request: PUT https://<nsx-mgr>/api/v1/transport-node-collections/46ea1ae3-b067-4985-bd9e-6e1d4b1b2ec1 { "resource_type": "TransportNodeCollection", "description": "TransportNodeCollection 1", "id": "46ea1ae3-b067-4985-bd9e-6e1d4b1b2ec1", "display_name": "TransportNodeCollection-1", "compute_collection_id": "33dbf426-c282-42a0-9ae2-5e924b8a78b4:domain-c38", "transport_node_profile_id": "0840e9c6-3c7b-46a9-aea7-82bb1190709d", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNodeCollection+

Example Response: { "resource_type": "TransportNodeCollection", "description": "TransportNodeCollection 1", "id": "46ea1ae3-b067-4985-bd9e-6e1d4b1b2ec1", "display_name": "TransportNodeCollection-1", "compute_collection_id": "33dbf426-c282-42a0-9ae2-5e924b8a78b4:domain-c38", "transport_node_profile_id": "0840e9c6-3c7b-46a9-aea7-82bb1190709d", "_create_user": "admin", "_create_time": 1495147708462, "_last_modified_user": "admin", "_last_modified_time": 1495147708462, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Detach transport node profile from compute collection.

By deleting transport node collection, we are detaching the transport node
profile(TNP) from the compute collection. It has no effect on existing
transport nodes. However, new hosts added to the compute collection will no
longer be automatically converted to NSX transport node.
Detaching TNP from compute collection does not delete TNP.
Request:
Method:
DELETE
URI Path:
/api/v1/transport-node-collections/<transport-node-collection-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/transport-node-collections/97a8c-8e19d Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Get Transport Node collection by id

Returns transport node collection by id Request:
Method:
GET
URI Path:
/api/v1/transport-node-collections/<transport-node-collection-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-node-collections/46ea1ae3-b067-4985-bd9e-6e1d4b1b2ec1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNodeCollection+

Example Response: { "resource_type": "TransportNodeCollection", "description": "TransportNodeCollection 1", "id": "46ea1ae3-b067-4985-bd9e-6e1d4b1b2ec1", "display_name": "TransportNodeCollection-1", "compute_collection_id": "33dbf426-c282-42a0-9ae2-5e924b8a78b4:domain-c38", "transport_node_profile_id": "0840e9c6-3c7b-46a9-aea7-82bb1190709d", "_create_user": "admin", "_create_time": 1495147708462, "_last_modified_user": "admin", "_last_modified_time": 1495147708462, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

Get Transport Node collection application state

Returns the state of transport node collection based on the states of
transport nodes of the hosts which are part of compute collection.
Request:
Method:
GET
URI Path:
/api/v1/transport-node-collections/<transport-node-collection-id>/state
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-node-collections/<transport-node-collection-id>/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNodeCollectionState+

Example Response: { "transport_node_collection_state":"IN_PROGRESS" } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

Management Plane API: Network Transport: Transport Node Profiles

Associated URIs:

Create a Transport Node Profile

Transport node profile captures the configuration needed to create
a transport node. A transport node profile can be attached to
compute collections for automatic TN creation of member hosts.
Request:
Method:
POST
URI Path:
/api/v1/transport-node-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TransportNodeProfile+

Example Request: POST https://<nsx-mgr>/api/v1/transport-node-profiles { "resource_type": "TransportNodeProfile", "display_name": "Transport Node Profile Demo", "description": "Transport Node Profile to be applied to a cluster", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "ip_assignment_spec": { "resource_type": "StaticIpPoolSpec", "ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92", "vmk_install_migration": [ { "device_name": "vmk1", "destination_network": "849e339e-64b7-47cb-9480-33068f70dc5a" } ], "vmk_uninstall_migration": [ ] } ] }, "transport_zone_endpoints": [ { "transport_zone_id": "e14c6b8a-9edd-489f-b624-f9ef12afbd8f" } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
TransportNodeProfile+

Example Response: { "resource_type": "TransportNodeProfile", "id": "77816de2-39c3-436c-b891-54d31f580961", "display_name": "Transport Node Profile Demo", "description": "Transport Node Profile to be applied to a cluster", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "ip_assignment_spec": { "resource_type": "StaticIpPoolSpec", "ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92", "vmk_install_migration": [ { "device_name": "vmk1", "destination_network": "849e339e-64b7-47cb-9480-33068f70dc5a" } ], "vmk_uninstall_migration": [ ] } ] }, "transport_zone_endpoints": [ { "transport_zone_id": "e14c6b8a-9edd-489f-b624-f9ef12afbd8f" } ], "_create_time": 1485299990773, "_last_modified_user": "admin", "_last_modified_time": 1485301913130, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

List Transport Nodes

Returns information about all transport node profiles.
Request:
Method:
GET
URI Path:
/api/v1/transport-node-profiles
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-node-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNodeProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "displayName", "result_count": 2, "results": [ { "id": "849e339e-64b7-47cb-9480-33068f70dc5a", "display_name": "transport-node-profile-demo", "resource_type": "TransportNodeProfile", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" }, { "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb", "key": "LldpHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "ip_assignment_spec": { "resource_type": "StaticIpPoolSpec", "ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92" }, "vmk_install_migration": [ { "device_name": "vmk1", "destination_network": "849e339e-64b7-47cb-9480-33068f70dc5a" } ], "vmk_uninstall_migration": [ ] } ] }, "transport_zone_endpoints": [ { "transport_zone_id": "e14c6b8a-9edd-489f-b624-f9ef12afbd8f", "transport_zone_profile_ids": [ { "profile_id": "52035bb3-ab02-4a08-9884-18631312e50a", "resource_type": "BfdHealthMonitoringProfile" } ] } ], "_revision": 0, "_create_time": 1415876516683, "_create_user": "admin", "_last_modified_user": "admin", "_last_modified_time": 1415876516683 }, { "id": "a601679e-4f0f-4d96-85c3-094e468ae60e", "display_name": "transport-node-profile-demo-2", "resource_type": "TransportNodeProfile", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" }, { "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb", "key": "LldpHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "ip_assignment_spec": { "resource_type": "StaticIpPoolSpec", "ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92" }, "vmk_install_migration": [ { "device_name": "vmk1", "destination_network": "849e339e-64b7-47cb-9480-33068f70dc5a" } ], "vmk_uninstall_migration": [ ] } ] }, "transport_zone_endpoints": [ { "transport_zone_id": "e14c6b8a-9edd-489f-b624-f9ef12afbd8f", "transport_zone_profile_ids": [ { "profile_id": "52035bb3-ab02-4a08-9884-18631312e50a", "resource_type": "BfdHealthMonitoringProfile" } ] } ], "_revision": 0, "_create_time": 1415876516522, "_create_user": "admin", "_last_modified_user": "admin", "_last_modified_time": 1415876516522 } ] } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

Get a Transport Node

Returns information about a specified transport node profile. Request:
Method:
GET
URI Path:
/api/v1/transport-node-profiles/<transport-node-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-node-profiles/77816de2-39c3-436c-b891-54d31f580961 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNodeProfile+

Example Response: { "id": "849e339e-64b7-47cb-9480-33068f70dc5a", "display_name": "transport-node-profile-demo", "resource_type": "TransportNodeProfile", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" }, { "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb", "key": "LldpHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "ip_assignment_spec": { "resource_type": "StaticIpPoolSpec", "ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92" }, "vmk_install_migration": [ { "device_name": "vmk1", "destination_network": "849e339e-64b7-47cb-9480-33068f70dc5a" } ], "vmk_uninstall_migration": [ ] } ] }, "transport_zone_endpoints": [ { "transport_zone_id": "e14c6b8a-9edd-489f-b624-f9ef12afbd8f", "transport_zone_profile_ids": [ { "profile_id": "52035bb3-ab02-4a08-9884-18631312e50a", "resource_type": "BfdHealthMonitoringProfile" } ] } ], "_revision": 0, "_create_time": 1415876516683, "_create_user": "admin", "_last_modified_user": "admin", "_last_modified_time": 1415876516683 } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

Delete a Transport Node Profile

Deletes the specified transport node profile. A transport node profile
can be deleted only when it is not attached to any compute collection.
Request:
Method:
DELETE
URI Path:
/api/v1/transport-node-profiles/<transport-node-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/transport-node-profiles/97a8c255-0dea-4561-8054-4d5027d8e19d Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Update a Transport Node Profile

When configurations of a transport node profile(TNP) is updated, all the
transport nodes in all the compute collections to which this TNP is attached
are updated to reflect the updated configuration.
Request:
Method:
PUT
URI Path:
/api/v1/transport-node-profiles/<transport-node-profile-id>
Request Headers:
n/a
Query Parameters:
TransportNodeUpdateParameters+
Request Body:
TransportNodeProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/transport-node-profiles/77816de2-39c3-436c-b891-54d31f580961 { "resource_type": "TransportNodeProfile", "id": "77816de2-39c3-436c-b891-54d31f580961", "display_name": "Transport Node Profile For Finance Department Cluster", "description": "Transport Node Profile to be applied to cluster", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "ip_assignment_spec": { "resource_type": "StaticIpPoolSpec", "ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92", "vmk_install_migration": [ { "device_name": "vmk1", "destination_network": "849e339e-64b7-47cb-9480-33068f70dc5a" }, { "device_name": "vmk2", "destination_network": "849e339e-64b7-47cb-9480-33068f70dc5a" } ], "vmk_uninstall_migration": [ ] } ] }, "transport_zone_endpoints": [ { "transport_zone_id": "e14c6b8a-9edd-489f-b624-f9ef12afbd8f" } ], "_create_time": 1485299990773, "_last_modified_user": "admin", "_last_modified_time": 1485301913130, "_create_user": "admin", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNodeProfile+

Example Response: { "resource_type": "TransportNodeProfile", "id": "77816de2-39c3-436c-b891-54d31f580961", "display_name": "Transport Node Profile For Finance Department Cluster", "description": "Transport Node Profile to be applied to a cluster", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "ip_assignment_spec": { "resource_type": "StaticIpPoolSpec", "ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92", "vmk_install_migration": [ { "device_name": "vmk1", "destination_network": "849e339e-64b7-47cb-9480-33068f70dc5a" }, { "device_name": "vmk2", "destination_network": "849e339e-64b7-47cb-9480-33068f70dc5a" } ], "vmk_uninstall_migration": [ ] } ] }, "transport_zone_endpoints": [ { "transport_zone_id": "e14c6b8a-9edd-489f-b624-f9ef12afbd8f" } ], "_create_time": 1485299990773, "_last_modified_user": "admin", "_last_modified_time": 1485301913130, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Management Plane API: Network Transport: Transport Nodes

Associated URIs:

List compute collection transportnode templates (Deprecated)

Returns all eligible compute collection transportnode templates Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead. Request:
Method:
GET
URI Path:
/api/v1/compute-collection-transport-node-templates
Request Headers:
n/a
Query Parameters:
TransportNodeTemplateListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/compute-collection-transport-node-templates?compute_collection_id=163a7-254bc-11e4-8740-0982e28ad727 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNodeTemplateListResult+

Example Response: { "results": [{ "resource_type": "ComputeCollectionTransportNodeTemplate", "description": "Compute Collection Transport Node Template 1", "id": "46ea1ae3-b067-4985-bd9e-6e1d4b1b2ec1", "display_name": "TNTemplate-1", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "0a26d126-7116-11e5-9d70-feff819cdc9f", "key": "UplinkHostSwitchProfile" } ], "host_switch_name": "hs-1", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink-1" } ], "ip_assignment_spec": { "resource_type": "AssignedByDhcp" } } ] }, "compute_collection_ids": [ "33dbf426-c282-42a0-9ae2-5e924b8a78b4:domain-c38" ], "transport_zone_endpoints": [ { "transport_zone_id": "0840e9c6-3c7b-46a9-aea7-82bb1190709d" } ], "_create_user": "admin", "_create_time": 1495147708462, "_last_modified_user": "admin", "_last_modified_time": 1495147708462, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }] } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

Create transport node template for compute collection. (Deprecated)

If automated transport node creation is configured on compute collection, this template will serve as the default setting for transport node creation. Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead. Request:
Method:
POST
URI Path:
/api/v1/compute-collection-transport-node-templates
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ComputeCollectionTransportNodeTemplate+

Example Request: POST https://<nsx-mgr>/api/v1/compute-collection-transport-node-templates { "resource_type": "ComputeCollectionTransportNodeTemplate", "display_name": "TNTemplate-1", "description": "Compute Collection Transport Node Template 1", "compute_collection_ids": [ "33dbf426-c282-42a0-9ae2-5e924b8a78b4:domain-c38" ], "transport_zone_endpoints": [{ "transport_zone_id": "0840e9c6-3c7b-46a9-aea7-82bb1190709d", }], "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [{ "host_switch_name": "hs-1", "host_switch_profile_ids": [{ "value": "0a26d126-7116-11e5-9d70-feff819cdc9f", "key": "UplinkHostSwitchProfile" }], "pnics": [{ "device_name": "vmnic1", "uplink_name": "uplink-1" }], "ip_assignment_spec": { "resource_type": "AssignedByDhcp" } }] } } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ComputeCollectionTransportNodeTemplate+

Example Response: { "resource_type": "ComputeCollectionTransportNodeTemplate", "description": "Compute Collection Transport Node Template 1", "id": "46ea1ae3-b067-4985-bd9e-6e1d4b1b2ec1", "display_name": "TNTemplate-1", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "0a26d126-7116-11e5-9d70-feff819cdc9f", "key": "UplinkHostSwitchProfile" } ], "host_switch_name": "hs-1", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink-1" } ], "ip_assignment_spec": { "resource_type": "AssignedByDhcp" } } ] }, "compute_collection_ids": [ "33dbf426-c282-42a0-9ae2-5e924b8a78b4:domain-c38" ], "transport_zone_endpoints": [ { "transport_zone_id": "0840e9c6-3c7b-46a9-aea7-82bb1190709d" } ], "_create_user": "admin", "_create_time": 1495147708462, "_last_modified_user": "admin", "_last_modified_time": 1495147708462, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Get compute collection transportnode template by id (Deprecated)

Returns compute collection transportnode template by id Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead. Request:
Method:
GET
URI Path:
/api/v1/compute-collection-transport-node-templates/<template-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/compute-collection-transport-node-templates/46ea1ae3-b067-4985-bd9e-6e1d4b1b2ec1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeCollectionTransportNodeTemplate+

Example Response: { "resource_type": "ComputeCollectionTransportNodeTemplate", "description": "Compute Collection Transport Node Template 1", "id": "46ea1ae3-b067-4985-bd9e-6e1d4b1b2ec1", "display_name": "TNTemplate-1", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "0a26d126-7116-11e5-9d70-feff819cdc9f", "key": "UplinkHostSwitchProfile" } ], "host_switch_name": "hs-1", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink-1" } ], "ip_assignment_spec": { "resource_type": "AssignedByDhcp" } } ] }, "compute_collection_ids": [ "33dbf426-c282-42a0-9ae2-5e924b8a78b4:domain-c38" ], "transport_zone_endpoints": [ { "transport_zone_id": "0840e9c6-3c7b-46a9-aea7-82bb1190709d" } ], "_create_user": "admin", "_create_time": 1495147708462, "_last_modified_user": "admin", "_last_modified_time": 1495147708462, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

Delete a compute collection transport node template (Deprecated)

Delete the specified compute collection transport node template. Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead. Request:
Method:
DELETE
URI Path:
/api/v1/compute-collection-transport-node-templates/<template-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/compute-collection-transport-node-templates/97a8c-8e19d Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Update compute collection transportnode template (Deprecated)

Update configuration of compute collection transportnode template.
Compute_collection_id isn't allowed to be changed since it represents
the association between ComputeCollection and this template. This is
determined when ComputeCollectionTransportNodeTemplate got created.
Note- transport node templates APIs are deprecated and user is
recommended to use transport node profiles APIs instead.
Request:
Method:
PUT
URI Path:
/api/v1/compute-collection-transport-node-templates/<template-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ComputeCollectionTransportNodeTemplate+

Example Request: PUT https://<nsx-mgr>/api/v1/compute-collection-transport-node-templates/46ea1ae3-b067-4985-bd9e-6e1d4b1b2ec1 { "resource_type": "ComputeCollectionTransportNodeTemplate", "display_name": "TNTemplate-2", "description": "Compute Collection Transport Node Template 1", "compute_collection_ids": [ "33dbf426-c282-42a0-9ae2-5e924b8a78b4:domain-c38" ], "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [{ "host_switch_name": "hs-1", "host_switch_profile_ids": [{ "value": "0a26d126-7116-11e5-9d70-feff819cdc9f", "key": "UplinkHostSwitchProfile" }], "pnics": [{ "device_name": "vmnic1", "uplink_name": "uplink-1" }], "ip_assignment_spec": { "resource_type": "AssignedByDhcp" } }] }, "transport_zone_endpoints": [{ "transport_zone_id": "0840e9c6-3c7b-46a9-aea7-82bb1190709d" }], "_revision": 0 } example_response: | { "resource_type": "ComputeCollectionTransportNodeTemplate", "description": "Compute Collection Transport Node Template 1", "id": "46ea1ae3-b067-4985-bd9e-6e1d4b1b2ec1", "display_name": "TNTemplate-2", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "0a26d126-7116-11e5-9d70-feff819cdc9f", "key": "UplinkHostSwitchProfile" } ], "host_switch_name": "hs-1", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink-1" } ], "ip_assignment_spec": { "resource_type": "AssignedByDhcp" } } ], }, "compute_collection_ids": [ "33dbf426-c282-42a0-9ae2-5e924b8a78b4:domain-c38" ], "transport_zone_endpoints": [ { "transport_zone_id": "0840e9c6-3c7b-46a9-aea7-82bb1190709d" } ], "_last_modified_user": "admin", "_last_modified_time": 1495149198839, "_protection": "NOT_PROTECTED", "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeCollectionTransportNodeTemplate+

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Get compute collection transportnode template application states (Deprecated)

Returns detailed transport node states for this compute collection Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead. Request:
Method:
GET
URI Path:
/api/v1/compute-collection-transport-node-templates/<template-id>/state
Request Headers:
n/a
Query Parameters:
TransportNodeTemplateStateParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/compute-collection-transport-node-templates/<template-id>/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeCollectionTransportNodeTemplateStateList+

Example Response: { "results": [ { "compute_collection_id": "e2e55778-c95d-11e6-9d5f-bb34ca5fd2c8:domain-c8", "transport_node_states": [ { "node_id": "b342511e-d0b4-475c-89f4-edfb7a494437", "creation_state": "FAILED_TO_CREATE" }, { "node_id": "9ec4e9e1-ae56-4b04-8ee7-836d7216c81b", "transport_node_id": "ed4d2f98-4373-4d67-9706-5ec3af7fcba1", "creation_state": "SUCCESS" }, }, ], } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

List LLDP Neighbor Properties of Transport Node

List LLDP Neighbor Properties for all interfaces of Transport Node
Request:
Method:
GET
URI Path:
/api/v1/lldp/transport-nodes/<node-id>/interfaces
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/lldp/transport-nodes/ed4d2f98-4373-4d67-9706-5ec3af7fcba1/interfaces Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
InterfaceNeighborPropertyListResult+

Example Response: { "result_count": 6, "results": [ { "neighbors": [ {} ], "name": "vmnic0", "mac": "54:9f:35:0b:d0:84", "_schema": "/v1/schema/InterfaceNeighborProperties" }, { "neighbors": [ { "mgmt_addr": "192.168.1.2", "capabilities": "Bridge, Router", "system_name": "vpodswitch.corp.local", "name": "Gi1/22", "system_desc": "unknown", "port_desc": "GigabitEthernet1/22", "enabled_capabilities": "Bridge, Router", "mac": "68:ef:bd:4e:98:55" } ], "name": "vmnic1", "mac": "54:9f:35:0b:d0:86", "_schema": "/v1/schema/InterfaceNeighborProperties" }, { "neighbors": [ {} ], "name": "vmnic2", "mac": "a0:36:9f:56:c4:cc", "_schema": "/v1/schema/InterfaceNeighborProperties" }, { "neighbors": [ {} ], "name": "vmnic3", "mac": "a0:36:9f:56:c4:cd", "_schema": "/v1/schema/InterfaceNeighborProperties" }, { "neighbors": [ {} ], "name": "vmnic4", "mac": "a0:36:9f:56:c4:ce", "_schema": "/v1/schema/InterfaceNeighborProperties" }, { "neighbors": [ {} ], "name": "vmnic5", "mac": "a0:36:9f:56:c4:cf", "_schema": "/v1/schema/InterfaceNeighborProperties" } ] } Required Permissions: read Feature: tools_lldp Additional Errors:

Read LLDP Neighbor Properties of Transport Node by Interface Name

Read LLDP Neighbor Properties for a specific interface of Transport Node
Request:
Method:
GET
URI Path:
/api/v1/lldp/transport-nodes/<node-id>/interfaces/<interface-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/lldp/transport-nodes/ed4d2f98-4373-4d67-9706-5ec3af7fcba1/interfaces/vmnic1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
InterfaceNeighborProperties+

Example Response: { "neighbors": [ { "mgmt_addr": "192.168.1.2", "capabilities": "Bridge, Router", "system_name": "vpodswitch.corp.local", "name": "Gi1/22", "system_desc": "unknown", "port_desc": "GigabitEthernet1/22", "enabled_capabilities": "Bridge, Router", "mac": "68:ef:bd:4e:98:55" } ], "name": "vmnic1", "mac": "54:9f:35:0b:d0:86", "_schema": "/v1/schema/InterfaceNeighborProperties" } Required Permissions: read Feature: tools_lldp Additional Errors:

Create a template of network migration specification. (Deprecated)

Network migration specification once created and can be used as a template to indicate associated component which networks should be migrated and where. Currently migration template can be associated with compute collections which are managed by vCenter host profiles, to trigger automatic migration of networks for Stateless ESX hosts. Currently we only support creation of HostProfileNetworkMigrationSpec type of specification. Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead. Request:
Method:
POST
URI Path:
/api/v1/network-migration-specs
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
HostProfileNetworkMigrationSpec+

Example Request: POST https://<nsx-mgr>/api/v1/network-migration-spec { "resource_type": "HostProfileNetworkMigrationSpec", "display_name": "HostProfile1-NetworkMigrationSpec", "description": "HostProfile1 - network migration specification", "network_mappings": [{ "src_interface_id": "vmk2", "dest_network_id": "b8eec3d6-825b-4740-a029-c643a8d4580c" }] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
HostProfileNetworkMigrationSpec+

Example Response: { "resource_type": "HostProfileNetworkMigrationSpec", "description": "HostProfile1 - network migration specification", "id": "2413aa3b-8494-4d7b-9473-ace8f1c964c7", "display_name": "HostProfile1-NetworkMigrationSpec", "network_mappings": [ { "dest_network_id": "b8eec3d6-825b-4740-a029-c643a8d4580c", "src_interface_id": "vmk2" } ], "_create_user": "admin", "_create_time": 1512010679724, "_last_modified_user": "admin", "_last_modified_time": 1512010679724, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

List all network migration specification templates. (Deprecated)

Network migration specification once created and can be used as a template to indicate associated component which networks should be migrated and where. Currently migration template can be associated with compute collections which are managed by vCenter host profiles, to trigger automatic migration of networks for Stateless ESX hosts. Currently we only support creation of HostProfileNetworkMigrationSpec type of specification. Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead. Request:
Method:
GET
URI Path:
/api/v1/network-migration-specs
Request Headers:
n/a
Query Parameters:
NetworkMigrationSpecListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/network-migration-specs Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NetworkMigrationSpecListResult+

Example Response: { "sort_ascending": true, "sort_by": "displayName", "result_count": 1, "results": [ { "resource_type": "HostProfileNetworkMigrationSpec", "description": "HostProfile1 - network migration specification", "id": "2413aa3b-8494-4d7b-9473-ace8f1c964c7", "display_name": "HostProfile1-NetworkMigrationSpec", "network_mappings": [ { "dest_network_id": "b8eec3d6-825b-4740-a029-c643a8d4580c", "src_interface_id": "vmk2" } ], "_create_user": "admin", "_create_time": 1512010679724, "_last_modified_user": "admin", "_last_modified_time": 1512010679724, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

Update a template of network migration specification. (Deprecated)

Network migration specification once created and can be used as a template to indicate associated component which networks should be migrated and where. Currently migration template can be associated with compute collections which are managed by vCenter host profiles, to trigger automatic migration of networks for Stateless ESX hosts. Currently we only support creation of HostProfileNetworkMigrationSpec type of specification. For a HostProfileNetworkMigrationSpec which is already associated with a compute collection, updating it would mean next time the system needs to trigger migration for hosts managed by compute collection, it will use the updated migration specification. Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead. Request:
Method:
PUT
URI Path:
/api/v1/network-migration-specs/<template-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
HostProfileNetworkMigrationSpec+

Example Request: PUT https://<nsx-mgr>/api/v1/network-migration-specs/2413aa3b-8494-4d7b-9473-ace8f1c964c7 { "resource_type": "HostProfileNetworkMigrationSpec", "description": "HostProfile1 - network migration specification - UPDATED", "id": "2413aa3b-8494-4d7b-9473-ace8f1c964c7", "display_name": "HostProfile1-NetworkMigrationSpec", "network_mappings": [ { "dest_network_id": "b8eec3d6-825b-4740-a029-c643a8d4580c", "src_interface_id": "vmk2" } ], "_create_user": "admin", "_create_time": 1512010679724, "_last_modified_user": "admin", "_last_modified_time": 1512010679724, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
HostProfileNetworkMigrationSpec+

Example Response: { "resource_type": "HostProfileNetworkMigrationSpec", "description": "HostProfile1 - network migration specification - UPDATED", "id": "2413aa3b-8494-4d7b-9473-ace8f1c964c7", "display_name": "HostProfile1-NetworkMigrationSpec", "network_mappings": [ { "dest_network_id": "b8eec3d6-825b-4740-a029-c643a8d4580c", "src_interface_id": "vmk2" } ], "_create_user": "admin", "_create_time": 1512010679724, "_last_modified_user": "admin", "_last_modified_time": 1512010903374, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Delete a network migration specification template (Deprecated)

Delete the specified network migration specification template. Delete will fail if this is a HostProfileNetworkMigrationSpec and is associated with certain compute collection. Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead. Request:
Method:
DELETE
URI Path:
/api/v1/network-migration-specs/<template-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/network-migration-specs/2413aa3b-8494-4d7b-9473-ace8f1c964c7 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Get network migration specification template by id. (Deprecated)

Network migration specification once created and can be used as a template to indicate associated component which networks should be migrated and where. Currently migration template can be associated with compute collections which are managed by vCenter host profiles, to trigger automatic migration of networks for Stateless ESX hosts. Currently we only support creation of HostProfileNetworkMigrationSpec type of specification. Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead. Request:
Method:
GET
URI Path:
/api/v1/network-migration-specs/<template-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/network-migration-specs/2413aa3b-8494-4d7b-9473-ace8f1c964c7 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
HostProfileNetworkMigrationSpec+

Example Response: { "resource_type": "HostProfileNetworkMigrationSpec", "description": "HostProfile1 - network migration specification", "id": "2413aa3b-8494-4d7b-9473-ace8f1c964c7", "display_name": "HostProfile1-NetworkMigrationSpec", "network_mappings": [ { "dest_network_id": "b8eec3d6-825b-4740-a029-c643a8d4580c", "src_interface_id": "vmk2" } ], "_create_user": "admin", "_create_time": 1512010679724, "_last_modified_user": "admin", "_last_modified_time": 1512010679724, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

Create a Transport Node

Transport nodes are hypervisor hosts and NSX Edges that will participate
in an NSX-T overlay. For a hypervisor host, this means that it hosts
VMs that will communicate over NSX-T logical switches. For NSX Edges,
this means that it will have logical router uplinks and downlinks.

This API creates transport node for a host node (hypervisor) or edge node
(router) in the transport network.

When you run this command for a host, NSX Manager attempts to install the
NSX kernel modules, which are packaged as VIB, RPM, or DEB files. For the
installation to succeed, you must provide the host login credentials and the
host thumbprint.

To get the ESXi host thumbprint, SSH to the host and run the
openssl x509 -in /etc/vmware/ssl/rui.crt -fingerprint -sha256 -noout
command.

To generate host key thumbprint using SHA-256 algorithm please follow the
steps below.

Log into the host, making sure that the connection is not vulnerable to a
man in the middle attack. Check whether a public key already exists.
Host public key is generally located at '/etc/ssh/ssh_host_rsa_key.pub'.
If the key is not present then generate a new key by running the following
command and follow the instructions.

ssh-keygen -t rsa

Now generate a SHA256 hash of the key using the following command. Please
make sure to pass the appropriate file name if the public key is stored with
a different file name other than the default 'id_rsa.pub'.

awk '{print $2}' id_rsa.pub | base64 -d | sha256sum -b | sed 's/ .*$//' | xxd -r -p | base64
This api is deprecated as part of FN+TN unification. Please use Transport Node API
to install NSX components on a node.

Additional documentation on creating a transport node can be found
in the NSX-T Installation Guide.

In order for the transport node to forward packets,
the host_switch_spec property must be specified.

Host switches (called bridges in OVS on KVM hypervisors) are the
individual switches within the host virtual switch. Virtual machines
are connected to the host switches.

When creating a transport node, you need to specify if the host switches
are already manually preconfigured on the node, or if NSX should create
and manage the host switches. You specify this choice by the type
of host switches you pass in the host_switch_spec property of the
TransportNode request payload.

For a KVM host, you can preconfigure the host switch, or you can have
NSX Manager perform the configuration. For an ESXi host or NSX Edge
node, NSX Manager always configures the host switch.

To preconfigure the host switches on a KVM host, pass an array
of PreconfiguredHostSwitchSpec objects that describes those host
switches. In the current NSX-T release, only one prefonfigured host
switch can be specified. See the PreconfiguredHostSwitchSpec schema
definition for documentation on the properties that must be provided.
Preconfigured host switches are only supported on KVM hosts, not on
ESXi hosts or NSX Edge nodes.

To allow NSX to manage the host switch configuration on KVM hosts,
ESXi hosts, or NSX Edge nodes, pass an array of StandardHostSwitchSpec
objects in the host_switch_spec property, and NSX will automatically
create host switches with the properties you provide. In the current
NSX-T release, up to 5 host switches can be automatically managed.
See the StandardHostSwitchSpec schema definition for documentation on
the properties that must be provided.

Note: previous versions of NSX-T used a property named host_switches
to specify the host switch configuration on the transport node. That
property is deprecated, but still functions. You should configure new
host switches using the host_switch_spec property.

The request should either provide node_deployement_info or node_id.

If the host node (hypervisor) or edge node (router) is already added in
system then it can be converted to transport node by providing node_id in
request.

If host node (hypervisor) or edge node (router) is not already present in
system then information should be provided under node_deployment_info.
Request:
Method:
POST
URI Path:
/api/v1/transport-nodes
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TransportNode+

Example Request: POST https://<nsx-mgr>/api/v1/transport-nodes { "host_switch_spec":{ "host_switches":[ { "host_switch_name":"nsxvswitch", "host_switch_profile_ids":[ { "key":"UplinkHostSwitchProfile", "value":"d3556a6a-9a8a-4ffd-a7f4-1f647044e195" }, { "key":"LldpHostSwitchProfile", "value":"9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb" } ], "pnics":[ { "device_name":"fp-eth1", "uplink_name":"uplink1" } ], "ip_assignment_spec":{ "ip_pool_id":"1b261770-043e-4de0-a26f-9ae75bbb5857", "resource_type":"StaticIpPoolSpec" } } ], "resource_type":"StandardHostSwitchSpec" }, "transport_zone_endpoints":[ { "transport_zone_id":"ccc808be-4d59-40e2-b801-2e550e9a3ecc", "transport_zone_profile_ids":[ { "resource_type":"BfdHealthMonitoringProfile", "profile_id":"52035bb3-ab02-4a08-9884-18631312e50a" } ] } ], "node_deployment_info":{ "deployment_config":{ "vm_deployment_config":{ "vc_id":"62c97633-e0f2-4a4e-b68e-5cf4f764b9f2", "compute_id":"domain-c8", "storage_id":"datastore-09", "management_network_id":"network-15", "hostname":"main-edge", "data_network_ids":[ "network-15", "network-15", "network-15" ], "placement_type":"VsphereDeploymentConfig" }, "form_factor":"SMALL", "node_user_settings":{ "cli_username":"admin", "root_password":"Admin!23Admin", "cli_password":"Admin!23Admin" } }, "resource_type":"EdgeNode" }, "resource_type":"TransportNode", "display_name":"main-edge" } example_response: | { "node_id": "f049ed71-44d1-4ee3-aab3-9945c184188f", "host_switches": [ { "host_switch_name": "nsxvswitch", "host_switch_profile_ids": [ { "key": "UplinkHostSwitchProfile", "value": "d3556a6a-9a8a-4ffd-a7f4-1f647044e195" }, { "key": "LldpHostSwitchProfile", "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb" } ], "pnics": [ { "device_name": "fp-eth1", "uplink_name": "uplink1" } ], "static_ip_pool_id": "1b261770-043e-4de0-a26f-9ae75bbb5857" } ], "host_switch_spec": { "host_switches": [ { "host_switch_name": "nsxvswitch", "host_switch_profile_ids": [ { "key": "UplinkHostSwitchProfile", "value": "d3556a6a-9a8a-4ffd-a7f4-1f647044e195" }, { "key": "LldpHostSwitchProfile", "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb" } ], "pnics": [ { "device_name": "fp-eth1", "uplink_name": "uplink1" } ], "is_migrate_pnics": false, "ip_assignment_spec": { "ip_pool_id": "1b261770-043e-4de0-a26f-9ae75bbb5857", "resource_type": "StaticIpPoolSpec" }, "cpu_config": [], "vmk_install_migration": [], "pnics_uninstall_migration": [], "vmk_uninstall_migration": [], "not_ready": false } ], "resource_type": "StandardHostSwitchSpec" }, "transport_zone_endpoints": [ { "transport_zone_id": "ccc808be-4d59-40e2-b801-2e550e9a3ecc", "transport_zone_profile_ids": [ { "resource_type": "BfdHealthMonitoringProfile", "profile_id": "52035bb3-ab02-4a08-9884-18631312e50a" } ] } ], "maintenance_mode": "DISABLED", "node_deployment_info": { "deployment_config": { "vm_deployment_config": { "vc_id": "62c97633-e0f2-4a4e-b68e-5cf4f764b9f2", "compute_id": "domain-c8", "storage_id": "datastore-09", "management_network_id": "network-15", "hostname": "statEdge", "data_network_ids": [ "network-15", "network-15", "network-15" ], "enable_ssh": false, "allow_ssh_root_login": false, "placement_type": "VsphereDeploymentConfig" }, "form_factor": "SMALL", "node_user_settings": { "cli_username": "admin" } }, "node_settings": { "hostname": "statEdge", "enable_ssh": false, "allow_ssh_root_login": false }, "resource_type": "EdgeNode", "id": "f049ed71-44d1-4ee3-aab3-9945c184188f", "display_name": "statEdgeas1", "external_id": "f049ed71-44d1-4ee3-aab3-9945c184188f", "_create_user": "admin", "_create_time": 1554291902909, "_last_modified_user": "admin", "_last_modified_time": 1554291902909, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, "is_overridden": false, "failure_domain_id": "4fc1e3b0-1cd4-4339-86c8-f76baddbaafb", "resource_type": "TransportNode", "id": "f049ed71-44d1-4ee3-aab3-9945c184188f", "display_name": "statEdgeas1", "_create_user": "admin", "_create_time": 1554291903244, "_last_modified_user": "admin", "_last_modified_time": 1554291903244, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
TransportNode+

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

List Transport Nodes

Returns information about all transport nodes along with underlying host or
edge details. A transport node is a host or edge that contains hostswitches.
A hostswitch can have virtual machines connected to them.

Because each transport node has hostswitches, transport nodes can also have
virtual tunnel endpoints, which means that they can be part of the overlay.
Request:
Method:
GET
URI Path:
/api/v1/transport-nodes
Request Headers:
n/a
Query Parameters:
TransportNodeListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNodeListResult+

Example Response: { "results": [ { "_revision": 0, "id": "5d08120f-98ff-4a56-8539-03797a6349ea", "resource_type": "TransportNode", "node_id": "f6aaa48c-6b22-11e4-8740-0982e28ad727", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "ip_assignment_spec": { "resource_type": "StaticIpPoolSpec", "ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92", }, "vmk_install_migration": [ { "device_name": "vmk1", "destination_network": "849e339e-64b7-47cb-9480-33068f70dc5a" } ], "vmk_uninstall_migration": [ ] } ] }, "transport_zone_endpoints": [ { "transport_zone_id": "b540cabf-b106-47d0-b2ea-698383b3e202" } ], "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "static_ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92" } ], "node_deployment_info": { "resource_type": "HostNode", "display_name": "Host ABC123", "fqdn": "host-abc-123.eng.abc.com", "id": "cf1f01db-e5b3-4688-9c1e-5f47d335fb01", "ip_addresses": [ "192.168.210.54" ], "external_id": "cf1f01db-e5b3-4688-9c1e-5f47d335fb01", "discovered_ip_addresses": [ "192.168.210.54" ], "os_type": "ESXI", "os_version": "6.0.0", "managed_by_server": "192.168.110.24", "_create_time": 1446577081344, "_last_modified_user": "admin", "_last_modified_time": 1446577081344, "_create_user": "admin", "_revision": 0 }, "_create_time": 1415876516683, "_create_user": "admin", "_last_modified_user": "admin", "_last_modified_time": 1415876516683 }, { "_revision": 0, "id": "a601679e-4f0f-4d96-85c3-094e468ae60e", "resource_type": "TransportNode", "node_id": "238c11f3-6b23-11e4-9e4e-af64a47125ff", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" }, { "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb", "key": "LldpHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "ip_assignment_spec": { "resource_type": "StaticIpPoolSpec", "ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92", "vmk_install_migration": [ { "device_name": "vmk1", "destination_network": "849e339e-64b7-47cb-9480-33068f70dc5a" } ], "vmk_uninstall_migration": [ ] } ] }, "transport_zone_endpoints": [ { "transport_zone_id": "b540cabf-b106-47d0-b2ea-698383b3e202" } ], "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" }, { "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb", "key": "LldpHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "static_ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92" } ], "node_deployment_info": { "resource_type": "HostNode", "display_name": "Host ABC123", "fqdn": "host-abc-123.eng.abc.com", "id": "cf1f01db-e5b3-4688-9c1e-5f47d335fb01", "ip_addresses": [ "192.168.210.54" ], "external_id": "cf1f01db-e5b3-4688-9c1e-5f47d335fb01", "discovered_ip_addresses": [ "192.168.210.54" ], "os_type": "ESXI", "os_version": "6.0.0", "managed_by_server": "192.168.110.24", "_create_time": 1446577081344, "_last_modified_user": "admin", "_last_modified_time": 1446577081344, "_create_user": "admin", "_revision": 0 }, "_create_time": 1415876516522, "_create_user": "admin", "_last_modified_user": "admin", "_last_modified_time": 1415876516522 } ] } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

Get the module details of a transport node

Request:
Method:
GET
URI Path:
/api/v1/transport-nodes/<node-id>/modules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes/8538f119-ba45-4fb1-9cf1-ee849e4cf168/modules Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SoftwareModuleResult+

Example Response: { "software_modules": [ { "module_name": "nsx-aggservice", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsx-da", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsx-esx-datapath", "module_version": "1.1.0.0.0-4320347" }, { "module_name": "nsx-exporter", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsx-host", "module_version": "1.1.0.0.0-4320389" }, { "module_name": "nsx-lldp", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsx-mpa", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsx-netcpa", "module_version": "1.1.0.0.0-4320340" }, { "module_name": "nsx-python-protobuf", "module_version": "2.4.1-1" }, { "module_name": "nsx-sfhc", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsx-support-bundle-client", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsxa", "module_version": "1.1.0.0.0-4320344" }, { "module_name": "nsxcli", "module_version": "1.1.0.0.0-4320339" } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get high-level summary of a transport node

Request:
Method:
GET
URI Path:
/api/v1/transport-nodes/<node-id>/pnic-bond-status
Request Headers:
n/a
Query Parameters:
PnicBondFilter+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes/37b481c8-dd1e-4e17-bb2b8/pnic-bond-status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PnicBondStatusListResult+

Example Response: { "results": [ { "name": "pnic0", "status":"UP", "type": "PNIC" }, { "name": "pnic1", "status":"DOWN", "type": "PNIC" } ] } Required Permissions: read Feature: tools_heatmap Additional Errors:

Read status of all transport nodes with tunnel connections to transport node

Request:
Method:
GET
URI Path:
/api/v1/transport-nodes/<node-id>/remote-transport-node-status
Request Headers:
n/a
Query Parameters:
RemoteTransportNodeStatusParametersWithDataSource+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes/30bf2379-0b83-4951-9347-befcefc17efc/remote-transport-node-status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNodeStatusListResult+

Example Response: { "result_count": 1, "results": [ { "control_connection_status": { "degraded_count": 0, "down_count": 0, "up_count": 1, "status": "UP" }, "tunnel_status": { "down_count": 0, "up_count": 1, "status": "UP", "bfd_status": { "bfd_admin_down_count": 0, "bfd_up_count": 1, "bfd_init_count": 0, "bfd_down_count": 0 }, "bfd_diagnostic": { "echo_function_failed_count": 0, "no_diagnostic_count": 1, "path_down_count": 0, "administratively_down_count": 0, "control_detection_time_expired_count": 0, "forwarding_plane_reset_count": 0, "reverse_concatenated_path_down_count": 0, "neighbor_signaled_session_down_count": 0, "concatenated_path_down_count": 0 } }, "pnic_status": { "degraded_count": 0, "down_count": 0, "up_count": 2, "status": "UP" }, "threat_status": { "status": "NORMAL" }, "agent_status": { "status": "UP", "up_count: 2 "down_count": 0, "agents": [ { "name": "NSX_AGENT", "stauts": "UP" }, { "name": "NSX_NESTDB", "stauts": "UP" } ] }, "node_status": { "last_heartbeat_timestamp": 1446675283540, "lcp_connectivity_status": "UP", "mpa_connectivity_status": "UP", "system_status": { "mem_used": 2551264, "system_time": 1446649452000, "file_systems": [ { "file_system": "root", "total": 32768, "used": 476, "type": "ramdisk", "mount": "/" }, { "file_system": "etc", "total": 28672, "used": 220, "type": "ramdisk", "mount": "/etc" }, { "file_system": "opt", "total": 32768, "used": 1040, "type": "ramdisk", "mount": "/opt" }, { "file_system": "var", "total": 49152, "used": 1196, "type": "ramdisk", "mount": "/var" }, { "file_system": "tmp", "total": 262144, "used": 24136, "type": "ramdisk", "mount": "/tmp" }, { "file_system": "hostdstats", "total": 302080, "used": 2072, "type": "ramdisk", "mount": "/var/lib/vmware/hostd/stats" } ], "load_average": [ 0.17000000178813934, 0.17000000178813934, 0.15000000596046448 ], "swap_total": 0, "mem_cache": 0, "cpu_cores": 16, "source": "cached", "mem_total": 25119208, "swap_used": 0, "uptime": 7213000 }, "last_sync_time": 1473837914408, "mpa_connectivity_status_details": "Client is responding to heartbeats", "software_version": "1.1.0.0.0.3195008", "host_node_deployment_status": "INSTALL_SUCCESSFUL", "lcp_connectivity_status_details": [ { "control_node_ip": "192.168.110.34", "failure_status": "UNKNOWN_FAILURE_STATUS", "status": "UP" } ], "inventory_sync_paused": false }, "mgmt_connection_status": "UP", "node_uuid": "e8d0d75c-4f39-11e7-b9d7-5d1bfa96a140", "status": "UP" } ] } Required Permissions: read Feature: tools_heatmap Additional Errors:

Read status of a transport node

Request:
Method:
GET
URI Path:
/api/v1/transport-nodes/<node-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes/07cd4582-189c-11e7-b77f-7f1dfdccba5e/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNodeStatus+

Example Response: { "control_connection_status" : { "degraded_count" : 0, "down_count" : 0, "up_count" : 1, "status" : "UP" }, "tunnel_status" : { "down_count" : 0, "up_count" : 0, "status" : "DOWN", "bfd_status" : { "bfd_admin_down_count" : 0, "bfd_up_count" : 0, "bfd_init_count" : 0, "bfd_down_count" : 0 }, "bfd_diagnostic" : { "echo_function_failed_count" : 0, "no_diagnostic_count" : 0, "path_down_count" : 0, "administratively_down_count" : 0, "control_detection_time_expired_count" : 0, "forwarding_plane_reset_count" : 0, "reverse_concatenated_path_down_count" : 0, "neighbor_signaled_session_down_count" : 0, "concatenated_path_down_count" : 0 } }, "pnic_status" : { "degraded_count" : 0, "down_count" : 0, "up_count" : 2, "status" : "UP" }, "threat_status": { "status": "NORMAL" }, "agent_status": { "status": "UP", "up_count: 2 "down_count": 0, "agents": [ { "name": "NSX_AGENT", "stauts": "UP" }, { "name": "NSX_NESTDB", "stauts": "UP" } ] }, "node_status": { "last_heartbeat_timestamp": 1446675283540, "lcp_connectivity_status": "UP", "mpa_connectivity_status": "UP", "system_status": { "mem_used": 2551264, "system_time": 1446649452000, "file_systems": [ { "file_system": "root", "total": 32768, "used": 476, "type": "ramdisk", "mount": "/" }, { "file_system": "etc", "total": 28672, "used": 220, "type": "ramdisk", "mount": "/etc" }, { "file_system": "opt", "total": 32768, "used": 1040, "type": "ramdisk", "mount": "/opt" }, { "file_system": "var", "total": 49152, "used": 1196, "type": "ramdisk", "mount": "/var" }, { "file_system": "tmp", "total": 262144, "used": 24136, "type": "ramdisk", "mount": "/tmp" }, { "file_system": "hostdstats", "total": 302080, "used": 2072, "type": "ramdisk", "mount": "/var/lib/vmware/hostd/stats" } ], "load_average": [ 0.17000000178813934, 0.17000000178813934, 0.15000000596046448 ], "swap_total": 0, "mem_cache": 0, "cpu_cores": 16, "source": "cached", "mem_total": 25119208, "swap_used": 0, "uptime": 7213000 }, "last_sync_time": 1473837914408, "mpa_connectivity_status_details": "Client is responding to heartbeats", "software_version": "1.1.0.0.0.3195008", "host_node_deployment_status": "INSTALL_SUCCESSFUL", "lcp_connectivity_status_details": [ { "control_node_ip": "192.168.110.34", "failure_status": "UNKNOWN_FAILURE_STATUS", "status": "UP" } ], "inventory_sync_paused": false }, "mgmt_connection_status" : "UP", "node_uuid" : "07cd4582-189c-11e7-b77f-7f1dfdccba5e", "status" : "DOWN" } Required Permissions: read Feature: tools_heatmap Additional Errors:

List of tunnels

Request:
Method:
GET
URI Path:
/api/v1/transport-nodes/<node-id>/tunnels
Request Headers:
n/a
Query Parameters:
QueryTunnelParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes/9e2c8d44-6a21-47e4-97a7-e62d6d0ea56f/tunnels Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TunnelList+

Example Response: { "cursor": "00011", "result_count": 1, "tunnels": [ { "local_ip": "192.168.250.101", "bfd": { "remote_state": "UP", "remote_diagnostic": "CONTROL_DETECTION_TIME_EXPIRED", "active": true, "state": "UP", "forwarding": true, "diagnostic": "NEIGHBOR_SIGNALED_SESSION_DOWN" }, "remote_ip": "192.168.250.100", "egress_interface": "vmk10", "name": "stt3232299620", "encap": "STT", "status": "UP", "remote_node_id": "4fa0d456-627d-4b62-9bfe-585d585dab1a" } ] } Required Permissions: read Feature: nodes_tunnels Additional Errors:

Tunnel properties

Request:
Method:
GET
URI Path:
/api/v1/transport-nodes/<node-id>/tunnels/<tunnel-name>
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes/9e2c8d44-6a21-47e4-97a7-e62d6d0ea56f/tunnels/stt3232299620 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TunnelProperties+

Example Response: { "local_ip": "192.168.250.101", "bfd": { "remote_state": "DOWN", "remote_diagnostic": "CONTROL_DETECTION_TIME_EXPIRED", "active": true, "state": "INIT", "forwarding": false, "diagnostic": "NEIGHBOR_SIGNALED_SESSION_DOWN" }, "remote_ip": "192.168.250.100", "egress_interface": "vmk10", "name": "stt3232299620", "encap": "STT", "status": "DOWN", "remote_node_id": "4fa0d456-627d-4b62-9bfe-585d585dab1a" } Required Permissions: read Feature: nodes_tunnels Additional Errors:

Delete a Transport Node

Deletes the specified transport node. Query param force can be used to
force delete the host nodes. Force deletion of edge and public cloud
gateway nodes is not supported.

It also removes the specified node (host or edge) from system.
If unprepare_host option is set to false, then host will be deleted
without uninstalling the NSX components from the host.
Request:
Method:
DELETE
URI Path:
/api/v1/transport-nodes/<transport-node-id>
Request Headers:
n/a
Query Parameters:
TransportNodeDeleteParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/transport-nodes/97a8c255-0dea-4561-8054-4d5027d8e19d DELETE https://<nsx-mgr>/api/v1/transport-nodes/97a8c255-0dea-4561-8054-4d5027d8e19d?force=true Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Get a Transport Node

Returns information about a specified transport node. Request:
Method:
GET
URI Path:
/api/v1/transport-nodes/<transport-node-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes/77816de2-39c3-436c-b891-54d31f580961 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNode+

Example Response: { "resource_type": "TransportNode", "description": "Updated NSX configured Test Transport Node", "id": "77816de2-39c3-436c-b891-54d31f580961", "display_name": "NSX Configured TN", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" }, { "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb", "key": "LldpHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "ip_assignment_spec": { "resource_type": "StaticIpPoolSpec", "ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92" }, "vmk_install_migration": [ { "device_name": "vmk1", "destination_network": "849e339e-64b7-47cb-9480-33068f70dc5a" } ], "vmk_uninstall_migration": [ ] } ] }, "transport_zone_endpoints": [ { "transport_zone_id": "e14c6b8a-9edd-489f-b624-f9ef12afbd8f", "transport_zone_profile_ids": [ { "profile_id": "52035bb3-ab02-4a08-9884-18631312e50a", "resource_type": "BfdHealthMonitoringProfile" } ] } ], "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" }, { "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb", "key": "LldpHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "static_ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92" } ], "node_id": "41a4eebd-d6b9-11e6-b722-875041b9955d", "node_deployment_info": { "resource_type": "HostNode", "display_name": "Host ABC123", "fqdn": "host-abc-123.eng.abc.com", "id": "cf1f01db-e5b3-4688-9c1e-5f47d335fb01", "ip_addresses": [ "192.168.210.54" ], "external_id": "cf1f01db-e5b3-4688-9c1e-5f47d335fb01", "discovered_ip_addresses": [ "192.168.210.54" ], "os_type": "ESXI", "os_version": "6.0.0", "managed_by_server": "192.168.110.24", "_create_time": 1446577081344, "_last_modified_user": "admin", "_last_modified_time": 1446577081344, "_create_user": "admin", "_revision": 0 }, "_create_time": 1485299990773, "_last_modified_user": "admin", "_last_modified_time": 1485301913130, "_create_user": "admin", "_revision": 1 } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

Update a Transport Node

Modifies the transport node information. The host_switch_name field
must match the host_switch_name value specified in the transport zone
(API: transport-zones). You must create the associated uplink profile
(API: host-switch-profiles) before you can specify an uplink_name here.
If the host is an ESX and has only one physical NIC being used by a vSphere
standard switch, TransportNodeUpdateParameters should be used to migrate
the management interface and the physical NIC into a logical switch that
is in a transport zone this transport node will join or has already joined.
If the migration is already done, TransportNodeUpdateParameters can also be
used to migrate the management interface and the physical NIC back to a
vSphere standard switch.
In other cases, the TransportNodeUpdateParameters should NOT be used.
When updating transport node you should follow pattern where you should
fetch the existing transport node and then only modify the required
properties keeping other properties as is. For API backward compatibility,
property host_switches will be still returned in response and will contain
the configuration matching the one in host_switch_spec. In update call you
should only modify configuration in either host_switch_spec or
host_switches, but not both. Property host_switch_spec should be preferred
over deprecated host_switches property when creating or updating transport
nodes.

It also modifies attributes of node (host or edge).
Request:
Method:
PUT
URI Path:
/api/v1/transport-nodes/<transport-node-id>
Request Headers:
n/a
Query Parameters:
TransportNodeUpdateParameters+
Request Body:
TransportNode+

Example Request: PUT https://<nsx-mgr>/api/v1/transport-nodes/77816de2-39c3-436c-b891-54d31f580961 { "resource_type": "TransportNode", "description": "Updated NSX configured Test Transport Node", "id": "77816de2-39c3-436c-b891-54d31f580961", "display_name": "NSX Configured TN", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" }, { "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb", "key": "LldpHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "ip_assignment_spec": { "resource_type": "StaticIpPoolSpec", "ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92" }, "vmk_install_migration": [ { "device_name": "vmk1", "destination_network": "849e339e-64b7-47cb-9480-33068f70dc5a" } ], "vmk_uninstall_migration": [ ] } ] }, "transport_zone_endpoints": [ { "transport_zone_id": "e14c6b8a-9edd-489f-b624-f9ef12afbd8f", "transport_zone_profile_ids": [ { "profile_id": "52035bb3-ab02-4a08-9884-18631312e50a", "resource_type": "BfdHealthMonitoringProfile" } ] } ], "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" }, { "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb", "key": "LldpHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "static_ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92" } ], "node_id": "41a4eebd-d6b9-11e6-b722-875041b9955d", "node_deployment_info": { "resource_type": "HostNode", "id": "41a4eebd-d6b9-11e6-b722-875041b9955d", "display_name": "FN1", "fqdn": "sc2-rdops-vm03-dhcp-110-133.eng.vmware.com", "ip_addresses": [ "10.192.156.199" ], "external_id": "a5113680-6a56-4386-9017-adffbe56c99e", "discovered_ip_addresses": [], "os_type": "ESXI", "os_version": "", "managed_by_server": "", "_create_time": 1538632396987, "_last_modified_user": "admin", "_protection": "NOT_PROTECTED", "_last_modified_time": 1538632396987, "_create_user": "admin", "_revision": 0 }, "_revision": 0 } example_response: | { "resource_type": "TransportNode", "description": "Updated NSX configured Test Transport Node", "id": "77816de2-39c3-436c-b891-54d31f580961", "display_name": "NSX Configured TN", "host_switch_spec": { "resource_type": "StandardHostSwitchSpec", "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" }, { "value": "9e0b4d2d-d155-4b4b-8947-fbfe5b79f7cb", "key": "LldpHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "ip_assignment_spec": { "resource_type": "StaticIpPoolSpec", "ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92" }, "vmk_install_migration": [ { "device_name": "vmk1", "destination_network": "849e339e-64b7-47cb-9480-33068f70dc5a" } ], "vmk_uninstall_migration": [ ] } ] }, "transport_zone_endpoints": [ { "transport_zone_id": "e14c6b8a-9edd-489f-b624-f9ef12afbd8f", "transport_zone_profile_ids": [] } ], "host_switches": [ { "host_switch_profile_ids": [ { "value": "e331116d-f59e-4004-8cfd-c577aefe563a", "key": "UplinkHostSwitchProfile" } ], "host_switch_name": "nsxvswitch", "pnics": [ { "device_name": "vmnic1", "uplink_name": "uplink1" } ], "static_ip_pool_id": "ecddcdde-4dc5-4026-ad4f-8857995d4c92" } ], "node_id": "41a4eebd-d6b9-11e6-b722-875041b9955d", "node_deployment_info": { "resource_type": "HostNode", "id": "41a4eebd-d6b9-11e6-b722-875041b9955d", "display_name": "FN1", "fqdn": "sc2-rdops-vm03-dhcp-110-133.eng.vmware.com", "ip_addresses": [ "10.192.156.199" ], "external_id": "a5113680-6a56-4386-9017-adffbe56c99e", "discovered_ip_addresses": [], "os_type": "ESXI", "os_version": "", "managed_by_server": "", "_create_time": 1538632396987, "_last_modified_user": "admin", "_protection": "NOT_PROTECTED", "_last_modified_time": 1538632396987, "_create_user": "admin", "_revision": 1 }, "_create_time": 1485299990773, "_last_modified_user": "admin", "_last_modified_time": 1485301913130, "_create_user": "admin", "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNode+

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Return the list of capabilities of transport node

Returns information about capabilities of transport host node. Edge nodes do not have capabilities. Request:
Method:
GET
URI Path:
/api/v1/transport-nodes/<transport-node-id>/capabilities
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes/c8778638-818a-11e4-a4d5-210df118b5e2/capabilities Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeCapabilitiesResult+

Example Response: { "capabilities": [ { "description": "Capability of supporting rate limiting in switch security switching profile", "version": 1, "value": "true", "key": "switchingprofile.switch-security.rate-limiting" }, { "description": "Capability of supporting multiple LACP groups in uplink host switch profile", "version": 1, "value": "true", "key": "hostswitchprofile.multi-lag" }, { "description": "Capability of supporting egress shaper in QoS switching profile", "version": 1, "value": "true", "key": "switchingprofile.qos.shaper.egress" }, { "description": "Capability of supporting LLDP in lldp host switch profile", "version": 1, "value": "true", "key": "hostswitchprofile.lldp" }, { "description": "Capability of supporting broadcast shaper in QoS switching profile", "version": 1, "value": "true", "key": "switchingprofile.qos.shaper.broadcast" } ] } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

List the specified transport node's network interfaces

Returns the number of interfaces on the node and detailed
information about each interface. Interface information includes MTU,
broadcast and host IP addresses, link and admin status, MAC address, network
mask, and the IP configuration method (static or DHCP).
Request:
Method:
GET
URI Path:
/api/v1/transport-nodes/<transport-node-id>/network/interfaces
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes/<node-id>/network/interfaces Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeInterfacePropertiesListResult+

Example Response: { "result_count": 6, "results": [ { "interface_id": "vmnic0", "admin_status": "UP", "link_status": "UP", "source": "cached", "mtu": 1500, "interface_alias": [ { "physical_address": "02:00:06:3e:44:bf" } ], "interface_type": "PHYSICAL", "connected_switch": "vSwitch0" }, { "interface_id": "vmnic1", "admin_status": "UP", "link_status": "UP", "source": "cached", "mtu": 1600, "interface_alias": [ { "physical_address": "02:00:06:8c:49:0a" } ], "interface_type": "PHYSICAL", "connected_switch": "nsxvswitch" }, { "interface_id": "vmnic2", "admin_status": "UP", "link_status": "DOWN", "source": "cached", "mtu": 1500, "interface_alias": [ { "physical_address": "02:00:06:89:28:d0" } ], "interface_type": "PHYSICAL", "connected_switch": "" }, { "interface_alias": [ { "physical_address": "54:9f:35:0b:d0:84", "netmask": "255.255.255.0", "ip_address": "192.168.210.53", "ip_configuration": "STATIC", "broadcast_address": "192.168.210.255" } ], "interface_id": "vmk0", "admin_status": "UP", "link_status": "UP", "source": "cached", "mtu": 1500 }, { "interface_alias": [ { "physical_address": "00:50:56:68:91:ad", "netmask": "255.255.255.0", "ip_address": "10.20.20.53", "ip_configuration": "STATIC", "broadcast_address": "10.20.20.255" } ], "interface_id": "vmk1", "admin_status": "UP", "link_status": "UP", "source": "cached", "mtu": 1500, "host_managed": true, "interface_type": "VIRTUAL", "lport_attachment_id": "" }, { "interface_alias": [ { "physical_address": "00:50:56:65:f5:fc", "netmask": "255.255.255.0", "ip_address": "192.168.250.102", "ip_configuration": "STATIC", "broadcast_address": "192.168.250.255" } ], "interface_id": "vmk2", "admin_status": "UP", "link_status": "UP", "source": "cached", "mtu": 1600, "host_managed": true, "backing_nsx_managed": true, "interface_type": "VIRTUAL", "lport_attachment_id": "1ea55bbd-0a06-42ac-9ffc-fea15a28cd7e" } ] } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Read the transport node's network interface

Returns detailed information about the specified interface. Interface
information includes MTU, broadcast and host IP addresses, link and admin
status, MAC address, network mask, and the IP configuration method (static
or DHCP).
Request:
Method:
GET
URI Path:
/api/v1/transport-nodes/<transport-node-id>/network/interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes/<node-id>/network/interfaces/vmk2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeInterfaceProperties+

Example Response: { "interface_alias": [ { "physical_address": "00:50:56:65:f5:fc", "netmask": "255.255.255.0", "ip_address": "192.168.250.102", "ip_configuration": "STATIC", "broadcast_address": "192.168.250.255" } ], "interface_id": "vmk2", "admin_status": "UP", "link_status": "UP", "source": "cached", "mtu": 1600, "host_managed": true, "backing_nsx_managed": true, "interface_type": "VIRTUAL", "lport_attachment_id": "1ea55bbd-0a06-42ac-9ffc-fea15a28cd7e" } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Read the NSX Manager's Network Interface Statistics

On the specified interface, returns the number of received (rx), transmitted
(tx), and dropped packets; the number of bytes and errors received and
transmitted on the interface; and the number of detected collisions.
Request:
Method:
GET
URI Path:
/api/v1/transport-nodes/<transport-node-id>/network/interfaces/<interface-id>/stats
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes/<node-id>/network/interfaces/<interface-id>/stats Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeInterfaceStatisticsProperties+

Example Response: { "tx_errors": 0, "rx_frame": 0, "tx_carrier": 0, "tx_bytes": 31611, "rx_dropped": 1813, "tx_packets": 261, "rx_packets": 91656, "interface_id": "mgmt", "tx_dropped": 0, "tx_colls": 0, "rx_errors": 0, "rx_bytes": 7360718 } Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Get a Transport Node's State

Returns information about the current state of the transport node
configuration and information about the associated hostswitch.
Request:
Method:
GET
URI Path:
/api/v1/transport-nodes/<transport-node-id>/state
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes/77816de2-39c3-436c-b891-54d31f580961/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNodeState+

Example Response: { "state": "success", "host_switch_states": [ { "endpoints": [ { "default_gateway": "", "device_name": "vmk10", "ip": "151.105.114.27", "subnet_mask": "255.255.255.0", "label": 22529 } ], "transport_zone_ids": [ "e14c6b8a-9edd-489f-b624-f9ef12afbd8f" ], "host_switch_name": "nsxvswitch", "host_switch_id": "91 02 92 79 1d 20 44 5b-a3 6b 1f 6f 0e 4f e0 96" } ], "transport_node_id": "77816de2-39c3-436c-b891-54d31f580961", "node_deployment_state": { "details": [], "state": "success" } } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

Disable flow cache for an edge transport node

Disable flow cache for edge transport node.
Caution: This involves restart of the edge
dataplane and hence may lead to network disruption.
Request:
Method:
POST
URI Path:
/api/v1/transport-nodes/<transport-node-id>?action=disable_flow_cache
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Enable flow cache for an edge transport node

Enable flow cache for edge transport node.
Caution: This involves restart of the edge
dataplane and hence may lead to network disruption.
Request:
Method:
POST
URI Path:
/api/v1/transport-nodes/<transport-node-id>?action=enable_flow_cache
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Refresh the node configuration for the Edge node.

The API is applicable for Edge transport nodes. If you update the VM
configuration and find a discrepancy in VM configuration at NSX Manager,
then use this API to refresh configuration at NSX Manager.
It refreshes the VM configuration from sources external to MP. Sources
include vSphere Server and the edge node. After this action, the API
GET api/v1/transport-nodes will show refreshed data.
Request:
Method:
POST
URI Path:
/api/v1/transport-nodes/<transport-node-id>?action=refresh_node_configuration&resource_type=EdgeNode
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Restart the inventory sync for the node if it is paused currently.

Restart the inventory sync for the node if it is currently internally paused.
After this action the next inventory sync coming from the node is processed.
Request:
Method:
POST
URI Path:
/api/v1/transport-nodes/<transport-node-id>?action=restart_inventory_sync
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Apply cluster level Transport Node Profile on overridden host

A host can be overridden to have different configuration than Transport
Node Profile(TNP) on cluster. This action will restore such overridden host
back to cluster level TNP.

This API can be used in other case. When TNP is applied to a cluster,
if any validation fails (e.g. VMs running on host) then existing transport
node (TN) is not updated. In that case after the issue is resolved manually
(e.g. VMs powered off), you can call this API to update TN as per cluster
level TNP.
Request:
Method:
POST
URI Path:
/api/v1/transport-nodes/<transport-node-id>?action=restore_cluster_config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/transport-nodes/97a8c255-0dea-4561-8054-4d5027d8e19d?action=restore_cluster_config Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Update transport node maintenance mode

Put transport node into maintenance mode or exit from maintenance mode. Request:
Method:
POST
URI Path:
/api/v1/transport-nodes/<transportnode-id>
Request Headers:
n/a
Query Parameters:
MaintenanceModeParameters+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/transport-nodes/97a8c255-0dea-4561-8054-4d5027d8e19d/?action=enter_maintenance_mode Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

Resync a Transport Node

Resync the TransportNode configuration on a host.
It is similar to updating the TransportNode with existing configuration,
but force synce these configurations to the host (no backend optimizations).
Request:
Method:
POST
URI Path:
/api/v1/transport-nodes/<transportnode-id>?action=resync_host_config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/transport-nodes/97a8c255-0dea-4561-8054-4d5027d8e19d?action=resync_host_config Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nodes_transport_nodes Additional Errors:

List transport nodes by realized state

Returns a list of transport node states that have realized state as provided
as query parameter
Request:
Method:
GET
URI Path:
/api/v1/transport-nodes/state
Request Headers:
n/a
Query Parameters:
TransportNodeStateParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes/state?status=IN_PROGRESS Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNodeStateListResult+

Example Response: { "state" : "in_progress", "node_deployment_state": "success", "transport_node_id" : "366048ba-89d9-435e-ac2e-2c7cf6ed0f33", "host_switch_states" : [ { "state" : "in_progress", "host_switch_id" : "58 20 ca 9e ff da 40 19-86 06 39 d2 0c 0a d7 c5", "endpoints" : [ { "subnet_mask" : "255.255.255.224", "device_name" : "vmk10", "label" : 593280, "default_gateway" : "", "ip" : "169.254.177.12" } ], "host_switch_name" : "opaque-switch-1" } ] } Required Permissions: read Feature: nodes_transport_nodes Additional Errors:

Get high-level summary of all transport nodes. The service layer does not support source = realtime or cached.

Request:
Method:
GET
URI Path:
/api/v1/transport-nodes/status
Request Headers:
n/a
Query Parameters:
TransportNodeFilter+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-nodes/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
HeatMapTransportZoneStatus+

Example Response: { "down_count": 0, "unknown_count": 2, "up_count": 0, "degraded_count": 0 } Required Permissions: read Feature: tools_heatmap Additional Errors:

Get high-level summary of a transport zone

Request:
Method:
GET
URI Path:
/api/v1/transport-zones/<zone-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-zones/37b481c8-dd1e-4e17-bb2b-f922f1addaa8/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
HeatMapTransportZoneStatus+

Example Response: { "down_count": 0, "unknown_count": 2, "up_count": 0, "degraded_count": 0 } Required Permissions: read Feature: tools_heatmap Additional Errors:

Read status of transport nodes in a transport zone

Request:
Method:
GET
URI Path:
/api/v1/transport-zones/<zone-id>/transport-node-status
Request Headers:
n/a
Query Parameters:
TransportNodeStatusParametersWithDataSource+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-zones/37b481c8-dd1e-4e17-bb2b-f922f1addaa8/transport-node-status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNodeStatusListResult+

Example Response: { "cursor": "1000", "result_count": 2, "transport_nodes": [ { "node_uuid": "30bf2379-0b83-4951-9347-befcefc17efc", "status": "UNKNOWN", "mgmt_connection_status": "UP", "threat_status": { "status": "NORMAL" }, "agent_status": { "status": "UP", "up_count: 2 "down_count": 0, "agents": [ { "name": "NSX_AGENT", "stauts": "UP" }, { "name": "NSX_NESTDB", "stauts": "UP" } ] }, "node_status": { "last_heartbeat_timestamp": 1446675283540, "lcp_connectivity_status": "UP", "mpa_connectivity_status": "UP", "system_status": { "mem_used": 2551264, "system_time": 1446649452000, "file_systems": [ { "file_system": "root", "total": 32768, "used": 476, "type": "ramdisk", "mount": "/" }, { "file_system": "etc", "total": 28672, "used": 220, "type": "ramdisk", "mount": "/etc" }, { "file_system": "opt", "total": 32768, "used": 1040, "type": "ramdisk", "mount": "/opt" }, { "file_system": "var", "total": 49152, "used": 1196, "type": "ramdisk", "mount": "/var" }, { "file_system": "tmp", "total": 262144, "used": 24136, "type": "ramdisk", "mount": "/tmp" }, { "file_system": "hostdstats", "total": 302080, "used": 2072, "type": "ramdisk", "mount": "/var/lib/vmware/hostd/stats" } ], "load_average": [ 0.17000000178813934, 0.17000000178813934, 0.15000000596046448 ], "swap_total": 0, "mem_cache": 0, "cpu_cores": 16, "source": "cached", "mem_total": 25119208, "swap_used": 0, "uptime": 7213000 }, "last_sync_time": 1473837914408, "mpa_connectivity_status_details": "Client is responding to heartbeats", "software_version": "1.1.0.0.0.3195008", "host_node_deployment_status": "INSTALL_SUCCESSFUL", "lcp_connectivity_status_details": [ { "control_node_ip": "192.168.110.34", "failure_status": "UNKNOWN_FAILURE_STATUS", "status": "UP" } ], "inventory_sync_paused": false } }, { "tunnel_status": { "down_count": 0, "status": "DOWN", "up_count": 1, "bfd_diagnostic": { "reverse_concatenated_path_down_count": 0, "path_down_count": 0, "echo_function_failed_count": 0, "concatenated_path_down_count": 0, "forwarding_plane_reset_count": 0, "no_diagnostic_count": 0, "control_detection_time_expired_count": 0, "administratively_down_count": 0 }, "bfd_status": { "bfd_down_count": 0, "bfd_admin_down_count": 0, "bfd_init_count": 0, "bfd_up_count": 1 } }, "pnic_status": { "down_count": 0, "status": "UP", "up_count": 2 }, "threat_status": { "status": "NORMAL" }, "agent_status": { "status": "UP", "up_count: 2 "down_count": 0, "agents": [ { "name": "NSX_AGENT", "stauts": "UP" }, { "name": "NSX_NESTDB", "stauts": "UP" } ] }, "node_status": { "last_heartbeat_timestamp": 1446675283540, "lcp_connectivity_status": "UP", "mpa_connectivity_status": "UP", "system_status": { "mem_used": 2551264, "system_time": 1446649452000, "file_systems": [ { "file_system": "root", "total": 32768, "used": 476, "type": "ramdisk", "mount": "/" }, { "file_system": "etc", "total": 28672, "used": 220, "type": "ramdisk", "mount": "/etc" }, { "file_system": "opt", "total": 32768, "used": 1040, "type": "ramdisk", "mount": "/opt" }, { "file_system": "var", "total": 49152, "used": 1196, "type": "ramdisk", "mount": "/var" }, { "file_system": "tmp", "total": 262144, "used": 24136, "type": "ramdisk", "mount": "/tmp" }, { "file_system": "hostdstats", "total": 302080, "used": 2072, "type": "ramdisk", "mount": "/var/lib/vmware/hostd/stats" } ], "load_average": [ 0.17000000178813934, 0.17000000178813934, 0.15000000596046448 ], "swap_total": 0, "mem_cache": 0, "cpu_cores": 16, "source": "cached", "mem_total": 25119208, "swap_used": 0, "uptime": 7213000 }, "last_sync_time": 1473837914408, "mpa_connectivity_status_details": "Client is responding to heartbeats", "software_version": "1.1.0.0.0.3195008", "host_node_deployment_status": "INSTALL_SUCCESSFUL", "lcp_connectivity_status_details": [ { "control_node_ip": "192.168.110.34", "failure_status": "UNKNOWN_FAILURE_STATUS", "status": "UP" } ], "inventory_sync_paused": false }, "node_uuid": "f8a7392e-d2e4-4422-b4cd-83b144da515b", "status": "UNKNOWN", "mgmt_connection_status": "UP" } ]} Required Permissions: read Feature: tools_heatmap Additional Errors:

Creates a status report of transport nodes in a transport zone

You must provide the request header "Accept:application/octet-stream" when calling this API. Request:
Method:
GET
URI Path:
/api/v1/transport-zones/<zone-id>/transport-node-status-report
Request Headers:
n/a
Query Parameters:
TransportNodeReportParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-zones/4971383d-f792-4b36-8854-e78a79853948/transport-node-status-report Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/octet-stream
Response Body:
n/a

Example Response: nodeUuid,controlConnectionStatus,pnicStatus,mgmtConnectionStatus,tunnelStatus,agentStatus, threatStatus,upTunnelCount,downTunnelCount,upAgentCount,downAgentCount "56c869c2-3936-11e7-97d7-e3f11175ca7b",UP,UP,UP,UP,UP,NORMAL,1,0,2,0 "4afcf3e6-3936-11e7-94d2-e7fc52d5bade",UP,UP,UP,UP,UP,NORMAL,1,0,2,0 Required Permissions: read Feature: tools_heatmap Additional Errors:

Get high-level summary of a transport zone. The service layer does not support source = realtime or cached.

Request:
Method:
GET
URI Path:
/api/v1/transport-zones/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-zones/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
HeatMapTransportNodesAggregateStatus+

Example Response: { "down_count": 0, "unknown_count": 2, "up_count": 0, "degraded_count": 0 } Required Permissions: read Feature: tools_heatmap Additional Errors:

Read status of all the transport nodes

Request:
Method:
GET
URI Path:
/api/v1/transport-zones/transport-node-status
Request Headers:
n/a
Query Parameters:
TransportNodeStatusParametersWithDataSource+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-zones/transport-node-status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportNodeStatusListResult+

Example Response: { "result_count": 2, "transport_nodes": [ { "node_uuid": "30bf2379-0b83-4951-9347-befcefc17efc", "status": "UNKNOWN", "mgmt_connection_status": "UP", "threat_status": { "status": "NORMAL" }, "agent_status": { "status": "UP", "up_count: 2 "down_count": 0, "agents": [ { "name": "NSX_AGENT", "stauts": "UP" }, { "name": "NSX_NESTDB", "stauts": "UP" } ] }, "node_status": { "last_heartbeat_timestamp": 1446675283540, "lcp_connectivity_status": "UP", "mpa_connectivity_status": "UP", "system_status": { "mem_used": 2551264, "system_time": 1446649452000, "file_systems": [ { "file_system": "root", "total": 32768, "used": 476, "type": "ramdisk", "mount": "/" }, { "file_system": "etc", "total": 28672, "used": 220, "type": "ramdisk", "mount": "/etc" }, { "file_system": "opt", "total": 32768, "used": 1040, "type": "ramdisk", "mount": "/opt" }, { "file_system": "var", "total": 49152, "used": 1196, "type": "ramdisk", "mount": "/var" }, { "file_system": "tmp", "total": 262144, "used": 24136, "type": "ramdisk", "mount": "/tmp" }, { "file_system": "hostdstats", "total": 302080, "used": 2072, "type": "ramdisk", "mount": "/var/lib/vmware/hostd/stats" } ], "load_average": [ 0.17000000178813934, 0.17000000178813934, 0.15000000596046448 ], "swap_total": 0, "mem_cache": 0, "cpu_cores": 16, "source": "cached", "mem_total": 25119208, "swap_used": 0, "uptime": 7213000 }, "last_sync_time": 1473837914408, "mpa_connectivity_status_details": "Client is responding to heartbeats", "software_version": "1.1.0.0.0.3195008", "host_node_deployment_status": "INSTALL_SUCCESSFUL", "lcp_connectivity_status_details": [ { "control_node_ip": "192.168.110.34", "failure_status": "UNKNOWN_FAILURE_STATUS", "status": "UP" } ], "inventory_sync_paused": false } }, { "tunnel_status": { "down_count": 0, "status": "DOWN", "up_count": 1, "bfd_diagnostic": { "reverse_concatenated_path_down_count": 0, "path_down_count": 0, "echo_function_failed_count": 0, "concatenated_path_down_count": 0, "forwarding_plane_reset_count": 0, "no_diagnostic_count": 0, "control_detection_time_expired_count": 0, "administratively_down_count": 0 }, "bfd_status": { "bfd_down_count": 0, "bfd_admin_down_count": 0, "bfd_init_count": 0, "bfd_up_count": 1 } }, "pnic_status": { "down_count": 0, "status": "UP", "up_count": 2 }, "threat_status": { "status": "NORMAL" }, "agent_status": { "status": "UP", "up_count: 2 "down_count": 0, "agents": [ { "name": "NSX_AGENT", "stauts": "UP" }, { "name": "NSX_NESTDB", "stauts": "UP" } ] }, "node_status": { "last_heartbeat_timestamp": 1446675283540, "lcp_connectivity_status": "UP", "mpa_connectivity_status": "UP", "system_status": { "mem_used": 2551264, "system_time": 1446649452000, "file_systems": [ { "file_system": "root", "total": 32768, "used": 476, "type": "ramdisk", "mount": "/" }, { "file_system": "etc", "total": 28672, "used": 220, "type": "ramdisk", "mount": "/etc" }, { "file_system": "opt", "total": 32768, "used": 1040, "type": "ramdisk", "mount": "/opt" }, { "file_system": "var", "total": 49152, "used": 1196, "type": "ramdisk", "mount": "/var" }, { "file_system": "tmp", "total": 262144, "used": 24136, "type": "ramdisk", "mount": "/tmp" }, { "file_system": "hostdstats", "total": 302080, "used": 2072, "type": "ramdisk", "mount": "/var/lib/vmware/hostd/stats" } ], "load_average": [ 0.17000000178813934, 0.17000000178813934, 0.15000000596046448 ], "swap_total": 0, "mem_cache": 0, "cpu_cores": 16, "source": "cached", "mem_total": 25119208, "swap_used": 0, "uptime": 7213000 }, "last_sync_time": 1473837914408, "mpa_connectivity_status_details": "Client is responding to heartbeats", "software_version": "1.1.0.0.0.3195008", "host_node_deployment_status": "INSTALL_SUCCESSFUL", "lcp_connectivity_status_details": [ { "control_node_ip": "192.168.110.34", "failure_status": "UNKNOWN_FAILURE_STATUS", "status": "UP" } ], "inventory_sync_paused": false }, "node_uuid": "f8a7392e-d2e4-4422-b4cd-83b144da515b", "status": "UNKNOWN", "mgmt_connection_status": "UP" } ]} Required Permissions: read Feature: tools_heatmap Additional Errors:

Creates a status report of transport nodes of all the transport zones

You must provide the request header "Accept:application/octet-stream" when calling this API. Request:
Method:
GET
URI Path:
/api/v1/transport-zones/transport-node-status-report
Request Headers:
n/a
Query Parameters:
TransportNodeReportParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-zones/transport-node-status-report Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/octet-stream
Response Body:
n/a

Example Response: nodeUuid,controlConnectionStatus,pnicStatus,mgmtConnectionStatus,tunnelStatus,agentStatus, threatStatus,upTunnelCount,downTunnelCount,upAgentCount,downAgentCount "56c869c2-3936-11e7-97d7-e3f11175ca7b",UP,UP,UP,UP,UP,NORMAL,1,0,2,0 "4afcf3e6-3936-11e7-94d2-e7fc52d5bade",UP,UP,UP,UP,UP,NORMAL,1,0,2,0 "fe1ab3b8-741a-4015-863f-058c049ee506",UP,UP,UP,UP,UP,NORMAL,1,0,2,0 "f55ff9ec-3f91-11e7-8441-000c29ee2825",UP,UP,UP,UP,UP,NORMAL,1,0,2.0 Required Permissions: read Feature: tools_heatmap Additional Errors:

Management Plane API: Network Transport: Transport Profiles

Associated URIs:

Create a transport zone Profile

Creates a transport zone profile. The resource_type is required.
Request:
Method:
POST
URI Path:
/api/v1/transportzone-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BfdHealthMonitoringProfile+

Example Request: POST https://<nsx-mgr>/api/v1/transportzone-profiles { "enabled": "true", "latency_enabled": false, "resource_type": "BfdHealthMonitoringProfile", "display_name": "transport-zone-profile-East", "probe_interval": 500, "tags": [{"scope": "home", "tag": "green"}] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
BfdHealthMonitoringProfile+

Example Response: { "resource_type": "BfdHealthMonitoringProfile", "id": "4b772ead-0b70-4e96-8752-3cf87cdb98f5", "display_name": "transport-zone-profile-East", "tags": [ { "scope": "home", "tag": "green" } ], "probe_interval": 500, "enabled": true, "latency_enabled": false, "_last_modified_time": 1458590226240, "_create_time": 1458590226240, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: transport_zones_transport_zone_profiles Additional Errors:

List transport zone profiles

Returns information about the configured transport zone profiles. Transport zone
profiles define networking policies for transport zones and transport zone endpoints.
Request:
Method:
GET
URI Path:
/api/v1/transportzone-profiles
Request Headers:
n/a
Query Parameters:
TransportZoneProfileListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transportzone-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportZoneProfileListResult+

Example Response: { "result_count": 1, "results": [ { "resource_type": "BfdHealthMonitoringProfile", "id": "4b772ead-0b70-4e96-8752-3cf87cdb98f5", "display_name": "transport-zone-profile-East", "tags": [ { "scope": "home", "tag": "green" } ], "probe_interval": 500, "enabled": true, "latency_enabled": false, "_last_modified_time": 1458590226240, "_create_time": 1458590226240, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } ] } Required Permissions: read Feature: transport_zones_transport_zone_profiles Additional Errors:

Delete a transport zone Profile

Deletes a specified transport zone profile. Request:
Method:
DELETE
URI Path:
/api/v1/transportzone-profiles/<transportzone-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/transportzone-profiles/4b772ead-0b70-4e96-8752-3cf87cdb98f5 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: transport_zones_transport_zone_profiles Additional Errors:

Update a transport zone profile

Modifies a specified transport zone profile. The body of the PUT request must include the resource_type.
Request:
Method:
PUT
URI Path:
/api/v1/transportzone-profiles/<transportzone-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BfdHealthMonitoringProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/transportzone-profiles/4b772ead-0b70-4e96-8752-3cf87cdb98f5 { "resource_type": "BfdHealthMonitoringProfile", "id": "4b772ead-0b70-4e96-8752-3cf87cdb98f5", "display_name": "transport-zone-profile-East", "tags": [ { "scope": "home", "tag": "green" } ], "probe_interval": 500, "enabled": false, "latency_enabled": false, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BfdHealthMonitoringProfile+

Example Response: { "resource_type": "BfdHealthMonitoringProfile", "id": "4b772ead-0b70-4e96-8752-3cf87cdb98f5", "display_name": "transport-zone-profile-East", "tags": [ { "scope": "home", "tag": "green" } ], "probe_interval": 500, "enabled": false, "latency_enabled": false, "_last_modified_time": 1458590898614, "_create_time": 1458590226240, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: transport_zones_transport_zone_profiles Additional Errors:

Get transport zone profile by identifier

Returns information about a specified transport zone profile. Request:
Method:
GET
URI Path:
/api/v1/transportzone-profiles/<transportzone-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transportzone-profiles/4b772ead-0b70-4e96-8752-3cf87cdb98f5 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BfdHealthMonitoringProfile+

Example Response: { "resource_type": "BfdHealthMonitoringProfile", "id": "4b772ead-0b70-4e96-8752-3cf87cdb98f5", "display_name": "transport-zone-profile-East", "tags": [ { "scope": "home", "tag": "green" } ], "probe_interval": 500, "enabled": true, "latency_enabled": false, "_last_modified_time": 1458590226240, "_create_time": 1458590226240, "_last_modified_user": "admin", "_system_owned": false, "_create_user": "admin", "_revision": 0 } Required Permissions: read Feature: transport_zones_transport_zone_profiles Additional Errors:

Management Plane API: Network Transport: Transport Zones

Associated URIs:

Create a Transport Zone

Creates a new transport zone. The required parameters are host_switch_name
and transport_type (OVERLAY or VLAN). The optional parameters are
description and display_name.
Request:
Method:
POST
URI Path:
/api/v1/transport-zones
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TransportZone+

Example Request: POST https://<nsx-mgr>/api/v1/transport-zones/ { "display_name":"tz1", "host_switch_name":"test-host-switch-1", "description":"Transport Zone 1", "transport_type":"OVERLAY" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
TransportZone+

Example Response: { "_revision": 0, "id": "c6626083-1a86-4370-85c0-791cf9f947e9", "display_name": "tz1", "description": "Transport Zone 1", "resource_type": "TransportZone", "transport_type": "OVERLAY", "host_switch_name": "test-host-switch-1", "_last_modified_user": "admin", "_last_modified_time": 1414179082458, "_create_time": 1414179082458, "_create_user": "admin", "_schema": "/v1/schema/TransportZone" } Required Permissions: crud Feature: transport_zones_transport_zones Additional Errors:

List Transport Zones

Returns information about configured transport zones. NSX requires at
least one transport zone. NSX uses transport zones to provide connectivity
based on the topology of the underlying network, trust zones, or
organizational separations. For example, you might have hypervisors that
use one network for management traffic and a different network for VM
traffic. This architecture would require two transport zones. The
combination of transport zones plus transport connectors enables NSX to
form tunnels between hypervisors. Transport zones define which interfaces
on the hypervisors can communicate with which other interfaces on other
hypervisors to establish overlay tunnels or provide connectivity to a VLAN.
A logical switch can be in one (and only one) transport zone. This means
that all of a switch's interfaces must be in the same transport zone.
However, each hypervisor virtual switch (OVS or VDS) has multiple
interfaces (connectors), and each connector can be attached to a different
logical switch. For example, on a single hypervisor with two connectors,
connector A can be attached to logical switch 1 in transport zone A, while
connector B is attached to logical switch 2 in transport zone B. In this
way, a single hypervisor can participate in multiple transport zones. The
API for creating a transport zone requires that a single host switch be
specified for each transport zone, and multiple transport zones can share
the same host switch.
Request:
Method:
GET
URI Path:
/api/v1/transport-zones
Request Headers:
n/a
Query Parameters:
TransportZoneListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-zones/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportZoneListResult+

Example Response: { "results": [ { "_revision": 0, "id": "c08d57bf-247d-4a5e-9acd-c5f2860e2872", "resource_type": "TransportZone", "transport_type": "OVERLAY", "host_switch_name": "host2", "_last_modified_user": "admin", "_last_modified_time": 1412873095391, "_create_time": 1412873095391, "_create_user": "admin", "_schema": "/v1/schema/TransportZone" }, { "_revision": 0, "id": "7c57c5a7-c742-4ee2-8fae-a9ac6a01309c", "resource_type": "TransportZone", "transport_type": "OVERLAY", "host_switch_name": "host1", "_last_modified_user": "admin", "_last_modified_time": 1412873062407, "_create_time": 1412873062407, "_create_user": "admin", "_schema": "/v1/schema/TransportZone" }, { "_revision": 0, "id": "c55ec097-0b53-4103-9426-18e135250c29", "resource_type": "TransportZone", "transport_type": "OVERLAY", "host_switch_name": "host1", "_last_modified_user": "admin", "_last_modified_time": 1412877285032, "_create_time": 1412877285032, "_create_user": "admin", "_schema": "/v1/schema/TransportZone" } ] } Required Permissions: read Feature: transport_zones_transport_zones Additional Errors:

Get a Transport Zone

Returns information about a single transport zone. Request:
Method:
GET
URI Path:
/api/v1/transport-zones/<zone-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-zones/c55ec097-0b53-4103-9426-18e135250c29 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportZone+

Example Response: { "_revision": 0, "id": "c55ec097-0b53-4103-9426-18e135250c29", "resource_type": "TransportZone", "transport_type": "OVERLAY", "host_switch_name": "host1", "_last_modified_user": "admin", "_last_modified_time": 1412877285032, "_create_time": 1412877285032, "_create_user": "admin", "_schema": "/v1/schema/TransportZone" } Required Permissions: read Feature: transport_zones_transport_zones Additional Errors:

Delete a Transport Zone

Deletes an existing transport zone. Request:
Method:
DELETE
URI Path:
/api/v1/transport-zones/<zone-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/transport-zones/795097bb-fb32-44f1-a074-73445ada5451 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: transport_zones_transport_zones Additional Errors:

Update a Transport Zone

Updates an existing transport zone. Modifiable parameters are
transport_type (VLAN or OVERLAY), description, and display_name. The
request must include the existing host_switch_name.
Request:
Method:
PUT
URI Path:
/api/v1/transport-zones/<zone-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TransportZone+

Example Request: PUT https://<nsx-mgr>/api/v1/transport-zones/795097bb-fb32-44f1-a074-73445ada5451 { "resource_type": "TransportZone", "description": "comp1 overlay transport zone", "id": "30c42eea-a083-4976-8b32-9281b6ca1887", "display_name": "tz-overlay", "host_switch_name": "nsxvswitch", "transport_type": "OVERLAY", "transport_zone_profile_ids": [ { "profile_id": "52035bb3-ab02-4a08-9884-18631312e50a", "resource_type": "BfdHealthMonitoringProfile" } ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportZone+

Example Response: { "id": "7bd56bce-2736-4e5b-bed2-db38fc2b00e9", "display_name": "host-switch-2-vlan-350", "description": "Used for VLAN 350", "resource_type": "TransportZone", "description": "comp1 overlay transport zone", "id": "30c42eea-a083-4976-8b32-9281b6ca1887", "display_name": "tz-overlay", "host_switch_name": "nsxvswitch", "transport_type": "OVERLAY", "transport_zone_profile_ids": [ { "profile_id": "52035bb3-ab02-4a08-9884-18631312e50a", "resource_type": "BfdHealthMonitoringProfile" } ], "_last_modified_time": 1458859590908, "_create_time": 1457984400279, "_last_modified_user": "admin", "_create_user": "admin", "_revision": 1, "_schema": "/v1/schema/TransportZone" } Required Permissions: crud Feature: transport_zones_transport_zones Additional Errors:

Get a Transport Zone's Current Runtime Status Information

Returns information about a specified transport zone, including the number
of logical switches in the transport zone, number of logical spitch ports
assigned to the transport zone, and number of transport nodes in the
transport zone.
Request:
Method:
GET
URI Path:
/api/v1/transport-zones/<zone-id>/summary
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/transport-zones/7c57c5a7-c742-4ee2-8fae-a9ac6a01309c/summary Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TransportZoneStatus+

Example Response: { "num_logical_switches": 1, "transport_zone_id": "7c57c5a7-c742-4ee2-8fae-a9ac6a01309c", "num_logical_ports": 3, "num_transport_nodes": 3 } Required Permissions: read Feature: transport_zones_transport_zones Additional Errors:

Management Plane API: Normalization

Associated URIs:

Get normalizations based on the query parameters

Returns the list of normalized resources based on the query parameters.
Id and Type of the resource on which the normalizations is to be performed,
are to be specified as query parameters in the URI. The target resource
types to which normalization is to be done should also be specified as
query parameter.
Request:
Method:
GET
URI Path:
/api/v1/normalizations
Request Headers:
n/a
Query Parameters:
NormalizationListRequestParameters+
Request Body:
n/a

Example Request: https://<nsx-mgr>/api/v1/normalizations?resource_id=e6dd32d7-3b64-44ea-8122-a45d5eac7ef5&resource_type=NSGroup&preferred_normalization_type=IPSet Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NormalizedResourceListResult+

Example Response: { "sort_ascending": true, "sort_by": "target_display_name", "result_count": 3, "results": [ { "target_display_name": "IPSet2", "is_valid": true, "target_type": "IPSet", "target_id": "0e9e0aa0-2a0e-485f-8484-7138d9de26e7" }, { "target_display_name": "IPset1", "is_valid": true, "target_type": "IPSet", "target_id": "184ab2cb-e34f-4799-b9a7-58d04a831bd1" }, { "target_display_name": "IPset3", "is_valid": true, "target_type": "IPSet", "target_id": "3e36dc4a-afc0-46fe-8c04-65faf63b09ff" } ] } Required Permissions: read Feature: groups_groups Additional Errors:

Management Plane API: Operations

Management Plane API: Operations: IPFIX

Associated URIs:

List IPFIX collector configurations

Request:
Method:
GET
URI Path:
/api/v1/ipfix/collectorconfigs
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ipfix/collectorconfigs?page_size=1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpfixCollectorConfigListResult+

Example Response: { "sort_by": "resource_type", "result_count": 2, "results": [ { "resource_type": "IpfixCollectorConfig", "id": "2e6d9p0c-8aa8-4df6-9a0f-b0456575b233", "collectors": [ { "collector_ip_address": "10.24.24.24", "collector_port": 3569, } ], "_last_modified_user": "admin", "_last_modified_time": 1463555181478, "_revision": 0 }, { "resource_type": "IpfixCollectorConfig", "id": "1a2b3c4d-8aa8-4df6-9a0f-b0456575b233", "collectors": [ { "id": "2d5d3a9a-5bc7-4ad1-2f0a-a9836575d204", "collector_ip_address": "10.23.23.23", "collector_port": 6359 } ], "_last_modified_user": "admin", "_last_modified_time": 1463555183599, "_revision": 0 } ] } Required Permissions: read Feature: ipfix_collectors Additional Errors:

Create a new IPFIX collector configuration

Request:
Method:
POST
URI Path:
/api/v1/ipfix/collectorconfigs
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpfixCollectorConfig+

Example Request: POST https://<nsx-mgr>/api/v1/ipfix/collectorconfigs { "collectors": [ { "collector_ip_address": "10.24.24.24", "collector_port": 3569 } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IpfixCollectorConfig+

Example Response: { "resource_type": "IpfixCollectorConfig", "id": "2d5d3a9a-5bc7-4ad1-2f0a-a9836575d204", "collectors": [ { "collector_ip_address": "10.24.24.24", "collector_port": 3569 } ] "_last_modified_user": "admin", "_last_modified_time": 1463555187453, "_revision": 0 } Required Permissions: crud Feature: ipfix_collectors Additional Errors:

Delete an existing IPFIX collector configuration

Request:
Method:
DELETE
URI Path:
/api/v1/ipfix/collectorconfigs/<collector-config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/ipfix/collectorconfigs/7e5d3a8c-8aa8-4df6-9a0f-b0456575b233 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: ipfix_collectors Additional Errors:

Get an existing IPFIX collector configuration

Request:
Method:
GET
URI Path:
/api/v1/ipfix/collectorconfigs/<collector-config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ipfix/collectorconfigs/6y4r9i0w-8aa8-4df6-9a0f-b0456575b233 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpfixCollectorConfig+

Example Response: { "resource_type": "IpfixCollectorConfig", "id": "1q2w3e4r-8aa8-4df6-9a0f-b0456575b233", "collectors": [ { "collector_ip_address": "10.24.24.24", "collector_port": 3569 } ], "_last_modified_user": "admin", "_last_modified_time": 1463555176234, "_revision": 1 } Required Permissions: read Feature: ipfix_collectors Additional Errors:

Update an existing IPFIX collector configuration

Request:
Method:
PUT
URI Path:
/api/v1/ipfix/collectorconfigs/<collector-config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpfixCollectorConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/ipfix/collectorconfigs/7e5d3a8c-8aa8-4df6-9a0f-b0456575b233 { "id": "2d5d3a9a-5bc7-4ad1-2f0a-a9836575d204", "collectors": [ { "collector_ip_address": "10.24.25.24", "collector_port": 3569 } ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpfixCollectorConfig+

Example Response: { "resource_type": "IpfixCollectorConfig", "id": "2d5d3a9a-5bc7-4ad1-2f0a-a9836575d204", "collectors": [ { "collector_ip_address": "10.24.25.24", "collector_port": 3569 } ], "_last_modified_user": "admin", "_last_modified_time": 1463555187453, "_revision": 1 } Required Permissions: crud Feature: ipfix_collectors Additional Errors:

List IPFIX configuration

Request:
Method:
GET
URI Path:
/api/v1/ipfix/configs
Request Headers:
n/a
Query Parameters:
IpfixConfigListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ipfix/configs?page_size=1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpfixConfigListResult+

Example Response: { "sort_by": "resource_type", "result_count": 2, "results": [ { "resource_type": "IpfixSwitchConfig", "id": "7e5d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "IPFIX Switch Config 001", "packet_sample_probability": 0.1, "active_timeout": 300, "max_flows": 16384, "idle_timeout": 300, "applied_tos": [], "_last_modified_user": "admin", "_last_modified_time": 1463555176314, "_revision": 2 }, { "resource_type": "IpfixSwitchConfig", "id": "2d5d3a9a-5bc7-4ad1-2f0a-a9836575d204", "display_name": "IPFIX Switch Config 002", "packet_sample_probability": 0.1, "active_timeout": 300, "max_flows": 16384, "idle_timeout": 300, "applied_tos": [], "_last_modified_user": "admin", "_last_modified_time": 1463555187453, "_revision": 0 } ] } Required Permissions: read Feature: ipfix_profiles Additional Errors:

Create a new IPFIX configuration

Request:
Method:
POST
URI Path:
/api/v1/ipfix/configs
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpfixDfwConfig+
IpfixSwitchConfig+

Example Request: POST https://<nsx-mgr>/api/v1/ipfix/configs { "resource_type": "IpfixSwitchConfig", "display_name": "IPFIX Switch Config 002", "packet_sample_probability": 0.1, "active_timeout": 300, "max_flows": 16384, "idle_timeout": 300, "applied_tos": [] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IpfixDfwConfig+
IpfixSwitchConfig+

Example Response: { "resource_type": "IpfixSwitchConfig", "id": "2d5d3a9a-5bc7-4ad1-2f0a-a9836575d204", "display_name": "IPFIX Switch Config 002", "packet_sample_probability": 0.1, "active_timeout": 300, "max_flows": 16384, "idle_timeout": 300, "applied_tos": [], "_last_modified_user": "admin", "_last_modified_time": 1463555187453, "_revision": 0 } Required Permissions: crud Feature: ipfix_profiles Additional Errors:

Get an existing IPFIX configuration

Request:
Method:
GET
URI Path:
/api/v1/ipfix/configs/<config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ipfix/configs/7e5d3a8c-8aa8-4df6-9a0f-b0456575b233 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpfixDfwConfig+
IpfixSwitchConfig+

Example Response: { "resource_type": "IpfixSwitchConfig", "id": "7e5d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "IPFIX Switch Config 001", "packet_sample_probability": 0.1, "active_timeout": 300, "max_flows": 16384, "idle_timeout": 300, "applied_tos": [], "_last_modified_user": "admin", "_last_modified_time": 1463555176314, "_revision": 2 } Required Permissions: read Feature: ipfix_profiles Additional Errors:

Delete an existing IPFIX configuration

Request:
Method:
DELETE
URI Path:
/api/v1/ipfix/configs/<config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/ipfix/configs/7e5d3a8c-8aa8-4df6-9a0f-b0456575b233 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: ipfix_profiles Additional Errors:

Update an existing IPFIX configuration

Request:
Method:
PUT
URI Path:
/api/v1/ipfix/configs/<config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpfixDfwConfig+
IpfixSwitchConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/ipfix/configs/7e5d3a8c-8aa8-4df6-9a0f-b0456575b233 { "resource_type": "IpfixSwitchConfig", "id": "7e5d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "IPFIX Switch Config 001", "packet_sample_probability": 0.1, "active_timeout": 300, "max_flows": 16384, "idle_timeout": 300, "applied_tos": [], "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpfixDfwConfig+
IpfixSwitchConfig+

Example Response: { "resource_type": "IpfixSwitchConfig", "id": "7e5d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "IPFIX Switch Config 001", "packet_sample_probability": 0.1, "active_timeout": 300, "max_flows": 16384, "idle_timeout": 300, "applied_tos": [], "_last_modified_user": "admin", "_last_modified_time": 1463555176314, "_revision": 2 } Required Permissions: crud Feature: ipfix_profiles Additional Errors:

Management Plane API: Operations: LLDP

Associated URIs:

List LLDP Neighbor Properties of Fabric Node

List LLDP Neighbor Properties for all interfaces of Fabric Node
Request:
Method:
GET
URI Path:
/api/v1/lldp/fabric-nodes/<fabric-node-id>/interfaces
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/lldp/fabric-nodes/ed4d2f98-4373-4d67-9706-5ec3af7fcba1/interfaces Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
InterfaceNeighborPropertyListResult+

Example Response: { "result_count": 6, "results": [ { "neighbors": [ {} ], "name": "vmnic0", "mac": "54:9f:35:0b:d0:84", "_schema": "/v1/schema/InterfaceNeighborProperties" }, { "neighbors": [ { "mgmt_addr": "192.168.1.2", "capabilities": "Bridge, Router", "system_name": "vpodswitch.corp.local", "name": "Gi1/22", "system_desc": "unknown", "port_desc": "GigabitEthernet1/22", "enabled_capabilities": "Bridge, Router", "mac": "68:ef:bd:4e:98:55" } ], "name": "vmnic1", "mac": "54:9f:35:0b:d0:86", "_schema": "/v1/schema/InterfaceNeighborProperties" }, { "neighbors": [ {} ], "name": "vmnic2", "mac": "a0:36:9f:56:c4:cc", "_schema": "/v1/schema/InterfaceNeighborProperties" }, { "neighbors": [ {} ], "name": "vmnic3", "mac": "a0:36:9f:56:c4:cd", "_schema": "/v1/schema/InterfaceNeighborProperties" }, { "neighbors": [ {} ], "name": "vmnic4", "mac": "a0:36:9f:56:c4:ce", "_schema": "/v1/schema/InterfaceNeighborProperties" }, { "neighbors": [ {} ], "name": "vmnic5", "mac": "a0:36:9f:56:c4:cf", "_schema": "/v1/schema/InterfaceNeighborProperties" } ] } Required Permissions: read Feature: tools_lldp Additional Errors:

Read LLDP Neighbor Properties of Fabric Node by Interface Name

Read LLDP Neighbor Properties for a specific interface of Fabric Node
Request:
Method:
GET
URI Path:
/api/v1/lldp/fabric-nodes/<fabric-node-id>/interfaces/<interface-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/lldp/fabric-nodes/ed4d2f98-4373-4d67-9706-5ec3af7fcba1/interfaces/vmnic1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
InterfaceNeighborProperties+

Example Response: { "neighbors": [ { "mgmt_addr": "192.168.1.2", "capabilities": "Bridge, Router", "system_name": "vpodswitch.corp.local", "name": "Gi1/22", "system_desc": "unknown", "port_desc": "GigabitEthernet1/22", "enabled_capabilities": "Bridge, Router", "mac": "68:ef:bd:4e:98:55" } ], "name": "vmnic1", "mac": "54:9f:35:0b:d0:86", "_schema": "/v1/schema/InterfaceNeighborProperties" } Required Permissions: read Feature: tools_lldp Additional Errors:

Management Plane API: Pool Management

Management Plane API: Pool Management: IP Blocks

Associated URIs:

Returns list of configured IP address blocks.

Returns information about configured IP address blocks. Information includes
the id, display name, description & CIDR of IP address blocks
Request:
Method:
GET
URI Path:
/api/v1/pools/ip-blocks
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pools/ip-blocks Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpBlockListResult+

Example Response: { "cursor": "003622dc1d1a-adcb-4c58-874e-6e783df02790IPBlock-Tenant-1", "sort_by": "displayName", "sort_ascending": true, "result_count": 1, "results": [ { "_revision": 0, "id": "4a5f22a8-8293-4212-93df-99286d20e35b", "display_name": "IPBlock-Tenant-1", "description": "IPBlock-Tenant-1 Description", "resource_type": "IpBlock", "cidr": "192.168.0.0/16", "_last_modified_user": "admin", "_last_modified_time": 1414691880507, "_create_time": 1414691880507, "_create_user": "admin" } ] } Required Permissions: read Feature: ipam_ipam Additional Errors:

Create a new IP address block.

Creates a new IPv4 address block using the specified cidr. cidr is a required
parameter. display_name & description are optional parameters
Request:
Method:
POST
URI Path:
/api/v1/pools/ip-blocks
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpBlock+

Example Request: POST https://<nsx-mgr>/api/v1/pools/ip-blocks { "display_name": "IPBlock-Tenant-1", "description": "IPBlock-Tenant-1 Description", "cidr": "192.168.0.0/16" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IpBlock+

Example Response: { "_revision": 0, "id": "4a5f22a8-8293-4212-93df-99286d20e35b", "display_name": "IPBlock-Tenant-1", "description": "IPBlock-Tenant-1 Description", "resource_type": "IpBlock", "cidr": "192.168.0.0/16", "_last_modified_user": "admin", "_last_modified_time": 1414691880507, "_create_time": 1414691880507, "_create_user": "admin" } Required Permissions: crud Feature: ipam_ipam Additional Errors:

Delete an IP Address Block

Deletes the IP address block with specified id if it exists. IP
block cannot be deleted if there are allocated subnets from the block.
Request:
Method:
DELETE
URI Path:
/api/v1/pools/ip-blocks/<block-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/pools/ip-blocks/4a5f22a8-8293-4212-93df-99286d20e35b Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: ipam_ipam Additional Errors:

Update an IP Address Block

Modifies the IP address block with specifed id. display_name, description
and cidr are parameters that can be modified. If a new cidr is specified,
it should contain all existing subnets in the IP block. Returns a conflict error
if the IP address block cidr can not be modified due to the presence of
subnets that it contains. Eg: If the IP block contains a subnet 192.168.0.1/24
and we try to change the IP block cidr to 10.1.0.1/16, it results in a conflict.
Request:
Method:
PUT
URI Path:
/api/v1/pools/ip-blocks/<block-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpBlock+

Example Request: PUT https://<nsx-mgr>/api/v1/pools/ip-blocks/4a5f22a8-8293-4212-93df-99286d20e35b { "_revision": 1, "display_name": "IPBlock-Tenant-1", "description": "IPBlock-Tenant-1 Description", "cidr": "192.168.1.0/24" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpBlock+

Example Response: { "_revision": 2, "id": "4a5f22a8-8293-4212-93df-99286d20e35b", "display_name": "IPBlock-Tenant-1", "description": "IPBlock-Tenant-1 Description", "resource_type": "IpBlock", "cidr": "192.168.1.0/24", "_last_modified_user": "admin", "_last_modified_time": 1414691880507, "_create_time": 1414691880507, "_create_user": "admin" } Required Permissions: crud Feature: ipam_ipam Additional Errors:

Get IP address block information.

Returns information about the IP address block with specified id.
Information includes id, display_name, description & cidr.
Request:
Method:
GET
URI Path:
/api/v1/pools/ip-blocks/<block-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: { "_revision": 0, "id": "4a5f22a8-8293-4212-93df-99286d20e35b", "display_name": "IPBlock-Tenant-1", "description": "IPBlock-Tenant-1 Description", "resource_type": "IpBlock", "cidr": "192.168.0.0/16", "_last_modified_user": "admin", "_last_modified_time": 1414691880507, "_create_time": 1414691880507, "_create_user": "admin" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpBlock+

Required Permissions: read Feature: ipam_ipam Additional Errors:

List subnets within an IP block

Returns information about all subnets present within an IP address
block. Information includes subnet's id, display_name, description, cidr and
allocation ranges.
Request:
Method:
GET
URI Path:
/api/v1/pools/ip-subnets
Request Headers:
n/a
Query Parameters:
IpBlockSubnetListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pools/ip-subnets?block_id=4a5f22a8-8293-4212-93df-99286d20e35b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpBlockSubnetListResult+

Example Response: { "result_count": 1, "results": [ { "_revision": 0, "id": "4a1c354d-bf7a-42ce-8e27-57e75e803fa0", "display_name": "IPBlock-1-Subnet-1", "description": "IPBlock-1-Subnet-1 Description", "resource_type": "IpBlockSubnet", "cidr": "192.168.1.0/24", "allocation_ranges": [ { "start": "192.168.1.1", "end": "192.168.1.255" } ], "_last_modified_user": "admin", "_last_modified_time": 1514691880507, "_create_time": 1514691880507, "_create_user": "admin" } ] } Required Permissions: read Feature: ipam_ipam Additional Errors:

Create subnet of specified size within an IP block

Carves out a subnet of requested size from the specified IP block. The "size"
parameter and the "block_id " are the requireds field while invoking this API.
If the IP block has sufficient resources/space to allocate a subnet of specified size,
the response will contain all the details of the newly created subnet including the
display_name, description, cidr & allocation_ranges. Returns a conflict error
if the IP block does not have enough resources/space to allocate a subnet of
the requested size.
Request:
Method:
POST
URI Path:
/api/v1/pools/ip-subnets
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpBlockSubnet+

Example Request: POST https://<nsx-mgr>/api/v1/pools/ip-subnets { "display_name": "IPBlock-Subnet-1", "description": "IPBlock-Subnet-1 Description", "size": "255", "block_id":"5a1c354d-bf7a-42ce-8e27-57e75e803fa0" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IpBlockSubnet+

Example Response: { "_revision": 0, "id": "5a1c354d-bf7a-42ce-8e27-57e75e803fa0", "display_name": "IPBlock-1-Subnet-1", "description": "IPBlock-1-Subnet-1 Description", "resource_type": "IpBlockSubnet", "cidr": "192.168.1.0/24", "allocation_ranges": [ { "start": "192.168.1.1", "end": "192.168.1.255" } ], "_last_modified_user": "admin", "_last_modified_time": 1514691880507, "_create_time": 1514691880507, "_create_user": "admin" } Required Permissions: crud Feature: ipam_ipam Additional Errors:

Get the subnet within an IP block

Returns information about the subnet with specified id within a given
IP address block. Information includes display_name, description, cidr and
allocation_ranges.
Request:
Method:
GET
URI Path:
/api/v1/pools/ip-subnets/<subnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pools/ip-subnets /4a1c354d-bf7a-42ce-8e27-57e75e803fa0 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpBlockSubnet+

Example Response: { "_revision": 0, "id": "4a1c354d-bf7a-42ce-8e27-57e75e803fa0", "display_name": "IPBlock-1-Subnet-1", "description": "IPBlock-1-Subnet-1 Description", "resource_type": "IpBlockSubnet", "cidr": "192.168.1.0/24", "allocation_ranges": [ { "start": "192.168.1.1", "end": "192.168.1.255" } ], "_last_modified_user": "admin", "_last_modified_time": 1514691880507, "_create_time": 1514691880507, "_create_user": "admin" } Required Permissions: read Feature: ipam_ipam Additional Errors:

Delete subnet within an IP block

Deletes a subnet with specified id within a given IP address block.
Deletion is allowed only when there are no allocated IP addresses
from that subnet.
Request:
Method:
DELETE
URI Path:
/api/v1/pools/ip-subnets/<subnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/pools/ip-subnets/ 4a1c354d-bf7a-42ce-8e27-57e75e803fa0 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: ipam_ipam Additional Errors:

Allocate or Release an IP Address from a Ip Subnet

Allocates or releases an IP address from the specified IP subnet. To allocate
an address, include ?action=ALLOCATE in the request and a "{}"
in the request body. When the request is successful, the response is
"allocation_id": "", where is an IP address from
the specified pool. To release an IP address (return it back to the pool),
include ?action=RELEASE in the request and "allocation_id": in
the request body, where is the address to be released. When the
request is successful, the response is NULL.
Request:
Method:
POST
URI Path:
/api/v1/pools/ip-subnets/<subnet-id>
Request Headers:
n/a
Query Parameters:
AllocationAction+
Request Body:
AllocationIpAddress+

Example Request: POST https://<nsx-mgr>/api/v1/pools/ip-subnets/5a5f22a8-8293-4212-93df-99286d20e25c?action=ALLOCATE {} Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AllocationIpAddress+

Example Response: { "allocation_id":"192.168.0.1" } Required Permissions: crud Feature: ipam_ipam Additional Errors:

Management Plane API: Pool Management: IP Pools

Associated URIs:

Create an IP Pool

Creates a new IPv4 or IPv6 address pool. Required parameters are
allocation_ranges and cidr. Optional parameters are display_name,
description, dns_nameservers, dns_suffix, and gateway_ip.
Request:
Method:
POST
URI Path:
/api/v1/pools/ip-pools
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpPool+

Example Request: POST https://<nsx-mgr>/api/v1/pools/ip-pools { "display_name": "IPPool-IPV6-1", "description": "IPPool-IPV6-1 Description", "subnets": [ { "dns_nameservers": ["2002:a70:cbfa:1:1:1:1:1"], "allocation_ranges": [ { "start": "2002:a70:cbfa:0:0:0:0:1", "end": "2002:a70:cbfa:0:0:0:0:5" } ], "gateway_ip": "2002:a80:cbfa:0:0:0:0:255", "cidr": "2002:a70:cbfa:0:0:0:0:0/124" } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IpPool+

Example Response: { "_revision": 0, "id": "5a5f22a8-8293-4212-93df-99286d20e25c", "display_name": "IPPool-IPV6-1", "description": "IPPool-IPV6-1 Description", "resource_type": "IpPool", "subnets": [ { "dns_nameservers": [ "2002:a70:cbfa:1:1:1:1:1" ], "allocation_ranges": [ { "start": "2002:a70:cbfa:0:0:0:0:1", "end": "2002:a70:cbfa:0:0:0:0:5" } ], "gateway_ip": "2002:a80:cbfa:0:0:0:0:255", "cidr": "2002:a70:cbfa:0:0:0:0:0/124" } ], "_last_modified_user": "admin", "_last_modified_time": 1414691880507, "_create_time": 1414691880507, "_create_user": "admin" } Required Permissions: crud Feature: groups_ip_pools Additional Errors:

List IP Pools

Returns information about the configured IP address pools. Information
includes the display name and description of the pool and the details of
each of the subnets in the pool, including the DNS servers, allocation
ranges, gateway, and CIDR subnet address.
Request:
Method:
GET
URI Path:
/api/v1/pools/ip-pools
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pools/ip-pools Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpPoolListResult+

Example Response: { "cursor": "003622dc1d1a-adcb-4c58-874e-6e783df02790IPPool-IPV6-1", "sort_by": "displayName", "sort_ascending": true, "result_count": 1, "results": [ { "_revision": 0, "id": "22dc1d1a-adcb-4c58-874e-6e783df02790", "display_name": "IPPool-IPV6-1", "description": "IPPool-IPV6-1 Description", "resource_type": "IpPool", "subnets": [ { "dns_nameservers": [ "2002:a70:cbfa:1:1:1:1:1" ], "allocation_ranges": [ { "start": "2002:a70:cbfa:0:0:0:0:1", "end": "2002:a70:cbfa:0:0:0:0:5" } ], "gateway_ip": "2002:a80:cbfa:0:0:0:0:255", "cidr": "2002:a70:cbfa:0:0:0:0:0/24" } ], "_last_modified_user": "admin", "_last_modified_time": 1414691549566, "_create_time": 1414691549566, "_create_user": "admin" } ] } Required Permissions: read Feature: groups_ip_pools Additional Errors:

Read IP Pool

Returns information about the specified IP address pool. Request:
Method:
GET
URI Path:
/api/v1/pools/ip-pools/<pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pools/ip-pools/4b1c354d-bf7a-42ce-8e27-57e75e803fa8 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpPool+

Example Response: { "_revision": 0, "id": "4b1c354d-bf7a-42ce-8e27-57e75e803fa8", "display_name": "testpool1", "description": "testpool1", "resource_type": "IpPool", "subnets": [ { "dns_nameservers": [ "192.1.1.1" ], "allocation_ranges": [ { "start": "192.168.1.2", "end": "192.168.1.10" }, { "start": "192.168.1.15", "end": "192.168.1.25" } ], "gateway_ip": "192.168.1.1", "cidr": "192.168.1.0/24" } ], "_last_modified_user": "admin", "_last_modified_time": 1414692027913, "_create_time": 1414692027913, "_create_user": "admin" } Required Permissions: read Feature: groups_ip_pools Additional Errors:

Delete an IP Pool

Deletes the specified IP address pool. By default, if the IpPool is used in other configurations (such as transport node template), it won't be deleted. In such situations, pass "force=true" as query param to force delete the IpPool Request:
Method:
DELETE
URI Path:
/api/v1/pools/ip-pools/<pool-id>
Request Headers:
n/a
Query Parameters:
IpPoolDeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/pools/ip-pools/4b1c354d-bf7a-42ce-8e27-57e75e803fa8 DELETE https://<nsx-mgr>/api/v1/pools/ip-pools/4b1c354d-bf7a-42ce-8e27-57e75e803fa8?force=true Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: groups_ip_pools Additional Errors:

Allocate or Release an IP Address from a Pool

Allocates or releases an IP address from the specified IP pool. To allocate
an address, include ?action=ALLOCATE in the request and "allocation_id":null
in the request body. When the request is successful, the response is
"allocation_id": "", where is an IP address from
the specified pool. To release an IP address (return it back to the pool),
include ?action=RELEASE in the request and "allocation_id": in
the request body, where is the address to be released. When the
request is successful, the response is NULL. Tags, display_name and description
attributes are not supported for AllocationIpAddress in this release.
Request:
Method:
POST
URI Path:
/api/v1/pools/ip-pools/<pool-id>
Request Headers:
n/a
Query Parameters:
AllocationAction+
Request Body:
AllocationIpAddress+

Example Request: POST https://<nsx-mgr>/api/v1/pools/ip-pools/5a5f22a8-8293-4212-93df-99286d20e25c?action=ALLOCATE { "allocation_id":null } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AllocationIpAddress+

Example Response: { "allocation_id":2002:a70:cbfa:0:0:0:0:1 } Required Permissions: crud Feature: groups_ip_pools Additional Errors:

Update an IP Pool

Modifies the specified IP address pool. Modifiable parameters include the
description, display_name, and all subnet information.
Request:
Method:
PUT
URI Path:
/api/v1/pools/ip-pools/<pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpPool+

Example Request: PUT https://<nsx-mgr>/api/v1/pools/ip-pools/4b1c354d-bf7a-42ce-8e27-57e75e803fa8 { "_revision": 1, "display_name": "ipv4-pool1", "description": "ipv4-pool", "resource_type": "IpPool", "subnets": [ { "dns_nameservers": [ "192.1.1.2" ], "allocation_ranges": [ { "start": "192.168.1.1", "end": "192.168.1.20" }, { "start": "192.168.1.21", "end": "192.168.1.40" } ], "gateway_ip": "192.168.1.254", "cidr": "192.168.1.0/24" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpPool+

Example Response: { "_revision": 2, "id": "4b1c354d-bf7a-42ce-8e27-57e75e803fa8", "display_name": "ipv4-pool1", "description": "ipv4-pool", "resource_type": "IpPool", "subnets": [ { "dns_nameservers": [ "192.1.1.2" ], "allocation_ranges": [ { "start": "192.168.1.1", "end": "192.168.1.20" }, { "start": "192.168.1.21", "end": "192.168.1.40" } ], "gateway_ip": "192.168.1.254", "cidr": "192.168.1.0/24" } ], "_last_modified_user": "admin", "_last_modified_time": 1414692290422, "_create_time": 1414692027913, "_create_user": "admin" } Required Permissions: crud Feature: groups_ip_pools Additional Errors:

List IP Pool Allocations

Returns information about which addresses have been allocated from a
specified IP address pool.
Request:
Method:
GET
URI Path:
/api/v1/pools/ip-pools/<pool-id>/allocations
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pools/ip-pools/4b1c354d-bf7a-42ce-8e27-57e75e803fa8/allocations Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AllocationIpAddressListResult+

Example Response: { "result_count": 4, "results": [ { "allocation_id": "192.168.1.1" }, { "allocation_id": "192.168.1.3" }, { "allocation_id": "192.168.1.2" }, { "allocation_id": "192.168.1.4" } ] } Required Permissions: read Feature: groups_ip_pools Additional Errors:

Management Plane API: Pool Management: MAC Pools

Associated URIs:

List MAC Pools

Returns a list of all the MAC pools
Request:
Method:
GET
URI Path:
/api/v1/pools/mac-pools
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pools/mac-pools Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MacPoolListResult+

Example Response: { "cursor": "0036ac926c72-daf2-4bb5-ac07-9ab70afded67DefaultVniPool", "sort_by": "displayName", "sort_ascending": true, "result_count": 1, "results": [ { "_revision": 0, "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "DefaultMacPool", "description": "Default MAC Pool", "resource_type": "MacPool", "ranges": [ { "start": "02:50:56:00:00:00", "end": "02:50:56:00:7f:ff" } ], "_last_modified_user": "system", "_last_modified_time": 1413324646640, "_create_time": 1413324646640, "_create_user": "system" } ] } Required Permissions: read Feature: configuration_mac_pool Additional Errors:

Read MAC Pool

Returns information about the specified MAC pool.
Request:
Method:
GET
URI Path:
/api/v1/pools/mac-pools/<pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pools/mac-pools/ac926c72-daf2-4bb5-ac07-9ab70afded67 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MacPool+

Example Response: { "_revision": 0, "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "DefaultMacPool", "description": "Default MAC Pool", "resource_type": "MacPool", "ranges": [ { "start": "02:50:56:00:00:00", "end": "02:50:56:00:7f:ff", } ], "_last_modified_user": "system", "_last_modified_time": 1413324646640, "_create_time": 1413324646640, "_create_user": "system" } Required Permissions: read Feature: configuration_mac_pool Additional Errors:

Management Plane API: Pool Management: VNI Pools

Associated URIs:

List VNI Pools

Returns information about the default and configured virtual
network identifier (VNI) pools for use when building logical network
segments. Each virtual network has a unique ID called a VNI. Instead
of creating a new VNI each time you need a new logical switch, you
can instead allocate a VNI from a VNI pool. VNI pools are sometimes
called segment ID pools. Each VNI pool has a range of usable VNIs. By
default, there is one pool with two ranges [5000, 65535] and [65536,
75000]. To create multiple smaller pools, specify a smaller range for
each pool such as 75001-75100 and 75101-75200. The VNI range determines
the maximum number of logical switches that can be created in each
network segment.
Request:
Method:
GET
URI Path:
/api/v1/pools/vni-pools
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pools/vni-pools Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VniPoolListResult+

Example Response: { "cursor": "0036ac926c72-daf2-4bb5-ac07-9ab70afded67DefaultVniPool", "sort_by": "displayName", "sort_ascending": true, "result_count": 1, "results": [ { "_revision": 0, "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "DefaultVniPool", "description": "Default VNI Pool", "resource_type": "VniPool", "ranges": [ { "start": 65536, "end": 75000 }, { "start": 5000, "end": 65535 } ], "_last_modified_user": "system", "_last_modified_time": 1413324646640, "_create_time": 1413324646640, "_create_user": "system" } ] } Required Permissions: read Feature: profiles_configuration Additional Errors:

Update a VNI Pool

Updates the specified VNI pool. Modifiable parameters include description, display_name and ranges.
Ranges can be added, modified or deleted. Overlapping ranges are not allowed.
Only range end can be modified for any existing range.
Range shrinking or deletion is not allowed if there are any allocated VNIs.
Request:
Method:
PUT
URI Path:
/api/v1/pools/vni-pools/<pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
VniPool+

Example Request: PUT https://<nsx-mgr>/api/v1/pools/vni-pools/ac926c72-daf2-4bb5-ac07-9ab70afded67 { "_revision": 2, "display_name": "VniPool1", "description": "VNI Pool1", "ranges": [ { "start": 9000, "end": 10000 }, { "start": 7000, "end": 8000 }, { "start": 75001, "end": 76000 } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VniPool+

Example Response: { "_revision": 3, "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "VniPool1", "description": "VNI Pool1", "resource_type": "VniPool", "ranges": [ { "start": 9000, "end": 10000 }, { "start": 7000, "end": 8000 }, { "start": 75001, "end": 76000 } ], "_last_modified_user": "admin", "_last_modified_time": 1413845541782, "_create_time": 1413324646640, "_create_user": "system" } Required Permissions: crud Feature: profiles_configuration Additional Errors:

Read VNI Pool

Returns information about the specified virtual network identifier (VNI) pool.
Request:
Method:
GET
URI Path:
/api/v1/pools/vni-pools/<pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pools/vni-pools/ac926c72-daf2-4bb5-ac07-9ab70afded67 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VniPool+

Example Response: { "_revision": 0, "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "DefaultVniPool", "description": "Default VNI Pool", "resource_type": "VniPool", "ranges": [ { "start": 65536, "end": 75000 }, { "start": 5000, "end": 65535 } ], "_last_modified_user": "system", "_last_modified_time": 1413324646640, "_create_time": 1413324646640, "_create_user": "system" } Required Permissions: read Feature: profiles_configuration Additional Errors:

Management Plane API: Pool Management: VTEP Label Pools

Associated URIs:

List virtual tunnel endpoint Label Pools

Returns a list of all virtual tunnel endpoint label pools
Request:
Method:
GET
URI Path:
/api/v1/pools/vtep-label-pools
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pools/vtep-label-pools Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VtepLabelPoolListResult+

Example Response: { "cursor": "0036ac926c72-daf2-4bb5-ac07-9ab70afded67DefaultVtepLabelPool", "sort_by": "displayName", "sort_ascending": true, "result_count": 1, "results": [ { "_revision": 0, "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "DefaultVtepLabelPool", "description": "Default VTEP Label Pool", "resource_type": "VtepLabelPool", "ranges": [ { "start": 1, "end": 131071 } ], "_last_modified_user": "system", "_last_modified_time": 1413324646640, "_create_time": 1413324646640, "_create_user": "system" } ] } Required Permissions: read Feature: profiles_configuration Additional Errors:

Read a virtual tunnel endpoint label pool

Returns information about the specified virtual tunnel endpoint label pool.
Request:
Method:
GET
URI Path:
/api/v1/pools/vtep-label-pools/<pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pools/vtep-label-pools/ac926c72-daf2-4bb5-ac07-9ab70afded67 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VtepLabelPool+

Example Response: { "_revision": 0, "id": "ac926c72-daf2-4bb5-ac07-9ab70afded67", "display_name": "DefaultVtepLabelPool", "description": "Default VTEP Label Pool", "resource_type": "VtepLabelPool", "ranges": [ { "start": 1, "end": 131071 } ], "_last_modified_user": "system", "_last_modified_time": 1413324646640, "_create_time": 1413324646640, "_create_user": "system" } Required Permissions: read Feature: profiles_configuration Additional Errors:

Management Plane API: Proxy Configuration

Associated URIs:

Returns the proxy configuration

Returns the proxy configuration. Request:
Method:
GET
URI Path:
/api/v1/proxy/config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/proxy/config Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Proxy+

Example Response: { "enabled": true "scheme" : "HTTP", "host" : "proxy.eng.vmware.com", "port" : 8080, "username" : "nsx_user", "resource_type" : "Proxy", "id" : "TelemetryConfigIdentifier", "display_name" : "TelemetryConfigIdentifier", "description" : "", "tags" : [ ], "_create_user" : "system", "_create_time" : 1551323564312, "_last_modified_user" : "admin", "_last_modified_time" : 1551380144479, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: read Feature: system_administration Additional Errors:

Creates or updates the proxy configuration

Updates or creates the proxy configuration, and returns the new configuration.
Request:
Method:
PUT
URI Path:
/api/v1/proxy/config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Proxy+

Example Request: PUT https://<nsx-mgr>/api/v1/proxy/config { "enabled": true "scheme": "HTTPS", "host": "proxy.eng.vmware.com", "port": 7080, "username": "nsx_user", "password": "nsx_password", "_revision": 3 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Proxy+

Example Response: { "enabled": true "scheme": "HTTPS", "host": "proxy.eng.vmware.com", "port": 7080, "username": "nsx_user", "resource_type": "Proxy", "id": "TelemetryConfigIdentifier", "display_name": "TelemetryConfigIdentifier", "_create_user": "system", "_create_time": 1551323564312, "_last_modified_user": "admin", "_last_modified_time": 1551380573835, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 4 } Required Permissions: crud Feature: system_administration Additional Errors:

Management Plane API: Realization

Associated URIs:

Updates the barrier configuration

Updates the barrier configuration having interval set in milliseconds
The new interval that automatically increments the global realization number
Request:
Method:
PUT
URI Path:
/api/v1/realization-state-barrier/config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RealizationStateBarrierConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/realization-state-barrier/config { "interval" : 5000, "_revision" : 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RealizationStateBarrierConfig+

Example Response: { "interval" : 5000, "_revision" : 1 } Required Permissions: crud Feature: nsx_realization Additional Errors:

Gets the realization state barrier configuration

Returns the current barrier configuration
Request:
Method:
GET
URI Path:
/api/v1/realization-state-barrier/config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/realization-state-barrier/config Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RealizationStateBarrierConfig+

Example Response: { "interval" : 5000, "_revision" : 1 } Required Permissions: read Feature: nsx_realization Additional Errors:

Gets the current barrier number (Deprecated)

Returns the current global realization barrier number for NSX.
This method has been deprecated. To track realization state, use
X-NSX-REQUESTID request header instead.
Request:
Method:
GET
URI Path:
/api/v1/realization-state-barrier/current
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/realization-state-barrier/current Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CurrentRealizationStateBarrier+

Example Response: { "current_barrier_number" : 281474976712218 } Required Permissions: read Feature: nsx_realization Additional Errors:

Increments the barrier count by 1 (Deprecated)

Increment the current barrier number by 1 for NSX.
This method has been deprecated. To track realization state, use
X-NSX-REQUESTID request header instead.
Request:
Method:
POST
URI Path:
/api/v1/realization-state-barrier/current?action=increment
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/realization-state-barrier/current?action=increment Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
CurrentRealizationStateBarrier+

Example Response: { "current_barrier_number" : 281474976712218 } Required Permissions: crud Feature: nsx_realization Additional Errors:

Management Plane API: Service Config

Associated URIs:

List service configs

List of all service configs.
Request:
Method:
GET
URI Path:
/api/v1/service-configs
Request Headers:
n/a
Query Parameters:
ServiceConfigListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/service-configs Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceConfigListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 2, "results": [ { "_revision": 1, "id": "183e372b-854c-4fcc-a24e-05721ce89a60", "display_name":"testServiceConfig1", "resource_type": "ServiceConfig", "profiles":[{"profile_type":"FirewallSessionTimerProfile", "target_id":"183e372b-854c-4fcc-a24e-05721ce89a45", "is_valid":true }], “precedence”: 10, “applied_to”: [{"target_id":"333e372b-854c-4fcc-a24e-05721ce89b71", "target_type": "NSGroup", "is_valid":true }] "_create_user": "system", "_last_modified_user": "system", "_last_modified_time": 1414057732203, "_create_time": 1414057732203 }, { "_revision": 1, "id": "333e372b-854c-4fcc-a24e-05721ce89b71", "display_name":"testServiceConfig2", "resource_type": "ServiceConfig", "profiles":[{"profile_type":"DFWCPUProfile", target_id":"183e372b-854c-4fcc-a24e-05721ce89a45", "is_valid":true }], “precedence”: 10, “applied_to”: [{"target_id":"333e372b-854c-4fcc-a24e-05721ce89b71", "target_type": "NSGroup", "is_valid":false } ] "_create_user": "system", "_last_modified_user": "system", "_last_modified_time": 1430382085537, "_create_time": 1430382085537 } ] } Required Permissions: read Feature: service_config Additional Errors:

Create service config

Creates a new service config that can group profiles and configs
Request:
Method:
POST
URI Path:
/api/v1/service-configs
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceConfig+

Example Request: POST https://<nsx-mgr>/api/v1/service-config { "display_name":"testServiceConfig", "profiles":[{"profile_type":"FirewallSessionTimerProfile", "target_id":"183e372b-854c-4fcc-a24e-05721ce89a60" } ], “precedence”: 10, “applied_to”: [{ "target_id":"333e372b-854c-4fcc-a24e-05721ce89b71", "target_type" : "NSGroup" }] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ServiceConfig+

Example Response: { "id": "183e372b-854c-4fcc-a24e-05721ce89a60", "display_name":"testServiceConfig", "profiles":[{"profile_type":"FirewallSessionTimerProfile", "target_id":"183e372b-854c-4fcc-a24e-05721ce89a60" } ], “precedence”: 10, “applied_to”: [{ "target_id":"333e372b-854c-4fcc-a24e-05721ce89b71", "target_type" : "NSGroup" }] "_create_user": "system", "_last_modified_user": "system", "_last_modified_time": 1414057732203, "_create_time": 1414057732203 } Required Permissions: crud Feature: service_config Additional Errors:

Read Service Config

Returns information about the specified Service Config.
Request:
Method:
GET
URI Path:
/api/v1/service-configs/<config-set-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/service-configs/183e372b-854c-4fcc-a24e-05721ce89a60 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceConfig+

Example Response: { "_revision": 1, "id": "183e372b-854c-4fcc-a24e-05721ce89a60", "display_name":"testServiceConfig1", "resource_type": "ServiceConfig", "profiles":[{"profile_type":"FirewallSessionTimerProfile", "target_id":"183e372b-854c-4fcc-a24e-05721ce89a45", "is_valid":true }], “precedence”: 10, “applied_to”: [{"target_id":"333e372b-854c-4fcc-a24e-05721ce89b71", "target_type": "LogicalSwitch", "is_valid":true } ] "_create_user": "system", "_last_modified_user": "system", "_last_modified_time": 1414057732203, "_create_time": 1414057732203 } Required Permissions: read Feature: service_config Additional Errors:

Update service config

Updates the specified ServiceConfig.
Request:
Method:
PUT
URI Path:
/api/v1/service-configs/<config-set-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/service-configs/183e372b-854c-4fcc-a24e-05721ce89a60 { "id": "183e372b-854c-4fcc-a24e-05721ce89a60", "display_name":"testServiceConfig1", "resource_type": "ServiceConfig", "profiles":[{"profile_type":"FirewallSessionTimerProfile", "target_id":"183e372b-854c-4fcc-a24e-05721ce89a45" }], “precedence”: 10, “applied_to”: [{"target_id":"333e372b-854c-4fcc-a24e-05721ce89b71", "target_type" : "NSGroup" }] "_create_user": "system", "_last_modified_user": "system", "_last_modified_time": 1414057732203, "_create_time": 1414057732203, "_create_user": "admin", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceConfig+

Example Response: { "id": "183e372b-854c-4fcc-a24e-05721ce89a60", "display_name":"testServiceConfig1", "resource_type": "ServiceConfig", "profiles":[{"profile_type":"FirewallSessionTimerProfile", "target_id":"183e372b-854c-4fcc-a24e-05721ce89a45" }], “precedence”: 10, “applied_to”: [{"target_id":"333e372b-854c-4fcc-a24e-05721ce89b71", "target_type" : "NSGroup" }] "_create_user": "system", "_last_modified_user": "system", "_last_modified_time": 1414057732203, "_create_time": 1414057732203, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: service_config Additional Errors:

Delete Service Config

Deletes the specified service config
Request:
Method:
DELETE
URI Path:
/api/v1/service-configs/<config-set-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/service-configs/183e372b-854c-4fcc-a24e-05721ce89a60 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_config Additional Errors:

Creates/Updates service configs sent in batch request

Creates/Updates new service configs sent in batch request.
This API returns ALL the service configs that are created/updated.
Request:
Method:
POST
URI Path:
/api/v1/service-configs/batch
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceConfigList+

Example Request: POST https://<nsx-mgr>/api/v1/service-config/batch { "service_configs": [ { "display_name":"SC-CPU1", "profiles":[{"profile_type":"FirewallSessionTimerProfile", "target_id":"293d7296-5598-4431-9415-b478903b2b34" } ], "precedence": 1600, "applied_to": [{ "target_id":"479113aa-7398-4b7c-9ce1-0a1c5c615b59", "target_type" :"LogicalPort" }] }, { "display_name":"SC-CPU2", "profiles":[{"profile_type":"FirewallSessionTimerProfile", "target_id":"88445c10-18fa-4c9c-aa7a-2a7770e5736a" } ], "precedence": 1700, "applied_to": [{ "target_id":"479113aa-7398-4b7c-9ce1-0a1c5c615b59", "target_type" :"LogicalPort" }] }] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ServiceConfigListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 2, "results": [ { "_revision": 1, "id": "183e372b-854c-4fcc-a24e-05721ce89a60", "display_name":"testServiceConfig1", "resource_type": "ServiceConfig", "profiles":[{"profile_type":"FirewallSessionTimerProfile", "target_id":"183e372b-854c-4fcc-a24e-05721ce89a45", "is_valid":true }], “precedence”: 10, “applied_to”: [{"target_id":"333e372b-854c-4fcc-a24e-05721ce89b71", "target_type": "NSGroup", "is_valid":true }] "_create_user": "system", "_last_modified_user": "system", "_last_modified_time": 1414057732203, "_create_time": 1414057732203 }, { "_revision": 1, "id": "333e372b-854c-4fcc-a24e-05721ce89b71", "display_name":"testServiceConfig2", "resource_type": "ServiceConfig", "profiles":[{"profile_type":"DFWCPUProfile", target_id":"183e372b-854c-4fcc-a24e-05721ce89a45", "is_valid":true }], “precedence”: 10, “applied_to”: [{"target_id":"333e372b-854c-4fcc-a24e-05721ce89b71", "target_type": "NSGroup", "is_valid":false } ] "_create_user": "system", "_last_modified_user": "system", "_last_modified_time": 1430382085537, "_create_time": 1430382085537 } ] } Required Permissions: crud Feature: service_config Additional Errors:

Get Effective Profiles for an Entity

Returns the effective profiles applied to the specified Resource.
Request:
Method:
GET
URI Path:
/api/v1/service-configs/effective-profiles
Request Headers:
n/a
Query Parameters:
EffectiveProfileRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/service-configs/effective-profiles? resource_id=144e372b-854c-4fcc-a24e-05721ce89a60&resource_type=NSGroup Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EffectiveProfileListResult+

Example Response: { "cursor": "00012", "sort_ascending": true, "result_count": 2, "results": [ { "profile_type":"FirewallSessionTimerProfile", "target_id":"183e372b-854c-4fcc-a24e-05721ce89a45", "target_name":"Firewall Session Timer Profile "is_valid":true }, { "profile_type":"FirewallCpuMemThresholdsProfile", "target_id":"5678372b-854c-4fcc-a24e-05721ce89a45", "target_name":"Firewall CPU Profile "is_valid":true }, ] } Required Permissions: read Feature: service_config Additional Errors:

Management Plane API: Services

Management Plane API: Services: DHCP

Associated URIs:

Get a paginated list of DHCP server profiles

Get a paginated list of DHCP server profiles. Request:
Method:
GET
URI Path:
/api/v1/dhcp/server-profiles
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/dhcp/server-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpProfileListResult+

Example Response: { "cursor" : "0036faf85fb5-9242-4d24-abca-0ca59b2b669bDHCP-server-profile-1", "result_count" : 1, "results" : [ { "resource_type" : "DhcpProfile", "id" : "faf85fb5-9242-4d24-abca-0ca59b2b669b", "display_name" : "DHCP-server-profile-1", "edge_cluster_id" : "4a6a13e0-eb66-4c02-96c3-85c9a250a946", "edge_cluster_member_indexes" : [ 1, 0 ], "enable_standby_relocation" : false "_create_time" : 1478111693174, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478111693174, "_revision" : 0 } ] } Required Permissions: read Feature: dhcp_server_profiles Additional Errors:

Create a DHCP server profile

Create a DHCP server profile. If no edge member is specified, edge members
to run the dhcp servers will be auto-allocated from the edge cluster.
Request:
Method:
POST
URI Path:
/api/v1/dhcp/server-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DhcpProfile+

Example Request: POST https://<nsx-mgr>/api/v1/dhcp/server-profiles { "display_name" : "DHCP-server-profile-2", "edge_cluster_id" : "4a6a13e0-eb66-4c02-96c3-85c9a250a946", "enable_standby_relocation" : true } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
DhcpProfile+

Example Response: { "resource_type" : "DhcpProfile", "id" : "ee5711ce-e4d5-4f88-8330-b79c01d3bf7c", "display_name" : "DHCP-server-profile-2", "edge_cluster_id" : "4a6a13e0-eb66-4c02-96c3-85c9a250a946", "enable_standby_relocation" : true, "_create_time" : 1478301260922, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478301260922, "_revision" : 0 } Required Permissions: crud Feature: dhcp_server_profiles Additional Errors:

Delete a DHCP server profile

Delete a DHCP server profile specified by the profile id. Request:
Method:
DELETE
URI Path:
/api/v1/dhcp/server-profiles/<profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/dhcp/server-profiles/ee5711ce-e4d5-4f88-8330-b79c01d3bf7c Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: dhcp_server_profiles Additional Errors:

Update a DHCP server profile

Please note, the edge_cluster_id in DhcpProfile can NOT be changed by this
PUT operation because all existing DHCP leases will lost. If loosing leases
is not a problem, a dedicated re-allocation API is suggested to modify the
edge-cluster-id.

If both the edge_cluster_member_indexes in the DhcpProfile are changed in
a same PUT API, e.g. change from [a,b] to [x,y], the current DHCP server
leases will be lost, which could cause the network crash due to ip conflicts.
Hence the suggestion is to change only one member index in one single update,
e.g. from [a, b] to [a,y].
Request:
Method:
PUT
URI Path:
/api/v1/dhcp/server-profiles/<profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DhcpProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/dhcp/server-profiles/ee5711ce-e4d5-4f88-8330-b79c01d3bf7c { "display_name" : "DHCP-server-profile-3", "edge_cluster_id" : "4a6a13e0-eb66-4c02-96c3-85c9a250a946", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpProfile+

Example Response: { "resource_type" : "DhcpProfile", "id" : "ee5711ce-e4d5-4f88-8330-b79c01d3bf7c", "display_name" : "DHCP-server-profile-3", "edge_cluster_id" : "4a6a13e0-eb66-4c02-96c3-85c9a250a946", "enable_standby_relocation" : false, "_last_modified_user" : "admin", "_last_modified_time" : 1478301632680, "_revision" : 1 } Required Permissions: crud Feature: dhcp_server_profiles Additional Errors:

Get a DHCP server profile

Return the DHCP profile specified by the profile id. Request:
Method:
GET
URI Path:
/api/v1/dhcp/server-profiles/<profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/dhcp/server-profiles/ee5711ce-e4d5-4f88-8330-b79c01d3bf7c Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpProfile+

Example Response: { "resource_type" : "DhcpProfile", "id" : "ee5711ce-e4d5-4f88-8330-b79c01d3bf7c", "display_name" : "DHCP-server-profile-2", "edge_cluster_id" : "4a6a13e0-eb66-4c02-96c3-85c9a250a946", "enable_standby_relocation" : true, "_create_time" : 1478301260922, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478301260922, "_revision" : 0 } Required Permissions: read Feature: dhcp_server_profiles Additional Errors:

Reallocate edge cluster and members of given DHCP profile.

As changing edge-cluster-id of a DhcpProfile by a PUT is disallowed,
this re-allocate API is used to modify the edge-cluster-id and members
of a given DhcpProfile.

Only the edge-cluster-id and the edge-cluster-member-indexes fields will
be picked up by this re-allication API. The othere fields in the payload
will be ignored.

If the edge-cluster-id in the payload DhcpProfile is different from the
current edge-cluster-id of the profile, the referencing DHCP server(s) will
be re-allocated to the new edge cluster. If the edge-cluster-id is not
changed, the referencing DHCP server(s) will be re-allocated to the
given edge members in the edge cluster. In this case, this REST API will
act same as that of updating a DhcpProfile.

If the edge cluster member indexes are provided, they should exist in the
given edge cluster. If the indexes are not specified in the DhcpProfile,
edge members will be auto-allocated from the given edge cluster.

Please note that re-allocating edge-cluster will cause lose of all exisitng
DHCP lease information. This API is used only when loosing DHCP leases is
not a real problem, e.g. cross-site migration or failover and all client
hosts will be reboot and get new IP addresses.
Request:
Method:
POST
URI Path:
/api/v1/dhcp/server-profiles/<server-profile-id>?action=reallocate
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DhcpProfile+

Example Request: POST /api/v1/dhcp/dhcp-profiles/1e2e59c1-5d9d-4231-bc43-5f7c06825e1b?action=reallocate { "edge_cluster_id" : "0748d3ce-2bdc-40ba-90d2-639a7dfe6cfe", "edge_cluster_member_indexes" : [0, 1] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpProfile+

Example Response: { "resource_type" : "DhcpProfile", "id" : "1e2e59c1-5d9d-4231-bc43-5f7c06825e1b", "display_name" : "DHCP-server-profile-3", "edge_cluster_id" : "0748d3ce-2bdc-40ba-90d2-639a7dfe6cfe", "edge_cluster_member_indexes" : [0, 1], "enable_standby_relocation" : false, "_last_modified_user" : "admin", "_last_modified_time" : 1478302632680, "_revision" : 3 } Required Permissions: crud Feature: dhcp_servers Additional Errors:

Create a DHCP server

Create a logical DHCP server. Request:
Method:
POST
URI Path:
/api/v1/dhcp/servers
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LogicalDhcpServer+

Example Request: POST https://<nsx-mgr>/api/v1/dhcp/servers { "display_name" : "DHCP-server-2", "dhcp_profile_id" : "faf85fb5-9242-4d24-abca-0ca59b2b669b", "ipv4_dhcp_server" : { "dhcp_server_ip" : "192.168.110.50/24" } } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
LogicalDhcpServer+

Example Response: { "resource_type" : "LogicalDhcpServer", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43a7", "display_name" : "DHCP-server-2", "dhcp_profile_id" : "faf85fb5-9242-4d24-abca-0ca59b2b669b", "ipv4_dhcp_server" : { "dhcp_server_ip" : "192.168.110.50/24" }, "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 } Required Permissions: crud Feature: dhcp_servers Additional Errors:

Get a paginated list of DHCP servers

List logical DHCP servers with pagination support. Request:
Method:
GET
URI Path:
/api/v1/dhcp/servers
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: Get https://<nsx-mgr>/api/v1/dhcp/servers Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalDhcpServerListResult+

Example Response: { "cursor" : "0036e4d0bf07-7ebf-46a1-84b0-6292ca6f52b7DHCP-server-1", "result_count" : 1, "results" : [ { "resource_type" : "LogicalDhcpServer", "id" : "e4d0bf07-7ebf-46a1-84b0-6292ca6f52b7", "display_name" : "DHCP-server-1", "dhcp_profile_id" : "faf85fb5-9242-4d24-abca-0ca59b2b669b", "ipv4_dhcp_server" : { "dhcp_server_ip" : "192.168.110.50/24" }, "attached_logical_port_id" : "ecde011f-528f-4ccb-a147-dd45d74103b6", "_create_time" : 1478111770429, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478111770429, "_revision" : 0 } ] } Required Permissions: read Feature: dhcp_servers Additional Errors:

Delete a DHCP server

Delete a logical DHCP server specified by server id. Request:
Method:
DELETE
URI Path:
/api/v1/dhcp/servers/<server-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/dhcp/servers/b6a5bffa-f6a9-447c-936f-4633f9eb43a7 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: dhcp_servers Additional Errors:

Get a DHCP server

Retrieve a logical DHCP server specified by server id. Request:
Method:
GET
URI Path:
/api/v1/dhcp/servers/<server-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: Get https://<nsx-mgr>/api/v1/dhcp/servers/b6a5bffa-f6a9-447c-936f-4633f9eb43a7 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalDhcpServer+

Example Response: { "resource_type" : "LogicalDhcpServer", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43a7", "display_name" : "DHCP-server-2", "dhcp_profile_id" : "faf85fb5-9242-4d24-abca-0ca59b2b669b", "ipv4_dhcp_server" : { "dhcp_server_ip" : "192.168.110.50/24" }, "attached_logical_port_id" : "ecde011f-528f-4ccb-a147-dd45d74103b6", "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 } Required Permissions: read Feature: dhcp_servers Additional Errors:

Update a DHCP server

Update a logical DHCP server with new configurations. Request:
Method:
PUT
URI Path:
/api/v1/dhcp/servers/<server-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LogicalDhcpServer+

Example Request: PUT https://<nsx-mgr>/api/v1/dhcp/servers/b6a5bffa-f6a9-447c-936f-4633f9eb43a7 { "display_name" : "DHCP-server-3", "dhcp_profile_id" : "faf85fb5-9242-4d24-abca-0ca59b2b669b", "ipv4_dhcp_server" : { "dhcp_server_ip" : "192.168.110.50/24" }, "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LogicalDhcpServer+

Example Response: { "resource_type" : "LogicalDhcpServer", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43a7", "display_name" : "DHCP-server-3", "dhcp_profile_id" : "faf85fb5-9242-4d24-abca-0ca59b2b669b", "ipv4_dhcp_server" : { "dhcp_server_ip" : "192.168.110.50/24" }, "attached_logical_port_id" : "ecde011f-528f-4ccb-a147-dd45d74103b6", "_last_modified_user" : "admin", "_last_modified_time" : 1478304649896, "_revision" : 1 } Required Permissions: crud Feature: dhcp_servers Additional Errors:

Get a paginated list of a DHCP server's IP pools

List the ip pools of a logical DHCP server with pagination support.
Request:
Method:
GET
URI Path:
/api/v1/dhcp/servers/<server-id>/ip-pools
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET /api/v1/dhcp/servers/d7f425da-25d2-4e5e-ae9e-ea112375971d/ip-pools Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpIpPoolListResult+

Example Response: { "cursor" : "0036073b1c6e-8591-4621-af6c-5f3dcdd4059fDHCP-ip-pool-2", "result_count" : 1, "results" : [ { "resource_type" : "DhcpIpPool", "id" : "073b1c6e-8591-4621-af6c-5f3dcdd4059f", "display_name" : "DHCP-ip-pool-2", "lease_time" : 86400, "gateway_ip" : "192.168.150.1", "allocation_ranges" : [ { "start" : "192.168.150.100", "end" : "192.168.150.200" } ], "error_threshold" : 100, "warning_threshold" : 80, "_create_time" : 1478305498175, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478305498175, "_revision" : 0 } ] } Required Permissions: read Feature: dhcp_servers Additional Errors:

Create an ip pool for a DHCP server

Create an ip pool for a local DHCP server Request:
Method:
POST
URI Path:
/api/v1/dhcp/servers/<server-id>/ip-pools
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DhcpIpPool+

Example Request: POST /api/v1/dhcp/servers/d7f425da-25d2-4e5e-ae9e-ea112375971d/ip-pools { "display_name" : "DHCP-ip-pool-2", "gateway_ip" : "192.168.150.1", "allocation_ranges" : [ { "start" : "192.168.150.100", "end" : "192.168.150.200" } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
DhcpIpPool+

Example Response: { "resource_type" : "DhcpIpPool", "id" : "1b6cb97f-ffa3-407c-b2ed-a9616feb95dd", "display_name" : "DHCP-ip-pool-2", "lease_time" : 86400, "gateway_ip" : "192.168.150.1", "allocation_ranges" : [ { "start" : "192.168.150.100", "end" : "192.168.150.200" } ], "error_threshold" : 100, "warning_threshold" : 80, "_create_time" : 1478305919915, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478305919915, "_revision" : 0 } Required Permissions: crud Feature: dhcp_servers Additional Errors:

Update a DHCP server's IP pool

Update a specific ip pool of a given logical DHCP server. Request:
Method:
PUT
URI Path:
/api/v1/dhcp/servers/<server-id>/ip-pools/<pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DhcpIpPool+

Example Request: PUT /api/v1/dhcp/servers/d7f425da-25d2-4e5e-ae9e-ea112375971d/ip-pools/1b6cb97f-ffa3-407c-b2ed-a9616feb95dd { "display_name" : "DHCP-ip-pool-3", "gateway_ip" : "192.168.150.1", "allocation_ranges" : [ { "start" : "192.168.150.100", "end" : "192.168.150.200" } ], "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpIpPool+

Example Response: { "resource_type" : "DhcpIpPool", "id" : "1b6cb97f-ffa3-407c-b2ed-a9616feb95dd", "display_name" : "DHCP-ip-pool-3", "lease_time" : 86400, "gateway_ip" : "192.168.150.1", "allocation_ranges" : [ { "start" : "192.168.150.100", "end" : "192.168.150.200" } ], "error_threshold" : 100, "warning_threshold" : 80, "_last_modified_user" : "admin", "_last_modified_time" : 1478306403854, "_revision" : 1 } Required Permissions: crud Feature: dhcp_servers Additional Errors:

Delete a DHCP server's IP pool

Delete a specific ip pool of a given logical DHCP server. Request:
Method:
DELETE
URI Path:
/api/v1/dhcp/servers/<server-id>/ip-pools/<pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE /api/v1/dhcp/servers/d7f425da-25d2-4e5e-ae9e-ea112375971d/ip-pools/1b6cb97f-ffa3-407c-b2ed-a9616feb95dd Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: dhcp_servers Additional Errors:

Get a DHCP server's IP pool with the specified pool ID

Return a specific ip pool of a given logical DHCP server. Request:
Method:
GET
URI Path:
/api/v1/dhcp/servers/<server-id>/ip-pools/<pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET /api/v1/dhcp/servers/d7f425da-25d2-4e5e-ae9e-ea112375971d/ip-pools/1b6cb97f-ffa3-407c-b2ed-a9616feb95dd Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpIpPool+

Example Response: { "resource_type" : "DhcpIpPool", "id" : "1b6cb97f-ffa3-407c-b2ed-a9616feb95dd", "display_name" : "DHCP-ip-pool-2", "lease_time" : 86400, "gateway_ip" : "192.168.150.1", "allocation_ranges" : [ { "start" : "192.168.150.100", "end" : "192.168.150.200" } ], "error_threshold" : 100, "warning_threshold" : 80, "_create_time" : 1478305919915, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478305919915, "_revision" : 0 } Required Permissions: read Feature: dhcp_servers Additional Errors:

Get the realized state of a dhcp ip pool

Return realized state information of a dhcp ip pool.
After a dhcp ip pool is created or updated, you can invoke this API to get
the realization information of the ip pool.
Request:
Method:
GET
URI Path:
/api/v1/dhcp/servers/<server-id>/ip-pools/<pool-id>/state
Request Headers:
n/a
Query Parameters:
RealizationStateQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/dhcp/servers/f962173f-ac03-4d08-8366-56a41779f61d/ip-pools/1b6cb97f-ffa3-407c-b2ed-a9616feb95dd/state?request_id=3433a089-feff-4ede-a049-6950f201f0b5 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ConfigurationState+

Example Response: { "details": [ { "sub_system_type": "TransportNode", "sub_system_id": "fe651e63-04bd-43a4-a8ec-45381a3b71b9", "state": "in_progress", "failure_message": "CCP Id:ab5958df-d98a-468e-a72b-d89dcdae5346, Message:State realization is in progress at the node." }, { "sub_system_type": "TransportNode", "sub_system_id": "ebe174ac-e4f1-4135-ba72-3dd2eb7099e3", "state": "in_sync" } ], "state": "in_progress", "failure_message": "The state realization is in progress at transport nodes." } Required Permissions: read Feature: dhcp_servers Additional Errors:

Delete a single DHCP lease entry specified by ip and mac.

Delete a single DHCP lease entry specified by ip and mac.

The DHCP server matches the DHCP lease with the given ip address and
the mac address. The matched lease entry will be deleted. If no lease
matches, the request is ignored.

The DHCP lease to be deleted will be removed by the system from both active
and standby node. The system will report error if the DHCP lease could not
be removed from both nodes. If the DHCP lease could not be removed on either
node, please check the DHCP server status. Once the DHCP server status is
UP, please invoke the deletion API again to ensure the lease gets deleted
from both nodes.
Request:
Method:
DELETE
URI Path:
/api/v1/dhcp/servers/<server-id>/leases
Request Headers:
n/a
Query Parameters:
DhcpDeleteLeaseRequestParameters+
Request Body:
n/a

Example Request: DELETE /api/v1/dhcp/servers/d7f425da-25d2-4e5e-ae9e-ea112375971d/leases?ip=192.168.100.6&mac=02:42:21:4d:bc:b7 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: dhcp_servers Additional Errors:

Get specific leases of a given dhcp server

Get specific leases of a given dhcp server. As a dhcp server could manage
millions of leases, the API has to limit the number of the returned
leases via two mutually-excluded request parameters, i.e. "pool_id" and
"address". Either a "pool_id" or an "address" can be provided, but not both
in a same call.

If a "pool_id" is specified, the leases of the specific pool are returned.
If an "address" is specified, only the lease(s) represented y this address
is(are) returned. The "address" can be a single IP, an ip-range, or a mac
address.
Request:
Method:
GET
URI Path:
/api/v1/dhcp/servers/<server-id>/leases
Request Headers:
n/a
Query Parameters:
DhcpLeaseRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/dhcp/servers/9f34f749-08d9-4744-b1e9-9f079f9ce726/leases?address=184.168.1.3 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpLeases+

Example Response: { "leases" : [ { "subnet" : "184.168.1.0", "start_time" : "2017-06-26 18:34:34 +0000", "mac_address" : "00:50:56:ae:6b:01", "lease_time" : "3600", "expire_time" : "2017-06-26 19:34:35 +0000", "ip_address" : "184.168.1.3" } ], "dhcp_server_id" : "9f34f749-08d9-4744-b1e9-9f079f9ce726", "timestamp" : 1498503052577 } Required Permissions: read Feature: dhcp_servers Additional Errors:

Get the realized state of a dhcp server

Return realized state information of a dhcp server.
After a dhcp server is created or updated, you can invoke this API to get
the realization information of the server.
Request:
Method:
GET
URI Path:
/api/v1/dhcp/servers/<server-id>/state
Request Headers:
n/a
Query Parameters:
RealizationStateQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/dhcp/servers/f962173f-ac03-4d08-8366-56a41779f61d/state?request_id=1b6cb97f-ffa3-407c-b2ed-a9616feb95dd Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ConfigurationState+

Example Response: { "details": [ { "sub_system_type": "TransportNode", "sub_system_id": "fe651e63-04bd-43a4-a8ec-45381a3b71b9", "state": "in_progress", "failure_message": "CCP Id:ab5958df-d98a-468e-a72b-d89dcdae5346, Message:State realization is in progress at the node." }, { "sub_system_type": "TransportNode", "sub_system_id": "ebe174ac-e4f1-4135-ba72-3dd2eb7099e3", "state": "in_sync" } ], "state": "in_progress", "failure_message": "The state realization is in progress at transport nodes." } Required Permissions: read Feature: dhcp_servers Additional Errors:

Create a static binding for a DHCP server

Create a static binding for a logical DHCP server. Request:
Method:
POST
URI Path:
/api/v1/dhcp/servers/<server-id>/static-bindings
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DhcpStaticBinding+

Example Request: POST https://<nsx-mgr>/api/v1/dhcp/servers/d7f425da-25d2-4e5e-ae9e-ea112375971d/static-bindings { "gateway_ip" : "192.168.150.1", "mac_address" : "12:34:56:78:9a:bc", "ip_address" : "192.168.150.201", "host_name" : "machine-1" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
DhcpStaticBinding+

Example Response: { "resource_type" : "DhcpStaticBinding", "id" : "6f866db1-1ac9-44b5-9ba0-eb87b5bd0ef8", "display_name" : "6f866db1-1ac9-44b5-9ba0-eb87b5bd0ef8", "lease_time" : 86400, "gateway_ip" : "192.168.150.1", "mac_address" : "12:34:56:78:9a:bc", "ip_address" : "192.168.150.201", "host_name" : "machine-1", "_create_time" : 1478309747583, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478309747583, "_revision" : 0 } Required Permissions: crud Feature: dhcp_servers Additional Errors:

Get a paginated list of a DHCP server's static bindings

Return a paginated list of a static bindings of a given logical DHCP server.
Request:
Method:
GET
URI Path:
/api/v1/dhcp/servers/<server-id>/static-bindings
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET /api/v1/dhcp/servers/d7f425da-25d2-4e5e-ae9e-ea112375971d/static-bindings Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpStaticBindingListResult+

Example Response: { "cursor" : "00363433a089-feff-4ede-a049-6950f201f0b512:34:56:78:9a:bc", "result_count" : 1, "results" : [ { "resource_type" : "DhcpStaticBinding", "id" : "3433a089-feff-4ede-a049-6950f201f0b5", "display_name" : "12:34:56:78:9a:bc", "lease_time" : 86400, "gateway_ip" : "192.168.150.1", "mac_address" : "12:34:56:78:9a:bc", "ip_address" : "192.168.150.201", "host_name" : "machine-1", "_create_time" : 1478112071458, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478112071458, "_revision" : 0 } ] } Required Permissions: read Feature: dhcp_servers Additional Errors:

Update a DHCP server's static binding

Update a specific static binding of a given local DHCP server. Request:
Method:
PUT
URI Path:
/api/v1/dhcp/servers/<server-id>/static-bindings/<binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DhcpStaticBinding+

Example Request: PUT /api/v1/dhcp/servers/d7f425da-25d2-4e5e-ae9e-ea112375971d/static-bindings/6f866db1-1ac9-44b5-9ba0-eb87b5bd0ef8 { "gateway_ip" : "192.168.150.1", "mac_address" : "12:34:56:78:9a:bc", "ip_address" : "192.168.150.202", "host_name" : "machine-1", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpStaticBinding+

Example Response: { "resource_type" : "DhcpStaticBinding", "id" : "6f866db1-1ac9-44b5-9ba0-eb87b5bd0ef8", "display_name" : "6f866db1-1ac9-44b5-9ba0-eb87b5bd0ef8", "lease_time" : 86400, "gateway_ip" : "192.168.150.1", "mac_address" : "12:34:56:78:9a:bc", "ip_address" : "192.168.150.202", "host_name" : "machine-1", "_last_modified_user" : "admin", "_last_modified_time" : 1478310104268, "_revision" : 1 } Required Permissions: crud Feature: dhcp_servers Additional Errors:

Get a DHCP server's static binding with the specified binding ID

Return a specific static binding of a given logical DHCP server.
Request:
Method:
GET
URI Path:
/api/v1/dhcp/servers/<server-id>/static-bindings/<binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET /api/v1/dhcp/servers/d7f425da-25d2-4e5e-ae9e-ea112375971d/static-bindings/6f866db1-1ac9-44b5-9ba0-eb87b5bd0ef8 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpStaticBinding+

Example Response: { "resource_type" : "DhcpStaticBinding", "id" : "6f866db1-1ac9-44b5-9ba0-eb87b5bd0ef8", "display_name" : "6f866db1-1ac9-44b5-9ba0-eb87b5bd0ef8", "lease_time" : 86400, "gateway_ip" : "192.168.150.1", "mac_address" : "12:34:56:78:9a:bc", "ip_address" : "192.168.150.201", "host_name" : "machine-1", "_create_time" : 1478309747583, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478309747583, "_revision" : 0 } Required Permissions: read Feature: dhcp_servers Additional Errors:

Delete a static binding

Delete a specific static binding of a given logical DHCP server. Request:
Method:
DELETE
URI Path:
/api/v1/dhcp/servers/<server-id>/static-bindings/<binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE /api/v1/dhcp/servers/d7f425da-25d2-4e5e-ae9e-ea112375971d/static-bindings/6f866db1-1ac9-44b5-9ba0-eb87b5bd0ef8 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: dhcp_servers Additional Errors:

Get the realized state of a dhcp static binding

Return realized state information of a dhcp static binding.
After a dhcp static binding is created or updated, you can invoke this API to get
the realization information of the static binding.
Request:
Method:
GET
URI Path:
/api/v1/dhcp/servers/<server-id>/static-bindings/<binding-id>/state
Request Headers:
n/a
Query Parameters:
RealizationStateQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/dhcp/servers/f962173f-ac03-4d08-8366-56a41779f61d/static-bindings/6f866db1-1ac9-44b5-9ba0-eb87b5bd0ef8/state?request_id=6f866db1-1ac9-44b5-9ba0-eb87b5bd0ef8 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ConfigurationState+

Example Response: { "details": [ { "sub_system_type": "TransportNode", "sub_system_id": "fe651e63-04bd-43a4-a8ec-45381a3b71b9", "state": "in_progress", "failure_message": "CCP Id:ab5958df-d98a-468e-a72b-d89dcdae5346, Message:State realization is in progress at the node." }, { "sub_system_type": "TransportNode", "sub_system_id": "ebe174ac-e4f1-4135-ba72-3dd2eb7099e3", "state": "in_sync" } ], "state": "in_progress", "failure_message": "The state realization is in progress at transport nodes." } Required Permissions: read Feature: dhcp_servers Additional Errors:

Get DHCP statistics with given dhcp server id

Returns the statistics of the given dhcp server.
Request:
Method:
GET
URI Path:
/api/v1/dhcp/servers/<server-id>/statistics
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: TODO Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpStatistics+

Required Permissions: read Feature: dhcp_servers Additional Errors:

Get DHCP service status with given dhcp server id

Returns the service status of the given dhcp server.
Request:
Method:
GET
URI Path:
/api/v1/dhcp/servers/<server-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: TODO Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpServerStatus+

Required Permissions: read Feature: dhcp_servers Additional Errors:

Management Plane API: Services: DNS

Associated URIs:

Create a DNS forwader

Create a DNS forwader upon a logical router. There is only
one DNS forwarder can be created upon a given logical router.
Request:
Method:
POST
URI Path:
/api/v1/dns/forwarders
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DnsForwarder+

Example Request: POST https://<nsx-mgr>/api/v1/dns/forwarders { "display_name": "tenant_A_dns_forwarder", "logical_router_id": "e2fa39aa-f4ca-4781-ac48-60a6c47d34f8", "cache_size": 1024, "listener_ip": "10.10.10.10", "default_forwarder": { "upstream_servers": [ "1.1.1.1", "2.2.2.2", "3.3.3.3" ], "source_ip": "10.10.10.11" }, "conditional_forwarders": [ { "domain_names": [ "foo.com", "0.0.130.in-addr.arpa" ], "upstream_servers": [ "8.8.8.8" ], "source_ip": "10.10.10.12" },{ "domain_names": [ "dev.foo.com" ], "upstream_servers": [ "9.9.9.9" ], "source_ip": "10.10.10.101" },{ "domain_names": [ "bar.com", "0.70.in-addr.arpa" ], "upstream_servers": [ "55.55.55.5" ], "source_ip": "10.10.10.13" } ], "log_level": "INFO" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DnsForwarder+

Example Response: { "resource_type" : "DnsFowarder", "id" : "1b6cb97f-ffa3-407c-b2ed-a9616feb95dd", "display_name": "tenant_A_dns_forwarder", "logical_router_id": "e2fa39aa-f4ca-4781-ac48-60a6c47d34f8", "cache_size": 1024, "listener_ip": "10.10.10.10", "default_forwarder": { "upstream_servers": [ "1.1.1.1", "2.2.2.2", "3.3.3.3" ], "source_ip": "10.10.10.11" }, "conditional_forwarders": [ { "domain_names": [ "foo.com", "0.0.130.in-addr.arpa" ], "upstream_servers": [ "8.8.8.8" ], "source_ip": "10.10.10.12" },{ "domain_names": [ "dev.foo.com" ], "upstream_servers": [ "9.9.9.9" ], "source_ip": "10.10.10.101" },{ "domain_names": [ "bar.com", "0.0.70.in-addr.arpa" ], "upstream_servers": [ "55.55.55.5" ], "source_ip": "10.10.10.13" } ], "log_level": "INFO", "_create_user" : "admin", "_last_modified_user" : "admin", "_create_time" : 1478305498175, "_last_modified_time" : 1478305498175, "_system_owned" : false, "_revision" : 0 } Required Permissions: crud Feature: dns_forwarder Additional Errors:

Get a paginated list of DNS forwarders

Get a paginated list of DNS forwarders.
Request:
Method:
GET
URI Path:
/api/v1/dns/forwarders
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/dns/forwarders Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DnsForwarderListResult+

Example Response: { "sort_ascending": true, "sort_by": "displayName", "result_count": 2, "results": [ { "resource_type": "DnsFowarder", "id" : "1b6cb97f-ffa3-407c-b2ed-a9616feb95dd", "display_name": "tenant_A_dns_forwarder", "logical_router_id": "e2fa39aa-f4ca-4781-ac48-60a6c47d34f8", "cache_size": 1024, "listener_ip": "10.10.10.10", "default_forwarder": { "upstream_servers": [ "1.1.1.1" ], "source_ip": "10.10.10.11" }, "conditional_forwarders": [ { "domain_names": [ "foo.com" ], "upstream_servers": [ "8.8.8.8" ], "source_ip": "10.10.10.12" },{ "domain_names": [ "dev.foo.com" ], "upstream_servers": [ "9.9.9.9" ], "source_ip": "10.10.10.101" },{ "domain_names": [ "bar.com" ], "upstream_servers": [ "55.55.55.5" ], "source_ip": "10.10.10.13" } ], "log_level": "INFO", "_create_user" : "admin", "_last_modified_user" : "admin", "_create_time" : 1478305498175, "_last_modified_time" : 1478305499183, "_system_owned" : false, "_revision" : 1 }, { "resource_type": "DnsFowarder", "id" : "facbc7e8-2a1b-44f0-a013-6791d840277a", "display_name": "tenant_B_dns_forwarder", "logical_router_id": "5079b683-9c7e-4d56-a7d4-8bdb846dee8f", "cache_size": 24, "listener_ip": "192.168.10.2", "default_forwarder": { "upstream_servers": [ "1.1.1.1" ], "source_ip": "10.117.7.10" }, "conditional_forwarders": [ { "domain_names": [ "abc.com" ], "upstream_servers": [ "8.8.8.8" ], "source_ip": "10.117.7.11" } ], "log_level": "INFO", "_create_user" : "admin", "_last_modified_user" : "admin", "_create_time" : 1478305490071, "_last_modified_time" : 1478305490071, "_system_owned" : false, "_revision" : 0 } ] } Required Permissions: read Feature: dns_forwarder Additional Errors:

Delete a specific DNS forwarder

Delete a specific DNS forwarder.
Request:
Method:
DELETE
URI Path:
/api/v1/dns/forwarders/<forwarder-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/dns/forwarders/1b6cb97f-ffa3-407c-b2ed-a9616feb95dd Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: dns_forwarder Additional Errors:

Retrieve a DNS forwarder

Retrieve a DNS forwarder.
Request:
Method:
GET
URI Path:
/api/v1/dns/forwarders/<forwarder-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/dns/forwarders/1b6cb97f-ffa3-407c-b2ed-a9616feb95dd Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DnsForwarder+

Example Response: { "resource_type" : "DnsFowarder", "id" : "1b6cb97f-ffa3-407c-b2ed-a9616feb95dd", "display_name": "tenant_A_dns_forwarder", "logical_router_id": "e2fa39aa-f4ca-4781-ac48-60a6c47d34f8", "cache_size": 1024, "listener_ip": "10.10.10.10", "default_forwarder": { "upstream_servers": [ "1.1.1.1", "2.2.2.2", "3.3.3.3" ], "source_ip": "10.10.10.11" }, "conditional_forwarders": [ { "domain_names": [ "foo.com", "0.0.30.in-addr.arpa" ], "upstream_servers": [ "8.8.8.8" ], "source_ip": "10.10.10.12" },{ "domain_names": [ "dev.foo.com" ], "upstream_servers": [ "9.9.9.9" ], "source_ip": "10.10.10.101" },{ "domain_names": [ "bar.com" ], "upstream_servers": [ "55.55.55.5" ], "source_ip": "10.10.10.13" } ], "log_level": "INFO", "_create_user" : "admin", "_last_modified_user" : "admin", "_create_time" : 1478305498175, "_last_modified_time" : 1478305498175, "_system_owned" : false, "_revision" : 0 } Required Permissions: read Feature: dns_forwarder Additional Errors:

Update a specific DNS forwarder

Update a specific DNS forwarder.
Request:
Method:
PUT
URI Path:
/api/v1/dns/forwarders/<forwarder-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DnsForwarder+

Example Request: PUT https://<nsx-mgr>/api/v1/dns/forwarders/1b6cb97f-ffa3-407c-b2ed-a9616feb95dd { "display_name": "tenant_A_dns_forwarder", "logical_router_id": "e2fa39aa-f4ca-4781-ac48-60a6c47d34f8", "cache_size": 1024, "listener_ip": "10.10.10.10", "default_forwarder": { "upstream_servers": [ "1.1.1.1", "2.2.2.2", "3.3.3.3" ], "source_ip": "10.10.10.11" }, "conditional_forwarders": [ { "domain_names": [ "foo.com" ], "upstream_servers": [ "8.8.8.8" ], "source_ip": "10.10.10.12" },{ "domain_names": [ "dev.foo.com" ], "upstream_servers": [ "9.9.9.9" ], "source_ip": "10.10.10.101" },{ "domain_names": [ "bar.com" ], "upstream_servers": [ "55.55.55.5" ], "source_ip": "10.10.10.13" } ], "log_level": "INFO", "_revision" : 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DnsForwarder+

Example Response: { "resource_type" : "DnsFowarder", "id" : "1b6cb97f-ffa3-407c-b2ed-a9616feb95dd", "display_name": "tenant_A_dns_forwarder", "logical_router_id": "e2fa39aa-f4ca-4781-ac48-60a6c47d34f8", "cache_size": 1024, "listener_ip": "10.10.10.10", "default_forwarder": { "upstream_servers": [ "1.1.1.1", "2.2.2.2", "3.3.3.3" ], "source_ip": "10.10.10.11" }, "conditional_forwarders": [ { "domain_names": [ "foo.com" ], "upstream_servers": [ "8.8.8.8" ], "source_ip": "10.10.10.12" },{ "domain_names": [ "dev.foo.com" ], "upstream_servers": [ "9.9.9.9" ], "source_ip": "10.10.10.101" },{ "domain_names": [ "bar.com" ], "upstream_servers": [ "55.55.55.5" ], "source_ip": "10.10.10.13" } ], "log_level":"INFO", "_create_user" : "admin", "_last_modified_user" : "admin", "_create_time" : 1478305498175, "_last_modified_time" : 1478305499183, "_system_owned" : false, "_revision" : 2 } Required Permissions: crud Feature: dns_forwarder Additional Errors:

Get the recent failed DNS queries

Return the given count of recent failed DNS queries from DNS forwarder.
Since the DNS forwarder is running in Acitve/Standby HA mode on transport
nodes, the given count of queries will be returned from each nodes. Hence
the total queries returned could be doubled.
If no count is specified, 100 recent failed queries are returned. If the
recent failures is less than the given count, all the failures will be
returned. The maximum count is 1,000.
Request:
Method:
GET
URI Path:
/api/v1/dns/forwarders/<forwarder-id>/failed-queries
Request Headers:
n/a
Query Parameters:
DnsFailedQueryRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/dns/forwarders/f962173f-ac03-4d08-8366-56a41779f61d/failed-queries?count=10 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DnsFailedQueries+

Example Response: { "timestamp" : "2019-02-12 09:08:12.120", "per_node_failed_queries" : [ { "count" : 2, "node_id" : "aedc2af2-4c5c-11e9-aa7d-0200400d53ef", "timestamp" : "2019-02-12 09:09:12.120", "results" : [ { "timestamp": "2019-02-11 18:20:20.026", "address" : "dev.vmware.com", "record_type" : "A", "query_target" : "DnsForwarder", "client_ip": "192.168.7.10", "forwarder_ip": "172.128.10.10", "source_ip": "192.168.7.10", "upstream_server_ip": "11.11.11.1", "time_spent": 120, "error_type": "NXDOMAIN", "error_message" : "NXDOMAIN" }, { "timestamp": "2019-02-11 08:21:28.200", "address" : "abc.vmware.com", "record_type" : "A", "query_target" : "Upstream Server", "client_ip": "11.11.11.11", "forwarder_ip": "172.128.11.77", "source_ip": "11.11.11.11", "upstream_server_ip": "8.8.8.8", "time_spent": 60008, "error_type": "timeout", "error_message" : "connection timeout" }] }, { "count" : 2, "node_id" : "c73e587c-4c5c-11e9-87cb-0200407787ca", "timestamp" : "2019-02-12 09:10:12.120", "results" : [ { "timestamp": "2019-02-11 18:20:20.026", "address" : "host1.vmc.vmware.com", "record_type" : "A", "query_target" : "DnsForwarder", "client_ip": "117.168.10.22", "forwarder_ip": "172.128.50.11", "source_ip": "192.168.7.10", "upstream_server_ip": "11.11.11.1", "time_spent": 1100, "error_type": "NXDOMAIN", "error_message" : "NXDOMAIN" }, { "timestamp": "2019-02-11 08:21:28.200", "address" : "host1.wix.vmware.com", "record_type" : "A", "query_target" : "Upstream Server", "client_ip": "22.22.22.22", "forwarder_ip": "172.128.5.8", "source_ip": "11.11.11.10", "upstream_server_ip": "9.9.9.9", "time_spent": 51002, "error_type": "timeout", "error_message" : "connection timeout" }] }] } Required Permissions: read Feature: dns_forwarder Additional Errors:

Resolve a given address via the DNS forwarder

Query the nameserver for an ip-address or a FQDN of the given an address optionally using
an specified DNS server. If the address is a fqdn, nslookup will resolve ip-address with it.
If the address is an ip-address, do a reverse lookup and answer fqdn(s).
Request:
Method:
GET
URI Path:
/api/v1/dns/forwarders/<forwarder-id>/nslookup
Request Headers:
n/a
Query Parameters:
NsLookupParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/dns/forwarders/1b6cb97f-ffa3-407c-b2ed-a9616feb95dd/nslookup?address=vmware.com Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DnsAnswer+

Example Response: { "dns_server" : "10.117.0.1#53", "edge_node_id" : "e2fa39aa-f4ca-4781-ac48-60a6c47d34e0", "authoritative_answer" : [ { "name": "vmware.com" "address": "10.113.63.149" } ] } Required Permissions: read Feature: dns_forwarder Additional Errors:

Get the realized state of a DNS forwarder

Return the realized state information of a DNS forwarder.
After a DNS forwarder was created or updated, you can invoke this API to
check the realization state of the forwarder.
Request:
Method:
GET
URI Path:
/api/v1/dns/forwarders/<forwarder-id>/state
Request Headers:
n/a
Query Parameters:
RealizationStateQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/dns/forwarders/f962173f-ac03-4d08-8366-56a41779f61d/state?request_id=1b6cb97f-ffa3-407c-b2ed-a9616feb95dd Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ConfigurationState+

Example Response: { "details": [ { "sub_system_type": "TransportNode", "sub_system_id": "fe651e63-04bd-43a4-a8ec-45381a3b71b9", "state": "in_progress", "failure_message": "CCP Id:ab5958df-d98a-468e-a72b-d89dcdae5346, Message:State realization is in progress at the node." }, { "sub_system_type": "TransportNode", "sub_system_id": "ebe174ac-e4f1-4135-ba72-3dd2eb7099e3", "state": "in_sync" } ], "state": "in_progress", "failure_message": "The state realization is in progress at transport nodes." } Required Permissions: read Feature: dns_forwarder Additional Errors:

Get statistics of given dns forwarder

Returns the statistics of the given dns forwarder specified by forwarder id.
Request:
Method:
GET
URI Path:
/api/v1/dns/forwarders/<forwarder-id>/statistics
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: TODO Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DnsForwarderStatistics+

Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Get current status of the given DNS forwarder

Returns the current status of the given DNS forwarder.
Request:
Method:
GET
URI Path:
/api/v1/dns/forwarders/<forwarder-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: TODO Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DnsForwarderStatus+

Required Permissions: read Feature: aggregation_service_health_monitoring Additional Errors:

Clear the current cache of the DNS forwarder.

Clear the current cache of the DNS forwarder.
Request:
Method:
POST
URI Path:
/api/v1/dns/forwarders/<forwarder-id>?action=clear_cache
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/dns/forwarders/1b6cb97f-ffa3-407c-b2ed-a9616feb95dd?action=clear_cache Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: dns_forwarder Additional Errors:

Disable the DNS forwarder.

Disable the DNS forwarder if the forwarder is currently enbled. If the DNS
forwarder is already disabled, the forwarder will not be re-disabled.

Please note, once a DNS forwarder is disabled then enabled, the previous
DNS forwarder statistics counters will be reset.
Request:
Method:
POST
URI Path:
/api/v1/dns/forwarders/<forwarder-id>?action=disable
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/dns/forwarders/1b6cb97f-ffa3-407c-b2ed-a9616feb95dd?action=disable Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: dns_forwarder Additional Errors:

Enable the DNS forwarder.

Enable the DNS forwarder if the forwarder is currently disabled. If the
DNS forwarder is already enabled, the forwarder will not be re-enabled.

Please note, once a DNS forwarder is disabled then enabled, the previous
DNS forwarder statistics counters will be reset.
Request:
Method:
POST
URI Path:
/api/v1/dns/forwarders/<forwarder-id>?action=enable
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/dns/forwarders/1b6cb97f-ffa3-407c-b2ed-a9616feb95dd?action=enable Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: dns_forwarder Additional Errors:

Management Plane API: Services: Firewall

Associated URIs:

Get list of entities in exclude list

Request:
Method:
GET
URI Path:
/api/v1/firewall/excludelist
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/excludelist Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ExcludeList+

Example Response: { "resource_type": "ExcludeList", "description": "", "id": "d97f06ef-1fe7-4434-bb12-527cad975be1", "display_name": "d97f06ef-1fe7-4434-bb12-527cad975be1", "tags": [], "members": [ { "target_display_name": "4630aadd-25d7-4c73-b03c-227ac314dfc4", "is_valid": true, "target_type": "LogicalPort", "target_id": "4630aadd-25d7-4c73-b03c-227ac314dfc4" }, { "target_display_name": "db-tier-01", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "3cc5e971-0329-4f35-966a-7cd879171688" }, { "target_display_name": "app-tier-01", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "5091f6ac-ada1-428c-b521-630bc0d55574" } ], "_last_modified_time": 1458598876903, "_last_modified_user": "admin", "_revision": 3 } Required Permissions: read Feature: firewall_configuration Additional Errors:

Modify exclude list

Request:
Method:
PUT
URI Path:
/api/v1/firewall/excludelist
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ExcludeList+

Example Request: PUT https://<nsx-mgr>/api/v1/firewall/excludelist { "id": "d97f06ef-1fe7-4434-bb12-527cad975be1", "members": [ { "target_display_name": "db-tier-01", "target_type": "LogicalSwitch", "target_id": "3cc5e971-0329-4f35-966a-7cd879171688" } ], "_revision": 5 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ExcludeList+

Example Response: { "resource_type": "ExcludeList", "id": "d97f06ef-1fe7-4434-bb12-527cad975be1", "display_name": "d97f06ef-1fe7-4434-bb12-527cad975be1", "members": [ { "target_display_name": "db-tier-01", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "3cc5e971-0329-4f35-966a-7cd879171688" } ], "_last_modified_time": 1458768575155, "_last_modified_user": "admin", "_revision": 6 } Required Permissions: crud Feature: firewall_configuration Additional Errors:

Add a new object in the exclude list

Request:
Method:
POST
URI Path:
/api/v1/firewall/excludelist?action=add_member
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ResourceReference+

Example Request: POST https://<nsx-mgr>/api/v1/firewall/excludelist?action=add_member { "target_id" : "5091f6ac-ada1-428c-b521-630bc0d55574", "target_type" : "LogicalSwitch" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ResourceReference+

Example Response: { "target_display_name": "app-tier-01", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "5091f6ac-ada1-428c-b521-630bc0d55574" } Required Permissions: crud Feature: firewall_configuration Additional Errors:

Check if the object a member of the exclude list

Request:
Method:
POST
URI Path:
/api/v1/firewall/excludelist?action=check_if_exists
Request Headers:
n/a
Query Parameters:
ExcludeListRequestParams+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/firewall/excludelist?action=check_if_exists&object_id=5091f6ac-ada1-428c-b521-630bc0d55574 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ResourceReference+

Example Response: { "target_display_name": "app-tier-01", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "5091f6ac-ada1-428c-b521-630bc0d55574" } Required Permissions: read Feature: firewall_configuration Additional Errors:

Remove an existing object from the exclude list

Request:
Method:
POST
URI Path:
/api/v1/firewall/excludelist?action=remove_member
Request Headers:
n/a
Query Parameters:
ExcludeListRequestParams+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/firewall/excludelist?action=remove_member&object_id=5091f6ac-ada1-428c-b521-630bc0d55574 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ResourceReference+

Required Permissions: crud Feature: firewall_configuration Additional Errors:

Get firewall profiles available.

List all the firewall profiles available by requested resource_type.
Request:
Method:
GET
URI Path:
/api/v1/firewall/profiles
Request Headers:
n/a
Query Parameters:
FirewallProfileListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallProfileListResult+

Example Response: { "result_count": 2, "results": [ { "resource_type": "FirewallSessionTimerProfile", "id": "3f5d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "Firewall SessionTimer Profile 01", "tcp_first_packet": 120, "tcp_opening": 30, "tcp_established": 43200, "tcp_closing": 900, "tcp_finwait": 20, "tcp_closed": 10, "udp_first_packet": 60, "udp_single": 30, "udp_multiple": 60, "icmp_first_packet": 20, "icmp_error_reply": 10, "_last_modified_user": "admin", "_last_modified_time": 1463555187453, "_revision": 0 }, { "resource_type": "FirewallSessionTimerProfile", "id": "7e6d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "Firewall SessionTimer Profile 02", "tcp_first_packet": 120, "tcp_opening": 30, "tcp_established": 43200, "tcp_closing": 900, "tcp_finwait": 20, "tcp_closed": 10, "udp_first_packet": 60, "udp_single": 30, "udp_multiple": 60, "icmp_first_packet": 20, "icmp_error_reply": 10, "_last_modified_user": "admin", "_last_modified_time": 1463555187453, "_revision": 0 }, { "resource_type": "FirewallDNSProfile", "display_name": "Firewall DNS Profile 03", "dns_ttl_config": { "ttl": 86400, "ttl_type": "USE_TTL" } } ] } Required Permissions: read Feature: firewall_general Additional Errors:

Create a firewall profile.

Create a firewall profile with values provided. It creates profile based
resource_type in the payload.
Request:
Method:
POST
URI Path:
/api/v1/firewall/profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FirewallCpuMemThresholdsProfile+
FirewallDnsProfile+
FirewallFloodProtectionProfile+
FirewallSessionTimerProfile+

Example Request: POST https://<nsx-mgr>/api/v1/firewall/profiles { "resource_type": "FirewallSessionTimerProfile", "display_name": "Firewall SessionTimer Profile 01", "tcp_first_packet": 120, "tcp_opening": 30, "tcp_established": 43200, "tcp_closing": 900, "tcp_finwait": 20, "tcp_closed": 10, "udp_first_packet": 60, "udp_single": 30, "udp_multiple": 60, "icmp_first_packet": 20, "icmp_error_reply": 10 } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
FirewallCpuMemThresholdsProfile+
FirewallDnsProfile+
FirewallFloodProtectionProfile+
FirewallSessionTimerProfile+

Example Response: { "resource_type": "FirewallSessionTimerProfile", "id": "7e5d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "Firewall SessionTimer Profile 01", "tcp_first_packet": 120, "tcp_opening": 30, "tcp_established": 43200, "tcp_closing": 900, "tcp_finwait": 20, "tcp_closed": 10, "udp_first_packet": 60, "udp_single": 30, "udp_multiple": 60, "icmp_first_packet": 20, "icmp_error_reply": 10, "_last_modified_user": "admin", "_last_modified_time": 1463555187453, "_revision": 0 } Required Permissions: crud Feature: firewall_general Additional Errors:

Update a firewall profile.

Update user configurable properties of firewall profile.
Request:
Method:
PUT
URI Path:
/api/v1/firewall/profiles/<profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FirewallCpuMemThresholdsProfile+
FirewallDnsProfile+
FirewallFloodProtectionProfile+
FirewallSessionTimerProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/firewall/profiles { "resource_type": "FirewallSessionTimerProfile", "id": "7e5d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "Firewall SessionTimer Profile 01", "tcp_first_packet": 120, "tcp_opening": 30, "tcp_established": 43200, "tcp_closing": 900, "tcp_finwait": 20, "tcp_closed": 10, "udp_first_packet": 60, "udp_single": 30, "udp_multiple": 60, "icmp_first_packet": 20, "icmp_error_reply": 10, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallCpuMemThresholdsProfile+
FirewallDnsProfile+
FirewallFloodProtectionProfile+
FirewallSessionTimerProfile+

Example Response: { "resource_type": "FirewallSessionTimerProfile", "id": "7e5d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "Firewall SessionTimer Profile 01", "tcp_first_packet": 120, "tcp_opening": 30, "tcp_established": 43200, "tcp_closing": 900, "tcp_finwait": 20, "tcp_closed": 10, "udp_first_packet": 60, "udp_single": 30, "udp_multiple": 60, "icmp_first_packet": 20, "icmp_error_reply": 10, "_last_modified_user": "admin", "_last_modified_time": 1463555187453, "_revision": 1 } Required Permissions: crud Feature: firewall_general Additional Errors:

Delete a firewall profile.

Deletes a firewall profile.
Request:
Method:
DELETE
URI Path:
/api/v1/firewall/profiles/<profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/firewall/profiles/7e5d3a8c-8aa8-4df6-9a0f-b0456575b233 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: firewall_general Additional Errors:

Get all firewall session timer profiles.

Return firewall session timer profile.
Request:
Method:
GET
URI Path:
/api/v1/firewall/profiles/<profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/profiles/7e5d3a8c-8aa8-4df6-9a0f-b0456575b233 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallCpuMemThresholdsProfile+
FirewallDnsProfile+
FirewallFloodProtectionProfile+
FirewallSessionTimerProfile+

Example Response: { "resource_type": "FirewallSessionTimerProfile", "id": "7e5d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "Firewall SessionTimer Profile 01", "tcp_first_packet": 120, "tcp_opening": 30, "tcp_established": 43200, "tcp_closing": 900, "tcp_finwait": 20, "tcp_closed": 10, "udp_first_packet": 60, "udp_single": 30, "udp_multiple": 60, "icmp_first_packet": 20, "icmp_error_reply": 10, "_last_modified_user": "admin", "_last_modified_time": 1463555187453, "_revision": 0 } Required Permissions: read Feature: firewall_general Additional Errors:

Read an Existing Rule

Return existing firewall rule information.
Request:
Method:
GET
URI Path:
/api/v1/firewall/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/rules/111616 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallRule+

Example Response: { "id": "111616", "display_name": "allow-icmp", "notes": "", "destinations_excluded": false, "destinations": [ { target_display_name": "app-switch", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" }, { "target_display_name": "web-switch", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "b489b427-9f14-401e-81db-d1105a1917fe" } ], "services": [ { "service": { "resource_type": "ICMPTypeNSService", "icmp_type": 8, "protocol": "ICMPv4", "icmp_code": 0 } } ], "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "section_id": "16a93c39-5822-469e-b0be-70728153642e", "_revision": 3 } Required Permissions: read Feature: firewall_general Additional Errors:

Get the Realized State of a Firewall Rule

Return realized state information of a firewall rule. Returned response is same as rule's
section realization state response.
Request:
Method:
GET
URI Path:
/api/v1/firewall/rules/<rule-id>/state
Request Headers:
n/a
Query Parameters:
RealizationStateQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/rules/2/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RuleState+

Example Response: { "details": [ { "sub_system_type": "TransportNode", "sub_system_id": "fe651e63-04bd-43a4-a8ec-45381a3b71b9", "state": "in_progress", "failure_message": "CCP:null,TransportNode:fe651e63-04bd-43a4-a8ec-45381a3b71b9,Message:" }, { "sub_system_type": "TransportNode", "sub_system_id": "ebe174ac-e4f1-4135-ba72-3dd2eb7099e3", "state": "in_progress", "failure_message": "CCP:null,TransportNode:ebe174ac-e4f1-4135-ba72-3dd2eb7099e3,Message:" } ], "pending_change_list" : [ { "request_id": "4e0f82a0-4e39-4aa2-9d0a-ef1662dc6bc6" } ], "state": "in_progress" } Required Permissions: read Feature: firewall_general Additional Errors:

List All Firewall Sections

List all firewall section in paginated form. A default page size is limited
to 1000 firewall sections. By default list of section is filtered by LAYER3
type.
Request:
Method:
GET
URI Path:
/api/v1/firewall/sections
Request Headers:
n/a
Query Parameters:
FirewallSectionFilterParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/sections Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallSectionListResult+

Example Response: { "cursor": "003616a93c39-5822-469e-b0be-70728153642eFirewallSection", "sort_by": "position", "result_count": 2, "results": [ { "resource_type": "FirewallSection", "description": "protects app VMs", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "app-firewall", "section_type": "LAYER3", "applied_tos": [ { "target_display_name": "app-switch", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "is_default": false, "stateful": true, "rule_count": 0, "locked": true, "comments": "Locked the section", "lock_modified_by": "admin", "lock_modified_time": "14458940331000", "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1445894033107, "_create_user": "admin", "_create_time": 1445894033107, "_revision": 0 }, { "resource_type": "FirewallSection", "id": "16a93c39-5822-469e-b0be-70728153642e", "display_name": "Default Layer3 Section", "section_type": "LAYER3", "is_default": true, "stateful": true, "rule_count": 1, "locked": true, "comments": "Locked the section", "lock_modified_by": "admin", "lock_modified_time": "1445888985070", "_last_modified_user": "system", "_system_owned": false, "_last_modified_time": 1445888985075, "_create_user": "system", "_create_time": 1445888985075, "_revision": 0 } ] } Required Permissions: read Feature: firewall_general Additional Errors:

Create a New Empty Section

Creates new empty firewall section in the system.
Request:
Method:
POST
URI Path:
/api/v1/firewall/sections
Request Headers:
n/a
Query Parameters:
FirewallInsertParameters+
Request Body:
FirewallSection+

Example Request: POST https://<nsx-mgr>/api/v1/firewall/sections { "display_name": "web-switch", "section_type" : "LAYER2", "stateful" : false } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
FirewallSection+

Example Response: { "resource_type": "FirewallSection", "id": "dd8afb22-df12-4b37-aea2-7f0bbf7cdb37", "display_name": "web-switch", "section_type": "LAYER2", "is_default": false, "stateful": false, "rule_count": 0, "locked": false, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1445894697038, "_create_user": "admin", "_create_time": 1445894697038, "_revision": 0 } Required Permissions: crud Feature: firewall_general Additional Errors:

Delete an Existing Section and Its Associated Rules

Removes firewall section from the system. Firewall section with
rules can only be deleted by passing "cascade=true" parameter.
Request:
Method:
DELETE
URI Path:
/api/v1/firewall/sections/<section-id>
Request Headers:
n/a
Query Parameters:
SectionQueryParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/firewall/sections/65a60890-6f48-418d-a7d5-5aaf65fc4e5b Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: firewall_general Additional Errors:

Update an Existing Section

Modifies the specified section, but does not modify the section's
associated rules. Simultaneous update (modify) operations on same section
are not allowed to prevent overwriting stale contents to firewall section.
If a concurrent update is performed, HTTP response code 409 will be
returned to the client operating on stale data. That client should retrieve
the firewall section again and re-apply its update.
Request:
Method:
PUT
URI Path:
/api/v1/firewall/sections/<section-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FirewallSection+

Example Request: PUT https://<nsx-mgr>/api/v1/firewall/sections/65a60890-6f48-418d-a7d5-5aaf65fc4e5b { "_revision": 0, "description": "protects app and web VMs", "display_name": "app_and_web-firewall", "section_type": "LAYER3", "applied_tos": [ { "target_type": "LogicalSwitch", "target_id": "b489b427-9f14-401e-81db-d1105a1917fe" } ], "stateful": true } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallSection+

Example Response: { "resource_type": "FirewallSection", "description": "protects app and webVMs", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "app-firewall", "section_type": "LAYER3", "applied_tos": [ { "target_display_name": "app_and_web-firewall", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } { "target_display_name": "web-switch", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "b489b427-9f14-401e-81db-d1105a1917fe" } ], "is_default": false, "stateful": true, "rule_count": 0, "locked": true, "comments": "Locked the section", "lock_modified_by": "admin", "lock_modified_time": "1445894033100", "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1445894033117, "_create_user": "admin", "_create_time": 1445894033107, "_revision": 1 } Required Permissions: crud Feature: firewall_general Additional Errors:

Get an Existing Section

Returns information about firewall section for the identifier.
Request:
Method:
GET
URI Path:
/api/v1/firewall/sections/<section-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/sections/65a60890-6f48-418d-a7d5-5aaf65fc4e5b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallSection+

Example Response: { "resource_type": "FirewallSection", "description": "protects app VMs", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "app-firewall", "section_type": "LAYER3", "applied_tos": [ { "target_display_name": "app-switch", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "is_default": false, "stateful": true, "rule_count": 0, "locked": true, "comments": "Locked the section", "lock_modified_by": "admin", "lock_modified_time": "1445894033104", "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1445894033107, "_create_user": "admin", "_create_time": 1445894033107, "_revision": 0 } Required Permissions: read Feature: firewall_general Additional Errors:

Add a Single Rule in a Section

Adds a new firewall rule in existing firewall section. Adding firewall rule
to a section modifies parent section entity and simultaneous update (modify)
operations on same section are not allowed to prevent overwriting stale
content to firewall section. If a concurrent update is performed, HTTP
response code 409 will be returned to the client operating on stale data.
That client should retrieve the firewall section again and re-apply its
update.
Request:
Method:
POST
URI Path:
/api/v1/firewall/sections/<section-id>/rules
Request Headers:
n/a
Query Parameters:
FirewallInsertParameters+
Request Body:
FirewallRule+

Example Request: POST https://<nsx-mgr>/api/v1/firewall/sections/2111d18f-27ba-4f19-a51d-2173c3972410/rules { "display_name": "layer3rule1", "destinations_excluded": false, "sources": [ { "target_display_name": "192.168.100.7", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.7" } ], "destinations": [ { "target_display_name": "192.168.100.8", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.8" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallRule+

Example Response: { "id": "1799168", "display_name": "layer3rule1", "destinations_excluded": false, "sources": [ { "target_display_name": "192.168.100.7", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.7" } ], "destinations": [ { "target_display_name": "192.168.100.8", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.8" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 0 } Required Permissions: crud Feature: firewall_general Additional Errors:

Get All the Rules for a Section

Return all firewall rule(s) information for a given firewall section.
Request:
Method:
GET
URI Path:
/api/v1/firewall/sections/<section-id>/rules
Request Headers:
n/a
Query Parameters:
FirewallListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/sections/16a93c39-5822-469e-b0be-70728153642e/rules?page_size=1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallRuleListResult+

Example Response: { "cursor": "003600000000-0000-0000-0000-0000000000022305843009213694015", "sort_by": "priority", "result_count": 2, "results": [ { "id": "111616", "display_name": "allow-icmp", "notes": "", "destinations_excluded": false, "destinations": [ { "target_display_name": "app-switch", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" }, { "target_display_name": "web-switch", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "b489b427-9f14-401e-81db-d1105a1917fe" } ], "services": [ { "service": { "resource_type": "ICMPTypeNSService", "icmp_type": 8, "protocol": "ICMPv4", "icmp_code": 0 } } ], "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 3 }, { "id": "2", "display_name": "00000000-0000-0000-0000-000000000002", "notes": "", "destinations_excluded": false, "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 3 } ] } Required Permissions: read Feature: firewall_general Additional Errors:

Update an Existing Rule

Modifies existing firewall rule in a firewall section. Updating firewall
rule in a section modifies parent section entity and simultaneous update
(modify) operations on same section are not allowed to prevent overwriting
stale contents to firewall section. If a concurrent update is performed,
HTTP response code 409 will be returned to the client operating on stale
data. That client should retrieve the firewall section again and re-apply
its update.
Request:
Method:
PUT
URI Path:
/api/v1/firewall/sections/<section-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FirewallRule+

Example Request: PUT https://<nsx-mgr>/api/v1/firewall/sections/2111d18f-27ba-4f19-a51d-2173c3972410/rules/7168 { "_revision": 1, "id": "7168", "display_name": "layer3rule1", "destinations_excluded": false, "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "destinations": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "REJECT", "sources_excluded": false, "disabled": false, "direction": "IN_OUT" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallRule+

Example Response: { "id": "7168", "display_name": "layer3rule1", "destinations_excluded": false, "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "destinations": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "REJECT", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 2 } Required Permissions: crud Feature: firewall_general Additional Errors:

Read an Existing Rule

Return existing firewall rule information in a firewall section.
Request:
Method:
GET
URI Path:
/api/v1/firewall/sections/<section-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/sections/16a93c39-5822-469e-b0be-70728153642e/rules/111616 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallRule+

Example Response: { "id": "111616", "display_name": "allow-icmp", "notes": "", "destinations_excluded": false, "destinations": [ { target_display_name": "app-switch", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" }, { "target_display_name": "web-switch", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "b489b427-9f14-401e-81db-d1105a1917fe" } ], "services": [ { "service": { "resource_type": "ICMPTypeNSService", "icmp_type": 8, "protocol": "ICMPv4", "icmp_code": 0 } } ], "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 3 } Required Permissions: read Feature: firewall_general Additional Errors:

Delete an Existing Rule

Delete existing firewall rule in a firewall section. Deleting firewall rule
in a section modifies parent section and simultaneous update (modify)
operations on same section are not allowed to prevent overwriting stale
contents to firewall section. If a concurrent update is performed, HTTP
response code 409 will be returned to the client operating on stale data.
That client should retrieve the firewall section again and re-apply its
update.
Request:
Method:
DELETE
URI Path:
/api/v1/firewall/sections/<section-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/firewall/sections/16a93c39-5822-469e-b0be-70728153642e/rules/111616 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: firewall_general Additional Errors:

Get Firewall rule level statistics

Get aggregated statistics for a rule for given firewall section. The
API only supports access to cached (source=cached) statistical data
collected offline in the system. Data includes total number of packets,
bytes, sessions counters and popularity index for a firewall rule and
overall session count, max session count and max popularity index for
all firewall rules on transport nodes or edge nodes. Aggregated
statistics like maximum popularity index, maximum session count and
total session count are computed with lower frequency compared to
individual generic rule statistics, hence they may have a computation
delay up to 15 minutes to reflect in response to this API.
Request:
Method:
GET
URI Path:
/api/v1/firewall/sections/<section-id>/rules/<rule-id>/stats
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/sections/d1cba5d1-02dc-4507-b6e8-117cb050e71d/rules/2/stats Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallStats+

Example Response: { "rule_id": "2", "packet_count": 3806, "session_count": 819, "hit_count": 819, "byte_count": 322989, "popularity_index": 85, "max_popularity_index": 85, "max_session_count": 819, "total_session_count" : 819, "_schema": "FirewallRule" } Required Permissions: read Feature: firewall_general Additional Errors:

Update an Existing Rule and Reorder the Rule

Modifies existing firewall rule along with relative position among
other firewall rules inside a firewall section. Revising firewall rule in a
section modifies parent section entity and simultaneous update (modify)
operations on same section are not allowed to prevent overwriting stale
contents to firewall section. If a concurrent update is performed, HTTP
response code 409 will be returned to the client operating on stale data.
That client should retrieve the firewall section again and re-apply its
update.
Request:
Method:
POST
URI Path:
/api/v1/firewall/sections/<section-id>/rules/<rule-id>?action=revise
Request Headers:
n/a
Query Parameters:
FirewallInsertParameters+
Request Body:
FirewallRule+

Example Request: POST https://<nsx-mgr>/api/v1/firewall/sections/2111d18f-27ba-4f19-a51d-2173c3972410/rules/7168?action=revise&operation=insert_bottom { "id": "7168", "display_name": "layer3rule1", "destinations_excluded": false, "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "destinations": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "REJECT", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallRule+

Example Response: { "id": "7168", "display_name": "layer3rule1", "destinations_excluded": false, "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "destinations": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "REJECT", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 3 } Required Permissions: crud Feature: firewall_general Additional Errors:

Get Firewall section level statistics section

Get aggregated statistics for all rules for a given firewall section. The
API only supports access to cached (source=cached) statistical data
collected offline in the system. Data includes total number of packets,
bytes, sessions counters and popularity index for a firewall rule and
overall session count, max session count and max popularity index for
all firewall rules on transport nodes or edge nodes. Aggregated
statistics like maximum popularity index, maximum session count and
total session count are computed with lower frequency compared to
individual generic rule statistics, hence they may have a computation
delay up to 15 minutes to reflect in response to this API.
Request:
Method:
GET
URI Path:
/api/v1/firewall/sections/<section-id>/rules/stats
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/sections/d1cba5d1-02dc-4507-b6e8-117cb050e71d/rules/stats Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallStatsList+

Example Response: { "results" : [ { "rule_id": "2", "packet_count": 3806, "session_count": 819, "hit_count": 819, "byte_count": 322989, "popularity_index": 85, "max_popularity_index": 85, "max_session_count": 819, "total_session_count": 881, "_schema": "FirewallRule" }, { "rule_id": "3", "packet_count": 8762, "session_count": 62, "hit_count": 62, "byte_count": 76201, "popularity_index": 13, "max_popularity_index": 85, "max_session_count": 819, "total_session_count": 881, "_schema": "FirewallRule" } ], "stats_count" : 2 } Required Permissions: read Feature: firewall_general Additional Errors:

Add Multiple Rules in a Section

Create multiple firewall rules in existing firewall section bounded by
limit of 1000 firewall rules per section. Adding multiple firewall rules in
a section modifies parent section entity and simultaneous update (modify)
operations on same section are not allowed to prevent overwriting stale
contents to firewall section. If a concurrent update is performed, HTTP
response code 409 will be returned to the client operating on stale data.
That client should retrieve the firewall section again and re-apply its
update.
Request:
Method:
POST
URI Path:
/api/v1/firewall/sections/<section-id>/rules?action=create_multiple
Request Headers:
n/a
Query Parameters:
FirewallInsertParameters+
Request Body:
FirewallRuleList+

Example Request: POST https://<nsx-mgr>/api/v1/firewall/sections/2111d18f-27ba-4f19-a51d-2173c3972410/rules?action=create_multiple { "rules" : [ { "display_name":"layer3rule1", "action":"ALLOW", "direction":"IN_OUT", "sources": [ { "target_display_name": "192.168.100.7", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.7" } ], "destinations": [ { "target_display_name": "192.168.100.8", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.8" } ] }, { "display_name":"layer3rule2", "action":"ALLOW", "direction":"IN_OUT", "sources": [ { "target_display_name": "192.168.100.9", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.9" } ], "destinations": [ { "target_display_name": "192.168.100.9", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.9" } ] } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallRuleList+

Example Response: { "rules": [ { "id": "58368", "display_name": "layer3rule1", "destinations_excluded": false, "sources": [ { "target_display_name": "192.168.100.7", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.7" } ], "destinations": [ { "target_display_name": "192.168.100.8", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.8" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 3 }, { "id": "715776", "display_name": "layer3rule2", "destinations_excluded": false, "sources": [ { "target_display_name": "192.168.100.9", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.9" } ], "destinations": [ { "target_display_name": "192.168.100.9", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.9" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 3 } ] } Required Permissions: crud Feature: firewall_general Additional Errors:

Get the Realized State of a Firewall Section

Return realized state information of a firewall section.
Request:
Method:
GET
URI Path:
/api/v1/firewall/sections/<section-id>/state
Request Headers:
n/a
Query Parameters:
RealizationStateQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/sections/d1cba5d1-02dc-4507-b6e8-117cb050e71d/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallSectionState+

Example Response: { "details": [ { "sub_system_type": "TransportNode", "sub_system_id": "fe651e63-04bd-43a4-a8ec-45381a3b71b9", "state": "in_progress", "failure_message": "CCP:null,TransportNode:fe651e63-04bd-43a4-a8ec-45381a3b71b9,Message:" }, { "sub_system_type": "TransportNode", "sub_system_id": "ebe174ac-e4f1-4135-ba72-3dd2eb7099e3", "state": "in_progress", "failure_message": "CCP:null,TransportNode:ebe174ac-e4f1-4135-ba72-3dd2eb7099e3,Message:" } ], "pending_change_list" : [ { "request_id": "4e0f82a0-4e39-4aa2-9d0a-ef1662dc6bc6" } ], "state": "in_progress" } Required Permissions: read Feature: firewall_general Additional Errors:

Get an Existing Section, Including Rules

Returns firewall section information with rules for a section identifier.
When invoked on a section with a large number of rules, this API is supported
only at low rates of invocation (not more than 4-5 times per minute). The
typical latency of this API with about 1024 rules is about 4-5 seconds. This
API should not be invoked with large payloads at automation speeds. More than
50 rules with a large number rule references is not supported.

Instead, to read firewall rules, use:
GET /api/v1/firewall/sections/<section-id>/rules with the appropriate
page_size.
Request:
Method:
POST
URI Path:
/api/v1/firewall/sections/<section-id>?action=list_with_rules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/firewall/sections/65a60890-6f48-418d-a7d5-5aaf65fc4e5b?action=list_with_rules Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallSectionRuleList+

Example Response: { "resource_type": "FirewallSectionRuleList", "description": "protects app VMs", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "app-firewall", "section_type": "LAYER3", "is_default": false, "stateful": true, "rule_count": 1, "rules": [ { "id": "1932288", "display_name": "block ftp", "notes": "", "destinations_excluded": false, "services": [ { "service": { "resource_type": "ALGTypeNSService", "destination_ports": [ "21" ], "source_ports": [], "alg": "FTP" } } ], "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "REJECT", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 1 } ], "locked": true, "comments": "Locked the section", "lock_modified_by": "admin", "lock_modified_time": "1445912484445", "_last_modified_user": "admin", "_last_modified_time": 1445912484450, "_revision": 1 } Required Permissions: read Feature: firewall_general Additional Errors:

Lock a section

Lock a section
Request:
Method:
POST
URI Path:
/api/v1/firewall/sections/<section-id>?action=lock
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FirewallSectionLock+

Example Request: POST https://<nsx-mgr>/api/v1/ firewall/sections/2111d18f-27ba-4f19-a51d-2173c3972410?action=lock { "comments": "Lock the Section", "section_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallSection+

Example Response: { "resource_type": "FirewallSection", "id": "2111d18f-27ba-4f19-a51d-2173c3972410", "display_name": "Layer3 Section with Rules", "section_type": "LAYER3", "is_default": false, "stateful": true, "rule_count": 1, "locked": true, "comments": "Locked the section", "lock_modified_by": "admin", "lock_modified_time": "1446241866900", "_create_time": 1446241866925, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1446241866925, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: firewall_general Additional Errors:

Update an Existing Section, Including Its Position

Modifies an existing firewall section along with its relative position
among other firewall sections in the system. Simultaneous update (modify)
operations on same section are not allowed to prevent overwriting stale
contents to firewall section. If a concurrent update is performed, HTTP
response code 409 will be returned to the client operating on stale data.
That client should retrieve the firewall section again and re-apply its
update.
Request:
Method:
POST
URI Path:
/api/v1/firewall/sections/<section-id>?action=revise
Request Headers:
n/a
Query Parameters:
FirewallInsertParameters+
Request Body:
FirewallSection+

Example Request: POST https://<nsx-mgr>/api/v1/firewall/sections/2111d18f-27ba-4f19-a51d-2173c3972410?action=revise&operation=insert_before&id=79b29ea5-051a-4ab2-af85-fb6520a9f881 { "resource_type": "FirewallSection", "id": "2111d18f-27ba-4f19-a51d-2173c3972410", "display_name": "Layer3 Section with Rules", "section_type": "LAYER3", "stateful": true, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallSection+

Example Response: { "resource_type": "FirewallSection", "id": "2111d18f-27ba-4f19-a51d-2173c3972410", "display_name": "Layer3 Section with Rules", "section_type": "LAYER3", "is_default": false, "stateful": true, "rule_count": 1, "locked": true, "comments": "Locked the section", "lock_modified_by": "admin", "lock_modified_time": "1446241866900", "_create_time": 1446241866925, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1446241866925, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: firewall_general Additional Errors:

Update an Existing Section with Rules

Modifies an existing firewall section along with its relative position
among other firewall sections with rules. When invoked on a large number
of rules, this API is supported only at low rates of invocation (not more
than 2 times per minute). The typical latency of this API with about 1024
rules is about 15 seconds in a cluster setup. This API should not be
invoked with large payloads at automation speeds.

Instead, to move a section above or below another section, use:
POST /api/v1/firewall/sections/<section-id>?action=revise

To modify rules, use:
PUT /api/v1/firewall/sections/<section-id>/rules/<rule-id>

Simultaneous update (modify) operations on same section are not allowed to
prevent overwriting stale contents to firewall section. If a concurrent
update is performed, HTTP response code 409 will be returned to the client
operating on stale data. That client should retrieve the firewall section
again and re-apply its update.
Request:
Method:
POST
URI Path:
/api/v1/firewall/sections/<section-id>?action=revise_with_rules
Request Headers:
n/a
Query Parameters:
FirewallInsertParameters+
Request Body:
FirewallSectionRuleList+

Example Request: POST https://<nsx-mgr>/api/v1/firewall/sections/2111d18f-27ba-4f19-a51d-2173c3972410?action=revise_with_rules&operation=insert_after&id=79b29ea5-051a-4ab2-af85-fb6520a9f881 { "section_type":"LAYER3", "id": "2111d18f-27ba-4f19-a51d-2173c3972410", "display_name":"another Layer3 Section with Rules", "stateful":true, "rules":[ { "display_name":"layer3rule1", "action":"ALLOW", "direction":"IN_OUT", "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "destinations": [ { "target_display_name": "192.168.100.6", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.6" } ] } ] } example_response: | { "resource_type": "FirewallSectionRuleList", "id": "2111d18f-27ba-4f19-a51d-2173c3972410", "display_name": "another Layer3 Section with Rules", "section_type": "LAYER3", "is_default": false, "stateful": true, "rule_count": 1, "rules": [ { "id": "7168", "display_name": "layer3rule1", "destinations_excluded": false, "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "destinations": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 1 } ], "locked": true, "comments": "Locked the section", "lock_modified_by": "admin", "lock_modified_time": "1446245476600", "_last_modified_user": "admin", "_last_modified_time": 1446245476635, "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallSectionRuleList+

Required Permissions: crud Feature: firewall_general Additional Errors:

Unlock a section

Unlock a section
Request:
Method:
POST
URI Path:
/api/v1/firewall/sections/<section-id>?action=unlock
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FirewallSectionLock+

Example Request: POST https://<nsx-mgr>/api/v1/ firewall/sections/2111d18f-27ba-4f19-a51d-2173c3972410?action=unlock { "comments": "Unlock the Section", "section_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallSection+

Example Response: { "resource_type": "FirewallSection", "id": "2111d18f-27ba-4f19-a51d-2173c3972410", "display_name": "Layer3 Section with Rules", "section_type": "LAYER3", "is_default": false, "stateful": true, "rule_count": 1, "locked": false, "comments": "Unlock the section", "lock_modified_by": "admin", "lock_modified_time": "1446241866900", "_create_time": 1446241866925, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1446241866925, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: firewall_general Additional Errors:

Update an Existing Section, Including Its Rules

Modifies existing firewall section along with its association with rules.
When invoked on a large number of rules, this API is supported only at low
rates of invocation (not more than 2 times per minute). The typical latency
of this API with about 1024 rules is about 15 seconds in a cluster setup.
This API should not be invoked with large payloads at automation speeds.

Instead, to update rule content, use:
PUT /api/v1/firewall/sections/<section-id>/rules/<rule-id>

Simultaneous update (modify) operations on same section are not allowed to
prevent overwriting stale contents to firewall section. If a concurrent
update is performed, HTTP response code 409 will be returned to the client
operating on stale data. That client should retrieve the firewall section
again and re-apply its update.
Request:
Method:
POST
URI Path:
/api/v1/firewall/sections/<section-id>?action=update_with_rules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FirewallSectionRuleList+

Example Request: POST https://<nsx-mgr>/api/v1/firewall/sections/79b29ea5-051a-4ab2-af85-fb6520a9f881?action=update_with_rules { "resource_type": "FirewallSection", "description": "", "id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "display_name": "my section", "tags": [], "section_type": "LAYER3", "is_default": false, "stateful": true, "rules": [ { "id": "1639424", "display_name": "my best rule", "notes": "This is my note", "destinations_excluded": false, "sources": [ { "target_display_name": "192.168.200.2", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.200.2" } ], "destinations": [ { "target_display_name": "192.168.200.3", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.200.3" } ], "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallSectionRuleList+

Example Response: { "resource_type": "FirewallSectionRuleList", "description": "", "id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "display_name": "my section", "tags": [], "section_type": "LAYER3", "is_default": false, "stateful": true, "rule_count": 1, "rules": [ { "id": "1639424", "display_name": "my best rule", "notes": "This is my note", "destinations_excluded": false, "sources": [ { "target_display_name": "192.168.200.2", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.200.2" } ], "destinations": [ { "target_display_name": "192.168.200.3", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.200.3" } ], "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 2 } ], "locked": true, "comments": "Locked the section", "lock_modified_by": "admin", "lock_modified_time": "1446249271900", "_last_modified_user": "admin", "_last_modified_time": 1446249271991, "_revision": 2 } Required Permissions: crud Feature: firewall_general Additional Errors:

Get the summary of sections in the firewall configuration.

List the summary of number of sections and number of rules for each firewall
category (L2DFW, L3DFW).
Request:
Method:
GET
URI Path:
/api/v1/firewall/sections/summary
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/sections/summary?source=cached Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallSectionsSummaryList+

Example Response: { "sections_summary":[ { "section_type":"L2DFW", "section_count":1, "rule_count":2 }, { "section_type":"L3DFW", "section_count":10, "rule_count":50 } ], "last_compute_time":1463555183599 } Required Permissions: read Feature: firewall_general Additional Errors:

Create a Section with Rules

Creates a new firewall section with rules. The limit on the number of
rules is defined by maxItems in collection types for FirewallRule
(FirewallRuleXXXList types). When invoked on a section with a large number
of rules, this API is supported only at low rates of invocation (not more
than 4-5 times per minute). The typical latency of this API with about 1024
rules is about 4-5 seconds. This API should not be invoked with large
payloads at automation speeds. More than 50 rules with a large number of
rule references is not supported.

Instead, to create sections, use:
POST /api/v1/firewall/sections

To create rules, use:
POST /api/v1/firewall/sections/<section-id>/rules
Request:
Method:
POST
URI Path:
/api/v1/firewall/sections?action=create_with_rules
Request Headers:
n/a
Query Parameters:
FirewallInsertParameters+
Request Body:
FirewallSectionRuleList+

Example Request: POST https://<nsx-mgr>/api/v1/firewall/sections?action=create_with_rules&operation=insert_bottom { "section_type":"LAYER3", "display_name":"another Layer3 Section with Rules", "stateful":true, "rules":[ { "display_name":"layer3rule1", "action":"ALLOW", "direction":"IN_OUT", "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "destinations": [ { "target_display_name": "192.168.100.6", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ] } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
FirewallSectionRuleList+

Example Response: { "resource_type": "FirewallSectionRuleList", "id": "3222f90e-921c-46ea-be64-99b1c0c51838", "display_name": "another Layer3 Section with Rules", "section_type": "LAYER3", "is_default": false, "stateful": true, "rule_count": 1, "rules": [ { "id": "1430528", "display_name": "layer3rule1", "destinations_excluded": false, "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "destinations": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 0 } ], "locked": false, "_create_time": 1446242294559, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1446242294559, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: firewall_general Additional Errors:

Reset firewall rule statistics

Sets firewall rule statistics counter to zero. This operation is supported
for given category, for example: L3DFW i.e. for all layer3 firewall
(transport nodes only) rules or L3EDGE i.e. for all layer3 edge firewall
(edge nodes only) rules or L3BRIDGEPORT i.e. for all layer3 bridge port firewall
(bridge ports only) rules.
Request:
Method:
POST
URI Path:
/api/v1/firewall/stats?action=reset
Request Headers:
n/a
Query Parameters:
ResetStatsParameters+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/firewall/stats?action=reset&category=L3DFW Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: firewall_general Additional Errors:

List all firewall status for supported contexts

Request:
Method:
GET
URI Path:
/api/v1/firewall/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallStatusListResult+

Example Response: { "result_count": 1, "results": [ { "resource_type": "FirewallStatus", "id": "5863495c-ffe8-4d44-8ea7-371f9fe2d97f", "display_name": "5863495c-ffe8-4d44-8ea7-371f9fe2d97f", "global_status": "DISABLED", "context": "transport_nodes", "_last_modified_user": "admin", "_last_modified_time": 1498698220680, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: firewall_general Description:
Fetches firewall status for all supported context types. Supported context type is 'transport_nodes'.
Additional Errors:

Get firewall global status for dfw context

Request:
Method:
GET
URI Path:
/api/v1/firewall/status/<context-type>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/status/transport_nodes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallStatus+

Example Response: { "resource_type": "FirewallStatus", "id": "5863495c-ffe8-4d44-8ea7-371f9fe2d97f", "display_name": "5863495c-ffe8-4d44-8ea7-371f9fe2d97f", "global_status": "ENABLED", "context": "transport_nodes", "_create_user": "system", "_create_time": 1498679696805, "_last_modified_user": "system", "_last_modified_time": 1498679696805, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: firewall_general Description:
Fetches firewall global status for supported dfw context types e.g. 'transport_nodes'
Additional Errors:

Update global firewall status for dfw context

Request:
Method:
PUT
URI Path:
/api/v1/firewall/status/<context-type>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FirewallStatus+

Example Request: PUT https://<nsx-mgr>/api/v1/firewall/status/transport_nodes { "id": "5863495c-ffe8-4d44-8ea7-371f9fe2d97f", "display_name": "DFW Enable/Disable Status", "global_status": "DISABLED", "context": "transport_nodes", "_create_user": "system", "_create_time": 1498679696805, "_last_modified_user": "system", "_last_modified_time": 1498679696805, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FirewallStatus+

Example Response: { "resource_type": "FirewallStatus", "id": "5863495c-ffe8-4d44-8ea7-371f9fe2d97f", "display_name": "DFW Enable/Disable Status", "global_status": "DISABLED", "context": "transport_nodes", "_last_modified_user": "admin", "_last_modified_time": 1498698220680, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: firewall_general Description:
Update global firewall status for supported dfw context types e.g. 'transport_nodes'
Additional Errors:

Get firewall status for target resource in dfw context

Request:
Method:
GET
URI Path:
/api/v1/firewall/status/<context-type>/<id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/firewall/status/logical_routers/1253495c-ffe8-4d44-8ea7-37fe9fe2d97f Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TargetResourceStatus+

Example Response: { "target_id": "1253495c-ffe8-4d44-8ea7-37fe9fe2d97f", "status": "ENABLED" } Required Permissions: read Feature: firewall_general Description:
Fetches firewall status for a given target resource in supported dfw context types e.g. 'A specific logical router'
Additional Errors:

Disable firewall on target resource in dfw context

Request:
Method:
POST
URI Path:
/api/v1/firewall/status/<context-type>/<id>?action=disable_firewall
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/firewall/status/logical_routers/1253495c-ffe8-4d44-8ea7-37fe9fe2d97f?action=disable_firewall Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TargetResourceStatus+

Example Response: { "target_id": "1253495c-ffe8-4d44-8ea7-37fe9fe2d97f", "target_status": "DISABLED" } Required Permissions: crud Feature: firewall_general Description:
Disable firewall on a target resource in dfw context e.g. 'A specific logical router'
Additional Errors:

Enable firewall on target resource in dfw context

Request:
Method:
POST
URI Path:
/api/v1/firewall/status/<context-type>/<id>?action=enable_firewall
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/firewall/status/logical_routers/1253495c-ffe8-4d44-8ea7-37fe9fe2d97f?action=enable_firewall Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TargetResourceStatus+

Example Response: { "target_id": "1253495c-ffe8-4d44-8ea7-37fe9fe2d97f", "target_status": "ENABLED" } Required Permissions: crud Feature: firewall_general Description:
Enable firewall on a target resource in dfw context types e.g. 'A specific logical router'
Additional Errors:

Management Plane API: Services: Loadbalancer

Associated URIs:

Retrieve a paginated list of load balancer application profiles

Retrieve a paginated list of load balancer application profiles.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/application-profiles
Request Headers:
n/a
Query Parameters:
LbAppProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/application-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbAppProfileListResult+

Example Response: { "result_count" : 4, "results" : [ { "resource_type" : "LbHttpProfile", "description" : "LB_HTTP_Application_Profile", "id" : "1cab1491-a058-48fd-ac55-ea412adb3283", "display_name" : "LB_HTTP_Application_Profile", "ntlm" : false, "request_header_size" : 1024, "http_redirect_to_https" : false, "idle_timeout" : 15, "_create_time" : 1515741466296, "_last_modified_user" : "admin", "_last_modified_time" : 1515741466296, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 }, { "resource_type" : "LbFastTcpProfile", "id" : "6f99b4d7-8b85-53db-956a-4b5255daf032", "display_name" : "nsx-default-lb-fast-tcp-profile", "close_timeout" : 8, "ha_flow_mirroring_enabled" : false, "idle_timeout" : 1800, "_create_time" : 1515651381528, "_last_modified_user" : "system", "_last_modified_time" : 1515651381528, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 }, { "resource_type" : "LbFastUdpProfile", "id" : "0564104e-d0ba-5b9a-9ca0-865cbc5feeb3", "display_name" : "nsx-default-lb-fast-udp-profile", "flow_mirroring_enabled" : false, "idle_timeout" : 300, "_create_time" : 1515651381538, "_last_modified_user" : "system", "_last_modified_time" : 1515651381538, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 }, { "resource_type" : "LbHttpProfile", "id" : "cb2d0721-cc15-5b8e-8633-14be114eac5e", "display_name" : "nsx-default-lb-http-profile", "ntlm" : false, "request_header_size" : 1024, "http_redirect_to_https" : false, "idle_timeout" : 15, "_create_time" : 1515651381507, "_last_modified_user" : "system", "_last_modified_time" : 1515651381507, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: lb_application_profiles Additional Errors:

Create a load balancer application profile

Create a load balancer application profile.
Request:
Method:
POST
URI Path:
/api/v1/loadbalancer/application-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbFastTcpProfile+
LbFastUdpProfile+
LbHttpProfile+

Example Request: POST https://<nsx-mgr>/api/v1/loadbalancer/application-profiles { "display_name":"LB_HTTP_Application_Profile", "description":"LB_HTTP_Application_Profile", "resource_type":"LbHttpProfile" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
LbFastTcpProfile+
LbFastUdpProfile+
LbHttpProfile+

Example Response: { "resource_type" : "LbHttpProfile", "description" : "LB_HTTP_Application_Profile", "id" : "1cab1491-a058-48fd-ac55-ea412adb3283", "display_name" : "LB_HTTP_Application_Profile", "ntlm" : false, "request_header_size" : 1024, "http_redirect_to_https" : false, "idle_timeout" : 15, "_create_time" : 1515741466296, "_last_modified_user" : "admin", "_last_modified_time" : 1515741466296, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: lb_application_profiles Additional Errors:

Delete a load balancer application profile

Delete a load balancer application profile.
Request:
Method:
DELETE
URI Path:
/api/v1/loadbalancer/application-profiles/<application-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/loadbalancer/application-profiles/1cab1491-a058-48fd-ac55-ea412adb3283 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: lb_application_profiles Additional Errors:

Update a load balancer application profile

Update a load balancer application profile.
Request:
Method:
PUT
URI Path:
/api/v1/loadbalancer/application-profiles/<application-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbFastTcpProfile+
LbFastUdpProfile+
LbHttpProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/loadbalancer/application-profiles/1cab1491-a058-48fd-ac55-ea412adb3283 { "resource_type" : "LbHttpProfile", "description" : "LB_HTTP_Application_Profile", "id" : "1cab1491-a058-48fd-ac55-ea412adb3283", "display_name" : "LB_HTTP_Application_Profile", "ntlm" : false, "request_header_size" : 1024, "http_redirect_to_https" : false, "idle_timeout" : 30, "_create_time" : 1515741466296, "_last_modified_user" : "admin", "_last_modified_time" : 1515741466296, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbFastTcpProfile+
LbFastUdpProfile+
LbHttpProfile+

Required Permissions: crud Feature: lb_application_profiles Additional Errors:

Retrieve a load balancer application profile

Retrieve a load balancer application profile.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/application-profiles/<application-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/application-profiles/1cab1491-a058-48fd-ac55-ea412adb3283 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbFastTcpProfile+
LbFastUdpProfile+
LbHttpProfile+

Example Response: { "resource_type" : "LbHttpProfile", "description" : "LB_HTTP_Application_Profile", "id" : "1cab1491-a058-48fd-ac55-ea412adb3283", "display_name" : "LB_HTTP_Application_Profile", "ntlm" : false, "request_header_size" : 1024, "http_redirect_to_https" : false, "idle_timeout" : 15, "_create_time" : 1515741466296, "_last_modified_user" : "admin", "_last_modified_time" : 1515741466296, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: lb_application_profiles Additional Errors:

Create a load balancer client-ssl profile

Create a load balancer client-ssl profile.
Request:
Method:
POST
URI Path:
/api/v1/loadbalancer/client-ssl-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbClientSslProfile+

Example Request: POST https://<nsx-mgr>/api/v1/loadbalancer/client-ssl-profiles { "resource_type" : "LbClientSslProfile", "display_name" : "client-ssl-profile1", "prefer_server_ciphers" : false, "ciphers" : [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" ], "protocols" : [ "TLS_V1_2" ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
LbClientSslProfile+

Required Permissions: crud Feature: lb_ssl_profiles Additional Errors:

Retrieve a paginated list of load balancer client-ssl profiles

Retrieve a paginated list of load balancer client-ssl profiles.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/client-ssl-profiles
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/client-ssl-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbClientSslProfileListResult+

Example Response: { "result_count" : 2, "results" : [ { "resource_type" : "LbClientSslProfile", "id" : "0bf84c53-6b60-48e6-8837-5a106841cfb6", "display_name" : "client-ssl-profile1", "prefer_server_ciphers" : false, "ciphers" : [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" ], "is_secure" : true, "protocols" : [ "TLS_V1_2" ], "session_cache_enabled" : true, "session_cache_timeout" : 300, "_create_time" : 1515743444200, "_last_modified_user" : "admin", "_last_modified_time" : 1515743444200, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 }, { "resource_type" : "LbClientSslProfile", "id" : "aff205bb-4db8-5a72-8d67-218cdc54d27b", "display_name" : "nsx-default-client-ssl-profile", "prefer_server_ciphers" : false, "ciphers" : [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_CBC_SHA256", "TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384" ], "is_secure" : true, "protocols" : [ "TLS_V1_1", "TLS_V1_2" ], "session_cache_enabled" : true, "session_cache_timeout" : 300, "_create_time" : 1515651381591, "_last_modified_user" : "system", "_last_modified_time" : 1515651381591, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: lb_ssl_profiles Additional Errors:

Delete a load balancer client-ssl profile

Delete a load balancer client-ssl profile.
Request:
Method:
DELETE
URI Path:
/api/v1/loadbalancer/client-ssl-profiles/<client-ssl-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/loadbalancer/client-ssl-profiles/0bf84c53-6b60-48e6-8837-5a106841cfb6 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: lb_ssl_profiles Additional Errors:

Retrieve a load balancer client-ssl profile

Retrieve a load balancer client-ssl profile.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/client-ssl-profiles/<client-ssl-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/client-ssl-profiles/0bf84c53-6b60-48e6-8837-5a106841cfb6 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbClientSslProfile+

Example Response: { "resource_type" : "LbClientSslProfile", "id" : "0bf84c53-6b60-48e6-8837-5a106841cfb6", "display_name" : "client-ssl-profile1", "prefer_server_ciphers" : false, "ciphers" : [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" ], "is_secure" : true, "protocols" : [ "TLS_V1_2" ], "session_cache_enabled" : true, "session_cache_timeout" : 300, "_create_time" : 1515743444200, "_last_modified_user" : "admin", "_last_modified_time" : 1515743444200, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: lb_ssl_profiles Additional Errors:

Update a load balancer client-ssl profile

Update a load balancer client-ssl profile.
Request:
Method:
PUT
URI Path:
/api/v1/loadbalancer/client-ssl-profiles/<client-ssl-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbClientSslProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/loadbalancer/client-ssl-profiles/0bf84c53-6b60-48e6-8837-5a106841cfb6 { "resource_type" : "LbClientSslProfile", "id" : "0bf84c53-6b60-48e6-8837-5a106841cfb6", "display_name" : "client-ssl-profile1", "prefer_server_ciphers" : false, "ciphers" : [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" ], "is_secure" : true, "protocols" : [ "TLS_V1_2" ], "session_cache_enabled" : true, "session_cache_timeout" : 300, "_create_time" : 1515743444200, "_last_modified_user" : "admin", "_last_modified_time" : 1515743444200, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbClientSslProfile+

Example Response: { "resource_type" : "LbClientSslProfile", "id" : "0bf84c53-6b60-48e6-8837-5a106841cfb6", "display_name" : "client-ssl-profile1", "prefer_server_ciphers" : false, "ciphers" : [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" ], "is_secure" : true, "protocols" : [ "TLS_V1_2" ], "session_cache_enabled" : true, "session_cache_timeout" : 300, "_create_time" : 1515743444200, "_last_modified_user" : "admin", "_last_modified_time" : 1515744251536, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: lb_ssl_profiles Additional Errors:

Retrieve a paginated list of load balancer monitors

Retrieve a paginated list of load balancer monitors.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/monitors
Request Headers:
n/a
Query Parameters:
LbMonitorListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/monitors Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbMonitorListResult+

Example Response: { "result_count": 6, "results": [ { "resource_type" : "LbHttpMonitor", "description" : "LB_Http_Monitor", "id" : "ab1c038f-565a-4870-a61c-b731f99f0bb4", "display_name" : "LB_Http_Monitor", "monitor_port" : "80", "interval" : 1, "timeout" : 1, "rise_count" : 1, "fall_count" : 1, "response_status_codes" : [ 200 ], "request_version" : "HTTP_VERSION_1_1", "request_method" : "GET", "request_url" : "/", "_create_time" : 1515737352635, "_last_modified_user" : "admin", "_last_modified_time" : 1515737352635, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 }, { "resource_type": "LbHttpMonitor", "id": "c2cb7f9e-72d7-55ed-914e-5209b67d02b2", "display_name": "nsx-default-http-monitor", "monitor_port": "80", "interval": 5, "timeout": 15, "rise_count": 3, "fall_count": 3, "response_status_codes": [ 200 ], "request_version": "HTTP_VERSION_1_1", "request_method": "GET", "request_url": "/", "_create_user": "system", "_create_time": 1509389584229, "_last_modified_user": "system", "_last_modified_time": 1509389584229, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "LbHttpsMonitor", "id": "72945dda-f4f1-532f-9bd0-a3f52c099d4b", "display_name": "nsx-default-https-monitor", "monitor_port": "443", "interval": 5, "timeout": 15, "rise_count": 3, "fall_count": 3, "response_status_codes": [ 200 ], "server_auth": "IGNORE", "is_secure": true, "request_method": "GET", "request_url": "/", "request_version": "HTTP_VERSION_1_1", "ciphers": [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_CBC_SHA256", "TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384" ], "certificate_chain_depth": 3, "protocols": [ "TLS_V1_1", "TLS_V1_2" ], "_create_user": "system", "_create_time": 1509389584246, "_last_modified_user": "system", "_last_modified_time": 1509389584246, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "LbIcmpMonitor", "id": "cc572f1a-316b-580e-9e7b-24ed1ac5527e", "display_name": "nsx-default-icmp-monitor", "interval": 5, "timeout": 15, "rise_count": 3, "fall_count": 3, "data_length": 56, "_create_user": "system", "_create_time": 1509389584254, "_last_modified_user": "system", "_last_modified_time": 1509389584254, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "LbPassiveMonitor", "id": "9f8f448e-beda-594b-a9eb-fd3f9d3c1266", "display_name": "nsx-default-passive-monitor", "max_fails": 5, "timeout": 5, "_create_user": "system", "_create_time": 1509389584278, "_last_modified_user": "system", "_last_modified_time": 1509389584278, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "LbTcpMonitor", "id": "8907ef61-8d8d-5dbd-96af-45b8dafa6627", "display_name": "nsx-default-tcp-monitor", "interval": 5, "timeout": 15, "rise_count": 3, "fall_count": 3, "_create_user": "system", "_create_time": 1509389584262, "_last_modified_user": "system", "_last_modified_time": 1509389584262, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: lb_monitors Additional Errors:

Create a load balancer monitor

Create a load balancer monitor.
Request:
Method:
POST
URI Path:
/api/v1/loadbalancer/monitors
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbHttpMonitor+
LbHttpsMonitor+
LbIcmpMonitor+
LbPassiveMonitor+
LbTcpMonitor+
LbUdpMonitor+

Example Request: POST https://<nsx-mgr>/api/v1/loadbalancer/monitors { "request_method":"GET", "response_status_codes":[200], "request_version":"HTTP_VERSION_1_1", "request_url":"/", "monitor_port":"80", "fall_count":1, "interval":1, "rise_count":1, "timeout":1, "resource_type":"LbHttpMonitor", "display_name":"LB_Http_Monitor", "description":"LB_Http_Monitor" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
LbHttpMonitor+
LbHttpsMonitor+
LbIcmpMonitor+
LbPassiveMonitor+
LbTcpMonitor+
LbUdpMonitor+

Example Response: { "resource_type" : "LbHttpMonitor", "description" : "LB_Http_Monitor", "id" : "ab1c038f-565a-4870-a61c-b731f99f0bb4", "display_name" : "LB_Http_Monitor", "monitor_port" : "80", "interval" : 1, "timeout" : 1, "rise_count" : 1, "fall_count" : 1, "response_status_codes" : [ 200 ], "request_version" : "HTTP_VERSION_1_1", "request_method" : "GET", "request_url" : "/", "_create_time" : 1515737352635, "_last_modified_user" : "admin", "_last_modified_time" : 1515737352635, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: lb_monitors Additional Errors:

Update a load balancer monitor

Update a load balancer monitor.
Request:
Method:
PUT
URI Path:
/api/v1/loadbalancer/monitors/<monitor-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbHttpMonitor+
LbHttpsMonitor+
LbIcmpMonitor+
LbPassiveMonitor+
LbTcpMonitor+
LbUdpMonitor+

Example Request: PUT https://<nsx-mgr>/api/v1/loadbalancer/monitors/ab1c038f-565a-4870-a61c-b731f99f0bb4 { "resource_type" : "LbHttpMonitor", "description" : "LB_Http_Monitor", "id" : "ab1c038f-565a-4870-a61c-b731f99f0bb4", "display_name" : "LB_Http_Monitor", "monitor_port" : "8080", "interval" : 1, "timeout" : 1, "rise_count" : 1, "fall_count" : 1, "response_status_codes" : [ 200 ], "request_version" : "HTTP_VERSION_1_1", "request_method" : "GET", "request_url" : "/", "_create_time" : 1515737352635, "_last_modified_user" : "admin", "_last_modified_time" : 1515737352635, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbHttpMonitor+
LbHttpsMonitor+
LbIcmpMonitor+
LbPassiveMonitor+
LbTcpMonitor+
LbUdpMonitor+

Example Response: { "resource_type" : "LbHttpMonitor", "description" : "LB_Http_Monitor", "id" : "ab1c038f-565a-4870-a61c-b731f99f0bb4", "display_name" : "LB_Http_Monitor", "monitor_port" : "8080", "interval" : 1, "timeout" : 1, "rise_count" : 1, "fall_count" : 1, "response_status_codes" : [ 200 ], "request_version" : "HTTP_VERSION_1_1", "request_method" : "GET", "request_url" : "/", "_create_time" : 1515737352635, "_last_modified_user" : "admin", "_last_modified_time" : 1515737589241, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: lb_monitors Additional Errors:

Delete a load balancer monitor

Delete a load balancer monitor.
Request:
Method:
DELETE
URI Path:
/api/v1/loadbalancer/monitors/<monitor-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/loadbalancer/monitors/ab1c038f-565a-4870-a61c-b731f99f0bb4 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: lb_monitors Additional Errors:

Retrieve a load balancer monitor

Retrieve a load balancer monitor.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/monitors/<monitor-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/monitors/ab1c038f-565a-4870-a61c-b731f99f0bb4 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbHttpMonitor+
LbHttpsMonitor+
LbIcmpMonitor+
LbPassiveMonitor+
LbTcpMonitor+
LbUdpMonitor+

Example Response: { "resource_type" : "LbHttpMonitor", "description" : "LB_Http_Monitor", "id" : "ab1c038f-565a-4870-a61c-b731f99f0bb4", "display_name" : "LB_Http_Monitor", "monitor_port" : "80", "interval" : 1, "timeout" : 1, "rise_count" : 1, "fall_count" : 1, "response_status_codes" : [ 200 ], "request_version" : "HTTP_VERSION_1_1", "request_method" : "GET", "request_url" : "/", "_create_time" : 1515737352635, "_last_modified_user" : "admin", "_last_modified_time" : 1515737352635, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: lb_monitors Additional Errors:

Read load balancer node usage summary

API is used to retrieve the load balancer node usage summary for all nodes.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/node-usage-summary
Request Headers:
n/a
Query Parameters:
LbNodeUsageSummaryRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/node-usage-summary?include_usages=true Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbNodeUsageSummary+

Example Response: { "current_credit_number" : 1, "remaining_credit_number" : 39, "usage_percentage" : 2.5, "severity" : "GREEN", "node_counts" : [{ "severity" : "GREEN", "node_count" : 1, },{ "severity" : "ORANGE", "node_count" : 0, },{ "severity" : "RED", "node_count" : 0, }] "node_usages" : [{ "type" : "LbEdgeNodeUsage", "node_id" : "56ad0d8a-6cec-43ea-a30f-a83a4128944d", "edge_cluster_id" : "56ad0d8a-6cec-43ea-a30f-a83a4128944e", "form_factor" : "LARGE_VIRTUAL_MACHINE", "current_credit_number" : 1, "remaining_credit_number" : 39, "usage_percentage" : 2.5, "severity" : "GREEN", "current_pool_members" : 10, "current_virtual_servers" : 2, "current_pools" : 2, "current_small_load_balancer_services" : 1, "current_medium_load_balancer_services" : 0, "current_large_load_balancer_services" : 0, "remaining_small_load_balancer_services" : 39, "remaining_medium_load_balancer_services" : 3, "remaining_large_load_balancer_services" : 0, "remaining_pool_members" : 7490 }] } Required Permissions: read Feature: lb_services Additional Errors:

Retrieve a paginated list of load balancer persistence profiles

Retrieve a paginated list of load balancer persistence profiles.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/persistence-profiles
Request Headers:
n/a
Query Parameters:
LbPersistenceProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/persistence-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbPersistenceProfileListResult+

Example Response: { "result_count" : 3, "results" : [ { "resource_type" : "LbCookiePersistenceProfile", "id" : "4a19c81d-2622-4c9a-b79a-39587b172e7b", "display_name" : "lb-persistence-profile1", "persistence_shared" : false, "cookie_mode" : "INSERT", "cookie_garble" : true, "cookie_fallback" : true, "cookie_name" : "LoadBalancer", "_create_time" : 1515742393690, "_last_modified_user" : "admin", "_last_modified_time" : 1515742393690, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 }, { "resource_type" : "LbCookiePersistenceProfile", "id" : "d7556195-bd1e-5d3a-97f6-82accb2e19ac", "display_name" : "nsx-default-cookie-persistence-profile", "persistence_shared" : false, "cookie_mode" : "INSERT", "cookie_garble" : true, "cookie_fallback" : true, "cookie_name" : "NSXLB", "_create_time" : 1515651381460, "_last_modified_user" : "system", "_last_modified_time" : 1515651381460, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 }, { "resource_type" : "LbSourceIpPersistenceProfile", "id" : "2a176906-fc94-584a-b1a7-20333434f6eb", "display_name" : "nsx-default-source-ip-persistence-profile", "persistence_shared" : false, "purge" : "FULL", "timeout" : 300, "ha_persistence_mirroring_enabled" : false, "_create_time" : 1515651381495, "_last_modified_user" : "system", "_last_modified_time" : 1515651381495, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: lb_persistence_profiles Additional Errors:

Create a load balancer persistence profile

Create a load balancer persistence profile.
Request:
Method:
POST
URI Path:
/api/v1/loadbalancer/persistence-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbCookiePersistenceProfile+
LbGenericPersistenceProfile+
LbSourceIpPersistenceProfile+

Example Request: POST https://<nsx-mgr>/api/v1/loadbalancer/persistence-profiles { "resource_type" : "LbCookiePersistenceProfile", "display_name" : "lb-persistence-profile1", "persistence_shared" : false, "cookie_mode" : "INSERT", "cookie_garble" : true, "cookie_fallback" : true, "cookie_name" : "LoadBalancer" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
LbCookiePersistenceProfile+
LbGenericPersistenceProfile+
LbSourceIpPersistenceProfile+

Example Response: { "resource_type" : "LbCookiePersistenceProfile", "id" : "4a19c81d-2622-4c9a-b79a-39587b172e7b", "display_name" : "lb-persistence-profile1", "persistence_shared" : false, "cookie_mode" : "INSERT", "cookie_garble" : true, "cookie_fallback" : true, "cookie_name" : "LoadBalancer", "_create_time" : 1515742393690, "_last_modified_user" : "admin", "_last_modified_time" : 1515742393690, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: lb_persistence_profiles Additional Errors:

Update a load balancer persistence profile

Update a load balancer persistence profile.
Request:
Method:
PUT
URI Path:
/api/v1/loadbalancer/persistence-profiles/<persistence-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbCookiePersistenceProfile+
LbGenericPersistenceProfile+
LbSourceIpPersistenceProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/loadbalancer/persistence-profiles/4a19c81d-2622-4c9a-b79a-39587b172e7b { "resource_type" : "LbCookiePersistenceProfile", "id" : "4a19c81d-2622-4c9a-b79a-39587b172e7b", "display_name" : "lb-persistence-profile1", "persistence_shared" : false, "cookie_mode" : "INSERT", "cookie_garble" : false, "cookie_fallback" : true, "cookie_name" : "LoadBalancer", "_create_time" : 1515742393690, "_last_modified_user" : "admin", "_last_modified_time" : 1515742393690, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbCookiePersistenceProfile+
LbGenericPersistenceProfile+
LbSourceIpPersistenceProfile+

Example Response: { "resource_type" : "LbCookiePersistenceProfile", "id" : "4a19c81d-2622-4c9a-b79a-39587b172e7b", "display_name" : "lb-persistence-profile1", "persistence_shared" : false, "cookie_mode" : "INSERT", "cookie_garble" : false, "cookie_fallback" : true, "cookie_name" : "LoadBalancer", "_create_time" : 1515742393690, "_last_modified_user" : "admin", "_last_modified_time" : 1515742928426, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: lb_persistence_profiles Additional Errors:

Retrieve a load balancer persistence profile

Retrieve a load balancer persistence profile.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/persistence-profiles/<persistence-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/persistence-profiles/4a19c81d-2622-4c9a-b79a-39587b172e7b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbCookiePersistenceProfile+
LbGenericPersistenceProfile+
LbSourceIpPersistenceProfile+

Example Response: { "resource_type" : "LbCookiePersistenceProfile", "id" : "4a19c81d-2622-4c9a-b79a-39587b172e7b", "display_name" : "lb-persistence-profile1", "persistence_shared" : false, "cookie_mode" : "INSERT", "cookie_garble" : true, "cookie_fallback" : true, "cookie_name" : "LoadBalancer", "_create_time" : 1515742393690, "_last_modified_user" : "admin", "_last_modified_time" : 1515742393690, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: lb_persistence_profiles Additional Errors:

Delete a load balancer persistence profile

Delete a load balancer persistence profile.
Request:
Method:
DELETE
URI Path:
/api/v1/loadbalancer/persistence-profiles/<persistence-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/loadbalancer/persistence-profiles/4a19c81d-2622-4c9a-b79a-39587b172e7b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: lb_persistence_profiles Additional Errors:

Create a load balancer pool

Create a load balancer pool.
Request:
Method:
POST
URI Path:
/api/v1/loadbalancer/pools
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbPool+

Example Request: POST https://<nsx-mgr>/api/v1/loadbalancer/pools { "algorithm":"ROUND_ROBIN", "members":[ { "display_name":"Member_VM30", "backup_member":"false", "weight":1, "admin_state":"ENABLED", "ip_address":"192.168.100.160" }, { "display_name":"Member_VM31", "backup_member":"false", "weight":1, "admin_state":"ENABLED", "ip_address":"192.168.100.161" }, { "display_name":"Member_VM32", "backup_member":"false", "weight":1, "admin_state":"ENABLED", "ip_address":"192.168.100.162" } ], "tcp_multiplexing_number":6, "tcp_multiplexing_enabled":"false", "min_active_members":1, "active_monitor_ids": ["ab1c038f-565a-4870-a61c-b731f99f0bb4"], "display_name":"LB_HTTP_Pool", "description":"LB_HTTP_Pool" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
LbPool+

Example Response: { "resource_type" : "LbPool", "description" : "LB_HTTP_Pool", "id" : "637ad18e-ebd3-43d0-b9e8-e9fc5a4af828", "display_name" : "LB_HTTP_Pool", "min_active_members" : 1, "tcp_multiplexing_number" : 6, "members" : [ { "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.100.160", "display_name" : "Member_VM30", "backup_member" : false }, { "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.100.161", "display_name" : "Member_VM31", "backup_member" : false }, { "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.100.162", "display_name" : "Member_VM32", "backup_member" : false } ], "active_monitor_ids" : [ "ab1c038f-565a-4870-a61c-b731f99f0bb4" ], "tcp_multiplexing_enabled" : false, "algorithm" : "ROUND_ROBIN", "_create_time" : 1515739241530, "_last_modified_user" : "admin", "_last_modified_time" : 1515739241530, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: lb_pools Additional Errors:

Retrieve a paginated list of load balancer pools

Retrieve a paginated list of load balancer pools.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/pools
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/pools Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbPoolListResult+

Example Response: { "result_count" : 2, "results" : [ { "resource_type" : "LbPool", "description" : "LB_HTTP_Pool", "id" : "637ad18e-ebd3-43d0-b9e8-e9fc5a4af828", "display_name" : "LB_HTTP_Pool", "min_active_members" : 1, "tcp_multiplexing_number" : 6, "members" : [ { "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.100.160", "display_name" : "Member_VM30", "backup_member" : false }, { "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.100.161", "display_name" : "Member_VM31", "backup_member" : false }, { "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.100.162", "display_name" : "Member_VM32", "backup_member" : false } ], "active_monitor_ids" : [ "ab1c038f-565a-4870-a61c-b731f99f0bb4" ], "tcp_multiplexing_enabled" : false, "algorithm" : "ROUND_ROBIN", "_create_time" : 1515739241530, "_last_modified_user" : "admin", "_last_modified_time" : 1515739241530, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 }, { "resource_type" : "LbPool", "id" : "bf972923-9c40-4183-9a27-8e02d138e8e2", "display_name" : "pool1", "min_active_members" : 1, "tcp_multiplexing_number" : 6, "members" : [ { "port" : "80", "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.1.10", "display_name" : "192.168.1.10", "backup_member" : false } ], "tcp_multiplexing_enabled" : false, "algorithm" : "ROUND_ROBIN", "_create_time" : 1515653475106, "_last_modified_user" : "admin", "_last_modified_time" : 1515653475106, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: lb_pools Additional Errors:

Add, remove, or modify load balancer pool members

For ADD_MEMBERS, pool members will be created and added to load balancer
pool. This action is only valid for static pool members.
For REMOVE_MEMBERS, pool members will be removed from load balancer pool
via IP and port in pool member settings. This action is only valid for
static pool members.
For UPDATE_MEMBERS, pool members admin state will be updated. This action
is valid for both static pool members and dynamic pool members. For dynamic
pool members, this update will be stored in customized_members field in load
balancer pool member group.
Request:
Method:
POST
URI Path:
/api/v1/loadbalancer/pools/<pool-id>
Request Headers:
n/a
Query Parameters:
PoolMemberAction+
Request Body:
PoolMemberSettingList+

Example Request: POST https://<nsx-mgr>/api/v1/loadbalancer/pools/<pool-id> ?action=UPDATE_MEMBERS { "members":[ { "port":"80", "admin_state":"DISABLED", "ip_address":"192.168.1.101" }, { "port":"80", "admin_state":"GRACEFUL_DISABLED", "ip_address":"192.168.1.102" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbPool+

Example Response: { "resource_type":"LbPool", "description":"my http pool", "id":"83d97031-5bec-4f67-bc32-56963d68c158", "display_name":"httppool1", "min_active_members":1, "tcp_multiplexing_number":6, "members":[ { "port":"80", "weight":1, "admin_state":"DISABLED", "ip_address":"192.168.1.101", "display_name":"m1", "backup_member":false }, { "port":"80", "weight":1, "admin_state":"GRACEFUL_DISABLED", "ip_address":"192.168.1.102", "display_name":"m2", "backup_member":false }, { "port":"80", "weight":1, "admin_state":"ENABLED", "ip_address":"192.168.1.103", "display_name":"m3", "backup_member":false } ], "tcp_multiplexing_enabled":false, "algorithm":"ROUND_ROBIN", "_create_user":"admin", "_create_time":1510295536792, "_last_modified_user":"admin", "_last_modified_time":1510296553884, "_system_owned":false, "_protection":"NOT_PROTECTED", "_revision":1 } Required Permissions: crud Feature: lb_pools Additional Errors:

Retrieve a load balancer pool

Retrieve a load balancer pool.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/pools/<pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/pools/637ad18e-ebd3-43d0-b9e8-e9fc5a4af828 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbPool+

Example Response: { "resource_type" : "LbPool", "description" : "LB_HTTP_Pool", "id" : "637ad18e-ebd3-43d0-b9e8-e9fc5a4af828", "display_name" : "LB_HTTP_Pool", "min_active_members" : 1, "tcp_multiplexing_number" : 6, "members" : [ { "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.100.160", "display_name" : "Member_VM30", "backup_member" : false }, { "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.100.161", "display_name" : "Member_VM31", "backup_member" : false }, { "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.100.162", "display_name" : "Member_VM32", "backup_member" : false } ], "active_monitor_ids" : [ "ab1c038f-565a-4870-a61c-b731f99f0bb4" ], "tcp_multiplexing_enabled" : false, "algorithm" : "ROUND_ROBIN", "_create_time" : 1515739241530, "_last_modified_user" : "admin", "_last_modified_time" : 1515739241530, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: lb_pools Additional Errors:

Update a load balancer pool

Update a load balancer pool.
Request:
Method:
PUT
URI Path:
/api/v1/loadbalancer/pools/<pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbPool+

Example Request: PUT https://<nsx-mgr>/api/v1/loadbalancer/pools/637ad18e-ebd3-43d0-b9e8-e9fc5a4af828 { "resource_type" : "LbPool", "description" : "LB_HTTP_Pool", "id" : "637ad18e-ebd3-43d0-b9e8-e9fc5a4af828", "display_name" : "LB_HTTP_Pool", "min_active_members" : 2, "tcp_multiplexing_number" : 6, "members" : [ { "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.100.160", "display_name" : "Member_VM30", "backup_member" : false }, { "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.100.161", "display_name" : "Member_VM31", "backup_member" : false }, { "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.100.162", "display_name" : "Member_VM32", "backup_member" : false } ], "active_monitor_ids" : [ "ab1c038f-565a-4870-a61c-b731f99f0bb4" ], "tcp_multiplexing_enabled" : false, "algorithm" : "ROUND_ROBIN", "_create_time" : 1515739241530, "_last_modified_user" : "admin", "_last_modified_time" : 1515739241530, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbPool+

Example Response: { "resource_type" : "LbPool", "description" : "LB_HTTP_Pool", "id" : "637ad18e-ebd3-43d0-b9e8-e9fc5a4af828", "display_name" : "LB_HTTP_Pool", "min_active_members" : 2, "tcp_multiplexing_number" : 6, "members" : [ { "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.100.160", "display_name" : "Member_VM30", "backup_member" : false }, { "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.100.161", "display_name" : "Member_VM31", "backup_member" : false }, { "weight" : 1, "admin_state" : "ENABLED", "ip_address" : "192.168.100.162", "display_name" : "Member_VM32", "backup_member" : false } ], "active_monitor_ids" : [ "ab1c038f-565a-4870-a61c-b731f99f0bb4" ], "tcp_multiplexing_enabled" : false, "algorithm" : "ROUND_ROBIN", "_create_time" : 1515739241530, "_last_modified_user" : "admin", "_last_modified_time" : 1515739838202, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: lb_pools Additional Errors:

Delete a load balancer pool

Delete a load balancer pool.
Request:
Method:
DELETE
URI Path:
/api/v1/loadbalancer/pools/<pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/loadbalancer/pools/637ad18e-ebd3-43d0-b9e8-e9fc5a4af828 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: lb_pools Additional Errors:

Retrieve a paginated list of load balancer rules

Retrieve a paginated list of load balancer rules.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/rules
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/rules Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbRuleListResult+

Example Response: [{ "resource_type" : "LbRule", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43a7", "display_name": "LoginRouteRule", "description": "LbRule to route login requests to dedicated pool", "match_conditions" : [{ "type": "LbHttpRequestUriCondition", "match_type": "EQUALS", "uri": "/login", "inverse": false }], "match_strategy" : "ALL", "phase" : "HTTP_FORWARDING" "actions" : [{ "type": "LbSelectPoolAction", "pool_id": "b6a5bffa-f6a9-447c-6666-4633f9eb1234" }] "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 }, { "resource_type" : "LbRule", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43a7", "display_name": "URIRewriteRule", "description": "Sample URI rewrite rule", "match_conditions" : [{ "type": "LbHttpRequestUriCondition", "match_type": "REGEX", "uri": "/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)", "inverse": false }], "match_strategy" : "ALL", "phase" : "HTTP_REQUEST_REWRITE", "actions" : [{ "type": "LbHttpRequestUriRewriteAction", "uri": "/news/$year-$month-$article", "uri_arguments": "" }] "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 }, { "resource_type" : "LbRule", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43a6", "display_name": "ServiceMaintenanceRule", "description": "LbRule to be used while system is down", "match_conditions" : [], "match_strategy" : "ALL", "phase" : "HTTP_FORWARDING", "actions" : [{ "type": "LbHttpRejectAction", "reply_status": "503", }] "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 } ] Required Permissions: read Feature: lb_rules Additional Errors:

Create a load balancer rule

Create a load balancer rule.
Request:
Method:
POST
URI Path:
/api/v1/loadbalancer/rules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbRule+

Example Request: POST https://<nsx-mgr>/api/v1/loadbalancer/rules { "resource_type": "LbRule", "display_name": "URIRewriteRule", "description": "Sample URI rewrite rule", "match_conditions" : [{ "type": "LbHttpRequestUriCondition", "match_type": "REGEX", "uri": "/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)", "inverse": false }], "match_strategy" : "ALL", "phase" : "HTTP_REQUEST_REWRITE", "actions" : [{ "type": "LbHttpRequestUriRewriteAction", "uri": "/news/$year-$month-$article" }] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
LbRule+

Example Response: { "resource_type" : "LbRule", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43a7", "display_name": "URIRewriteRule", "description": "Sample URI rewrite rule", "match_conditions" : [{ "type": "LbHttpRequestUriCondition", "match_type": "REGEX", "uri": "/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)", "inverse": false }], "match_strategy" : "ALL", "phase" : "HTTP_REQUEST_REWRITE", "actions" : [{ "type": "LbHttpRequestUriRewriteAction", "uri": "/news/$year-$month-$article", "uri_arguments": "" }] "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 } Required Permissions: crud Feature: lb_rules Additional Errors:

Update a load balancer rule

Update a load balancer rule.
Request:
Method:
PUT
URI Path:
/api/v1/loadbalancer/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbRule+

Example Request: PUT https://<nsx-mgr>/api/v1/loadbalancer/rules/b6a5bffa-f6a9-447c-936f-4633f9eb43a6 { "resource_type" : "LbRule", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43a6", "display_name": "ServiceMaintenanceRule", "description": "LbRule to be used while system is down", "match_conditions" : [], "match_strategy" : "ANY", "phase" : "HTTP_FORWARDING", "actions" : [{ "type": "LbHttpRejectAction", "reply_status": "503", }] "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbRule+

Example Response: { "resource_type" : "LbRule", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43a6", "display_name": "ServiceMaintenanceRule", "description": "LbRule to be used while system is down", "match_conditions" : [], "match_strategy" : "ANY", "phase" : "HTTP_FORWARDING", "actions" : [{ "type": "LbHttpRejectAction", "reply_status": "503", }] "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 1 } Required Permissions: crud Feature: lb_rules Additional Errors:

Delete a load balancer rule

Delete a load balancer rule.
Request:
Method:
DELETE
URI Path:
/api/v1/loadbalancer/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/loadbalancer/rules/b6a5bffa-f6a9-447c-936f-4633f9eb43a6 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: lb_rules Additional Errors:

Retrieve a load balancer rule

Retrieve a load balancer rule.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/rules/b6a5bffa-f6a9-447c-936f-4633f9eb43a7 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbRule+

Example Response: { "resource_type" : "LbRule", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43a7", "display_name": "URIRewriteRule", "description": "Sample URI rewrite rule", "match_conditions" : [{ "type": "LbHttpRequestUriCondition", "match_type": "REGEX", "uri": "/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)", "inverse": false }], "match_strategy" : "ALL", "phase" : "HTTP_REQUEST_REWRITE", "actions" : [{ "type": "LbHttpRequestUriRewriteAction", "uri": "/news/$year-$month-$article", "uri_arguments": "" }] "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 } Required Permissions: read Feature: lb_rules Additional Errors:

Create a load balancer server-ssl profile

Create a load balancer server-ssl profile.
Request:
Method:
POST
URI Path:
/api/v1/loadbalancer/server-ssl-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbServerSslProfile+

Example Request: POST https://<nsx-mgr>/api/v1/loadbalancer/server-ssl-profiles { "resource_type" : "LbServerSslProfile", "display_name" : "server-ssl-profile1", "ciphers" : [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" ], "protocols" : [ "TLS_V1_2" ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
LbServerSslProfile+

Example Response: { "resource_type" : "LbServerSslProfile", "id" : "03598bc9-9c3e-495c-84f5-693399f47a49", "display_name" : "server-ssl-profile1", "ciphers" : [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" ], "is_secure" : true, "protocols" : [ "TLS_V1_2" ], "session_cache_enabled" : true, "_create_time" : 1515744606954, "_last_modified_user" : "admin", "_last_modified_time" : 1515744606954, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: lb_ssl_profiles Additional Errors:

Retrieve a paginated list of load balancer server-ssl profiles

Retrieve a paginated list of load balancer server-ssl profiles.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/server-ssl-profiles
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/server-ssl-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbServerSslProfileListResult+

Example Response: { "result_count" : 2, "results" : [ { "resource_type" : "LbServerSslProfile", "id" : "d7943e9b-1d4e-5fcd-b9db-c7a24d6b1230", "display_name" : "nsx-default-server-ssl-profile", "ciphers" : [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_CBC_SHA256", "TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384" ], "is_secure" : true, "protocols" : [ "TLS_V1_1", "TLS_V1_2" ], "session_cache_enabled" : true, "_create_time" : 1515651381605, "_last_modified_user" : "system", "_last_modified_time" : 1515651381605, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 }, { "resource_type" : "LbServerSslProfile", "id" : "03598bc9-9c3e-495c-84f5-693399f47a49", "display_name" : "server-ssl-profile1", "ciphers" : [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" ], "is_secure" : true, "protocols" : [ "TLS_V1_2" ], "session_cache_enabled" : true, "_create_time" : 1515744606954, "_last_modified_user" : "admin", "_last_modified_time" : 1515744606954, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: lb_ssl_profiles Additional Errors:

Delete a load balancer server-ssl profile

Delete a load balancer server-ssl profile.
Request:
Method:
DELETE
URI Path:
/api/v1/loadbalancer/server-ssl-profiles/<server-ssl-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/loadbalancer/server-ssl-profiles/03598bc9-9c3e-495c-84f5-693399f47a49 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: lb_ssl_profiles Additional Errors:

Update a load balancer server-ssl profile

Update a load balancer server-ssl profile.
Request:
Method:
PUT
URI Path:
/api/v1/loadbalancer/server-ssl-profiles/<server-ssl-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbServerSslProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/loadbalancer/server-ssl-profiles/03598bc9-9c3e-495c-84f5-693399f47a49 { "resource_type" : "LbServerSslProfile", "id" : "03598bc9-9c3e-495c-84f5-693399f47a49", "display_name" : "server-ssl-profile1", "ciphers" : [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" ], "is_secure" : true, "protocols" : [ "TLS_V1_2" ], "session_cache_enabled" : true, "_create_time" : 1515744606954, "_last_modified_user" : "admin", "_last_modified_time" : 1515744606954, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbServerSslProfile+

Example Response: { "resource_type" : "LbServerSslProfile", "id" : "03598bc9-9c3e-495c-84f5-693399f47a49", "display_name" : "server-ssl-profile1", "ciphers" : [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" ], "is_secure" : true, "protocols" : [ "TLS_V1_2" ], "session_cache_enabled" : true, "_create_time" : 1515744606954, "_last_modified_user" : "admin", "_last_modified_time" : 1515745096738, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: lb_ssl_profiles Additional Errors:

Retrieve a load balancer server-ssl profile

Retrieve a load balancer server-ssl profile.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/server-ssl-profiles/<server-ssl-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/server-ssl-profiles/03598bc9-9c3e-495c-84f5-693399f47a49 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbServerSslProfile+

Example Response: { "resource_type" : "LbServerSslProfile", "id" : "03598bc9-9c3e-495c-84f5-693399f47a49", "display_name" : "server-ssl-profile1", "ciphers" : [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" ], "is_secure" : true, "protocols" : [ "TLS_V1_2" ], "session_cache_enabled" : true, "_create_time" : 1515744606954, "_last_modified_user" : "admin", "_last_modified_time" : 1515744606954, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: lb_ssl_profiles Additional Errors:

Retrieve a paginated list of load balancer services

Retrieve a paginated list of load balancer services.
When logical_router_id is specified in request parameters, the
associated load balancer services which are related to the given
logical router returned.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/services
Request Headers:
n/a
Query Parameters:
LbServiceQueryRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/services Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbServiceListResult+

Example Response: { "result_count" : 1, "results" : [ { "resource_type" : "LbService", "id" : "4177b474-f147-44f2-b055-73f887742ea1", "display_name" : "lbs1", "size" : "SMALL", "attachment" : { "target_display_name" : "lrouter-2", "is_valid" : true, "target_type" : "LogicalRouter", "target_id" : "6aa3b556-58ad-420a-9b0d-535d3aebf2f5" }, "error_log_level" : "INFO", "access_log_enabled" : false, "virtual_server_ids" : [ "a332950f-472d-4ae3-be03-e7ccefe28fbd" ], "enabled" : true, "_create_time" : 1515745891661, "_last_modified_user" : "admin", "_last_modified_time" : 1515745891661, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: lb_services Additional Errors:

Create a load balancer service

Create a load balancer service.
Request:
Method:
POST
URI Path:
/api/v1/loadbalancer/services
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbService+

Example Request: POST https://<nsx-mgr>/api/v1/loadbalancer/services { "resource_type" : "LbService", "display_name" : "lbs1", "size" : "SMALL", "attachment" : { "target_id" : "6aa3b556-58ad-420a-9b0d-535d3aebf2f5" }, "virtual_server_ids" : [ "a332950f-472d-4ae3-be03-e7ccefe28fbd" ], "enabled" : true } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
LbService+

Example Response: { "resource_type" : "LbService", "id" : "4177b474-f147-44f2-b055-73f887742ea1", "display_name" : "lbs1", "size" : "SMALL", "attachment" : { "target_display_name" : "lrouter-2", "is_valid" : true, "target_type" : "LogicalRouter", "target_id" : "6aa3b556-58ad-420a-9b0d-535d3aebf2f5" }, "error_log_level" : "INFO", "access_log_enabled" : false, "virtual_server_ids" : [ "a332950f-472d-4ae3-be03-e7ccefe28fbd" ], "enabled" : true, "_create_time" : 1515745891661, "_last_modified_user" : "admin", "_last_modified_time" : 1515745891661, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: lb_services Additional Errors:

Update a load balancer service

Update a load balancer service.
Request:
Method:
PUT
URI Path:
/api/v1/loadbalancer/services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbService+

Example Request: PUT https://<nsx-mgr>/api/v1/loadbalancer/services/4177b474-f147-44f2-b055-73f887742ea1 { "resource_type" : "LbService", "id" : "4177b474-f147-44f2-b055-73f887742ea1", "display_name" : "lbs1", "size" : "SMALL", "attachment" : { "target_display_name" : "lrouter-2", "is_valid" : true, "target_type" : "LogicalRouter", "target_id" : "6aa3b556-58ad-420a-9b0d-535d3aebf2f5" }, "error_log_level" : "INFO", "access_log_enabled" : false, "virtual_server_ids" : [ "a332950f-472d-4ae3-be03-e7ccefe28fbd", "64150185-d351-4f9f-9580-f4ea97fec257" ], "enabled" : true, "_create_time" : 1515745891661, "_last_modified_user" : "admin", "_last_modified_time" : 1515745891661, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbService+

Example Response: { "resource_type" : "LbService", "id" : "4177b474-f147-44f2-b055-73f887742ea1", "display_name" : "lbs1", "size" : "SMALL", "attachment" : { "target_display_name" : "lrouter-2", "is_valid" : true, "target_type" : "LogicalRouter", "target_id" : "6aa3b556-58ad-420a-9b0d-535d3aebf2f5" }, "error_log_level" : "INFO", "access_log_enabled" : false, "virtual_server_ids" : [ "a332950f-472d-4ae3-be03-e7ccefe28fbd", "64150185-d351-4f9f-9580-f4ea97fec257" ], "enabled" : true, "_create_time" : 1515745891661, "_last_modified_user" : "admin", "_last_modified_time" : 1515746535612, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: lb_services Additional Errors:

Retrieve a load balancer service

Retrieve a load balancer service.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/services/4177b474-f147-44f2-b055-73f887742ea1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbService+

Example Response: { "resource_type" : "LbService", "id" : "4177b474-f147-44f2-b055-73f887742ea1", "display_name" : "lbs1", "size" : "SMALL", "attachment" : { "target_display_name" : "lrouter-2", "is_valid" : true, "target_type" : "LogicalRouter", "target_id" : "6aa3b556-58ad-420a-9b0d-535d3aebf2f5" }, "error_log_level" : "INFO", "access_log_enabled" : false, "virtual_server_ids" : [ "a332950f-472d-4ae3-be03-e7ccefe28fbd" ], "enabled" : true, "_create_time" : 1515745891661, "_last_modified_user" : "admin", "_last_modified_time" : 1515745891661, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: lb_services Additional Errors:

Delete a load balancer service

Delete a load balancer service.
Request:
Method:
DELETE
URI Path:
/api/v1/loadbalancer/services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/loadbalancer/services/4177b474-f147-44f2-b055-73f887742ea1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: lb_services Additional Errors:

Read the debug information of the load balancer service

API to download below information which will be used for debugging and
troubleshooting.
1) Load balancer service
2) Load balancer associated virtual servers
3) Load balancer associated pools
4) Load balancer associated profiles such as persistence, SSL, application.
5) Load balancer associated monitors
6) Load balancer associated rules
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/services/<service-id>/debug-info
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/services/b6a5bffa-f6a9-447c-936f-4633f9eb43g1/debug-info Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbServiceDebugInfo+

Example Response: { "service" : { "resource_type" : "LbService", "id" : "5d5a3e33-6481-4b48-8f77-e2f8da08e5c7", "display_name" : "lbs2", "size" : "SMALL", "attachment" : { "target_display_name" : "t1-tenant2", "is_valid" : true, "target_type" : "LogicalRouter", "target_id" : "9a29ad34-0a99-4eca-8d0c-bdc742da8d80" }, "error_log_level" : "INFO", "access_log_enabled" : false, "virtual_server_ids" : [ "44faaa07-12ae-488b-a165-c8466356126a" ], "enabled" : true, "_create_user" : "admin", "_create_time" : 1512484966332, "_last_modified_user" : "admin", "_last_modified_time" : 1512577042464, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 3 }, "virtual_servers" : [ ...[content omitted for brevity] } Required Permissions: read Feature: lb_services Additional Errors:

Get the statistics of load balancer pool

Returns the statistics of the given load balancer pool by given load balancer
serives id and load balancer pool id.
Currently, only realtime mode is supported.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/services/<service-id>/pools/<pool-id>/statistics
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/services/a0de28f3-c0f7-445c-a624-265175da795d/pools/029a843e-ae42-4bdf-9f84-8b1f94cb380d/statistics?source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbPoolStatistics+

Example Response: { "last_update_timestamp" : 1516002997693, "members" : [ { "port" : "80", "ip_address" : "192.168.2.10", "statistics" : { "max_sessions" : 1, "bytes_in" : 3948, "bytes_out_rate" : 0.0, "total_sessions" : 8, "bytes_out" : 686, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } }, { "port" : "80", "ip_address" : "192.168.1.10", "statistics" : { "max_sessions" : 1, "bytes_in" : 5076, "bytes_out_rate" : 0.0, "total_sessions" : 9, "bytes_out" : 882, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } } ], "pool_id" : "029a843e-ae42-4bdf-9f84-8b1f94cb380d", "statistics" : { "max_sessions" : 1, "bytes_in" : 9024, "bytes_out_rate" : 0.0, "total_sessions" : 17, "bytes_out" : 1568, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } } Required Permissions: read Feature: lb_pools Additional Errors:

Get the status of load balancer pool

Returns the status of the given load balancer pool by given load balancer
serives id and load balancer pool id.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/services/<service-id>/pools/<pool-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/services/a0de28f3-c0f7-445c-a624-265175da795d/pools/029a843e-ae42-4bdf-9f84-8b1f94cb380d/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbPoolStatus+

Example Response: { "members" : [ { "port" : "80", "ip_address" : "192.168.1.10", "status" : "UP" }, { "port" : "80", "ip_address" : "192.168.2.10", "status" : "UP" } ], "pool_id" : "029a843e-ae42-4bdf-9f84-8b1f94cb380d", "status" : "UP" } Required Permissions: read Feature: lb_pools Additional Errors:

Get the statistics list of load balancer pools

Returns the statistics list of load balancer pools in given load balancer service.
Currently, only realtime mode is supported.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/services/<service-id>/pools/statistics
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/services/a0de28f3-c0f7-445c-a624-265175da795d/pools/statistics?source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbPoolStatisticsListResult+

Example Response: { "results" : [ { "last_update_timestamp" : 1516003088603, "members" : [ { "port" : "9090", "ip_address" : "192.168.2.10", "statistics" : { "max_sessions" : 0, "bytes_in" : 0, "bytes_out_rate" : 0.0, "total_sessions" : 0, "bytes_out" : 0, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } }, { "port" : "9090", "ip_address" : "192.168.1.10", "statistics" : { "max_sessions" : 0, "bytes_in" : 0, "bytes_out_rate" : 0.0, "total_sessions" : 0, "bytes_out" : 0, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } } ], "pool_id" : "4818b7d5-2bc7-4135-bb25-ae6a4c42a125", "statistics" : { "max_sessions" : 0, "bytes_in" : 0, "bytes_out_rate" : 0.0, "total_sessions" : 0, "bytes_out" : 0, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } }, { "last_update_timestamp" : 1516003088603, "members" : [ { "port" : "80", "ip_address" : "192.168.1.10", "statistics" : { "max_sessions" : 1, "bytes_in" : 5076, "bytes_out_rate" : 0.0, "total_sessions" : 9, "bytes_out" : 882, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } }, { "port" : "80", "ip_address" : "192.168.2.10", "statistics" : { "max_sessions" : 1, "bytes_in" : 3948, "bytes_out_rate" : 0.0, "total_sessions" : 8, "bytes_out" : 686, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } } ], "pool_id" : "029a843e-ae42-4bdf-9f84-8b1f94cb380d", "statistics" : { "max_sessions" : 1, "bytes_in" : 9024, "bytes_out_rate" : 0.0, "total_sessions" : 17, "bytes_out" : 1568, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } } ] } Required Permissions: read Feature: lb_pools Additional Errors:

Get the status list of load balancer pools

Returns the status list of load balancer pools in given load balancer service.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/services/<service-id>/pools/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/services/a0de28f3-c0f7-445c-a624-265175da795d/pools/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbPoolStatusListResult+

Example Response: { "results" : [ { "members" : [ { "port" : "80", "ip_address" : "192.168.1.10", "status" : "UP" }, { "port" : "80", "ip_address" : "192.168.2.10", "status" : "UP" } ], "pool_id" : "029a843e-ae42-4bdf-9f84-8b1f94cb380d", "status" : "UP" }, { "members" : [ { "port" : "9090", "ip_address" : "192.168.1.10", "status" : "UP" }, { "port" : "9090", "ip_address" : "192.168.2.10", "status" : "UP" } ], "pool_id" : "4818b7d5-2bc7-4135-bb25-ae6a4c42a125", "status" : "UP" } ] } Required Permissions: read Feature: lb_pools Additional Errors:

Get the statistics of load balancer service

Returns the statistics of the given load balancer service.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/services/<service-id>/statistics
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/services/a0de28f3-c0f7-445c-a624-265175da795d/statistics?source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbServiceStatistics+

Example Response: { "virtual_servers" : [ { "last_update_timestamp" : 1516002153211, "virtual_server_id" : "19ba1f6b-09d7-43df-ae1e-4d491d766d20", "statistics" : { "max_sessions" : 0, "bytes_in" : 0, "bytes_out_rate" : 0.0, "total_sessions" : 0, "bytes_out" : 0, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } }, { "last_update_timestamp" : 1516002153211, "virtual_server_id" : "6be3337b-42c9-4ad6-8184-82ecb7a3234d", "statistics" : { "max_sessions" : 1, "bytes_in" : 1027, "bytes_out_rate" : 0.0, "total_sessions" : 13, "bytes_out" : 7358, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } } ], "last_update_timestamp" : 1516002152710, "service_id" : "a0de28f3-c0f7-445c-a624-265175da795d", "pools" : [ { "last_update_timestamp" : 1516002152710, "members" : [ { "port" : "9090", "ip_address" : "192.168.2.10", "statistics" : { "max_sessions" : 0, "bytes_in" : 0, "bytes_out_rate" : 0.0, "total_sessions" : 0, "bytes_out" : 0, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } }, { "port" : "9090", "ip_address" : "192.168.1.10", "statistics" : { "max_sessions" : 0, "bytes_in" : 0, "bytes_out_rate" : 0.0, "total_sessions" : 0, "bytes_out" : 0, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } } ], "pool_id" : "4818b7d5-2bc7-4135-bb25-ae6a4c42a125", "statistics" : { "max_sessions" : 0, "bytes_in" : 0, "bytes_out_rate" : 0.0, "total_sessions" : 0, "bytes_out" : 0, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } }, { "last_update_timestamp" : 1516002152710, "members" : [ { "port" : "80", "ip_address" : "192.168.1.10", "statistics" : { "max_sessions" : 1, "bytes_in" : 3948, "bytes_out_rate" : 0.0, "total_sessions" : 7, "bytes_out" : 686, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } }, { "port" : "80", "ip_address" : "192.168.2.10", "statistics" : { "max_sessions" : 1, "bytes_in" : 3384, "bytes_out_rate" : 0.0, "total_sessions" : 7, "bytes_out" : 588, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } } ], "pool_id" : "029a843e-ae42-4bdf-9f84-8b1f94cb380d", "statistics" : { "max_sessions" : 1, "bytes_in" : 7332, "bytes_out_rate" : 0.0, "total_sessions" : 14, "bytes_out" : 1274, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } } ] } Required Permissions: read Feature: lb_services Additional Errors:

Get the status of the given load balancer service

Returns the status of the given load balancer service.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/services/<service-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/services/a0de28f3-c0f7-445c-a624-265175da795d/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbServiceStatus+

Example Response: { "virtual_servers" : [ { "virtual_server_id" : "6be3337b-42c9-4ad6-8184-82ecb7a3234d", "status" : "UP" }, { "virtual_server_id" : "19ba1f6b-09d7-43df-ae1e-4d491d766d20", "status" : "UP" } ], "standby_transport_nodes" : [ "c2d821c4-f9b4-11e7-84be-000c29641b42" ], "last_update_timestamp" : 1516001961249, "service_id" : "a0de28f3-c0f7-445c-a624-265175da795d", "service_status" : "UP", "pools" : [ { "members" : [ { "port" : "80", "ip_address" : "192.168.1.10", "status" : "UP" }, { "port" : "80", "ip_address" : "192.168.2.10", "status" : "UP" } ], "pool_id" : "029a843e-ae42-4bdf-9f84-8b1f94cb380d", "status" : "UP" }, { "members" : [ { "port" : "9090", "ip_address" : "192.168.1.10", "status" : "UP" }, { "port" : "9090", "ip_address" : "192.168.2.10", "status" : "UP" } ], "pool_id" : "4818b7d5-2bc7-4135-bb25-ae6a4c42a125", "status" : "UP" } ], "memory_usage" : 1, "active_transport_nodes" : [ "b665f79a-f9b4-11e7-a7f1-000c29b74dbd" ], "cpu_usage" : 0 } Required Permissions: read Feature: lb_services Additional Errors:

Read the usage information of the given load balancer service

API to fetch the capacity and current usage of the given load balancer
service.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/services/<service-id>/usage
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/services/b6a5bffa-f6a9-447c-936f-4633f9eb43g1/usage Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbServiceUsage+

Example Response: { "service_id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43g1", "service_size" : "SMALL", "virtual_server_capacity" : 10, "pool_capacity" : 10, "pool_member_capacity" : 30, "current_virtual_server_count : 2, "current_pool_count : 10, "current_pool_member_count : 20, "usage_percentage" : 100.0, "severity" : "RED" } Required Permissions: read Feature: lb_services Additional Errors:

Get the statistics of the given load balancer virtual server

Returns the statistics of the load balancer virtual server by given load
balancer serives id and load balancer virtual server id.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/services/<service-id>/virtual-servers/<virtual-server-id>/statistics
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/services/a0de28f3-c0f7-445c-a624-265175da795d/virtual-servers/6be3337b-42c9-4ad6-8184-82ecb7a3234d/statistics?source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbVirtualServerStatistics+

Example Response: { "last_update_timestamp" : 1516002554036, "virtual_server_id" : "6be3337b-42c9-4ad6-8184-82ecb7a3234d", "statistics" : { "max_sessions" : 1, "bytes_in" : 1027, "bytes_out_rate" : 0.0, "total_sessions" : 13, "bytes_out" : 7358, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } } Required Permissions: read Feature: lb_virtual_servers Additional Errors:

Get the status of the load balancer virtual server

Returns the status of the virtual server by given load balancer serives id
and load balancer virtual server id.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/services/<service-id>/virtual-servers/<virtual-server-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/services/a0de28f3-c0f7-445c-a624-265175da795d/virtual-servers/6be3337b-42c9-4ad6-8184-82ecb7a3234d/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbVirtualServerStatus+

Example Response: { "virtual_server_id" : "6be3337b-42c9-4ad6-8184-82ecb7a3234d", "status" : "UP" } Required Permissions: read Feature: lb_virtual_servers Additional Errors:

Get the statistics list of virtual servers

Returns the statistics list of virtual servers in given load balancer service.
Currently, only realtime mode is supported.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/services/<service-id>/virtual-servers/statistics
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/services/a0de28f3-c0f7-445c-a624-265175da795d/virtual-servers/statistics?source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbVirtualServerStatisticsListResult+

Example Response: { "results" : [ { "last_update_timestamp" : 1516002661141, "virtual_server_id" : "19ba1f6b-09d7-43df-ae1e-4d491d766d20", "statistics" : { "max_sessions" : 0, "bytes_in" : 0, "bytes_out_rate" : 0.0, "total_sessions" : 0, "bytes_out" : 0, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } }, { "last_update_timestamp" : 1516002661141, "virtual_server_id" : "6be3337b-42c9-4ad6-8184-82ecb7a3234d", "statistics" : { "max_sessions" : 1, "bytes_in" : 1027, "bytes_out_rate" : 0.0, "total_sessions" : 13, "bytes_out" : 7358, "current_session_rate" : 0.0, "current_sessions" : 0, "http_request_rate" : 0.0, "bytes_in_rate" : 0.0 } } ] } Required Permissions: read Feature: lb_virtual_servers Additional Errors:

Get the status list of virtual servers in given load balancer service

Returns the status list of virtual servers in given load balancer service.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/services/<service-id>/virtual-servers/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/services/a0de28f3-c0f7-445c-a624-265175da795d/virtual-servers/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbVirtualServerStatusListResult+

Example Response: { "results" : [ { "virtual_server_id" : "6be3337b-42c9-4ad6-8184-82ecb7a3234d", "status" : "UP" }, { "virtual_server_id" : "19ba1f6b-09d7-43df-ae1e-4d491d766d20", "status" : "UP" } ] } Required Permissions: read Feature: lb_virtual_servers Additional Errors:

Retrieve a list of supported SSL ciphers and protocols

Retrieve a list of supported SSL ciphers and protocols.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/ssl/ciphers-and-protocols
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/ssl/ciphers-and-protocols Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbSslCipherAndProtocolListResult+

Example Response: { "result_count" : 35, "ciphers" : [ { "cipher" : "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY", "HIGH_SECURITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "cipher_group_labels" : [ "CUSTOM", "HIGH_SECURITY" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_RSA_WITH_AES_256_CBC_SHA", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_RSA_WITH_AES_128_CBC_SHA", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "cipher_group_labels" : [ "CUSTOM", "HIGH_COMPATIBILITY" ], "is_secure" : false, "is_default" : false }, { "cipher" : "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_RSA_WITH_AES_128_CBC_SHA256", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_RSA_WITH_AES_128_GCM_SHA256", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_RSA_WITH_AES_256_CBC_SHA256", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_RSA_WITH_AES_256_GCM_SHA384", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY", "HIGH_SECURITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY", "HIGH_SECURITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY", "HIGH_SECURITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false } ], "protocols" : [ { "protocol" : "SSL_V3", "is_secure" : false, "is_default" : false }, { "protocol" : "TLS_V1", "is_secure" : false, "is_default" : false }, { "protocol" : "TLS_V1_1", "is_secure" : true, "is_default" : true }, { "protocol" : "TLS_V1_2", "is_secure" : true, "is_default" : true } ] } Required Permissions: read Feature: lb_ssl_profiles Additional Errors:

Create a load balancer TCP profile

Create a load balancer TCP profile.
Request:
Method:
POST
URI Path:
/api/v1/loadbalancer/tcp-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbTcpProfile+

Example Request: POST https://<nsx-mgr>/api/v1/loadbalancer/tcp-profiles { "resource_type": "LbTcpProfile", "display_name": "my tcp profile optimized for WAN from client to LB" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
LbTcpProfile+

Example Response: { "resource_type" : "LbTcpProfile", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43f6", "display_name": "my tcp profile optimized for WAN from client to LB", "nagle_algorithm_enabled": true, "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 } Required Permissions: crud Feature: lb_tcp_profiles Additional Errors:

Retrieve a paginated list of load balancer TCP profiles

Retrieve a paginated list of load balancer TCP profiles.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/tcp-profiles
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/tcp-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbTcpProfileListResult+

Example Response: [ { "resource_type" : "LbTcpProfile", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43f6", "display_name": "my tcp profile optimized for WAN from client to LB", "nagle_algorithm_enabled": true, "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 } ] Required Permissions: read Feature: lb_tcp_profiles Additional Errors:

Update a load balancer TCP profile

Update a load balancer TCP profile.
Request:
Method:
PUT
URI Path:
/api/v1/loadbalancer/tcp-profiles/<tcp-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbTcpProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/loadbalancer/tcp-profiles/b6a5bffa-f6a9-447c-936f-4633f9eb43f6 { "resource_type" : "LbTcpProfile", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43f6", "display_name": "my tcp profile optimized for WAN from client to LB", "nagle_algorithm_enabled": false, "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbTcpProfile+

Example Response: { "resource_type" : "LbTcpProfile", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43f6", "display_name": "my tcp profile optimized for WAN from client to LB", "nagle_algorithm_enabled": false, "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 1 } Required Permissions: crud Feature: lb_tcp_profiles Additional Errors:

Retrieve a load balancer TCP profile

Retrieve a load balancer TCP profile.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/tcp-profiles/<tcp-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/tcp-profiles/b6a5bffa-f6a9-447c-936f-4633f9eb43f6 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbTcpProfile+

Example Response: { "resource_type" : "LbTcpProfile", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43f6", "display_name": "my tcp profile optimized for WAN from client to LB", "nagle_algorithm_enabled": true, "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 } Required Permissions: read Feature: lb_tcp_profiles Additional Errors:

Delete a load balancer TCP profile

Delete a load balancer TCP profile.
Request:
Method:
DELETE
URI Path:
/api/v1/loadbalancer/tcp-profiles/<tcp-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/loadbalancer/tcp-profiles/b6a5bffa-f6a9-447c-936f-4633f9eb43f6 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: lb_tcp_profiles Additional Errors:

Read load balancer usage for the given node

API is used to retrieve the usage of load balancer entities which include
current number and remaining number of credits, virtual Servers, pools,
pool Members and different size of LB services from the given node.
Currently only Edge node is supported.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/usage-per-node/<node-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/usage-per-node/56ad0d8a-6cec-43ea-a30f-a83a4128944d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbEdgeNodeUsage+

Example Response: { "type" : "LbEdgeNodeUsage", "node_id" : "56ad0d8a-6cec-43ea-a30f-a83a4128944d", "edge_cluster_id" : "56ad0d8a-6cec-43ea-a30f-a83a4128944e", "form_factor" : "LARGE_VIRTUAL_MACHINE", "current_credit_number" : 1, "remaining_credit_number" : 39, "usage_percentage" : 2.5, "severity" : "GREEN", "current_pool_members" : 10, "current_virtual_servers" : 2, "current_pools" : 2, "current_small_load_balancer_services" : 1, "current_medium_load_balancer_services" : 0, "current_large_load_balancer_services" : 0, "remaining_small_load_balancer_services" : 39, "remaining_medium_load_balancer_services" : 3, "remaining_large_load_balancer_services" : 0, "remaining_pool_members" : 7490 } Required Permissions: read Feature: lb_services Additional Errors:

Create a load balancer virtual server

Create a load balancer virtual server.
Request:
Method:
POST
URI Path:
/api/v1/loadbalancer/virtual-servers
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbVirtualServer+

Example Request: POST https://<nsx-mgr>/api/v1/loadbalancer/virtual-servers { "ip_protocol":"TCP", "enabled":"true", "pool_id":"356ab0ad-3fdc-48ef-b9df-8c05cedc0fc3", "default_pool_member_port" : "80", "application_profile_id":"cb2d0721-cc15-5b8e-8633-14be114eac5e", "ip_address":"123.123.123.123", "port":"80", "display_name":"LB_HTTP_VirtualServer", "description":"LB_HTTP_VirtualServer created through automation" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
LbVirtualServer+

Example Response: { "resource_type" : "LbVirtualServer", "description" : "LB_HTTP_VirtualServer", "id" : "801ebbb3-90bf-403b-b061-9ec6294813b2", "display_name" : "LB_HTTP_VirtualServer", "ip_address" : "123.123.123.123", "pool_id" : "356ab0ad-3fdc-48ef-b9df-8c05cedc0fc3", "enabled" : true, "ip_protocol" : "TCP", "default_pool_member_port" : "80", "port" : "80", "application_profile_id" : "5563bc87-799d-4340-9715-27e43cb1e60c", "_create_user" : "admin", "_create_time" : 1506659379394, "_last_modified_user" : "admin", "_last_modified_time" : 1506659379394, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: lb_virtual_servers Additional Errors:

Retrieve a paginated list of load balancer virtual servers

Retrieve a paginated list of load balancer virtual servers.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/virtual-servers
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/virtual-servers Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbVirtualServerListResult+

Example Response: { "result_count" : 2, "results" : [ { "resource_type" : "LbVirtualServer", "id" : "a332950f-472d-4ae3-be03-e7ccefe28fbd", "display_name" : "vs1", "ip_address" : "192.168.100.101", "ports" : [ "80" ], "pool_id" : "bf972923-9c40-4183-9a27-8e02d138e8e2", "enabled" : true, "ip_protocol" : "TCP", "port" : "80", "access_log_enabled" : false, "application_profile_id" : "cb2d0721-cc15-5b8e-8633-14be114eac5e", "_create_time" : 1515662800997, "_last_modified_user" : "admin", "_last_modified_time" : 1515662800997, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 }, { "resource_type" : "LbVirtualServer", "id" : "64150185-d351-4f9f-9580-f4ea97fec257", "display_name" : "vs2", "ip_address" : "192.168.100.102", "ports" : [ "80" ], "pool_id" : "bf972923-9c40-4183-9a27-8e02d138e8e2", "enabled" : true, "ip_protocol" : "TCP", "port" : "80", "access_log_enabled" : false, "application_profile_id" : "cb2d0721-cc15-5b8e-8633-14be114eac5e", "_create_time" : 1515663142970, "_last_modified_user" : "admin", "_last_modified_time" : 1515663224934, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 1 } ] } Required Permissions: read Feature: lb_virtual_servers Additional Errors:

Retrieve a load balancer virtual server

Retrieve a load balancer virtual server.
Request:
Method:
GET
URI Path:
/api/v1/loadbalancer/virtual-servers/<virtual-server-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/loadbalancer/virtual-servers/a332950f-472d-4ae3-be03-e7ccefe28fbd Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbVirtualServer+

Example Response: { "resource_type" : "LbVirtualServer", "id" : "a332950f-472d-4ae3-be03-e7ccefe28fbd", "display_name" : "vs1", "ip_address" : "192.168.100.101", "ports" : [ "80" ], "pool_id" : "bf972923-9c40-4183-9a27-8e02d138e8e2", "enabled" : true, "ip_protocol" : "TCP", "port" : "80", "access_log_enabled" : false, "application_profile_id" : "cb2d0721-cc15-5b8e-8633-14be114eac5e", "_create_time" : 1515662800997, "_last_modified_user" : "admin", "_last_modified_time" : 1515662800997, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: lb_virtual_servers Additional Errors:

Update a load balancer virtual server

Update a load balancer virtual server.
Request:
Method:
PUT
URI Path:
/api/v1/loadbalancer/virtual-servers/<virtual-server-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbVirtualServer+

Example Request: PUT https://<nsx-mgr>/api/v1/loadbalancer/virtual-servers/a332950f-472d-4ae3-be03-e7ccefe28fbd { "resource_type" : "LbVirtualServer", "id" : "a332950f-472d-4ae3-be03-e7ccefe28fbd", "display_name" : "vs1", "ip_address" : "192.168.100.101", "ports" : [ "80" ], "pool_id" : "bf972923-9c40-4183-9a27-8e02d138e8e2", "enabled" : true, "ip_protocol" : "TCP", "port" : "80", "access_log_enabled" : false, "application_profile_id" : "cb2d0721-cc15-5b8e-8633-14be114eac5e", "_create_time" : 1515662800997, "_last_modified_user" : "admin", "_last_modified_time" : 1515662800997, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbVirtualServer+

Example Response: { "resource_type" : "LbVirtualServer", "id" : "a332950f-472d-4ae3-be03-e7ccefe28fbd", "display_name" : "virtualserver1", "ip_address" : "192.168.100.101", "ports" : [ "80" ], "pool_id" : "bf972923-9c40-4183-9a27-8e02d138e8e2", "enabled" : true, "ip_protocol" : "TCP", "port" : "80", "access_log_enabled" : false, "application_profile_id" : "cb2d0721-cc15-5b8e-8633-14be114eac5e", "_create_time" : 1515662800997, "_last_modified_user" : "admin", "_last_modified_time" : 1515736438559, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: lb_virtual_servers Additional Errors:

Delete a load balancer virtual server

Delete a load balancer virtual server.
Request:
Method:
DELETE
URI Path:
/api/v1/loadbalancer/virtual-servers/<virtual-server-id>
Request Headers:
n/a
Query Parameters:
LbVirtualServerDeleteParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/loadbalancer/virtual-servers/a332950f-472d-4ae3-be03-e7ccefe28fbd Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: lb_virtual_servers Additional Errors:

Update a load balancer virtual server with rules

It is used to update virtual servers, the associated rules and update the
binding of virtual server and rules.
To add new rules, make sure the rules which have no identifier specified,
the new rules are automatically generated and associated to the virtual
server.
To delete old rules, the rules should not be configured in new action, the
UUID of deleted rules should be also removed from rule_ids.
To update rules, the rules should be specified with new change and
configured with identifier.
If there are some rules which are not modified, those rule should not be
specified in the rules list, the UUID list of rules should be specified in
rule_ids of LbVirtualServer.
Request:
Method:
PUT
URI Path:
/api/v1/loadbalancer/virtual-servers/<virtual-server-id>?action=update_with_rules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbVirtualServerWithRule+

Example Request: PUT https://<nsx-mgr>/api/v1/loadbalancer/virtual-servers/<virtual-server-id>?action=update_with_rules { "virtual_server": { "resource_type" : "LbVirtualServer", "description" : "LB_HTTP_VirtualServer", "id" : "801ebbb3-90bf-403b-b061-9ec6294813b2", "display_name" : "LB_HTTP_VirtualServer", "ip_address" : "123.123.123.123", "pool_id" : "356ab0ad-3fdc-48ef-b9df-8c05cedc0fc3", "enabled" : true, "rule_ids" : ["b6a5bffa-f6a9-447c-936f-4633f9eb43a7"], "ip_protocol" : "TCP", "default_pool_member_port" : "80", "port" : "80", "application_profile_id" : "5563bc87-799d-4340-9715-27e43cb1e60c", "_create_user" : "admin", "_create_time" : 1506659379394, "_last_modified_user" : "admin", "_last_modified_time" : 1506659379394, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 0 }, "rules": [ { "resource_type" : "LbRule", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43a7", "display_name": "LoginRouteRule", "description": "LbRule to route login requests to dedicated pool", "match_conditions" : [{ "type": "LbHttpRequestUriCondition", "match_type": "EQUALS", "uri": "/login", "inverse": false }], "match_strategy" : "ALL", "phase" : "HTTP_FORWARDING", "actions" : [{ "type": "LbSelectPoolAction", "pool_id": "b6a5bffa-f6a9-447c-6666-4633f9eb1234" }], "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 }, { "resource_type" : "LbRule", "display_name": "URIRewriteRule2", "description": "Sample URI rewrite rule2", "match_conditions" : [{ "type": "LbHttpRequestUriCondition", "match_type": "REGEX", "uri": "/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)", "inverse": false }], "match_strategy" : "ALL", "phase" : "HTTP_REQUEST_REWRITE", "actions" : [{ "type": "LbHttpRequestUriRewriteAction", "uri": "/news/$year-$month-$article", "uri_arguments": "" }] } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbVirtualServerWithRule+

Example Response: { "virtual_server": { "resource_type" : "LbVirtualServer", "description" : "LB_HTTP_VirtualServer", "id" : "801ebbb3-90bf-403b-b061-9ec6294813b2", "display_name" : "LB_HTTP_VirtualServer", "ip_address" : "123.123.123.123", "pool_id" : "356ab0ad-3fdc-48ef-b9df-8c05cedc0fc3", "enabled" : true, "rule_ids" : ["b6a5bffa-f6a9-447c-936f-4633f9eb43a7", "e6a5bffa-f6a9-447c-936f-4633f9eb43a7"], "ip_protocol" : "TCP", "default_pool_member_port" : "80", "port" : "80", "application_profile_id" : "5563bc87-799d-4340-9715-27e43cb1e60c", "_create_user" : "admin", "_create_time" : 1506659379394, "_last_modified_user" : "admin", "_last_modified_time" : 1506659379394, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 1 }, "rules": [ { "resource_type" : "LbRule", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43a7", "display_name": "LoginRouteRule", "description": "LbRule to route login requests to dedicated pool", "match_conditions" : [{ "type": "LbHttpRequestUriCondition", "match_type": "EQUALS", "uri": "/login", "inverse": false }], "match_strategy" : "ALL", "phase" : "HTTP_FORWARDING", "actions" : [{ "type": "LbSelectPoolAction", "pool_id": "b6a5bffa-f6a9-447c-6666-4633f9eb1234" }], "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 1 }, { "resource_type" : "LbRule", "id" : "e6a5bffa-f6a9-447c-936f-4633f9eb43a7", "display_name": "URIRewriteRule2", "description": "Sample URI rewrite rule2", "match_conditions" : [{ "type": "LbHttpRequestUriCondition", "match_type": "REGEX", "uri": "/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)", "inverse": false }], "match_strategy" : "ALL", "phase" : "HTTP_REQUEST_REWRITE", "actions" : [{ "type": "LbHttpRequestUriRewriteAction", "uri": "/news/$year-$month-$article", "uri_arguments": "" }], "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 } ] } Required Permissions: crud Feature: lb_virtual_servers Additional Errors:

Create a load balancer virtual server with rules

It is used to create virtual servers, the associated rules and bind the
rules to the virtual server.
To add new rules, make sure the rules which have no identifier specified,
the new rules are automatically generated and associated to the virtual
server.
If the virtual server need to consume some existed rules without change,
those rules should not be specified in this array, otherwise, the rules
are updated.
Request:
Method:
POST
URI Path:
/api/v1/loadbalancer/virtual-servers?action=create_with_rules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LbVirtualServerWithRule+

Example Request: POST https://<nsx-mgr>/api/v1/loadbalancer/virtual-servers?action=create_with_rules { "virtual_server": { "ip_protocol":"TCP", "enabled":"true", "pool_id":"356ab0ad-3fdc-48ef-b9df-8c05cedc0fc3", "default_pool_member_port" : "80", "application_profile_id":"cb2d0721-cc15-5b8e-8633-14be114eac5e", "ip_address":"123.123.123.123", "port":"80", "display_name":"LB_HTTP_VirtualServer", "description":"LB_HTTP_VirtualServer created through automation" }, "rules": [ { "resource_type" : "LbRule", "display_name": "LoginRouteRule", "description": "LbRule to route login requests to dedicated pool", "match_conditions" : [{ "type": "LbHttpRequestUriCondition", "match_type": "EQUALS", "uri": "/login", "inverse": false }], "match_strategy" : "ALL", "phase" : "HTTP_FORWARDING", "actions" : [{ "type": "LbSelectPoolAction", "pool_id": "b6a5bffa-f6a9-447c-6666-4633f9eb1234" }] }, { "resource_type" : "LbRule", "display_name": "URIRewriteRule", "description": "Sample URI rewrite rule", "match_conditions" : [{ "type": "LbHttpRequestUriCondition", "match_type": "REGEX", "uri": "/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)", "inverse": false }], "match_strategy" : "ALL", "phase" : "HTTP_REQUEST_REWRITE", "actions" : [{ "type": "LbHttpRequestUriRewriteAction", "uri": "/news/$year-$month-$article", "uri_arguments": "" }] } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
LbVirtualServerWithRule+

Example Response: { "virtual_server": { "resource_type" : "LbVirtualServer", "description" : "LB_HTTP_VirtualServer", "id" : "801ebbb3-90bf-403b-b061-9ec6294813b2", "display_name" : "LB_HTTP_VirtualServer", "ip_address" : "123.123.123.123", "pool_id" : "356ab0ad-3fdc-48ef-b9df-8c05cedc0fc3", "enabled" : true, "rule_ids" : ["b6a5bffa-f6a9-447c-936f-4633f9eb43a7", "c6a5bffa-f6a9-447c-936f-4633f9eb43a7"], "ip_protocol" : "TCP", "default_pool_member_port" : "80", "port" : "80", "application_profile_id" : "5563bc87-799d-4340-9715-27e43cb1e60c", "_create_user" : "admin", "_create_time" : 1506659379394, "_last_modified_user" : "admin", "_last_modified_time" : 1506659379394, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 0 }, "rules": [ { "resource_type" : "LbRule", "id" : "b6a5bffa-f6a9-447c-936f-4633f9eb43a7", "display_name": "LoginRouteRule", "description": "LbRule to route login requests to dedicated pool", "match_conditions" : [{ "type": "LbHttpRequestUriCondition", "match_type": "EQUALS", "uri": "/login", "inverse": false }], "match_strategy" : "ALL", "phase" : "HTTP_FORWARDING", "actions" : [{ "type": "LbSelectPoolAction", "pool_id": "b6a5bffa-f6a9-447c-6666-4633f9eb1234" }], "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 }, { "resource_type" : "LbRule", "id" : "c6a5bffa-f6a9-447c-936f-4633f9eb43a7", "display_name": "URIRewriteRule", "description": "Sample URI rewrite rule", "match_conditions" : [{ "type": "LbHttpRequestUriCondition", "match_type": "REGEX", "uri": "/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)", "inverse": false }], "match_strategy" : "ALL", "phase" : "HTTP_REQUEST_REWRITE", "actions" : [{ "type": "LbHttpRequestUriRewriteAction", "uri": "/news/$year-$month-$article", "uri_arguments": "" }], "_create_time" : 1478304339963, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478304339963, "_revision" : 0 } ] } Required Permissions: crud Feature: lb_virtual_servers Additional Errors:

Management Plane API: Services: Metadata Proxy

Associated URIs:

Create a metadata proxy

Request:
Method:
POST
URI Path:
/api/v1/md-proxies
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MetadataProxy+

Example Request: POST https://<nsx-mgr>/api/v1/md-proxies { "display_name" : "metadata-proxy-2", "metadata_server_url" : "http://12.34.56.78:3000", "secret" : "secret123", "edge_cluster_id" : "4a6a13e0-eb66-4c02-96c3-85c9a250a946", "enable_standby_relocation": true } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
MetadataProxy+

Example Response: { "resource_type" : "MetadataProxy", "id" : "e62a2471-d2ed-4644-b50c-1c61df81c011", "display_name" : "metadata-proxy-2", "metadata_server_url" : "http://12.34.56.78:3000", "edge_cluster_id" : "4a6a13e0-eb66-4c02-96c3-85c9a250a946", "enable_standby_relocation": true, "_create_time" : 1478285793221, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478285793221, "_revision" : 0 } Required Permissions: crud Feature: metadata_proxies Additional Errors:

Get a paginated list of metadata proxies

Request:
Method:
GET
URI Path:
/api/v1/md-proxies
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/md-proxies Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MetadataProxyListResult+

Example Response: { "cursor" : "0036cba8d9be-a4ad-4cc3-8062-bb19d285cdcametadata-proxy-1", "result_count" : 1, "results" : [ { "resource_type" : "MetadataProxy", "id" : "cba8d9be-a4ad-4cc3-8062-bb19d285cdca", "display_name" : "metadata-proxy-1", "metadata_server_url" : "http://12.34.56.78:3000", "edge_cluster_id" : "4a6a13e0-eb66-4c02-96c3-85c9a250a946", "edge_cluster_member_indexes" : [ 1, 0 ], "attached_logical_port_id" : "ecde011f-528f-4ccb-a147-dd45d74103b6", "_create_time" : 1478121185369, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478121185369, "_revision" : 0 } ] } Required Permissions: read Feature: metadata_proxies Additional Errors:

Delete a metadata proxy

Request:
Method:
DELETE
URI Path:
/api/v1/md-proxies/<proxy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/md-proxies/e62a2471-d2ed-4644-b50c-1c61df81c011 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: metadata_proxies Additional Errors:

Get a metadata proxy

Request:
Method:
GET
URI Path:
/api/v1/md-proxies/<proxy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/md-proxies/cba8d9be-a4ad-4cc3-8062-bb19d285cdca Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MetadataProxy+

Example Response: { "resource_type" : "MetadataProxy", "id" : "cba8d9be-a4ad-4cc3-8062-bb19d285cdca", "display_name" : "metadata-proxy-1", "metadata_server_url" : "http://12.34.56.78:3000", "edge_cluster_id" : "4a6a13e0-eb66-4c02-96c3-85c9a250a946", "edge_cluster_member_indexes" : [ 1, 0 ], "attached_logical_port_id" : "ecde011f-528f-4ccb-a147-dd45d74103b6", "_create_time" : 1478121185369, "_create_user" : "admin", "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1478121185369, "_revision" : 0 } Required Permissions: read Feature: metadata_proxies Additional Errors:

Update a metadata proxy

Request:
Method:
PUT
URI Path:
/api/v1/md-proxies/<proxy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MetadataProxy+

Example Request: PUT https://<nsx-mgr>/api/v1/md-proxies/e62a2471-d2ed-4644-b50c-1c61df81c011 { "display_name" : "metadata-proxy-2", "metadata_server_url" : "http://12.34.56.79:3000", "edge_cluster_id" : "4a6a13e0-eb66-4c02-96c3-85c9a250a946", "enable_standby_relocation": true, "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MetadataProxy+

Example Response: { "resource_type" : "MetadataProxy", "id" : "e62a2471-d2ed-4644-b50c-1c61df81c011", "display_name" : "metadata-proxy-2", "metadata_server_url" : "http://12.34.56.79:3000", "edge_cluster_id" : "4a6a13e0-eb66-4c02-96c3-85c9a250a946", "enable_standby_relocation": true, "attached_logical_port_id" : "ecde011f-528f-4ccb-a147-dd45d74103b6", "_last_modified_user" : "admin", "_last_modified_time" : 1478286749290, "_revision" : 1 } Required Permissions: crud Feature: metadata_proxies Additional Errors:

Get Metadata Proxy status with given proxy id and attached logical switch.

Returns the status of the given metadata proxy and attached logical switch.
Request:
Method:
GET
URI Path:
/api/v1/md-proxies/<proxy-id>/<logical-switch-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: TODO Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MetadataProxyStatus+

Required Permissions: read Feature: metadata_proxies Additional Errors:

Get Metadata Proxy statistics with given proxy id

Returns the statistics of the given metatada proxy. If no logical switch
is provided, all staticstics of all the logical switches the proxy was
attached will be returned.
Request:
Method:
GET
URI Path:
/api/v1/md-proxies/<proxy-id>/statistics
Request Headers:
n/a
Query Parameters:
MetadataProxyStatisticsRequestParameters+
Request Body:
n/a

Example Request: TODO Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MetadataProxyStatistics+

Required Permissions: read Feature: metadata_proxies Additional Errors:

Management Plane API: Services: Policy Based Routing

Associated URIs:

List All PBR Sections

List all PBR section in paginated form. A default page size is limited
to 1000 PBR sections.
Request:
Method:
GET
URI Path:
/api/v1/pbr/sections
Request Headers:
n/a
Query Parameters:
PBRSectionFilterParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pbr/sections Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PBRSectionListResult+

Example Response: { "cursor": "003616a93c39-5822-469e-b0be-70728153642ePBRSection", "sort_by": "position", "result_count": 2, "results": [ { "resource_type": "PBRSection", "description": "Distributed access to cloud services VPC vpc-5b4cf63d", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "DS-PBR-vpc-5b4cf63d", "rule_count": 0, "_last_modified_user": "system", "_system_owned": true, "_last_modified_time": 1445894033107, "_create_user": "system", "_create_time": 1445894033107, "_revision": 0 }, { "resource_type": "PBRSection", "id": "16a93c39-5822-469e-b0be-70728153642e", "display_name": "DS-PBR-vpc-c003b7a6", "rule_count": 1, "_last_modified_user": "system", "_system_owned": true, "_last_modified_time": 1445888985075, "_create_user": "system", "_create_time": 1445888985075, "_revision": 0 } ] } Required Permissions: read Feature: pbr Additional Errors:

Create a New Empty Section

Creates new empty PBR section in the system.
Request:
Method:
POST
URI Path:
/api/v1/pbr/sections
Request Headers:
n/a
Query Parameters:
PBRInsertParameters+
Request Body:
PBRSection+

Example Request: POST https://<nsx-mgr>/api/v1/pbr/sections { "display_name": "DS-PBR-vpc-5b4cf63d" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
PBRSection+

Example Response: { "resource_type": "PBRSection", "id": "dd8afb22-df12-4b37-aea2-7f0bbf7cdb37", "display_name": "DS-PBR-vpc-5b4cf63d", "rule_count": 0, "_last_modified_user": "system", "_system_owned": false, "_last_modified_time": 1445894697038, "_create_user": "system", "_create_time": 1445894697038, "_revision": 0 } Required Permissions: crud Feature: pbr Additional Errors:

Delete an Existing Section and Its Associated Rules

Removes PBR section from the system. PBR section with
rules can only be deleted by passing "cascade=true" parameter.
Request:
Method:
DELETE
URI Path:
/api/v1/pbr/sections/<section-id>
Request Headers:
n/a
Query Parameters:
PBRSectionQueryParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/pbr/sections/65a60890-6f48-418d-a7d5-5aaf65fc4e5b Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: pbr Additional Errors:

Update an Existing Section

Modifies the specified section, but does not modify the section's associated rules.
Request:
Method:
PUT
URI Path:
/api/v1/pbr/sections/<section-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PBRSection+

Example Request: PUT https://<nsx-mgr>/api/v1/pbr/sections/65a60890-6f48-418d-a7d5-5aaf65fc4e5b { "_revision": 0, "description": "Provides distributed access to cloud services", "display_name": "DS-PBR-vpc-5b4cf63d" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PBRSection+

Example Response: { "resource_type": "PBRSection", "description": "Provides distributed access to cloud services", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "DS-PBR-vpc-5b4cf63d", "rule_count": 0, "_last_modified_user": "system", "_system_owned": true, "_last_modified_time": 1445894033117, "_create_user": "system", "_create_time": 1445894033107, "_revision": 1 } Required Permissions: crud Feature: pbr Additional Errors:

Get an Existing Section

Returns information about PBR section for the identifier.
Request:
Method:
GET
URI Path:
/api/v1/pbr/sections/<section-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pbr/sections/65a60890-6f48-418d-a7d5-5aaf65fc4e5b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PBRSection+

Example Response: { "resource_type": "PBRSection", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "DS-PBR-vpc-5b4cf63d", "rule_count": 0, "_last_modified_user": "system", "_system_owned": true, "_last_modified_time": 1445894697038, "_create_user": "system", "_create_time": 1445894697038, "_revision": 0 } Required Permissions: read Feature: pbr Additional Errors:

Get All the Rules for a Section

Return all PBR rule(s) information for a given PBR section.
Request:
Method:
GET
URI Path:
/api/v1/pbr/sections/<section-id>/rules
Request Headers:
n/a
Query Parameters:
PBRListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pbr/sections/16a93c39-5822-469e-b0be-70728153642e/rules?page_size=2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PBRRuleListResult+

Example Response: { "cursor": "003600000000-0000-0000-0000-0000000000022305843009213694015", "sort_by": "priority", "result_count": 2, "results": [ { "id": "1430528", "display_name": "PBR-RDS-vpc-5b4cf63d", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false, "_revision": 0 }, { "id": "1430529", "display_name": "PBR-S3-vpc-5b4cf63d", "sources": [ { "target_display_name": "S3", "is_valid": true, "target_type": "IPSet", "target_id": "abcbbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false, "_revision": 0 } ], } Required Permissions: read Feature: pbr Additional Errors:

Add a Single Rule in a Section

Adds a new PBR rule in existing PBR section.
Request:
Method:
POST
URI Path:
/api/v1/pbr/sections/<section-id>/rules
Request Headers:
n/a
Query Parameters:
PBRInsertParameters+
Request Body:
PBRRule+

Example Request: POST https://<nsx-mgr>/api/v1/pbr/sections/2111d18f-27ba-4f19-a51d-2173c3972410/rules { "display_name": "PBR-RDS-vpc-5b4cf63d", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PBRRule+

Example Response: { "id": "1799168", "display_name": "PBR-RDS-vpc-5b4cf63d", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false, "_revision": 0 } Required Permissions: crud Feature: pbr Additional Errors:

Update an Existing Rule

Modifies existing rule in a PBR section.
Request:
Method:
PUT
URI Path:
/api/v1/pbr/sections/<section-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PBRRule+

Example Request: PUT https://<nsx-mgr>/api/v1/pbr/sections/2111d18f-27ba-4f19-a51d-2173c3972410/rules/7168 { "_revision": 1, "id": "7168", "display_name": "PBR-RDS-vpc-5b4cf63d", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PBRRule+

Example Response: { "id": "7168", "display_name": "PBR-RDS-vpc-5b4cf63d", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false, "_revision": 2 } Required Permissions: crud Feature: pbr Additional Errors:

Read an Existing Rule

Return existing PBR rule information in a PBR section.
Request:
Method:
GET
URI Path:
/api/v1/pbr/sections/<section-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pbr/sections/16a93c39-5822-469e-b0be-70728153642e/rules/111616 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PBRRule+

Example Response: { "id": "111616", "display_name": "PBR-RDS-vpc-5b4cf63d", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false, "_revision": 3 } Required Permissions: read Feature: pbr Additional Errors:

Delete an Existing Rule

Delete existing PBR rule in a PBR section.
Request:
Method:
DELETE
URI Path:
/api/v1/pbr/sections/<section-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/pbr/sections/16a93c39-5822-469e-b0be-70728153642e/rules/111616 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: pbr Additional Errors:

Get PBR rule level statistics.

Get aggregated statistics for a rule for given PBR rule.
Stats include total number of packets and total number of bytes for the
PBR rule.
Request:
Method:
GET
URI Path:
/api/v1/pbr/sections/<section-id>/rules/<rule-id>/stats
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pbr/sections/d1cba5d1-02dc-4507-b6e8-117cb050e71d/rules/2/stats Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PBRStats+

Example Response: { "rule_id": "2", "packet_count": 3806, "byte_count": 322989, "_schema": "PBRRule" } Required Permissions: read Feature: pbr Additional Errors:

Update an Existing Rule and Reorder the Rule

Modifies existing PBR rule along with relative position among
other PBR rules inside a PBR section.
Request:
Method:
POST
URI Path:
/api/v1/pbr/sections/<section-id>/rules/<rule-id>?action=revise
Request Headers:
n/a
Query Parameters:
PBRInsertParameters+
Request Body:
PBRRule+

Example Request: POST https://<nsx-mgr>/api/v1/pbr/sections/2111d18f-27ba-4f19-a51d-2173c3972410/rules/7168?action=revise&operation=insert_bottom { "id": "7168", "display_name": "PBR-RDS-vpc-5b4cf63d", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false, "_revision": 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PBRRule+

Example Response: { "id": "7168", "display_name": "PBR-RDS-vpc-5b4cf63d", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false, "_revision": 3 } Required Permissions: crud Feature: pbr Additional Errors:

Get PBR section level statistics.

Get aggregated statistics for all rules for a given pbr section.
Data includes total number of packets, and total number of bytes for all
PBR rules in the given section.
Request:
Method:
GET
URI Path:
/api/v1/pbr/sections/<section-id>/rules/stats
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pbr/sections/d1cba5d1-02dc-4507-b6e8-117cb050e71d/rules/stats Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PBRStatsList+

Example Response: { "results" : [ { "rule_id": "2", "packet_count": 3806, "byte_count": 322989, "_schema": "PBRRule" }, { "rule_id": "3", "packet_count": 8762, "byte_count": 76201, "_schema": "PBRRule" } ], "result_count" : 2 } Required Permissions: read Feature: pbr Additional Errors:

Add Multiple Rules in a Section

Create multiple PBR rules in existing PBR section bounded by
limit of 1000 PBR rules per section.
Request:
Method:
POST
URI Path:
/api/v1/pbr/sections/<section-id>/rules?action=create_multiple
Request Headers:
n/a
Query Parameters:
PBRInsertParameters+
Request Body:
PBRRuleList+

Example Request: POST https://<nsx-mgr>/api/v1/pbr/sections/2111d18f-27ba-4f19-a51d-2173c3972410/rules?action=create_multiple { "rules" : [ { "id": "1430528", "display_name": "PBR-RDS-vpc-5b4cf63d", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false }, { "id": "1430529", "display_name": "PBR-S3-vpc-5b4cf63d", "sources": [ { "target_display_name": "S3", "is_valid": true, "target_type": "IPSet", "target_id": "abcbbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PBRRuleList+

Example Response: { "rules": [ { "id": "1430528", "display_name": "PBR-RDS-vpc-5b4cf63d", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false, "_revision": 3 }, { "id": "1430529", "display_name": "PBR-S3-vpc-5b4cf63d", "sources": [ { "target_display_name": "S3", "is_valid": true, "target_type": "IPSet", "target_id": "abcbbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false, "_revision": 3 } ] } Required Permissions: crud Feature: pbr Additional Errors:

Get an Existing Section, Including Rules

Returns PBR section information with rules for a section identifier.
When invoked on a section with a large number of rules, this API is supported
only at low rates of invocation (not more than 4-5 times per minute). The
typical latency of this API with about 1024 rules is about 4-5 seconds. This
API should not be invoked with large payloads at automation speeds. More than
50 rules with a large number rule references is not supported.

Instead, to read PBR rules, use:
GET /api/v1/pbr/sections/<section-id>/rules with the appropriate
page_size.
Request:
Method:
POST
URI Path:
/api/v1/pbr/sections/<section-id>?action=list_with_rules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/pbr/sections/65a60890-6f48-418d-a7d5-5aaf65fc4e5b?action=list_with_rules Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PBRSectionRuleList+

Example Response: { "resource_type": "PBRSectionRuleList", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "DS-PBR-vpc-5b4cf63d", "rule_count": 1, "rules": [ { "id": "1430528", "display_name": "PBR-RDS-vpc-5b4cf63d", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false, "_revision": 1 } ], "_last_modified_user": "system", "_last_modified_time": 1445912484450, "_revision": 1 } Required Permissions: read Feature: pbr Additional Errors:

Update an Existing Section, including Its Position

Modifies an existing PBR section along with its relative position
among other PBR sections in the system.
Request:
Method:
POST
URI Path:
/api/v1/pbr/sections/<section-id>?action=revise
Request Headers:
n/a
Query Parameters:
PBRInsertParameters+
Request Body:
PBRSection+

Example Request: POST https://<nsx-mgr>/api/v1/pbr/sections/2111d18f-27ba-4f19-a51d-2173c3972410?action=revise&operation=insert_before&id=79b29ea5-051a-4ab2-af85-fb6520a9f881 { "id": "2111d18f-27ba-4f19-a51d-2173c3972410", "display_name": "Provides distributed access to cloud services", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PBRSection+

Example Response: { "resource_type": "PBRSection", "id": "2111d18f-27ba-4f19-a51d-2173c3972410", "display_name": "Provides distributed access to cloud services", "rule_count": 1, "_create_time": 1446241866925, "_last_modified_user": "system", "_system_owned": true, "_last_modified_time": 1446241866925, "_create_user": "system", "_revision": 1 } Required Permissions: crud Feature: pbr Additional Errors:

Update an Existing Section with Rules

Modifies an existing PBR section along with its relative position
among other PBR sections with rules. When invoked on a large number
of rules, this API is supported only at low rates of invocation (not more
than 2 times per minute). The typical latency of this API with about 1024
rules is about 15 seconds in a cluster setup. This API should not be
invoked with large payloads at automation speeds.

Instead, to move a section above or below another section, use:
POST /api/v1/pbr/sections/<section-id>?action=revise

To modify rules, use:
PUT /api/v1/pbr/sections/<section-id>/rules/<rule-id>
Request:
Method:
POST
URI Path:
/api/v1/pbr/sections/<section-id>?action=revise_with_rules
Request Headers:
n/a
Query Parameters:
PBRInsertParameters+
Request Body:
PBRSectionRuleList+

Example Request: POST https://<nsx-mgr>/api/v1/pbr/sections/2111d18f-27ba-4f19-a51d-2173c3972410?action=revise_with_rules&operation=insert_after&id=79b29ea5-051a-4ab2-af85-fb6520a9f881 { "id": "2111d18f-27ba-4f19-a51d-2173c3972410", "display_name":"Provides distributed access to cloud services", "_revision": 0. "rules":[ { "display_name":"PBR-RDS-vpc-5b4cf63d", "action":"ROUTE_TO_UNDERLAY_NAT", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ] } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PBRSectionRuleList+

Example Response: { "resource_type": "PBRSectionRuleList", "id": "2111d18f-27ba-4f19-a51d-2173c3972410", "display_name": "Provides distributed access to cloud services", "rule_count": 1, "rules": [ { "id": "7168", "display_name": "PBR-RDS-vpc-5b4cf63d", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false, "_revision": 1 } ], "_last_modified_user": "system", "_last_modified_time": 1446245476635, "_revision": 1 } Required Permissions: crud Feature: pbr Additional Errors:

Update an Existing Section, Including Its Rules

Modifies existing PBR section along with its association with rules.
When invoked on a large number of rules, this API is supported only at low
rates of invocation (not more than 2 times per minute). The typical latency
of this API with about 1024 rules is about 15 seconds in a cluster setup.
This API should not be invoked with large payloads at automation speeds.

Instead, to update rule content, use:
PUT /api/v1/pbr/sections/<section-id>/rules/<rule-id>
Request:
Method:
POST
URI Path:
/api/v1/pbr/sections/<section-id>?action=update_with_rules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PBRSectionRuleList+

Example Request: POST https://<nsx-mgr>/api/v1/pbr/sections/79b29ea5-051a-4ab2-af85-fb6520a9f881?action=update_with_rules { "_revision": 1, "id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "display_name": "DS-PBR-vpc-5b4cf63d", "tags": [], "rules": [ { "id": "1639424", "display_name": "PBR-RDS-vpc-5b4cf63d", "notes": "This is a rule for distributed access to AWS RDS services", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PBRSectionRuleList+

Example Response: { "resource_type": "PBRSectionRuleList", "id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "display_name": "DS-PBR-vpc-5b4cf63d", "tags": [], "rule_count": 1, "rules": [ { "id": "1639424", "display_name": "PBR-RDS-vpc-5b4cf63d", "notes": "This is a rule for distributed access to AWS RDS services", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false, "_revision": 2 } ], "_last_modified_user": "system", "_last_modified_time": 1446249271991, "_revision": 2 } Required Permissions: crud Feature: pbr Additional Errors:

Create a Section with Rules

Creates a new PBR section with rules. The limit on the number of
rules is defined by maxItems in collection types for PBRRule
(PBRRuleXXXList types). When invoked on a section with a large number
of rules, this API is supported only at low rates of invocation (not more
than 4-5 times per minute). The typical latency of this API with about 1024
rules is about 4-5 seconds. This API should not be invoked with large
payloads at automation speeds. More than 50 rules with a large number of
rule references is not supported.

Instead, to create sections, use:
POST /api/v1/pbr/sections

To create rules, use:
POST /api/v1/pbr/sections/<section-id>/rules
Request:
Method:
POST
URI Path:
/api/v1/pbr/sections?action=create_with_rules
Request Headers:
n/a
Query Parameters:
PBRInsertParameters+
Request Body:
PBRSectionRuleList+

Example Request: POST https://<nsx-mgr>/api/v1/pbr/sections?action=create_with_rules&operation=insert_bottom { "display_name":"RDS-vpc-5b4cf63d", "rules":[ { "display_name":"PBR-RDS-vpc-5b4cf63d", "action":"ROUTE_TO_UNDERLAY_NAT", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ] }, { "display_name": "PBR-S3-vpc-5b4cf63d", "action":"ROUTE_TO_OVERLAY_NAT", "sources": [ { "target_display_name": "S3", "is_valid": true, "target_type": "IPSet", "target_id": "abcbbc9f-6eae-4009-b709-532820dbba2a" } ] } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
PBRSectionRuleList+

Example Response: { "resource_type": "PBRSectionRuleList", "id": "3222f90e-921c-46ea-be64-99b1c0c51838", "display_name": "RDS-vpc-5b4cf63d", "rule_count": 2, "rules": [ { "id": "1430528", "display_name": "PBR-RDS-vpc-5b4cf63d", "destinations": [ { "target_display_name": "RDS-vpc-5b4cf63d", "is_valid": true, "target_type": "IPSet", "target_id": "96ebbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false, "_revision": 0 }, { "id": "1430529", "display_name": "PBR-S3-vpc-5b4cf63d", "sources": [ { "target_display_name": "S3", "is_valid": true, "target_type": "IPSet", "target_id": "abcbbc9f-6eae-4009-b709-532820dbba2a" } ], "logged": false, "action": "ROUTE_TO_UNDERLAY_NAT", "disabled": false, "_revision": 0 } ], "_create_time": 1446242294559, "_last_modified_user": "system", "_system_owned": true, "_last_modified_time": 1446242294559, "_create_user": "system", "_revision": 0 } Required Permissions: crud Feature: pbr Additional Errors:

Management Plane API: Services: Service Insertion

Associated URIs:

Modify exclude list

Modify exclude list. This includes adding/removing members in the list.
Request:
Method:
PUT
URI Path:
/api/v1/serviceinsertion/excludelist
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SIExcludeList+

Example Request: PUT https://<nsx-mgr>/api/v1/serviceinsertion/excludelist { "id": "abcd06ef-1fe7-4434-bb12-527cad97abcd", "members": [ { "target_display_name": "app-tier-01", "target_type": "LogicalSwitch", "target_id": "bbbbe971-0329-4f35-966a-7cd879171688" } ], "_revision": 9 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SIExcludeList+

Example Response: { "resource_type": "SIExcludeList", "id": "abcd06ef-1fe7-4434-bb12-527cad97abcd", "display_name": "abcd06ef-1fe7-4434-bb12-527cad97abcd", "members": [ { "target_display_name": "app-tier-01", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "bbbbe971-0329-4f35-966a-7cd879171688" } ], "_last_modified_time": 1238768575155, "_last_modified_user": "admin", "_revision": 10 } Required Permissions: crud Feature: service_insertion Additional Errors:

Get list of members in exclude list

Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/excludelist
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/excludelist Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SIExcludeList+

Example Response: { "resource_type": "SIExcludeList", "description": "", "id": "abcd06ef-1fe7-4434-bb12-527cad97abcd", "display_name": "abcd06ef-1fe7-4434-bb12-527cad97abcd", "tags": [], "member_count": 2 "members": [ { "target_display_name": "ffffaadd-25d7-4c73-b03c-227ac314eeee", "is_valid": true, "target_type": "LogicalPort", "target_id": "ffffaadd-25d7-4c73-b03c-227ac314eeee" }, { "target_display_name": "app-tier-01", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "5091f6ac-ada1-428c-b521-630bc0d55574" } ], "_last_modified_time": 3338598876903, "_last_modified_user": "admin", "_revision": 2 } Required Permissions: read Feature: service_insertion Additional Errors:

Add a new member in the exclude list

Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/excludelist?action=add_member
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ResourceReference+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/excludelist?action=add_member { "target_id" : "bbbbe971-0329-4f35-966a-7cd879171688", "target_type" : "LogicalSwitch" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ResourceReference+

Example Response: { "target_display_name": "app-tier-01", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "bbbbe971-0329-4f35-966a-7cd879171688" } Required Permissions: crud Feature: service_insertion Additional Errors:

Remove an existing object from the exclude list

Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/excludelist?action=remove_member
Request Headers:
n/a
Query Parameters:
SIExcludeListRequestParams+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/excludelist?action=remove_member&object_id=5091f6ac-ada1-428c-b521-630bc0d55574 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ResourceReference+

Required Permissions: crud Feature: service_insertion Additional Errors:

Create a New Empty Section

Creates new empty Service Insertion section in the system.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/sections
Request Headers:
n/a
Query Parameters:
ServiceInsertionInsertParameters+
Request Body:
ServiceInsertionSection+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/sections { "display_name": "web-switch", "section_type" : "L3REDIRECT", "stateful" : false "applied_tos": [ { "target_display_name": "Tier0-LR-1", "is_valid": true, "target_type": "LogicalRouter", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionSection+

Example Response: { "resource_type": "ServiceInsertionSection", "id": "dd8afb22-df12-4b37-aea2-7f0bbf7cdb37", "display_name": "web-switch", "applied_tos": [ { "target_display_name": "Tier0-LR-1", "is_valid": true, "target_type": "LogicalRouter", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "section_type": "L3REDIRECT", "is_default": false, "stateful": false, "rule_count": 0, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1445894697038, "_create_user": "admin", "_create_time": 1445894697038, "_revision": 0 } Required Permissions: crud Feature: service_insertion Additional Errors:

List All Service Insertion Sections

List all Service Insertion section in paginated form. A default page size is limited
to 1000 sections. By default, the list of section is filtered by L3REDIRECT
type.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/sections
Request Headers:
n/a
Query Parameters:
ServiceInsertionSectionFilterParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/sections Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionSectionListResult+

Example Response: { "cursor": "003616a93c39-5822-469e-b0be-70728153642eServiceInsertionSection", "sort_by": "position", "result_count": 2, "results": [ { "resource_type": "ServiceInsertionSection", "description": "protects app VMs", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "app-serviceinsertion", "section_type": "L3REDIRECT", "applied_tos": [ { "target_display_name": "Tier0-LR-1", "is_valid": true, "target_type": "LogicalRouter", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "is_default": false, "stateful": false, "rule_count": 0, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1445894033107, "_create_user": "admin", "_create_time": 1445894033107, "_revision": 0 }, { "resource_type": "ServiceInsertionSection", "id": "16a93c39-5822-469e-b0be-70728153642e", "display_name": "User Created L3 Redirect Section", "applied_tos": [ { "target_display_name": "Tier0-LR-1", "is_valid": true, "target_type": "LogicalRouter", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "section_type": "L3REDIRECT", "is_default": true, "stateful": false, "rule_count": 1, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1445888985075, "_create_user": "admin", "_create_time": 1445888985075, "_revision": 0 } ] } Required Permissions: read Feature: service_insertion Additional Errors:

Update an Existing Section

Modifies the specified section, but does not modify the section's associated rules.
Request:
Method:
PUT
URI Path:
/api/v1/serviceinsertion/sections/<section-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceInsertionSection+

Example Request: PUT https://<nsx-mgr>/api/v1/serviceinsertion/sections/65a60890-6f48-418d-a7d5-5aaf65fc4e5b { "_revision": 0, "description": "protects app and web VMs", "display_name": "app_and_web-serviceinsertion", "section_type": "L3REDIRECT", "applied_tos": [ { "target_type": "LogicalRouter", "target_id": "b489b427-9f14-401e-81db-d1105a1917fe" } ], "stateful": false } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionSection+

Example Response: { "resource_type": "ServiceInsertionSection", "description": "protects app and webVMs", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "app-serviceinsertion", "section_type": "L3REDIRECT", "applied_tos": [ { "target_display_name": "Tier0-LR-1", "is_valid": true, "target_type": "LogicalRouter", "target_id": "b489b427-9f14-401e-81db-d1105a1917fe" } ], "is_default": false, "stateful": false, "rule_count": 0, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1445894033117, "_create_user": "admin", "_create_time": 1445894033107, "_revision": 1 } Required Permissions: crud Feature: service_insertion Additional Errors:

Delete an Existing Section and Its Associated Rules

Removes serviceinsertion section from the system. ServiceInsertion section with
rules can only be deleted by passing "cascade=true" parameter.
Request:
Method:
DELETE
URI Path:
/api/v1/serviceinsertion/sections/<section-id>
Request Headers:
n/a
Query Parameters:
ServiceInsertionSectionQueryParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/serviceinsertion/sections/65a60890-6f48-418d-a7d5-5aaf65fc4e5b Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Get an Existing Section

Returns information about serviceinsertion section for the identifier.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/sections/<section-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/sections/65a60890-6f48-418d-a7d5-5aaf65fc4e5b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionSection+

Example Response: { "resource_type": "ServiceInsertionSection", "description": "protects app VMs", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "app-serviceinsertion", "section_type": "L3REDIRECT", "applied_tos": [ { "target_display_name": "Tier0-LR-1", "is_valid": true, "target_type": "LogicalRouter", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "is_default": false, "stateful": false, "rule_count": 0, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1445894033107, "_create_user": "admin", "_create_time": 1445894033107, "_revision": 0 } Required Permissions: read Feature: service_insertion Additional Errors:

Get All the Rules for a Section

Return all serviceinsertion rule(s) information for a given serviceinsertion section.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/sections/<section-id>/rules
Request Headers:
n/a
Query Parameters:
ServiceInsertionListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/sections/16a93c39-5822-469e-b0be-70728153642e/rules?page_size=1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionRuleListResult+

Example Response: { "cursor": "003600000000-0000-0000-0000-0000000000022305843009213694015", "sort_by": "priority", "result_count": 2, "results": [ { "id": "111616", "display_name": "redirect-icmp", "section_id": "16a93c39-5822-469e-b0be-70728153642e", "notes": "", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "destinations": [ { "target_display_name": "app-switch", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" }, { "target_display_name": "web-switch", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "b489b427-9f14-401e-81db-d1105a1917fe" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "services": [ { "service": { "resource_type": "ICMPTypeNSService", "icmp_type": 8, "protocol": "ICMPv4", "icmp_code": 0 } } ], "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "REDIRECT", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 3 }, { "id": "2", "display_name": "00000000-0000-0000-0000-000000000002", "section_id": "16a93c39-5822-469e-b0be-70728153642e", "notes": "", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "REDIRECT", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 3 } ] } Required Permissions: read Feature: service_insertion Additional Errors:

Add a Single Rule in a Section

Adds a new serviceinsertion rule in existing serviceinsertion section.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/sections/<section-id>/rules
Request Headers:
n/a
Query Parameters:
ServiceInsertionInsertParameters+
Request Body:
ServiceInsertionRule+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/sections/2111d18f-27ba-4f19-a51d-2173c3972410/rules { "display_name": "L3 redirect rule1", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "serviceinstance-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "sources": [ { "target_display_name": "192.168.100.7", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.7" } ], "destinations": [ { "target_display_name": "192.168.100.8", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.8" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "REDIRECT", "sources_excluded": false, "disabled": false, "direction": "IN_OUT" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionRule+

Example Response: { "id": "1799168", "display_name": "L3 redirect rule1", "section_id": "2111d18f-27ba-4f19-a51d-2173c3972410", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "serviceinstance-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "sources": [ { "target_display_name": "192.168.100.7", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.7" } ], "destinations": [ { "target_display_name": "192.168.100.8", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.8" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "REDIRECT", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 0 } Required Permissions: crud Feature: service_insertion Additional Errors:

Read an Existing Rule

Return existing serviceinsertion rule information in a serviceinsertion section.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/sections/<section-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/sections/16a93c39-5822-469e-b0be-70728153642e/rules/111616 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionRule+

Example Response: { "id": "111616", "display_name": "redirect-icmp", "section_id": "16a93c39-5822-469e-b0be-70728153642e", "notes": "", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "destinations": [ { target_display_name": "app-switch", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" }, { "target_display_name": "web-switch", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "b489b427-9f14-401e-81db-d1105a1917fe" } ], "services": [ { "service": { "resource_type": "ICMPTypeNSService", "icmp_type": 8, "protocol": "ICMPv4", "icmp_code": 0 } } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "action":"REDIRECT", "direction":"IN_OUT", "_revision": 3 } Required Permissions: read Feature: service_insertion Additional Errors:

Update an Existing Rule

Modifies existing serviceinsertion rule in a serviceinsertion section.
Request:
Method:
PUT
URI Path:
/api/v1/serviceinsertion/sections/<section-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceInsertionRule+

Example Request: PUT https://<nsx-mgr>/api/v1/serviceinsertion/sections/2111d18f-27ba-4f19-a51d-2173c3972410/rules/7168 { "_revision": 1, "id": "7168", "display_name": "L3 redirect rule1", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "destinations": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action":"REDIRECT", "direction":"IN_OUT", "sources_excluded": false, "disabled": false } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionRule+

Example Response: { "id": "7168", "display_name": "L3 redirect rule2", "section_id": "2111d18f-27ba-4f19-a51d-2173c3972410", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "destinations": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action":"REDIRECT", "direction":"IN_OUT", "sources_excluded": false, "disabled": false, "_revision": 2 } Required Permissions: crud Feature: service_insertion Additional Errors:

Delete an Existing Rule

Delete existing serviceinsertion rule in a serviceinsertion section.
Request:
Method:
DELETE
URI Path:
/api/v1/serviceinsertion/sections/<section-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/serviceinsertion/sections/16a93c39-5822-469e-b0be-70728153642e/rules/111616 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Update an Existing Rule and Reorder the Rule

Modifies existing serviceinsertion rule along with relative position among
other serviceinsertion rules inside a serviceinsertion section.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/sections/<section-id>/rules/<rule-id>?action=revise
Request Headers:
n/a
Query Parameters:
ServiceInsertionInsertParameters+
Request Body:
ServiceInsertionRule+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/sections/2111d18f-27ba-4f19-a51d-2173c3972410/rules/7168?action=revise&operation=insert_bottom { "id": "7168", "display_name": "L3 redirect rule1", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "destinations": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action":"REDIRECT", "direction":"IN_OUT", "sources_excluded": false, "disabled": false, "_revision": 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionRule+

Example Response: { "id": "7168", "display_name": "L3 redirect rule1", "section_id": "2111d18f-27ba-4f19-a51d-2173c3972410", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "destinations": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action":"REDIRECT", "direction":"IN_OUT", "sources_excluded": false, "disabled": false, "_revision": 3 } Required Permissions: crud Feature: service_insertion Additional Errors:

Add Multiple Rules in a Section

Create multiple serviceinsertion rules in existing serviceinsertion section bounded by
limit of 1000 serviceinsertion rules per section.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/sections/<section-id>/rules?action=create_multiple
Request Headers:
n/a
Query Parameters:
ServiceInsertionInsertParameters+
Request Body:
ServiceInsertionRuleList+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/sections/2111d18f-27ba-4f19-a51d-2173c3972410/rules?action=create_multiple { "rules" : [ { "display_name": "L3 redirect rule1", "action":"REDIRECT", "direction":"IN_OUT", "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "sources": [ { "target_display_name": "192.168.100.7", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.7" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "destinations": [ { "target_display_name": "192.168.100.8", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.8" } ] }, { "display_name": "L3 redirect rule2", "action":"REDIRECT", "direction":"IN_OUT", "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "sources": [ { "target_display_name": "192.168.100.9", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.9" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "destinations": [ { "target_display_name": "192.168.100.9", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.9" } ] } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionRuleList+

Example Response: { "rules": [ { "id": "58368", "display_name": "L3 redirect rule1", "section_id": "2111d18f-27ba-4f19-a51d-2173c3972410", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "sources": [ { "target_display_name": "192.168.100.7", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.7" } ], "destinations": [ { "target_display_name": "192.168.100.8", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.8" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "sources_excluded": false, "disabled": false, "action":"REDIRECT", "direction":"IN_OUT", "_revision": 3 }, { "id": "715776", "display_name": "L3 redirect rule2", "section_id": "2111d18f-27ba-4f19-a51d-2173c3972410", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "sources": [ { "target_display_name": "192.168.100.9", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.9" } ], "destinations": [ { "target_display_name": "192.168.100.9", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.9" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "sources_excluded": false, "disabled": false, "action":"REDIRECT", "direction":"IN_OUT", "_revision": 3 } ] } Required Permissions: crud Feature: service_insertion Additional Errors:

Get an Existing Section, Including Rules

Returns serviceinsertion section information with rules for a section identifier.
When invoked on a section with a large number of rules, this API is supported
only at low rates of invocation (not more than 4-5 times per minute). The
typical latency of this API with about 1024 rules is about 4-5 seconds. This
API should not be invoked with large payloads at automation speeds. More than
50 rules are not supported.

Instead, to read serviceinsertion rules, use:
GET /api/v1/serviceinsertion/sections/<section-id>/rules with the appropriate
page_size.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/sections/<section-id>?action=list_with_rules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/sections/65a60890-6f48-418d-a7d5-5aaf65fc4e5b?action=list_with_rules Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionSectionRuleList+

Example Response: { "resource_type": "ServiceInsertionSectionRuleList", "description": "protects app VMs", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "app-serviceinsertion", "section_type": "L3REDIRECT", "is_default": false, "stateful": false, "rule_count": 1, "rules": [ { "id": "1932288", "display_name": "block ftp", "section_id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "notes": "", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "services": [ { "service": { "resource_type": "ALGTypeNSService", "destination_ports": [ "21" ], "source_ports": [], "alg": "FTP" } } ], "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "REJECT", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 1 } ], "_last_modified_user": "admin", "_last_modified_time": 1445912484450, "_revision": 1 } Required Permissions: read Feature: service_insertion Additional Errors:

Update an Existing Section, Including Its Position

Modifies an existing serviceinsertion section along with its relative position
among other serviceinsertion sections in the system.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/sections/<section-id>?action=revise
Request Headers:
n/a
Query Parameters:
ServiceInsertionInsertParameters+
Request Body:
ServiceInsertionSection+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/sections/2111d18f-27ba-4f19-a51d-2173c3972410?action=revise&operation=insert_before&id=79b29ea5-051a-4ab2-af85-fb6520a9f881 { "resource_type": "ServiceInsertionSection", "id": "2111d18f-27ba-4f19-a51d-2173c3972410", "display_name": "L3 Redirect Section with Rules", "section_type": "L3REDIRECT", "applied_tos": [ { "target_display_name": "Tier0-LR-1", "is_valid": true, "target_type": "LogicalRouter", "target_id": "b489b427-9f14-401e-81db-d1105a1917fe" } ], "stateful": false, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionSection+

Example Response: { "resource_type": "ServiceInsertionSection", "id": "2111d18f-27ba-4f19-a51d-2173c3972410", "display_name": "L3 Redirect Section with Rules", "section_type": "L3REDIRECT", "applied_tos": [ { "target_display_name": "Tier0-LR-1", "is_valid": true, "target_type": "LogicalRouter", "target_id": "b489b427-9f14-401e-81db-d1105a1917fe" } ], "is_default": false, "stateful": false, "rule_count": 1, "_create_time": 1446241866925, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1446241866925, "_create_user": "admin", "_revision": 1 } Required Permissions: crud Feature: service_insertion Additional Errors:

Update an Existing Section with Rules

Modifies an existing serviceinsertion section along with its relative position
among other serviceinsertion sections with rules. When invoked on a large number
of rules, this API is supported only at low rates of invocation (not more
than 2 times per minute). The typical latency of this API with about 1024
rules is about 15 seconds in a cluster setup. This API should not be
invoked with large payloads at automation speeds.

Instead, to move a section above or below another section, use:
POST /api/v1/serviceinsertion/sections/<section-id>?action=revise

To modify rules, use:
PUT /api/v1/serviceinsertion/sections/<section-id>/rules/<rule-id>
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/sections/<section-id>?action=revise_with_rules
Request Headers:
n/a
Query Parameters:
ServiceInsertionInsertParameters+
Request Body:
ServiceInsertionSectionRuleList+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/sections/2111d18f-27ba-4f19-a51d-2173c3972410?action=revise_with_rules&operation=insert_after&id=79b29ea5-051a-4ab2-af85-fb6520a9f881 { "section_type":"L3REDIRECT", "id": "2111d18f-27ba-4f19-a51d-2173c3972410", "display_name":"another L3 Redirect Section with Rules", "stateful":false, "applied_tos": [ { "target_display_name": "Tier0-LR-1", "is_valid": true, "target_type": "LogicalRouter", "target_id": "b489b427-9f14-401e-81db-d1105a1917fe" } ], "rules":[ { "display_name": "L3 redirect rule1", "action":"ALLOW", "direction":"IN_OUT", "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "destinations": [ { "target_display_name": "192.168.100.6", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.6" } ] } ] } example_response: | { "resource_type": "ServiceInsertionSectionRuleList", "id": "2111d18f-27ba-4f19-a51d-2173c3972410", "display_name": "Another L3 Redirect Section with Rules", "section_type": "L3REDIRECT", "is_default": false, "stateful": false, "applied_tos": [ { "target_display_name": "Tier0-LR-1", "is_valid": true, "target_type": "LogicalRouter", "target_id": "b489b427-9f14-401e-81db-d1105a1917fe" } ], "rule_count": 1, "rules": [ { "id": "7168", "display_name": "L3 redirect rule1", "section_id": "2111d18f-27ba-4f19-a51d-2173c3972410", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "destinations": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "REDIRECT", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 1 } ], "_last_modified_user": "admin", "_last_modified_time": 1446245476635, "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionSectionRuleList+

Required Permissions: crud Feature: service_insertion Additional Errors:

Update an Existing Section, Including Its Rules

Modifies existing serviceinsertion section along with its association with rules.
When invoked on a large number of rules, this API is supported only at low
rates of invocation (not more than 2 times per minute). The typical latency
of this API with about 1024 rules is about 15 seconds in a cluster setup.
This API should not be invoked with large payloads at automation speeds.

Instead, to update rule content, use:
PUT /api/v1/serviceinsertion/sections/<section-id>/rules/<rule-id>
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/sections/<section-id>?action=update_with_rules
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceInsertionSectionRuleList+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/sections/79b29ea5-051a-4ab2-af85-fb6520a9f881?action=update_with_rules { "resource_type": "ServiceInsertionSection", "description": "Section containing Service Insertion Rules", "id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "display_name": "my section", "tags": [], "section_type": "L3REDIRECT", "is_default": false, "stateful": false, "rules": [ { "id": "1639424", "display_name": "my best rule", "notes": "This is my note", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "serviceinstance-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "sources": [ { "target_display_name": "192.168.200.2", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.200.2" } ], "destinations": [ { "target_display_name": "192.168.200.3", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.200.3" } ], "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionSectionRuleList+

Example Response: { "resource_type": "ServiceInsertionSectionRuleList", "description": "Service Insertion Rules List", "id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "display_name": "my section", "tags": [], "section_type": "L3REDIRECT", "is_default": false, "stateful": false, "rule_count": 1, "rules": [ { "id": "1639424", "display_name": "my best rule", "section_id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "notes": "This is my note", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "serviceinstance-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "sources": [ { "target_display_name": "192.168.200.2", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.200.2" } ], "destinations": [ { "target_display_name": "192.168.200.3", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.200.3" } ], "ip_protocol": "IPV4_IPV6", "rule_tag": "", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 2 } ], "_last_modified_user": "admin", "_last_modified_time": 1446249271991, "_revision": 2 } Required Permissions: crud Feature: service_insertion Additional Errors:

Create a Section with Rules

Creates a new serviceinsertion section with rules. The limit on the number of
rules is defined by maxItems in collection types for ServiceInsertionRule
(ServiceInsertionRuleXXXList types). When invoked on a section with a large number
of rules, this API is supported only at low rates of invocation (not more
than 4-5 times per minute). The typical latency of this API with about 1024
rules is about 4-5 seconds. This API should not be invoked with large
payloads at automation speeds. More than 50 rules are not supported.

Instead, to create sections, use:
POST /api/v1/serviceinsertion/sections

To create rules, use:
POST /api/v1/serviceinsertion/sections/<section-id>/rules
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/sections?action=create_with_rules
Request Headers:
n/a
Query Parameters:
ServiceInsertionInsertParameters+
Request Body:
ServiceInsertionSectionRuleList+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/sections?action=create_with_rules&operation=insert_bottom { "section_type":"L3REDIRECT", "display_name":"another L3 Redirect Section with Rules", "stateful":false, "applied_tos": [ { "target_display_name": "Tier0-LR-1", "is_valid": true, "target_type": "LogicalRouter", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "rules":[ { "display_name": "L3 redirect rule1", "action":"ALLOW", "direction":"IN_OUT", "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "destinations": [ { "target_display_name": "192.168.100.6", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ] } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionSectionRuleList+

Example Response: { "resource_type": "ServiceInsertionSectionRuleList", "id": "3222f90e-921c-46ea-be64-99b1c0c51838", "display_name":"another L3 Redirect Section with Rules", "section_type": "L3REDIRECT", "is_default": false, "stateful": false, "rule_count": 1, "applied_tos": [ { "target_display_name": "Tier0-LR-1", "is_valid": true, "target_type": "LogicalRouter", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "rules": [ { "id": "1430528", "display_name": "L3 redirect rule1", "section_id": "3222f90e-921c-46ea-be64-99b1c0c51838", "destinations_excluded": false, "redirect_tos": [ { "target_display_name": "service-1", "is_valid": true, "target_type": "ServiceInstance", "target_id": "1d9fb5cb-0344-4d7f-899a-afd93276899f" } ], "sources": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "applied_tos": [ { "target_display_name": "plr1_uplink1", "is_valid": true, "target_type": "LogicalRouterPort", "target_id": "bd91fc7f-cd76-438b-8d4f-21dbdc707af7" } ], "destinations": [ { "target_display_name": "192.168.100.5", "is_valid": true, "target_type": "IPv4Address", "target_id": "192.168.100.5" } ], "ip_protocol": "IPV4_IPV6", "logged": false, "action": "ALLOW", "sources_excluded": false, "disabled": false, "direction": "IN_OUT", "_revision": 0 } ], "_create_time": 1446242294559, "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1446242294559, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: service_insertion Additional Errors:

Get all service attachments.

Returns all Service-Attachement(s) present in the system.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/service-attachments
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/service-attachments Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceAttachmentListResult+

Example Response: { "result_count": 2, "results": [{ "resource_type": "ServiceAttachment", "id": "01dfa028-bc90-4be4-bda1-a98b4eb65abc", "display_name": "North-South Service Attachment", "deployed_to": { "target_display_name": "T0_LR", "target_type": "LogicalRouter", "target_id": "d0ceab3f-866b-42d5-a67a-0eedbe604d35" }, "attachment_status": "UP", "logical_switch": { "target_display_name": "b7f69e2c-f42f-4fee-9313-c486b35a6d41", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "b7f69e2c-f42f-4fee-9313-c486b35a6d41" }, "service_port": { "target_display_name": "aaa69e2c-vvvf-4fee-9313-c486b35a6ddd", "is_valid": true, "target_type": "LogicalRouterCentralizedServicePort", "target_id": "aaa69e2c-vvvf-4fee-9313-c486b35a6ddd" }, "local_ips": [{ "ip_addresses": [ "192.168.100.2" ], "prefix_length": 24 }] }, { "attachment_status": "UP", "deployed_to": { "target_id": "f0aa541a-d6a5-432e-9ef7-352ef994b8d0", "target_display_name": "f0aa541a-d6a5-432e-9ef7-352ef994b8d0", "target_type": "TransportZone" }, "logical_switch": { "target_id": "02925875-914c-4960-a9ac-92e3273967af", "target_display_name": "02925875-914c-4960-a9ac-92e3273967af", "target_type": "LogicalSwitch" }, "resource_type": "ServiceAttachment", "id": "7a985edb-fa65-4868-b324-617ffa445401", "display_name": "East-West Service Attachment", "_create_user": "admin", "_create_time": 1546634214923, "_last_modified_user": "admin", "_last_modified_time": 1546634214923, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: service_insertion Additional Errors:

Add a Service Attachment.

Adds a new Service attachment. A service attachment represents a point
on NSX entity (Example: Logical Router) to which service instance can be
connected through an InstanceEndpoint.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/service-attachments
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceAttachment+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/service-attachments { "display_name": "Service Attachment 1", "deployed_to": { "target_display_name": "T0_LR", "target_type": "LogicalRouter", "target_id": "d0ceab3f-866b-42d5-a67a-0eedbe604d35" }, "attachment_status": "UP", "local_ips": [ { "ip_addresses": [ "192.168.100.2" ], "prefix_length": 24 } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceAttachment+

Example Response: { "resource_type": "ServiceAttachment", "id": "01dfa028-bc90-4be4-bda1-a98b4eb65abc", "display_name": "Service Attachment 1", "deployed_to": { "target_display_name": "T0_LR", "target_type": "LogicalRouter", "target_id": "d0ceab3f-866b-42d5-a67a-0eedbe604d35" }, "attachment_status": "UP", "logical_switch": { "target_display_name": "b7f69e2c-f42f-4fee-9313-c486b35a6d41", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "b7f69e2c-f42f-4fee-9313-c486b35a6d41" }, "service_port": { "target_display_name": "aaa69e2c-vvvf-4fee-9313-c486b35a6ddd", "is_valid": true, "target_type": "LogicalRouterCentralizedServicePort", "target_id": "aaa69e2c-vvvf-4fee-9313-c486b35a6ddd" }, "local_ips": [ { "ip_addresses": [ "192.168.100.2" ], "prefix_length": 24 } ] } Required Permissions: crud Feature: service_insertion Additional Errors:

Get a particular service attachment.

Returns detailed Attachment information for a given service attachment.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/service-attachments/<service-attachment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/service-attachments/01dfa028-bc90-4be4-bda1-a98b4eb65abc Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceAttachment+

Example Response: { "resource_type": "ServiceAttachment", "id": "01dfa028-bc90-4be4-bda1-a98b4eb65abc", "display_name": "Service Attachment 1", "deployed_to": { "target_display_name": "T0_LR", "target_type": "LogicalRouter", "target_id": "d0ceab3f-866b-42d5-a67a-0eedbe604d35" }, "attachment_status": "UP", "logical_switch": { "target_display_name": "b7f69e2c-f42f-4fee-9313-c486b35a6d41", "is_valid": true, "target_type": "LogicalSwitch", "target_id": "b7f69e2c-f42f-4fee-9313-c486b35a6d41" }, "service_port": { "target_display_name": "aaa69e2c-vvvf-4fee-9313-c486b35a6ddd", "is_valid": true, "target_type": "LogicalRouterCentralizedServicePort", "target_id": "aaa69e2c-vvvf-4fee-9313-c486b35a6ddd" }, "local_ips": [ { "ip_addresses": [ "192.168.100.2" ], "prefix_length": 24 } ] } Required Permissions: read Feature: service_insertion Additional Errors:

Delete an existing service attachment

Delete existing service attachment from system.
Before deletion, please make sure that, no instance endpoints are connected
to this attachment. In turn no appliance should be connected to this attachment.
Request:
Method:
DELETE
URI Path:
/api/v1/serviceinsertion/service-attachments/<service-attachment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/serviceinsertion/service-attachments/01dfa028-bc90-4be4-bda1-a98b4eb65abc Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Add Service Chain

Adds a new service chain. Service Chains is can contain profile belonging
to same or different Service(s). It represents a redirection target for a Rule.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/service-chains
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceChain+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/service-chains { "display_name": "ServiceChain1", "description": "SC for East-West Service Insertion", "on_failure_policy": "ALLOW", "path_selection_policy": "LOCAL", "service_attachments": [{ "target_display_name": "SA1", "target_type": "ServiceAttachment", "target_id": "0e982c85-4212-4780-b402-b51a92c8f82f" }], "forward_path_service_profiles": [{ "target_display_name": "SP1", "target_type": "abc", "target_id": "e871abac-c654-430b-b5d5-955cc1894e7f" }], "reverse_path_service_profiles": [{ "target_display_name": "SP1", "target_type": "ServiceProfile", "target_id": "e871abac-c654-430b-b5d5-955cc1894e7f" }] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceChain+

Example Response: { "service_attachments": [ { "target_id": "7a985edb-fa65-4868-b324-617ffa445401", "target_display_name": "7a985edb-fa65-4868-b324-617ffa445401", "target_type": "ServiceAttachment" } ], "forward_path_service_profiles": [ { "target_id": "38b87e06-cb4d-4568-9be0-59be8ab12df9", "target_display_name": "38b87e06-cb4d-4568-9be0-59be8ab12df9", "target_type": "ServiceProfile" } ], "reverse_path_service_profiles": [ { "target_id": "38b87e06-cb4d-4568-9be0-59be8ab12df9", "target_display_name": "38b87e06-cb4d-4568-9be0-59be8ab12df9", "target_type": "ServiceProfile" } ], "service_chain_id": "1", "on_failure_policy": "ALLOW", "path_selection_policy": "LOCAL", "resource_type": "ServiceChain", "id": "4427205b-689d-453e-8644-c6db96f9f53a", "display_name": "ServiceChain1", "description": "SC for East-West Service Insertion", "_create_user": "admin", "_create_time": 1546634221612, "_last_modified_user": "admin", "_last_modified_time": 1546634221612, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: service_insertion Additional Errors:

List all ServiceChains.

List all service chains in the system.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/service-chains
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/service-chains Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceChainListResult+

Example Response: { "results": [ { "service_attachments": [ { "target_id": "7a985edb-fa65-4868-b324-617ffa445401", "target_display_name": "7a985edb-fa65-4868-b324-617ffa445401", "target_type": "ServiceAttachment" } ], "forward_path_service_profiles": [ { "target_id": "38b87e06-cb4d-4568-9be0-59be8ab12df9", "target_display_name": "38b87e06-cb4d-4568-9be0-59be8ab12df9", "target_type": "ServiceProfile" } ], "reverse_path_service_profiles": [ { "target_id": "38b87e06-cb4d-4568-9be0-59be8ab12df9", "target_display_name": "38b87e06-cb4d-4568-9be0-59be8ab12df9", "target_type": "ServiceProfile" } ], "service_chain_id": "1", "on_failure_policy": "ALLOW", "path_selection_policy": "LOCAL", "resource_type": "ServiceChain", "id": "4427205b-689d-453e-8644-c6db96f9f53a", "display_name": "ServiceChain1", "description": "ABC Company Service Chain 1", "_create_user": "admin", "_create_time": 1546634221612, "_last_modified_user": "admin", "_last_modified_time": 1546634221612, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 1 } Required Permissions: read Feature: service_insertion Additional Errors:

Delete a Service Chain.

Delete a particular service chain.
Request:
Method:
DELETE
URI Path:
/api/v1/serviceinsertion/service-chains/<service-chain-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/serviceinsertion/service-chains/4427205b-689d-453e-8644-c6db96f9f53a Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Get a particular service chain.

Returns detailed service chain information.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/service-chains/<service-chain-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/service-chains/4427205b-689d-453e-8644-c6db96f9f53a Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceChain+

Example Response: { "service_attachments": [ { "target_id": "7a985edb-fa65-4868-b324-617ffa445401", "target_display_name": "7a985edb-fa65-4868-b324-617ffa445401", "target_type": "ServiceAttachment" } ], "forward_path_service_profiles": [ { "target_id": "38b87e06-cb4d-4568-9be0-59be8ab12df9", "target_display_name": "38b87e06-cb4d-4568-9be0-59be8ab12df9", "target_type": "ServiceProfile" } ], "reverse_path_service_profiles": [ { "target_id": "38b87e06-cb4d-4568-9be0-59be8ab12df9", "target_display_name": "38b87e06-cb4d-4568-9be0-59be8ab12df9", "target_type": "ServiceProfile" } ], "service_chain_id": "1", "on_failure_policy": "ALLOW", "path_selection_policy": "LOCAL", "resource_type": "ServiceChain", "id": "4427205b-689d-453e-8644-c6db96f9f53a", "display_name": "ServiceChain1", "description": "ABC Company Service Chain 1", "_create_user": "admin", "_create_time": 1546634221612, "_last_modified_user": "admin", "_last_modified_time": 1546634221612, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: service_insertion Additional Errors:

List all service paths

List all service paths for the given service chain for the given service chain id
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/service-chains/<service-chain-id>/service-paths
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/service-chains/4427205b-689d-453e-8644-c6db96f9f53a/service-paths Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServicePathListResult+

Example Response: { "results": [ { "forward_path": [ { "unidir_service_path_id": 11, "host_cross_count": 0, "is_active": true, "in_maintenance_mode": false, "hops": [ { "mac_address":"02:50:56:56:44:52", "vif": "f18c629b-1037-4d16-98b3-fdfb5ce8534d", "is_active_from_mp": true, "in_maintenance_mode": false, "is_active_from_dp": true, "is_active_from_ccp": true, "nsh_liveness_support": true, "can_decrement_si": true, "action": "COPY", } ] } ], "reverse_path": [ { "unidir_service_path_id": 12, "host_cross_count": 0, "is_active": true, "in_maintenance_mode": false, "hops": [ { "mac_address":"02:50:56:56:44:52", "vif": "f18c629b-1037-4d16-98b3-fdfb5ce8534d", "is_active_from_mp": true, "in_maintenance_mode": false, "is_active_from_dp": true, "is_active_from_ccp": true, "nsh_liveness_support": true, "can_decrement_si": true, "action": "COPY", } ] } ], "service_path_id": 1001, "service_chain_uuid": "4427205b-689d-453e-8644-c6db96f9f53a", "service_chain_id": 1 } ], "result_count": 1 } Required Permissions: read Feature: service_insertion Additional Errors:

Get all Service-Instances present in system

Returns all Service-Instance(s) of all Services present in system.
When request parameter (deployed_to or service_deployment_id) is provided as a part of request,
it will filter out Service-Instances accordingly.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/service-instances
Request Headers:
n/a
Query Parameters:
ServiceInstanceQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/service-instances?deployed_to=ea9ae885-d3ec-4acc-8194-d5d96dc569cd Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInstanceListResult+

Example Response: { "result_count": 1, "results": [{ "resource_type": "ServiceInstance", "description": "This Service Instance is deployed at T0 router", "id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "display_name": "NS Service_Instance_for_ABC", "attachment_point": "TIER0_LR", "deployed_to": [{ "is_valid": true, "target_display_name": "Active-LR", "target_id": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd", "target_type": "LogicalRouter" }], "deployment_mode": "STAND_ALONE", "deployment_spec_name": "NS_DepSpec", "implementation_type": "NORTH_SOUTH", "instance_deployment_config": { "compute_id": "domain-c8", "context_id": "44a18335-e72d-4c77-a0b1-7a922c5e086c", "storage_id": "datastore-12", "vm_nic_infos": [{ "nic_infos": [{ "ip_address": "10.33.79.64", "gateway_address": "10.33.79.66", "subnet_mask": "255.255.255.252", "network_id": "network-16", "nic_metadata": { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" } } ] }] }, "on_failure_policy": "ALLOW", "service_id": "aaaaaaaa-d7dc-4b62-94ef-3a02bb2bf2c0", "transport_type": "L2_BRIDGE", "instance_deployment_template": { "name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "ABC_HA_License", "value": "eiou14345u897lihs23!" }] }, "_create_user": "admin", "_create_time": 1525889020946, "_last_modified_user": "admin", "_last_modified_time": 1525889125046, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 }] } Required Permissions: read Feature: service_insertion Additional Errors:

List service managers

List all service managers.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/service-managers
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/service-managers Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceManagerListResult+

Example Response: { "result_count": 2, "results": [ { "resource_type": "ServiceManager", "id": "34ab3b14-5b73-424b-b521-6d1cabd7c151", "display_name": "SampleVendor Antivirus1", "vendor_id": "SampleVendor1234", "service_ids": [ { "target_display_name": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd", "target_type": "ServiceDefinition", "target_id": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd" } ], "server": "10.0.0.1", "port": 12345, "uri": "/nsx-notifications", "authentication_scheme": { "scheme_name": CERTIFICATE, "certificate_id": "5e1a209d-5319-4342-9222-8809499c4927" }, "thumbprint": "0a8b3a7062e4c1405623a2365d56d63a83c890617234222c0b0dd8a6152ddf0d", "_create_time": 1530770939580, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_create_user": "admin", "_last_modified_time": 1530770939580, "_revision": 1 }, { "resource_type": "ServiceManager", "id": "0a590af7-9913-4a99-84c6-b873d6ff0445", "display_name": "SampleVendor Antivirus2", "vendor_id": "SampleVendor2345", "service_ids": [ { "target_display_name": "aaaaaaaa-d3ec-4acc-8194-d5d96dc5bbbb", "target_type": "ServiceDefinition", "target_id": "aaaaaaaa-d3ec-4acc-8194-d5d96dcbbbb" } ], "server": "20.0.0.1", "port": 12345, "uri": "/api/?type=plugin&plugin=vmware_nsx", "authentication_scheme": { "scheme_name": BASIC_AUTH, "username": "nsx_notification_user" }, "thumbprint": "aaaa3a7062e4c1405623a2365d56d63a83c890617234222c0b0dd8a6152dcccc", "_create_time": 1130770939555, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_create_user": "admin", "_last_modified_time": 1530770939566, "_revision": 1 } ] } Required Permissions: crud Feature: service_insertion Additional Errors:

Register service manager

Register service-manager with NSX with basic details like name, username, password. Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/service-managers
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceManager+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/service-managers { "display_name":"SampleVendor Antivirus", "vendor_id":"SampleVendor1234", "service_ids": [{ "target_id": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd", "target_type": "ServiceDefinition" }], "server": "10.0.0.1", "uri": "/nsx-notifications", "port": 12345, "authentication_scheme": { "scheme_name": CERTIFICATE, "certificate_id": "5e1a209d-5319-4342-9222-8809499c4927" }, "thumbprint":"0a8b3a7062e4c1405623a2365d56d63a83c890617234222c0b0dd8a6152ddf0d" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ServiceManager+

Example Response: { "resource_type": "ServiceManager", "id": "34ab3b14-5b73-424b-b521-6d1cabd7c151", "display_name": "SampleVendor Antivirus", "vendor_id": "SampleVendor1234", "service_ids": [ { "target_display_name": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd", "target_type": "ServiceDefinition", "target_id": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd" } ], "server": "10.0.0.1", "port": 12345, "uri": "/nsx-notifications", "authentication_scheme": { "scheme_name": CERTIFICATE, "certificate_id": "5e1a209d-5319-4342-9222-8809499c4927" }, "thumbprint": "0a8b3a7062e4c1405623a2365d56d63a83c890617234222c0b0dd8a6152ddf0d", "_create_time": 1530770939580, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_create_user": "admin", "_last_modified_time": 1530770939580, "_revision": 0 } Required Permissions: crud Feature: service_insertion Additional Errors:

Get service manager

Retrieve service-manager details like name, username, password, vendor ID, thumbprint for a given ID. Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/service-managers/<service-manager-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/service-managers/34ab3b14-5b73-424b-b521-6d1cabd7c151 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceManager+

Example Response: { "resource_type": "ServiceManager", "id": "34ab3b14-5b73-424b-b521-6d1cabd7c151", "display_name": "SampleVendor Antivirus", "vendor_id": "SampleVendor1234", "service_ids": [ { "target_display_name": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd", "target_type": "ServiceDefinition", "target_id": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd" } ], "server": "10.0.0.1", "port": 12345, "uri": "/nsx-notifications", "authentication_scheme": { "scheme_name": CERTIFICATE, "certificate_id": "5e1a209d-5319-4342-9222-8809499c4927" }, "thumbprint": "0a8b3a7062e4c1405623a2365d56d63a83c890617234222c0b0dd8a6152ddf0d", "_create_time": 1530770939580, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_create_user": "admin", "_last_modified_time": 1530770939345, "_revision": 1 } Required Permissions: crud Feature: service_insertion Additional Errors:

Update service manager

Update service-manager which is registered with NSX with basic details like name, username, password. Request:
Method:
PUT
URI Path:
/api/v1/serviceinsertion/service-managers/<service-manager-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceManager+

Example Request: PUT https://<nsx-mgr>/api/v1/serviceinsertion/service-managers/34ab3b14-5b73-424b-b521-6d1cabd7c151 { "display_name":"SampleVendor Antivirus", "vendor_id":"SampleVendor1234", "service_ids": [{ "target_id": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd", "target_type": "ServiceDefinition" }], "server": "10.0.0.1", "port": 12345, "uri": "/nsx-notifications", "authentication_scheme": { "scheme_name": CERTIFICATE, "certificate_id": "5e1a209d-5319-4342-9222-8809499c4927" }, "thumbprint":"0a8b3a7062e4c1405623a2365d56d63a83c890617234222c0b0dd8a6152ddf0d" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceManager+

Example Response: { "resource_type": "ServiceManager", "id": "34ab3b14-5b73-424b-b521-6d1cabd7c151", "display_name": "SampleVendor Antivirus", "vendor_id": "SampleVendor1234", "service_ids": [ { "target_display_name": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd", "target_type": "ServiceDefinition", "target_id": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd" } ], "server": "10.0.0.1", "port": 12345, "uri": "/nsx-notifications", "authentication_scheme": { "scheme_name": CERTIFICATE, "certificate_id": "5e1a209d-5319-4342-9222-8809499c4927" }, "thumbprint": "0a8b3a7062e4c1405623a2365d56d63a83c890617234222c0b0dd8a6152ddf0d", "_create_time": 1530770939580, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_create_user": "admin", "_last_modified_time": 1530770939345, "_revision": 1 } Required Permissions: crud Feature: service_insertion Additional Errors:

Delete service manager

Delete service-manager which is registered with NSX with basic details like name, username, password. Request:
Method:
DELETE
URI Path:
/api/v1/serviceinsertion/service-managers/<service-manager-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/serviceinsertion/service-managers/c0a19590-0f59-4f34-be50-e994acb0bbc0 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Create a Service-Insertion Service

Creates new Service-Insertion Service in the system.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/services
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceDefinition+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/services { "display_name": "NS Service for ABC partner", "description": "This service is inserted at T0 router and it provides advanced security", "attachment_point": [ "TIER0_LR" ], "functionalities": [ "NG_FW" ], "implementations": [ "NORTH_SOUTH" ], "transports": [ "L2_BRIDGE" ], "vendor_id": "ABC_Partner", "on_failure_policy": "ALLOW", "service_deployment_spec": { "deployment_specs": [{ "ovf_url": "http://server.com/dir1/ABC-Company-HA-OVF/ABC-VM-ESX-2.0.ovf", "name": "NS_DepSpec", "host_type": "ESXI", "service_form_factor": "MEDIUM" }], "nic_metadata_list": [ { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT" }, { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" }, { "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" } ], "deployment_template": [{ "name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "LicenseKey" }] }] } } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ServiceDefinition+

Example Response: { "resource_type": "ServiceDefinition", "description": "This service is inserted at T0 router and it provides advanced security", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "NS Service for ABC partner", "attachment_point": [ "TIER0_LR" ], "transports": [ "L2_BRIDGE" ], "functionalities": [ "NG_FW" ], "vendor_id": "ABC_Partner", "on_failure_policy": "ALLOW", "service_deployment_spec": { "deployment_specs": [{ "ovf_url": "http://server.com/dir1/ABC-Company-HA-OVF/ABC-VM-ESX-2.0.ovf", "name": "NS_DepSpec", "host_type": "ESXI", "service_form_factor": "MEDIUM" }], "nic_metadata_list": [{ "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" }, { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT" }, { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" } ], "deployment_template": [{ "name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "LicnseKey" }] }] }, "implementations": [ "NORTH_SOUTH" ], "_create_user": "admin", "_create_time": 1525889017742, "_last_modified_user": "admin", "_last_modified_time": 1525889017742, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: service_insertion Additional Errors:

List all Service-Insertion Services.

List all Service-Insertion Service Definitions.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionServiceListResult+

Example Response: { "result_count": 3, "results": [{ "functionalities": [ "NG_FW", "BYOD" ], "implementations": [ "NORTH_SOUTH" ], "attachment_point": [ "TIER0_LR" ], "transports": [ "L2_BRIDGE" ], "on_failure_policy": "BLOCK", "vendor_id": "Byod_Service", "resource_type": "ServiceDefinition", "id": "7bf17cb6-cd8f-440f-b1e9-3abdc1375501", "display_name": "NS Byod Service", "description": "This is NorthSouth BYOD Service", "_create_user": "admin", "_create_time": 1546981298714, "_last_modified_user": "admin", "_last_modified_time": 1546981298714, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "ServiceDefinition", "description": "This service is inserted at T0 router and it provides advanced security", "id": "8c3ba6b6-5b64-45ed-8d62-8168b2106c99", "display_name": "NS Service", "attachment_point": [ "TIER0_LR" ], "transports": [ "L2_BRIDGE" ], "functionalities": [ "NG_FW" ], "vendor_id": "ABC_Service", "on_failure_policy": "ALLOW", "service_deployment_spec": { "deployment_specs": [{ "ovf_url": "http://server.com/dir2/ABC_Company-HA-OVF/ABC-VM-ESX-3.0.ovf", "name": "NS_DepSpec", "host_type": "ESXI", "service_form_factor": "MEDIUM" }], "nic_metadata_list": [{ "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" }, { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT" }, { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" }, { "interface_label": "eth", "interface_index": 3, "interface_type": "HA1" }, { "interface_label": "eth", "interface_index": 4, "interface_type": "HA2" } ], "deployment_template": [{ "name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "LicnseKey" }] }] }, "implementations": [ "NORTH_SOUTH" ], "_create_user": "admin", "_create_time": 1525889017742, "_last_modified_user": "admin", "_last_modified_time": 1525889017742, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "functionalities": [ "NG_FW" ], "implementations": [ "EAST_WEST" ], "attachment_point": [ "SERVICE_PLANE" ], "transports": [ "NSH" ], "service_capability": { "nsh_liveness_support_enabled": true, "can_decrement_si": true }, "on_failure_policy": "BLOCK", "service_deployment_spec": { "deployment_template": [{ "name": "EW_DepTemp", "attributes": [{ "key": "LicnseKey", "display_name": "License", "attribute_type": "STRING" }] }], "deployment_specs": [{ "name": "EW_DepSpec", "ovf_url": "http://server.com/dir2/XYZ_Company-HA-OVF/XYZ-VM-ESX-3.0.ovf", "host_type": "ESXI", "service_form_factor": "MEDIUM" }], "nic_metadata_list": [{ "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT", "user_configurable": true }, { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" } ] }, "vendor_id": "XYZ_Service", "resource_type": "ServiceDefinition", "id": "103ca1c3-ef39-4473-aaec-9a8d764a9392", "display_name": "EW Service_Insertion", "description": "This is East West Service Insertion", "_create_user": "admin", "_create_time": 1546634193749, "_last_modified_user": "admin", "_last_modified_time": 1546634193749, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: service_insertion Additional Errors:

Get an existing Service

Returns information about Service-Insertion Service with the given identifier.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65fc4e5b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceDefinition+

Example Response: { "resource_type": "ServiceDefinition", "description": "This service is inserted at T0 router and it provides advanced security", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "NS Service for ABC partner", "attachment_point": [ "TIER0_LR" ], "transports": [ "L2_BRIDGE" ], "functionalities": [ "NG_FW" ], "vendor_id": "ABC_Partner", "on_failure_policy": "ALLOW", "service_deployment_spec": { "deployment_specs": [{ "ovf_url": "http://server.com/dir1/ABC-Company-HA-OVF/ABC-VM-ESX-2.0.ovf", "name": "NS_DepSpec", "host_type": "ESXI", "service_form_factor": "MEDIUM" }], "nic_metadata_list": [{ "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" }, { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT" }, { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" } ], "deployment_template": [{ "name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "LicnseKey" }] }] }, "implementations": [ "NORTH_SOUTH" ], "_create_user": "admin", "_create_time": 1525889017742, "_last_modified_user": "admin", "_last_modified_time": 1525889017742, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } } Required Permissions: read Feature: service_insertion Additional Errors:

Delete an existing Service and the Service-Instance associated with it.

Removes Service-Insertion Service from the system. A Service with
Service-Instances can only be deleted by passing "cascade=true" parameter.
Request:
Method:
DELETE
URI Path:
/api/v1/serviceinsertion/services/<service-id>
Request Headers:
n/a
Query Parameters:
ServiceInsertionDeleteParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65fc4e5b Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Update an existing Service

Modifies the specified Service.
Request:
Method:
PUT
URI Path:
/api/v1/serviceinsertion/services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceDefinition+

Example Request: PUT https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65fc4e5b { "resource_type": "ServiceDefinition", "description": "This service is inserted at T0 router and it provides advanced security", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "NS Service for ABC partner", "attachment_point": [ "TIER0_LR" ], "transports": [ "L2_BRIDGE" ], "functionalities": [ "NG_FW" ], "vendor_id": "ABC_Partner", "on_failure_policy": "BLOCK", "service_deployment_spec": { "deployment_specs": [{ "ovf_url": "http://server.com/dir1/ABC-Company-HA-OVF/ABC-VM-ESX-2.0.ovf", "name": "NS_DepSpec", "host_type": "ESXI", "service_form_factor": "MEDIUM" }], "nic_metadata_list": [{ "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" }, { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT" }, { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" } ], "deployment_template": [{ "name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "LicnseKey" }] }] }, "implementations": [ "NORTH_SOUTH" ], "_create_user": "admin", "_create_time": 1525889017742, "_last_modified_user": "admin", "_last_modified_time": 1525889017742, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceDefinition+

Example Response: { "resource_type": "ServiceDefinition", "description": "This service is inserted at T0 router and it provides advanced security", "id": "65a60890-6f48-418d-a7d5-5aaf65fc4e5b", "display_name": "NS Service for ABC partner", "attachment_point": [ "TIER0_LR" ], "transports": [ "L2_BRIDGE" ], "functionalities": [ "NG_FW" ], "vendor_id": "ABC_Partner", "on_failure_policy": "BLOCK", "service_deployment_spec": { "deployment_specs": [{ "ovf_url": "http://server.com/dir1/ABC-Company-HA-OVF/ABC-VM-ESX-2.0.ovf", "name": "NS_DepSpec", "host_type": "ESXI", "service_form_factor": "MEDIUM" }], "nic_metadata_list": [{ "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" }, { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT" }, { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" } ], "deployment_template": [{ "name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "LicnseKey" }] }] }, "implementations": [ "NORTH_SOUTH" ], "_create_user": "admin", "_create_time": 1525889017742, "_last_modified_user": "admin", "_last_modified_time": 1525889177425, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: service_insertion Additional Errors:

Get all service deployments for the given service id

Returns the list of deployments for the given service
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-deployments
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65f2344b/service-deployments Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceDeploymentListResult+

Example Response: { "results": [ { "perimeter": "CLUSTER", "deployment_type": "HOSTLOCAL", "clustered_deployment_count": 1, "deployment_spec_name": "GISpec", "deployment_mode": "STAND_ALONE", "instance_deployment_template": { "name": "GI_GOLD", "attributes": [ { "key": "DNS", "display_name": "DNS", "value": "", "attribute_type": "STRING" }, { "key": "sva_key", "display_name": "sva_key", "value": "", "attribute_type": "STRING" } ] }, "service_deployment_config": { "compute_manager_id": "f42c11d3-fe88-46d4-a1e5-b9f73a30c31a", "compute_collection_id": "f42c11d3-fe88-46d4-a1e5-b9f73a30c31a:domain-c7", "storage_id": "datastore-30", "vm_nic_info": { "nic_infos": [ { "nic_metadata": { "interface_label": "eth0", "interface_index": 0, "interface_type": "MANAGEMENT" }, "ip_pool_id": "a3cf1339-9cf7-4834-88ec-d4ad813bd130", "network_id": "network-28" } ] } }, "service_id": "c729678f-443a-4822-bdd2-aadd7a483e5a", "resource_type": "ServiceDeployment", "id": "e6c2693f-2335-43de-8885-95db0b7c7478", "display_name": "e6c2693f-2335-43de-8885-95db0b7c7478", "_create_user": "admin", "_create_time": 1543950168765, "_last_modified_user": "admin", "_last_modified_time": 1543950168765, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 1 } Required Permissions: read Feature: service_insertion Additional Errors:

Deploys a particular service

This will deploy a particular service on a given cluster / host. Internally multiple service instance can be
created during the deployment. If there are no issues in the parameters, the call returns immediately,
and the service VMs will be deployed asynchronously. To get the overall status of the deployment or to get
the status of individual service vm, please use the deployment status APIs.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-deployments
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceDeployment+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65f2344b/service-deployments { "perimeter": "CLUSTER", "deployment_type": "HOSTLOCAL", "deployment_spec_name": "GISpec", "deployment_mode": "STAND_ALONE", "instance_deployment_template": { "name": "GI_GOLD", "attributes": [ { "attribute_type": "STRING", "display_name": "dns_server1", "key": "dns_server1", "value": "" }, { "attribute_type": "STRING", "display_name": "vsm_password", "key": "vsm_password", "value": "" } ] }, "service_deployment_config": { "compute_collection_id": "f42c11d3-fe88-46d4-a1e5-b9f73a30c31a:domain-c7", "compute_manager_id": "f42c11d3-fe88-46d4-a1e5-b9f73a30c31a", "storage_id": "datastore-30", "vm_nic_info": { "nic_infos": [ { "nic_metadata": { "interface_label": "eth0", "interface_index": 0, "interface_type": "MANAGEMENT" }, "network_id": "network-28", "ip_pool_id": "a3cf1339-9cf7-4834-88ec-d4ad813bd130" } ] } } } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ServiceDeployment+

Example Response: { "perimeter": "CLUSTER", "deployment_type": "HOSTLOCAL", "clustered_deployment_count": 1, "deployment_spec_name": "GISpec", "deployment_mode": "STAND_ALONE", "instance_deployment_template": { "name": "GI_GOLD", "attributes": [ { "key": "DNS", "display_name": "DNS", "value": "", "attribute_type": "STRING" }, { "key": "sva_key", "display_name": "sva_key", "value": "", "attribute_type": "STRING" } ] }, "service_deployment_config": { "compute_manager_id": "f42c11d3-fe88-46d4-a1e5-b9f73a30c31a", "compute_collection_id": "f42c11d3-fe88-46d4-a1e5-b9f73a30c31a:domain-c7", "storage_id": "datastore-30", "vm_nic_info": { "nic_infos": [ { "nic_metadata": { "interface_label": "eth0", "interface_index": 0, "interface_type": "MANAGEMENT" }, "ip_pool_id": "a3cf1339-9cf7-4834-88ec-d4ad813bd130", "network_id": "network-28" } ] } }, "service_id": "c729678f-443a-4822-bdd2-aadd7a483e5a", "resource_type": "ServiceDeployment", "id": "e6c2693f-2335-43de-8885-95db0b7c7478", "display_name": "e6c2693f-2335-43de-8885-95db0b7c7478", "_create_user": "admin", "_create_time": 1543950168765, "_last_modified_user": "admin", "_last_modified_time": 1543950168765, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: service_insertion Additional Errors:

Update an existing Service Deployment.

Modifies an existing Service Deployment. This will not update the already
deployed service instances, deployed via this deployment.
Request:
Method:
PUT
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-deployments/<service-deployment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceDeployment+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65f2344b/service-deployments/01dfa028-bc90-4be4-bda1-a98b4eb65856 { "perimeter": "CLUSTER", "deployment_type": "HOSTLOCAL", "clustered_deployment_count": 1, "deployment_spec_name": "GISpec", "deployment_mode": "STAND_ALONE", "instance_deployment_template": { "name": "GI_GOLD", "attributes": [ { "key": "netmask0", "display_name": "netmask0", "value": "", "attribute_type": "STRING" }, { "key": "vc_password", "display_name": "vc_password", "value": "", "attribute_type": "STRING" } ] }, "service_deployment_config": { "compute_manager_id": "f42c11d3-fe88-46d4-a1e5-b9f73a30c31a", "compute_collection_id": "f42c11d3-fe88-46d4-a1e5-b9f73a30c31a:domain-c7", "storage_id": "datastore-30", "vm_nic_info": { "nic_infos": [ { "nic_metadata": { "interface_label": "eth0", "interface_index": 0, "interface_type": "MANAGEMENT" }, "ip_pool_id": "a3cf1339-9cf7-4834-88ec-d4ad813bd130", "network_id": "network-28" } ] } }, "service_id": "7007c838-d605-458c-9bef-c068364f2efd", "resource_type": "ServiceDeployment", "id": "78e1a4fa-57e0-493c-9325-c8c508b01002", "display_name": "78e1a4fa-57e0-493c-9325-c8c508b01002", "_create_user": "admin", "_create_time": 1543558304751, "_last_modified_user": "admin", "_last_modified_time": 1543558304751, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceDeployment+

Example Response: { "perimeter": "CLUSTER", "deployment_type": "HOSTLOCAL", "clustered_deployment_count": 1, "deployment_spec_name": "GISpec", "deployment_mode": "STAND_ALONE", "instance_deployment_template": { "name": "GI_GOLD", "attributes": [ { "key": "DNS", "display_name": "DNS", "value": "", "attribute_type": "STRING" }, { "key": "sva_key", "display_name": "sva_key", "value": "", "attribute_type": "STRING" } ] }, "service_deployment_config": { "compute_manager_id": "f42c11d3-fe88-46d4-a1e5-b9f73a30c31a", "compute_collection_id": "f42c11d3-fe88-46d4-a1e5-b9f73a30c31a:domain-c7", "storage_id": "datastore-30", "vm_nic_info": { "nic_infos": [ { "nic_metadata": { "interface_label": "eth0", "interface_index": 0, "interface_type": "MANAGEMENT" }, "ip_pool_id": "a3cf1339-9cf7-4834-88ec-d4ad813bd130", "network_id": "network-28" } ] } }, "service_id": "c729678f-443a-4822-bdd2-aadd7a483e5a", "resource_type": "ServiceDeployment", "id": "e6c2693f-2335-43de-8885-95db0b7c7478", "display_name": "e6c2693f-2335-43de-8885-95db0b7c7478", "_create_user": "admin", "_create_time": 1543950168765, "_last_modified_user": "admin", "_last_modified_time": 1543950168765, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: service_insertion Additional Errors:

Remove service deployment

Remove the service deployment. Will remove all the Service VMs that were
created as part of this deployment. User can send optional force delete
option which will force remove the deployment, but should be used
only when the regular delete is not working. Regular delete will ensure
proper cleanup of Service VMs and related objects. Directly calling this
API without trying regular undeploy will result in unexpected results,
and orphan objects.
Request:
Method:
DELETE
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-deployments/<service-deployment-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/serviceinsertion/services/564dab50-63a0-8b4f-a1f8-20e4d36efc3b/service-deployments/01dfa028-bc90-4be4-bda1-a98b4eb65856 Successful Response:
Response Code:
202 Accepted
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Get a particular service deployment.

Returns detail of service deployment.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-deployments/<service-deployment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65f2344b/service-deployments/01dfa028-bc90-4be4-bda1-a98b4eb65856 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceDeployment+

Example Response: { "perimeter": "CLUSTER", "deployment_type": "HOSTLOCAL", "clustered_deployment_count": 1, "deployment_spec_name": "GISpec", "deployment_mode": "STAND_ALONE", "instance_deployment_template": { "name": "GI_GOLD", "attributes": [ { "key": "DNS", "display_name": "DNS", "value": "", "attribute_type": "STRING" }, { "key": "sva_key", "display_name": "sva_key", "value": "", "attribute_type": "STRING" } ] }, "service_deployment_config": { "compute_manager_id": "f42c11d3-fe88-46d4-a1e5-b9f73a30c31a", "compute_collection_id": "f42c11d3-fe88-46d4-a1e5-b9f73a30c31a:domain-c7", "storage_id": "datastore-30", "vm_nic_info": { "nic_infos": [ { "nic_metadata": { "interface_label": "eth0", "interface_index": 0, "interface_type": "MANAGEMENT" }, "ip_pool_id": "a3cf1339-9cf7-4834-88ec-d4ad813bd130", "network_id": "network-28" } ] } }, "service_id": "c729678f-443a-4822-bdd2-aadd7a483e5a", "resource_type": "ServiceDeployment", "id": "e6c2693f-2335-43de-8885-95db0b7c7478", "display_name": "e6c2693f-2335-43de-8885-95db0b7c7478", "_create_user": "admin", "_create_time": 1543950168765, "_last_modified_user": "admin", "_last_modified_time": 1543950168765, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: service_insertion Additional Errors:

Get Service-Deployment state for Service.

Returns configuration state of deployed partner service using service insertion framework.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-deployments/<service-deployment-id>/state
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65fc4e5b/service-deployments/79b29ea5-051a-4ab2-af85-fb6520a9f881/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ConfigurationState+

Example Response: { "details": [ { "sub_system_id": "626dca70-d273-4209-b3e8-cd5798fa5f6b", "sub_system_type": "ServiceDeploymentId", "failure_message": "Error creating agency for deployment unit 22785889-43c9-4dcb-a064-122c442328e8.", "failure_code": 26134 } ] } Required Permissions: read Feature: service_insertion Additional Errors:

Get a particular service deployment status.

Returns current status of the deployment of partner service. Available only for EPP Services.
By default this API would return cached status. Caching happens every 3 minutes.
For realtime status, query parameter "source=realtime" needs to be passed.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-deployments/<service-deployment-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/service-deployments/01dfa028-bc90-4be4-bda1-a98b4eb65856/status?source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceDeploymentStatus+

Example Response: { "sva_current_version": "1.0.0.0", "sva_max_available_version": "1.0.0.0", "deployment_status": "DEPLOYMENT_SUCCESSFUL" } Required Permissions: read Feature: service_insertion Additional Errors:

Upgrade all VMs part of this service deployment using newer version of OVF. It is currently being disabled.

Upgrade API is currently disabled. Please refer to vendor documentation on how to upgrade individual appliances.
Upgrade all VMs part of this service deployment using newer version of
OVF. New OVF version isn't expected in this call because it is
published by the partner by updating the service definition. This API
simply upgrades to the latest version published by the partner.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-deployments/<service-deployment-id>?action=upgrade
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/services/564dab50-63a0-8b4f-a1f8-20e4d36efc3b/service-deployments/01dfa028-bc90-4be4-bda1-a98b4eb65856?action=upgrade Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Get all Service-Instances for Service.

Returns all Service-Instance(s) for a given Service-Insertion Service.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65fc4e5b/service-instances Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInstanceListResult+

Example Response: { "result_count": 3, "results": [{ "resource_type": "ServiceInstance", "description": "This Service Instance is deployed at T0 router", "id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "display_name": "NS Service_Instance_for_ABC", "attachment_point": "TIER0_LR", "deployed_to": [{ "is_valid": true, "target_display_name": "Active-LR", "target_id": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd", "target_type": "LogicalRouter" }], "deployment_mode": "STAND_ALONE", "deployment_spec_name": "NS_DepSpec", "implementation_type": "NORTH_SOUTH", "instance_deployment_config": { "compute_id": "domain-c8", "context_id": "44a18335-e72d-4c77-a0b1-7a922c5e086c", "storage_id": "datastore-12", "vm_nic_infos": [{ "nic_infos": [{ "ip_address": "10.33.79.64", "gateway_address": "10.33.79.66", "subnet_mask": "255.255.255.252", "network_id": "network-16", "nic_metadata": { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" } } ] }] }, "on_failure_policy": "ALLOW", "service_id": "0ae2295d-d7dc-4b62-94ef-3a02bb2bf2c0", "transport_type": "L2_BRIDGE", "instance_deployment_template": { "name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "ABC_HA_License", "value": "eiou14345u897lihs23!" }] }, "_create_user": "admin", "_create_time": 1525889020946, "_last_modified_user": "admin", "_last_modified_time": 1525889125046, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 }, { "resource_type": "ServiceInstance", "description": "This Service Instance is deployed at T0 router in HA Mode", "display_name": "NS Service_Instance_for_ABC_HA", "attachment_point": "TIER0_LR", "deployed_to": [{ "is_valid": true, "target_display_name": "Active-LR", "target_id": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd", "target_type": "LogicalRouter" }], "deployment_mode": "ACTIVE_STANDBY", "deployment_spec_name": "NS_DepSpec", "implementation_type": "NORTH_SOUTH", "instance_deployment_config": { "compute_id": "domain-c8", "context_id": "44a18335-e72d-4c77-a0b1-7a922c5e086c", "storage_id": "datastore-12", "vm_nic_infos": [{ "nic_infos": [{ "ip_address": "10.33.79.64", "gateway_address": "10.33.79.66", "subnet_mask": "255.255.255.252", "network_id": "network-16", "nic_metadata": { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" } }, { "ip_address": "11.11.11.1", "nic_metadata": { "interface_label": "eth", "interface_index": 3, "interface_type": "HA1" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 4, "interface_type": "HA2" } } ] }, { "nic_infos": [{ "ip_address": "10.33.79.65", "gateway_address": "10.33.79.66", "subnet_mask": "255.255.255.252", "network_id": "network-16", "nic_metadata": { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 3, "interface_type": "HA1" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 4, "interface_type": "HA2" } } ] } ] }, "on_failure_policy": "BLOCK", "service_id": "0ae2295d-d7dc-4b62-94ef-3a02bb2bf2c0", "transport_type": "L2_BRIDGE", "instance_deployment_template": { "name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "ABC_HA_License", "value": "adklfjakldfjlkajfkl" }] }, "_create_user": "admin", "_create_time": 1525889017742, "_last_modified_user": "admin", "_last_modified_time": 1525889017742, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "ByodServiceInstance", "id": "8e3df14c-6bda-450e-9570-61c22cfd91ad", "display_name": "NS Service_Instance_for_XYZ", "transport_type": "L3_ROUTED", "service_id": "e7b4cde6-809a-46d1-a13d-a7be93aa022d", "deployment_mode": "STAND_ALONE", "_create_time": 1525209315039, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_last_modified_time": 1525209315039, "_create_user": "admin", "_revision": 0 }] } Required Permissions: read Feature: service_insertion Additional Errors:

Add a Service Instance for a specified Service.

Adds a new Service-Instance under the specified Service.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ByodServiceInstance+
ServiceInstance+
VirtualServiceInstance+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65fc4e5b/service-instances { "resource_type": "ServiceInstance", "description": "This Service Instance is deployed at T0 router", "display_name": "NS Service_Instance_for_ABC", "attachment_point": "TIER0_LR", "deployed_to": [{ "is_valid": true, "target_display_name": "Active-LR", "target_id": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd", "target_type": "LogicalRouter" }], "deployment_mode": "STAND_ALONE", "deployment_spec_name": "NS_DepSpec", "display_name": "NS Service_Instance_for_ABC", "implementation_type": "NORTH_SOUTH", "instance_deployment_config": { "compute_id": "domain-c8", "context_id": "44a18335-e72d-4c77-a0b1-7a922c5e086c", "storage_id": "datastore-12", "vm_nic_infos": [{ "nic_infos": [{ "ip_address": "10.33.79.64", "gateway_address": "10.33.79.66", "subnet_mask": "255.255.255.252", "network_id": "network-16", "nic_metadata": { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" } } ] }] }, "on_failure_policy": "BLOCK", "service_id": "0ae2295d-d7dc-4b62-94ef-3a02bb2bf2c0", "transport_type": "L2_BRIDGE", "instance_deployment_template": { "name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "ABC_HA_License", "value": "adklfjakldfjlkajfkl" }] } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ByodServiceInstance+
ServiceInstance+
VirtualServiceInstance+

Example Response: { "resource_type": "ServiceInstance", "description": "This Service Instance is deployed at T0 router", "id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "display_name": "NS Service_Instance_for_ABC", "attachment_point": "TIER0_LR", "deployed_to": [{ "is_valid": true, "target_display_name": "Active-LR", "target_id": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd", "target_type": "LogicalRouter" }], "deployment_mode": "STAND_ALONE", "deployment_spec_name": "NS_DepSpec", "implementation_type": "NORTH_SOUTH", "instance_deployment_config": { "compute_id": "domain-c8", "context_id": "44a18335-e72d-4c77-a0b1-7a922c5e086c", "storage_id": "datastore-12", "vm_nic_infos": [{ "nic_infos": [{ "ip_address": "10.33.79.64", "gateway_address": "10.33.79.66", "subnet_mask": "255.255.255.252", "network_id": "network-16", "nic_metadata": { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" } } ] }] }, "on_failure_policy": "BLOCK", "service_id": "0ae2295d-d7dc-4b62-94ef-3a02bb2bf2c0", "transport_type": "L2_BRIDGE", "instance_deployment_template": { "name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "ABC_HA_License", "value": "adklfjakldfjlkajfkl" }] }, "_create_user": "admin", "_create_time": 1525889020946, "_last_modified_user": "admin", "_last_modified_time": 1525889025093, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: service_insertion Additional Errors:

Delete an existing Service-Instance

Delete existing Service-Instance for a given Service-Insertion Service.
Request:
Method:
DELETE
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65fc4e5b/service-instances/79b29ea5-051a-4ab2-af85-fb6520a9f881 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Get Service-Instance for Service.

Returns Service-Instance information for a given Service-Insertion Service.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65fc4e5b/service-instances/79b29ea5-051a-4ab2-af85-fb6520a9f881 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ByodServiceInstance+
ServiceInstance+
VirtualServiceInstance+

Example Response: { "resource_type": "ServiceInstance", "description": "This Service Instance is deployed at T0 router", "id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "display_name": "NS Service_Instance_for_ABC", "attachment_point": "TIER0_LR", "deployed_to": [{ "is_valid": true, "target_display_name": "Active-LR", "target_id": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd", "target_type": "LogicalRouter" }], "deployment_mode": "STAND_ALONE", "deployment_spec_name": "NS_DepSpec", "implementation_type": "NORTH_SOUTH", "instance_deployment_config": { "compute_id": "domain-c8", "context_id": "44a18335-e72d-4c77-a0b1-7a922c5e086c", "storage_id": "datastore-12", "vm_nic_infos": [{ "nic_infos": [{ "ip_address": "10.33.79.64", "gateway_address": "10.33.79.66", "subnet_mask": "255.255.255.252", "network_id": "network-16", "nic_metadata": { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" } } ] }] }, "on_failure_policy": "BLOCK", "service_id": "0ae2295d-d7dc-4b62-94ef-3a02bb2bf2c0", "transport_type": "L2_BRIDGE", "instance_deployment_template": { "name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "ABC_HA_License", "value": "adklfjakldfjlkajfkl" }] }, "_create_user": "admin", "_create_time": 1525889020946, "_last_modified_user": "admin", "_last_modified_time": 1525889025093, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: service_insertion Additional Errors:

Update an existing Service-Instance.

Modifies an existing Service-Instance for a given Service-Insertion Service.
Request:
Method:
PUT
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ByodServiceInstance+
ServiceInstance+
VirtualServiceInstance+

Example Request: PUT https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65fc4e5b/service-instances/79b29ea5-051a-4ab2-af85-fb6520a9f881 { "resource_type": "ServiceInstance", "description": "This Service Instance is deployed at T0 router", "id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "display_name": "NS Service_Instance_for_ABC", "attachment_point": "TIER0_LR", "deployed_to": [{ "is_valid": true, "target_display_name": "Active-LR", "target_id": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd", "target_type": "LogicalRouter" }], "deployment_mode": "STAND_ALONE", "deployment_spec_name": "NS_DepSpec", "implementation_type": "NORTH_SOUTH", "instance_deployment_config": { "compute_id": "domain-c8", "context_id": "44a18335-e72d-4c77-a0b1-7a922c5e086c", "storage_id": "datastore-12", "vm_nic_infos": [{ "nic_infos": [{ "ip_address": "10.33.79.64", "gateway_address": "10.33.79.66", "subnet_mask": "255.255.255.252", "network_id": "network-16", "nic_metadata": { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" } } ] }] }, "on_failure_policy": "ALLOW", "service_id": "0ae2295d-d7dc-4b62-94ef-3a02bb2bf2c0", "transport_type": "L2_BRIDGE", "instance_deployment_template": { "name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "ABC_HA_License", "value": "eiou14345u897lihs23!" }] }, "_create_user": "admin", "_create_time": 1525889020946, "_last_modified_user": "admin", "_last_modified_time": 1525889025093, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ByodServiceInstance+
ServiceInstance+
VirtualServiceInstance+

Example Response: { "resource_type": "ServiceInstance", "description": "This Service Instance is deployed at T0 router", "id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "display_name": "NS Service_Instance_for_ABC", "attachment_point": "TIER0_LR", "deployed_to": [{ "is_valid": true, "target_display_name": "Active-LR", "target_id": "ea9ae885-d3ec-4acc-8194-d5d96dc569cd", "target_type": "LogicalRouter" }], "deployment_mode": "STAND_ALONE", "deployment_spec_name": "NS_DepSpec", "implementation_type": "NORTH_SOUTH", "instance_deployment_config": { "compute_id": "domain-c8", "context_id": "44a18335-e72d-4c77-a0b1-7a922c5e086c", "storage_id": "datastore-12", "vm_nic_infos": [{ "nic_infos": [{ "ip_address": "10.33.79.64", "gateway_address": "10.33.79.66", "subnet_mask": "255.255.255.252", "network_id": "network-16", "nic_metadata": { "interface_label": "eth", "interface_index": 0, "interface_type": "MANAGEMENT" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 1, "interface_type": "DATA1" } }, { "nic_metadata": { "interface_label": "eth", "interface_index": 2, "interface_type": "DATA2" } } ] }] }, "on_failure_policy": "ALLOW", "service_id": "0ae2295d-d7dc-4b62-94ef-3a02bb2bf2c0", "transport_type": "L2_BRIDGE", "instance_deployment_template": { "name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "ABC_HA_License", "value": "eiou14345u897lihs23!" }] }, "_create_user": "admin", "_create_time": 1525889020946, "_last_modified_user": "admin", "_last_modified_time": 1525889125046, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: service_insertion Additional Errors:

Get NSgroups for a given ServiceInstance.

Returns list of NSGroups used in Service Insertion North-South rules for a given
Service Instance.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>/group-associations
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/03a31751-beaa-4a75-a3c9-04043479f0ec/service-instances/e766bc2c-87d0-4ba6-874d-30953bf40741/group-associations Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInstanceNSGroups+

Example Response: { "nsgroups":[ { "nsgroup":{ "target_display_name":"Grp1", "is_valid":true, "target_type":"NSGroup", "target_id":"d4ecb8de-57e7-4809-b93a-f2f6991ad5ad" }, "nsgroup_policy_path":"/infra/domains/cgw/groups/multiple-expr-1" } ] } Required Permissions: read Feature: service_insertion Additional Errors:

Add an InstanceEndpoint for a Service Instance

Adds a new instance endpoint. It belongs to one service instance and is attached
to one service attachment. It represents a redirection target for a Rule.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>/instance-endpoints
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
InstanceEndpoint+

Example Request: POST https://<nsx-mgr>/api/v1/services/65a60890-6f48-418d-a7d5-5aaf65fc4e5b/service-instances/79b29ea5-051a-4ab2-af85-fb6520a9f881/instance-endpoints { "service_attachment_id": "bbb60890-6f48-418d-a7d5-5aaf65fc4e5b", "endpoint_type": "LOGICAL", "display_name": "Appliance 1 Endpoint 1", "target_ips": [ { "ip_addresses": [ "192.168.100.2" ], "prefix_length": 24 } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
InstanceEndpoint+

Example Response: { "resource_type": "InstanceEndpoint", "id": "01dfa028-bc90-4be4-bda1-a98b4eb65856", "service_attachment_id": "bbb60890-6f48-418d-a7d5-5aaf65fc4e5b", "service_instance_id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "display_name": "Appliance 1 Endpoint 1", "endpoint_type": "LOGICAL", "target_ips": [ { "ip_addresses": [ "192.168.100.2" ], "prefix_length": 24 } ] } Required Permissions: crud Feature: service_insertion Additional Errors:

List all InstanceEndpoints of a Service Instance.

List all InstanceEndpoints of a service instance.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>/instance-endpoints
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/03a31751-beaa-4a75-a3c9-04043479f0ec/service-instances/01dfa028-bc90-4be4-bda1-a98b4eb65856/instance-endpoints Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
InstanceEndpointListResult+

Example Response: { "result_count": 1, "results": [ { "resource_type": "InstanceEndpoint", "id": "01dfa028-bc90-4be4-bda1-a98b4eb65856", "display_name": "Appliance 1 Endpoint 1", "service_attachment_id": "bbb60890-6f48-418d-a7d5-5aaf65fc4e5b", "service_instance_id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "endpoint_type": "LOGICAL", "target_ips": [ { "ip_addresses": [ "192.168.100.2" ], "prefix_length": 24 } ] } ] } Required Permissions: read Feature: service_insertion Additional Errors:

Get a particular instance endpoint for a service instance.

Returns detailed Endpoint information for a given InstanceEndpoint.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>/instance-endpoints/<instance-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65fc4e5b/service-instances/79b29ea5-051a-4ab2-af85-fb6520a9f881/instance-endpoints/01dfa028-bc90-4be4-bda1-a98b4eb65856 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
InstanceEndpoint+

Example Response: { "resource_type": "InstanceEndpoint", "id": "01dfa028-bc90-4be4-bda1-a98b4eb65856", "display_name": "Appliance 1 Endpoint 1", "service_attachment_id": "bbb60890-6f48-418d-a7d5-5aaf65fc4e5b", "service_instance_id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "endpoint_type": "LOGICAL", "target_ips": [ { "ip_addresses": [ "192.168.100.2" ], "prefix_length": 24 } ] } Required Permissions: read Feature: service_insertion Additional Errors:

Delete a particular InstanceEndpoint.

Delete instance endpoint information for a given instace endpoint.
Please make sure to delete all the Service Insertion Rules, which
refer to this Endpoint as 'redirect_tos' target.
Request:
Method:
DELETE
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>/instance-endpoints/<instance-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65fc4e5b/service-instances/79b29ea5-051a-4ab2-af85-fb6520a9f88/instance-endpoints/01dfa028-bc90-4be4-bda1-a98b4eb65856 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Returns list of instance runtimes of service VM being deployed

Returns list of instance runtimes of service VMs being deployed for a given service instance id
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>/instance-runtimes
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/564dab50-63a0-8b4f-a1f8-20e4d36efc3b/service-instances/564dab50-63a0-8b4f-a1f8-20e4d36efc3c/instance-runtimes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
InstanceRuntimeListResult+

Example Response: { "result_count": 1, "results": [ { "id": "12f563af-af9f-48f3-848e-e9257c8740b0", "deployment_status": "NOT_AVAILABLE", "runtime_status": "NOT_AVAILABLE", "maintenance_mode": "OFF", "service_instance_id": "12f563af-af9f-48f3-848e-e9257c8740b0", "service_vm_id": "12f563af-af9f-48f3-848e-e9257c8740b3", "vm_nic_info": { "nic_infos": [ { "nic_metadata": { "interface_label": "eth0", "interface_index": 0, "interface_type": "MANAGEMENT" }, "network_id": "network-16" } ] }, "_create_user": "admin", "_create_time": 1506945622681, "_last_modified_user": "admin", "_last_modified_time": 1506945622681, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: service_insertion Additional Errors:

Update maintenance mode or runtime state of a service VM

Set service VM either in or out of maintenance mode for maintenance mode, or in service or out
of service for runtime state. Only one value can be set at one time.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>/instance-runtimes/<instance-runtime-id>
Request Headers:
n/a
Query Parameters:
ServiceVMStateParameters+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/services/564dab50-63a0-8b4f-a1f8-20e4d36efc3b/service-instances/564dab50-63a0-8b4f-a1f8-20e4d36efc3c/instance-runtimes/564dab50-63a0-8b4f-a1f8-20e4d36efc3d?action=enable_maintenance_mode Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Get statistics for a given interface identified by the interface index

Returns statistics of a specified interface via associated logical port. If the logical port is attached to
a logical router port, query parameter "source=realtime" is not supported.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>/instance-runtimes/<instance-runtime-id>/interfaces/<interface_index>/statistics
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/564dab50-63a0-8b4f-a1f8-20e4d36efc3b/service-instances/564dab50-63a0-8b4f-a1f8-20e4d36efc3c/instance-runtimes/564dab50-63a0-8b4f-a1f8-20e4d36efc3d/interfaces/1/statistics Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RuntimeInterfaceStatistics+

Example Response: { "tx_packets": { "total": 0, "dropped": 0, "multicast_broadcast": 0 }, "rx_bytes": { "total": 11473, "multicast_broadcast": 11473 }, "tx_bytes": { "total": 0, "multicast_broadcast": 0 }, "rx_packets": { "total": 56, "dropped": 0, "multicast_broadcast": 56 }, "interface_index": 1, "last_update_timestamp": 1453500812476 } Required Permissions: read Feature: service_insertion Additional Errors:

Get operational status for an interface

Returns operational status of a specified interface Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>/instance-runtimes/<instance-runtime-id>/interfaces/<interface_index>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/564dab50-63a0-8b4f-a1f8-20e4d36efc3b/service-instances/564dab50-63a0-8b4f-a1f8-20e4d36efc3c/instance-runtimes/564dab50-63a0-8b4f-a1f8-20e4d36efc3d/interfaces/1/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RuntimeInterfaceOperationalStatus+

Example Response: { "interface_index": 1, "last_update_timestamp": 1453764613211, "status": "UP" } Required Permissions: read Feature: service_insertion Additional Errors:

Remove service VMs either as standalone or HA

Undeploy one service VM as standalone or two service VMs as HA. Associated deployment information and instance
runtime will also be deleted once service VMs have been un-deployed successfully.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>/instance-runtimes?action=delete
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/services/564dab50-63a0-8b4f-a1f8-20e4d36efc3b/service-instances/564dab50-63a0-8b4f-a1f8-20e4d36efc3c/instance-runtimes?action=delete Successful Response:
Response Code:
202 Accepted
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Deploy and set up service VMs either as standalone or HA

Deploys one service VM as standalone, or two service VMs as HA where one VM is active and another one is standby.

During the deployment of service VMs, service will be set up based on deployment events using callbacks.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>/instance-runtimes?action=deploy
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/services/564dab50-63a0-8b4f-a1f8-20e4d36efc3b/service-instances/564dab50-63a0-8b4f-a1f8-20e4d36efc3c/instance-runtimes?action=deploy Successful Response:
Response Code:
201 Created
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Upgrade service VMs using newer version of OVF

Upgrade service VMs using newer version of OVF.

In case of HA, the stand-by service VM will be upgrade first. Once it has been upgraded,
it switches to be the Active one and then the other VM will be upgrade.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>/instance-runtimes?action=upgrade
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/services/564dab50-63a0-8b4f-a1f8-20e4d36efc3b/service-instances/564dab50-63a0-8b4f-a1f8-20e4d36efc3c/instance-runtimes?action=upgrade Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Get Service-Instance state for Service.

Returns configuration state of one instance of a deployed partner service using service insertion framework.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>/state
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65fc4e5b/service-instances/79b29ea5-051a-4ab2-af85-fb6520a9f881/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ConfigurationState+

Example Response: { "details": [ { "sub_system_id": "79b29ea5-051a-4ab2-af85-fb6520a9f881", "sub_system_type": "ServiceInstanceId", "failure_message": "VM powered off. Agent VM is expected to be powered on. \nCause : XXX uninitialized", "failure_code": 31622 } ] } Required Permissions: read Feature: service_insertion Additional Errors:

Get Service-Instance status for Service.

Returns status of one instance of a deployed partner service using service insertion framework.
By default this API would return cached status. Caching happens every 3 minutes.
For realtime status, query parameter "source=realtime" needs to be passed.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-instances/<service-instance-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/65a60890-6f48-418d-a7d5-5aaf65fc4e5b/service-instances/79b29ea5-051a-4ab2-af85-fb6520a9f881/status?source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInstanceStatus+

Example Response: { "instance_deployment_status": { "deployment_status": "DEPLOYMENT_SUCCESSFUL" }, "instance_health_status": { "is_sva_mux_incompatible": false, "connect_timestamp": "169882258", "solution_status": "UP", "mux_incompatible_version": "", "mux_connected_status": "CONNECTED", "solution_version": "1.5.3" } } Required Permissions: read Feature: service_insertion Additional Errors:

Add ServiceProfile for a given Service.

Adds a new service profile.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BaseServiceProfile+
GiServiceProfile+
ServiceInsertionServiceProfile+

Example Request: POST https://<nsx-mgr>/api/v1/services/103ca1c3-ef39-4473-aaec-9a8d764a9392/service-profiles { "resource_type": "ServiceInsertionServiceProfile", "display_name": "SP1", "description": "SP for East-West Service Insertion", "vendor_template_id": "e8420012-6861-4c41-b13c-1aba8c98f007", "redirection_action": "PUNT", "attributes": [{ "attribute_type": "STRING", "display_name": "attribute1", "key": "key1", "value": "value1" }, { "attribute_type": "STRING", "display_name": "attribute2", "key": "key2", "value": "value2" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BaseServiceProfile+
GiServiceProfile+
ServiceInsertionServiceProfile+

Example Response: { "vendor_template_id": "e8420012-6861-4c41-b13c-1aba8c98f007", "attributes": [ { "key": "Key 2", "display_name": "attribute2", "value": "Name 2", "attribute_type": "STRING" }, { "key": "Key 1", "display_name": "attribute1", "value": "Name 1", "attribute_type": "STRING" } ], "redirection_action": "PUNT", "service_id": "103ca1c3-ef39-4473-aaec-9a8d764a9392", "resource_type": "ServiceInsertionServiceProfile", "id": "38b87e06-cb4d-4568-9be0-59be8ab12df9", "display_name": "Service_Profile_1", "description": "ABC Company Service Profile 1", "_create_user": "admin", "_create_time": 1546634208000, "_last_modified_user": "admin", "_last_modified_time": 1546634208000, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: service_insertion Additional Errors:

List all Service Profiles of a Service.

List all service profiles of a service.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/103ca1c3-ef39-4473-aaec-9a8d764a9392/service-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SIServiceProfileListResult+

Example Response: { "results": [ { "vendor_template_id": "e8420012-6861-4c41-b13c-1aba8c98f007", "attributes": [ { "key": "Key 2", "display_name": "attribute2", "value": "Name 2", "attribute_type": "STRING" }, { "key": "Key 1", "display_name": "attribute1", "value": "Name 1", "attribute_type": "STRING" } ], "redirection_action": "PUNT", "service_id": "103ca1c3-ef39-4473-aaec-9a8d764a9392", "resource_type": "ServiceInsertionServiceProfile", "id": "38b87e06-cb4d-4568-9be0-59be8ab12df9", "display_name": "Service_Profile_1", "description": "ABC Company Service Profile 1", "_create_user": "admin", "_create_time": 1546634208000, "_last_modified_user": "admin", "_last_modified_time": 1546634208000, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 1 } Required Permissions: read Feature: service_insertion Additional Errors:

Delete a particular ServiceProfile.

Delete service profile for a given service.
Request:
Method:
DELETE
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-profiles/<service-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/serviceinsertion/services/103ca1c3-ef39-4473-aaec-9a8d764a9392/service-profiles/38b87e06-cb4d-4568-9be0-59be8ab12df9 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Get a particular ServiceProfile for a Service.

Returns detailed service profile information for a given Service.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-profiles/<service-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/103ca1c3-ef39-4473-aaec-9a8d764a9392/service-profiles/38b87e06-cb4d-4568-9be0-59be8ab12df9 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BaseServiceProfile+
GiServiceProfile+
ServiceInsertionServiceProfile+

Example Response: { "vendor_template_id": "e8420012-6861-4c41-b13c-1aba8c98f007", "attributes": [ { "key": "Key 2", "display_name": "attribute2", "value": "Name 2", "attribute_type": "STRING" }, { "key": "Key 1", "display_name": "attribute1", "value": "Name 1", "attribute_type": "STRING" } ], "redirection_action": "PUNT", "service_id": "103ca1c3-ef39-4473-aaec-9a8d764a9392", "resource_type": "ServiceInsertionServiceProfile", "id": "38b87e06-cb4d-4568-9be0-59be8ab12df9", "display_name": "Service_Profile_1", "description": "ABC Company Service Profile 1", "_create_user": "admin", "_create_time": 1546634208000, "_last_modified_user": "admin", "_last_modified_time": 1546634208000, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: service_insertion Additional Errors:

Get NSgroups for a given ServiceProfile.

Returns list of NSGroups used in Service Insertion rules for a given Service Profile.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-profiles/<service-profile-id>/nsgroups
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/03a31751-beaa-4a75-a3c9-04043479f0ec/service-profiles/e766bc2c-87d0-4ba6-874d-30953bf40741/nsgroups Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceProfileNSGroups+

Example Response: { "resource_type": "ServiceProfileNSGroups", "id": "SP-34ab3b14-5b73-424b-b521-6d1cabd7c151", "display_name": "SP-34ab3b14-5b73-424b-b521-6d1cabd7c151", "nsgroups":[ { "nsgroup":{ "target_display_name":"Grp1", "is_valid":true, "target_type":"NSGroup", "target_id":"d4ecb8de-57e7-4809-b93a-f2f6991ad5ad" }, "nsgroup_policy_path":"/infra/domains/cgw/groups/multiple-expr-1" } ], "_create_time": 1530770939580, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_create_user": "admin", "_last_modified_time": 1530770939345, "_revision": 2 } Required Permissions: read Feature: service_insertion Additional Errors:

List all ServiceChainMappings.

List all service chain mappings in the system for the given service profile.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/service-profiles/<service-profile-id>/service-chain-mappings
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/03a31751-beaa-4a75-a3c9-04043479f0ec/service-profiles/e766bc2c-87d0-4ba6-874d-30953bf40741/service-chain-mappings Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceChainMappingListResult+

Example Response: { "result_count": 2, "results": [ { "service_chain_id": "1", "service_index": 3, "direction": "FORWARD" }, { "service_chain_id": "1", "service_index": 2, "direction": "REVERSE" } ] } Required Permissions: read Feature: service_insertion Additional Errors:

Get Solution Config Information associated with a given service.

Returns Solution Config information for a given service.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/solution-configs
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/03a31751-beaa-4a75-a3c9-04043479f0ec/solution-configs Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SolutionConfigListResult+

Example Response: { "result_count": 1, "results": [ { "resource_type": "SolutionConfig", "id": "96fd5b77-5514-4bab-a1c7-1c932fd5eadf", "display_name": "96fd5b77-5514-4bab-a1c7-1c932fd5eadf", "service_id": "aa627592-58d8-4492-8274-2c5c5649b67b", "solution_id" : "7498352642083520512", "control_ip" : "192.168.1.10", "listen_port" : "48651" "_create_user": "admin", "_last_modified_user": "admin", "_create_time": 1538390759534, "_system_owned": false, "_last_modified_time": 1538390759534, "_protection": "NOT_PROTECTED", "_revision": 0 } } Required Permissions: read Feature: service_insertion Additional Errors:

Add Solution Config for a given Service

Adds a solution config. Solution Config are service level objects,
required for configuring the NXGI partner Service after deployment.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/services/<service-id>/solution-configs
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SolutionConfig+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/services/03a31751-beaa-4a75-a3c9-04043479f0ec/solution-configs { "solution_id" : "7498352642083520512", "control_ip" : "192.168.1.10", "listen_port" : "48651" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SolutionConfig+

Example Response: { "resource_type": "SolutionConfig", "id": "96fd5b77-5514-4bab-a1c7-1c932fd5eadf", "display_name": "96fd5b77-5514-4bab-a1c7-1c932fd5eadf", "service_id": "aa627592-58d8-4492-8274-2c5c5649b67b", "solution_id" : "7498352642083520512", "control_ip" : "192.168.1.10", "listen_port" : "48651" "_create_user": "admin", "_last_modified_user": "admin", "_create_time": 1538390759534, "_system_owned": false, "_last_modified_time": 1538390759534, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: service_insertion Additional Errors:

Get Solution Config Information for a given solution config id.

Returns Solution Config information for a given solution config id.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/solution-configs/<solution-config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/03a31751-beaa-4a75-a3c9-04043479f0ec/solution-configs/96fd5b77-5514-4bab-a1c7-1c932fd5eadf Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SolutionConfig+

Example Response: { "resource_type": "SolutionConfig", "id": "96fd5b77-5514-4bab-a1c7-1c932fd5eadf", "display_name": "96fd5b77-5514-4bab-a1c7-1c932fd5eadf", "service_id": "aa627592-58d8-4492-8274-2c5c5649b67b", "solution_id" : "7498352642083520512", "control_ip" : "192.168.1.10", "listen_port" : "48651" "_create_user": "admin", "_last_modified_user": "admin", "_create_time": 1538390759534, "_system_owned": false, "_last_modified_time": 1538390759534, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: service_insertion Additional Errors:

Updates Solution Config for a given Service

Updates a solution config. Solution Config are service level objects,
required for configuring the NXGI partner Service after deployment.
Request:
Method:
PUT
URI Path:
/api/v1/serviceinsertion/services/<service-id>/solution-configs/<solution-config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SolutionConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/serviceinsertion/services/03a31751-beaa-4a75-a3c9-04043479f0ec/solution-configs/ { "resource_type": "SolutionConfig", "id": "96fd5b77-5514-4bab-a1c7-1c932fd5eadf", "display_name": "96fd5b77-5514-4bab-a1c7-1c932fd5eadf", "service_id": "aa627592-58d8-4492-8274-2c5c5649b67b", "solution_id" : "7498352642083520512", "control_ip" : "192.168.1.10", "listen_port" : "48652" "_create_user": "admin", "_last_modified_user": "admin", "_create_time": 1538390759534, "_system_owned": false, "_last_modified_time": 1538390759534, "_protection": "NOT_PROTECTED", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SolutionConfig+

Example Response: { "resource_type": "SolutionConfig", "id": "96fd5b77-5514-4bab-a1c7-1c932fd5eadf", "display_name": "96fd5b77-5514-4bab-a1c7-1c932fd5eadf", "service_id": "aa627592-58d8-4492-8274-2c5c5649b67b", "solution_id" : "7498352642083520512", "control_ip" : "192.168.1.10", "listen_port" : "48652" "_create_user": "admin", "_last_modified_user": "admin", "_create_time": 1538390759534, "_system_owned": false, "_last_modified_time": 1538390759534, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: service_insertion Additional Errors:

Deletes solution config information.

Deletes solution config information for a given service.
Request:
Method:
DELETE
URI Path:
/api/v1/serviceinsertion/services/<service-id>/solution-configs/<solution-config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/serviceinsertion/services/03a31751-beaa-4a75-a3c9-04043479f0ec/solution-configs/ Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Add Vendor Template for a given Service

Adds a new vendor template. Vendor templates are service level objects,
registered to be used in Service Profiles.
Request:
Method:
POST
URI Path:
/api/v1/serviceinsertion/services/<service-id>/vendor-templates
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
VendorTemplate+

Example Request: POST https://<nsx-mgr>/api/v1/serviceinsertion/services/103ca1c3-ef39-4473-aaec-9a8d764a9392/vendor-templates { "display_name": "VT1", "description": "VT for East-West Service Insertion", "attributes": [{ "attribute_type": "STRING", "display_name": "attribute1", "key": "key1" }, { "attribute_type": "STRING", "display_name": "attribute2", "key": "key2" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VendorTemplate+

Example Response: { "attributes": [ { "key": "Key 2", "display_name": "attribute2", "attribute_type": "STRING" }, { "key": "Key 1", "display_name": "attribute1", "attribute_type": "STRING" } ], "service_id": "103ca1c3-ef39-4473-aaec-9a8d764a9392", "resource_type": "VendorTemplate", "id": "e8420012-6861-4c41-b13c-1aba8c98f007", "display_name": "ABC Company Vendor Template", "description": "ABC Company Vendor Template Description", "_create_user": "admin", "_create_time": 1546634201177, "_last_modified_user": "admin", "_last_modified_time": 1546634201177, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: service_insertion Additional Errors:

List all VendorTemplates of a Service.

List all vendor templates of a service.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/vendor-templates
Request Headers:
n/a
Query Parameters:
VendorTemplateQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/103ca1c3-ef39-4473-aaec-9a8d764a9392/vendor-templates?vendor_template_name=VT1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VendorTemplateListResult+

Example Response: { "attributes": [ { "key": "key1", "display_name": "attribute1", "attribute_type": "STRING" }, { "key": "key2", "display_name": "attribute2", "attribute_type": "STRING" } ], "service_id": "103ca1c3-ef39-4473-aaec-9a8d764a9392", "vendor_template_key": "GOLD", "resource_type": "VendorTemplate", "id": "56deedee-f233-4a31-84c3-92646b9b0ec0", "display_name": "VT1", "description": "VT for East-West Service Insertion", "_create_user": "admin", "_create_time": 1546980516215, "_last_modified_user": "admin", "_last_modified_time": 1546980516215, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: service_insertion Additional Errors:

Delete a particular vendor tempalte.

Delete vendor template information for a given service.
Please make sure to delete all the Service Profile(s), which
refer to this vendor tempalte before deleting the template itself.
Request:
Method:
DELETE
URI Path:
/api/v1/serviceinsertion/services/<service-id>/vendor-templates/<vendor-template-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/serviceinsertion/services/03a31751-beaa-4a75-a3c9-04043479f0ec/vendor-templates/79b29ea5-051a-4ab2-af85-fb6520a9f881 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: service_insertion Additional Errors:

Get a particular vendor template for a given service.

Returns detailed vendor template information for a given service.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/services/<service-id>/vendor-templates/<vendor-template-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/services/103ca1c3-ef39-4473-aaec-9a8d764a9392/vendor-templates/e8420012-6861-4c41-b13c-1aba8c98f007 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VendorTemplate+

Example Response: { "results": [{ "attributes": [{ "key": "Key 2", "display_name": "attribute2", "attribute_type": "STRING" }, { "key": "Key 1", "display_name": "attribute1", "attribute_type": "STRING" } ], "service_id": "103ca1c3-ef39-4473-aaec-9a8d764a9392", "resource_type": "VendorTemplate", "id": "e8420012-6861-4c41-b13c-1aba8c98f007", "display_name": "ABC Company Vendor Template", "description": "ABC Company Vendor Template Description", "_create_user": "admin", "_create_time": 1546634201177, "_last_modified_user": "admin", "_last_modified_time": 1546634201177, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }], "result_count": 1 } Required Permissions: read Feature: service_insertion Additional Errors:

Resolve 'source node id' value to source entities.

Service insertion data path inserts unique 'source node id' value
into each packet. This API can be used to identify the source of the packet
using this value. It can be resolved to multiple source entities.
Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/source-entities
Request Headers:
n/a
Query Parameters:
SourceEntityQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/source-entities?source_node_value=00:50:56:bf:87:b8 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SourceEntityResult+

Example Response: { "result_count": 2, "results": [ { "source_entity_id": "12f563af-af9f-48f3-848e-e9257c8740b0", "source_entity_type": "VIRTUAL_NETWORK_INTERFACE", }, { "source_entity_id": "35ec2c06-0051-4480-ad83-9e4d178cd3a", "source_entity_type": "VIRTUAL_MACHINE", } ] } Required Permissions: read Feature: service_insertion Additional Errors:

List all service insertion status for supported contexts

Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionStatusListResult+

Example Response: { "result_count": 2, "results": [ { "resource_type": "ServiceInsertionStatus", "id": "abcd495c-ffe8-4d44-8ea7-371f9fe2abcd", "display_name": "abcd495c-ffe8-4d44-8ea7-371f9fe2abcd", "global_status": "ENABLED", "context": "east_west", "_last_modified_user": "system", "_last_modified_time": 1498698220680, "_create_time": 1552676569142, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 }, { "resource_type": "ServiceInsertionStatus", "id": "1111495c-ffe8-4d44-8ea7-371f9fe21111", "display_name": "1111495c-ffe8-4d44-8ea7-371f9fe21111", "global_status": "ENABLED", "context": "north_south", "_last_modified_user": "admin", "_last_modified_time": 1498698220685, "_create_time": 1552676569142, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: service_insertion Description:
Fetches service insertion status for all supported context types. Supported context types are 'east_west' and 'north_south'.
Additional Errors:

Update global ServiceInsertion status for a context

Request:
Method:
PUT
URI Path:
/api/v1/serviceinsertion/status/<context-type>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceInsertionStatus+

Example Request: PUT https://<nsx-mgr>/api/v1/serviceinsertion/status/north_south { "id": "5863495c-ffe8-4d44-8ea7-371f9fe2d97f", "display_name": "Service Insertion Enable/Disable Status", "global_status": "DISABLED", "context": "north_south", "_create_user": "system", "_create_time": 1498679696805, "_last_modified_user": "system", "_last_modified_time": 1498679696805, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionStatus+

Example Response: { "resource_type": "ServiceInsertionStatus", "display_name": "Service Insertion Enable/Disable Status", "id": "5863495c-ffe8-4d44-8ea7-371f9fe2d97f", "global_status": "DISABLED", "_create_time": 1498679696805, "context": "north_south", "_last_modified_user": "admin", "_system_owned": false, "_last_modified_time": 1498698220680, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: service_insertion Description:
Update global serviceinsertion status for supported context types e.g. 'north_south'
Additional Errors:

Get ServiceInsertion global status for a context

Request:
Method:
GET
URI Path:
/api/v1/serviceinsertion/status/<context-type>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/serviceinsertion/status/east_west Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionStatus+

Example Response: { "resource_type": "ServiceInsertionStatus", "id": "abcd495c-ffe8-4d44-8ea7-371f9fe2abcd", "display_name": "abcd495c-ffe8-4d44-8ea7-371f9fe2abcd", "global_status": "ENABLED", "context": "east_west", "_create_user": "system", "_create_time": 1498679696805, "_last_modified_user": "system", "_last_modified_time": 1498679696805, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: service_insertion Description:
Fetches service insertion global status for supported contexts types e.g. 'east_west'
Additional Errors:

Management Plane API: Telemetry Configuration

Associated URIs:

Returns telemetry agreement information

Returns telemetry agreement information. Request:
Method:
GET
URI Path:
/api/v1/telemetry/agreement
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/telemetry/agreement Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TelemetryAgreement+

Example Response: { "_revision": 4, "id": "TelemetryAgreementIdentifier", "display_name": "TelemetryAgreementIdentifier", "resource_type": "TelemetryAgreement", "_last_modified_user": "admin", "_last_modified_time": 1414620218840, "_create_time": 1414620218840, "_create_user": "admin", "telemetry_agreement_displayed": false } Required Permissions: read Feature: system_telemetry Additional Errors:

Set telemetry agreement information

Set telemetry agreement information. Request:
Method:
PUT
URI Path:
/api/v1/telemetry/agreement
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TelemetryAgreement+

Example Request: PUT https://<nsx-mgr>/api/v1/telemetry/agreement { "_revision": 4, "id": "TelemetryAgreementIdentifier", "resource_type": "TelemetryAgreement", "telemetry_agreement_displayed": true } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TelemetryAgreement+

Example Response: { "_revision": 5, "id": "TelemetryAgreementIdentifier", "display_name": "TelemetryAgreementIdentifier", "resource_type": "TelemetryAgreement", "_last_modified_user": "admin", "_last_modified_time": 1414620219999, "_create_time": 1414620218840, "_create_user": "admin", "telemetry_agreement_displayed": true } Required Permissions: crud Feature: system_telemetry Additional Errors:

Returns the telemetry configuration

Returns the telemetry configuration. Request:
Method:
GET
URI Path:
/api/v1/telemetry/config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/telemetry/config Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TelemetryConfig+

Example Response: { "ceip_acceptance" : true, "schedule_enabled" : true, "telemetry_schedule": { "frequency_type": "WeeklyTelemetrySchedule", "day_of_week": "MONDAY", "hour_of_day": 22 }, "proxy_enabled" : true, "telemetry_proxy": { "scheme": "HTTP", "hostname": "proxy.eng.vmware.com", "port": 8080, "username": "nsx_user" } } Required Permissions: read Feature: system_telemetry Additional Errors:

Creates or updates the telemetry configuration

Updates or creates the telemetry configuration, and returns the new configuration.
Request:
Method:
PUT
URI Path:
/api/v1/telemetry/config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TelemetryConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/telemetry/config { "ceip_acceptance" : true, "schedule_enabled": true, "proxy_enabled": true, "telemetry_schedule": { "frequency_type": "DailyTelemetrySchedule", "hour_of_day": 10 }, "telemetry_proxy": { "scheme": "HTTP", "hostname": "proxy.eng.vmware.com", "port": 8080, "username": "nsx_user", "password": "password123" } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TelemetryConfig+

Example Response: { "ceip_acceptance" : true, "schedule_enabled": true, "proxy_enabled": true, "telemetry_schedule": { "frequency_type": "DailyTelemetrySchedule", "hour_of_day": 10 }, "telemetry_proxy": { "scheme": "HTTP", "hostname": "proxy.eng.vmware.com", "port": 8080, "username": "nsx_user", "password": "password123" } } Required Permissions: crud Feature: system_telemetry Additional Errors:

Management Plane API: Troubleshooting And Monitoring

Management Plane API: Troubleshooting And Monitoring: Healthcheck

Associated URIs:

List manual health checks

Query manual health checks with list parameters.
Request:
Method:
GET
URI Path:
/api/v1/manual-health-checks
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/manual-health-checks Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ManualHealthCheckListResult+

Example Response: { "sort_ascending" : true, "sort_by": "resource_type", "result_count": 2, "results": [ { "resource_type": "ManualHealthCheck", "id": "516ea614-6692-4dcb-9fa7-8304f9765a7f", "display_name": "health check 001", "operation_status": "IN PROGRESS", "transport_zone_id": "7f5e6a44-696d-401d-936a-d7138476acd3", "vlans":{ "vlan_ranges":[{ "start": 1, "end": 2 },{ "start": 4, "end": 5 }] }, "_protection" : "NOT_PROTECTED", "_create_user" : "admin", "_create_time" : 1507687895605, "_last_modified_user" : "admin", "_last_modified_time" : 1507705866588, "_system_owned" : false, "_revision" : 1 }, { "resource_type": "ManualHealthCheck", "id": "7e5d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "Manual Health Check 002", "operation_status": "IN PROGRESS", "transport_zone_id": "7f5e6a44-696d-401d-936a-d7138476acd3", "vlans":{ "vlan_ranges":[{ "start": 1, "end": 5 },{ "start": 11, "end": 11 }] }, "_protection": "NOT_PROTECTED", "_create_user": "admin", "_create_time": 1507687895605, "_last_modified_user": "admin", "_last_modified_time": 1507705866588, "_system_owned": false, "_revision": 0 } ] } Required Permissions: read Feature: tools_health_check Additional Errors:

Create a new manual health check request

Create a new manual health check request with essential properties. It's
disallowed to create new one until the count of in-progress manual health
check is less than 50. A manual health check will be deleted automatically
after finished for 24 hours.
Request:
Method:
POST
URI Path:
/api/v1/manual-health-checks
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ManualHealthCheck+

Example Request: POST https://<nsx-mgr>/api/v1/manual-health-checks { "resource_type": "ManualHealthCheck", "display_name": "Manual HealthCheck 002", "transport_zone_id": "7f5e6a44-696d-401d-936a-d7138476acd3", "vlans":{ "vlan_ranges":[{ "start": 1, "end": 5 },{ "start": 11, "end": 11 }] }, } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ManualHealthCheck+

Example Response: { "id": "2d5d3a9a-5bc7-4ad1-2f0a-a9836575d204", "resource_type": "ManualHealthCheck", "display_name": "Manual HealthCheck 002", "operation_status": "IN PROGRESS", "transport_zone_id": "7f5e6a44-696d-401d-936a-d7138476acd3", "vlans":{ "vlan_ranges":[{ "start": 1, "end": 5 },{ "start": 11, "end": 11 }] }, "_protection" : "NOT_PROTECTED", "_create_user" : "admin", "_create_time" : 1507687895605, "_last_modified_user" : "admin", "_last_modified_time" : 1507705866588, "_system_owned" : false, "_revision" : 0 } Required Permissions: crud Feature: tools_health_check Additional Errors:

Delete an existing manual health check

Delete an existing manual health check by ID. Request:
Method:
DELETE
URI Path:
/api/v1/manual-health-checks/<manual-health-check-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/manual-health-checks/ 7e5d3a8c-8aa8-4df6-9a0f-b0456575b233 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: tools_health_check Additional Errors:

Get an existing manual health check

Get an existing manual health check by health check ID. Request:
Method:
GET
URI Path:
/api/v1/manual-health-checks/<manual-health-check-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/manual-health-checks/ 7e5d3a8c-8aa8-4df6-9a0f-b0456575b233 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ManualHealthCheck+

Example Response: { "resource_type": "ManualHealthCheck", "id": "7e5d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "Manual Health Check 002", "operation_status": "IN PROGRESS", "transport_zone_id": "7f5e6a44-696d-401d-936a-d7138476acd3", "vlans":{ "vlan_ranges":[{ "start": 1, "end": 5 },{ "start": 11, "end": 11 }] }, "_protection" : "NOT_PROTECTED", "_create_user" : "admin", "_create_time" : 1507687895605, "_last_modified_user" : "admin", "_last_modified_time" : 1507705866588, "_system_owned" : false, "_revision" : 0 } Required Permissions: read Feature: tools_health_check Additional Errors:

Management Plane API: Troubleshooting And Monitoring: IPFIX

Associated URIs:

Get the list of IPFIX observation points (Deprecated)

Deprecated - Please use /ipfix-profiles for switch IPFIX profile and
/ipfix-collector-profiles for IPFIX collector profile.
Request:
Method:
GET
URI Path:
/api/v1/ipfix-obs-points
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ipfix-obs-points Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpfixObsPointsListResult+

Example Response: { "result_count": 0, "results": [] } Required Permissions: read Feature: ipfix_profiles Additional Errors:

Read global switch IPFIX export configuration (Deprecated)

Deprecated - Please use /ipfix-profiles/ for switch IPFIX
profile and /ipfix-collector-profiles/ for IPFIX
collector profile.
Request:
Method:
GET
URI Path:
/api/v1/ipfix-obs-points/switch-global
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ipfix-obs-points/switch-global Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpfixObsPointConfig+

Example Response: { "resource_type": "IpfixObsPointConfig", "id": "4e5d3a8c-5be8-4df6-9a0f-b0458715b036", "display_name": "4e5d3a8c-5be8-4df6-9a0f-b0458715b036", "packet_sample_probability": 0.1, "observation_domain_id": 0, "active_timeout": 300, "collectors": [ { "collector_port": 4739, "collector_ip_address": "10.0.0.189" } ], "max_flows": 16384, "idle_timeout": 300, "enabled": false, "_last_modified_user": "admin", "_last_modified_time": 1463555176314, "_revision": 2 } Required Permissions: read Feature: ipfix_profiles Additional Errors:

Update global switch IPFIX export configuration (Deprecated)

Deprecated - Please use /ipfix-profiles/ for switch IPFIX
profile and /ipfix-collector-profiles/ for IPFIX
collector profile.
Request:
Method:
PUT
URI Path:
/api/v1/ipfix-obs-points/switch-global
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpfixObsPointConfig+

Example Request: PUT https://<nsx-mgr>/api/v1/ipfix-obs-points/switch-global { "resource_type": "IpfixObsPointConfig", "id": "4e5d3a8c-5be8-4df6-9a0f-b0458715b036", "display_name": "4e5d3a8c-5be8-4df6-9a0f-b0458715b036", "packet_sample_probability": 0.1, "observation_domain_id": 0, "active_timeout": 300, "collectors": [ { "collector_port": 4739, "collector_ip_address": "10.0.0.189" } ], "max_flows": 16384, "idle_timeout": 300, "enabled": false "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpfixObsPointConfig+

Example Response: { "resource_type": "IpfixObsPointConfig", "id": "4e5d3a8c-5be8-4df6-9a0f-b0458715b036", "display_name": "4e5d3a8c-5be8-4df6-9a0f-b0458715b036", "packet_sample_probability": 0.1, "observation_domain_id": 0, "active_timeout": 300, "collectors": [ { "collector_port": 4739, "collector_ip_address": "10.0.0.189" } ], "max_flows": 16384, "idle_timeout": 300, "enabled": false, "_last_modified_user": "admin", "_last_modified_time": 1463555176314, "_revision": 2 } Required Permissions: crud Feature: ipfix_profiles Additional Errors:

Management Plane API: Troubleshooting And Monitoring: Packet Capture

Associated URIs:

Create an new packet capture session

Create an new packet capture session on given node with specified options
Request:
Method:
POST
URI Path:
/api/v1/pktcap/session
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PacketCaptureRequest+

Example Request: POST https://<nsx-mgr>/api/v1/pktcap/session { "node": "094f370c-d336-11e7-9776-3ba7f30fcb1f", "cappoint": "LOGICALPORT", "capvalue": "502ca1f1-3958-7d8e-ffc1-48d99fa80192.001", "direction": "input", "capmode": "standalone", "options": { "values":[ {"name":"IPPROTO", "value":"0x01"} ] } } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PacketCaptureSession+

Example Response: { "request": { "node": "094f370c-d336-11e7-9776-3ba7f30fcb1f", "cappoint": "vnic", "capvlue": "502ca1f1-3958-7d8e-ffc1-48d99fa80192.001", "direction": "input", "capmode": "standalone", "options": { "values":[ {"name":"IPPROTO", "value":"0x01"} ] } }, "sessionid": "a257b981-1a1c-4b95-b16c-8646e85ce8f0", "sessionstatus": "started", "starttime": 1457048893748 } Required Permissions: crud Feature: tools_packet_capture Additional Errors:

Get the status of packet capture session

Get the packet capture status information by session id.
Request:
Method:
GET
URI Path:
/api/v1/pktcap/session/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pktcap/session/a257b981-1a1c-4b95-b16c-8646e85ce8f0 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PacketCaptureSession+

Example Response: { "request": { "node": "094f370c-d336-11e7-9776-3ba7f30fcb1f", "cappoint": "LOGICALPORT", "capvlue": "502ca1f1-3958-7d8e-ffc1-48d99fa80192.001", "direction": "input", "capmode": "standalone", "options": { "values":[ {"name":"IPPROTO", "value":"0x01"} ] } }, "sessionid": "a257b981-1a1c-4b95-b16c-8646e85ce8f0", "sessionstatus": "started", "starttime": 1457048893748 } Required Permissions: read Feature: tools_packet_capture Additional Errors:

Delete the packet capture session by session id.

Before calling this method, terminate any running capture session.
Request:
Method:
POST
URI Path:
/api/v1/pktcap/session/<session-id>?action=delete
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: PUT https://<nsx-mgr>/api/v1/pktcap/session/a257b981-1a1c-4b95-b16c-8646e85ce8f0 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PacketCaptureSession+

Example Response: { "request": { "node": "094f370c-d336-11e7-9776-3ba7f30fcb1f", "cappoint": "LOGICALPORT", "capvlue": "502ca1f1-3958-7d8e-ffc1-48d99fa80192.001", "direction": "input", "capmode": "standalone", "options": { "values":[ {"name":"IPPROTO", "value":"0x01"} ] } }, "sessionid": "a257b981-1a1c-4b95-b16c-8646e85ce8f0", "sessionstatus": "deleted", "starttime": 1457048893748, "endtime": 1457048893798, } Required Permissions: crud Feature: tools_packet_capture Additional Errors:

Restart the packet capture session

Restart the packet capture session
Request:
Method:
POST
URI Path:
/api/v1/pktcap/session/<session-id>?action=restart
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: PUT https://<nsx-mgr>/api/v1/pktcap/session/a257b981-1a1c-4b95-b16c-8646e85ce8f0?action=restart Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PacketCaptureSession+

Example Response: { "request": { "node": "094f370c-d336-11e7-9776-3ba7f30fcb1f", "cappoint": "LOGICALPORT", "capvlue": "502ca1f1-3958-7d8e-ffc1-48d99fa80192.001", "direction": "input", "capmode": "standalone", "options": { "values":[ {"name":"IPPROTO", "value":"0x01"} ] } }, "sessionid": "a257b981-1a1c-4b95-b16c-8646e85ce8f0", "sessionstatus": "started", "starttime": 1457048893748 } Required Permissions: read Feature: tools_packet_capture Additional Errors:

Terminate the packet capture session by session id

Terminate the packet capture session by session id.
Request:
Method:
POST
URI Path:
/api/v1/pktcap/session/<session-id>?action=terminate
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: PUT https://<nsx-mgr>/api/v1/pktcap/session/a257b981-1a1c-4b95-b16c-8646e85ce8f0?action=terminate Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PacketCaptureSession+

Example Response: { "request": { "node": "094f370c-d336-11e7-9776-3ba7f30fcb1f", "cappoint": "LOGICALPORT", "capvlue": "502ca1f1-3958-7d8e-ffc1-48d99fa80192.001", "direction": "input", "capmode": "standalone", "options": { "values":[ {"name":"IPPROTO", "value":"0x01"} ] } }, "sessionid": "a257b981-1a1c-4b95-b16c-8646e85ce8f0", "sessionstatus": "stopped", "starttime": 1457048893748, "endtime": 1457048893790, } Required Permissions: crud Feature: tools_packet_capture Additional Errors:

Get the information of all packet capture sessions

Get the information of all packet capture sessions.
Request:
Method:
GET
URI Path:
/api/v1/pktcap/sessions
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/pktcap/sessions Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PacketCaptureSessionList+

Example Response: { "result_count":2, "results": [ { "request": { "node": "094f370c-d336-11e7-9776-3ba7f30fcb1f", "cappoint": "LOGICALPORT", "capvlue": "502ca1f1-3958-7d8e-ffc1-48d99fa80192.001", "direction": "input", "capmode": "standalone", "options": { "values":[ {"name":"IPPROTO", "value":"0x01"} ] } }, "sessionid": "a257b981-1a1c-4b95-b16c-8646e85ce8f0", "sessionstatus": "deleted", "starttime": 1457048893748, "endtime": 1457048893799, }, { "request": { "hostid": "5568970c-d336-11e7-9776-3ba7f30fcb1f", "cappoint": "LOGICALPORT", "capvlue": "ei98a1f1-3958-988e-eev3-48d99fa80192.002", "direction": "output", "capmode": "standalone", "options": { "values":[ {"name":"IPPROTO", "value":"0x01"} ] } }, "sessionid": "bba7b981-1a1c-4b95-b16c-8646e33ce8f0", "sessionstatus": "started", "starttime": 1457049714901, } ] } Required Permissions: read Feature: tools_packet_capture Additional Errors:

Delete all the packet capture sessions

Delete all the packet capture sessions.
Request:
Method:
POST
URI Path:
/api/v1/pktcap/sessions?action=delete
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/pktcap/sessions?action=delete Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PacketCaptureSessionList+

Example Response: { "result":"success", "msg": [ { "request": { "node": "094f370c-d336-11e7-9776-3ba7f30fcb1f", "cappoint": "LOGICALPORT", "capvlue": "502ca1f1-3958-7d8e-ffc1-48d99fa80192.001", "direction": "input", "capmode": "standalone", "options": { "values":[ {"name":"IPPROTO", "value":"0x01"} ] } }, "sessionid": "a257b981-1a1c-4b95-b16c-8646e85ce8f0", "sessionstatus": "deleted", "starttime": 1457048893748, "endtime": 1457048893799, }, { "request": { "node": "4489670c-d336-11e7-9776-3ba7f30fcb1f", "cappoint": "LOGICALPORT", "capvlue": "ei98a1f1-3958-988e-eev3-48d99fa80192.002", "direction": "output", "capmode": "standalone", "options": { "values":[ {"name":"IPPROTO", "value":"0x01"} ] } }, "sessionid": "bba7b981-1a1c-4b95-b16c-8646e33ce8f0", "sessionstatus": "started", "starttime": 1457048893987, } ] } Required Permissions: crud Feature: tools_packet_capture Additional Errors:

Management Plane API: Troubleshooting And Monitoring: Port Connection

Associated URIs:

Get networking entities between two logical ports with VIF attachment

Request:
Method:
GET
URI Path:
/api/v1/logical-ports/<lport-id>/forwarding-path
Request Headers:
n/a
Query Parameters:
PortConnectionRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/logical-ports/3d57aeb9-0bd0-4940-9087-02b227d4401b/forwarding-path?peer_port_id=40dd5385-201f-4fc7-8329-c82a10439da0 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortConnectionEntities+

Example Response: { "logical_switches":[ { "id":"b59d2745-d01b-4457-8f2e-d7b098918081", "resource":{ "resource_type":"LogicalSwitch", "tags":[ ], "id":"b59d2745-d01b-4457-8f2e-d7b098918081", "display_name":"sw2-topo2", "description":"", "resource_type":"LogicalSwitch", "transport_zone_id":"2d8ff7f9-1c04-41ab-995d-1d21ec160581", "replication_mode":"MTEP", "admin_state":"UP", "vni":64392, "switching_profile_ids":[ { "value":"64814784-7896-3901-9741-badeff705639", "key":"IpDiscoverySwitchingProfile" }, { "value":"93b4b7e8-f116-415d-a50c-3364611b5d09", "key":"PortMirroringSwitchingProfile" }, { "value":"f313290b-eba8-4262-bd93-fab5026e9495", "key":"QosSwitchingProfile" } ], "_last_modified_user":"admin", "_last_modified_time":1428592659083, "_create_time":1428592659083, "_create_user":"admin", "_revision":0, "_schema":"/v1/schema/LogicalSwitch" }, "vm_ports":[ { "tags":[ ], "id":"3d57aeb9-0bd0-4940-9087-02b227d4401b", "display_name":"port-sw2-topo2", "description":"", "resource_type":"LogicalPort", "logical_switch_id":"b59d2745-d01b-4457-8f2e-d7b098918081", "admin_state":"UP", "attachment":{ "id":"41c585fd-e2c4-42e7-a2c8-cd3ae52fe971", "attachment_type":"VIF" }, "switching_profile_ids":[ { "value":"64814784-7896-3901-9741-badeff705639", "key":"IpDiscoverySwitchingProfile" }, { "value":"93b4b7e8-f116-415d-a50c-3364611b5d09", "key":"PortMirroringSwitchingProfile" }, { "value":"f313290b-eba8-4262-bd93-fab5026e9495", "key":"QosSwitchingProfile" } ], "_last_modified_user":"admin", "_last_modified_time":1428647140837, "_create_time":1428647140837, "_create_user":"admin", "_revision":0 } ], "router_ports":[ { "id":"dda02061-9248-4fc2-9c29-f2c3bb7f9a4c", "display_name":"SwitchPort_p2-t1-topo2", "description":"Switch port created for logical router port.", "resource_type":"LogicalPort", "logical_switch_id":"b59d2745-d01b-4457-8f2e-d7b098918081", "admin_state":"UP", "attachment":{ "id":"c11208c2-c384-46b0-9cac-1e8f37016575", "attachment_type":"LOGICALROUTER" }, "switching_profile_ids":[ { "value":"64814784-7896-3901-9741-badeff705639", "key":"IpDiscoverySwitchingProfile" }, { "value":"93b4b7e8-f116-415d-a50c-3364611b5d09", "key":"PortMirroringSwitchingProfile" }, { "value":"f313290b-eba8-4262-bd93-fab5026e9495", "key":"QosSwitchingProfile" } ], "_last_modified_user":"system", "_last_modified_time":1428646868158, "_create_time":1428646867242, "_create_user":"admin", "_revision":1 } ], "vm_vnics":[ { "id":"564d5bed-bcb9-54bc-2896-7f7955c03e30-4001", "resource_type":"VirtualNetworkInterface", "mac_address":"00:0c:29:c0:3e:3a", "device_key":"4001", "external_id":"564d5bed-bcb9-54bc-2896-7f7955c03e30-4001", "device_name":"Network adapter 2", "lport_attachment_id":"41c585fd-e2c4-42e7-a2c8-cd3ae52fe971", "owner_vm_id":"b93fc7e9-092e-4a44-a6a6-34515ec7a127" } ] }, { "id":"5af2abf1-7451-4035-8c14-9220ddf64009", "resource":{ "resource_type":"LogicalSwitch", "tags":[ ], "id":"5af2abf1-7451-4035-8c14-9220ddf64009", "display_name":"sw1-topo2", "description":"", "resource_type":"LogicalSwitch", "transport_zone_id":"2d8ff7f9-1c04-41ab-995d-1d21ec160581", "replication_mode":"MTEP", "admin_state":"UP", "vni":17288, "switching_profile_ids":[ { "value":"64814784-7896-3901-9741-badeff705639", "key":"IpDiscoverySwitchingProfile" }, { "value":"93b4b7e8-f116-415d-a50c-3364611b5d09", "key":"PortMirroringSwitchingProfile" }, { "value":"f313290b-eba8-4262-bd93-fab5026e9495", "key":"QosSwitchingProfile" } ], "_last_modified_user":"admin", "_last_modified_time":1428592648858, "_create_time":1428592648858, "_create_user":"admin", "_revision":0, "_schema":"/v1/schema/LogicalSwitch" }, "vm_ports":[ { "tags":[ ], "id":"40dd5385-201f-4fc7-8329-c82a10439da0", "display_name":"port-sw1-topo2", "description":"", "resource_type":"LogicalPort", "logical_switch_id":"5af2abf1-7451-4035-8c14-9220ddf64009", "admin_state":"UP", "attachment":{ "id":"5e784f5f-8cc7-487f-b306-a2ccb4fb4703", "attachment_type":"VIF" }, "switching_profile_ids":[ { "value":"64814784-7896-3901-9741-badeff705639", "key":"IpDiscoverySwitchingProfile" }, { "value":"93b4b7e8-f116-415d-a50c-3364611b5d09", "key":"PortMirroringSwitchingProfile" }, { "value":"f313290b-eba8-4262-bd93-fab5026e9495", "key":"QosSwitchingProfile" } ], "_last_modified_user":"admin", "_last_modified_time":1428647191961, "_create_time":1428647114937, "_create_user":"admin", "_revision":1 } ], "router_ports":[ { "id":"c70feda2-b1f1-4967-9443-621056c675fa", "display_name":"SwitchPort_p1-t1-topo2", "description":"Switch port created for logical router port.", "resource_type":"LogicalPort", "logical_switch_id":"5af2abf1-7451-4035-8c14-9220ddf64009", "admin_state":"UP", "attachment":{ "id":"39fa7d1e-2f51-477b-bfcd-4bf8eb50fbf1", "attachment_type":"LOGICALROUTER" }, "switching_profile_ids":[ { "value":"64814784-7896-3901-9741-badeff705639", "key":"IpDiscoverySwitchingProfile" }, { "value":"93b4b7e8-f116-415d-a50c-3364611b5d09", "key":"PortMirroringSwitchingProfile" }, { "value":"f313290b-eba8-4262-bd93-fab5026e9495", "key":"QosSwitchingProfile" } ], "_last_modified_user":"system", "_last_modified_time":1428647023195, "_create_time":1428647020639, "_create_user":"admin", "_revision":1 } ], "vm_vnics":[ { "id":"564d55c8-bc14-fb09-b00c-00f05669610f-4001", "resource_type":"VirtualNetworkInterface", "mac_address":"00:0c:29:69:61:19", "device_key":"4001", "external_id":"564d55c8-bc14-fb09-b00c-00f05669610f-4001", "device_name":"Network adapter 2", "lport_attachment_id":"5e784f5f-8cc7-487f-b306-a2ccb4fb4703", "owner_vm_id":"6dfa0964-2aa6-47b8-85cd-5a5debd0492e" } ] } ], "hypervisors":[ { "id":"f87ae89c-de7e-11e4-b13f-711bec13050a", "resource":{ "resource_type":"TransportNode", "id":"bf73b615-b50f-42cf-b417-9b721395dd34", "display_name":"bf73b615-b50f-42cf-b417-9b721395dd34", "resource_type":"TransportNode", "host_switches":[ { "pnics":[ { "device_name":"vmnic1", "uplink_name":"uplink1" } ], "host_switch_profile_ids":[ { "value":"c103027b-d605-43cc-9abc-ec719e9bd9c0", "key":"UplinkHostSwitchProfile" } ], "host_switch_name":"nsxvswitch" } ], "transport_zone_endpoints":[ { "transport_zone_id":"2d8ff7f9-1c04-41ab-995d-1d21ec160581" } ], "node_id":"f87ae89c-de7e-11e4-b13f-711bec13050a", "_last_modified_user":"admin", "_last_modified_time":1428559814141, "_create_time":1428559814141, "_create_user":"admin", "_revision":0 } }, { "id":"eb0ac74a-de7e-11e4-a12e-dfd0843ec1da", "resource":{ "resource_type":"TransportNode", "id":"92d47efe-c80a-4f66-8a0f-c7e0684c343f", "display_name":"92d47efe-c80a-4f66-8a0f-c7e0684c343f", "resource_type":"TransportNode", "host_switches":[ { "pnics":[ { "device_name":"vmnic1", "uplink_name":"uplink1" } ], "host_switch_profile_ids":[ { "value":"c103027b-d605-43cc-9abc-ec719e9bd9c0", "key":"UplinkHostSwitchProfile" } ], "host_switch_name":"nsxvswitch" } ], "transport_zone_endpoints":[ { "transport_zone_id":"2d8ff7f9-1c04-41ab-995d-1d21ec160581" } ], "node_id":"eb0ac74a-de7e-11e4-a12e-dfd0843ec1da", "_last_modified_user":"admin", "_last_modified_time":1428559798859, "_create_time":1428559798859, "_create_user":"admin", "_revision":0 } } ], "vms":[ { "id":"b93fc7e9-092e-4a44-a6a6-34515ec7a127", "display_name":"2-vm_RHEL63_srv_64-local-448-1993928d-33f9-419d-83ff-763b90017896", "resource_type":"VirtualMachine", "external_id":"564d5bed-bcb9-54bc-2896-7f7955c03e30564d5bed-bcb9-54bc-2896-7f7955c03e30", "host_id":"f87ae89c-de7e-11e4-b13f-711bec13050a", "compute_ids":[ "instanceUuid:1993928d-33f9-419d-83ff-763b90017896", "biosUuid:564d5bed-bcb9-54bc-2896-7f7955c03e30", "moIdOnHost:1" ], "type":"REGULAR" }, { "id":"6dfa0964-2aa6-47b8-85cd-5a5debd0492e", "display_name":"1-vm_RHEL63_srv_64-local-448-fe77dd6b-bc33-4f81-88f9-01cec60205e7", "resource_type":"VirtualMachine", "external_id":"564d55c8-bc14-fb09-b00c-00f05669610f564d55c8-bc14-fb09-b00c-00f05669610f", "host_id":"eb0ac74a-de7e-11e4-a12e-dfd0843ec1da", "compute_ids":[ "instanceUuid:fe77dd6b-bc33-4f81-88f9-01cec60205e7", "biosUuid:564d55c8-bc14-fb09-b00c-00f05669610f", "moIdOnHost:1" ], "type":"REGULAR" } ], "routers":[ { "id":"f98fe386-6015-47cd-85da-de6b816ca37e", "resource":{ "resource_type":"LogicalRouter", "id":"f98fe386-6015-47cd-85da-de6b816ca37e", "display_name":"t1-topo2", "resource_type":"LogicalRouter", "router_type":"TIER1", "_last_modified_user":"admin", "_last_modified_time":1428646876929, "_create_time":1428646672257, "_create_user":"admin", "_revision":2 }, "downlink_ports":[ { "resource_type":"LogicalRouterDownLinkPort", "id":"c11208c2-c384-46b0-9cac-1e8f37016575", "display_name":"p2-t1-topo2", "mac_address":"02:50:56:56:44:52", "logical_router_id":"f98fe386-6015-47cd-85da-de6b816ca37e", "linked_logical_switch_port_id":"dda02061-9248-4fc2-9c29-f2c3bb7f9a4c", "_last_modified_user":"admin", "_last_modified_time":1428646867250, "_create_time":1428646867250, "_create_user":"admin", "_revision":0 }, { "resource_type":"LogicalRouterDownLinkPort", "id":"39fa7d1e-2f51-477b-bfcd-4bf8eb50fbf1", "display_name":"p1-t1-topo2", "mac_address":"02:50:56:56:44:52", "logical_router_id":"f98fe386-6015-47cd-85da-de6b816ca37e", "linked_logical_switch_port_id":"c70feda2-b1f1-4967-9443-621056c675fa", "_last_modified_user":"admin", "_last_modified_time":1428647020649, "_create_time":1428646837970, "_create_user":"admin", "_revision":1 } ] } ], "containers" : { "logical_ports" : [ { "resource_type" : "LogicalPort", "description" : "", "id" : "2c34040d-37eb-43c2-a387-9b7fe34104ca", "display_name" : "CIF_PARENT_LP", "tags" : [ ], "attachment" : { "attachment_type" : "VIF", "id" : "7d828b7a-f430-411e-af8f-a4c01bac0b59" }, "admin_state" : "UP", "logical_switch_id" : "0edc9a57-a825-4770-a861-1f21c07a8bbd", "address_bindings" : [ ], "switching_profile_ids" : [ { "value" : "fbc4fb17-83d9-4b53-a286-ccdf04301888", "key" : "SwitchSecuritySwitchingProfile" }, { "value" : "fad98876-d7ff-11e4-b9d6-1681e6b88ec1", "key" : "SpoofGuardSwitchingProfile" }, { "value" : "64814784-7896-3901-9741-badeff705639", "key" : "IpDiscoverySwitchingProfile" }, { "value" : "1e7101c8-cfef-415a-9c8c-ce3d8dd078fb", "key" : "MacManagementSwitchingProfile" }, { "value" : "93b4b7e8-f116-415d-a50c-3364611b5d09", "key" : "PortMirroringSwitchingProfile" }, { "value" : "f313290b-eba8-4262-bd93-fab5026e9495", "key" : "QosSwitchingProfile" } ], "_create_time" : 1486506956171, "_last_modified_user" : "admin", "_system_owned" : false, "_last_modified_time" : 1486506956171, "_create_user" : "admin", "_revision" : 0 } ] } } Required Permissions: execute Feature: tools_port_connection Additional Errors:

Management Plane API: Troubleshooting And Monitoring: Port Mirroring

Associated URIs:

Create a mirror session

Request:
Method:
POST
URI Path:
/api/v1/mirror-sessions
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortMirroringSession+

Example Request: POST https://<nsx-mgr>/api/v1/mirror-sessions { "display_name":"port-mirror-session-1", "description":"Test pnic port mirror session 1", "direction":"BIDIRECTIONAL", "mirror_sources":[ { "resource_type":"PnicMirrorSource", "source_pnics":["eth1"], "node_id":"6a361832-43e4-430d-a48a-b84a6cba73c3", "encapsulated":"true" } ], "mirror_destination":{ "resource_type":"LogicalPortMirrorDestination", "port_ids":["3e4e8b2d-3047-4550-b230-dd1ee0e10b34"] }, "port_mirroring_filters": [ { "src_ips": { "ip_addresses" : ["192.168.1.1-192.168.1.20"] }, "dst_ips": {"ip_addresses": ["192.168.2.1/24"]}, "ip_protocol": "TCP", "src_ports" : 80, "dst_ports" : "80-100", "filter_action": "MIRROR" } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
PortMirroringSession+

Example Response: { "id": "e57e8b2d-3047-4550-b230-dd1ee0e10b49", "display_name": "port-mirror-session-1", "description": "Test pnic port mirror session 1", "resource_type": "PortMirroringSession", "direction": "BIDIRECTIONAL", "mirror_sources": [ { "resource_type": "PnicMirrorSource", "source_pnics": ["eth1"], "node_id": "6a361832-43e4-430d-a48a-b84a6cba73c3", "encapsulated": "true" } ], "mirror_destination": { "resource_type": "LogicalPortMirrorDestination", "port_ids": ["3e4e8b2d-3047-4550-b230-dd1ee0e10b34"] }, "port_mirroring_filters": [ { "src_ips": { "ip_addresses": [ "192.168.1.2/31", "192.168.1.8/29", "192.168.1.4/30", "192.168.1.16/30", "192.168.1.20/32", "192.168.1.1/32" ] }, "src_ports": "80", "filter_action": "MIRROR", "dst_ports": "80-100", "dst_ips": { "ip_addresses": [ "192.168.2.1/24" ] }, "ip_protocol": "TCP" } ], "_last_modified_user": "system", "_last_modified_time": 1435282426932, "_create_time": 1435282426867, "_system_owned": false, "_create_user": "system", "_revision": 0 } Required Permissions: crud Feature: tools_port_mirroring Additional Errors:

List all mirror sessions

Request:
Method:
GET
URI Path:
/api/v1/mirror-sessions
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/mirror-sessions Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortMirroringSessionListResult+

Example Response: { "cursor": "00369467676a-aeae-46f7-90f1-c771e02d16699467676a-aeae-46f7-90f1-c771e02d1669", "result_count": 1, "results": [ { "id": "e57e8b2d-3047-4550-b230-dd1ee0e10b49", "display_name": "port-mirror-session-1", "description": "Test pnic port mirror session 1", "resource_type": "PortMirroringSession", "direction": "BIDIRECTIONAL", "mirror_sources": [ { "resource_type": "PnicMirrorSource", "source_pnics": ["eth1"], "node_id": "6a361832-43e4-430d-a48a-b84a6cba73c3", "encapsulated": "true" } ], "mirror_destination": { "resource_type": "LogicalPortMirrorDestination", "port_ids": ["3e4e8b2d-3047-4550-b230-dd1ee0e10b34"] }, "port_mirroring_filters": [ { "src_ips": { "ip_addresses": [ "192.168.1.2/31", "192.168.1.8/29", "192.168.1.4/30", "192.168.1.16/30", "192.168.1.20/32", "192.168.1.1/32" ] }, "src_ports": "80", "filter_action": "MIRROR", "dst_ports": "80-100", "dst_ips": { "ip_addresses": [ "192.168.2.1/24" ] }, "ip_protocol": "TCP" } ], "_last_modified_user": "system", "_last_modified_time": 1435282426932, "_create_time": 1435282426867, "_system_owned": false, "_create_user": "system", "_revision": 0 } ] } Required Permissions: read Feature: tools_port_mirroring Additional Errors:

Update the mirror session

Request:
Method:
PUT
URI Path:
/api/v1/mirror-sessions/<mirror-session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortMirroringSession+

Example Request: PUT https://<nsx-mgr>/api/v1/mirror-sessions/e57e8b2d-3047-4550-b230-dd1ee0e10b49 { "id": "e57e8b2d-3047-4550-b230-dd1ee0e10b49", "display_name": "port-mirror-session-2", "description": "Test pnic port mirror session 2", "direction": "BIDIRECTIONAL", "mirror_sources": [ { "resource_type": "PnicMirrorSource", "source_pnics": ["eth2"], "node_id": "6a361832-43e4-430d-a48a-b84a6cba73c3", "encapsulated": "true" } ], "mirror_destination": { "resource_type": "LogicalPortMirrorDestination", "port_ids": ["3e42e8b2d-3047-4550-b230-dd1ee0e10b34"] }, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortMirroringSession+

Example Response: { "id": "e57e8b2d-3047-4550-b230-dd1ee0e10b49", "display_name": "port-mirror-session-2", "description": "Test pnic port mirror session 2", "resource_type": "PortMirroringSession", "direction": "BIDIRECTIONAL", "mirror_sources": [ { "resource_type": "PnicMirrorSource", "source_pnics": ["eth21"], "node_id": "6a361832-43e4-430d-a48a-b84a6cba73c3", "encapsulated": "true" } ], "mirror_destination": { "resource_type": "LogicalPortMirrorDestination", "port_ids": ["3e4e8b2d-3047-4550-b230-dd1ee0e10b34"] }, "_last_modified_user": "system", "_last_modified_time": 1435282426932, "_create_time": 1435282426867, "_system_owned": false, "_create_user": "system", "_revision": 1 } Required Permissions: crud Feature: tools_port_mirroring Additional Errors:

Delete the mirror session

Request:
Method:
DELETE
URI Path:
/api/v1/mirror-sessions/<mirror-session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/mirror-sessions/e57e8b2d-3047-4550-b230-dd1ee0e10b49 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: tools_port_mirroring Additional Errors:

Get the mirror session

Request:
Method:
GET
URI Path:
/api/v1/mirror-sessions/<mirror-session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/mirror-sessions/e57e8b2d-3047-4550-b230-dd1ee0e10b49 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortMirroringSession+

Example Response: { "id": "e57e8b2d-3047-4550-b230-dd1ee0e10b49", "display_name": "port-mirror-session-1", "description": "Test pnic port mirror session 1", "resource_type": "PortMirroringSession", "direction": "BIDIRECTIONAL", "mirror_sources": [ { "resource_type": "PnicMirrorSource", "source_pnics": ["eth1"], "node_id": "6a361832-43e4-430d-a48a-b84a6cba73c3", "encapsulated": "true" } ], "mirror_destination": { "resource_type": "LogicalPortMirrorDestination", "port_ids": ["3e4e8b2d-3047-4550-b230-dd1ee0e10b34"] }, "_last_modified_user": "system", "_last_modified_time": 1435282426932, "_create_time": 1435282426867, "_system_owned": false, "_create_user": "system", "_revision": 0 } Required Permissions: read Feature: tools_port_mirroring Additional Errors:

Verify whether the mirror session is still valid

Verify whether all participants are on the same transport node Request:
Method:
POST
URI Path:
/api/v1/mirror-sessions/<mirror-session-id>?action=verify
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/mirror-sessions/e57e8b2d-3047-4550-b230-dd1ee0e10b49?action=verify Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: read Feature: tools_port_mirroring Additional Errors:

Management Plane API: Troubleshooting And Monitoring: Traceflow

Associated URIs:

List all Traceflow rounds

List all Traceflow rounds; if a logical port id is given as a query parameter,
only those originated from the logical port are returned.
Request:
Method:
GET
URI Path:
/api/v1/traceflows
Request Headers:
n/a
Query Parameters:
TraceflowListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/traceflows Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TraceflowListResult+

Example Response: { "sort_ascending": true, "sort_by": "logical_port_id", "result_count": 2, "results": [ { "lport_id": "65b9eb3d-0daa-42fc-a17d-15671d3f4ed3", "counters": { "forwarded_count": 2, "delivered_count": 1, "received_count": 3, "dropped_count": 0 }, "logical_counters": { "forwarded_count": 4, "delivered_count": 0, "received_count": 6, "dropped_count": 1 }, "operation_state": "FINISHED", "id": "16799efb-d257-490c-a14c-b59735c30aae", "result_overflowed": false, "timeout": 10000 }, { "lport_id": "e115ed0e-ad27-4a48-a172-353faa544daa", "counters": { "forwarded_count": 0, "delivered_count": 0, "received_count": 0, "dropped_count": 0 }, "logical_counters": { "forwarded_count": 0, "delivered_count": 0, "received_count": 0, "dropped_count": 0 }, "operation_state": "FINISHED", "id": "5b48b93a-6d84-474b-aa78-c32b20ba1be4", "result_overflowed": false, "timeout": 10000 } ] } Required Permissions: read Feature: tools_traceflow Additional Errors:

Initiate a Traceflow Operation on the Specified Port

Request:
Method:
POST
URI Path:
/api/v1/traceflows
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TraceflowRequest+

Example Request: POST https://<nsx-mgr>/api/v1/traceflows { "packet": { "routed": "true", "transport_type": "UNICAST", "ip_header": { "src_ip": "192.168.1.10", "dst_ip": "192.168.2.10" }, "eth_header": { "dst_mac": "00:0c:29:de:4c:7b", "src_mac": "00:0c:29:9d:35:78" }, "payload": "test_payload", "resource_type": "FieldsPacketData" }, "timeout": 10000, "lport_id": "81d929ee-bc86-4e55-83d1-8e0451585d71" } { "packet": { "routed": "true", "transport_header": { "tcp_header": { "tcp_flags": "2", "src_port": "8080", "dst_port": "8080" } }, "ip_header": { "src_ip": "192.168.1.10", "dst_ip": "192.168.2.10" }, "eth_header": { "dst_mac": "00:0c:29:de:4c:7b", "src_mac": "00:0c:29:9d:35:78" }, "payload": "YXNkZmRhc2Zhc2Zhc2RmYXNmYXNkZm9pZXdoeWZsbGRrYXNmamFsc2RmanNh", "resource_type": "FieldsPacketData" }, "timeout": 5000, "lport_id": "81d929ee-bc86-4e55-83d1-8e0451585d71" } { "packet": { "routed": "true", "transport_header": { "udp_header": { "src_port": "8080", "dst_port": "8080" } }, "frame_size": "256", "ip_header": { "src_ip": "192.168.1.10", "dst_ip": "192.168.2.10" }, "eth_header": { "dst_mac": "00:0c:29:de:4c:7b", "src_mac": "00:0c:29:9d:35:78" }, "payload": "YXNkZmRhc2Zhc2Zhc2RmYXNmYXNkZm9pZXdoeWZsbGRrYXNmamFsc2RmanNh", "resource_type": "FieldsPacketData" }, "timeout": 8000, "lport_id": "81d929ee-bc86-4e55-83d1-8e0451585d71" } { "packet": { "route": "true", "transport_header": { "dhcp_header": { "op_code": "BOOTREQUEST" } }, "frame_size": "256", "ip_header": { "src_ip": "192.168.1.10", "dst_ip": "192.168.2.10" }, "eth_header": { "dst_mac": "00:0c:29:de:4c:7b", "src_mac": "00:0c:29:9d:35:78" } "payload": "YXNkZmRhc2Zhc2Zhc2RmYXNmYXNkZm9pZXdoeWZsbGRrYXNmamFsc2RmanNh", "resource_type": "FieldsPacketData" }, "timeout": 8000, "lport_id": "81d929ee-bc86-4e55-83d1-8e0451585d71" } { "packet": { "routed": "true", "transport_header": { "icmp_echo_request_header": { "sequence": "1" } }, "frame_size": "256", "ip_header": { "src_ip": "192.168.1.10", "dst_ip": "192.168.2.10" }, "eth_header": { "dst_mac": "00:0c:29:de:4c:7b", "src_mac": "00:0c:29:9d:35:78" }, "payload": "YXNkZmRhc2Zhc2Zhc2RmYXNmYXNkZm9pZXdoeWZsbGRrYXNmamFsc2RmanNh", "resource_type": "FieldsPacketData" }, "timeout": 5000, "lport_id": "81d929ee-bc86-4e55-83d1-8e0451585d71" } { "packet" { "routed": "false", "arp_header" : { "op_code":"ARP_REQUEST", "src_ip":"192.168.1.10", "dst_ip":192.168.1.11" }, "eth_header":{ "dst_mac":"ff:ff:ff:ff:ff:ff", "src_mac":"00:0c:29:9d:35:78", "eth_type":2054 }, "payload":"YXNkZmRhc2Zhc2Zhc2RmYXNmYXNkZm9pZXdoeWZsbGRrYXNmamFsc2RmanNh", "resource_type":"FieldPacketData" }, "timeout":5000, "lport_id":"81d929ee-bc86-4e55-83d1-8e0451585d71" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
Traceflow+

Example Response: { "lport_id" : "81d929ee-bc86-4e55-83d1-8e0451585d71", "counters" : { "forwarded_count" : 0, "delivered_count" : 0, "received_count" : 0, "dropped_count" : 0 }, "logical_counters" : { "forwarded_count" : 0, "delivered_count" : 0, "received_count" : 0, "dropped_count" : 0 }, "operation_state" : "IN_PROGRESS", "id" : "e2839c5f-5759-4673-bb11-8d4df2fbfa96", "result_overflowed" : false, "timeout" : 10000 } { "lport_id" : "81d929ee-bc86-4e55-83d1-8e0451585d71", "counters" : { "forwarded_count" : 0, "delivered_count" : 0, "received_count" : 0, "dropped_count" : 0 }, "logical_counters" : { "forwarded_count" : 0, "delivered_count" : 0, "received_count" : 0, "dropped_count" : 0 }, "operation_state" : "IN_PROGRESS", "id" : "40ba98be-df3d-421b-bdd7-30c1bce8a6ca", "result_overflowed" : false, "timeout" : 5000 } { "lport_id" : "81d929ee-bc86-4e55-83d1-8e0451585d71", "counters" : { "forwarded_count" : 0, "delivered_count" : 0, "received_count" : 0, "dropped_count" : 0 }, "logical_counters" : { "forwarded_count" : 0, "delivered_count" : 0, "received_count" : 0, "dropped_count" : 0 }, "operation_state" : "IN_PROGRESS", "id" : "d77a89a1-670f-43b0-809d-6ef792051f30", "result_overflowed" : false, "timeout" : 8000 } { "lport_id" : "81d929ee-bc86-4e55-83d1-8e0451585d71", "counters" : { "forwarded_count" : 0, "delivered_count" : 0, "received_count" : 0, "dropped_count" : 0 }, "logical_counters" : { "forwarded_count" : 0, "delivered_count" : 0, "received_count" : 0, "dropped_count" : 0 }, "operation_state" : "IN_PROGRESS", "id" : "d77a89a1-670f-43b0-809d-6ef792051f30", "result_overflowed" : false, "timeout" : 8000 } { "lport_id" : "81d929ee-bc86-4e55-83d1-8e0451585d71", "counters" : { "forwarded_count" : 0, "delivered_count" : 0, "received_count" : 0, "dropped_count" : 0 }, "logical_counters" : { "forwarded_count" : 0, "delivered_count" : 0, "received_count" : 0, "dropped_count" : 0 }, "operation_state" : "IN_PROGRESS", "id" : "c812263a-2122-45b4-b816-d6480eee6928", "result_overflowed" : false, "timeout" : 5000 } { "lport_id" : "81d929ee-bc86-4e55-83d1-8e0451585d71", "counters" : { "forwarded_count" : 0, "delivered_count" : 0, "received_count" : 0, "dropped_count" : 0 }, "logical_counters" : { "forwarded_count" : 0, "delivered_count" : 0, "received_count" : 0, "dropped_count" : 0 }, "operation_state" : "IN_PROGRESS", "id" : "c812263a-2122-45b4-b816-d6480eee6928", "result_overflowed" : false, "timeout" : 5000 } Required Permissions: execute Feature: tools_traceflow Additional Errors:

Delete the Traceflow round

Request:
Method:
DELETE
URI Path:
/api/v1/traceflows/<traceflow-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/traceflows/4899e762-d8d4-4445-ab34-85dd80d9d042 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: execute Feature: tools_traceflow Additional Errors:

Get the Traceflow round status and result summary

Request:
Method:
GET
URI Path:
/api/v1/traceflows/<traceflow-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/traceflows/16799efb-d257-490c-a14c-b59735c30aae Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Traceflow+

Example Response: { "lport_id": "65b9eb3d-0daa-42fc-a17d-15671d3f4ed3", "counters": { "forwarded_count": 2, "delivered_count": 1, "received_count": 3, "dropped_count": 0 }, "logical_counters": { "forwarded_count": 4, "delivered_count": 0, "received_count": 6, "dropped_count": 1 }, "operation_state": "FINISHED", "id": "16799efb-d257-490c-a14c-b59735c30aae", "result_overflowed": false, "timeout": 10000 } Required Permissions: read Feature: tools_traceflow Additional Errors:

Get observations for the Traceflow round

Request:
Method:
GET
URI Path:
/api/v1/traceflows/<traceflow-id>/observations
Request Headers:
n/a
Query Parameters:
TraceflowObservationListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1traceflows/4899e762-d8d4-4445-ab34-85dd80d9d042/observations Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TraceflowObservationListResult+

Example Response: { "cursor": "000217", "sort_ascending": true, "sort_by": "timestamp", "result_count": 17, "results": [ { "component_type": "PHYSICAL", "component_name": "Physical", "resource_type": "TraceflowObservationReceived", "transport_node_id": "ed4d2f98-4373-4d67-9706-5ec3af7fcba1", "sequence_no": 5, "transport_node_name": "node-comp-01b", "timestamp": 1458585011051 }, { "component_type": "LS", "component_name": "app-tier-01", "resource_type": "TraceflowObservationForwardedLogical", "transport_node_id": "ed4d2f98-4373-4d67-9706-5ec3af7fcba1", "sequence_no": 7, "transport_node_name": "node-comp-01b", "timestamp": 1458585011061, "component_id": "5091f6ac-ada1-428c-b521-630bc0d55574" }, { "component_type": "LR", "component_name": "overlay-router", "resource_type": "TraceflowObservationReceivedLogical", "transport_node_id": "ed4d2f98-4373-4d67-9706-5ec3af7fcba1", "sequence_no": 9, "transport_node_name": "node-comp-01b", "timestamp": 1458585011073, "vni": 41866, "component_id": "723c1e3e-c82c-4243-bba0-2e1ef4815143", "lport_id": "87db83ed-9a73-436b-91f1-a2a793ffaa31", "src_component_name": "app-tier-01", "src_component_type": "LS", "src_component_id": "5091f6ac-ada1-428c-b521-630bc0d55574", "lport_name": "app-tier router" }, { "component_type": "DFW", "component_name": "Distributed Firewall", "resource_type": "TraceflowObservationReceivedLogical", "transport_node_id": "ed4d2f98-4373-4d67-9706-5ec3af7fcba1", "sequence_no": 11, "transport_node_name": "node-comp-01b", "timestamp": 1458585011085, "vni": 41866, "lport_id": "dd83f49f-a043-493f-847f-2bc0206afd5f", "lport_name": "dd83f49f-a043-493f-847f-2bc0206afd5f" }, { "component_type": "DFW", "component_name": "Distributed Firewall", "resource_type": "TraceflowObservationForwardedLogical", "transport_node_id": "ed4d2f98-4373-4d67-9706-5ec3af7fcba1", "sequence_no": 13, "transport_node_name": "node-comp-01b", "timestamp": 1458585011097, "vni": 41866, "lport_id": "dd83f49f-a043-493f-847f-2bc0206afd5f", "acl_rule_id": 2, "lport_name": "dd83f49f-a043-493f-847f-2bc0206afd5f" }, { "component_type": "PHYSICAL", "component_name": "Physical", "resource_type": "TraceflowObservationDelivered", "transport_node_id": "ed4d2f98-4373-4d67-9706-5ec3af7fcba1", "sequence_no": 15, "transport_node_name": "node-comp-01b", "timestamp": 1458585011109, "lport_id": "dd83f49f-a043-493f-847f-2bc0206afd5f", "lport_name": "dd83f49f-a043-493f-847f-2bc0206afd5f" }, { "component_type": "PHYSICAL", "component_name": "Physical", "resource_type": "TraceflowObservationReceived", "transport_node_id": "9e2c8d44-6a21-47e4-97a7-e62d6d0ea56f", "sequence_no": 6, "transport_node_name": "node-comp-02b", "timestamp": 1458613715205 }, { "component_type": "DFW", "component_name": "Distributed Firewall", "resource_type": "TraceflowObservationReceivedLogical", "transport_node_id": "9e2c8d44-6a21-47e4-97a7-e62d6d0ea56f", "sequence_no": 8, "transport_node_name": "node-comp-02b", "timestamp": 1458613715216, "vni": 41866, "lport_id": "65b9eb3d-0daa-42fc-a17d-15671d3f4ed3", "lport_name": "65b9eb3d-0daa-42fc-a17d-15671d3f4ed3" }, { "component_type": "DFW", "component_name": "Distributed Firewall", "resource_type": "TraceflowObservationForwardedLogical", "transport_node_id": "9e2c8d44-6a21-47e4-97a7-e62d6d0ea56f", "sequence_no": 10, "transport_node_name": "node-comp-02b", "timestamp": 1458613715228, "vni": 41866, "lport_id": "65b9eb3d-0daa-42fc-a17d-15671d3f4ed3", "acl_rule_id": 2, "lport_name": "65b9eb3d-0daa-42fc-a17d-15671d3f4ed3" }, { "component_type": "LS", "component_name": "app-tier-01", "resource_type": "TraceflowObservationForwardedLogical", "transport_node_id": "9e2c8d44-6a21-47e4-97a7-e62d6d0ea56f", "sequence_no": 12, "transport_node_name": "node-comp-02b", "timestamp": 1458613715240, "component_id": "5091f6ac-ada1-428c-b521-630bc0d55574" }, { "component_type": "LR", "component_name": "overlay-router", "resource_type": "TraceflowObservationReceivedLogical", "transport_node_id": "9e2c8d44-6a21-47e4-97a7-e62d6d0ea56f", "sequence_no": 14, "transport_node_name": "node-comp-02b", "timestamp": 1458613715252, "vni": 41866, "component_id": "723c1e3e-c82c-4243-bba0-2e1ef4815143", "lport_id": "87db83ed-9a73-436b-91f1-a2a793ffaa31", "src_component_name": "app-tier-01", "src_component_type": "LS", "src_component_id": "5091f6ac-ada1-428c-b521-630bc0d55574", "lport_name": "app-tier router" }, { "component_type": "PHYSICAL", "component_name": "Physical", "resource_type": "TraceflowObservationForwarded", "transport_node_id": "9e2c8d44-6a21-47e4-97a7-e62d6d0ea56f", "sequence_no": 16, "transport_node_name": "node-comp-02b", "timestamp": 1458613715264, "remote_ip_address": "192.168.250.100", "context": 4503694159291136 }, { "component_type": "PHYSICAL", "component_name": "Physical", "resource_type": "TraceflowObservationForwarded", "transport_node_id": "9e2c8d44-6a21-47e4-97a7-e62d6d0ea56f", "sequence_no": 17, "transport_node_name": "node-comp-02b", "timestamp": 1458613715276, "remote_ip_address": "192.168.250.102", "context": 4503694159291136 }, { "component_type": "PHYSICAL", "component_name": "Physical", "resource_type": "TraceflowObservationReceived", "transport_node_id": "4fa0d456-627d-4b62-9bfe-585d585dab1a", "sequence_no": 1, "transport_node_name": "node-nsx-edge2", "timestamp": 1458613780641 }, { "component_type": "EDGE_TUNNEL", "component_name": "Edge Tunnel", "resource_type": "TraceflowObservationReceivedLogical", "transport_node_id": "4fa0d456-627d-4b62-9bfe-585d585dab1a", "sequence_no": 2, "transport_node_name": "node-nsx-edge2", "timestamp": 1458613780641, "component_id": "736a80e3-23f6-5a2d-81d6-bbefb2786666", "lport_id": "77958239-5276-56ad-b320-cdf02a3286f1" }, { "component_type": "LR", "component_name": "overlay-router", "resource_type": "TraceflowObservationReceivedLogical", "transport_node_id": "4fa0d456-627d-4b62-9bfe-585d585dab1a", "sequence_no": 3, "transport_node_name": "node-nsx-edge2", "timestamp": 1458613780641, "vni": 41866, "component_id": "723c1e3e-c82c-4243-bba0-2e1ef4815143", "lport_id": "87db83ed-9a73-436b-91f1-a2a793ffaa31", "lport_name": "app-tier router" }, { "component_type": "LR", "component_name": "overlay-router", "resource_type": "TraceflowObservationDroppedLogical", "transport_node_id": "4fa0d456-627d-4b62-9bfe-585d585dab1a", "sequence_no": 4, "transport_node_name": "node-nsx-edge2", "timestamp": 1458613780641, "reason": "UNKNOWN", "lport_id": "87db83ed-9a73-436b-91f1-a2a793ffaa31", "lport_name": "app-tier router", "component_id": "723c1e3e-c82c-4243-bba0-2e1ef4815143" } ] } Required Permissions: read Feature: tools_traceflow Additional Errors:

Management Plane API: Unified Nsgroup Profile Management

Management Plane API: Unified Nsgroup Profile Management: Profiles

Associated URIs:

Create a new IPFIX collector profile

Create a new IPFIX collector profile with essential properties. Request:
Method:
POST
URI Path:
/api/v1/ipfix-collector-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpfixCollectorUpmProfile+

Example Request: POST https://<nsx-mgr>/api/v1/ipfix-collector-profiles { "resource_type" : "IpfixCollectorUpmProfile", "display_name" : "IPFIX Collector Profile 002", "collectors" : [ { "collector_port" : 4739, "collector_ip_address" : "192.168.1.102" }, { "collector_port" : 4739, "collector_ip_address" : "192.168.1.100" } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IpfixCollectorUpmProfile+

Example Response: { "resource_type" : "IpfixCollectorUpmProfile", "id" : "e2954b96-bbb4-4fa1-bd2f-3b2bd9e89b64", "display_name" : "IPFIX Collector Profile 002", "collectors" : [ { "collector_port" : 4739, "collector_ip_address" : "192.168.1.102" }, { "collector_port" : 4739, "collector_ip_address" : "192.168.1.100" } ], "_protection" : "NOT_PROTECTED", "_create_user" : "admin", "_create_time" : 1507687895605, "_last_modified_user" : "admin", "_last_modified_time" : 1507705866588, "_system_owned" : false, "_revision" : 0 } Required Permissions: crud Feature: unified_nsgroup_ipfix_collector_profiles Additional Errors:

List IPFIX Collector Profies

Query IPFIX collector profiles with list parameters. List result can be
filtered by profile type defined by IpfixCollectorUpmProfileType.
Request:
Method:
GET
URI Path:
/api/v1/ipfix-collector-profiles
Request Headers:
n/a
Query Parameters:
IpfixCollectorUpmProfileListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ipfix-collector-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpfixCollectorUpmProfileListResult+

Example Response: { "sort_ascending" : true, "sort_by": "resource_type", "result_count": 2, "results": [ { "resource_type": "IpfixCollectorUpmProfile", "id": "2d5d3a9a-5bc7-4ad1-2f0a-a9836575d204", "display_name": "IPFIX Collector Profile 001", "collectors" : [ { "collector_port" : 4739, "collector_ip_address" : "192.168.1.112" }, { "collector_port" : 4739, "collector_ip_address" : "192.168.1.110" } ], "_protection" : "NOT_PROTECTED", "_create_user" : "admin", "_create_time" : 1507687895605, "_last_modified_user" : "admin", "_last_modified_time" : 1507705866588, "_system_owned" : false, "_revision" : 1 }, { "resource_type" : "IpfixCollectorUpmProfile", "id" : "e2954b96-bbb4-4fa1-bd2f-3b2bd9e89b64", "display_name" : "IPFIX Collector Profile 002", "collectors" : [ { "collector_port" : 4739, "collector_ip_address" : "192.168.1.102" }, { "collector_port" : 4739, "collector_ip_address" : "192.168.1.100" } ], "_protection" : "NOT_PROTECTED", "_create_user" : "admin", "_create_time" : 1507687895605, "_last_modified_user" : "admin", "_last_modified_time" : 1507705866588, "_system_owned" : false, "_revision" : 1 } ] } Required Permissions: read Feature: unified_nsgroup_ipfix_collector_profiles Additional Errors:

Update an existing IPFIX collector profile

Update an existing IPFIX collector profile with profile ID and modified
properties.
Request:
Method:
PUT
URI Path:
/api/v1/ipfix-collector-profiles/<ipfix-collector-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpfixCollectorUpmProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/ipfix-collector-profiles/ 7e5d3a8c-8aa8-4df6-9a0f-b0456575b233 { "resource_type" : "IpfixCollectorUpmProfile", "id" : "e2954b96-bbb4-4fa1-bd2f-3b2bd9e89b64", "display_name" : "IPFIX Collector Profile 002", "collectors" : [ { "collector_port" : 4739, "collector_ip_address" : "192.168.1.102" }, { "collector_port" : 4739, "collector_ip_address" : "192.168.1.100" } ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpfixCollectorUpmProfile+

Example Response: { "resource_type" : "IpfixCollectorUpmProfile", "id" : "e2954b96-bbb4-4fa1-bd2f-3b2bd9e89b64", "display_name" : "IPFIX Collector Profile 002", "collectors" : [ { "collector_port" : 4739, "collector_ip_address" : "192.168.1.102" }, { "collector_port" : 4739, "collector_ip_address" : "192.168.1.100" } ], "_protection" : "NOT_PROTECTED", "_create_user" : "admin", "_create_time" : 1507687895605, "_last_modified_user" : "admin", "_last_modified_time" : 1507705866588, "_system_owned" : false, "_revision" : 1 } Required Permissions: crud Feature: unified_nsgroup_ipfix_collector_profiles Additional Errors:

Delete an existing IPFIX collector profile

Delete an existing IPFIX collector profile by ID. Request:
Method:
DELETE
URI Path:
/api/v1/ipfix-collector-profiles/<ipfix-collector-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/ipfix-collector-profiles/ 7e5d3a8c-8aa8-4df6-9a0f-b0456575b233 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: unified_nsgroup_ipfix_collector_profiles Additional Errors:

Get an existing IPFIX collector profile

Get an existing IPFIX collector profile by profile ID. Request:
Method:
GET
URI Path:
/api/v1/ipfix-collector-profiles/<ipfix-collector-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ipfix-collector-profiles/ 7e5d3a8c-8aa8-4df6-9a0f-b0456575b233 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpfixCollectorUpmProfile+

Example Response: { "resource_type" : "IpfixCollectorUpmProfile", "id" : "e2954b96-bbb4-4fa1-bd2f-3b2bd9e89b64", "display_name" : "IPFIX Collector Profile 002", "collectors" : [ { "collector_port" : 4739, "collector_ip_address" : "192.168.1.102" }, { "collector_port" : 4739, "collector_ip_address" : "192.168.1.100" } ], "_protection" : "NOT_PROTECTED", "_create_user" : "admin", "_create_time" : 1507687895605, "_last_modified_user" : "admin", "_last_modified_time" : 1507705866588, "_system_owned" : false, "_revision" : 1 } Required Permissions: read Feature: unified_nsgroup_ipfix_collector_profiles Additional Errors:

Create a new IPFIX profile

Create a new IPFIX profile with essential properties. Request:
Method:
POST
URI Path:
/api/v1/ipfix-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpfixSwitchUpmProfile+

Example Request: POST https://<nsx-mgr>/api/v1/ipfix-profiles { "resource_type": "IpfixSwitchUpmProfile", "display_name": "IPFIX Switch Profile 002", "packet_sample_probability": 0.1, "active_timeout": 300, "max_flows": 16384, "idle_timeout": 300, "observation_domain_id": 1002, "collector_profile": "8e6590f8-f203-4a9e-b53a-6c8058b79dd4", "priority": 1, "applied_tos": { "logical_switches": [], "logical_ports": [], "nsgroups": [] } } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IpfixSwitchUpmProfile+

Example Response: { "resource_type": "IpfixSwitchUpmProfile", "id": "2d5d3a9a-5bc7-4ad1-2f0a-a9836575d204", "display_name": "IPFIX Switch Profile 002", "packet_sample_probability": 0.1, "active_timeout": 300, "max_flows": 16384, "idle_timeout": 300, "observation_domain_id": 1002, "collector_profile": "8e6590f8-f203-4a9e-b53a-6c8058b79dd4", "priority": 1, "applied_tos": { "logical_switches": [], "logical_ports": [], "nsgroups": [] }, "export_overlay_flow" : true, "_protection" : "NOT_PROTECTED", "_create_user" : "admin", "_create_time" : 1507687895605, "_last_modified_user" : "admin", "_last_modified_time" : 1507705866588, "_system_owned" : false, "_revision" : 0 } Required Permissions: crud Feature: unified_nsgroup_ipfix_profiles Additional Errors:

List IPFIX Profies

Query IPFIX profiles with list parameters. List result can be filtered by
profile type defined by IpfixUpmProfileType.
Request:
Method:
GET
URI Path:
/api/v1/ipfix-profiles
Request Headers:
n/a
Query Parameters:
IpfixUpmProfileListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ipfix-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpfixUpmProfileListResult+

Example Response: { "sort_ascending" : true, "sort_by": "resource_type", "result_count": 2, "results": [ { "resource_type": "IpfixSwitchUpmProfile", "id": "7e5d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "IPFIX Switch Profile 001", "packet_sample_probability": 0.1, "active_timeout": 300, "max_flows": 16384, "idle_timeout": 300, "observation_domain_id": 1001, "collector_profile": "516ea614-6692-4dcb-9fa7-8304f9765a7f", "priority": 0, "applied_tos": { "logical_switches": [], "logical_ports": [], "nsgroups": [] }, "export_overlay_flow" : true, "_protection" : "NOT_PROTECTED", "_create_user" : "admin", "_create_time" : 1507687895605, "_last_modified_user" : "admin", "_last_modified_time" : 1507705866588, "_system_owned" : false, "_revision" : 1 }, { "resource_type": "IpfixSwitchUpmProfile", "id": "2d5d3a9a-5bc7-4ad1-2f0a-a9836575d204", "display_name": "IPFIX Switch Profile 002", "packet_sample_probability": 0.1, "active_timeout": 300, "max_flows": 16384, "idle_timeout": 300, "observation_domain_id": 1002, "collector_profile": "8e6590f8-f203-4a9e-b53a-6c8058b79dd4", "priority": 1, "applied_tos": { "logical_switches": [], "logical_ports": [], "nsgroups": [] }, "export_overlay_flow" : true, "_protection" : "NOT_PROTECTED", "_create_user" : "admin", "_create_time" : 1507687895605, "_last_modified_user" : "admin", "_last_modified_time" : 1507705866588, "_system_owned" : false, "_revision" : 1 } ] } Required Permissions: read Feature: unified_nsgroup_ipfix_profiles Additional Errors:

Get an existing IPFIX profile

Get an existing IPFIX profile by profile ID. Request:
Method:
GET
URI Path:
/api/v1/ipfix-profiles/<ipfix-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/ipfix-profiles/ 7e5d3a8c-8aa8-4df6-9a0f-b0456575b233 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpfixSwitchUpmProfile+

Example Response: { "resource_type": "IpfixSwitchUpmProfile", "id": "7e5d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "IPFIX Switch Profile 002", "packet_sample_probability": 0.1, "active_timeout": 300, "max_flows": 16384, "idle_timeout": 300, "observation_domain_id": 1002, "collector_profile": "8e6590f8-f203-4a9e-b53a-6c8058b79dd4", "priority": 1, "applied_tos": { "logical_switches": [], "logical_ports": [], "nsgroups": [] }, "export_overlay_flow" : true, "_protection" : "NOT_PROTECTED", "_create_user" : "admin", "_create_time" : 1507687895605, "_last_modified_user" : "admin", "_last_modified_time" : 1507705866588, "_system_owned" : false, "_revision" : 1 } Required Permissions: read Feature: unified_nsgroup_ipfix_profiles Additional Errors:

Update an existing IPFIX profile

Update an existing IPFIX profile with profile ID and modified properties.
Request:
Method:
PUT
URI Path:
/api/v1/ipfix-profiles/<ipfix-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpfixSwitchUpmProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/ipfix-profiles/ 7e5d3a8c-8aa8-4df6-9a0f-b0456575b233 { "resource_type": "IpfixSwitchUpmProfile", "id": "7e5d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "IPFIX Switch Profile 002", "packet_sample_probability": 0.1, "active_timeout": 300, "max_flows": 16384, "idle_timeout": 300, "observation_domain_id": 1002, "collector_profile": "8e6590f8-f203-4a9e-b53a-6c8058b79dd4", "priority": 1, "applied_tos": { "logical_switches": [], "logical_ports": [], "nsgroups": [] }, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpfixSwitchUpmProfile+

Example Response: { "resource_type": "IpfixSwitchUpmProfile", "id": "7e5d3a8c-8aa8-4df6-9a0f-b0456575b233", "display_name": "IPFIX Switch Profile 002", "packet_sample_probability": 0.1, "active_timeout": 300, "max_flows": 16384, "idle_timeout": 300, "observation_domain_id": 1002, "collector_profile": "8e6590f8-f203-4a9e-b53a-6c8058b79dd4", "priority": 1, "applied_tos": { "logical_switches": [], "logical_ports": [], "nsgroups": [] }, "export_overlay_flow" : true, "_protection" : "NOT_PROTECTED", "_create_user" : "admin", "_create_time" : 1507687895605, "_last_modified_user" : "admin", "_last_modified_time" : 1507705866588, "_system_owned" : false, "_revision" : 1 } Required Permissions: crud Feature: unified_nsgroup_ipfix_profiles Additional Errors:

Delete an existing IPFIX profile

Delete an existing IPFIX profile by ID. Request:
Method:
DELETE
URI Path:
/api/v1/ipfix-profiles/<ipfix-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/ipfix-profiles/ 7e5d3a8c-8aa8-4df6-9a0f-b0456575b233 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: unified_nsgroup_ipfix_profiles Additional Errors:

Management Plane API: Upgrade

Associated URIs:

Accept end user license agreement

Accept end user license agreement
Request:
Method:
POST
URI Path:
/api/v1/upgrade/eula/accept
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: execute Feature: system_eula Additional Errors:

Return the acceptance status of end user license agreement

Return the acceptance status of end user license agreement
Request:
Method:
GET
URI Path:
/api/v1/upgrade/eula/acceptance
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/eula/acceptance Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EULAAcceptance+

Example Response: { "acceptance": false } Required Permissions: read Feature: system_eula Additional Errors:

Return the content of end user license agreement

Return the content of end user license agreement in the specified format.
By default, it's pure string without line break
Request:
Method:
GET
URI Path:
/api/v1/upgrade/eula/content
Request Headers:
n/a
Query Parameters:
EULAOutputFormatRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/eula/content?value_format=html Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EULAContent+

Example Response: { "content": "End User License Agreement
" } Required Permissions: read Feature: system_eula Additional Errors:

Get functional state of the upgrade coordinator

Get the functional state of the upgrade coordinator.
Request:
Method:
GET
URI Path:
/api/v1/upgrade/functional-state
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/functional-state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UcFunctionalState+

Example Response: { "state" : "RUNNING" } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Management Plane API: Upgrade: Bundle

Associated URIs:

Upload upgrade bundle (Deprecated)

Upload the upgrade bundle. The call returns after upload is initiated.
User needs to check upload status periodically by retrieving upgrade
bundle upload status to find out if the upload is completed.
This API is deprecated, please use /upgrade/bundles?action=upload API
to upload the upgrade bundle.
Request:
Method:
POST
URI Path:
/api/v1/upgrade/bundle?action=upload
Request Headers:
n/a
Query Parameters:
UpgradeBundle+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/upgrade/bundle?action=upload Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Upgrade the upgrade coordinator.

Upgrade the upgrade coordinator module itself. This call is invoked
after user uploads an upgrade bundle. Once this call is invoked,
upgrade coordinator stops and gets restarted and target version
upgrade coordinator module comes up after restart.
Request:
Method:
POST
URI Path:
/api/v1/upgrade?action=upgrade_uc
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/upgrade?action=upgrade_uc Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Management Plane API: Upgrade: Bundles

Associated URIs:

Fetch upgrade bundle from given url

Fetches the upgrade bundle from url. The call returns after fetch is initiated.
Check status by periodically retrieving upgrade bundle upload status
using GET /upgrade/bundles//upload-status.
The upload is complete when the status is SUCCESS.
Request:
Method:
POST
URI Path:
/api/v1/upgrade/bundles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
UpgradeBundleFetchRequest+

Example Request: POST https://<nsx-mgr>/api/v1/upgrade/bundles { "url" : "https://<bundle-url>" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeBundleId+

Example Response: { "bundle_id" : "22000123456" } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Get uploaded upgrade bundle information

Get uploaded upgrade bundle information
Request:
Method:
GET
URI Path:
/api/v1/upgrade/bundles/<bundle-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/bundles/22000123456 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeBundleInfo+

Example Response: { "url" : "https://<bundle-url>" "bundle_size" : "3622" } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get uploaded upgrade bundle upload status

Get uploaded upgrade bundle upload status
Request:
Method:
GET
URI Path:
/api/v1/upgrade/bundles/<bundle-id>/upload-status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/bundles/22000123456/upload-status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeBundleUploadStatus+

Example Response: { "url" : "https://<bundle-url>" "percent" : 100, "status" : "VERIFYING", "detailed_status": "Checking compatibility matrix of the Upgrade Bundle" } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Cancel upgrade bundle upload

Cancel upload of upgrade bundle. This API works only when bundle upload is
in-progress and will not work during post-processing of upgrade bundle. If
bundle upload is in-progress, then the API call returns http OK response
after cancelling the upload and deleting partially uploaded bundle.
Request:
Method:
POST
URI Path:
/api/v1/upgrade/bundles/<bundle-id>?action=cancel_upload
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/upgrade/bundles/22000123456?action=cancel_upload Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Upload upgrade bundle

Upload the upgrade bundle. This call returns after upload is completed.
You can check bundle processing status periodically by retrieving upgrade
bundle upload status to find out if the upload and processing is completed.
Request:
Method:
POST
URI Path:
/api/v1/upgrade/bundles?action=upload
Request Headers:
n/a
Query Parameters:
UpgradeBundle+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/upgrade/bundles?action=upload Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeBundleId+

Example Response: { "bundle_id" : "22000123456" } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Management Plane API: Upgrade: Group

Associated URIs:

Return information of all upgrade unit groups

Return information of all upgrade unit groups in the
upgrade plan. If request parameter summary is set to true, then
only count of upgrade units will be returned, upgrade units list
will be empty. If request parameter component type is specified,
then all upgrade unit groups for that component will be returned.
Request:
Method:
GET
URI Path:
/api/v1/upgrade/upgrade-unit-groups
Request Headers:
n/a
Query Parameters:
UpgradeUnitGroupListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/upgrade-unit-groups?component_type=HOST Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeUnitGroupListResult+

Example Response: { "cursor" : "0036cd429462-4716-4ada-a66b-e4c78504a399nnuullll", "result_count" : 1, "results": [ { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts", "type": "HOST", "parallel": "false", "enabled": "true", "upgrade_unit_count": 2, "upgrade_units": [ { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7", "display_name": "esx551", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] }, { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "display_name": "esx552", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] } ], "extended_configuration": [ { "key": "upgrade_mode", "value": "in_place" } ] } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Create a group

Create a group of upgrade units.
Request:
Method:
POST
URI Path:
/api/v1/upgrade/upgrade-unit-groups
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
UpgradeUnitGroup+

Example Request: POST https://<nsx-mgr>/api/v1/upgrade/upgrade-unit-groups { "display_name": "esx55Hosts", "type": "HOST", "parallel": "false", "enabled": "true", "upgrade_units": [ { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7" }, { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf" } ], "extended_configuration": [ { "key": "upgrade_mode", "value": "in_place" } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
UpgradeUnitGroup+

Example Response: { "resource_type": "UpgradeUnitGroup", "id": "e794562c-4d26-428a-9d19-9d79ddc4fb70", "display_name": "HostUpgrade", "upgrade_units": [ { "metadata": [ { "value": "ESXI", "key": "HYPERVISOR_OS" } ], "warnings": [], "current_version": "1.1.0.0.0.4788198", "id": "bf1c7b70-3709-11e7-9a39-fdf3dd0661a4", "display_name": "ESX 60 -2", "type": "HOST", "group": { "id": "e794562c-4d26-428a-9d19-9d79ddc4fb70", "display_name": "HostUpgrade" } } ], "extended_configuration": [ { "value": "in_place", "key": "upgrade_mode" } ], "parallel": false, "type": "HOST", "enabled": true, "upgrade_unit_count": 1 } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Get upgrade status for upgrade unit groups

Get upgrade status for upgrade unit groups Request:
Method:
GET
URI Path:
/api/v1/upgrade/upgrade-unit-groups-status
Request Headers:
n/a
Query Parameters:
ComponentTypeListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/upgrade-unit-groups-status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeUnitGroupStatusListResult+

Example Response: { "cursor" : "0036cd429462-4716-4ada-a66b-e4c78504a399nnuullll", "result_count" : 3, "results": { [ { "group_id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "group_name": "esx55Hosts", "upgrade_unit_count": 10, "status": "SUCCESS", "failed_count": 0, "percent_complete": 100 }, { "group_id": "a60445eb-32aa-4782-bded-9b6ba99ba2cd", "group_name": "edgeGroup1", "upgrade_unit_count": 5, "status": "IN_PROGRESS", "failed_count": 0, "percent_complete": 40 }, { "group_id": "5346171c-1d77-401e-a2c4-9274b69cc342", "group_name": "ccpGroup1", "upgrade_unit_count": 2, "status": "NOT_STARTED", "failed_count": 0, "percent_complete": 0 } ] } } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Update the upgrade unit group

Update the specified upgrade unit group. Removal of upgrade units from the
group using this is not allowed. An error will be returned in that case.
Following extended_configuration is supported:

Key: upgrade_mode
Supported values: maintenance_mode,in_place
Default: maintenance_mode

Key: maintenance_mode_config_vsan_mode
Supported values: evacuate_all_data, ensure_object_accessibility, no_action
Default: ensure_object_accessibility

Key: maintenance_mode_config_evacuate_powered_off_vms
Supported values: true, false
Default: false

Key: rebootless_upgrade
Supported values: true, false
Default: true
Request:
Method:
PUT
URI Path:
/api/v1/upgrade/upgrade-unit-groups/<group-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
UpgradeUnitGroup+

Example Request: PUT https://<nsx-mgr>/api/v1/upgrade/upgrade-unit-groups/d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5 { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55HostsGroup", "type": "HOST", "parallel": "true", "enabled": "false", "upgrade_units": [ { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7", }, { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", } ], "extended_configuration": [ { "key": "upgrade_mode", "value": "maintenance_mode" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeUnitGroup+

Example Response: { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55HostsGroup", "type": "HOST", "parallel": "true", "enabled": "false", "upgrade_unit_count": 2, "upgrade_units": [ { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7", "display_name": "esx551", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] }, { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "display_name": "esx552", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] } ], "extended_configuration": [ { "key": "upgrade_mode", "value": "maintenance_mode" } ] } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Return upgrade unit group information

Returns information about a specific upgrade unit group in the
upgrade plan. If request parameter summary is set to true, then
only count of upgrade units will be returned, upgrade units list
will be empty.
Request:
Method:
GET
URI Path:
/api/v1/upgrade/upgrade-unit-groups/<group-id>
Request Headers:
n/a
Query Parameters:
SummaryRequest+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/upgrade-unit-groups/d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeUnitGroup+

Example Response: { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts", "type": "HOST", "parallel": "false", "enabled": "true", "upgrade_unit_count": 2, "upgrade_units": [ { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7", "display_name": "esx551", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] }, { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "display_name": "esx552", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] } ], "extended_configuration": [ { "key": "upgrade_mode", "value": "in_place" } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Delete the upgrade unit group

Delete the specified group.
NOTE - A group can be deleted only if it is empty.
If user tries to delete a group containing one
or more upgrade units, the operation will fail and an error
will be returned.
Request:
Method:
DELETE
URI Path:
/api/v1/upgrade/upgrade-unit-groups/<group-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/upgrade/upgrade-unit-groups/d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Get upgrade status for group

Get upgrade status for upgrade units in the specified group. User can
specify whether to show only the upgrade units with errors.
Request:
Method:
GET
URI Path:
/api/v1/upgrade/upgrade-unit-groups/<group-id>/status
Request Headers:
n/a
Query Parameters:
GroupStatusListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/upgrade-unit-groups/d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeUnitStatusListResult+

Example Response: { "cursor" : "0036c5a1531e-9145-4818-bdb3-cf299a6558a5nnuullll", "result_count" : 2, "results": [ { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7", "display_name": "esx551", "status": "SUCCESS", "percent_complete": 100, "errors": [] }, { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "display_name": "esx552", "status": "IN_PROGRESS", "percent_complete": 50, "errors": [] } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Reorder an upgrade unit within the upgrade unit group

Reorder an upgrade unit within the upgrade unit group by placing it
before/after the specified upgrade unit
Request:
Method:
POST
URI Path:
/api/v1/upgrade/upgrade-unit-groups/<group-id>/upgrade-unit/<upgrade-unit-id>?action=reorder
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ReorderRequest+

Example Request: POST https://<nsx-mgr>/api/v1/upgrade/upgrade-unit-groups/d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5/upgrade-unit/1f64e9f4-eeb3-4ebd-af78-e08757e593cf?action=reorder { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "is_before": "false" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Add upgrade units to specified upgrade unit group

Add upgrade units to specified upgrade unit group. The upgrade
units will be added at the end of the upgrade unit list.
Request:
Method:
POST
URI Path:
/api/v1/upgrade/upgrade-unit-groups/<group-id>?action=add_upgrade_units
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
UpgradeUnitList+

Example Request: POST https://<nsx-mgr>/api/v1/upgrade/upgrade-unit-groups/d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5?action=add_upgrade_units { "list": [ { "id": "e893085a-3709-11e7-ae6e-55850742a4d0", "group": { "display_name": "Two", "id": "ab1b2c01-97a6-44c6-b946-430728c0355d" } } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeUnitList+

Example Response: { "list": [ { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "display_name": "esx552", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] } ] } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Reorder upgrade unit group

Reorder an upgrade unit group by placing it before/after
the specified upgrade unit group.
Request:
Method:
POST
URI Path:
/api/v1/upgrade/upgrade-unit-groups/<group-id>?action=reorder
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ReorderRequest+

Example Request: POST https://<nsx-mgr>/api/v1/upgrade/upgrade-unit-groups/d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5?action=reorder { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "is_before": "false" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Return aggregate information of all upgrade unit groups

Return information of all upgrade unit groups in the
upgrade plan. If request parameter summary is set to true, then
only count of upgrade units will be returned, upgrade units list
will be empty. If request parameter component type is specified,
then all upgrade unit groups for that component will be returned.
Request:
Method:
GET
URI Path:
/api/v1/upgrade/upgrade-unit-groups/aggregate-info
Request Headers:
n/a
Query Parameters:
UpgradeUnitGroupListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/upgrade-unit-groups/aggregate-info Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeUnitGroupAggregateInfoListResult+

Required Permissions: read Feature: utilities_upgrade Additional Errors:

Management Plane API: Upgrade: History

Associated URIs:

Get upgrade history

Get upgrade history Request:
Method:
GET
URI Path:
/api/v1/upgrade/history
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/history Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeHistoryList+

Example Response: { "results": { [ [ { "timestamp": "12569537329", "initial_version": "1.1.1.1213223", "target_version": "1.2.2.1819198" } ] } } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Management Plane API: Upgrade: Nodes

Associated URIs:

Get list of nodes across all types

Get list of nodes. If request parameter component type is specified, then
all nodes for that component will be returned. If request parameter component
version is specified, then all nodes at that version will be returned.
Request:
Method:
GET
URI Path:
/api/v1/upgrade/nodes
Request Headers:
n/a
Query Parameters:
NodeInfoListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/nodes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeInfoListResult+

Example Response: { "cursor" : "00017", "sort_ascending" : true, "result_count" : 7, "results" : [ { "id" : "15a71126-189c-11e7-9c28-9bba9532666d", "display_name" : "sc-rdops-vm05-dhcp-145-9.eng.vmware.com", "type" : "HOST", "component_version" : "1.1.0.0.0.5292922" }, { "id" : "07cd4582-189c-11e7-b77f-7f1dfdccba5e", "display_name" : "sc-rdops-vm05-dhcp-158-121.eng.vmware.com", "type" : "HOST", "component_version" : "1.1.0.0.0.5292922" }, { "id" : "25c9fd3e-189c-11e7-baa0-02001ae66268", "display_name" : "utu1604template.eng.vmware.com", "type" : "HOST", "component_version" : "1.1.0.0.0.5292922" }, { "id" : "2fcfc200-189c-11e7-b5da-02001a173d3f", "display_name" : "utu1604template.eng.vmware.com", "type" : "HOST", "component_version" : "1.1.0.0.0.5292922" }, { "id" : "4321711e-189c-11e7-8b13-000c29bbd840", "display_name" : "jane-nsxedge-ob-5292886-1-DK-Edge", "type" : "EDGE", "component_version" : "1.1.0.0.0.5292904" }, { "id" : "cae0232d-f99e-4bfa-acc7-805ed62e8701", "display_name" : "jane-nsxcontroller-ob-5292886-1-DK-Edge", "type" : "CCP", "component_version" : "1.1.0.0.0.5292902" }, { "id" : "421B38AA-E390-64B9-3FFF-7AD6EBF59C40", "display_name" : "jane-nsxmanager-ob-5292886-1-DK-Edge", "type" : "MP", "component_version" : "1.1.0.0.0.5292903" } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get summary of nodes

Get summary of nodes, which includes node count for each type and component version. Request:
Method:
GET
URI Path:
/api/v1/upgrade/nodes-summary
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/nodes-summary Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
NodeSummaryList+

Example Response: { "results" : [ { "node_count" : 1, "type" : "CCP", "component_version" : "1.1.0.0.0.5292902" }, { "node_count" : 1, "type" : "MP", "component_version" : "1.1.0.0.0.5292903" }, { "node_count" : 4, "type" : "HOST", "component_version" : "1.1.0.0.0.5292922" }, { "node_count" : 1, "type" : "EDGE", "component_version" : "1.1.0.0.0.5292904" } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get the version whitelist

Get whitelist of versions for different components Request:
Method:
GET
URI Path:
/api/v1/upgrade/version-whitelist
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/version-whitelist Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AcceptableComponentVersionList+

Example Response: { "results": [ { "id": "MP", "display_name": "MP", "acceptable_versions": ["1.0.0.0.0.557878"], "component_type": "MP", "_last_modified_user": "admin", "_last_modified_time": 1435188284106, "_create_time": 1435015977176, "_create_user": "admin", "_revision": 0 }, { "id": "CCP", "display_name": "CCP", "acceptable_versions": ["1.0.0.0.0.543236"], "component_type": "CCP", "_last_modified_user": "admin", "_last_modified_time": 1435188284106, "_create_time": 1435015977176, "_create_user": "admin", "_revision": 0 }, { "id": "HOST", "display_name": "HOST", "acceptable_versions":["1.0.0.0.0.567876", "1.0.0.0.0.667576"], "component_type": "HOST", "_last_modified_user": "admin", "_last_modified_time": 1435188284106, "_create_time": 1435015977176, "_create_user": "admin", "_revision": 0 }, { "id": "EDGE", "display_name": "EDGE", "acceptable_versions": ["1.0.0.0.0.567876", "1.0.0.0.0.667576"], "component_type": "EDGE", "_last_modified_user": "admin", "_last_modified_time": 1435188284106, "_create_time": 1435015977176, "_create_user": "admin", "_revision": 0 } ] } Required Permissions: read Feature: messaging Additional Errors:

Get the version whitelist for the specified component

Get whitelist of versions for a component. Component can include HOST, EDGE, CCP, MP Request:
Method:
GET
URI Path:
/api/v1/upgrade/version-whitelist/<component_type>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/version-whitelist/HOST Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AcceptableComponentVersion+

Example Response: { "id": "HOST", "display_name": "HOST", "acceptable_versions": ["1.0.0.0.0.567876", "1.0.0.0.0.667576"], "component_type": "HOST", "_last_modified_user": "admin", "_last_modified_time": 1435188284106, "_create_time": 1435015977176, "_create_user": "admin", "_revision": 0 } Required Permissions: read Feature: messaging Additional Errors:

Update the version whitelist for the specified component type

Update the version whitelist for the specified component type (HOST, EDGE, CCP, MP). Request:
Method:
PUT
URI Path:
/api/v1/upgrade/version-whitelist/<component_type>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
VersionList+

Example Request: PUT https://<nsx-mgr>/api/v1/upgrade/version-whitelist/HOST { "acceptable_versions": ["1.0.0.0.0.557878","1.0.0.0.0.673278"], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
n/a

Required Permissions: crud Feature: messaging Additional Errors:

Management Plane API: Upgrade: Plan

Associated URIs:

Execute post-upgrade checks

Run pre-defined checks to identify issues after upgrade of a component. The
results of the checks are added to the respective upgrade units
aggregate-info. The progress and status of post-upgrade checks is part of
aggregate-info of individual upgrade unit groups.
Returns HTTP status 500 with error code 30953 if execution of post-upgrade
checks is already in progress.
Request:
Method:
POST
URI Path:
/api/v1/upgrade/<component-type>?action=execute_post_upgrade_checks
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/upgrade/HOST?action=execute_post_upgrade_checks Successful Response:
Response Code:
202 Accepted
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Update upgrade plan settings for the component

Update the upgrade plan settings for the component.
Request:
Method:
PUT
URI Path:
/api/v1/upgrade/plan/<component_type>/settings
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
UpgradePlanSettings+

Example Request: PUT https://<nsx-mgr>/api/v1/upgrade/plan/host/settings { "parallel" : "false", "pause_on_error" : "true", "pause_after_each_group" : "false" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradePlanSettings+

Example Response: { "parallel" : "false", "pause_on_error" : "true", "pause_after_each_group" : "false" } Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Get upgrade plan settings for the component

Get the upgrade plan settings for the component.
Request:
Method:
GET
URI Path:
/api/v1/upgrade/plan/<component_type>/settings
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/plan/host/settings Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradePlanSettings+

Example Response: { "parallel" : "true", "pause_on_error" : "true", "pause_after_each_group" : "false" } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Continue upgrade

Continue the upgrade. Resumes the upgrade from the point where
it was paused.
Request:
Method:
POST
URI Path:
/api/v1/upgrade/plan?action=continue
Request Headers:
n/a
Query Parameters:
ContinueRequestParameters+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/upgrade/plan?action=continue Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Pause upgrade

Pause the upgrade. Upgrade will be paused after upgrade of all
the nodes currently in progress is completed either successfully
or with failure. User can make changes in the upgrade plan when
the upgrade is paused.
Request:
Method:
POST
URI Path:
/api/v1/upgrade/plan?action=pause
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/upgrade/plan?action=pause Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Reset upgrade plan to default plan

Reset the upgrade plan to default plan. User has an option to change
the default plan. But if after making changes, user wants to go
back to the default plan, this is the way to do so.
Request:
Method:
POST
URI Path:
/api/v1/upgrade/plan?action=reset
Request Headers:
n/a
Query Parameters:
UpgradePlanResetRequest+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/upgrade/plan?action=reset&component_type=HOST Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Start upgrade

Start the upgrade. Upgrade will start as per the upgrade plan.
Request:
Method:
POST
URI Path:
/api/v1/upgrade/plan?action=start
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/upgrade/plan?action=start Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Upgrade selected units

Upgrades, Resumes the upgrade of a selected set of units.
Request:
Method:
POST
URI Path:
/api/v1/upgrade/plan?action=upgrade_selected_units
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
UpgradeUnitList+

Example Request: POST https://<nsx-mgr>/api/v1/upgrade/plan?action=upgrade_selected_units { "list": [ { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7" }, { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf" }, { "id": "7f64e9f4-eeb3-4ebd-af78-e08757e593cf" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Returns pre-upgrade checks in csv format

Returns pre-upgrade checks in csv format
Request:
Method:
GET
URI Path:
/api/v1/upgrade/pre-upgrade-checks?format=csv
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/pre-upgrade-checks?format=csv Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
UpgradeCheckCsvListResult+

Example Response: upgrade_unit_id,upgrade_unit_type,upgrade_unit_metadata,check_name,check_description,status,failure_messages "351f0742-1c77-18bb-4427-4c30d147966d",MP,,"Check for stable MP cluster status",,SUCCESS, "49394f4c-9eca-11e8-ac25-090ff271722d",HOST,,"Check MPA and LCP connectivity is up",,SUCCESS, "49394f4c-9eca-11e8-ac25-090ff271722d",HOST,,"Check for sufficient free space on tmp partition",,SUCCESS, "49394f4c-9eca-11e8-ac25-090ff271722d",HOST,,"Check for sufficient free space on root partition",,SUCCESS, Required Permissions: read Feature: utilities_upgrade Additional Errors:

Returns information about upgrade checks

Returns information of pre-upgrade and post-upgrade checks. If request
parameter component type is specified, then returns information about
all pre-upgrade and post-upgrade for the component. Otherwise returns
information of checks across all component types.
Request:
Method:
GET
URI Path:
/api/v1/upgrade/upgrade-checks-info
Request Headers:
n/a
Query Parameters:
UpgradeCheckInfoListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/upgrade-checks-info?component_type=EDGE Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComponentUpgradeChecksInfoListResult+

Example Response: { "result_count": 1, "results": [ { "component_type": "EDGE", "post_upgrade_checks_info": [ { "component_type": "EDGE", "name": "Check on edge version", "description": "Check on edge version" }, { "component_type": "EDGE", "name": "Check status of upgrade agent", "description": "Check status of upgrade agent" }, { "component_type": "EDGE", "name": "Check management plane connectivity", "description": "Check management plane connectivity" }, { "component_type": "EDGE", "name": "Check central control plane connectivity", "description": "Check central control plane connectivity" }, { "component_type": "EDGE", "name": "Check status of PNIC/Bonds", "description": "Check status of PNIC/Bonds" }, { "component_type": "EDGE", "name": "Check overall transport node status", "description": "Check overall transport node status" }, { "component_type": "EDGE", "name": "Check status of tunnels between transport nodes", "description": "Check status of tunnels between transport nodes" } ], "pre_upgrade_checks_info": [ { "component_type": "EDGE", "name": "Check health and status of edge nodes", "description": "Check health and status of edge nodes" } ] } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Abort pre-upgrade checks

Aborts execution of pre-upgrade checks if already in progress. Halts the
execution of checks awaiting execution at this point and makes best-effort
attempts to stop checks already in execution. Returns without action if
execution of pre-upgrade checks is not in progress.
Request:
Method:
POST
URI Path:
/api/v1/upgrade?action=abort_pre_upgrade_checks
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/upgrade?action=abort_pre_upgrade_checks Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Execute pre-upgrade checks

Run pre-defined checks to identify potential issues which can be
encountered during an upgrade or can cause an upgrade to fail. The results
of the checks are added to the respective upgrade units aggregate-info. The
progress and status of operation is part of upgrade status summary of
individual components.
Returns HTTP status 500 with error code 30953 if execution of pre-upgrade
checks is already in progress.
Request:
Method:
POST
URI Path:
/api/v1/upgrade?action=execute_pre_upgrade_checks
Request Headers:
n/a
Query Parameters:
ComponentTypeListRequestParameters+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/upgrade?action=execute_pre_upgrade_checks Successful Response:
Response Code:
202 Accepted
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: utilities_upgrade Additional Errors:

Management Plane API: Upgrade: Status

Associated URIs:

Get upgrade status summary

Get upgrade status summary Request:
Method:
GET
URI Path:
/api/v1/upgrade/status-summary
Request Headers:
n/a
Query Parameters:
StatusSummaryRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/status-summary?component_type=EDGE&selection_status=ALL Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeStatus+

Example Response: { "host_status": { "status": "SUCCESS", "percent_complete": 100, "details": "All hosts upgraded successfully", "can_skip": false }, "edge_status": { "status": "IN_PROGRESS", "percent_complete": 40, "details": "Upgrade of edgeGroup1 in progress", "can_skip": false }, "ccp_status": { "status": "NOT_STARTED", "percent_complete": 0, "details": "Upgrade not started", "can_skip": false } "component_status": [{ "component_type": "EDGE", "status": "IN_PROGRESS", "percent_complete": 40, "details": "Upgrade of edgeGroup1 in progress", "can_skip": false } } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get upgrade summary

Get upgrade summary Request:
Method:
GET
URI Path:
/api/v1/upgrade/summary
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/summary Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeSummary+

Example Response: { "upgrade_status" : "PAUSED", "component_target_versions" : [ { "component_type" : "HOST", "target_version" : "2.0.0.0.0.5963423" }, { "component_type" : "EDGE", "target_version" : "2.0.0.0.0.5963333" }, { "component_type" : "CCP", "target_version" : "2.0.0.0.0.5963327" }, { "component_type" : "MP", "target_version" : "2.0.0.0.0.5963330" } ], "upgrade_coordinator_updated": true, "upgrade_coordinator_version" : "1.2.3.0.0.456789", "system_version" : "1.1.0.0.0.4787411", "target_version" : "2.0.0.0.0.5963330", "upgrade_bundle_file_name" : "VMware-NSX-upgrade-bundle-2.0.0.0.0.5963330.mub" } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get upgrade-coordinator upgrade status

Get upgrade-coordinator upgrade status
Request:
Method:
GET
URI Path:
/api/v1/upgrade/uc-upgrade-status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/uc-upgrade-status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UcUpgradeStatus+

Example Response: { "status" : "Extracting Upgrade Bundle" } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Management Plane API: Upgrade: Upgrade Units

Associated URIs:

Get upgrade units

Get upgrade units Request:
Method:
GET
URI Path:
/api/v1/upgrade/upgrade-units
Request Headers:
n/a
Query Parameters:
UpgradeUnitListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/upgrade-units Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeUnitListResult+

Example Response: { "cursor" : "0036cd429462-4716-4ada-a66b-e4c78504a399nnuullll", "result_count" : 4, "results": [ { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7", "display_name": "esx551", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] }, { "id": "1f64e9f4-eeb3-4ebd-af78-e08757e593cf", "display_name": "esx552", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] }, { "id": "aa1e9a33-3bd3-4fbb-92b1-00db2cd7fb2f", "display_name": "euu1", "type": "EDGE", "current_version": "1.0.0.2333378", "group": { "id": "a60445eb-32aa-4782-bded-9b6ba99ba2cd", "display_name": "egroup1" }, "warnings": [], "metadata": [] }, { "id": "b2f3f702-99bb-4577-b209-1c30eeba9fca", "display_name": "cuu1", "type": "CCP", "current_version": "1.0.0.7766956", "group": { "id": "5346171c-1d77-401e-a2c4-9274b69cc342", "display_name": "cgroup1" }, "warnings": [], "metadata": [] } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get upgrade units stats

Get upgrade units stats Request:
Method:
GET
URI Path:
/api/v1/upgrade/upgrade-units-stats
Request Headers:
n/a
Query Parameters:
UpgradeUnitsStatsRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/upgrade-units-stats?sync=false Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeUnitTypeStatsList+

Example Response: { "results": { [ { "type": "HOST", "version": "1.1.1.4245555", "node_count": 10, "node_with_issues_count": 0 }, { "type": "EDGE", "version": "1.1.1.1213223", "node_count": 2, "node_with_issues_count": 0 }, { "type": "CCP", "version": "1.1.1.1433223", "node_count": 2, "node_with_issues_count": 1 }, ] } } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get a specific upgrade unit

Get a specific upgrade unit Request:
Method:
GET
URI Path:
/api/v1/upgrade/upgrade-units/<upgrade-unit-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/upgrade-units/a95be8d6-4a76-46fe-9c9c-341e89973da7 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeUnit+

Example Response: { "id": "a95be8d6-4a76-46fe-9c9c-341e89973da7", "display_name": "esx551", "type": "HOST", "current_version": "1.0.0.1444456", "group": { "id": "d00d6a39-5ff2-4ddc-a63f-672b4e9ecc5", "display_name": "esx55Hosts" }, "warnings": [], "metadata": [] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Get upgrade units aggregate-info

Get upgrade units aggregate-info Request:
Method:
GET
URI Path:
/api/v1/upgrade/upgrade-units/aggregate-info
Request Headers:
n/a
Query Parameters:
UpgradeUnitAggregateInfoListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/upgrade/upgrade-units/aggregate-info Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeUnitAggregateInfoListResult+

Example Response: { "cursor" : "00011", "sort_ascending" : true, "result_count" : 1, "results" : [ { "warnings" : [ ], "current_version" : "1.1.0.0.0.5292903", "id" : "421B38AA-E390-64B9-3FFF-7AD6EBF59C40", "display_name" : "jane-nsxmanager-ob-5292886-1-DK-Edge", "type" : "MP", "percent_complete" : 0.0, "errors" : [ ], "group" : { "id" : "4c0486b8-1575-4aa6-aa62-1ac50879467a", "display_name" : "MPUpgradeGroup" }, "status" : "NOT_STARTED" } ] } Required Permissions: read Feature: utilities_upgrade Additional Errors:

Management Plane API: VPN: IPSEC

Management Plane API: VPN: IPSEC: DPD Profiles

Associated URIs:

Create dead peer detection (DPD) profile

Create dead peer detection (DPD) profile. Any change in profile affects all sessions consuming this profile. Request:
Method:
POST
URI Path:
/api/v1/vpn/ipsec/dpd-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVPNDPDProfile+

Example Request: POST https://<nsx-mgr>/api/v1/vpn/ipsec/dpd-profiles { "resource_type" : "IPSecVPNDPDProfile", "display_name" : "nsx-default-dpd-profile", "enabled" : true, "dpd_probe_interval" : 90 } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNDPDProfile+

Example Response: { "resource_type" : "IPSecVPNDPDProfile", "id" : "12a39f8c-c37b-11e7-abc4-cec278b6b50a", "display_name" : "nsx-default-dpd-profile", "enabled" : true, "dpd_probe_interval" : 90, "_create_time" : 1517289492579, "_last_modified_user" : "system", "_last_modified_time" : 1517289492579, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: vpn Additional Errors:

Get IPSec dead peer detection (DPD) profile list result

Get paginated list of all dead peer detection (DPD) profiles. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/dpd-profiles
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/dpd-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNDPDProfileListResult+

Example Response: { "result_count" : 1, "results" : [ { "resource_type" : "IPSecVPNDPDProfile", "id" : "12a39f8c-c37b-11e7-abc4-cec278b6b50a", "display_name" : "nsx-default-dpd-profile", "enabled" : true, "dpd_probe_interval" : 90, "_create_time" : 1517289492579, "_last_modified_user" : "system", "_last_modified_time" : 1517289492579, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: vpn Additional Errors:

Get IPSec dead peer detection (DPD) profile

Get IPSec dead peer detection (DPD) profile. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/dpd-profiles/<ipsec-vpn-dpd-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/dpd-profiles/12a39f8c-c37b-11e7-abc4-cec278b6b50a Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNDPDProfile+

Example Response: { "resource_type" : "IPSecVPNDPDProfile", "id" : "12a39f8c-c37b-11e7-abc4-cec278b6b50a", "display_name" : "nsx-default-dpd-profile", "enabled" : true, "dpd_probe_interval" : 90, "_create_time" : 1517289492579, "_last_modified_user" : "system", "_last_modified_time" : 1517289492579, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: vpn Additional Errors:

Delete dead peer detection (DPD) profile

Delete dead peer detection (DPD) profile. Request:
Method:
DELETE
URI Path:
/api/v1/vpn/ipsec/dpd-profiles/<ipsec-vpn-dpd-profile-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/vpn/ipsec/dpd-profiles/12a39f8c-c37b-11e7-abc4-cec278b6b50a Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: vpn Additional Errors:

Edit IPSec dead peer detection (DPD) profile

Edit IPSec dead peer detection (DPD) profile. Request:
Method:
PUT
URI Path:
/api/v1/vpn/ipsec/dpd-profiles/<ipsec-vpn-dpd-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVPNDPDProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/vpn/ipsec/dpd-profiles/f962173f-ac03-4d08-8366-56a41779f61d { "resource_type" : "IPSecVPNDPDProfile", "id" : "12a39f8c-c37b-11e7-abc4-cec278b6b50a", "display_name" : "nsx-default-dpd-profile", "enabled" : true, "dpd_probe_interval" : 90, "_create_time" : 1517289492579, "_last_modified_user" : "system", "_last_modified_time" : 1517289492579, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNDPDProfile+

Example Response: { "resource_type" : "IPSecVPNDPDProfile", "id" : "12a39f8c-c37b-11e7-abc4-cec278b6b50a", "display_name" : "nsx-default-dpd-profile", "enabled" : true, "dpd_probe_interval" : 90, "_create_time" : 1517289492579, "_last_modified_user" : "system", "_last_modified_time" : 1517289492579, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: vpn Additional Errors:

Management Plane API: VPN: IPSEC: IKE Profiles

Associated URIs:

Create custom internet key exchange (IKE) Profile

Create custom internet key exchange (IKE) Profile. IKE Profile is a reusable profile that captures IKE and phase one negotiation parameters. System will be pre provisioned with system owned non editable default IKE profile and suggested set of profiles that can be used for peering with popular remote peers like AWS VPN. User can create custom profiles as needed. Any change in profile affects all sessions consuming this profile. Request:
Method:
POST
URI Path:
/api/v1/vpn/ipsec/ike-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVPNIKEProfile+

Example Request: POST https://<nsx-mgr>/api/v1/vpn/ipsec/ike-profiles { "resource_type" : "IPSecVPNIKEProfile", "display_name" : "nsx-default-ike-profile", "encryption_algorithms" : [ "AES_128" ], "ike_version" : "IKE_FLEX", "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 86400, "dh_groups" : [ "GROUP14" ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNIKEProfile+

Example Response: { "resource_type" : "IPSecVPNIKEProfile", "id" : "12a3a23e-c37b-11e7-abc4-cec278b6b50a", "display_name" : "nsx-default-ike-profile", "encryption_algorithms" : [ "AES_128" ], "ike_version" : "IKE_FLEX", "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 86400, "dh_groups" : [ "GROUP14" ], "_create_time" : 1517289492627, "_last_modified_user" : "system", "_last_modified_time" : 1517289492627, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: vpn Additional Errors:

List IKE profiles

Get paginated list of all IKE Profiles. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/ike-profiles
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/ike-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNIKEProfileListResult+

Example Response: { "result_count" : 1, "results" : [ { "resource_type" : "IPSecVPNIKEProfile", "id" : "12a3a23e-c37b-11e7-abc4-cec278b6b50a", "display_name" : "nsx-default-ike-profile", "encryption_algorithms" : [ "AES_128" ], "ike_version" : "IKE_FLEX", "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 86400, "dh_groups" : [ "GROUP14" ], "_create_time" : 1517289492627, "_last_modified_user" : "system", "_last_modified_time" : 1517289492627, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: vpn Additional Errors:

Get IKE Profile

Get custom IKE Profile, given the particular id. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/ike-profiles/<ipsec-vpn-ike-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/ike-profiles/12a3a23e-c37b-11e7-abc4-cec278b6b50a Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNIKEProfile+

Example Response: { "resource_type" : "IPSecVPNIKEProfile", "id" : "12a3a23e-c37b-11e7-abc4-cec278b6b50a", "display_name" : "nsx-default-ike-profile", "encryption_algorithms" : [ "AES_128" ], "ike_version" : "IKE_FLEX", "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 86400, "dh_groups" : [ "GROUP14" ], "_create_time" : 1517289492627, "_last_modified_user" : "system", "_last_modified_time" : 1517289492627, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: vpn Additional Errors:

Edit custom IKE Profile

Edit custom IKE Profile. System owned profiles are non editable. Request:
Method:
PUT
URI Path:
/api/v1/vpn/ipsec/ike-profiles/<ipsec-vpn-ike-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVPNIKEProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/vpn/ipsec/ike-profiles/12a3a23e-c37b-11e7-abc4-cec278b6b50a { "resource_type" : "IPSecVPNIKEProfile", "id" : "12a3a23e-c37b-11e7-abc4-cec278b6b50a", "display_name" : "nsx-default-ike-profile", "encryption_algorithms" : [ "AES_128" ], "ike_version" : "IKE_V1", "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 86400, "dh_groups" : [ "GROUP14" ], "_create_time" : 1517289492627, "_last_modified_user" : "system", "_last_modified_time" : 1517289492627, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNIKEProfile+

Example Response: { "resource_type" : "IPSecVPNIKEProfile", "id" : "12a3a23e-c37b-11e7-abc4-cec278b6b50a", "display_name" : "nsx-default-ike-profile", "encryption_algorithms" : [ "AES_128" ], "ike_version" : "IKE_V1", "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 86400, "dh_groups" : [ "GROUP14" ], "_create_time" : 1517289492627, "_last_modified_user" : "system", "_last_modified_time" : 1517289492627, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: vpn Additional Errors:

Delete custom IKE Profile

Delete custom IKE Profile. Profile can not be deleted if profile has references to it. Request:
Method:
DELETE
URI Path:
/api/v1/vpn/ipsec/ike-profiles/<ipsec-vpn-ike-profile-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/vpn/ipsec/ike-profiles/12a3a23e-c37b-11e7-abc4-cec278b6b50a Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: vpn Additional Errors:

Management Plane API: VPN: IPSEC: Local Endpoints

Associated URIs:

Create custom local endpoint

Create custom IPSec local endpoint. Request:
Method:
POST
URI Path:
/api/v1/vpn/ipsec/local-endpoints
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVPNLocalEndpoint+

Example Request: POST https://<nsx-mgr>/api/v1/vpn/ipsec/local-endpoints { "resource_type": "IPSecVPNLocalEndpoint", "description": "Local endpoint plr1", "display_name": "Local endpoint plr1", "local_id": "40.40.40.1", "ipsec_vpn_service_id": { "target_id": "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a" }, "local_address": "40.40.40.1", "trust_ca_ids": [], "trust_crl_ids": [] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNLocalEndpoint+

Example Response: { "resource_type" : "IPSecVPNLocalEndpoint", "description" : "Local endpoint plr1", "id" : "c99d8ed0-195b-46b0-8474-664b55cfb176", "display_name" : "Local endpoint plr1", "local_id" : "40.40.40.1", "ipsec_vpn_service_id" : { "target_display_name" : "IPSec VPN serviceplr1", "is_valid" : true, "target_type" : "IPSecVPNService", "target_id" : "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a" }, "local_address" : "40.40.40.1", "trust_ca_ids" : [ ], "trust_crl_ids" : [ ], "_create_time" : 1517293221251, "_last_modified_user" : "admin", "_last_modified_time" : 1517293221251, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: vpn Additional Errors:

Get IPSec local endpoint list result

Get paginated list of all local endpoints. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/local-endpoints
Request Headers:
n/a
Query Parameters:
IPSecVPNLocalEndpointListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/local-endpoints Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNLocalEndpointListResult+

Example Response: { "result_count" : 1, "results" : [ { "resource_type" : "IPSecVPNLocalEndpoint", "description" : "Local endpoint plr1", "id" : "c99d8ed0-195b-46b0-8474-664b55cfb176", "display_name" : "Local endpoint plr1", "local_id" : "40.40.40.1", "ipsec_vpn_service_id" : { "target_display_name" : "IPSec VPN serviceplr1", "is_valid" : true, "target_type" : "IPSecVPNService", "target_id" : "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a" }, "local_address" : "40.40.40.1", "trust_ca_ids" : [ ], "trust_crl_ids" : [ ], "_create_time" : 1517293221251, "_last_modified_user" : "admin", "_last_modified_time" : 1517293221251, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: vpn Additional Errors:

Delete custom IPSec local endpoint

Delete custom IPSec local endpoint. Request:
Method:
DELETE
URI Path:
/api/v1/vpn/ipsec/local-endpoints/<ipsec-vpn-local-endpoint-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/vpn/ipsec/local-endpoints/c99d8ed0-195b-46b0-8474-664b55cfb176 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: vpn Additional Errors:

Get custom IPSec local endpoint

Get custom IPSec local endpoint. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/local-endpoints/<ipsec-vpn-local-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/local-endpoints/c99d8ed0-195b-46b0-8474-664b55cfb176 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNLocalEndpoint+

Example Response: { "resource_type" : "IPSecVPNLocalEndpoint", "description" : "Local endpoint plr1", "id" : "c99d8ed0-195b-46b0-8474-664b55cfb176", "display_name" : "Local endpoint plr1", "local_id" : "40.40.40.1", "ipsec_vpn_service_id" : { "target_display_name" : "IPSec VPN serviceplr1", "is_valid" : true, "target_type" : "IPSecVPNService", "target_id" : "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a" }, "local_address" : "40.40.40.1", "trust_ca_ids" : [ ], "trust_crl_ids" : [ ], "_create_time" : 1517293221251, "_last_modified_user" : "admin", "_last_modified_time" : 1517293221251, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: vpn Additional Errors:

Edit custom IPSec local endpoint

Edit custom IPSec local endpoint. Request:
Method:
PUT
URI Path:
/api/v1/vpn/ipsec/local-endpoints/<ipsec-vpn-local-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVPNLocalEndpoint+

Example Request: PUT https://<nsx-mgr>/api/v1/vpn/ipsec/local-endpoints/f962173f-ac03-4d08-8366-56a41779f61d { "resource_type" : "IPSecVPNLocalEndpoint", "description" : "Local endpoint plr1", "id" : "c99d8ed0-195b-46b0-8474-664b55cfb176", "display_name" : "Local endpoint plr1", "local_id" : "40.40.40.1", "ipsec_vpn_service_id" : { "target_display_name" : "IPSec VPN serviceplr1", "is_valid" : true, "target_type" : "IPSecVPNService", "target_id" : "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a" }, "local_address" : "40.40.40.1", "trust_ca_ids" : [ ], "trust_crl_ids" : [ ], "_create_time" : 1517293221251, "_last_modified_user" : "admin", "_last_modified_time" : 1517293221251, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNLocalEndpoint+

Example Response: { "resource_type" : "IPSecVPNLocalEndpoint", "description" : "Local endpoint plr1", "id" : "c99d8ed0-195b-46b0-8474-664b55cfb176", "display_name" : "Local endpoint plr1", "local_id" : "40.40.40.1", "ipsec_vpn_service_id" : { "target_display_name" : "IPSec VPN serviceplr1", "is_valid" : true, "target_type" : "IPSecVPNService", "target_id" : "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a" }, "local_address" : "40.40.40.1", "trust_ca_ids" : [], "trust_crl_ids" : [], "_create_time" : 1517293221251, "_last_modified_user" : "admin", "_last_modified_time" : 1667293221251, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: vpn Additional Errors:

Management Plane API: VPN: IPSEC: Peer Endpoints

Associated URIs:

Get IPSecVPNPeerEndpoint List Result

Get paginated list of all peer endpoint. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/peer-endpoints
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/peer-endpoints Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNPeerEndpointListResult+

Example Response: { "result_count": 1, "results": [ { "resource_type": "IPSecVPNPeerEndpoint", "description": "Peer endpoint for plr 1", "id": "f0cb1b37-d618-4406-94eb-b4099418a165", "display_name": "Peer endpoint for plr 1", "connection_initiation_mode": "INITIATOR", "authentication_mode": "PSK", "ipsec_tunnel_profile_id": "12a3a34c-c37b-11e7-abc4-cec278b6b50a", "dpd_profile_id": "12a39f8c-c37b-11e7-abc4-cec278b6b50a", "psk": "test", "ike_profile_id": "12a3a23e-c37b-11e7-abc4-cec278b6b50a", "peer_address": "2.1.4.1", "peer_id": "2.1.4.1", "_create_time": 1517293670492, "_last_modified_user": "admin", "_last_modified_time": 1517293670492, "_system_owned": false, "_create_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: vpn Additional Errors:

Create custom peer endpoint

Create custom IPSec peer endpoint. Request:
Method:
POST
URI Path:
/api/v1/vpn/ipsec/peer-endpoints
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVPNPeerEndpoint+

Example Request: POST https://<nsx-mgr>/api/v1/vpn/ipsec/peer-endpoints { "resource_type": "IPSecVPNPeerEndpoint", "description": "Peer endpoint for plr 1", "display_name": "Peer endpoint for plr 1", "connection_initiation_mode": "INITIATOR", "authentication_mode": "PSK", "ipsec_tunnel_profile_id": "12a3a34c-c37b-11e7-abc4-cec278b6b50a", "dpd_profile_id": "12a39f8c-c37b-11e7-abc4-cec278b6b50a", "psk": "test", "ike_profile_id": "12a3a23e-c37b-11e7-abc4-cec278b6b50a", "peer_address": "2.1.4.1", "peer_id": "2.1.4.1" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNPeerEndpoint+

Example Response: { "resource_type": "IPSecVPNPeerEndpoint", "description": "Peer endpoint for plr 1", "id": "f0cb1b37-d618-4406-94eb-b4099418a165", "display_name": "Peer endpoint for plr 1", "connection_initiation_mode": "INITIATOR", "authentication_mode": "PSK", "ipsec_tunnel_profile_id": "12a3a34c-c37b-11e7-abc4-cec278b6b50a", "dpd_profile_id": "12a39f8c-c37b-11e7-abc4-cec278b6b50a", "psk": "test", "ike_profile_id": "12a3a23e-c37b-11e7-abc4-cec278b6b50a", "peer_address": "2.1.4.1", "peer_id": "2.1.4.1", "_create_time": 1517293670492, "_last_modified_user": "admin", "_last_modified_time": 1517293670492, "_system_owned": false, "_create_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: vpn Additional Errors:

Get IPSec VPN peer endpoint

Get custom IPSec VPN peer endpoint. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/peer-endpoints/<ipsec-vpn-peer-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/peer-endpoints/f0cb1b37-d618-4406-94eb-b4099418a165 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNPeerEndpoint+

Example Response: { "resource_type": "IPSecVPNPeerEndpoint", "description": "Peer endpoint for plr 1", "id": "f0cb1b37-d618-4406-94eb-b4099418a165", "display_name": "Peer endpoint for plr 1", "connection_initiation_mode": "INITIATOR", "authentication_mode": "PSK", "ipsec_tunnel_profile_id": "12a3a34c-c37b-11e7-abc4-cec278b6b50a", "dpd_profile_id": "12a39f8c-c37b-11e7-abc4-cec278b6b50a", "ike_profile_id": "12a3a23e-c37b-11e7-abc4-cec278b6b50a", "peer_address": "2.1.4.1", "peer_id": "2.1.4.1", "_create_time": 1517293670492, "_last_modified_user": "admin", "_last_modified_time": 1517293670492, "_system_owned": false, "_create_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: vpn Additional Errors:

Delete custom IPSec VPN peer endpoint

Delete custom IPSec VPN peer endpoint. All references are strong references and dependent peer endpoints can not be deleted if being referenced. Request:
Method:
DELETE
URI Path:
/api/v1/vpn/ipsec/peer-endpoints/<ipsec-vpn-peer-endpoint-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/vpn/ipsec/peer-endpoints/f0cb1b37-d618-4406-94eb-b4099418a165 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: vpn Additional Errors:

Edit custom IPSecPeerEndpoint

Edit custom IPSec peer endpoint. System owned endpoints are non editable. Request:
Method:
PUT
URI Path:
/api/v1/vpn/ipsec/peer-endpoints/<ipsec-vpn-peer-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVPNPeerEndpoint+

Example Request: PUT https://<nsx-mgr>/api/v1/vpn/ipsec/peer-endpoints/f0cb1b37-d618-4406-94eb-b4099418a165 { "resource_type": "IPSecVPNPeerEndpoint", "description": "Peer endpoint for plr 1", "id": "f0cb1b37-d618-4406-94eb-b4099418a165", "display_name": "Peer endpoint for plr 1", "connection_initiation_mode": "INITIATOR", "authentication_mode": "PSK", "ipsec_tunnel_profile_id": "12a3a34c-c37b-11e7-abc4-cec278b6b50a", "dpd_profile_id": "12a39f8c-c37b-11e7-abc4-cec278b6b50a", "psk": "test", "ike_profile_id": "12a3a23e-c37b-11e7-abc4-cec278b6b50a", "peer_address": "2.1.4.1", "peer_id": "2.1.4.1", "_create_time": 1517293670492, "_last_modified_user": "admin", "_last_modified_time": 1517293670492, "_system_owned": false, "_create_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNPeerEndpoint+

Example Response: { "resource_type": "IPSecVPNPeerEndpoint", "description": "Peer endpoint for plr 1", "id": "f0cb1b37-d618-4406-94eb-b4099418a165", "display_name": "Peer endpoint for plr 1", "connection_initiation_mode": "INITIATOR", "authentication_mode": "PSK", "ipsec_tunnel_profile_id": "12a3a34c-c37b-11e7-abc4-cec278b6b50a", "dpd_profile_id": "12a39f8c-c37b-11e7-abc4-cec278b6b50a", "psk": "test", "ike_profile_id": "12a3a23e-c37b-11e7-abc4-cec278b6b50a", "peer_address": "2.1.4.1", "peer_id": "2.1.4.1", "_create_time": 1517293670492, "_last_modified_user": "admin", "_last_modified_time": 1667293670492, "_system_owned": false, "_create_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: vpn Additional Errors:

Get IPSec VPN peer endpoint with PSK

Get custom IPSec VPN peer endpoint with PSK. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/peer-endpoints/<ipsec-vpn-peer-endpoint-id>?action=show-sensitive-data
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/peer-endpoints/f0cb1b37-d618-4406-94eb-b4099418a165?action=show-sensitive-data Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNPeerEndpoint+

Example Response: { "resource_type": "IPSecVPNPeerEndpoint", "description": "Peer endpoint for plr 1", "id": "f0cb1b37-d618-4406-94eb-b4099418a165", "display_name": "Peer endpoint for plr 1", "connection_initiation_mode": "INITIATOR", "authentication_mode": "PSK", "ipsec_tunnel_profile_id": "12a3a34c-c37b-11e7-abc4-cec278b6b50a", "dpd_profile_id": "12a39f8c-c37b-11e7-abc4-cec278b6b50a", "psk": "test", "ike_profile_id": "12a3a23e-c37b-11e7-abc4-cec278b6b50a", "peer_address": "2.1.4.1", "peer_id": "2.1.4.1", "_create_time": 1517293670492, "_last_modified_user": "admin", "_last_modified_time": 1517293670492, "_system_owned": false, "_create_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: vpn Additional Errors:

Management Plane API: VPN: IPSEC: Services

Associated URIs:

Create VPN service

Create VPN service for given logical router. Request:
Method:
POST
URI Path:
/api/v1/vpn/ipsec/services
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVPNService+

Example Request: POST https://<nsx-mgr>/api/v1/vpn/ipsec/services { "resource_type": "IPSecVPNService", "description": "Manage VPN serviceplr1", "display_name": "IPSec VPN serviceplr1", "logical_router_id": "518cc148-75ce-4973-9a79-07da0b8b2147", "ike_log_level": "ERROR", "enabled": true } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNService+

Example Response: { "resource_type" : "IPSecVPNService", "description" : "Manage VPN serviceplr1", "id" : "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a", "display_name" : "IPSec VPN serviceplr1", "logical_router_id" : "518cc148-75ce-4973-9a79-07da0b8b2147", "ike_log_level" : "ERROR", "enabled" : true, "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: vpn Additional Errors:

Get IPSec VPN service list result

Get paginated list of all IPSec VPN services. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/services
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/services Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNServiceListResult+

Example Response: { "result_count" : 1, "results" : [ { "resource_type" : "IPSecVPNService", "description" : "Manage VPN serviceplr1", "id" : "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a", "display_name" : "IPSec VPN serviceplr1", "logical_router_id" : "518cc148-75ce-4973-9a79-07da0b8b2147", "ike_log_level" : "ERROR", "enabled" : true, "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: vpn Additional Errors:

Delete IPSec VPN service

Delete IPSec VPN service for given router. Request:
Method:
DELETE
URI Path:
/api/v1/vpn/ipsec/services/<ipsec-vpn-service-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/vpn/ipsec/services/f770a847-a6c9-4bc0-94cb-1dd1d5ae622a Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: vpn Additional Errors:

Edit IPSec VPN service

Edit IPSec VPN service for given logical router. Request:
Method:
PUT
URI Path:
/api/v1/vpn/ipsec/services/<ipsec-vpn-service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVPNService+

Example Request: PUT https://<nsx-mgr>/api/v1/vpn/ipsec/services/f770a847-a6c9-4bc0-94cb-1dd1d5ae622a { "resource_type" : "IPSecVPNService", "description" : "Manage VPN serviceplr1", "id" : "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a", "display_name" : "IPSec VPN serviceplr1", "logical_router_id" : "518cc148-75ce-4973-9a79-07da0b8b2147", "ike_log_level" : "ERROR", "enabled" : true, "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNService+

Example Response: { "resource_type" : "IPSecVPNService", "description" : "Manage VPN serviceplr1", "id" : "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a", "display_name" : "IPSec VPN serviceplr1", "logical_router_id" : "518cc148-75ce-4973-9a79-07da0b8b2147", "ike_log_level" : "ERROR", "enabled" : true, "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: vpn Additional Errors:

Get IPSec VPN service

Get IPSec VPN service for given logical router. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/services/<ipsec-vpn-service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/services/f770a847-a6c9-4bc0-94cb-1dd1d5ae622a Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNService+

Example Response: { "resource_type" : "IPSecVPNService", "description" : "Manage VPN serviceplr1", "id" : "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a", "display_name" : "IPSec VPN serviceplr1", "logical_router_id" : "518cc148-75ce-4973-9a79-07da0b8b2147", "ike_log_level" : "ERROR", "enabled" : true, "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: vpn Additional Errors:

Management Plane API: VPN: IPSEC: Sessions

Associated URIs:

Get IPSec VPN session list result

Get paginated list of all IPSec VPN sessions. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/sessions
Request Headers:
n/a
Query Parameters:
IPSecVPNSessionListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/sessions Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNSessionListResult+

Example Response: { "result_count": 1, "results": [ { "resource_type": "PolicyBasedIPSecVPNSession", "id": "ee4f7777-f837-4dbb-9a03-eeb9beb52b09", "display_name": "PBS 12", "ipsec_vpn_service_id": "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a", "peer_endpoint_id": "f0cb1b37-d618-4406-94eb-b4099418a165", "local_endpoint_id": "c99d8ed0-195b-46b0-8474-664b55cfb176", "enabled": true, "policy_rules": [ { "id": "1026", "sources": [ { "subnet": "1.1.1.0/24" } ], "logged": true, "destinations": [ { "subnet": "2.1.4.0/24" } ], "action": "PROTECT", "enabled": true, "_revision": 0 } ], "_create_time": 1517293798690, "_last_modified_user": "admin", "_last_modified_time": 1517293798690, "_system_owned": false, "_create_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: vpn Additional Errors:

Create new VPN session

Create new VPN session. Request:
Method:
POST
URI Path:
/api/v1/vpn/ipsec/sessions
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyBasedIPSecVPNSession+
RouteBasedIPSecVPNSession+

Example Request: POST https://<nsx-mgr>/api/v1/vpn/ipsec/sessions { "resource_type": "PolicyBasedIPSecVPNSession", "display_name": "PBS 12", "ipsec_vpn_service_id": "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a", "peer_endpoint_id": "f0cb1b37-d618-4406-94eb-b4099418a165", "local_endpoint_id": "c99d8ed0-195b-46b0-8474-664b55cfb176", "enabled": true, "policy_rules": [ { "sources": [ { "subnet": "1.1.1.0/24" } ], "logged": true, "destinations": [ { "subnet": "2.1.4.0/24" } ], "action": "PROTECT", "enabled": true } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
PolicyBasedIPSecVPNSession+
RouteBasedIPSecVPNSession+

Example Response: { "resource_type": "PolicyBasedIPSecVPNSession", "id": "ee4f7777-f837-4dbb-9a03-eeb9beb52b09", "display_name": "PBS 12", "ipsec_vpn_service_id": "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a", "peer_endpoint_id": "f0cb1b37-d618-4406-94eb-b4099418a165", "local_endpoint_id": "c99d8ed0-195b-46b0-8474-664b55cfb176", "enabled": true, "policy_rules": [ { "id": "1026", "sources": [ { "subnet": "1.1.1.0/24" } ], "logged": true, "destinations": [ { "subnet": "2.1.4.0/24" } ], "action": "PROTECT", "enabled": true, "_revision": 0 } ], "_create_time": 1517293798690, "_last_modified_user": "admin", "_last_modified_time": 1517293798690, "_system_owned": false, "_create_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: vpn Additional Errors:

Edit IPSec VPN session

Edit IPSec VPN session. Request:
Method:
PUT
URI Path:
/api/v1/vpn/ipsec/sessions/<ipsec-vpn-session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyBasedIPSecVPNSession+
RouteBasedIPSecVPNSession+

Example Request: PUT https://<nsx-mgr>/api/v1/vpn/ipsec/sessions/ee4f7777-f837-4dbb-9a03-eeb9beb52b09 { "resource_type": "PolicyBasedIPSecVPNSession", "id": "ee4f7777-f837-4dbb-9a03-eeb9beb52b09", "display_name": "PBS 12", "ipsec_vpn_service_id": "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a", "peer_endpoint_id": "f0cb1b37-d618-4406-94eb-b4099418a165", "local_endpoint_id": "c99d8ed0-195b-46b0-8474-664b55cfb176", "enabled": true, "policy_rules": [ { "id": "1026", "sources": [ { "subnet": "1.1.1.0/24" } ], "logged": true, "destinations": [ { "subnet": "2.1.4.0/24" } ], "action": "PROTECT", "enabled": true, "_revision": 0 } ], "_create_time": 1517293798690, "_last_modified_user": "admin", "_last_modified_time": 1517293798690, "_system_owned": false, "_create_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyBasedIPSecVPNSession+
RouteBasedIPSecVPNSession+

Example Response: { "resource_type": "PolicyBasedIPSecVPNSession", "id": "ee4f7777-f837-4dbb-9a03-eeb9beb52b09", "display_name": "PBS 12", "ipsec_vpn_service_id": "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a", "peer_endpoint_id": "f0cb1b37-d618-4406-94eb-b4099418a165", "local_endpoint_id": "c99d8ed0-195b-46b0-8474-664b55cfb176", "enabled": true, "policy_rules": [ { "id": "1026", "sources": [ { "subnet": "1.1.1.0/24" } ], "logged": true, "destinations": [ { "subnet": "2.1.4.0/24" } ], "action": "PROTECT", "enabled": true, "_revision": 0 } ], "_create_time": 1517293798690, "_last_modified_user": "admin", "_last_modified_time": 1517293798690, "_system_owned": false, "_create_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: vpn Additional Errors:

Delete IPSec VPN session

Delete IPSec VPN session. Request:
Method:
DELETE
URI Path:
/api/v1/vpn/ipsec/sessions/<ipsec-vpn-session-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/vpn/ipsec/sessions/ee4f7777-f837-4dbb-9a03-eeb9beb52b09 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: vpn Additional Errors:

Fetch IPSec VPN session

Fetch IPSec VPN session. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/sessions/<ipsec-vpn-session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/sessions/ee4f7777-f837-4dbb-9a03-eeb9beb52b09 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyBasedIPSecVPNSession+
RouteBasedIPSecVPNSession+

Example Response: { "resource_type": "PolicyBasedIPSecVPNSession", "id": "ee4f7777-f837-4dbb-9a03-eeb9beb52b09", "display_name": "PBS 12", "ipsec_vpn_service_id": "f770a847-a6c9-4bc0-94cb-1dd1d5ae622a", "peer_endpoint_id": "f0cb1b37-d618-4406-94eb-b4099418a165", "local_endpoint_id": "c99d8ed0-195b-46b0-8474-664b55cfb176", "enabled": true, "policy_rules": [ { "id": "1026", "sources": [ { "subnet": "1.1.1.0/24" } ], "logged": true, "destinations": [ { "subnet": "2.1.4.0/24" } ], "action": "PROTECT", "enabled": true, "_revision": 0 } ], "_create_time": 1517293798690, "_last_modified_user": "admin", "_last_modified_time": 1517293798690, "_system_owned": false, "_create_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: vpn Additional Errors:

Get VPN configuration for the peer site

API to download VPN configuration for the peer site. The configuration contains pre-shared key and secret; be careful when sharing or storing it. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/sessions/<ipsec-vpn-session-id>/peer-config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/sessions/f962173f-ac03-4d08-8366-56a41779f61d/peer-config Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/plain; charset=utf-8
Response Body:
string

Required Permissions: crud Feature: vpn Additional Errors:

Get the Realized State of a IPSec VPN Session

Return realized state information of a ipsec vpn session.
Any configuration update that affects the ipsec vpn session can use this API
to get its realized state by passing a request_id returned by the
configuration change operation. e.g. Update configuration of ipsec vpn session,
service, endpoints, profiles, etc.
It will return a service disabled error, if the ipsec vpn service associated
with the session is disabled.
Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/sessions/<ipsec-vpn-session-id>/state
Request Headers:
n/a
Query Parameters:
RealizationStateQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/sessions/f962173f-ac03-4d08-8366-56a41779f61d/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNSessionState+

Example Response: { "details": [ { "sub_system_type": "TransportNode", "sub_system_id": "fe651e63-04bd-43a4-a8ec-45381a3b71b9", "state": "in_progress", "failure_message": "CCP Id:ab5958df-d98a-468e-a72b-d89dcdae5346, Message:State realization is in progress at the node." }, { "sub_system_type": "TransportNode", "sub_system_id": "ebe174ac-e4f1-4135-ba72-3dd2eb7099e3", "state": "in_sync" } ], "state": "in_progress", "failure_message": "The state realization is in progress at transport nodes." } Required Permissions: read Feature: vpn Additional Errors:

Management Plane API: VPN: IPSEC: Tunnel Profiles

Associated URIs:

Create custom IPSec tunnel profile

Create custom IPSec tunnel profile. IPSec tunnel profile is a reusable profile that captures phase two negotiation parameters and tunnel properties. System will be provisioned with system owned non editable default IPSec tunnel profile. Any change in profile affects all sessions consuming this profile. Request:
Method:
POST
URI Path:
/api/v1/vpn/ipsec/tunnel-profiles
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVPNTunnelProfile+

Example Request: POST https://<nsx-mgr>/api/v1/vpn/ipsec/tunnel-profiles { "resource_type" : "IPSecVPNTunnelProfile", "display_name" : "nsx-default-tunnel-profile", "enable_perfect_forward_secrecy" : true, "encryption_algorithms" : [ "AES_128" ], "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 3600, "dh_groups" : [ "GROUP14" ], "encapsulation_mode" : "TUNNEL_MODE", "transform_protocol" : "ESP", "df_policy" : "COPY" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNTunnelProfile+

Example Response: { "resource_type" : "IPSecVPNTunnelProfile", "id" : "12a3a34c-c37b-11e7-abc4-cec278b6b50a", "display_name" : "nsx-default-tunnel-profile", "enable_perfect_forward_secrecy" : true, "encryption_algorithms" : [ "AES_128" ], "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 3600, "dh_groups" : [ "GROUP14" ], "encapsulation_mode" : "TUNNEL_MODE", "transform_protocol" : "ESP", "df_policy" : "COPY", "_create_time" : 1517289492671, "_last_modified_user" : "system", "_last_modified_time" : 1517289492671, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: vpn Additional Errors:

Get IPSecTunnelProfile List Result

Get paginated list of all IPSecTunnelProfiles. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/tunnel-profiles
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/tunnel-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNTunnelProfileListResult+

Example Response: { "result_count" : 1, "results" : [ { "resource_type" : "IPSecVPNTunnelProfile", "id" : "12a3a34c-c37b-11e7-abc4-cec278b6b50a", "display_name" : "nsx-default-tunnel-profile", "enable_perfect_forward_secrecy" : true, "encryption_algorithms" : [ "AES_128" ], "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 3600, "dh_groups" : [ "GROUP14" ], "encapsulation_mode" : "TUNNEL_MODE", "transform_protocol" : "ESP", "df_policy" : "COPY", "_create_time" : 1517289492671, "_last_modified_user" : "system", "_last_modified_time" : 1517289492671, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: vpn Additional Errors:

Edit custom IPSecTunnelProfile

Edit custom IPSec Tunnel Profile. System owned profiles are non editable. Request:
Method:
PUT
URI Path:
/api/v1/vpn/ipsec/tunnel-profiles/<ipsec-vpn-tunnel-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVPNTunnelProfile+

Example Request: PUT https://<nsx-mgr>/api/v1/vpn/ipsec/tunnel-profiles/12a3a34c-c37b-11e7-abc4-cec278b6b50a { "resource_type" : "IPSecVPNTunnelProfile", "id" : "12a3a34c-c37b-11e7-abc4-cec278b6b50a", "display_name" : "nsx-default-tunnel-profile", "enable_perfect_forward_secrecy" : true, "encryption_algorithms" : [ "AES_128" ], "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 3600, "dh_groups" : [ "GROUP14" ], "encapsulation_mode" : "TUNNEL_MODE", "transform_protocol" : "ESP", "df_policy" : "COPY", "_create_time" : 1517289492671, "_last_modified_user" : "system", "_last_modified_time" : 1517289492671, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNTunnelProfile+

Example Response: { "resource_type" : "IPSecVPNTunnelProfile", "id" : "12a3a34c-c37b-11e7-abc4-cec278b6b50a", "display_name" : "nsx-default-tunnel-profile", "enable_perfect_forward_secrecy" : true, "encryption_algorithms" : [ "AES_128" ], "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 3600, "dh_groups" : [ "GROUP14" ], "encapsulation_mode" : "TUNNEL_MODE", "transform_protocol" : "ESP", "df_policy" : "COPY", "_create_time" : 1517289492671, "_last_modified_user" : "system", "_last_modified_time" : 1517289492671, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: vpn Additional Errors:

Get IPSec tunnel profile

Get custom IPSec Tunnel Profile. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/tunnel-profiles/<ipsec-vpn-tunnel-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/tunnel-profiles/12a3a34c-c37b-11e7-abc4-cec278b6b50a Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNTunnelProfile+

Example Response: { "resource_type" : "IPSecVPNTunnelProfile", "id" : "12a3a34c-c37b-11e7-abc4-cec278b6b50a", "display_name" : "nsx-default-tunnel-profile", "enable_perfect_forward_secrecy" : true, "encryption_algorithms" : [ "AES_128" ], "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 3600, "dh_groups" : [ "GROUP14" ], "encapsulation_mode" : "TUNNEL_MODE", "transform_protocol" : "ESP", "df_policy" : "COPY", "_create_time" : 1517289492671, "_last_modified_user" : "system", "_last_modified_time" : 1517289492671, "_system_owned" : true, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: vpn Additional Errors:

Delete custom IPSecTunnelProfile

Delete custom IPSec Tunnel Profile. Request:
Method:
DELETE
URI Path:
/api/v1/vpn/ipsec/tunnel-profiles/<ipsec-vpn-tunnel-profile-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/vpn/ipsec/tunnel-profiles/12a3a34c-c37b-11e7-abc4-cec278b6b50a Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: vpn Additional Errors:

Management Plane API: VPN: L2VPN

Management Plane API: VPN: L2VPN: Services

Associated URIs:

Create L2VPN service

Create L2VPN service for a given logical router Request:
Method:
POST
URI Path:
/api/v1/vpn/l2vpn/services
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
L2VpnService+

Example Request: POST https://<nsx-mgr>/api/v1/vpn/l2vpn/services { "logical_router_id": "88a3c980-c433-43f7-80b8-987c8f80d9e1" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
L2VpnService+

Example Response: { "id": "f962173f-ac03-4d08-8366-56a41779f61d", "logical_router_id": "88a3c980-c433-43f7-80b8-987c8f80d9e1", "logical_tap_ip_pool" : [ "169.254.64.0/24" ], "mode" : "SERVER", "enable_full_mesh" : true } Required Permissions: crud Feature: vpn Additional Errors:

Get all L2VPN services

Get paginated list of all L2VPN services Request:
Method:
GET
URI Path:
/api/v1/vpn/l2vpn/services
Request Headers:
n/a
Query Parameters:
ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/l2vpn/services Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VpnServiceListResult+

Example Response: { "cursor": "00364c87219e-7361-4fa4-9b4e-c612ed56f1fdtier-0", "result_count": 2, "results": [ { "id": "f962173f-ac03-4d08-8366-56a41779f61d", "logical_router_id": "88a3c980-c433-43f7-80b8-987c8f80d9e1", "logical_tap_ip_pool" : [ "169.254.64.0/24" ], "enable_full_mesh" : true } ] } Required Permissions: read Feature: vpn Additional Errors:

Delete a L2VPN service

Delete a specific L2VPN service. If there are any L2VpnSessions on this L2VpnService, those needs to be deleted first. Request:
Method:
DELETE
URI Path:
/api/v1/vpn/l2vpn/services/<l2vpn-service-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/vpn/l2vpn/services/f962173f-ac03-4d08-8366-56a41779f61d Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: vpn Additional Errors:

Get L2VPN service

Get a specific L2VPN service Request:
Method:
GET
URI Path:
/api/v1/vpn/l2vpn/services/<l2vpn-service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/l2vpn/services/f962173f-ac03-4d08-8366-56a41779f61d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VpnService+

Example Response: { "id": "f962173f-ac03-4d08-8366-56a41779f61d", "logical_router_id": "88a3c980-c433-43f7-80b8-987c8f80d9e1", "logical_tap_ip_pool" : [ "169.254.64.0/24" ], "mode" : "SERVER", "enable_full_mesh" : true } Required Permissions: read Feature: vpn Additional Errors:

Edit a L2VPN service

Edit a specific L2VPN service Request:
Method:
PUT
URI Path:
/api/v1/vpn/l2vpn/services/<l2vpn-service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
L2VpnService+

Example Request: PUT https://<nsx-mgr>/api/v1/vpn/l2vpn/services/f962173f-ac03-4d08-8366-56a41779f61d { "id": "f962173f-ac03-4d08-8366-56a41779f61d", "logical_router_id": "88a3c980-c433-43f7-80b8-987c8f80d9e1", "logical_tap_ip_pool" : [ "169.254.64.0/24" ], "mode" : "SERVER", "enable_full_mesh" : true } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VpnService+

Example Response: { "id": "f962173f-ac03-4d08-8366-56a41779f61d", "logical_router_id": "88a3c980-c433-43f7-80b8-987c8f80d9e1", "logical_tap_ip_pool" : [ "169.254.64.0/24" ], "mode" : "SERVER", "enable_full_mesh" : true } Required Permissions: crud Feature: vpn Additional Errors:

Management Plane API: VPN: L2VPN: Sessions

Associated URIs:

Get all L2VPN sessions

Get paginated list of all L2VPN sessions Request:
Method:
GET
URI Path:
/api/v1/vpn/l2vpn/sessions
Request Headers:
n/a
Query Parameters:
L2VpnSessionListParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/l2vpn/services Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VpnSessionListResult+

Example Response: TBD Required Permissions: read Feature: vpn Additional Errors:

Create L2VPN session

Create L2VPN session and bind to a L2VPNService Request:
Method:
POST
URI Path:
/api/v1/vpn/l2vpn/sessions
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
L2VpnSession+

Example Request: POST https://<nsx-mgr>/api/v1/vpn/l2vpn/sessions TBD Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
L2VpnSession+

Example Response: TBD Required Permissions: crud Feature: vpn Additional Errors:

Edit a L2VPN session

Edit a specific L2VPN session Request:
Method:
PUT
URI Path:
/api/v1/vpn/l2vpn/sessions/<l2vpn-session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
L2VpnSession+

Example Request: PUT https://<nsx-mgr>/api/v1/vpn/l2vpn/services/f962173f-ac03-4d08-8366-56a41779f611 TBD Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VpnSession+

Example Response: TBD Required Permissions: crud Feature: vpn Additional Errors:

Delete a L2VPN session

Delete a specific L2VPN session. If there are any logical switch ports attached to it, those needs to be deleted first. Request:
Method:
DELETE
URI Path:
/api/v1/vpn/l2vpn/sessions/<l2vpn-session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/api/v1/vpn/l2vpn/sessions/f962173f-ac03-4d08-8366-56a41779f611 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: vpn Additional Errors:

Get a L2VPN session

Get a specific L2VPN session Request:
Method:
GET
URI Path:
/api/v1/vpn/l2vpn/sessions/<l2vpn-session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/l2vpn/sessions/f962173f-ac03-4d08-8366-56a41779f611 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VpnSession+

Example Response: TBD Required Permissions: read Feature: vpn Additional Errors:

Get peer codes for the L2VpnSession

Get peer codes for the L2VPN session to program the remote side of the tunnel. Request:
Method:
GET
URI Path:
/api/v1/vpn/l2vpn/sessions/<l2vpn-session-id>/peer-codes
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/l2vpn/sessions/f962173f-ac03-4d08-8366-56a41779f611/peer-codes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VpnSessionPeerCodes+

Example Response: TBD Required Permissions: crud Feature: vpn Additional Errors:

Management Plane API: VPN: Statistics

Management Plane API: VPN: Statistics: IKE Service

Associated URIs:

Cumulative statistics for one IKE service instance

Cumulative statistics for one IKE service instance. Query parameter source supports only cached mode. Request:
Method:
GET
URI Path:
/api/v1/vpn/services/<service-id>/summary
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/services/f962173f-ac03-4d08-8366-56a41779f61d/summary?source=cached Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNIKEServiceSummary+

Example Response: { "ipsec_vpn_service_id": "f962173f-ac03-4d08-8366-56a41779f61d", "display_name": "VPN Service", "logical_router_id": "efe62173f-ac03-4d08-8366-56a41779f61d", "ike_summary": "{ "established_ike_sessions": "100", "failed_ike_sessions": "["401","404"]", "total_ike_sessions": "200" }", "traffic_summary_per_session": "[{ "traffic_stats": "{ "packets_in": "100", "packets_out": "77", "bytes_in": "1000", "bytes_out": "830", "dropped_packets": "23" }", "ipsec_vpn_session": "{ "target_display_name": "4630aadd-25d7-4c73-b03c-227ac314dfc4", "is_valid": true, "target_type": "LogicalRouter", "target_id": "4630aadd-25d7-4c73-b03c-227ac314dfc4" }", }]", "aggregate_traffic_counters": "{ "packets_in": "100", "packets_out": "77", "bytes_in": "1000", "bytes_out": "830", "dropped_packets": "23" }", "last_update_timestamp": "1000" } Required Permissions: read Feature: vpn Additional Errors:

Management Plane API: VPN: Statistics: IKE Sessions Status

Associated URIs:

Get IPSec VPN IKE session status

List status of IPSec session. Query parameter source supports both realtime and cached mode. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/sessions/<session-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/sessions/f962173f-ac03-4d08-8366-56a41779f61d/status?source=realtime|cached Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNSessionStatus+

Example Response: { "ipsec_vpn_session_id": "f962173f-ac03-4d08-8366-56a41779f61d", "display_name": "VPN Session", "ike_session_state": "UP", "fail_reason": "", "session_status": "UP", "total_tunnels": 10, "negotiated_tunnels": 10, "failed_tunnels": 0, "aggregate_traffic_counters": "{ "packets_in": "100", "packets_out": "77", "bytes_in": "1000", "bytes_out": "830", "dropped_packets": "23" }", "last_update_timestamp": "1000" } Required Permissions: read Feature: vpn Additional Errors:

Management Plane API: VPN: Statistics: L2VPN Remote MACS

Associated URIs:

Get L2VPN session remote mac for logical switch

Get L2VPN session remote mac for logical switch. Request:
Method:
GET
URI Path:
/api/v1/vpn/l2vpn/sessions/<session-id>/remote-mac
Request Headers:
n/a
Query Parameters:
LogicalSwitchParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/l2vpn/sessions/f962173f-ac03-4d08-8366-56a41779f61d/remote-mac?logical_switch_id=f962173f-ac03-4d08-8366-56a41779f61d Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VPNSessionRemoteMacs+

Example Response: { "session_id": "1f74abad-caec-4889-87e3-ebe9dfa1ad24", "display_name": "l2vpnsession", "result": [ { "remote_mac_addresses": [ 00:0a:95:9d:68:16 ], "logical_switch": { "target_id": "785fd137-933f-4e83-b2be-23c6d2757432", "target_type": "LogicalSwitch" } } ] } Required Permissions: read Feature: vpn Additional Errors:

Management Plane API: VPN: Statistics: L2VPN Session Statistics

Associated URIs:

Get L2VPN session statistics

Get statistics of a L2VPN session. Query parameter source=realtime is the only supported source. Request:
Method:
GET
URI Path:
/api/v1/vpn/l2vpn/sessions/<session-id>/statistics
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/l2vpn/sessions/f962173f-ac03-4d08-8366-56a41779f61d/statistics?source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VPNSessionStatistics+

Example Response: { "tap_traffic_counters": [ { "bytes_out": 0, "packets_out": 0, "bytes_in": 0, "packets_in": 0, "packets_sent_error": 0, "packets_receive_error": 0 } ], "session_id": "1f74abad-caec-4889-87e3-ebe9dfa1ad24", "display_name": "l2vpnsession", "traffic_statistics_per_logical_switch": [ { "bum_bytes_in": 0, "bytes_out": 0, "bum_packets_out": 0, "packets_out": 0, "bytes_in": 42, "bum_packets_in": 0, "packets_in": 3, "packets_sent_error": 0, "packets_receive_error": 3, "logical_switch": { "target_type": "LogicalSwitch", "target_id": "2efdb4b5-f221-4ea0-857a-51133321b07f" }, "bum_bytes_out": 0 }, { "bum_bytes_in": 0, "bytes_out": 0, "bum_packets_out": 0, "packets_out": 0, "bytes_in": 42, "bum_packets_in": 0, "packets_in": 3, "packets_sent_error": 0, "packets_receive_error": 3, "logical_switch": { "target_type": "LogicalSwitch", "target_id": "785fd137-933f-4e83-b2be-23c6d2757432" }, "bum_bytes_out": 0 } ], "partial_stats": false } Required Permissions: read Feature: vpn Additional Errors:

Management Plane API: VPN: Statistics: L2VPN Session Status

Associated URIs:

Get L2VPN session status

Aggregated status of L2VPN session. Query parameter source=realtime|cached is supported. Request:
Method:
GET
URI Path:
/api/v1/vpn/l2vpn/sessions/<session-id>/status
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/l2vpn/sessions/f962173f-ac03-4d08-8366-56a41779f61d/status?source=realtime|cached Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VPNSessionStatus+

Example Response: { "session_id": "1f74abad-caec-4889-87e3-ebe9dfa1ad24", "transport_tunnels": [ { "tunnel_id": { "target_id": "94e03cc2-92f3-4b9b-a3b7-65cd2252cfcd" }, "tunnel_type": "IPSecVPNSession", "status": { "ike_status": { "ike_session_state": "NEGOTIATING", "fail_reason": "Unknown" }, "aggregate_traffic_counters": { "bytes_out": 0, "dropped_packets_in": 0, "packets_out": 0, "bytes_in": 0, "packets_in": 0, "dropped_packets_out": 0 }, "total_tunnels": 0, "failed_tunnels": 0, "last_update_timestamp": 1522734083907, "negotiated_tunnels": 0, "ipsec_vpn_session_id": "94e03cc2-92f3-4b9b-a3b7-65cd2252cfcd", "session_status": "DOWN" } } ], "display_name": "l2vpnsession", "status": "UP" } Required Permissions: read Feature: vpn Additional Errors:

Management Plane API: VPN: Statistics: L2VPN Sessions Summary

Associated URIs:

Get status summary of all existing L2VPN sessions.

Load all the existing L2VPN sessions and return the status summary of all L2VPN sessions. Query parameter source supports only cached mode. Request:
Method:
GET
URI Path:
/api/v1/vpn/l2vpn/sessions/summary
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/l2vpn/sessions/summary?source=cached Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VPNSessionSummary+

Example Response: { "total_l2vpn_sessions": 1, "failed_l2vpn_sessions": 0, "established_l2vpn_sessions": 1 } Required Permissions: read Feature: vpn Additional Errors:

Management Plane API: VPN: Statistics: Reset Sessions Statistics

Associated URIs:

Reset the statistics of the given VPN session

Reset the statistics of the given VPN session. Request:
Method:
POST
URI Path:
/api/v1/vpn/ipsec/sessions/<session-id>/statistics?action=reset
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/vpn/ipsec/sessions/f962173f-ac03-4d08-8366-56a41779f61d/statistics?action=reset Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: vpn Additional Errors:

Management Plane API: VPN: Statistics: Sessions Statistics

Associated URIs:

Get IPSec VPN session statistics

Get statistics of a vpn session across all tunnels and IKE session. Query parameter "source=realtime" is the only supported source. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/sessions/<session-id>/statistics
Request Headers:
n/a
Query Parameters:
DataSourceParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/sessions/f962173f-ac03-4d08-8366-56a41779f61d/statistics?source=realtime Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNSessionStatistics+

Example Response: { "ipsec_vpn_session_id": "f962173f-ac03-4d08-8366-56a41779f61d", "display_name": "VPN Session", "ike_status": "{ "ike_session_state": "UP", "fail_reason": "" }", "ike_traffic_statistics": "{ "packets_in": "100", "packets_out": "77", "bytes_in": "1000", "bytes_out": "830", "fail_count": "23" }", "policy_statistics": "[{ "tunnel_statistics": "{ "tunnel_status": "UP", "tunnel_down_reason": "", "packets_in": "100", "packets_out": "77", "bytes_in": "1000", "bytes_out": "830", "packets_recieve_other_error": "23", "replay_errors": "1", "integrity_failures": "2", "decryption_failures": "1", "sa_expired_errors": "1", "packets_sent_other_error": "1", "seq_number_overflow_error": "1", "encryption_failures": "1" }", "policy_id": "f962173f-ac03-4d08-8366-56a41779f61d", "tunnel_port_id": "efd962173f-ac03-4d08-8366-56a41779f61d" }]", "aggregate_traffic_counters": "{ "packets_in": "100", "packets_out": "77", "bytes_in": "1000", "bytes_out": "830", "dropped_packets": "23" }", "last_update_timestamp": "1000", "partial_stats": false } Required Permissions: read Feature: vpn Additional Errors:

Management Plane API: VPN: Statistics: Sessions Summary

Associated URIs:

VPN session summary

VPN session summary gets summary per vpn sessions and IKE session. Query parameter source supports only cached mode. Request:
Method:
GET
URI Path:
/api/v1/vpn/ipsec/sessions/summary
Request Headers:
n/a
Query Parameters:
SessionSummaryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/vpn/ipsec/sessions/summary?site_id=f962173f-ac03-4d08-8366-56a41779f61d?source=cached Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVPNSessionSummary+

Example Response: { "session_summary": "{ "established_sessions": 1, "failed_sessions": 0, "degraded_sessions": 0, "total_sessions": 1 }", "traffic_summary_per_session": "[{ "traffic_stats": "{ "packets_in": "100", "packets_out": "77", "bytes_in": "1000", "bytes_out": "830", "dropped_packets": "23" }", "ipsec_vpn_session": "{ "target_display_name": "4630aadd-25d7-4c73-b03c-227ac314dfc4", "is_valid": true, "target_type": "LogicalRouter", "target_id": "4630aadd-25d7-4c73-b03c-227ac314dfc4" }", }]", "aggregate_traffic_counters": "{ "packets_in": "100", "packets_out": "77", "bytes_in": "1000", "bytes_out": "830", "dropped_packets": "23" }", "last_update_timestamp": "1000" } Required Permissions: read Feature: vpn Additional Errors:

Nsx-Intelligence

Nsx-Intelligence: Deployments

Associated URIs:

Deploy and register a Intelligence cluster node VM

Deploys a Intelligence cluster node VM as specified by the deployment config.
Request:
Method:
POST
URI Path:
/api/v1/intelligence/nodes/deployments
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
AddIntelligenceClusterNodeVMInfo+

Example Request: POST https://<nsx-mgr>/api/v1/intelligence/nodes/deployments { "deployment_requests": [ { "form_factor": "SMALL", "user_settings": { "cli_password": "CLIp4$$w4rd", "root_password": "ROOTp4$$w4rd" }, "deployment_config": { "placement_type": "IntelligenceVsphereClusterNodeVMDeploymentConfig", "vc_id": "69874c95-51ed-4775-bba8-e0d13bdb4fed", "management_network_id": "network-13", "hostname": "node-0", "display_name": "Intelligence-vm", "compute_id": "domain-s9", "storage_id": "datastore-12", "default_gateway_addresses":[ "10.33.79.253" ], "management_port_subnets":[ { "ip_addresses":[ "10.33.79.64" ], "prefix_length": 22 } ], "dns_servers": [ "10.33.38.2" ] } } ] } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
IntelligenceClusterNodeVMDeploymentRequestList+

Example Response: { "result_count": 2, "results": [ { "vm_id": "71f02260-644f-4482-aa9a-ab8570bb49a3", "deployment_config": { "placement_type": "IntelligenceVsphereClusterNodeVMDeploymentConfig", "vc_id": "69874c95-51ed-4775-bba8-e0d13bdb4fed", "management_network_id": "network-13", "default_gateway_addresses": [ "10.33.79.253" ], "hostname": "node-0", "display_name": "Intelligence-vm", "compute_id": "domain-s9", "storage_id": "datastore-12", "management_port_subnets": [ { "ip_addresses": [ "10.33.79.64" ], "prefix_length": 22 } ], "dns_servers": [ "10.33.38.2" ] }, "form_factor": "SMALL" }, { "vm_id": "38029a2b-b9bc-467f-8138-aef784e802cc", "deployment_config": { "placement_type": "IntelligenceVsphereClusterNodeVMDeploymentConfig", "vc_id": "69874c95-51ed-4775-bba8-e0d13bdb4fed", "management_network_id": "network-13", "default_gateway_addresses":[ "10.33.79.253" ], "hostname": "node-1", "compute_id": "domain-s9", "storage_id": "datastore-12", "management_port_subnets":[ { "ip_addresses":[ "10.33.79.65" ], "prefix_length": 22 } ], "dns_servers": [ "10.33.38.2" ] }, "form_factor": "SMALL" } ] } Required Permissions: crud Feature: nsx_intelligence_cluster_node_deployment Additional Errors:

Returns info for all cluster node VM auto-deployment attempts

Returns request information for every attempted deployment of a cluster
node VM.
Request:
Method:
GET
URI Path:
/api/v1/intelligence/nodes/deployments
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/intelligence/nodes/deployments Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IntelligenceClusterNodeVMDeploymentRequestList+

Example Response: { "result_count": 2, "results": [ { "deployment_config": { "placement_type": "IntelligenceVsphereClusterNodeVMDeploymentConfig", "vc_id": "15145422-47a1-4c55-81da-01d953151d1f", "management_network_id": "network-158", "default_gateway_addresses": [ "10.33.79.253" ], "hostname": "node-0", "display_name": "Intelligence-vm", "compute_id": "domain-c154", "storage_id": "datastore-157", "management_port_subnets": [ { "ip_addresses": [ "10.33.79.64" ], "prefix_length": 22 } ], "dns_servers": [ "10.33.38.2" ] }, "form_factor": "SMALL" }, { "deployment_config": { "placement_type": "IntelligenceVsphereClusterNodeVMDeploymentConfig", "vc_id": "feb17651-49a7-4ce6-88b4-41d3f624e53b", "management_network_id": "network-158", "default_gateway_addresses": [ "10.33.79.253" ], "hostname": "node-0", "display_name": "Intelligence-vm", "compute_id": "domain-c154", "storage_id": "datastore-157", "management_port_subnets": [ { "ip_addresses": [ "10.33.79.64" ], "prefix_length": 22 } ], "dns_servers": [ "10.33.38.2" ] }, "form_factor": "SMALL" } ] } Required Permissions: read Feature: nsx_intelligence_cluster_node_deployment Additional Errors:

Returns info for a Intelligence cluster node VM auto-deployment attempt

Returns deployment request information for a specific attempted
deployment of a cluster node VM.
Request:
Method:
GET
URI Path:
/api/v1/intelligence/nodes/deployments/<node-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/intelligence/nodes/deployments/12f563af-af9f-48f3-848e-e9257c8740b0 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IntelligenceClusterNodeVMDeploymentRequest+

Example Response: { "vm_id": "12f563af-af9f-48f3-848e-e9257c8740b0", "deployment_config": { "placement_type": "IntelligenceVsphereClusterNodeVMDeploymentConfig", "vc_id": "15145422-47a1-4c55-81da-01d953151d1f", "management_network_id": "network-158", "default_gateway_addresses": [ "10.33.79.253" ], "hostname": "node-0", "display_name": "Intelligence-vm", "compute_id": "domain-c154", "storage_id": "datastore-157", "management_port_subnets": [ { "ip_addresses": [ "10.33.79.64" ], "prefix_length": 22 } ], "dns_servers": [ "10.33.38.2" ] }, "form_factor": "SMALL" } Required Permissions: read Feature: nsx_intelligence_cluster_node_deployment Additional Errors:

Returns the status of the VM creation/deletion

Returns the current deployment or undeployment status for a VM along with
any other relevant current information, such as error messages.
Request:
Method:
GET
URI Path:
/api/v1/intelligence/nodes/deployments/<node-id>/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/intelligence/nodes/deployments/12f563af-af9f-48f3-848e-e9257c8740b0/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IntelligenceClusterNodeVMDeploymentStatusReport+

Example Response: { "status": "VM_POWER_ON_FAILED", "failure_message": "The deletion of Intelligence cluster node VM has failed.", "failure_code": 21005 } Required Permissions: read Feature: nsx_intelligence_cluster_node_deployment Additional Errors:

Attempt to delete an auto-deployed cluster node VM

Attempts to unregister and undeploy a specified auto-deployed cluster
node VM. If it is a member of a cluster, then the VM will be automatically
detached from the cluster before being unregistered and undeployed.
Alternatively, if the original deployment attempt failed or the VM is
not found, cleans up the deployment information associated with the
deployment attempt.
Note: If a VM has been successfully auto-deployed, then the associated
deployment information will not be deleted unless and until the VM is
successfully deleted.
Request:
Method:
POST
URI Path:
/api/v1/intelligence/nodes/deployments/<node-id>?action=delete
Request Headers:
n/a
Query Parameters:
IntelligenceClusterNodeVMDeletionParameters+
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/intelligence/nodes/deployments/12f563af-af9f-48f3-848e-e9257c8740b0?action=delete Successful Response:
Response Code:
202 Accepted
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: nsx_intelligence_cluster_node_deployment Additional Errors:

Nsx-Intelligence: Host

Associated URIs:

Patch NSX-Intelligence host configuration

Patch the current NSX-Intelligence host configuration.
Return error if NSX-Intelligence is not registered with NSX.
Request:
Method:
PATCH
URI Path:
/api/v1/intelligence/host-config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IntelligenceHostConfigurationInfo+

Example Request: PATCH https://<nsx-mgr>/api/v1/intelligence/host-config { "flow_data_collection_interval": 2, "context_data_collection_interval": 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IntelligenceHostConfigurationInfo+

Example Response: { "enable_data_collection": true, "broker_bootstrap_servers": [ { "address": "127.0.0.1", "port": 9092 } ], "flow_data_collection_interval": 2, "max_active_flow_count": 25000, "max_inactive_flow_count": 50000, "private_ip_prefix": [ { "address_type": "IPV4", "address": "10.0.0.0", "prefix_length": 8 }, { "address_type": "IPV4", "address": "172.16.0.0", "prefix_length": 12 }, { "address_type": "IPV4", "address": "192.168.0.0", "prefix_length": 16 } ], "context_data_collection_interval": 2 } Required Permissions: crud Feature: nsx_intelligence_host_configuration Additional Errors:

Get NSX-Intelligence host configuration

Get the current NSX-Intelligence host configuration.
Request:
Method:
GET
URI Path:
/api/v1/intelligence/host-config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/intelligence/host-config Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IntelligenceHostConfigurationInfo+

Example Response: { "enable_data_collection": true, "broker_bootstrap_servers": [ { "address": "127.0.0.1", "port": 9092 } ], "flow_data_collection_interval": 5, "max_active_flow_count": 25000, "max_inactive_flow_count": 50000, "private_ip_prefix": [ { "address_type": "IPV4", "address": "10.0.0.0", "prefix_length": 8 }, { "address_type": "IPV4", "address": "172.16.0.0", "prefix_length": 12 }, { "address_type": "IPV4", "address": "192.168.0.0", "prefix_length": 16 } ], "context_data_collection_interval": 5 } Required Permissions: read Feature: nsx_intelligence_host_configuration Additional Errors:

Reset NSX-Intelligence host configuration

Reset NSX-Intelligence host configuration to the default setting.
Clear NSX-Intelligence host configuration if NSX-Intelligence is not registered with NSX.
Return the NSX-Intelligence host configuration after reset operation.
Request:
Method:
POST
URI Path:
/api/v1/intelligence/host-config?action=reset
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<nsx-mgr>/api/v1/intelligence/host-config?action=reset Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IntelligenceHostConfigurationInfo+

Example Response: { "enable_data_collection": true, "broker_bootstrap_servers": [ { "address": "127.0.0.1", "port": 9092 } ], "flow_data_collection_interval": 5, "max_active_flow_count": 25000, "max_inactive_flow_count": 50000, "private_ip_prefix": [ { "address_type": "IPV4", "address": "10.0.0.0", "prefix_length": 8 }, { "address_type": "IPV4", "address": "172.16.0.0", "prefix_length": 12 }, { "address_type": "IPV4", "address": "192.168.0.0", "prefix_length": 16 } ], "context_data_collection_interval": 5 } Required Permissions: crud Feature: nsx_intelligence_host_configuration Additional Errors:

Policy

Policy: Draft

Associated URIs:

List policy drafts

List policy drafts. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/drafts
Request Headers:
n/a
Query Parameters:
PolicyDraftListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/drafts Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyDraftListResult+

Example Response: TODO Required Permissions: read Feature: policy_dfw Additional Errors:

Read draft

Read a draft for a given draft identifier.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/drafts/<draft-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/drafts/test_draft Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyDraft+

Example Response: TODO Required Permissions: read Feature: policy_dfw Additional Errors:

Create or update a manual draft

Create a new manual draft if the specified draft id does not correspond
to an existing draft. Update the manual draft otherwise.
Auto draft can not be updated.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/drafts/<draft-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyDraft+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/drafts/test_draft Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyDraft+

Example Response: TODO Required Permissions: crud Feature: policy_dfw Additional Errors:

Patch a manual draft

Create a new manual draft if the specified draft id does not correspond
to an existing draft. Update the manual draft otherwise.
Auto draft can not be updated.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/drafts/<draft-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyDraft+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/drafts/test_draft Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Delete a manual draft

Delete a manual draft. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/drafts/<draft-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/drafts/test_draft Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Get an aggregated configuration for the draft

Get an aggregated configuration that will get applied onto current
configuration during publish of this draft.
The response is a hierarichal payload containing the aggregated
configuration differences from the latest auto draft till the specified draft.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/drafts/<draft-id>/aggregated
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/drafts/test_draft/aggregated Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Infra+

Example Response: TODO Required Permissions: read Feature: policy_dfw Additional Errors:

Get a preview of a configuration after publish of a draft

Get a preview of a configuration which will be present after publish of
a specified draft. The response essentially is a hierarichal payload
containing the configuration, which will be in active after a specified
draft gets published onto current configuration.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/drafts/<draft-id>/complete
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/drafts/test_draft/complete Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Infra+

Example Response: TODO Required Permissions: read Feature: policy_dfw Additional Errors:

Aborts publishing of a draft if there is a failure

If there is a failure during publish, the admin can choose to abort
the publishing attempts. This will bring back the system to the current
configuration, i.e just before the publish was invoked. If draft publishing
is not in progress or already completed, then this is a NO-OP
Request:
Method:
POST
URI Path:
/policy/api/v1/infra/drafts/<draft-id>?action=abort
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<policy-mgr>/policy/api/v1/infra/drafts/test_draft?action=abort Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Publish a draft

Read a draft and publish it by applying changes onto current configuration.
Request:
Method:
POST
URI Path:
/policy/api/v1/infra/drafts/<draft-id>?action=publish
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Infra+

Example Request: POST https://<policy-mgr>/policy/api/v1/infra/drafts/test_draft?action=publish Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Policy: Infra

Policy: Infra: Certificates

Associated URIs:

Return All the User-Facing Components' Certificates

Returns all certificate information viewable by the user, including each
certificate's id; resource_type (for example, certificate_self_signed,
certificate_ca, or certificate_signed); pem_encoded data; and history of the
certificate (who created or modified it and when). For additional
information, include the ?details=true modifier at the end of the request
URI.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/certificates
Request Headers:
n/a
Query Parameters:
ListCertParameter+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/certificates/certificate-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TlsCertificateList+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 2, "results": [ { "resource_type": "TlsCertificate", "id": "caCert", "display_name": "/infra/certificates/caCert", "path": "/infra/certificates/caCert", "parent_path": "/infra/certificates/caCert", "relative_path": "caCert", "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n", "_create_user": "admin", "_create_time": 1516329725649, "_last_modified_user": "admin", "_last_modified_time": 1516329725649, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "TlsCertificate", "id": "selfSignedCert", "display_name": "/infra/certificates/selfSignedCert", "path": "/infra/certificates/selfSignedCert", "parent_path": "/infra/certificates/selfSignedCert", "relative_path": "selfSignedCert", "details": [ { "issuer_cn": "vSM Test Certificate", "public_key_length": 1024, "signature": "4e cf ff 36 ac a1", "not_before": 1323772715000, "subject": "1.2.840.113549.1.9.1=#16076140622e636f6d,CN=vSM Test Certificate,OU=vShield,O=VMware,L=Pune,ST=Maharashtra,C=IN", "serial_number": "ca55f5e21a0b2dd2", "public_key_algo": "RSA", "version": "1", "issuer": "1.2.840.113549.1.9.1=#16076140622e636f6d,CN=vSM Test Certificate,OU=vShield,O=VMware,L=Pune,ST=Maharashtra,C=IN", "is_ca": false, "subject_cn": "vSM Test Certificate", "not_after": 1355308715000, "is_valid": false, "rsa_public_key_exponent": "10001", "signature_algorithm": "SHA1WITHRSA", "rsa_public_key_modulus": "00 b7 8f 79 e4" } ], "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n", "_create_user": "admin", "_create_time": 1516338671237, "_last_modified_user": "admin", "_last_modified_time": 1516338671237, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_certificate Additional Errors:

Delete Certificate for the Given Certificate ID

Removes the specified certificate. The private key associated with the
certificate is also deleted.
Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/certificates/<certificate-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/certificates/signedDigitalCert Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_certificate Additional Errors:

Add a New Certificate

Adds a new private-public certificate and, optionally, a private key that
can be applied to one of the user-facing components (appliance management
or edge). The certificate and the key should be stored in PEM format. If
no private key is provided, the certificate is used as a client
certificate in the trust store. A certificate chain will not be expanded
into separate certificate instances for reference, but would be pushed to
the enforcement point as a single certificate. This patch method does
not modify an existing certificate.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/certificates/<certificate-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TlsTrustData+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/certificates/certificate-1 { "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n", "private_key": "-----BEGIN RSA PRIVATE KEY----------END RSA PRIVATE KEY-----\n", "passphrase": "1234" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_certificate Additional Errors:

Show Certificate Data for the Given Certificate ID

Returns information for the specified certificate ID, including the
certificate's id; resource_type (for example, certificate_self_signed,
certificate_ca, or certificate_signed); pem_encoded data; and history of the
certificate (who created or modified it and when). For additional
information, include the ?details=true modifier at the end of the request
URI.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/certificates/<certificate-id>
Request Headers:
n/a
Query Parameters:
GetCertParameter+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/certificates/certificate-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TlsCertificate+

Example Response: { "resource_type": "TlsCertificate", "id": "selfSignedCert", "display_name": "/infra/certificates/selfSignedCert", "path": "/infra/certificates/selfSignedCert", "parent_path": "/infra/certificates/selfSignedCert", "relative_path": "selfSignedCert", "details": [ { "issuer_cn": "vSM Test Certificate", "public_key_length": 1024, "signature": "4e cf ff 36 ac a1", "not_before": 1323772715000, "subject": "1.2.840.113549.1.9.1=#16076140622e636f6d,CN=vSM Test Certificate,OU=vShield,O=VMware,L=Pune,ST=Maharashtra,C=IN", "serial_number": "ca55f5e21a0b2dd2", "public_key_algo": "RSA", "version": "1", "issuer": "1.2.840.113549.1.9.1=#16076140622e636f6d,CN=vSM Test Certificate,OU=vShield,O=VMware,L=Pune,ST=Maharashtra,C=IN", "is_ca": false, "subject_cn": "vSM Test Certificate", "not_after": 1355308715000, "is_valid": false, "rsa_public_key_exponent": "10001", "signature_algorithm": "SHA1WITHRSA", "rsa_public_key_modulus": "00 b7 8f 79 e4" } ], "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n", "_create_user": "admin", "_create_time": 1516338671237, "_last_modified_user": "admin", "_last_modified_time": 1516338671237, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_certificate Additional Errors:

Add a New Certificate

Adds a new private-public certificate and, optionally, a private key that
can be applied to one of the user-facing components (appliance management
or edge). The certificate and the key should be stored in PEM format. If
no private key is provided, the certificate is used as a client
certificate in the trust store. A certificate chain will not be expanded
into separate certificate instances for reference, but would be pushed to
the enforcement point as a single certificate.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/certificates/<certificate-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TlsTrustData+

Example Request: PUT https://<policy-mgr>/policy/api/v1/certificates/certificate-1 { "_revision":"0", "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n", "private_key": "-----BEGIN RSA PRIVATE KEY----------END RSA PRIVATE KEY-----\n", "passphrase": "1234" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TlsCertificate+

Example Response: { "resource_type": "TlsCertificate", "id": "selfSignedCert", "display_name": "/infra/certificates/selfSignedCert", "path": "/infra/certificates/selfSignedCert", "parent_path": "/infra/certificates/selfSignedCert", "relative_path": "selfSignedCert", "details": [ { "issuer_cn": "vSM Test Certificate", "public_key_length": 1024, "signature": "4e cf ff 36 ac a1", "not_before": 1323772715000, "subject": "1.2.840.113549.1.9.1=#16076140622e636f6d,CN=vSM Test Certificate,OU=vShield,O=VMware,L=Pune,ST=Maharashtra,C=IN", "serial_number": "ca55f5e21a0b2dd2", "public_key_algo": "RSA", "version": "1", "issuer": "1.2.840.113549.1.9.1=#16076140622e636f6d,CN=vSM Test Certificate,OU=vShield,O=VMware,L=Pune,ST=Maharashtra,C=IN", "is_ca": false, "subject_cn": "vSM Test Certificate", "not_after": 1355308715000, "is_valid": false, "rsa_public_key_exponent": "10001", "signature_algorithm": "SHA1WITHRSA", "rsa_public_key_modulus": "00 b7 8f 79 e4" } ], "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n", "_create_user": "admin", "_create_time": 1516338671237, "_last_modified_user": "admin", "_last_modified_time": 1516338671237, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_certificate Additional Errors:

Policy: Infra: Certificates: Certification Revocation List

Associated URIs:

Return All Added CRLs

Returns information about all CRLs. For additional information, include the
?details=true modifier at the end of the request URI.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/crls
Request Headers:
n/a
Query Parameters:
ListCertParameter+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/crls?details=true Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TlsCrlListResult+

Example Response: { "result_count": 1, "results": [ { "resource_type": "TlsCrl", "display_name": "revoked certificates", "path": "/infra/crls/revokedCerts", "parent_path": "/infra", "relative_path": "revokedCerts", "pem_encoded": "-----BEGIN X509 CRL----------END X509 CRL-----\n", "details": { "next_update": "945220365000", "issuer": "1.2.840.113549.1.9.1=#161d726f6f744069676c6f6f2e6974732e756e696d656c622e6564752e6175,CN=igloo Certificate Authority,OU=Certificates Administration,O=igloo CA,L=Melbourne,ST=Victoria,C=AU", "version": "1" }, "_revision": 1, "_last_modified_user": "admin", "_last_modified_time": 1413387436438, "_create_time": 1413386249116, "_create_user": "admin" } ] } Required Permissions: read Feature: policy_certificate Additional Errors:

Delete a CRL

Deletes an existing CRL. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/crls/<crl-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/crls/revokedCerts Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_certificate Additional Errors:

Create or patch a Certificate Revocation List

Create or patch a Certificate Revocation List for the given id. The CRL is used to
verify the client certificate status against the revocation lists published by the CA.
For this reason, the administrator needs to add the CRL in certificate repository as well.
The CRL must contain PEM data for a single CRL.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/crls/<crl-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TlsCrl+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/crls/revokedCertsb { "display_name": "Revoked Certificates", "pem_encoded": "-----BEGIN X509 CRL----------END X509 CRL-----\n" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 Ok Required Permissions: crud Feature: policy_certificate Additional Errors:

Show CRL Data for the Given CRL id.

Returns information about the specified CRL. For additional information,
include the ?details=true modifier at the end of the request URI.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/crls/<crl-id>
Request Headers:
n/a
Query Parameters:
GetCertParameter+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/crls/revokedCerts?details=true Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TlsCrl+

Example Response: { "resource_type": "TlsCrl", "display_name": "revoked certificates", "path": "/infra/crls/revokedCerts", "parent_path": "/infra", "relative_path": "revokedCerts", "pem_encoded": "-----BEGIN X509 CRL----------END X509 CRL-----\n", "details": { "next_update": "945220365000", "issuer": "1.2.840.113549.1.9.1=#161d726f6f744069676c6f6f2e6974732e756e696d656c622e6564752e6175,CN=igloo Certificate Authority,OU=Certificates Administration,O=igloo CA,L=Melbourne,ST=Victoria,C=AU", "version": "1" }, "_revision": 1, "_last_modified_user": "admin", "_last_modified_time": 1413387436438, "_create_time": 1413386249116, "_create_user": "admin" } Required Permissions: read Feature: policy_certificate Additional Errors:

Create or fully replace a Certificate Revocation List

Create or replace a Certificate Revocation List for the given id. The CRL is used to
verify the client certificate status against the revocation lists published by the CA.
For this reason, the administrator needs to add the CRL in certificate repository as well.
The CRL must contain PEM data for a single CRL. Revision is required.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/crls/<crl-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TlsCrl+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/crls/revokedCertsb { "display_name": "Revoked Certificates", "pem_encoded": "-----BEGIN X509 CRL----------END X509 CRL-----\n", "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
TlsCrl+

Example Response: { "resource_type": "TlsCrl", "display_name": "revoked certificates", "path": "/infra/crls/revokedCerts", "parent_path": "/infra", "relative_path": "revokedCerts", "pem_encoded": "-----BEGIN X509 CRL----------END X509 CRL-----\n", "details": { "next_update": "945220365000", "issuer": "1.2.840.113549.1.9.1=#161d726f6f744069676c6f6f2e6974732e756e696d656c622e6564752e6175,CN=igloo Certificate Authority,OU=Certificates Administration,O=igloo CA,L=Melbourne,ST=Victoria,C=AU", "version": "1" }, "_revision": 1, "_last_modified_time": 1413386249116, "_create_time": 1413386249116, "_create_user": "admin", "_last_modified_user": "admin" } Required Permissions: crud Feature: policy_certificate Additional Errors:

Create a new Certificate Revocation List

Adds a new certificate revocation list (CRLs). The CRL is used to verify the client
certificate status against the revocation lists published by the CA. For this reason,
the administrator needs to add the CRL in certificate repository as well.
The CRL can contain a single CRL or multiple CRLs depending on the PEM data.
- Single CRL: a single CRL is created with the given id.
- Composite CRL: multiple CRLs are generated. Each of the CRL is created with an id
generated based on the given id. First CRL is created with crl-id, second with crl-id-1,
third with crl-id-2, etc.
Request:
Method:
POST
URI Path:
/policy/api/v1/infra/crls/<crl-id>?action=import
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
TlsCrl+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/crls/revokedCertsb { "display_name": "Revoked Certificates", "pem_encoded": "-----BEGIN X509 CRL----------END X509 CRL-----\n" } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
TlsCrlListResult+

Example Response: { "results": [{ "resource_type": "TlsCrl", "display_name": "revoked certificates", "path": "/infra/crls/revokedCerts", "parent_path": "/infra", "relative_path": "revokedCerts", "pem_encoded": "-----BEGIN X509 CRL----------END X509 CRL-----\n", "_revision": 0, "_last_modified_user": "admin", "_last_modified_time": 1413387436438, "_create_time": 1413386249116, "_create_user": "admin" }] } Required Permissions: crud Feature: policy_certificate Additional Errors:

Policy: Infra: Constraints

Associated URIs:

List tenant Constraints.

List tenant constraints. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/constraints
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>policy/api/v1/infra/constraints Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ConstraintListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 3, "results": [ { "constraint_expression": { "resource_type": "RelatedAttributeConditionalExpression", "condition": { "value_constraint": { "resource_type": "ValueConstraintExpression", "values": [ "/infra/services/HTTP", "/infra/services/HTTPS" ], "operator": "INCLUDES", "_protection": "NOT_PROTECTED" }, "rhs_value": [ "/infra/domains/mgw/groups/VCENTER" ], "operator": "INCLUDES" }, "related_attribute": { "attribute": "destinationGroups" }, "_protection": "NOT_PROTECTED" }, "target": { "target_resource_type": "CommunicationEntry", "attribute": "services", "path_prefix": "/infra/domains/amar/edge-communication-maps/default/communication-entries/" }, "_protection": "NOT_PROTECTED" }, { "constraint_expression": { "resource_type": "ValueConstraintExpression", "values": [ "ALLOW" ], "operator": "EQUALS", "_protection": "NOT_PROTECTED" }, "target": { "target_resource_type": "CommunicationEntry", "attribute": "action", "path_prefix": "/infra/domains/amar/edge-communication-maps/default/communication-entries/" }, "_protection": "NOT_PROTECTED" }, { "constraint_expression": { "resource_type": "ValueConstraintExpression", "values": [ "/infra/domains/amar/groups/VCENTER" ], "operator": "INCLUDES", "_protection": "NOT_PROTECTED" }, "target": { "target_resource_type": "CommunicationEntry", "attribute": "destinationGroups", "path_prefix": "/infra/domains/amar/edge-communication-maps/default/communication-entries/" }, "_protection": "NOT_PROTECTED" } ] } Required Permissions: read Feature: policy_constraints Additional Errors:

Read tenant Constraint.

Read tenant constraint. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/constraints/<constraint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>policy/api/v1/infra/constraints/related-attribute-constraint Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Constraint+

Example Response: { "constraint_expression": { "resource_type": "RelatedAttributeConditionalExpression", "condition": { "value_constraint": { "resource_type": "ValueConstraintExpression", "values": [ "/infra/services/HTTP", "/infra/services/HTTPS" ], "operator": "INCLUDES", "_protection": "NOT_PROTECTED" }, "rhs_value": [ "/infra/domains/mgw/groups/VCENTER" ], "operator": "INCLUDES" }, "related_attribute": { "attribute": "destinationGroups" }, "_protection": "NOT_PROTECTED" }, "target": { "target_resource_type": "CommunicationEntry", "attribute": "services", "path_prefix": "/infra/domains/amar/edge-communication-maps/default/communication-entries/" }, "_protection": "NOT_PROTECTED" } Required Permissions: read Feature: policy_constraints Additional Errors:

Create or update tenant Constraint

Create tenant constraint if it does not exist,
otherwise replace the existing constraint.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/constraints/<constraint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Constraint+

Example Request: PUT https://<policy-mgr>policy/api/v1/infra/constraints/value-constraint { "target":{ "target_resource_type":"CommunicationEntry", "attribute":"services", "path_prefix":"/infra/domains/{{DOMAIN}}/edge-communication-maps/default/communication-entries/" }, "constraint_expression":{ "resource_type":"RelatedAttributeConditionalExpression", "related_attribute":{ "attribute":"destinationGroups" }, "condition":{ "operator":"INCLUDES", "rhs_value":["/infra/domains/mgw/groups/VCENTER"], "value_constraint":{ "operator":"INCLUDES", "values":["/infra/services/HTTP", "/infra/services/HTTPS"] } } } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Constraint+

Example Response: { "constraint_expression": { "resource_type": "RelatedAttributeConditionalExpression", "condition": { "value_constraint": { "resource_type": "ValueConstraintExpression", "values": [ "/infra/services/HTTP", "/infra/services/HTTPS" ], "operator": "INCLUDES", "_protection": "NOT_PROTECTED" }, "rhs_value": [ "/infra/domains/mgw/groups/VCENTER" ], "operator": "INCLUDES" }, "related_attribute": { "attribute": "destinationGroups" }, "_protection": "NOT_PROTECTED" }, "target": { "target_resource_type": "CommunicationEntry", "attribute": "services", "path_prefix": "/infra/domains/amar/edge-communication-maps/default/communication-entries/" }, "_protection": "NOT_PROTECTED" } Required Permissions: crud Feature: policy_constraints Additional Errors:

Create or update tenant Constraint

Create tenant constraint if not exists, otherwise update the existing constraint.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/constraints/<constraint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Constraint+

Example Request: 1. PUT https://<policy-mgr>policy/api/v1/infra/constraints/related-attribute-constraint { "target":{ "target_resource_type":"CommunicationEntry", "attribute":"services", "path_prefix": "/infra/domains/{{DOMAIN}}/edge-communication-maps/default/communication-entries/" }, "constraint_expression": { "resource_type": "RelatedAttributeConditionalExpression", "related_attribute":{ "attribute":"destinationGroups" }, "condition" : { "operator":"INCLUDES", "rhs_value": ["/infra/domains/mgw/groups/VCENTER"], "value_constraint": { "resource_type": "ValueConstraintExpression", "operator":"INCLUDES", "values":["/infra/services/HTTP", "/infra/services/HTTPS"] } } } } 2. PUT https://<policy-mgr>policy/api/v1/infra/constraints/sanity { "target": { "target_resource_type": "DnsForwarderZone", "attribute": "upstreamServers", "path_prefix": "/infra/dns-forwarder-zones/" }, "constraint_expression": { "resource_type": "FieldSanityConstraintExpression", "operator": "OR", "checks": ["ALL_PUBLIC_IPS", "ALL_PRIVATE_IPS"] } } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_constraints Additional Errors:

Delete tenant Constraint.

Delete tenant constraint. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/constraints/<constraint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>policy/api/v1/infra/constraints/related-attribute-constraint Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_constraints Additional Errors:

Policy: Infra: Deployment Zones

Associated URIs:

List Deployment Zones for infra (Deprecated)

Paginated list of all Deployment zones for infra.
This is a deprecated API. DeploymentZone has been renamed to Site.
Use GET /infra/sites.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/deployment-zones
Request Headers:
n/a
Query Parameters:
DeploymentZoneListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DeploymentZoneListResult+

Required Permissions: read Feature: site_admin Additional Errors:

Read a DeploymentZone (Deprecated)

Read a Deployment Zone.
This is a deprecated API. DeploymentZone has been renamed to Site.
Use GET /infra/sites/site-id.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/deployment-zones/<deployment-zone-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DeploymentZone+

Required Permissions: read Feature: site_admin Additional Errors:

Policy: Infra: Domains

Associated URIs:

List domains for infra

Paginated list of all domains for infra.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains
Request Headers:
n/a
Query Parameters:
DomainListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DomainListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "Domain", "description": "VMC Domain", "id": "vmc", "display_name": "VMC domain", "path": "/infra/domains/vmc", "parent_path": "/infra/domains/vmc", "relative_path": "vmc", "_create_user": "admin", "_create_time": 1517307910473, "_last_modified_user": "admin", "_last_modified_time": 1517307910473, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: domain_admin Additional Errors:

Read domain

Read a domain.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/vmc Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Domain+

Example Response: { "resource_type": "Domain", "description": "VMC Domain", "id": "vmc", "display_name": "VMC domain", "path": "/infra/domains/vmc", "parent_path": "/infra/domains/vmc", "relative_path": "vmc", "_create_user": "admin", "_create_time": 1517307910473, "_last_modified_user": "admin", "_last_modified_time": 1517307910473, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: domain_admin Additional Errors:

Create or update a domain

If a domain with the domain-id is not already present, create a new
domain. If it already exists, update the domain including the nested
groups. This is a full replace
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Domain+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/domains/vmc { "description": "VMC Domain", "display_name": "VMC domain", "_revision":0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Domain+

Example Response: { "resource_type": "Domain", "description": "VMC Domain", "id": "vmc", "display_name": "VMC domain", "path": "/infra/domains/vmc", "parent_path": "/infra/domains/vmc", "relative_path": "vmc", "_create_user": "admin", "_create_time": 1517307910473, "_last_modified_user": "admin", "_last_modified_time": 1517307910473, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: domain_admin Additional Errors:

Patch a domain

If a domain with the domain-id is not already present, create a new
domain. If it already exists, patch the domain
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Domain+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/domains/vmc { "description": "VMC Domain Patched", "display_name": "VMC domain", "_revision":0 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: domain_admin Additional Errors:

Delete Domain and all the entities contained by this domain

Delete the domain along with all the entities contained by this domain.
The groups that are a part of this domain are also deleted along with
the domain.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/domains/vmc Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: domain_admin Additional Errors:

Policy: Infra: Domains: Domain Deployment Maps

Associated URIs:

List Domain Deployment maps for infra

Paginated list of all Domain Deployment Entries for infra.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/domain-deployment-maps
Request Headers:
n/a
Query Parameters:
DomainDeploymentMapListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DomainDeploymentMapListResult+

Required Permissions: read Feature: infra_admin Additional Errors:

Create a new Domain Deployment Map under infra

If the passed Domain Deployment Map does not already exist, create a new Domain Deployment Map.
If it already exist, replace it.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/domain-deployment-maps/<domain-deployment-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DomainDeploymentMap+

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DomainDeploymentMap+

Required Permissions: crud Feature: infra_admin Additional Errors:

Read a DomainDeploymentMap

Read a Domain Deployment Map
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/domain-deployment-maps/<domain-deployment-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DomainDeploymentMap+

Required Permissions: read Feature: infra_admin Additional Errors:

Delete Domain Deployment Map

Delete Domain Deployment Map Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/domain-deployment-maps/<domain-deployment-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: infra_admin Additional Errors:

Patch Domain Deployment Map under infra

If the passed Domain Deployment Map does not already exist, create a new Domain Deployment Map.
If it already exist, patch it.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/domain-deployment-maps/<domain-deployment-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DomainDeploymentMap+

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: infra_admin Additional Errors:

Policy: Infra: Enforcement Points

Associated URIs:

List enforcementpoints for infra (Deprecated)

Paginated list of all enforcementpoints for infra.
This is a deprecated API. DeploymentZone has been renamed to Site.
Use GET /infra/sites/site-id/enforcement-points.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/deployment-zones/<deployment-zone-id>/enforcement-points
Request Headers:
n/a
Query Parameters:
EnforcementPointListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/deployment-zones/default/enforcement-points Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EnforcementPointListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "EnforcementPoint", "id": "nsxt-ep", "display_name": "/infra/deployment-zones/default/enforcement-points/nsxt-ep", "path": "/infra/deployment-zones/default/enforcement-points/nsxt-ep", "parent_path": "/infra/deployment-zones/default", "relative_path": "nsxt-ep", "connection_info": { "resource_type": "NSXTConnectionInfo", "enforcement_point_address": "10.192.201.163", "transport_zone_ids": [ "992759f9-434a-45ea-9347-2ff45fba1f31" ], "edge_cluster_ids": [ "ad79b022-69bd-4bd9-969a-273627690bd9" ], "thumbprint": "f53d7052535613b3032a41d555631228cb4d0d8b584a8225b94fbf0ba83eb9a4" }, "_create_user": "admin", "_create_time": 1517262573524, "_last_modified_user": "admin", "_last_modified_time": 1517262753660, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } ] } Required Permissions: read Feature: site_admin Additional Errors:

Read an Enforcement Point (Deprecated)

Read an Enforcement Point.
This is a deprecated API. DeploymentZone has been renamed to Site.
Use GET /infra/sites/site-id/enforcement-points/enforcementpoint-id.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/deployment-zones/<deployment-zone-id>/enforcement-points/<enforcementpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/deployment-zones/default/enforcement-points/nsxt-ep Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EnforcementPoint+

Example Response: { "resource_type": "EnforcementPoint", "id": "nsxt-ep", "display_name": "/infra/deployment-zones/default/enforcement-points/nsxt-ep", "path": "/infra/deployment-zones/default/enforcement-points/nsxt-ep", "parent_path": "/infra/deployment-zones/default", "relative_path": "nsxt-ep", "connection_info": { "resource_type": "NSXTConnectionInfo", "enforcement_point_address": "10.192.201.163", "transport_zone_ids": [ "992759f9-434a-45ea-9347-2ff45fba1f31" ], "edge_cluster_ids": [ "ad79b022-69bd-4bd9-969a-273627690bd9" ], "thumbprint": "f53d7052535613b3032a41d555631228cb4d0d8b584a8225b94fbf0ba83eb9a4" }, "_create_user": "admin", "_create_time": 1517262573524, "_last_modified_user": "admin", "_last_modified_time": 1517262753660, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: read Feature: infra_admin Additional Errors:

Delete EnforcementPoint (Deprecated)

Delete EnforcementPoint.
This is a deprecated API. DeploymentZone has been renamed to Site.
Use DELETE /infra/sites/site-id/enforcement-points/enforcementpoint-id.
Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/deployment-zones/<deployment-zone-id>/enforcement-points/<enforcementpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/deployment-zones/default/enforcement-points/nsxt-ep Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: infra_admin Additional Errors:

Create/update a new Enforcement Point under infra (Deprecated)

If the passed Enforcement Point does not already exist, create a new Enforcement Point.
If it already exists, replace it.
This is a deprecated API. DeploymentZone has been renamed to Site.
Use PUT /infra/sites/site-id/enforcement-points/enforcementpoint-id.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/deployment-zones/<deployment-zone-id>/enforcement-points/<enforcementpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
EnforcementPoint+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/deployment-zones/default/enforcement-points/nsxt-ep { "connection_info": { "enforcement_point_address":"10.192.201.163", "resource_type":"NSXTConnectionInfo", "username":"admin", "password":"Admin!23Admin", "thumbprint":"f53d7052535613b3032a41d555631228cb4d0d8b584a8225b94fbf0ba83eb9a4", "transport_zone_ids": [ "992759f9-434a-45ea-9347-2ff45fba1f31" ], "edge_cluster_ids": [ "ad79b022-69bd-4bd9-969a-273627690bd9" ] }, "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EnforcementPoint+

Example Response: { "resource_type": "EnforcementPoint", "id": "nsxt-ep", "display_name": "/infra/deployment-zones/default/enforcement-points/nsxt-ep", "path": "/infra/deployment-zones/default/enforcement-points/nsxt-ep", "parent_path": "/infra/deployment-zones/default", "relative_path": "nsxt-ep", "connection_info": { "resource_type": "NSXTConnectionInfo", "enforcement_point_address": "10.192.201.163", "transport_zone_ids": [ "992759f9-434a-45ea-9347-2ff45fba1f31" ], "edge_cluster_ids": [ "ad79b022-69bd-4bd9-969a-273627690bd9" ], "thumbprint": "f53d7052535613b3032a41d555631228cb4d0d8b584a8225b94fbf0ba83eb9a4" }, "_create_user": "admin", "_create_time": 1517262573524, "_last_modified_user": "admin", "_last_modified_time": 1517262573524, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: infra_admin Additional Errors:

Patch a new Enforcement Point under infra (Deprecated)

If the passed Enforcement Point does not already exist, create a new Enforcement Point.
If it already exists, patch it.
This is a deprecated API. DeploymentZone has been renamed to Site.
Use PATCH /infra/sites/site-1/enforcement-points/enforcementpoint-1.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/deployment-zones/<deployment-zone-id>/enforcement-points/<enforcementpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
EnforcementPoint+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/deployment-zones/default/enforcement-points/nsxt-ep { "connection_info": { "enforcement_point_address":"10.192.201.163", "resource_type":"NSXTConnectionInfo", "username":"admin", "password":"Admin!23Admin", "thumbprint":"f53d7052535613b3032a41d555631228cb4d0d8b584a8225b94fbf0ba83eb9a4", "transport_zone_ids": [ "992759f9-434a-45ea-9347-2ff45fba1f31" ], "edge_cluster_ids": [ "ad79b022-69bd-4bd9-969a-273627690bd9" ] } } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: infra_admin Additional Errors:

List enforcementpoints under Site

Paginated list of all enforcementpoints under Site.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/sites/<site-id>/enforcement-points
Request Headers:
n/a
Query Parameters:
EnforcementPointListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/sites/default/enforcement-points Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EnforcementPointListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "EnforcementPoint", "id": "nsxt-ep", "display_name": "/infra/sites/default/enforcement-points/nsxt-ep", "path": "/infra/sites/default/enforcement-points/nsxt-ep", "parent_path": "/infra/sites/default", "relative_path": "nsxt-ep", "connection_info": { "resource_type": "NSXTConnectionInfo", "enforcement_point_address": "10.192.201.163", "thumbprint": "f53d7052535613b3032a41d555631228cb4d0d8b584a8225b94fbf0ba83eb9a4" }, "_create_user": "admin", "_create_time": 1517262573524, "_last_modified_user": "admin", "_last_modified_time": 1517262753660, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } ] } Required Permissions: read Feature: site_admin Additional Errors:

Full sync EnforcementPoint from Site

Full sync EnforcementPoint from Site Request:
Method:
POST
URI Path:
/policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcement-point-id>?action=full-sync
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<policy-mgr>/policy/api/v1/infra/sites/default/enforcement-points/external-ep?action=full-sync Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: site_admin Additional Errors:

Delete EnforcementPoint from Site

Delete EnforcementPoint from Site Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/sites/default/enforcement-points/nsxt-ep Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: site_admin Additional Errors:

Patch a new Enforcement Point under Site

If the passed Enforcement Point does not already exist, create a new Enforcement Point.
If it already exists, patch it.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
EnforcementPoint+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/sites/default/enforcement-points/nsxt-ep { "connection_info": { "enforcement_point_address":"10.192.201.163", "resource_type":"NSXTConnectionInfo", "username":"admin", "password":"Admin!23Admin", "thumbprint":"f53d7052535613b3032a41d555631228cb4d0d8b584a8225b94fbf0ba83eb9a4" } } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: site_admin Additional Errors:

Read an Enforcement Point under Infra/Site

Read an Enforcement Point under Infra/Site
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/sites/default/enforcement-points/nsxt-ep Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EnforcementPoint+

Example Response: { "resource_type": "EnforcementPoint", "id": "nsxt-ep", "display_name": "/infra/sites/default/enforcement-points/nsxt-ep", "path": "/infra/sites/default/enforcement-points/nsxt-ep", "parent_path": "/infra/sites/default", "relative_path": "nsxt-ep", "connection_info": { "resource_type": "NSXTConnectionInfo", "enforcement_point_address": "10.192.201.163", "thumbprint": "f53d7052535613b3032a41d555631228cb4d0d8b584a8225b94fbf0ba83eb9a4" }, "_create_user": "admin", "_create_time": 1517262573524, "_last_modified_user": "admin", "_last_modified_time": 1517262753660, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: read Feature: site_admin Additional Errors:

Create/update a new Enforcement Point under Site

If the passed Enforcement Point does not already exist, create a new Enforcement Point.
If it already exists, replace it.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
EnforcementPoint+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/sites/default/enforcement-points/nsxt-ep { "connection_info": { "enforcement_point_address":"10.192.201.163", "resource_type":"NSXTConnectionInfo", "username":"admin", "password":"Admin!23Admin", "thumbprint":"f53d7052535613b3032a41d555631228cb4d0d8b584a8225b94fbf0ba83eb9a4" }, "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EnforcementPoint+

Example Response: { "resource_type": "EnforcementPoint", "id": "nsxt-ep", "display_name": "/infra/sites/default/enforcement-points/nsxt-ep", "path": "/infra/sites/default/enforcement-points/nsxt-ep", "parent_path": "/infra/sites/default", "relative_path": "nsxt-ep", "connection_info": { "resource_type": "NSXTConnectionInfo", "enforcement_point_address": "10.192.201.163", "thumbprint": "f53d7052535613b3032a41d555631228cb4d0d8b584a8225b94fbf0ba83eb9a4" }, "_create_user": "admin", "_create_time": 1517262573524, "_last_modified_user": "admin", "_last_modified_time": 1517262573524, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: site_admin Additional Errors:

List Edge Clusters under an Enforcement Point

Paginated list of all Edge Clusters under an Enforcement Point
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>/edge-clusters
Request Headers:
n/a
Query Parameters:
PolicyEdgeClusterListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/sites/default/enforcement-points/nsxt-ep/edge-clusters Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyEdgeClusterListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PolicyEdgeCluster", "id": "ec", "display_name": "/infra/sites/default/enforcement-points/nsxt-ep/edge-clusters/ec", "path": "/infra/sites/default/enforcement-points/nsxt-ep/edge-clusters/ec", "parent_path": "/infra/sites/default/enforcement-points/nsxt-ep", "relative_path": "ec", "nsx_id": "8ce97b79-e2da-4d73-bc3b-4723ccab0600", "_create_user": "admin", "_create_time": 1517262573524, "_last_modified_user": "admin", "_last_modified_time": 1517262753660, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_ep_edge Additional Errors:

Read a Edge Cluster under an Enforcement Point

Read a Edge Cluster under an Enforcement Point
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>/edge-clusters/<edge-cluster-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/sites/default/enforcement-points/nsxt-ep/edge-clusters/ec Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyEdgeCluster+

Example Response: { "resource_type": "PolicyEdgeCluster", "id": "ec", "display_name": "/infra/sites/default/enforcement-points/nsxt-ep/edge-clusters/ec", "path": "/infra/sites/default/enforcement-points/nsxt-ep/edge-clusters/ec", "parent_path": "/infra/sites/default/enforcement-points/nsxt-ep", "relative_path": "ec", "nsx_id": "8ce97b79-e2da-4d73-bc3b-4723ccab0600", "_create_user": "admin", "_create_time": 1517262573524, "_last_modified_user": "admin", "_last_modified_time": 1517262753660, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_ep_edge Additional Errors:

List Edge Nodes under an Enforcement Point, Edge Cluster

Paginated list of all Edge Nodes under an Enforcement Point, Edge Cluster
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>/edge-clusters/<edge-cluster-id>/edge-nodes
Request Headers:
n/a
Query Parameters:
PolicyEdgeNodeListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/sites/default/enforcement-points/nsxt-ep/edge-clusters/ec/edge-nodes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyEdgeNodeListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PolicyEdgeNode", "id": "en", "display_name": "/infra/sites/default/enforcement-points/nsxt-ep/edge-clusters/ec/edge-nodes/en", "path": "/infra/sites/default/enforcement-points/nsxt-ep/edge-clusters/ec/edge-nodes/en", "parent_path": "/infra/sites/default/enforcement-points/nsxt-ep/edge-clusters/ec", "relative_path": "en", "nsx_id": "8ce97b79-e2da-4d73-bc3b-4723ccab0600", "member_index": 0, "_create_user": "admin", "_create_time": 1517262573524, "_last_modified_user": "admin", "_last_modified_time": 1517262753660, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_ep_edge Additional Errors:

Read a Edge Node under an Enforcement Point, Edge Cluster

Read a Edge Node under an Enforcement Point, Edge Cluster
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>/edge-clusters/<edge-cluster-id>/edge-nodes/<edge-node-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/sites/default/enforcement-points/nsxt-ep/edge-clusters/ec/edge-nodes/en Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyEdgeNode+

Example Response: { "resource_type": "PolicyEdgeNode", "id": "en", "display_name": "/infra/sites/default/enforcement-points/nsxt-ep/edge-clusters/ec/edge-nodes/en", "path": "/infra/sites/default/enforcement-points/nsxt-ep/edge-clusters/ec/edge-nodes/en", "parent_path": "/infra/sites/default/enforcement-points/nsxt-ep/edge-clusters/ec", "relative_path": "en", "nsx_id": "8ce97b79-e2da-4d73-bc3b-4723ccab0600", "member_index": 0, "_create_user": "admin", "_create_time": 1517262573524, "_last_modified_user": "admin", "_last_modified_time": 1517262753660, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_ep_edge Additional Errors:

List Transport Zones under an Enforcement Point

Paginated list of all Transport Zones under an Enforcement Point
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>/transport-zones
Request Headers:
n/a
Query Parameters:
PolicyTransportZoneListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/sites/default/enforcement-points/nsxt-ep/transport-zones Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyTransportZoneListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PolicyTransportZone", "id": "tz", "display_name": "/infra/sites/default/enforcement-points/nsxt-ep/transport-zones/tz", "path": "/infra/sites/default/enforcement-points/nsxt-ep/transport-zones/tz", "parent_path": "/infra/sites/default/enforcement-points/nsxt-ep", "relative_path": "tz", "nsx_id": "8ce97b79-e2da-4d73-bc3b-4723ccab0600", "tz_type": "OVERLAY_STANDARD", "_create_user": "admin", "_create_time": 1517262573524, "_last_modified_user": "admin", "_last_modified_time": 1517262753660, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_ep_transport_zone Additional Errors:

Read a Transport Zone under an Enforcement Point

Read a Transport Zone under an Enforcement Point
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>/transport-zones/<transport-zone-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/sites/default/enforcement-points/nsxt-ep/transport-zones/tz Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyTransportZone+

Example Response: { "resource_type": "PolicyTransportZone", "id": "tz", "display_name": "/infra/sites/default/enforcement-points/nsxt-ep/transport-zones/tz", "path": "/infra/sites/default/enforcement-points/nsxt-ep/transport-zones/tz", "parent_path": "/infra/sites/default/enforcement-points/nsxt-ep", "relative_path": "tz", "nsx_id": "8ce97b79-e2da-4d73-bc3b-4723ccab0600", "tz_type": "OVERLAY_STANDARD", "_create_user": "admin", "_create_time": 1517262573524, "_last_modified_user": "admin", "_last_modified_time": 1517262753660, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_ep_transport_zone Additional Errors:

Reload an Enforcement Point under Site

Reload an Enforcement Point under Site. This will read and update
fabric configs from enforcement point.
Request:
Method:
POST
URI Path:
/policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>?action=reload
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: POST https://<policy-mgr>/policy/api/v1/infra/sites/default/enforcement-points/nsxt-ep?action=reload Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EnforcementPoint+

Example Response: { "resource_type": "EnforcementPoint", "id": "nsxt-ep", "display_name": "/infra/sites/default/enforcement-points/nsxt-ep", "path": "/infra/sites/default/enforcement-points/nsxt-ep", "parent_path": "/infra/sites/default", "relative_path": "nsxt-ep", "connection_info": { "resource_type": "NSXTConnectionInfo", "enforcement_point_address": "10.192.201.163", "thumbprint": "f53d7052535613b3032a41d555631228cb4d0d8b584a8225b94fbf0ba83eb9a4" }, "_create_user": "admin", "_create_time": 1517262573524, "_last_modified_user": "admin", "_last_modified_time": 1517262753660, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: crud Feature: site_admin Additional Errors:

Policy: Infra: Global Config

Associated URIs:

Update the global configuration

Update the global configuration Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/global-config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
GlobalConfig+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/global-config { "display_name": "global-config", "path": "/infra/global-config", "relative_path": "global-config", "mtu": 2000, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: infra_admin Additional Errors:

Update the global configuration

Update the global configuration Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/global-config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
GlobalConfig+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/global-config { "display_name": "global-config", "path": "/infra/global-config", "relative_path": "global-config", "mtu": 2000, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GlobalConfig+

Example Response: { "resource_type": "GlobalConfig", "id": "global-config", "display_name": "global-config", "path": "/infra/global-config", "relative_path": "global-config", "mtu": 2000, "_create_user": "system", "_create_time": 1517296394552, "_last_modified_user": "system", "_last_modified_time": 1517296394552, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: infra_admin Additional Errors:

Read global configuration

Read global configuration
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/global-config
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/global-config Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GlobalConfig+

Example Response: { "resource_type": "GlobalConfig", "id": "global-config", "display_name": "global-config", "path": "/infra/global-config", "relative_path": "global-config", "mtu": 2000, "_create_user": "system", "_create_time": 1517296394552, "_last_modified_user": "system", "_last_modified_time": 1517296394552, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: infra_admin Additional Errors:

Policy: Infra: Hierarchical API

Associated URIs:

Update the infra including all the nested entities

Update the infra including all the nested entities This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Infra+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra { "display_name": "infra", "path": "/infra", "relative_path": "infra", "connectivity_strategy": "NONE", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Infra+

Example Response: { "resource_type": "Infra", "id": "infra", "display_name": "infra", "path": "/infra", "relative_path": "infra", "connectivity_strategy": "NONE", "_create_user": "system", "_create_time": 1517296394552, "_last_modified_user": "system", "_last_modified_time": 1517296394552, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: infra_admin Additional Errors:

Read infra

Read infra. Returns only the infra related properties. Inner object
are not populated.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra
Request Headers:
n/a
Query Parameters:
ChildTypesRequestParameter+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Infra+

Example Response: { "resource_type": "Infra", "id": "infra", "display_name": "infra", "path": "/infra", "relative_path": "infra", "connectivity_strategy": "NONE", "_create_user": "system", "_create_time": 1517296394552, "_last_modified_user": "system", "_last_modified_time": 1517296394552, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: infra_admin Additional Errors:

Update the infra including all the nested entities

Patch API at infra level can be used in two flavours
1. Like a regular API to update Infra object
2. Hierarchical API: To create/update/delete entire or part of intent
hierarchy
Hierarchical API: Provides users a way to create entire or part of
intent in single API invocation. Input is expressed in a tree format.
Each node in tree can have multiple children of different types.
System will resolve the dependecies of nodes within the intent tree
and will create the model. Children for any node can be specified using
ChildResourceReference or ChildPolicyConfigResource.
If a resource is specified using ChildResourceReference then it will
not be updated only its children will be updated. If Object is specified
using ChildPolicyConfigResource, object along with its children will be
updated.
Hierarchical API can also be used to delete any sub-branch of entire tree.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra
Request Headers:
n/a
Query Parameters:
ForceRevisionCheckRequestParameter+
Request Body:
Infra+

Example Request: #Example using ChildResourceReference in hierarchical API #Below example updates group g1 in'domain-test' without updating domain and without #requiring to populate domain object completely in request payload. PATCH https://<policy-mgr>/policy/api/v1/infra { "resource_type":"Infra", "children":[ { "resource_type":"ChildResourceReference", "id":"domain-test", "target_type":"Domain", "children":[ { "resource_type":"ChildGroup", "Group":{ "resource_type":"Group", "description":"web group update", "display_name":"webgroup", "id":"g1", "expression":[ { "member_type":"VirtualMachine", "value":"web", "key":"Tag", "operator":"EQUALS", "resource_type":"Condition" } ] } } ] } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: no_rbac Additional Errors:

Policy: Infra: Labels

Associated URIs:

List labels for infra

Paginated list of all labels for infra.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/labels
Request Headers:
n/a
Query Parameters:
PolicyLabelListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/labels Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyLabelListResult+

Example Response: { "results": [ { "type": "Domain", "refs": [ "/infra/domains/mydomain3", "/infra/domains/mydomain2", "/infra/domains/mydomain1" ], "resource_type": "PolicyLabel", "id": "my-domains-label", "display_name": "my-domains-label", "path": "/infra/labels/my-domains-label", "relative_path": "my-domains-label", "parent_path": "/infra/labels/my-domains-label", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1544641564432, "_last_modified_user": "admin", "_last_modified_time": 1544641564432, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 1, "sort_by": "display_name", "sort_ascending": true } Required Permissions: read Feature: policy_label Additional Errors:

Create or replace label

Create label if not exists, otherwise replaces the existing label.
If label already exists then type attribute cannot be changed.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/labels/<label-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyLabel+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/labels/my-domains-label { "type" : "Domain", "refs" : ["/infra/domains/mydomain1", "/infra/domains/mydomain2", "/infra/domains/mydomain3"] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyLabel+

Example Response: { "type": "Domain", "refs": [ "/infra/domains/mydomain3", "/infra/domains/mydomain2", "/infra/domains/mydomain1" ], "resource_type": "PolicyLabel", "id": "my-domains-label", "display_name": "my-domains-label", "path": "/infra/labels/my-domains-label", "relative_path": "my-domains-label", "parent_path": "/infra/labels/my-domains-label", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1544641564432, "_last_modified_user": "admin", "_last_modified_time": 1544641564432, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_label Additional Errors:

Delete PolicyLabel object

Delete PolicyLabel object This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/labels/<label-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/labels/my-domains-label Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_label Additional Errors:

Read lable

Read a label.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/labels/<label-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/labels/my-domains-label Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyLabel+

Example Response: { "type": "Domain", "refs": [ "/infra/domains/mydomain3", "/infra/domains/mydomain2", "/infra/domains/mydomain1" ], "resource_type": "PolicyLabel", "id": "my-domains-label", "display_name": "my-domains-label", "path": "/infra/labels/my-domains-label", "relative_path": "my-domains-label", "parent_path": "/infra/labels/my-domains-label", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1544641564432, "_last_modified_user": "admin", "_last_modified_time": 1544641564432, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_label Additional Errors:

Patch an existing label object

Create label if not exists, otherwise take the partial updates.
Note, once the label is created type attribute can not be changed.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/labels/<label-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyLabel+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/labels/my-domains-label { "type" : "Domain", "refs" : ["/infra/domains/mydomain1", "/infra/domains/mydomain2"] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_label Additional Errors:

Policy: Infra: Sites

Associated URIs:

List sites for infra

Paginated list of all sites for infra.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/sites
Request Headers:
n/a
Query Parameters:
SiteListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SiteListResult+

Required Permissions: read Feature: site_admin Additional Errors:

Read a site

Read a site
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/sites/<site-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Site+

Required Permissions: read Feature: site_admin Additional Errors:

Policy: Inventory

Policy: Inventory: Context Profiles

Associated URIs:

Get PolicyContextProfiles

Get all PolicyContextProfiles
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/context-profiles
Request Headers:
n/a
Query Parameters:
PolicyContextProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/api/v1/infra/context-profiles/ { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type":"PolicyContextProfile", "display_name":"testPolicyContextProfile", "description":"Test Policy Context Profile", "attributes":[ { "key":"APP_ID", "value":[ "TLS" ], "datatype":"STRING", "sub_attributes":[ { "key":"TLS_VERSION", "value": [ "TLS_V13" ], "datatype":"STRING" }, { "key":"ENCRYPTION_ALGORITHM", "value": [ "TLS_RSA_EXPORT_WITH_RC4_40_MD5" ], "datatype":"STRING" } ], }, { "key":"DOMAIN_NAME", "value": [ "*.office365.com" ], "datatype":"STRING" } ] } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyContextProfileListResult+

Required Permissions: read Feature: policy_context_profile Additional Errors:

Create PolicyContextProfile

Creates/Updates a PolicyContextProfile, which encapsulates attribute and
sub-attributes of network services.
Rules for using attributes and sub-attributes in single PolicyContextProfile
1. One type of attribute can't have multiple occurrences. ( Eg. -
Attribute type APP_ID can be used only once per PolicyContextProfile.)
2. For specifying multiple values for an attribute, provide them in an array.
3. If sub-attribtes are mentioned for an attribute, then only single
value is allowed for that attribute.
4. To get a list of supported attributes and sub-attributes fire the following REST API
GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/context-profiles/<context-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyContextProfile+

Example Request: PUT https://<policy-mgr>/api/v1/infra/context-profiles/testPolicyContextProfile { "resource_type":"PolicyContextProfile", "display_name":"testPolicyContextProfile", "description":"Test Policy Context Profile", "attributes":[ { "key":"APP_ID", "value":[ "SSL" ], "datatype":"STRING", "sub_attributes":[ { "key":"TLS_VERSION", "value": [ "TLS_V13" ], "datatype":"STRING" }, { "key":"TLS_CIPHER_SUITE", "value": [ "TLS_RSA_EXPORT_WITH_RC4_40_MD5" ], "datatype":"STRING" } ] }, { "key":"DOMAIN_NAME", "value": [ "*.office365.com" ], "datatype":"STRING" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyContextProfile+

Required Permissions: crud Feature: policy_context_profile Additional Errors:

Get PolicyContextProfile

Get a single PolicyContextProfile by id
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/context-profiles/<context-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/api/v1/infra/context-profiles/testPolicyContextProfile { "resource_type":"PolicyContextProfile", "display_name":"testPolicyContextProfile", "description":"Test Policy Context Profile", "attributes":[ { "key":"APP_ID", "value":[ "TLS" ], "datatype":"STRING", "sub_attributes":[ { "key":"TLS_VERSION", "value": [ "TLS_V13" ], "datatype":"STRING" }, { "key":"ENCRYPTION_ALGORITHM", "value": [ "TLS_RSA_EXPORT_WITH_RC4_40_MD5" ], "datatype":"STRING" } ], }, { "key":"DOMAIN_NAME", "value": [ "*.office365.com" ], "datatype":"STRING" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyContextProfile+

Required Permissions: read Feature: policy_context_profile Additional Errors:

Create PolicyContextProfile

Creates/Updates a PolicyContextProfile, which encapsulates attribute and
sub-attributes of network services.
Rules for using attributes and sub-attributes in single PolicyContextProfile
1. One type of attribute can't have multiple occurrences. ( Eg. -
Attribute type APP_ID can be used only once per PolicyContextProfile.)
2. For specifying multiple values for an attribute, provide them in an array.
3. If sub-attribtes are mentioned for an attribute, then only single
value is allowed for that attribute.
4. To get a list of supported attributes and sub-attributes fire the following REST API
GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/context-profiles/<context-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyContextProfile+

Example Request: PATCH https://<policy-mgr>/api/v1/infra/context-profiles/testPolicyContextProfile { "resource_type":"PolicyContextProfile", "display_name":"testPolicyContextProfile", "description":"Test Policy Context Profile", "attributes":[ { "key":"APP_ID", "value":[ "SSL" ], "datatype":"STRING", "sub_attributes":[ { "key":"TLS_VERSION", "value":[ "TLS_V13" ], "datatype":"STRING" }, { "key":"TLS_CIPHER_SUITE", "value":[ "TLS_RSA_EXPORT_WITH_RC4_40_MD5" ], "datatype":"STRING" } ] }, { "key":"DOMAIN_NAME", "value":[ "*.office365.com" ], "datatype":"STRING" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_context_profile Additional Errors:

Delete Policy Context Profile

Deletes the specified Policy Context Profile. If the Policy Context
Profile is consumed in a firewall rule, it won't get deleted.
Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/context-profiles/<context-profile-id>
Request Headers:
n/a
Query Parameters:
PolicyContextProfileDeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/api/v1/infra/context-profiles/testPolicyContextProfile Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_context_profile Additional Errors:

List Policy Context Profile supported attributes and sub-attributes

Returns supported attribute and sub-attributes for specified
attribute key with their supported values, if provided in query/request
parameter, else will fetch all supported attributes and sub-attributes for
all supported attribute keys.
Alternatively, to get a list of supported attributes and sub-attributes fire the following REST API
GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/context-profiles/attributes
Request Headers:
n/a
Query Parameters:
ProfileSupportedAttributesListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyContextProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "attributes":[ { "key":"APP_ID", "value": [ "SSL" ], "datatype":"STRING", "description":"SSL (Secure Sockets Layer) is a cryptographic protocol that provides security over the Internet.", "sub_attributes":[ { "key":"TLS_VERSION", "value": [ "TLS_V10", "TLS_V11", "TLS_V12", "TLS_V13" ], "datatype":"STRING" }, { "key":"TLS_CIPHER_SUITE", "value": [ "TLS_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", ] "datatype":"STRING" } ], }, { "key":"DOMAIN_NAME", "value": [ "*.office365.com" ], "datatype":"STRING", "description":"Office 365 url" } ] } ] } Required Permissions: read Feature: policy_context_profile Additional Errors:

Policy: Inventory: Groups

Associated URIs:

List Groups for a domain

List Groups for a domain This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups
Request Headers:
n/a
Query Parameters:
GroupListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/vmc/groups Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GroupListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "Group", "description": "web group", "id": "webgroup", "display_name": "web group", "path": "/infra/domains/vmc/groups/webgroup", "parent_path": "/infra/domains/vmc", "relative_path": "webgroup", "expression": [ { "resource_type": "Condition", "member_type": "VirtualMachine", "value": "webvm", "key": "Tag", "operator": "EQUALS", "_protection": "NOT_PROTECTED" } ], "_create_user": "admin", "_create_time": 1517308749250, "_last_modified_user": "admin", "_last_modified_time": 1517308749250, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_grouping Additional Errors:

Patch a group

If a group with the group-id is not already present, create a new group.
If it already exists, patch the group.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Group+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/domains/vmc/groups/webgroup { "expression": [ { "member_type": "VirtualMachine", "value": "webvm", "key": "Tag", "operator": "EQUALS", "resource_type": "Condition" } ], "description": "web group", "display_name": "web group" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_grouping Additional Errors:

Read group

Read group This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/vmc/groups/webgroup Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Group+

Example Response: { "resource_type": "Group", "description": "web group", "id": "webgroup", "display_name": "web group", "path": "/infra/domains/vmc/groups/webgroup", "parent_path": "/infra/domains/vmc", "relative_path": "webgroup", "expression": [ { "resource_type": "Condition", "member_type": "VirtualMachine", "value": "webvm", "key": "Tag", "operator": "EQUALS", "_protection": "NOT_PROTECTED" } ], "_create_user": "admin", "_create_time": 1517308749250, "_last_modified_user": "admin", "_last_modified_time": 1517308749250, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_grouping Additional Errors:

Create or update a group

If a group with the group-id is not already present, create a new group.
If it already exists, update the group.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Group+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/domains/vmc/groups/webgroup { "expression": [ { "member_type": "VirtualMachine", "value": "webvm", "key": "Tag", "operator": "EQUALS", "resource_type": "Condition" } ], "description": "web group", "display_name": "web group", "_revision":0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Group+

Example Response: { "resource_type": "Group", "description": "web group", "id": "webgroup", "display_name": "web group", "path": "/infra/domains/vmc/groups/webgroup", "parent_path": "/infra/domains/vmc", "relative_path": "webgroup", "expression": [ { "resource_type": "Condition", "member_type": "VirtualMachine", "value": "webvm", "key": "Tag", "operator": "EQUALS", "_protection": "NOT_PROTECTED" } ], "_create_user": "admin", "_create_time": 1517308749250, "_last_modified_user": "admin", "_last_modified_time": 1517308749250, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_grouping Additional Errors:

Delete Group

Delete Group This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>
Request Headers:
n/a
Query Parameters:
GroupDeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/domains/vmc/groups/webgroup Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_grouping Additional Errors:

Policy: Inventory: Groups: Group Members

Associated URIs:

Get IP addresses that belong to this Group

Get IP addresses that belong to this Group.
This API is applicable for Groups containing either VirtualMachine, VIF,
Segment ,Segment Port or IP Address member type.For Groups containing other
member types,an empty list is returned
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/members/ip-addresses
Request Headers:
n/a
Query Parameters:
RealizationListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/d1/groups/g1/members/ip-addresses?enforcement_point_path=/infra/sites/default/enforcement-points/ep1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyGroupIPMembersListResult+

Example Response: { "result_count": 3, "results": [ "192.168.0.0/24", "192.168.0.1", "192.168.0.1-192.168.0.100" ] } Required Permissions: read Feature: policy_grouping Additional Errors:

Get logical ports that belong to this Group

Get logical ports that belong to this Group
This API is applicable for Groups containing either VirtualMachine, VIF,
Segment or Segment Port member type.For Groups containing other
member types,an empty list is returned.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/members/logical-ports
Request Headers:
n/a
Query Parameters:
RealizationListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/d1/groups/g1/members/logical-ports?enforcement_point_path=/infra/sites/default/enforcement-points/ep1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyGroupMembersListResult+

Example Response: { "result_count": 2, "results": [ { "id" : "20c1ac1f-58b5-4241-a352-f8e82c4a8c65", "display_name" : "LP-HR1" }, { "id" : "c07005fe-4a9a-47f1-9a1e-2db65a285124", "display_name" : "LP-HR2" } ] } Required Permissions: read Feature: policy_grouping Additional Errors:

Get logical switches that belong to this Group

Get logical switches that belong to this Group.
This API is applicable for Groups containing Segment member type.
For Groups containing other member types, an empty list is returned.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/members/logical-switches
Request Headers:
n/a
Query Parameters:
RealizationListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/d1/groups/g1/members/logical-switches?enforcement_point_path=/infra/sites/default/enforcement-points/ep1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyGroupMembersListResult+

Example Response: { "result_count": 2, "results": [ { "id" : "20c1ac1f-58b5-4241-a352-f8e82c4a8c65", "display_name" : "LS-HR1" }, { "id" : "c07005fe-4a9a-47f1-9a1e-2db65a285124", "display_name" : "LS-HR2" } ] } Required Permissions: read Feature: policy_grouping Additional Errors:

Get segment ports that belong to this Group

Get segment ports that belong to this Group
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/members/segment-ports
Request Headers:
n/a
Query Parameters:
RealizationListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/d1/groups/g1/members/segment-ports?enforcement_point_path=/infra/sites/default/enforcement-points/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyGroupMembersListResult+

Example Response: { "results": [ { "id": "default:4a5a3cd0-6f0a-40b0-a31a-1f55d51e1824", "display_name": "nbokare-10.160.129.166-vdtest-97902/VM-1-10.160.129.166-20190505-122351-03783733@b089f7e1-433f-4ecc-9722-ab5f2b66d391", "path": "/infra/segments/segment-1/ports/default:4a5a3cd0-6f0a-40b0-a31a-1f55d51e1824" } ], "result_count": 1, "sort_by": "target_display_name", "sort_ascending": true } Required Permissions: read Feature: policy_grouping Additional Errors:

Get segments that belong to this Group

Get segments that belong to this Group
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/members/segments
Request Headers:
n/a
Query Parameters:
RealizationListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/d1/groups/g1/members/segments?enforcement_point_path=/infra/sites/default/enforcement-points/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyGroupMembersListResult+

Example Response: { "results": [ { "id": "segment-1", "display_name": "segment-1", "path": "/infra/segments/segment-1" } ], "result_count": 1, "sort_by": "target_display_name", "sort_ascending": true } Required Permissions: read Feature: policy_grouping Additional Errors:

Get Virtual machines that belong to this Group

Get Virtual machines that belong to this Group.
This API is applicable for Groups containing VirtualMachine,member type.
For Groups containing other member types,an empty list is returned.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/members/virtual-machines
Request Headers:
n/a
Query Parameters:
RealizationListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/d1/groups/g1/members/virtual-machines?enforcement_point_path=/infra/sites/default/enforcement-points/ep1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RealizedVirtualMachineListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "RealizedVirtualMachine", "id": "564de333-15ac-de52-da90-974fe099a17b", "display_name": "1-vm_ubuntu_1404_srv_64-local-586-bb9bbaf4-7f29-4e7a-9216-ef33890bf081", "path": "/infra/realized-state/enforcement-points/nsx-1/virtual-machines/564de333-15ac-de52-da90-974fe099a17b", "parent_path": "/infra/realized-state/enforcement-points/nsx-1", "relative_path": "564de333-15ac-de52-da90-974fe099a17b", "intent_reference": [], "realization_specific_identifier": "564de333-15ac-de52-da90-974fe099a17b", "alarms": [], "state": "REALIZED", "runtime_status": "UNKNOWN", "compute_ids": [ "moIdOnHost:1", "hostLocalId:1", "locationId:564de333-15ac-de52-da90-974fe099a17b", "instanceUuid:bb9bbaf4-7f29-4e7a-9216-ef33890bf081", "externalId:564de333-15ac-de52-da90-974fe099a17b", "biosUuid:564de333-15ac-de52-da90-974fe099a17b" ], "power_state": "vm_running", "_create_user": "system", "_create_time": 1519383616259, "_last_modified_user": "system", "_last_modified_time": 1519383616259, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_grouping Additional Errors:

Get effective VMs for the Group (Deprecated)

Get the effective VM membership for the Group. This API also gives some VM
details such as VM name, IDs and the current state of the VMs.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/statistics/virtual-machines
Request Headers:
n/a
Query Parameters:
RealizedVirtualMachineListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/d1/groups/g1/statistics/virtual-machines?enforcement_point_path=/infra/sites/default/enforcement-points/ep1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RealizedVirtualMachineListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "RealizedVirtualMachine", "id": "564de333-15ac-de52-da90-974fe099a17b", "display_name": "1-vm_ubuntu_1404_srv_64-local-586-bb9bbaf4-7f29-4e7a-9216-ef33890bf081", "path": "/infra/realized-state/enforcement-points/nsx-1/virtual-machines/564de333-15ac-de52-da90-974fe099a17b", "parent_path": "/infra/realized-state/enforcement-points/nsx-1", "relative_path": "564de333-15ac-de52-da90-974fe099a17b", "intent_reference": [], "realization_specific_identifier": "564de333-15ac-de52-da90-974fe099a17b", "alarms": [], "state": "REALIZED", "runtime_status": "UNKNOWN", "compute_ids": [ "moIdOnHost:1", "hostLocalId:1", "locationId:564de333-15ac-de52-da90-974fe099a17b", "instanceUuid:bb9bbaf4-7f29-4e7a-9216-ef33890bf081", "externalId:564de333-15ac-de52-da90-974fe099a17b", "biosUuid:564de333-15ac-de52-da90-974fe099a17b" ], "power_state": "vm_running", "_create_user": "system", "_create_time": 1519383616259, "_last_modified_user": "system", "_last_modified_time": 1519383616259, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_grouping Additional Errors:

Get tags used to define conditions inside a Group

Get tags used to define conditions inside a Group. Also
includes tags inside nested groups.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/tags
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/d1/groups/g1/tags Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GroupTagsList+

Example Response: { "result_count": 2, "results": [ { "member_type" : "IPSet", "tags" : [ "Web", "DB", "App" ] }, { "member_type" : "VirtualMachine", "tags" : [ "Linux", "Windows", "Mac" ] } ] } Required Permissions: read Feature: policy_grouping Additional Errors:

Get groups for which the given object is a member

Get policy groups for which the given object is a member.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/group-associations
Request Headers:
n/a
Query Parameters:
IntentEnforcementPointListRequestParams+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/group-associations?intent_path=/infra/segment/s1&enforcement_point_path=/infra/sites/default/enforcement-points/ep1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyResourceReferenceForEPListResult+

Example Response: { "result_count": 2, "results": [ { { "path" : "/infra/domains/domain1/groups/g1", "target_id" : "g1", "target_display_name" : "group-1", "target_type" : "DOMAIN_GROUP", "is_valid" : "true" }, { "path" : "/infra/domains/domain1/groups/g2", "target_id" : "g2", "target_display_name" : "group-2", "target_type" : "DOMAIN_GROUP", "is_valid" : "true" } } ] } Required Permissions: read Feature: policy_grouping Additional Errors:

Policy: Inventory: Services

Associated URIs:

List Services for infra

Paginated list of Services for infra.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/services
Request Headers:
n/a
Query Parameters:
ServiceListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/services Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 402, "results": [ { "resource_type": "Service", "description": "AD Server", "id": "AD_Server", "display_name": "AD Server", "path": "/infra/services/AD_Server", "parent_path": "/infra/services/AD_Server", "relative_path": "AD_Server", "service_entries": [ { "resource_type": "L4PortSetServiceEntry", "id": "AD_Server", "display_name": "AD Server", "path": "/infra/services/AD_Server/service-entries/AD_Server", "parent_path": "/infra/services/AD_Server", "relative_path": "AD_Server", "destination_ports": [ "1024" ], "l4_protocol": "TCP", "_create_user": "system", "_create_time": 1517296380484, "_last_modified_user": "system", "_last_modified_time": 1517296380484, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "_create_user": "system", "_create_time": 1517296380468, "_last_modified_user": "system", "_last_modified_time": 1517296380468, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } } Required Permissions: read Feature: policy_services Additional Errors:

Delete Service

Delete Service This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/services/my-http Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_services Additional Errors:

Read a service

Read a service This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/services/my-http Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Service+

Example Response: { "resource_type": "Service", "description": "My HTTP", "id": "my-http", "display_name": "My HTTP", "path": "/infra/services/my-http", "parent_path": "/infra/services/my-http", "relative_path": "my-http", "service_entries": [ { "resource_type": "L4PortSetServiceEntry", "id": "MyHttpEntry", "display_name": "MyHttpEntry", "path": "/infra/services/my-http/service-entries/MyHttpEntry", "parent_path": "/infra/services/my-http", "relative_path": "MyHttpEntry", "destination_ports": [ "8080" ], "l4_protocol": "TCP", "_create_user": "admin", "_create_time": 1517310677617, "_last_modified_user": "admin", "_last_modified_time": 1517310677617, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "_create_user": "admin", "_create_time": 1517310677604, "_last_modified_user": "admin", "_last_modified_time": 1517310677604, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_services Additional Errors:

Create or update a Service

Create a new service if a service with the given ID does not already
exist. Creates new service entries if populated in the service.
If a service with the given ID already exists, update the service
including the nested service entries. This is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Service+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/services/my-http { "description": "My HTTP", "display_name": "My HTTP", "_revision": 0, "service_entries": [ { "resource_type": "L4PortSetServiceEntry", "display_name": "MyHttpEntry", "destination_ports": [ "8080" ], "l4_protocol": "TCP" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Service+

Example Response: { "resource_type": "Service", "description": "My HTTP", "id": "my-http", "display_name": "My HTTP", "path": "/infra/services/my-http", "parent_path": "/infra/services/my-http", "relative_path": "my-http", "service_entries": [ { "resource_type": "L4PortSetServiceEntry", "id": "MyHttpEntry", "display_name": "MyHttpEntry", "path": "/infra/services/my-http/service-entries/MyHttpEntry", "parent_path": "/infra/services/my-http", "relative_path": "MyHttpEntry", "destination_ports": [ "8080" ], "l4_protocol": "TCP", "_create_user": "admin", "_create_time": 1517310677617, "_last_modified_user": "admin", "_last_modified_time": 1517310677617, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "_create_user": "admin", "_create_time": 1517310677604, "_last_modified_user": "admin", "_last_modified_time": 1517310677604, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_services Additional Errors:

Patch a Service

Create a new service if a service with the given ID does not already
exist. Creates new service entries if populated in the service.
If a service with the given ID already exists, patch the service
including the nested service entries.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Service+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/services/my-http { "description": "My HTTP Patched", "display_name": "My HTTP", "service_entries": [ { "resource_type": "L4PortSetServiceEntry", "display_name": "MyHttpEntry", "destination_ports": [ "8080" ], "l4_protocol": "TCP" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_services Additional Errors:

List Service entries for the given service

Paginated list of Service entries for the given service
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/services/<service-id>/service-entries
Request Headers:
n/a
Query Parameters:
ServiceEntryListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/services/my-http/service-entries Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceEntryListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 2, "results": [ { "resource_type": "L4PortSetServiceEntry", "id": "MyHttpEntry", "display_name": "MyHttpEntry", "path": "/infra/services/my-http/service-entries/MyHttpEntry", "parent_path": "/infra/services/my-http", "relative_path": "MyHttpEntry", "destination_ports": [ "8080" ], "l4_protocol": "TCP", "_create_user": "admin", "_create_time": 1517310677617, "_last_modified_user": "admin", "_last_modified_time": 1517310677617, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "L4PortSetServiceEntry", "id": "https", "display_name": "MyHttps", "path": "/infra/services/my-http/service-entries/https", "parent_path": "/infra/services/my-http", "relative_path": "https", "destination_ports": [ "7443" ], "l4_protocol": "TCP", "_create_user": "admin", "_create_time": 1517316057383, "_last_modified_user": "admin", "_last_modified_time": 1517316057383, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_services Additional Errors:

Patch a ServiceEntry

If a service entry with the service-entry-id is not already present,
create a new service entry. If it already exists, patch the service
entry.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/services/<service-id>/service-entries/<service-entry-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ALGTypeServiceEntry+
EtherTypeServiceEntry+
ICMPTypeServiceEntry+
IGMPTypeServiceEntry+
IPProtocolServiceEntry+
L4PortSetServiceEntry+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/services/my-http/service-entries/https { "resource_type": "L4PortSetServiceEntry", "display_name": "MyHttps", "destination_ports": [ "9443" ], "l4_protocol": "TCP" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_services Additional Errors:

Service entry

Service entry This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/services/<service-id>/service-entries/<service-entry-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/services/my-http/service-entries/https Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ALGTypeServiceEntry+
EtherTypeServiceEntry+
ICMPTypeServiceEntry+
IGMPTypeServiceEntry+
IPProtocolServiceEntry+
L4PortSetServiceEntry+

Example Response: { "resource_type": "L4PortSetServiceEntry", "id": "https", "display_name": "MyHttps", "path": "/infra/services/my-http/service-entries/https", "parent_path": "/infra/services/my-http", "relative_path": "https", "destination_ports": [ "7443" ], "l4_protocol": "TCP", "_create_user": "admin", "_create_time": 1517316057383, "_last_modified_user": "admin", "_last_modified_time": 1517316057383, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_services Additional Errors:

Delete Service entry

Delete Service entry This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/services/<service-id>/service-entries/<service-entry-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/services/my-http/service-entries/https Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_services Additional Errors:

Create or update a ServiceEntry

If a service entry with the service-entry-id is not already present,
create a new service entry. If it already exists, update the service
entry.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/services/<service-id>/service-entries/<service-entry-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ALGTypeServiceEntry+
EtherTypeServiceEntry+
ICMPTypeServiceEntry+
IGMPTypeServiceEntry+
IPProtocolServiceEntry+
L4PortSetServiceEntry+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/services/my-http/service-entries/https { "resource_type": "L4PortSetServiceEntry", "display_name": "MyHttps", "destination_ports": [ "7443" ], "l4_protocol": "TCP", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ALGTypeServiceEntry+
EtherTypeServiceEntry+
ICMPTypeServiceEntry+
IGMPTypeServiceEntry+
IPProtocolServiceEntry+
L4PortSetServiceEntry+

Example Response: { "resource_type": "L4PortSetServiceEntry", "id": "https", "display_name": "MyHttps", "path": "/infra/services/my-http/service-entries/https", "parent_path": "/infra/services/my-http", "relative_path": "https", "destination_ports": [ "7443" ], "l4_protocol": "TCP", "_create_user": "admin", "_create_time": 1517316057383, "_last_modified_user": "admin", "_last_modified_time": 1517316057383, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_services Additional Errors:

Policy: Networking: Connectivity

Policy: Networking: Connectivity: Routing

Associated URIs:

Get routing table from tier-0

Get routing table from tier-0
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/routing-table
Request Headers:
n/a
Query Parameters:
RoutesRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/routing-table Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RoutingTableListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "route_entries": [ { "next_hop": "169.254.0.1", "route_type": "ns ", "admin_distance": 3, "network": "25.1.0.0/16" }, { "next_hop": "45.1.1.1", "route_type": "c ", "admin_distance": 0, "network": "45.1.1.0/24" }, { "next_hop": "169.254.0.1", "route_type": "ns ", "admin_distance": 3, "network": "100.96.0.0/30" }, { "next_hop": "169.254.0.2", "route_type": "c ", "admin_distance": 0, "network": "169.254.0.0/28" } ], "count": 4, "edge_node": "41efeae8-58c2-11e8-993c-000c29326bac" } ] } Required Permissions: read Feature: policy_statistics Additional Errors:

Policy: Networking: Connectivity: Routing: Bgp

Associated URIs:

Create or update a BGP routing config

If BGP routing config is not already present, create BGP routing config.
If it already exists, replace the BGP routing config with this object.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/bgp
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BgpRoutingConfig+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/bgp { "local_as_num": "123", "route_aggregation": [ { "prefix": "10.1.1.0/24" }, { "prefix": "11.1.0.0/16", "summary_only": "false" } ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpRoutingConfig+

Example Response: { "resource_type": "BgpRoutingConfig", "id": "bgp", "display_name": "bgp", "path": "/infra/tier-0s/vmc_prv/locale-services/default/bgp", "parent_path": "/infra/tier-0s/vmc_prv/locale-services/default", "relative_path": "bgp", "local_as_num": "123", "route_aggregation": [ { "prefix": "10.1.1.0/24" }, { "prefix": "11.1.0.0/16", "summary_only": "false" } ], "graceful_restart_config": { "mode": "DISABLE", "timer": { "restart_timer": 180, "stale_route_timer": 600 } }, "_create_user": "admin", "_create_time": 1516751200877, "_last_modified_user": "admin", "_last_modified_time": 1516751200877, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update BGP routing config

If an BGP routing config not present, create BGP routing config.
If it already exists, update the routing config.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/bgp
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BgpRoutingConfig+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/bgp { "local_as_num": "123", "route_aggregation": [ { "prefix": "10.1.1.0/24" }, { "prefix": "11.1.0.0/16", "summary_only": "false" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Read BGP routing config

Read BGP routing config Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/bgp
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/bgp Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpRoutingConfig+

Example Response: { "resource_type": "BgpRoutingConfig", "id": "bgp", "display_name": "bgp", "path": "/infra/tier-0s/vmc_prv/locale-services/default/bgp", "parent_path": "/infra/tier-0s/vmc_prv/locale-services/default", "relative_path": "bgp", "local_as_num": "123", "route_aggregation": [ { "prefix": "10.1.1.0/24" }, { "prefix": "11.1.0.0/16", "summary_only": "false" } ], "graceful_restart_config": { "mode": "DISABLE", "timer": { "restart_timer": 180, "stale_route_timer": 600 } }, "_create_user": "admin", "_create_time": 1516751200877, "_last_modified_user": "admin", "_last_modified_time": 1516751200877, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

List BGP neighbor configurations

Paginated list of all BGP neighbor configurations
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/bgp/neighbors
Request Headers:
n/a
Query Parameters:
BgpNeighborConfigListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/bgp/neighbors Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpNeighborConfigListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "BgpNeighborConfig", "id": "peer1", "display_name": "peer1", "path": "/infra/tier-0s/vmc_prv/locale-services/default/bgp/neighbors/peer1", "parent_path": "/infra/tier-0s/vmc_prv/locale-services/default/bgp", "relative_path": "peer1", "password": "test", "remote_as_num": "12", "neighbor_address": "1.2.3.4", "graceful_restart_mode" : "DISABLE", "in_route_filters": [ "/infra/tier-0s/vmc/prefix-lists/plist-1" ], "_create_user": "admin", "_create_time": 1516751318020, "_last_modified_user": "admin", "_last_modified_time": 1516751318020, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update a BGP neighbor config

If BGP neighbor config with the neighbor-id is not already present, create a new
neighbor config. If it already exists, replace the BGP neighbor config with this object.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/bgp/neighbors/<neighbor-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BgpNeighborConfig+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/bgp/neighbors/peer1 { "neighbor_address": "1.2.3.4", "remote_as_num": "12", "password":"test", "in_route_filters": [ "/infra/tier-0s/vmc/prefix-lists/plist-1" ], "keep_alive_time": 60, "graceful_restart_mode" : "DISABLE", "bfd": { "multiplier": 4, "interval": 5000 } } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Delete BGP neighbor config

Delete BGP neighbor config Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/bgp/neighbors/<neighbor-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/bgp/neighbors/peer1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Read BGP neighbor config

Read BGP neighbor config Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/bgp/neighbors/<neighbor-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/bgp/neighbors/peer1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpNeighborConfig+

Example Response: { "resource_type": "BgpNeighborConfig", "id": "peer1", "display_name": "peer1", "path": "/infra/tier-0s/vmc_prv/locale-services/default/bgp/neighbors/peer1", "parent_path": "/infra/tier-0s/vmc_prv/locale-services/default/bgp", "relative_path": "peer1", "password": "test", "remote_as_num": "12", "neighbor_address": "1.2.3.4", "in_route_filters": [ "/infra/tier-0s/vmc/prefix-lists/plist-1" ], "graceful_restart_mode" : "DISABLE", "_create_user": "admin", "_create_time": 1516751318020, "_last_modified_user": "admin", "_last_modified_time": 1516751318020, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update a BGP neighbor config

If BGP neighbor config with the neighbor-id is not already present, create a new
neighbor config. If it already exists, replace the BGP neighbor config with this object.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/bgp/neighbors/<neighbor-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
BgpNeighborConfig+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/bgp/neighbors/peer1 { "neighbor_address": "1.2.3.4", "remote_as_num": "12", "password":"test", "in_route_filters": [ "/infra/tier-0s/vmc/prefix-lists/plist-1" ], "keep_alive_time": 60, "bfd": { "multiplier": 4, "interval": 5000 }, "graceful_restart_mode" : "DISABLE", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpNeighborConfig+

Example Response: { "resource_type": "BgpNeighborConfig", "id": "peer1", "display_name": "peer1", "path": "/infra/tier-0s/vmc_prv/locale-services/default/bgp/neighbors/peer1", "parent_path": "/infra/tier-0s/vmc_prv/locale-services/default/bgp", "relative_path": "peer1", "password": "test", "remote_as_num": "12", "neighbor_address": "1.2.3.4", "in_route_filters": [ "/infra/tier-0s/vmc/prefix-lists/plist-1" ], "keep_alive_time": 60, "bfd": { "multiplier": 4, "interval": 5000 }, "graceful_restart_mode" : "DISABLE", "_create_user": "admin", "_create_time": 1516751318020, "_last_modified_user": "admin", "_last_modified_time": 1516751318020, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Get BGP neighbor advertised routes

Returns routes advertised by BGP neighbor from all edge transport nodes on which
this neighbor is currently enabled.
The query parameter "source=cached" is not supported.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/bgp/neighbors/<neighbor-id>/advertised-routes
Request Headers:
n/a
Query Parameters:
BgpRoutesRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/defalt/bgp/neighbors/to-onprem/advertised-routes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpNeighborRoutesListResult+

Example Response: { "neighbor_path": "/infra/tier-0s/vmc/locale-services/defalt/bgp/neighbors/to-onprem", "enforcement_point_path": "/infra/deployment-zones/default/enforcement-points/default", "edge_node_routes": [{ "transport_node_id": "6c9e2815-ad34-4b9c-bb95-8af87990cf5a", "source_address": "10.10.10.1", "routes": [{ "network": "2.1.4.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "med": 1, "as_path": 1000, "route_origin": "INTERNAL" }, { "network": "40.40.40.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "med": 1, "as_path": 1000, "route_origin": "EXTERNAL" }] }, { "transport_node_id": "7980e91e-ba6d-11e8-9bda-020009ead346", "source_address": "50.50.50.1", "routes": [{ "network": "2.1.4.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "med": 1, "as_path": 1000, "route_origin": "INTERNAL" }, { "network": "40.40.40.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "med": 1, "as_path": 1000, "route_origin": "EXTERNAL" }] }] } Required Permissions: read Feature: policy_statistics Additional Errors:

Get BGP neighbor advertised routes in CSV format

Returns routes advertised by BGP neighbor from all edge transport nodes on which
this neighbor is currently enabled in CSV format. Routes from all enforcement points are returned.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/bgp/neighbors/<neighbor-id>/advertised-routes?format=csv
Request Headers:
n/a
Query Parameters:
BgpRoutesRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/defalt/bgp/neighbors/to-onprem/advertised-routes?format=csv&enforcement_point_path=/infra/sites/default/enforcement-points/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
BgpNeighborRouteDetailsInCsvFormat+

Example Response: { logical_router_id,neighbor_id,neighbor_address,transport_node_id,source_address,network,next_hop,local_pref,weight,med,as_path "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,2.1.4.0/24,40.40.40.10,100,0,1," 1000 !" "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,10.160.64.0/19,40.40.40.10,100,0,1," 1000 !" "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,40.40.40.0/24,40.40.40.10,100,0,1," 1000 !" "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,90.90.90.0/24,40.40.40.10,100,0,1," 1000 !" } Required Permissions: read Feature: policy_statistics Additional Errors:

Get routes learned by BGP neighbor

Returns routes learned by BGP neighbor from all edge nodes on which
this neighbor is currently enabled.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/bgp/neighbors/<neighbor-id>/routes
Request Headers:
n/a
Query Parameters:
BgpRoutesRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/defalt/bgp/neighbors/to-onprem/routes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
BgpNeighborRoutesListResult+

Example Response: { "neighbor_path": "/infra/tier-0s/vmc/locale-services/defalt/bgp/neighbors/to-onprem", "enforcement_point_path": "/infra/deployment-zones/default/enforcement-points/default", "edge_node_routes": [{ "transport_node_id": "6c9e2815-ad34-4b9c-bb95-8af87990cf5a", "source_address": "10.10.10.1", "routes": [{ "network": "2.1.4.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "weight": 0, "med": 1, "as_path": 1000, "route_origin": "INTERNAL" }, { "network": "40.40.40.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "weight": 0, "med": 1, "as_path": 1000, "route_origin": "INTERNAL" }] }, { "transport_node_id": "7980e91e-ba6d-11e8-9bda-020009ead346", "source_address": "50.50.50.1", "routes": [{ "network": "2.1.4.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "weight": 0, "med": 1, "as_path": 1000, "route_origin": "INTERNAL" }, { "network": "40.40.40.0/24", "next_hop": "40.40.40.10", "local_pref": 0, "weight": 0, "med": 1, "as_path": 1000, "route_origin": "INTERNAL" }] }] } Required Permissions: read Feature: policy_statistics Additional Errors:

Get routes learned by BGP neighbor in CSV format

Returns routes learned by BGP neighbor from all edge nodes on which
this neighbor is currently enabled. Routes from all enforcement points are returned.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/bgp/neighbors/<neighbor-id>/routes?format=csv
Request Headers:
n/a
Query Parameters:
BgpRoutesRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/defalt/bgp/neighbors/to-onprem/routes?format=csv&enforcement_point_path=/infra/sites/default/enforcement-points/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/csv
Response Body:
BgpNeighborRouteDetailsInCsvFormat+

Example Response: { logical_router_id,neighbor_id,neighbor_address,transport_node_id,source_address,network,next_hop,local_pref,weight,med,as_path "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,2.1.4.0/24,40.40.40.10,100,0,1," 1000 !" "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,10.160.64.0/19,40.40.40.10,100,0,1," 1000 !" "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,40.40.40.0/24,40.40.40.10,100,0,1," 1000 !" "3546b561-fcc6-4292-a97a-4caa611b995d","d56e64af-4329-4761-9bf7-39e0f68d7732",40.40.40.10,"c2ae8904-3e5f-11e9-b335-020006f72dcc",40.40.40.1,90.90.90.0/24,40.40.40.10,100,0,1," 1000 !" } Required Permissions: read Feature: policy_statistics Additional Errors:

Policy: Networking: Connectivity: Routing: Community List

Associated URIs:

List BGP community lists

Paginated list of all community lists under a tier-0
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/community-lists
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/community-lists Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CommunityListListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "CommunityList", "id": "cl1", "display_name": "cl1", "path": "/infra/tier-0s/vmc_prv/community-lists/cl1", "parent_path": "/infra/tier-0s/vmc_prv", "relative_path": "cl1", "communities": [ "NO_EXPORT", "2345:2018" ], "_create_user": "admin", "_create_time": 1516667421694, "_last_modified_user": "admin", "_last_modified_time": 1516667421694, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

Read a BGP community list

Read a BGP community list This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/community-lists/<community-list-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/community-lists/cl1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CommunityList+

Example Response: { "resource_type": "CommunityList", "id": "cl1", "display_name": "cl1", "path": "/infra/tier-0s/vmc_prv/community-lists/cl1", "parent_path": "/infra/tier-0s/vmc_prv", "relative_path": "cl1", "communities": [ "NO_EXPORT", "2345:2018" ], "_create_user": "admin", "_create_time": 1516667421694, "_last_modified_user": "admin", "_last_modified_time": 1516667421694, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update a BGP community list

If a community list with the community-list-id is not already present,
create a new community list. If it already exists, replace the community
list instance with the new object.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/community-lists/<community-list-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
CommunityList+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/community-lists/cl1 { "communities": [ "NO_EXPORT", "2345:2018" ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CommunityList+

Example Response: { "resource_type": "CommunityList", "id": "cl1", "display_name": "cl1", "path": "/infra/tier-0s/vmc_prv/community-lists/cl1", "parent_path": "/infra/tier-0s/vmc_prv", "relative_path": "cl1", "communities": [ "NO_EXPORT", "2345:2018" ], "_create_user": "admin", "_create_time": 1516667421694, "_last_modified_user": "admin", "_last_modified_time": 1516667421694, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: execute Feature: policy_connectivity Additional Errors:

Delete a BGP community list

Delete a BGP community list This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/community-lists/<community-list-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/community-lists/cl1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a BGP community list

If a community list with the community-list-id is not already present,
create a new community list. If it already exists, update the community
list for specified attributes.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/community-lists/<community-list-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
CommunityList+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/community-lists/cl1 { "communities": [ "NO_EXPORT", "2345:2018" ], } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: execute Feature: policy_connectivity Additional Errors:

Policy: Networking: Connectivity: Routing: Prefix List

Associated URIs:

List prefix lists

Paginated list of all prefix lists
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/prefix-lists
Request Headers:
n/a
Query Parameters:
PrefixListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/prefix-lists Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PrefixListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PrefixList", "id": "to-onprem", "display_name": "/infra/tier-0s/vmc/prefix-lists/to-onprem", "path": "/infra/tier-0s/vmc/prefix-lists/to-onprem", "parent_path": "/infra/tier-0s/vmc", "relative_path": "to-onprem", "marked_for_delete": false, "prefixes": [ { "action": "PERMIT", "network": "30.1.1.0/24" }, { "action": "DENY", "network": "10.1.1.0/24" } ], "_create_user": "admin", "_create_time": 1525754971782, "_last_modified_user": "admin", "_last_modified_time": 1525755003657, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

Delete a prefix list

Delete a prefix list Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/prefix-lists/<prefix-list-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/prefix-lists/to-onprem Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a prefix list

If prefix list for prefix-list-id is not already present, create
a prefix list. If it already exists, update prefix list for prefix-list-id.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/prefix-lists/<prefix-list-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PrefixList+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/prefix-lists/to-onprem { "prefixes": [ { "network":"30.1.1.0/24", "action":"PERMIT" }, { "network":"10.1.1.0/24", "action":"DENY" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a prefix list

If prefix list for prefix-list-id is not already present, create
a prefix list. If it already exists, replace the prefix list for
prefix-list-id.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/prefix-lists/<prefix-list-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PrefixList+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/prefix-lists/to-onprem { "prefixes": [ { "network":"30.1.1.0/24", "action":"PERMIT" }, { "network":"10.1.1.0/24", "action":"DENY" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PrefixList+

Example Response: { "resource_type": "PrefixList", "id": "to-onprem", "display_name": "/infra/tier-0s/vmc/prefix-lists/to-onprem", "path": "/infra/tier-0s/vmc/prefix-lists/to-onprem", "parent_path": "/infra/tier-0s/vmc", "relative_path": "to-onprem", "marked_for_delete": false, "prefixes": [ { "action": "PERMIT", "network": "30.1.1.0/24" }, { "action": "DENY", "network": "10.1.1.0/24" } ], "_create_user": "admin", "_create_time": 1525754971782, "_last_modified_user": "admin", "_last_modified_time": 1525754971782, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Read a prefix list

Read a prefix list Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/prefix-lists/<prefix-list-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/prefix-lists/to-onprem Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PrefixList+

Example Response: { "resource_type": "PrefixList", "id": "to-onprem", "display_name": "/infra/tier-0s/vmc/prefix-lists/to-onprem", "path": "/infra/tier-0s/vmc/prefix-lists/to-onprem", "parent_path": "/infra/tier-0s/vmc", "relative_path": "to-onprem", "marked_for_delete": false, "prefixes": [ { "action": "PERMIT", "network": "30.1.1.0/24" }, { "action": "DENY", "network": "10.1.1.0/24" } ], "_create_user": "admin", "_create_time": 1525754971782, "_last_modified_user": "admin", "_last_modified_time": 1525755003657, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Policy: Networking: Connectivity: Routing: Route Map

Associated URIs:

List route maps

Paginated list of all route maps under a tier-0
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/route-maps
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/route-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier0RouteMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "RoueMap", "id": "rm1", "display_name": "rm1", "path": "/infra/tier-0s/vmc_prv/route-maps/rm1", "parent_path": "/infra/tier-0s/vmc_prv", "relative_path": "rm1", "entries": [ { "community_list_matches": [ { "criteria": "/infra/tier-0s/vmc/community-lists/cl1", "match_operator": "MATCH_ALL" }], "set": { "as_path_prepend": "3354.1234", "med": 20, "weight": 12 }, "action": "PERMIT" }, { "prefix_list_matches": [ "/infra/tier-0s/vmc/prefix-lists/pl1" ], "set": { "as_path_prepend": "3354.1234", "med": 20, "weight": 12 }, "action": "PERMIT" } ], "_create_user": "admin", "_create_time": 1516667421694, "_last_modified_user": "admin", "_last_modified_time": 1516667421694, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update a route map

If a route map with the route-map-id is not already present,
create a new route map. If it already exists, replace the
route map instance with the new object.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/route-maps/<route-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Tier0RouteMap+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/route-maps/rm1 { "entries": [ { "community_list_matches": [ { "criteria": "/infra/tier-0s/vmc/community-lists/cl1", "match_operator": "MATCH_ALL" }], "set": { "as_path_prepend": "3354.1234", "med": 20, "weight": 12 }, "action": "PERMIT" }, { "prefix_list_matches": [ "/infra/tier-0s/vmc/prefix-lists/pl1" ], "set": { "as_path_prepend": "3354.1234", "med": 20, "weight": 12 }, "action": "PERMIT" } ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier0RouteMap+

Example Response: { "resource_type": "Tier0RoueMap", "id": "rm1", "display_name": "rm1", "path": "/infra/tier-0s/vmc_prv/route-maps/rm1", "parent_path": "/infra/tier-0s/vmc_prv", "relative_path": "rm1", "entries": [ { "community_list_matches": [ { "criteria": "/infra/tier-0s/vmc/community-lists/cl1", "match_operator": "MATCH_ALL" }], "set": { "as_path_prepend": "3354.1234", "med": 20, "weight": 12 }, "action": "PERMIT" }, { "prefix_list_matches": [ "/infra/tier-0s/vmc/prefix-lists/pl1" ], "set": { "as_path_prepend": "3354.1234", "med": 20, "weight": 12 }, "action": "PERMIT" } ], "_create_user": "admin", "_create_time": 1516667421694, "_last_modified_user": "admin", "_last_modified_time": 1516667421694, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Read a route map

Read a route map This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/route-maps/<route-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/route-maps/rm1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier0RouteMap+

Example Response: { "resource_type": "RoueMap", "id": "rm1", "display_name": "rm1", "path": "/infra/tier-0s/vmc_prv/route-maps/rm1", "parent_path": "/infra/tier-0s/vmc_prv", "relative_path": "rm1", "entries": [ { "community_list_matches": [ { "criteria": "/infra/tier-0s/vmc/community-lists/cl1", "match_operator": "MATCH_ALL" }], "set": { "as_path_prepend": "3354.1234", "med": 20, "weight": 12 }, "action": "PERMIT" }, { "prefix_list_matches": [ "/infra/tier-0s/vmc/prefix-lists/pl1" ], "set": { "as_path_prepend": "3354.1234", "med": 20, "weight": 12 }, "action": "PERMIT" } ], "_create_user": "admin", "_create_time": 1516667421694, "_last_modified_user": "admin", "_last_modified_time": 1516667421694, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update a route map

If a route map with the route-map-id is not already present, create a new
route map. If it already exists, update the route map for specified
attributes.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/route-maps/<route-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Tier0RouteMap+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/route-maps/rm1 { "entries": [ { "community_list_matches": [ { "criteria": "/infra/tier-0s/vmc/community-lists/cl1", "match_operator": "MATCH_ALL" }], "set": { "as_path_prepend": "3354.1234", "med": 20, "weight": 12 }, "action": "PERMIT" }, { "prefix_list_matches": [ "/infra/tier-0s/vmc/prefix-lists/pl1" ], "set": { "as_path_prepend": "3354.1234", "med": 20, "weight": 12 }, "action": "PERMIT" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Delete a route map

Delete a route map This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/route-maps/<route-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/route-maps/rm1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Policy: Networking: Connectivity: Routing: Static Routes

Associated URIs:

List Tier-0 Static Routes

Paginated list of all Tier-0 Static Routes
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/static-routes
Request Headers:
n/a
Query Parameters:
StaticRoutesListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/static-routes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StaticRoutesListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "StaticRoutes", "id": "site1", "display_name": "/infra/tier-0s/vmc_prv/static-routes/site1", "path": "/infra/tier-0s/vmc_prv/static-routes/site1", "parent_path": "/infra/tier-0s/vmc_prv", "relative_path": "site1", "next_hops": [ { "ip_address": "41.1.1.1", "admin_distance": 1 }, { "ip_address": "42.1.1.1", "admin_distance": 2 }, { "ip_address": "43.1.2.3", "admin_distance": 3 } ], "network": "45.1.1.0/24", "_create_user": "admin", "_create_time": 1516750267338, "_last_modified_user": "admin", "_last_modified_time": 1516750267338, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update a Tier-0 static routes

If static routes for route-id are not already present, create
static routes. If it already exists, update static routes for route-id.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/static-routes/<route-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
StaticRoutes+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/static-routes/site1 { "network": "45.1.1.0/24", "next_hops": [ { "ip_address": "41.1.1.1", "admin_distance": 1 }, { "ip_address": "42.1.1.1", "admin_distance": 2 }, { "ip_address": "43.1.2.3", "admin_distance": 3 } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a Tier-0 static routes

If static routes for route-id are not already present, create
static routes. If it already exists, replace the static routes for route-id.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/static-routes/<route-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
StaticRoutes+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/static-routes/site1 { "network": "45.1.1.0/24", "next_hops": [ { "ip_address": "41.1.1.1", "admin_distance": 1 }, { "ip_address": "42.1.1.1", "admin_distance": 2 }, { "ip_address": "43.1.2.3", "admin_distance": 3 } ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StaticRoutes+

Example Response: { "resource_type": "StaticRoutes", "id": "site1", "display_name": "/infra/tier-0s/vmc_prv/static-routes/site1", "path": "/infra/tier-0s/vmc_prv/static-routes/site1", "parent_path": "/infra/tier-0s/vmc_prv", "relative_path": "site1", "next_hops": [ { "ip_address": "41.1.1.1", "admin_distance": 1 }, { "ip_address": "42.1.1.1", "admin_distance": 2 }, { "ip_address": "43.1.2.3", "admin_distance": 3 } ], "network": "45.1.1.0/24", "_create_user": "admin", "_create_time": 1516750267338, "_last_modified_user": "admin", "_last_modified_time": 1516750267338, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Read Tier-0 static routes

Read Tier-0 static routes Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/static-routes/<route-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/static-routes/site1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StaticRoutes+

Example Response: { "resource_type": "StaticRoutes", "id": "site1", "display_name": "/infra/tier-0s/vmc_prv/static-routes/site1", "path": "/infra/tier-0s/vmc_prv/static-routes/site1", "parent_path": "/infra/tier-0s/vmc_prv", "relative_path": "site1", "next_hops": [ { "ip_address": "41.1.1.1", "admin_distance": 1 }, { "ip_address": "42.1.1.1", "admin_distance": 2 }, { "ip_address": "43.1.2.3", "admin_distance": 3 } ], "network": "45.1.1.0/24", "_create_user": "admin", "_create_time": 1516750267338, "_last_modified_user": "admin", "_last_modified_time": 1516750267338, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Delete Tier-0 static routes

Delete Tier-0 static routes Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/static-routes/<route-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/static-routes/site1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

List Tier-1 Static Routes

Paginated list of all Tier-1 Static Routes
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/static-routes
Request Headers:
n/a
Query Parameters:
StaticRoutesListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/static-routes Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StaticRoutesListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "StaticRoutes", "id": "site1", "display_name": "/infra/tier-1s/cgw/static-routes/site1", "path": "/infra/tier-1s/cgw/static-routes/site1", "parent_path": "/infra/tier-1s/cgw", "relative_path": "site1", "next_hops": [ { "ip_address": "41.1.1.1", "admin_distance": 1 }, { "ip_address": "42.1.1.1", "admin_distance": 2 }, { "ip_address": "43.1.2.3", "admin_distance": 3 } ], "network": "45.1.1.0/24", "_create_user": "admin", "_create_time": 1516750267338, "_last_modified_user": "admin", "_last_modified_time": 1516750267338, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

Delete Tier-1 static routes

Delete Tier-1 static routes Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/static-routes/<route-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/static-routes/site1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a Tier-1 static routes

If static routes for route-id are not already present, create
static routes. If it already exists, replace the static routes for route-id.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/static-routes/<route-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
StaticRoutes+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/static-routes/site1 { "network": "45.1.1.0/24", "next_hops": [ { "ip_address": "41.1.1.1", "admin_distance": 1 }, { "ip_address": "42.1.1.1", "admin_distance": 2 }, { "ip_address": "43.1.2.3", "admin_distance": 3 } ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StaticRoutes+

Example Response: { "resource_type": "StaticRoutes", "id": "site1", "display_name": "/infra/tier-1s/cgw/static-routes/site1", "path": "/infra/tier-1s/cgw/static-routes/site1", "parent_path": "/infra/tier-1s/cgw", "relative_path": "site1", "next_hops": [ { "ip_address": "41.1.1.1", "admin_distance": 1 }, { "ip_address": "42.1.1.1", "admin_distance": 2 }, { "ip_address": "43.1.2.3", "admin_distance": 3 } ], "network": "45.1.1.0/24", "_create_user": "admin", "_create_time": 1516750267338, "_last_modified_user": "admin", "_last_modified_time": 1516750267338, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a Tier-1 static routes

If static routes for route-id are not already present, create
static routes. If it already exists, update static routes for route-id.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/static-routes/<route-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
StaticRoutes+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/static-routes/site1 { "network": "45.1.1.0/24", "next_hops": [ { "ip_address": "41.1.1.1", "admin_distance": 1 }, { "ip_address": "42.1.1.1", "admin_distance": 2 }, { "ip_address": "43.1.2.3", "admin_distance": 3 } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Read Tier-1 static routes

Read Tier-1 static routes Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/static-routes/<route-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/static-routes/site1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StaticRoutes+

Example Response: { "resource_type": "StaticRoutes", "id": "site1", "display_name": "/infra/tier-1s/cgw/static-routes/site1", "path": "/infra/tier-1s/cgw/static-routes/site1", "parent_path": "/infra/tier-1s/cgw", "relative_path": "site1", "next_hops": [ { "ip_address": "41.1.1.1", "admin_distance": 1 }, { "ip_address": "42.1.1.1", "admin_distance": 2 }, { "ip_address": "43.1.2.3", "admin_distance": 3 } ], "network": "45.1.1.0/24", "_create_user": "admin", "_create_time": 1516750267338, "_last_modified_user": "admin", "_last_modified_time": 1516750267338, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Policy: Networking: Connectivity: Routing: Tiers-0 Gateways

Associated URIs:

List Tier-0s

Paginated list of all Tier-0s
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s
Request Headers:
n/a
Query Parameters:
Tier0ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier0ListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "Tier0", "id": "vmc_prv", "display_name": "/infra/tier-0s/vmc_prv", "path": "/infra/tier-0s/vmc_prv", "parent_path": "/infra/tier-0s/vmc_prv", "relative_path": "vmc_prv", "ha_mode": "ACTIVE_STANDBY", "transit_subnets": [ "10.2.3.0/24" ], "force_whitelisting": false, "_create_user": "admin", "_create_time": 1516667421694, "_last_modified_user": "admin", "_last_modified_time": 1516667421694, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

Read Tier-0

Read Tier-0 Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier0+

Example Response: { "resource_type": "Tier0", "id": "vmc_prv", "display_name": "/infra/tier-0s/vmc_prv", "path": "/infra/tier-0s/vmc_prv", "parent_path": "/infra/tier-0s/vmc_prv", "relative_path": "vmc_prv", "ha_mode": "ACTIVE_STANDBY", "transit_subnets": [ "10.2.3.0/24" ], "force_whitelisting": false, "_create_user": "admin", "_create_time": 1516667421694, "_last_modified_user": "admin", "_last_modified_time": 1516667421694, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update a Tier-0

If a Tier-0 with the tier-0-id is not already present, create a new
Tier-0. If it already exists, replace the Tier-0 instance with the new object.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Tier0+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv { "transit_subnets": [ "10.2.3.0/24" ], "ha_mode":"ACTIVE_STANDBY", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier0+

Example Response: { "resource_type": "Tier0", "id": "vmc_prv", "display_name": "/infra/tier-0s/vmc_prv", "path": "/infra/tier-0s/vmc_prv", "parent_path": "/infra/tier-0s/vmc_prv", "relative_path": "vmc_prv", "ha_mode": "ACTIVE_STANDBY", "transit_subnets": [ "10.2.3.0/24" ], "force_whitelisting": false, "_create_user": "admin", "_create_time": 1516667421694, "_last_modified_user": "admin", "_last_modified_time": 1516667421694, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a Tier-0

If a Tier-0 with the tier-0-id is not already present, create a new
Tier-0. If it already exists, update the Tier-0 for specified attributes.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Tier0+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv { "transit_subnets": [ "10.2.3.0/24" ], "ha_mode":"ACTIVE_STANDBY" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Delete Tier-0

Delete Tier-0 Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

List Tier-0 locale-services

Paginated list of all Tier-0 locale-services
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LocaleServicesListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "LocaleServices", "id": "default", "display_name": "default", "path": "/infra/tier-0s/vmc_prv/locale-services/default", "parent_path": "/infra/tier-0s/vmc_prv", "relative_path": "default", "route_redistribution_types": [ "TIER0_STATIC", "TIER0_NAT" ], "edge_cluster_path": "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd", "preferred_edge_paths": [ "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd/edge-nodes/940f1f4b-0317-45d4-84e2-b8c2394e7405" ], "_create_user": "admin", "_create_time": 1516667421694, "_last_modified_user": "admin", "_last_modified_time": 1516667421694, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

List Tier-0 Interfaces

Paginated list of all Tier-0 Interfaces
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/interfaces
Request Headers:
n/a
Query Parameters:
Tier0InterfaceListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/interfaces Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier0InterfaceListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "Tier0Interface", "id": "to_internet", "display_name": "to_internet", "path": "/infra/tier-0s/vmc_prv/locale-services/default/interfaces/to_internet", "parent_path": "/infra/tier-0s/vmc_prv/locale-services/default", "relative_path": "to_internet", "segment_path": "/infra/segments/sg-uplink", "subnets": [ { "ip_addresses": [ "35.1.1.1" ], "prefix_len": 24 } ], "edge_path": "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd/edge-nodes/940f1f4b-0317-45d4-84e2-b8c2394e7405", "type": "EXTERNAL" "_create_user": "admin", "_create_time": 1516751318020, "_last_modified_user": "admin", "_last_modified_time": 1516751318020, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update a Tier-0 interface

If an interface with the interface-id is not already present, create a new
interface. If it already exists, update the interface for specified attributes.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Tier0Interface+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/interfaces/to_internet { "segment_path": "/infra/segments/sg-uplink", "subnets": [ { "ip_addresses": [ "35.1.1.1" ], "prefix_len": 24 } ], "edge_path": "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd/edge-nodes/940f1f4b-0317-45d4-84e2-b8c2394e7405", "type": "EXTERNAL" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a Tier-0 interface

If an interface with the interface-id is not already present, create a new
interface. If it already exists, replace the interface with this object.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Tier0Interface+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/interfaces/to_internet { "segment_path": "/infra/segments/sg-uplink", "subnets": [ { "ip_addresses": [ "35.1.1.1" ], "prefix_len": 24 } ], "edge_path": "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd/edge-nodes/940f1f4b-0317-45d4-84e2-b8c2394e7405", "type": "EXTERNAL" "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier0Interface+

Example Response: { "resource_type": "Tier0Interface", "id": "to_internet", "display_name": "to_internet", "path": "/infra/tier-0s/vmc_prv/locale-services/default/interfaces/to_internet", "parent_path": "/infra/tier-0s/vmc_prv/locale-services/default", "relative_path": "to_internet", "segment_path": "/infra/segments/sg-uplink", "subnets": [ { "ip_addresses": [ "35.1.1.1" ], "prefix_len": 24 } ], "edge_path": "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd/edge-nodes/940f1f4b-0317-45d4-84e2-b8c2394e7405", "type": "EXTERNAL" "_create_user": "admin", "_create_time": 1516751318020, "_last_modified_user": "admin", "_last_modified_time": 1516751318020, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Read Tier-0 interface

Read Tier-0 interface Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/interfaces/to_internet Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier0Interface+

Example Response: { "resource_type": "Tier0Interface", "id": "to_internet", "display_name": "to_internet", "path": "/infra/tier-0s/vmc_prv/locale-services/default/interfaces/to_internet", "parent_path": "/infra/tier-0s/vmc_prv/locale-services/default", "relative_path": "to_internet", "segment_path": "/infra/segments/sg-uplink", "subnets": [ { "ip_addresses": [ "35.1.1.1" ], "prefix_len": 24 } ], "edge_path": "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd/edge-nodes/940f1f4b-0317-45d4-84e2-b8c2394e7405", "type": "EXTERNAL" "_create_user": "admin", "_create_time": 1516751318020, "_last_modified_user": "admin", "_last_modified_time": 1516751318020, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Delete Tier-0 interface

Delete Tier-0 interface Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/interfaces/to_internet Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Get segment statistics information

Get tier0 interface statistics information.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/interfaces/<interface-id>/statistics
Request Headers:
n/a
Query Parameters:
L2L3RuntimeRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyInterfaceStatistics+

Example Response: { "logical_router_port_id": "b109909a-81a1-4c25-bb54-ce4d0e75b6ad", "per_node_statistics": [ { "transport_node_id": "2ed9af04-21c9-11e9-be65-000c2902dff7", "last_update_timestamp": 1548965795630, "rx": { "total_bytes": 0, "total_packets": 0, "dropped_packets": 0 }, "tx": { "total_bytes": 642, "total_packets": 13, "dropped_packets": 0 } } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

List Service Interfaces

Paginated list of all Service Interfaces
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-interfaces
Request Headers:
n/a
Query Parameters:
Tier0InterfaceListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/service-interfaces Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInterfaceListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "ServiceInterface", "id": "to_internet", "display_name": "to_internet", "path": "/infra/tier-0s/vmc_prv/locale-services/default/service-interfaces/to_internet", "parent_path": "/infra/tier-0s/vmc_prv/locale-services/default", "relative_path": "to_internet", "subnets": [ { "ip_addresses": [ "35.1.1.1" ], "prefix_len": 24 } ], "_create_user": "admin", "_create_time": 1516751318020, "_last_modified_user": "admin", "_last_modified_time": 1516751318020, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

Read service interface

Read service interface Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/service-interfaces/to_internet Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInterface+

Example Response: { "resource_type": "ServiceInterface", "id": "to_internet", "display_name": "to_internet", "path": "/infra/tier-0s/vmc_prv/locale-services/default/service-interfaces/to_internet", "parent_path": "/infra/tier-0s/vmc_prv/locale-services/default", "relative_path": "to_internet", "subnets": [ { "ip_addresses": [ "35.1.1.1" ], "prefix_len": 24 } ], "_create_user": "admin", "_create_time": 1516751318020, "_last_modified_user": "admin", "_last_modified_time": 1516751318020, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create a service interface

If an interface with the interface-id is not already present, create a new
interface. Modification of service interface is not allowed.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceInterface+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/service-interfaces/to_internet { "subnets": [ { "ip_addresses": [ "35.1.1.1" ], "prefix_len": 24 } ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInterface+

Example Response: { "resource_type": "ServiceInterface", "id": "to_internet", "display_name": "to_internet", "path": "/infra/tier-0s/vmc_prv/locale-services/default/service-interfaces/to_internet", "parent_path": "/infra/tier-0s/vmc_prv/locale-services/default", "relative_path": "to_internet", "subnets": [ { "ip_addresses": [ "35.1.1.1" ], "prefix_len": 24 } ], "_create_user": "admin", "_create_time": 1516751318020, "_last_modified_user": "admin", "_last_modified_time": 1516751318020, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Delete service interface

Delete service interface Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/interfaces/to_internet Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a Tier-0 interface

If an interface with the interface-id is not already present, create a new
interface. If it already exists, update the interface for specified attributes.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceInterface+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default/service-interfaces/to_internet { "subnets": [ { "ip_addresses": [ "35.1.1.1" ], "prefix_len": 24 } ], } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Read Tier-0 locale-services

Read Tier-0 locale-services Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-services-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LocaleServices+

Example Response: { "resource_type": "LocaleServices", "id": "default", "display_name": "default", "path": "/infra/tier-0s/vmc_prv/locale-services/default", "parent_path": "/infra/tier-0s/vmc_prv", "relative_path": "default", "route_redistribution_types": [ "TIER0_STATIC", "TIER0_NAT" ], "edge_cluster_path": "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd", "preferred_edge_paths": [ "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd/edge-nodes/940f1f4b-0317-45d4-84e2-b8c2394e7405" ], "_create_user": "admin", "_create_time": 1516667421694, "_last_modified_user": "admin", "_last_modified_time": 1516667421694, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Delete Tier-0 locale-services

Delete Tier-0 locale-services Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-services-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Get Tier0 state

Returns
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/state
Request Headers:
n/a
Query Parameters:
Tier0StateRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier0GatewayState+

Example Response: { "tier0_state": { "state": "in_sync", "details": [ { "sub_system_id": "9d09f56c-6bd2-11e9-ac02-000c294188d6", "sub_system_type": "TransportNode", "state": "in_sync" }, { "sub_system_id": "96e40830-6bd2-11e9-a190-000c2985db32", "sub_system_type": "TransportNode", "state": "in_sync" } ] }, "tier0_status": { "logical_router_id": "db481db6-2759-4769-b6f4-71cef0b5ef07", "last_update_timestamp": 1557467728692, "per_node_status": [ { "transport_node_id": "9d09f56c-6bd2-11e9-ac02-000c294188d6", "service_router_id": "6456b7c0-a50f-46cb-86e2-4094812bdd6d", "high_availability_status": "STANDBY" }, { "transport_node_id": "96e40830-6bd2-11e9-a190-000c2985db32", "service_router_id": "c4ac6edb-bca7-45ba-b888-29594201f15c", "high_availability_status": "ACTIVE" } ] }, "ipv6_status": [ { "interface_id": "/infra/tier-0s/pepsi/locale-services/1-policyconnectivity-197/interfaces/1-policyconnectivity-350", "dad_statuses": [] }, { "interface_id": "/infra/tier-0s/pepsi/locale-services/1-policyconnectivity-197/interfaces/1-policyconnectivity-270", "dad_statuses": [] }, { "interface_id": "/infra/tier-0s/pepsi/locale-services/1-policyconnectivity-197/interfaces/1-policyconnectivity-185", "dad_statuses": [ { "ip_address": "fe80::50:56ff:fe56:4452", "status": "NOT_APPLICABLE" }, { "ip_address": "fcf8:9c18:67c6::1", "status": "NOT_APPLICABLE" } ] }, { "interface_id": "/infra/tier-0s/pepsi/locale-services/1-policyconnectivity-197/interfaces/1-policyconnectivity-12", "dad_statuses": [ { "ip_address": "fe80::50:56ff:fe56:4452", "status": "NOT_APPLICABLE" }, { "ip_address": "fcf8:9c18:67c6:1::1", "status": "NOT_APPLICABLE" } ] } ] } Required Permissions: read Feature: policy_statistics Additional Errors:

Policy: Networking: Connectivity: Routing: Tiers-0 Gateways: Tiers-0 Deployment Maps

Associated URIs:

List Tier-0 Deployment maps

Paginated list of all Tier-0 Deployment Entries.
This API has been deprecated. Use new API
GET /infra/tier-0s/tier-0-id/locale-services/locale-services-id/tier-0-deployment-maps
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/tier-0-deployment-maps
Request Headers:
n/a
Query Parameters:
Tier0DeploymentMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/tier-0-deployment-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier0DeploymentMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "Tier0DeploymentMap", "id": "vmc_t0dm", "display_name": "vmc_t0dm", "path": "/infra/tier-0s/vmc/locale-services/default/tier-0-deployment-maps/vmc_t0dm", "parent_path": "/infra/tier-0s/vmc/locale-services/default", "relative_path": "vmc_t0dm", "enforcement_point": "/infra/deployment-zones/default/enforcement-points/nsxt-ep", "_create_user": "admin", "_create_time": 1516667391141, "_last_modified_user": "admin", "_last_modified_time": 1516667391141, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: infra_admin Additional Errors:

Delete Tier-0 Deployment Map

Delete Tier-0 Deployment Map This API has been deprecated. Use new API GET /infra/tier-0s/tier-0-id/locale-services/locale-services-id/tier-0-deployment-maps Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/tier-0-deployment-maps/<tier-0-deployment-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/localeService1/tier-0-deployment-maps/vmc_pdm Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: infra_admin Additional Errors:

Patch a Tier-0 Deployment Map under Tier-0

If the passed Tier-0 Deployment Map does not already exist, create a new Tier-0 Deployment Map.
If it already exists, patch it.
This API has been deprecated. Use new API
PATCH /infra/tier-0s//locale-services/locale-services-id/tier-0-deployment-maps/tier-0-deployment-map-id
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/tier-0-deployment-maps/<tier-0-deployment-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Tier0DeploymentMap+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/tier-0-deployment-maps/vmc_t0dm { "enforcement_point":"/infra/deployment-zones/default/enforcement-points/nsxt-ep" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier0DeploymentMap+

Example Response: { "resource_type": "Tier0DeploymentMap", "id": "vmc_t0dm", "display_name": "vmc_t0dm", "path": "/infra/tier-0s/vmc/locale-services/default/tier-0-deployment-maps/vmc_t0dm", "parent_path": "/infra/tier-0s/vmc/locale-services/default", "relative_path": "vmc_t0dm", "enforcement_point": "/infra/deployment-zones/default/enforcement-points/nsxt-ep", "_create_user": "admin", "_create_time": 1516667391141, "_last_modified_user": "admin", "_last_modified_time": 1516667391141, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: infra_admin Additional Errors:

Create a new Tier-0 Deployment Map under Tier-0

If the passed Tier-0 Deployment Map does not already exist, create a new Tier-0 Deployment Map.
If it already exists, replace it.
This API has been deprecated. Use new API
PUT /infra/tier-0s/tier-0-id/locale-services/locale-services-id/tier-0-deployment-maps/tier-0-deployment-map-id
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/tier-0-deployment-maps/<tier-0-deployment-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Tier0DeploymentMap+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/tier-0-deployment-maps/vmc_t0dm { "enforcement_point":"/infra/deployment-zones/default/enforcement-points/nsxt-ep", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier0DeploymentMap+

Example Response: { "resource_type": "Tier0DeploymentMap", "id": "vmc_t0dm", "display_name": "vmc_t0dm", "path": "/infra/tier-0s/vmc/locale-services/default/tier-0-deployment-maps/vmc_t0dm", "parent_path": "/infra/tier-0s/vmc/locale-services/default", "relative_path": "vmc_t0dm", "enforcement_point": "/infra/deployment-zones/default/enforcement-points/nsxt-ep", "_create_user": "admin", "_create_time": 1516667391141, "_last_modified_user": "admin", "_last_modified_time": 1516667391141, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: infra_admin Additional Errors:

Read a Tier-0 Deployment Map

Read a Tier-0 Deployment Map
This API has been deprecated. Use new API
GET /infra/tier-0s/tier-0-1/locale-services/locale-services-1/tier-0-deployment-maps/tier-0-deployment-map-1
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/tier-0-deployment-maps/<tier-0-deployment-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/tier-0-deployment-maps/vmc_t0dm Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier0DeploymentMap+

Example Response: { "resource_type": "Tier0DeploymentMap", "id": "vmc_t0dm", "display_name": "vmc_t0dm", "path": "/infra/tier-0s/vmc/locale-services/default/tier-0-deployment-maps/vmc_t0dm", "parent_path": "/infra/tier-0s/vmc/locale-services/default", "relative_path": "vmc_t0dm", "enforcement_point": "/infra/deployment-zones/default/enforcement-points/nsxt-ep", "_create_user": "admin", "_create_time": 1516667391141, "_last_modified_user": "admin", "_last_modified_time": 1516667391141, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: infra_admin Additional Errors:

Policy: Networking: Connectivity: Routing: Tiers-0 Gateways: Tiers-0 Locale Services

Associated URIs:

Create or update a tier-0 locale-services

If a Tier-0 locale-services with the locale-services-id is not already
present, create a new locale-services. If it already exists, update
Tier-0 locale-services with specified attributes.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-services-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LocaleServices+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default { "route_redistribution_types": [ "TIER0_STATIC", "TIER0_NAT" ], "edge_cluster_path": "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd", "preferred_edge_paths": [ "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd/edge-nodes/940f1f4b-0317-45d4-84e2-b8c2394e7405" ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a Tier-0 locale-services

If a Tier-0 locale-services with the locale-services-id is not already
present, create a new locale-services. If it already exists, replace the
Tier-0 locale-services instance with the new object.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-services-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LocaleServices+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_prv/locale-services/default { "route_redistribution_types": [ "TIER0_STATIC", "TIER0_NAT" ], "edge_cluster_path": "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd", "preferred_edge_paths": [ "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd/edge-nodes/940f1f4b-0317-45d4-84e2-b8c2394e7405" ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LocaleServices+

Example Response: { "resource_type": "LocaleServices", "id": "default", "display_name": "default", "path": "/infra/tier-0s/vmc_prv/locale-services/default", "parent_path": "/infra/tier-0s/vmc_prv", "relative_path": "default", "route_redistribution_types": [ "TIER0_STATIC", "TIER0_NAT" ], "edge_cluster_path": "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd", "preferred_edge_paths": [ "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd/edge-nodes/940f1f4b-0317-45d4-84e2-b8c2394e7405" ], "_create_user": "admin", "_create_time": 1516667421694, "_last_modified_user": "admin", "_last_modified_time": 1516667421694, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Policy: Networking: Connectivity: Routing: Tiers-1 Gateways

Associated URIs:

List Tier-1 instances

Paginated list of all Tier-1 instances
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s
Request Headers:
n/a
Query Parameters:
Tier1ListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier1ListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "Tier1", "id": "cgw", "display_name": "/infra/tier-1s/cgw", "path": "/infra/tier-1s/cgw", "parent_path": "/infra/tier-1s/cgw", "relative_path": "cgw", "tier0_path": "/infra/tier-0s/vmc_prv", "force_whitelisting": false, "_create_user": "admin", "_create_time": 1516668826912, "_last_modified_user": "admin", "_last_modified_time": 1516668826912, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

Read Tier-1 configuration

Read Tier-1 configuration Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier1+

Example Response: { "resource_type": "Tier1", "id": "cgw", "display_name": "/infra/tier-1s/cgw", "path": "/infra/tier-1s/cgw", "parent_path": "/infra/tier-1s/cgw", "relative_path": "cgw", "tier0_path": "/infra/tier-0s/vmc_prv", "force_whitelisting": false, "_create_user": "admin", "_create_time": 1516668826912, "_last_modified_user": "admin", "_last_modified_time": 1516668826912, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update tier-1 configuration

If Tier-1 with the tier-1-id is not already present, create a new Tier-1 instance.
If it already exists, replace the Tier-1 instance with this object.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Tier1+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw { "tier0_path": "/infra/tier-0s/vmc_prv", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier1+

Example Response: { "resource_type": "Tier1", "id": "cgw", "display_name": "/infra/tier-1s/cgw", "path": "/infra/tier-1s/cgw", "parent_path": "/infra/tier-1s/cgw", "relative_path": "cgw", "tier0_path": "/infra/tier-0s/vmc_prv", "force_whitelisting": false, "_create_user": "admin", "_create_time": 1516668826912, "_last_modified_user": "admin", "_last_modified_time": 1516668826912, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update Tier-1 configuration

If Tier-1 with the tier-1-id is not already present, create a new Tier-1 instance.
If it already exists, update the tier-1 instance with specified attributes.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Tier1+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw { "tier0_path": "/infra/tier-0s/vmc_prv" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Delete Tier-1 configuration

Delete Tier-1 configuration Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

List Tier-1 locale-services

Paginated list of all Tier-1 locale-services
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/locale-services Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LocaleServicesListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "LocaleServices", "id": "default", "display_name": "default", "path": "/infra/tier-1s/cgw/locale-services/default", "parent_path": "/infra/tier-1s/cgw", "relative_path": "default", "edge_cluster_path": "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd", "preferred_edge_paths": [ "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd/edge-nodes/940f1f4b-0317-45d4-84e2-b8c2394e7405" ], "_create_user": "admin", "_create_time": 1516667421694, "_last_modified_user": "admin", "_last_modified_time": 1516667421694, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

Get segment statistics information

Get tier1 interface statistics information.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/interfaces/<interface-id>/statistics
Request Headers:
n/a
Query Parameters:
L2L3RuntimeRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyInterfaceStatistics+

Example Response: { "logical_router_port_id": "b109909a-81a1-4c25-bb54-ce4d0e75b6ad", "per_node_statistics": [ { "transport_node_id": "2ed9af04-21c9-11e9-be65-000c2902dff7", "last_update_timestamp": 1548965795630, "rx": { "total_bytes": 0, "total_packets": 0, "dropped_packets": 0 }, "tx": { "total_bytes": 642, "total_packets": 13, "dropped_packets": 0 } } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update a Tier-1 locale-services

If a Tier-1 locale services with the locale-services-id is not already
present, create a new locale-services. If it already exists, replace the
Tier-1 locale services instance with the new object.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-services-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LocaleServices+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/locale-services/default { "edge_cluster_path": "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd", "preferred_edge_paths": [ "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd/edge-nodes/940f1f4b-0317-45d4-84e2-b8c2394e7405" ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LocaleServices+

Example Response: { "resource_type": "LocaleServices", "id": "default", "display_name": "default", "path": "/infra/tier-1s/cgw/locale-services/default", "parent_path": "/infra/tier-1s/cgw", "relative_path": "default", "edge_cluster_path": "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd", "preferred_edge_paths": [ "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd/edge-nodes/940f1f4b-0317-45d4-84e2-b8c2394e7405" ], "_create_user": "admin", "_create_time": 1516667421694, "_last_modified_user": "admin", "_last_modified_time": 1516667421694, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a Tier-1 locale-services

If a Tier-1 locale services with the locale-services-id is not already
present, create a new locale services. If it already exists, update
Tier-1 locale services with specified attributes.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-services-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LocaleServices+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/locale-services/default { "edge_cluster_path": "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd", "preferred_edge_paths": [ "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd/edge-nodes/940f1f4b-0317-45d4-84e2-b8c2394e7405" ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Delete Tier-1 locale-services

Delete Tier-1 locale-services This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-services-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/locale-services/default Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Read Tier-1 locale-services

Read Tier-1 locale-services This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-services-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/locale-services/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LocaleServices+

Example Response: { "resource_type": "LocaleServices", "id": "default", "display_name": "default", "path": "/infra/tier-1s/cgw/locale-services/default", "parent_path": "/infra/tier-1s/cgw", "relative_path": "default", "edge_cluster_path": "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd", "preferred_edge_paths": [ "/infra/sites/default/enforcement-point/nsx/edge-clusters/95196903-6b8a-4276-a7c4-387263e834fd/edge-nodes/940f1f4b-0317-45d4-84e2-b8c2394e7405" ], "_create_user": "admin", "_create_time": 1516667421694, "_last_modified_user": "admin", "_last_modified_time": 1516667421694, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

List Tier-1 interfaces

Paginated list of all Tier-1 interfaces
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-services-id>/interfaces
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/locale-services/default/interfaces Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier1InterfaceListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "Tier1Interface", "id": "to_internet", "display_name": "to_internet", "path": "/infra/tier-1s/cgw/locale-services/default/interfaces/to_internet", "parent_path": "/infra/tier-1s/cgw/locale-services/default", "relative_path": "to_internet", "segment_path": "/infra/segments/sg-svc", "subnets": [ { "ip_addresses": [ "35.1.1.1" ], "prefix_len": 24 } ], "_create_user": "admin", "_create_time": 1516751318020, "_last_modified_user": "admin", "_last_modified_time": 1516751318020, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update a tier-1 interface

If an interface with the interface-id is not already present, create a new
interface. If it already exists, replace the interface with this object.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-services-id>/interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Tier1Interface+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/locale-services/default/interfaces/to_internet { "segment_path": "/infra/segments/sg-uplink", "subnets": [ { "ip_addresses": [ "35.1.1.1" ], "prefix_len": 24 } ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier1Interface+

Example Response: { "resource_type": "Tier1Interface", "id": "to_internet", "display_name": "to_internet", "path": "/infra/tier-1s/cgw/locale-services/default/interfaces/to_internet", "parent_path": "/infra/tier-1s/cgw/locale-services/default", "relative_path": "to_internet", "segment_path": "/infra/segments/sg-uplink", "subnets": [ { "ip_addresses": [ "35.1.1.1" ], "prefix_len": 24 } ], "_create_user": "admin", "_create_time": 1516751318020, "_last_modified_user": "admin", "_last_modified_time": 1516751318020, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a Tier-1 interface

If an interface with the interface-id is not already present, create a new
interface. If it already exists, update the interface for specified
attributes.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-services-id>/interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Tier1Interface+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/locale-services/default/interfaces/to_internet { "segment_path": "/infra/segments/sg-svc", "subnets": [ { "ip_addresses": [ "35.1.1.1" ], "prefix_len": 24 } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Read Tier-1 interface

Read Tier-1 interface This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-services-id>/interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/locale-services/default/interfaces/to_internet Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier1Interface+

Example Response: { "resource_type": "Tier1Interface", "id": "to_internet", "display_name": "to_internet", "path": "/infra/tier-1s/cgw/locale-services/default/interfaces/to_internet", "parent_path": "/infra/tier-1s/cgw/locale-services/default", "relative_path": "to_internet", "segment_path": "/infra/segments/sg-svc", "subnets": [ { "ip_addresses": [ "35.1.1.1" ], "prefix_len": 24 } ], "_create_user": "admin", "_create_time": 1516751318020, "_last_modified_user": "admin", "_last_modified_time": 1516751318020, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Delete Tier-1 interface

Delete Tier-1 interface This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-services-id>/interfaces/<interface-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/locale-services/default/interfaces/to_internet Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Get Tier1 state

Returns
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/state
Request Headers:
n/a
Query Parameters:
Tier1StateRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/state Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Tier1GatewayState+

Example Response: { "tier1_state": { "state": "in_sync", "details": [ { "sub_system_id": "9d09f56c-6bd2-11e9-ac02-000c294188d6", "sub_system_type": "TransportNode", "state": "in_sync" }, { "sub_system_id": "96e40830-6bd2-11e9-a190-000c2985db32", "sub_system_type": "TransportNode", "state": "in_sync" } ] }, "tier1_status": { "logical_router_id": "db481db6-2759-4769-b6f4-71cef0b5ef07", "last_update_timestamp": 1557467728692, "per_node_status": [ { "transport_node_id": "9d09f56c-6bd2-11e9-ac02-000c294188d6", "service_router_id": "6456b7c0-a50f-46cb-86e2-4094812bdd6d", "high_availability_status": "STANDBY" }, { "transport_node_id": "96e40830-6bd2-11e9-a190-000c2985db32", "service_router_id": "c4ac6edb-bca7-45ba-b888-29594201f15c", "high_availability_status": "ACTIVE" } ] }, "ipv6_status": [ { "interface_id": "/infra/tier-0s/pepsi/locale-services/1-policyconnectivity-197/interfaces/1-policyconnectivity-350", "dad_statuses": [] }, { "interface_id": "/infra/tier-0s/pepsi/locale-services/1-policyconnectivity-197/interfaces/1-policyconnectivity-270", "dad_statuses": [] }, { "interface_id": "/infra/tier-0s/pepsi/locale-services/1-policyconnectivity-197/interfaces/1-policyconnectivity-185", "dad_statuses": [ { "ip_address": "fe80::50:56ff:fe56:4452", "status": "NOT_APPLICABLE" }, { "ip_address": "fcf8:9c18:67c6::1", "status": "NOT_APPLICABLE" } ] }, { "interface_id": "/infra/tier-0s/pepsi/locale-services/1-policyconnectivity-197/interfaces/1-policyconnectivity-12", "dad_statuses": [ { "ip_address": "fe80::50:56ff:fe56:4452", "status": "NOT_APPLICABLE" }, { "ip_address": "fcf8:9c18:67c6:1::1", "status": "NOT_APPLICABLE" } ] } ] } Required Permissions: read Feature: policy_statistics Additional Errors:

Policy: Networking: Connectivity: Segment Profiles

Policy: Networking: Connectivity: Segment Profiles: Discovery Profile Binding

Associated URIs:

List Infra Port Discovery Profile Binding Maps

API will list all Infra Port Discovery Profile Binding Maps in current port id.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/ports/<infra-port-id>/port-discovery-profile-binding-maps
Request Headers:
n/a
Query Parameters:
PortDiscoveryProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortDiscoveryProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PortDiscoveryProfileBindingMap", "description": "", "id":"pdpbm_1", "display_name": "PortDiscoveryProfileBindingMap", "path": "/infra/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/pdpbm_1", "relative_path": "PortDiscoveryProfileBindingMaps", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_discovery_profile_binding Additional Errors:

Delete Infra Port Discovery Profile Binding Profile

API will delete Infra Port Discovery Profile Binding Profile This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/ports/<infra-port-id>/port-discovery-profile-binding-maps/<port-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/pdpbm_1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_discovery_profile_binding Additional Errors:

Update Infra Port Discovery Profile Binding Map

API will update Infra Port Discovery Profile Binding Map This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/ports/<infra-port-id>/port-discovery-profile-binding-maps/<port-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortDiscoveryProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/pdpbm_1 { "resource_type":" PortDiscoveryProfileBindingMap", "display_name": "PortDiscoveryProfileBindingMap Profile Production", "description":"", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1" "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortDiscoveryProfileBindingMap+

Example Response: { "resource_type": "PortDiscoveryProfileBindingMap", "description": "", "id":"pdpbm_1", "display_name": "PortDiscoveryProfileBindingMap", "path": "/infra/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/pdpbm_1", "relative_path": "PortDiscoveryProfileBindingMaps", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_discovery_profile_binding Additional Errors:

Get Infra Port Discovery Profile Binding Map

API will get Infra Port Discovery Profile Binding Map
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/ports/<infra-port-id>/port-discovery-profile-binding-maps/<port-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/pdpbm_1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortDiscoveryProfileBindingMap+

Example Response: { "resource_type": "PortDiscoveryProfileBindingMap", "description": "", "id":"pdpbm_1", "display_name": "PortDiscoveryProfileBindingMap", "path": "/infra/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/pdpbm_1", "relative_path": "PortDiscoveryProfileBindingMaps", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_discovery_profile_binding Additional Errors:

Create Infra Port Discovery Profile Binding Map

API will create Infra Port Discovery Profile Binding Map This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/ports/<infra-port-id>/port-discovery-profile-binding-maps/<port-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortDiscoveryProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/pdpbm_1 { "resource_type":" PortDiscoveryProfileBindingMap", "display_name": "PortDiscoveryProfileBindingMap Profile Production", "description":"", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_discovery_profile_binding Additional Errors:

List Infra Segment Discovery Profile Binding Maps

API will list all Infra Segment Discovery Profile Binding Maps in current segment id.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/segment-discovery-profile-binding-maps
Request Headers:
n/a
Query Parameters:
SegmentDiscoveryProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/segment-discovery-profile-binding-maps/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentDiscoveryProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "SegmentDiscoveryProfileBindingMap", "description": "", "id":"sdpbm_1", "display_name": "SegmentDiscoveryProfileBindingMap", "path": "/infra/segments/segment_1/segment-discovery-profile-binding-maps/sdpbm_1", "relative_path": "SegmentDiscoveryProfileBindingMaps", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_discovery_profile_binding Additional Errors:

Update Infra Segment Discovery Profile Binding Map

API will update Infra Segment Discovery Profile Binding Map This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/segment-discovery-profile-binding-maps/<segment-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentDiscoveryProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/segment-discovery-profile-binding-maps/sdpbm_1 { "resource_type":" SegmentDiscoveryProfileBindingMap", "display_name": "SegmentDiscoveryProfileBindingMap Profile Production", "description":"", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1", "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentDiscoveryProfileBindingMap+

Example Response: { "resource_type": "SegmentDiscoveryProfileBindingMap", "description": "", "id":"sdpbm_1", "display_name": "SegmentDiscoveryProfileBindingMap", "path": "/infra/segments/segment_1/segment-discovery-profile-binding-maps/sdpbm_1", "relative_path": "SegmentDiscoveryProfileBindingMaps", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_discovery_profile_binding Additional Errors:

Create Infra Segment Discovery Profile Binding Map

API will create Infra Segment Discovery Profile Binding Map This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/segment-discovery-profile-binding-maps/<segment-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentDiscoveryProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/segment-discovery-profile-binding-maps/sdpbm_1 { "resource_type":" SegmentDiscoveryProfileBindingMap", "display_name": "SegmentDiscoveryProfileBindingMap Profile Production", "description":"", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_discovery_profile_binding Additional Errors:

Get Infra Segment Discovery Profile Binding Map

API will get Infra Segment Discovery Profile Binding Map
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/segment-discovery-profile-binding-maps/<segment-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/segment-discovery-profile-binding-maps/sdpbm_1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentDiscoveryProfileBindingMap+

Example Response: { "resource_type": "SegmentDiscoveryProfileBindingMap", "description": "", "id":"sdpbm_1", "display_name": "SegmentDiscoveryProfileBindingMap", "path": "/infra/segments/segment_1/segment-discovery-profile-binding-maps/sdpbm_1", "relative_path": "SegmentDiscoveryProfileBindingMaps", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_discovery_profile_binding Additional Errors:

Delete Segment Discovery Profile Binding Profile

API will delete Segment Discovery Profile Binding Profile This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/segment-discovery-profile-binding-maps/<segment-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/segment-discovery-profile-binding-maps/sdpbm_1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_discovery_profile_binding Additional Errors:

List Port Discovery Profile Binding Maps

API will list all Port Discovery Profile Binding Maps in current port id.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-discovery-profile-binding-maps
Request Headers:
n/a
Query Parameters:
PortDiscoveryProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortDiscoveryProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PortDiscoveryProfileBindingMap", "description": "", "id":"pdpbm_1", "display_name": "PortDiscoveryProfileBindingMap", "path": "/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/pdpbm_1", "relative_path": "PortDiscoveryProfileBindingMaps", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_discovery_profile_binding Additional Errors:

Update Port Discovery Profile Binding Map

API will update Port Discovery Profile Binding Map This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-discovery-profile-binding-maps/<port-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortDiscoveryProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/pdpbm_1 { "resource_type":" PortDiscoveryProfileBindingMap", "display_name": "PortDiscoveryProfileBindingMap Profile Production", "description":"", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1" "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortDiscoveryProfileBindingMap+

Example Response: { "resource_type": "PortDiscoveryProfileBindingMap", "description": "", "id":"pdpbm_1", "display_name": "PortDiscoveryProfileBindingMap", "path": "/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/pdpbm_1", "relative_path": "PortDiscoveryProfileBindingMaps", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_discovery_profile_binding Additional Errors:

Delete Port Discovery Profile Binding Profile

API will delete Port Discovery Profile Binding Profile This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-discovery-profile-binding-maps/<port-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/pdpbm_1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_discovery_profile_binding Additional Errors:

Create Port Discovery Profile Binding Map

API will create Port Discovery Profile Binding Map This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-discovery-profile-binding-maps/<port-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortDiscoveryProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/pdpbm_1 { "resource_type":" PortDiscoveryProfileBindingMap", "display_name": "PortDiscoveryProfileBindingMap Profile Production", "description":"", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_discovery_profile_binding Additional Errors:

Get Port Discovery Profile Binding Map

API will get Port Discovery Profile Binding Map
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-discovery-profile-binding-maps/<port-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/pdpbm_1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortDiscoveryProfileBindingMap+

Example Response: { "resource_type": "PortDiscoveryProfileBindingMap", "description": "", "id":"pdpbm_1", "display_name": "PortDiscoveryProfileBindingMap", "path": "/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-discovery-profile-binding-maps/pdpbm_1", "relative_path": "PortDiscoveryProfileBindingMaps", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_discovery_profile_binding Additional Errors:

List Segment Discovery Profile Binding Maps

API will list all Segment Discovery Profile Binding Maps in current segment id.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-discovery-profile-binding-maps
Request Headers:
n/a
Query Parameters:
SegmentDiscoveryProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/segment-discovery-profile-binding-maps/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentDiscoveryProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "SegmentDiscoveryProfileBindingMap", "description": "", "id":"sdpbm_1", "display_name": "SegmentDiscoveryProfileBindingMap", "path": "/infra/tier-1s/tier-1/segments/segment_1/segment-discovery-profile-binding-maps/sdpbm_1", "relative_path": "SegmentDiscoveryProfileBindingMaps", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_discovery_profile_binding Additional Errors:

Create Segment Discovery Profile Binding Map

API will create Segment Discovery Profile Binding Map This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-discovery-profile-binding-maps/<segment-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentDiscoveryProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/segment-discovery-profile-binding-maps/sdpbm_1 { "resource_type":" SegmentDiscoveryProfileBindingMap", "display_name": "SegmentDiscoveryProfileBindingMap Profile Production", "description":"", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_discovery_profile_binding Additional Errors:

Delete Segment Discovery Profile Binding Profile

API will delete Segment Discovery Profile Binding Profile This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-discovery-profile-binding-maps/<segment-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/segment-discovery-profile-binding-maps/sdpbm_1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_discovery_profile_binding Additional Errors:

Get Segment Discovery Profile Binding Map

API will get Segment Discovery Profile Binding Map
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-discovery-profile-binding-maps/<segment-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/segment-discovery-profile-binding-maps/sdpbm_1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentDiscoveryProfileBindingMap+

Example Response: { "resource_type": "SegmentDiscoveryProfileBindingMap", "description": "", "id":"sdpbm_1", "display_name": "SegmentDiscoveryProfileBindingMap", "path": "/infra/tier-1s/tier-1/segments/segment_1/segment-discovery-profile-binding-maps/sdpbm_1", "relative_path": "SegmentDiscoveryProfileBindingMaps", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_discovery_profile_binding Additional Errors:

Update Segment Discovery Profile Binding Map

API will update Segment Discovery Profile Binding Map This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-discovery-profile-binding-maps/<segment-discovery-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentDiscoveryProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/segment-discovery-profile-binding-maps/sdpbm_1 { "resource_type":" SegmentDiscoveryProfileBindingMap", "display_name": "SegmentDiscoveryProfileBindingMap Profile Production", "description":"", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1", "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentDiscoveryProfileBindingMap+

Example Response: { "resource_type": "SegmentDiscoveryProfileBindingMap", "description": "", "id":"sdpbm_1", "display_name": "SegmentDiscoveryProfileBindingMap", "path": "/infra/tier-1s/tier-1/segments/segment_1/segment-discovery-profile-binding-maps/sdpbm_1", "relative_path": "SegmentDiscoveryProfileBindingMaps", "mac_discovery_profile_path":"/infra/mac-discovery-profiles/macdp_1", "ip_discovery_profile_path":"/infra/ip-discovery-profiles/ipdp_1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_discovery_profile_binding Additional Errors:

Policy: Networking: Connectivity: Segment Profiles: IP Discovery Profiles

Associated URIs:

List IP Discovery Profiles

API will list all IP Discovery Profiles active in current discovery profile id.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ip-discovery-profiles
Request Headers:
n/a
Query Parameters:
IPDiscoveryProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ip-discovery-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPDiscoveryProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "IPDiscoveryProfile", "display_name": "IPDiscoveryProfile", "description": "", "path": "/infra/ip-discovery-profiles/ipdp1", "relative_path": "ipdp1", "ip_v4_discovery_options": { "arp_snooping_config": { "arp_snooping_enabled": false, "arp_binding_limit": 1 }, "dhcp_snooping_enabled": false, "vmtools_enabled": true }, "ip_v6_discovery_options": { "nd_snooping_config": { "nd_snooping_enabled": true, "nd_snooping_limit": 2 }, "dhcp_snooping_v6_enabled": true, "vmtools_v6_enabled": true }, "tofu_enabled": true, "arp_nd_binding_timeout": 10, "duplicate_ip_detection": { "duplicate_ip_detection_enabled": false }, "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_ipdiscovery Additional Errors:

Delete IP Discovery Profile

API will delete IP Discovery profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/ip-discovery-profiles/<ip-discovery-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/ip-discovery-profiles/ipdp1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipdiscovery Additional Errors:

Get IP Discovery Profile

API will get IP Discovery profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ip-discovery-profiles/<ip-discovery-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/ip-discovery-profiles/ipdp1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPDiscoveryProfile+

Example Response: { "resource_type": "IPDiscoveryProfile", "display_name": "IPDiscoveryProfile", "description": "", "path": "/infra/ip-discovery-profiles/ipdp1", "relative_path": "ipdp1", "ip_v4_discovery_options": { "arp_snooping_config": { "arp_snooping_enabled": false, "arp_binding_limit": 1 }, "dhcp_snooping_enabled": false, "vmtools_enabled": true }, "ip_v6_discovery_options": { "nd_snooping_config": { "nd_snooping_enabled": true, "nd_snooping_limit": 2 }, "dhcp_snooping_v6_enabled": true, "vmtools_v6_enabled": true }, "tofu_enabled": true, "arp_nd_binding_timeout": 10, "duplicate_ip_detection": { "duplicate_ip_detection_enabled": false }, "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_ipdiscovery Additional Errors:

Update IP Discovery Profile

API will update IP Discovery profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/ip-discovery-profiles/<ip-discovery-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPDiscoveryProfile+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/ip-discovery-profiles/ipdp1 { "resource_type": "IPDiscoveryProfile", "display_name": "IPDiscoveryProfile", "description": "", "ip_v4_discovery_options": { "arp_snooping_config": { "arp_snooping_enabled": false, "arp_binding_limit": 1 }, "dhcp_snooping_enabled": false, "vmtools_enabled": true }, "ip_v6_discovery_options": { "nd_snooping_config": { "nd_snooping_enabled": true, "nd_snooping_limit": 2 }, "dhcp_snooping_v6_enabled": true, "vmtools_v6_enabled": true }, "tofu_enabled": true, "arp_nd_binding_timeout": 10, "duplicate_ip_detection": { "duplicate_ip_detection_enabled": false } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPDiscoveryProfile+

Example Response: { "resource_type": "IPDiscoveryProfile", "display_name": "IPDiscoveryProfile", "description": "", "path": "/infra/ip-discovery-profiles/ipdp1", "relative_path": "ipdp1", "ip_v4_discovery_options": { "arp_snooping_config": { "arp_snooping_enabled": false, "arp_binding_limit": 1 }, "dhcp_snooping_enabled": false, "vmtools_enabled": true }, "ip_v6_discovery_options": { "nd_snooping_config": { "nd_snooping_enabled": true, "nd_snooping_limit": 2 }, "dhcp_snooping_v6_enabled": true, "vmtools_v6_enabled": true }, "tofu_enabled": true, "arp_nd_binding_timeout": 10, "duplicate_ip_detection": { "duplicate_ip_detection_enabled": false }, "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 0 } Required Permissions: crud Feature: policy_ipdiscovery Additional Errors:

Create IP Discovery Profile

API will create IP Discovery profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/ip-discovery-profiles/<ip-discovery-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPDiscoveryProfile+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/ip-discovery-profiles/ipdp1 { "resource_type": "IPDiscoveryProfile", "display_name": "IPDiscoveryProfile", "description": "", "ip_v4_discovery_options": { "arp_snooping_config": { "arp_snooping_enabled": false, "arp_binding_limit": 1 }, "dhcp_snooping_enabled": false, "vmtools_enabled": true }, "ip_v6_discovery_options": { "nd_snooping_config": { "nd_snooping_enabled": true, "nd_snooping_limit": 2 }, "dhcp_snooping_v6_enabled": true, "vmtools_v6_enabled": true }, "tofu_enabled": true, "arp_nd_binding_timeout": 10, "duplicate_ip_detection": { "duplicate_ip_detection_enabled": false } } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipdiscovery Additional Errors:

Policy: Networking: Connectivity: Segment Profiles: MAC Discovery Profiles

Associated URIs:

List Mac Discovery Profiles

API will list all Mac Discovery Profiles active in current discovery profile id.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/mac-discovery-profiles
Request Headers:
n/a
Query Parameters:
MacDiscoveryProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/mac-discovery-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MacDiscoveryProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type":"MacDiscoveryProfile", "display_name": "MacDiscoveryProfile", "description": "", "path": "/infra/mac-discovery-profiles/mdp1", "relative_path": "mdp1", "mac_change_enabled": true, "mac_learning_enabled": true, "unknown_unicast_flooding_enabled": false, "mac_limit_policy": "ALLOW", "mac_limit": 1, "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_macdiscovery Additional Errors:

Get Mac Discovery Profile

API will get Mac Discovery profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/mac-discovery-profiles/<mac-discovery-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/mac-discovery-profiles/mdp1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MacDiscoveryProfile+

Example Response: { "resource_type":"MacDiscoveryProfile", "display_name": "MacDiscoveryProfile", "description": "", "path": "/infra/mac-discovery-profiles/mdp1", "relative_path": "mdp1", "mac_change_enabled": true, "mac_learning_enabled": true, "unknown_unicast_flooding_enabled": false, "mac_limit_policy": "ALLOW", "mac_limit": 1, "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_macdiscovery Additional Errors:

Update Mac Discovery Profile

API will update Mac Discovery profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/mac-discovery-profiles/<mac-discovery-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MacDiscoveryProfile+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/mac-discovery-profiles/mdp1 { "resource_type":"MacDiscoveryProfile", "display_name": "MacDiscoveryProfile", "description": "", "mac_change_enabled": true, "mac_learning_enabled": true, "unknown_unicast_flooding_enabled": false, "mac_limit_policy": "ALLOW", "mac_limit": 1, "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
MacDiscoveryProfile+

Example Response: { "resource_type":"MacDiscoveryProfile", "display_name": "MacDiscoveryProfile", "description": "", "path": "/infra/mac-discovery-profiles/mdp1", "relative_path": "mdp1", "mac_change_enabled": true, "mac_learning_enabled": true, "unknown_unicast_flooding_enabled": false, "mac_limit_policy": "ALLOW", "mac_limit": 1, "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_macdiscovery Additional Errors:

Delete Mac Discovery Profile

API will delete Mac Discovery profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/mac-discovery-profiles/<mac-discovery-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/mac-discovery-profiles/mdp1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_macdiscovery Additional Errors:

Create Mac Discovery Profile

API will create Mac Discovery profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/mac-discovery-profiles/<mac-discovery-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
MacDiscoveryProfile+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/mac-discovery-profiles/mdp1 { "resource_type":"MacDiscoveryProfile", "display_name": "MacDiscoveryProfile", "description": "", "mac_change_enabled": true, "mac_learning_enabled": true, "unknown_unicast_flooding_enabled": false, "mac_limit_policy": "ALLOW", "mac_limit": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_macdiscovery Additional Errors:

Policy: Networking: Connectivity: Segment Profiles: Monitoring Profile Binding

Associated URIs:

List Infra Port Monitoring Profile Binding Maps

API will list all Infra Port Monitoring Profile Binding Maps in current port id.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/ports/<infra-port-id>/port-monitoring-profile-binding-maps
Request Headers:
n/a
Query Parameters:
PortMonitoringProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortMonitoringProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PortMonitoringProfileBindingMap", "description": "", "name":"1", "id":"1", "display_name": "PortMonitoringProfileBindingMap", "path": "/infra/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps/1", "relative_path": "PortMonitoringProfileBindingMaps", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_monitoring_profile_binding Additional Errors:

Update Infra Port Monitoring Profile Binding Map

API will update Infra Port Monitoring Profile Binding Map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/ports/<infra-port-id>/port-monitoring-profile-binding-maps/<port-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortMonitoringProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps/1 { "resource_type":" PortMonitoringProfileBindingMap", "display_name": "PortMonitoringProfileBindingMap Profile Production", "name":"1", "description":"", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1" "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortMonitoringProfileBindingMap+

Example Response: { "resource_type": "PortMonitoringProfileBindingMap", "description": "", "name":"1", "id":"1", "display_name": "PortMonitoringProfileBindingMap", "path": "/infra/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps/1", "relative_path": "PortMonitoringProfileBindingMaps", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_monitoring_profile_binding Additional Errors:

Create Infra Port Monitoring Profile Binding Map

API will create Infra Port Monitoring Profile Binding Map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/ports/<infra-port-id>/port-monitoring-profile-binding-maps/<port-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortMonitoringProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps/1 { "resource_type":" PortMonitoringProfileBindingMap", "display_name": "PortMonitoringProfileBindingMap Profile Production", "name":"1", "description":"", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_monitoring_profile_binding Additional Errors:

Get Infra Port Monitoring Profile Binding Map

API will get Infra Port Monitoring Profile Binding Map.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/ports/<infra-port-id>/port-monitoring-profile-binding-maps/<port-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortMonitoringProfileBindingMap+

Example Response: { "resource_type": "PortMonitoringProfileBindingMap", "description": "", "name":"1", "id":"1", "display_name": "PortMonitoringProfileBindingMap", "path": "/infra/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps/1", "relative_path": "PortMonitoringProfileBindingMaps", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_monitoring_profile_binding Additional Errors:

Delete Infra Port Monitoring Profile Binding Profile

API will delete Infra Port Monitoring Profile Binding Profile. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/ports/<infra-port-id>/port-monitoring-profile-binding-maps/<port-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_monitoring_profile_binding Additional Errors:

List Infra Segment Monitoring Profile Binding Maps

API will list all Infra Segment Monitoring Profile Binding Maps in current segment id.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/segment-monitoring-profile-binding-maps
Request Headers:
n/a
Query Parameters:
SegmentMonitoringProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/segment-monitoring-profile-binding-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentMonitoringProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "SegmentMonitoringProfileBindingMap", "description": "", "name":"1", "id":"1", "display_name": "SegmentMonitoringProfileBindingMap", "path": "/infra/segments/segment_1/segment-monitoring-profile-binding-maps/1", "relative_path": "SegmentMonitoringProfileBindingMaps", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_monitoring_profile_binding Additional Errors:

Get Infra Segment Monitoring Profile Binding Map

API will get Infra Segment Monitoring Profile Binding Map.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/segment-monitoring-profile-binding-maps/<segment-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/segment-monitoring-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentMonitoringProfileBindingMap+

Example Response: { "resource_type": "SegmentMonitoringProfileBindingMap", "description": "", "name":"1", "id":"1", "display_name": "SegmentMonitoringProfileBindingMap", "path": "/infra/segments/segment_1/segment-monitoring-profile-binding-maps/1", "relative_path": "SegmentMonitoringProfileBindingMaps", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_monitoring_profile_binding Additional Errors:

Delete Infra Segment Monitoring Profile Binding Profile

API will delete Infra Segment Monitoring Profile Binding Profile. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/segment-monitoring-profile-binding-maps/<segment-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/segment-monitoring-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_monitoring_profile_binding Additional Errors:

Update Infra Segment Monitoring Profile Binding Map

API will update Infra Segment Monitoring Profile Binding Map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/segment-monitoring-profile-binding-maps/<segment-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentMonitoringProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/segment-monitoring-profile-binding-maps/1 { "resource_type":" SegmentMonitoringProfileBindingMap", "display_name": "SegmentMonitoringProfileBindingMap Profile Production", "name":"1", "description":"", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentMonitoringProfileBindingMap+

Example Response: { "resource_type": "SegmentMonitoringProfileBindingMap", "description": "", "name":"1", "id":"1", "display_name": "SegmentMonitoringProfileBindingMap", "path": "/infra/segments/segment_1/segment-monitoring-profile-binding-maps/1", "relative_path": "SegmentMonitoringProfileBindingMaps", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_monitoring_profile_binding Additional Errors:

Create Infra Segment Monitoring Profile Binding Map

API will create infra segment monitoring profile binding map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/segments/<infra-segment-id>/segment-monitoring-profile-binding-maps/<segment-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentMonitoringProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/segment-monitoring-profile-binding-maps/1 { "resource_type":" SegmentMonitoringProfileBindingMap", "display_name": "SegmentMonitoringProfileBindingMap Profile Production", "name":"1", "description":"", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_monitoring_profile_binding Additional Errors:

List Port Monitoring Profile Binding Maps

API will list all Port Monitoring Profile Binding Maps in current port id.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-monitoring-profile-binding-maps
Request Headers:
n/a
Query Parameters:
PortMonitoringProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortMonitoringProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PortMonitoringProfileBindingMap", "description": "", "name":"1", "id":"1", "display_name": "PortMonitoringProfileBindingMap", "path": "/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps/1", "relative_path": "PortMonitoringProfileBindingMaps", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_monitoring_profile_binding Additional Errors:

Update Port Monitoring Profile Binding Map

API will update Port Monitoring Profile Binding Map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-monitoring-profile-binding-maps/<port-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortMonitoringProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps/1 { "resource_type":" PortMonitoringProfileBindingMap", "display_name": "PortMonitoringProfileBindingMap Profile Production", "name":"1", "description":"", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1" "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortMonitoringProfileBindingMap+

Example Response: { "resource_type": "PortMonitoringProfileBindingMap", "description": "", "name":"1", "id":"1", "display_name": "PortMonitoringProfileBindingMap", "path": "/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps/1", "relative_path": "PortMonitoringProfileBindingMaps", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_monitoring_profile_binding Additional Errors:

Delete Port Monitoring Profile Binding Profile

API will delete Port Monitoring Profile Binding Profile. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-monitoring-profile-binding-maps/<port-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_monitoring_profile_binding Additional Errors:

Get Port Monitoring Profile Binding Map

API will get Port Monitoring Profile Binding Map.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-monitoring-profile-binding-maps/<port-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortMonitoringProfileBindingMap+

Example Response: { "resource_type": "PortMonitoringProfileBindingMap", "description": "", "name":"1", "id":"1", "display_name": "PortMonitoringProfileBindingMap", "path": "/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps/1", "relative_path": "PortMonitoringProfileBindingMaps", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_monitoring_profile_binding Additional Errors:

Create Port Monitoring Profile Binding Map

API will create Port Monitoring Profile Binding Map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-monitoring-profile-binding-maps/<port-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortMonitoringProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-monitoring-profile-binding-maps/1 { "resource_type":" PortMonitoringProfileBindingMap", "display_name": "PortMonitoringProfileBindingMap Profile Production", "name":"1", "description":"", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_monitoring_profile_binding Additional Errors:

List Segment Monitoring Profile Binding Maps

API will list all Segment Monitoring Profile Binding Maps in current segment id.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-monitoring-profile-binding-maps
Request Headers:
n/a
Query Parameters:
SegmentMonitoringProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/segment-monitoring-profile-binding-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentMonitoringProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "SegmentMonitoringProfileBindingMap", "description": "", "name":"1", "id":"1", "display_name": "SegmentMonitoringProfileBindingMap", "path": "/infra/tier-1s/tier-1/segments/segment_1/segment-monitoring-profile-binding-maps/1", "relative_path": "SegmentMonitoringProfileBindingMaps", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_monitoring_profile_binding Additional Errors:

Create Segment Monitoring Profile Binding Map

API will create segment monitoring profile binding map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-monitoring-profile-binding-maps/<segment-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentMonitoringProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/segment-monitoring-profile-binding-maps/1 { "resource_type":" SegmentMonitoringProfileBindingMap", "display_name": "SegmentMonitoringProfileBindingMap Profile Production", "name":"1", "description":"", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_monitoring_profile_binding Additional Errors:

Update Segment Monitoring Profile Binding Map

API will update Segment Monitoring Profile Binding Map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-monitoring-profile-binding-maps/<segment-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentMonitoringProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/segment-monitoring-profile-binding-maps/1 { "resource_type":" SegmentMonitoringProfileBindingMap", "display_name": "SegmentMonitoringProfileBindingMap Profile Production", "name":"1", "description":"", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentMonitoringProfileBindingMap+

Example Response: { "resource_type": "SegmentMonitoringProfileBindingMap", "description": "", "name":"1", "id":"1", "display_name": "SegmentMonitoringProfileBindingMap", "path": "/infra/tier-1s/tier-1/segments/segment_1/segment-monitoring-profile-binding-maps/1", "relative_path": "SegmentMonitoringProfileBindingMaps", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_monitoring_profile_binding Additional Errors:

Delete Segment Monitoring Profile Binding Profile

API will delete Segment Monitoring Profile Binding Profile. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-monitoring-profile-binding-maps/<segment-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/segment-monitoring-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_monitoring_profile_binding Additional Errors:

Get Segment Monitoring Profile Binding Map

API will get Segment Monitoring Profile Binding Map.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-monitoring-profile-binding-maps/<segment-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/segment-monitoring-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentMonitoringProfileBindingMap+

Example Response: { "resource_type": "SegmentMonitoringProfileBindingMap", "description": "", "name":"1", "id":"1", "display_name": "SegmentMonitoringProfileBindingMap", "path": "/infra/tier-1s/tier-1/segments/segment_1/segment-monitoring-profile-binding-maps/1", "relative_path": "SegmentMonitoringProfileBindingMaps", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_monitoring_profile_binding Additional Errors:

Policy: Networking: Connectivity: Segment Profiles: QOS

Associated URIs:

List QoS Profiles

API will list all QoS profiles.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/qos-profiles
Request Headers:
n/a
Query Parameters:
QoSProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/qos-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
QoSProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "QoSProfile", "id": "profile_2", "display_name": "/infra/qos-profiles", "path": "/infra/qos-profiles", "parent_path": "/infra", "relative_path": "profile_2", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353633527, "_system_owned": false, "_protection": "NOT_PROTECTED", "dscp": { "mode": "TRUSTED", "priority": 0 }, "shaper_configurations": [ { "resource_type": "IngressRateLimiter", "enabled": false, "average_bandwidth": 0, "peak_bandwidth": 0, "burst_size": 0 }, { "resource_type": "IngressBroadcastRateLimiter", "enabled": false, "burst_size": 0, "peak_bandwidth": 0, "average_bandwidth": 0 }, { "resource_type": "EgressRateLimiter", "enabled": false, "average_bandwidth": 0, "peak_bandwidth": 0, "burst_size": 0 } ], "class_of_service": 2, "_revision": 1 } ] } Required Permissions: read Feature: policy_qos Additional Errors:

Patch QoS profile.

Create a new QoS profile if the QoS profile with
given id does not already exist. If the QoS profile with the
given id already exists, patch with the existing QoS profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/qos-profiles/<qos-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
QoSProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/qos-profiles/profile_1 { "dscp": { "mode": "TRUSTED", "priority": 0 }, "shaper_configurations": [ { "resource_type": "IngressRateLimiter", "enabled": false, "average_bandwidth": 0, "peak_bandwidth": 0, "burst_size": 0 }, { "resource_type": "IngressBroadcastRateLimiter", "enabled": false, "burst_size": 0, "peak_bandwidth": 0, "average_bandwidth": 0 }, { "resource_type": "EgressRateLimiter", "enabled": false, "average_bandwidth": 0, "peak_bandwidth": 0, "burst_size": 0 } ], "class_of_service": 2 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_qos Additional Errors:

Details of QoS profile

API will return details of QoS profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/qos-profiles/<qos-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/qos-profiles/profile_2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
QoSProfile+

Example Response: { "resource_type": "QoSProfile", "id": "profile_2", "display_name": "/infra/qos-profiles/profile_2", "path": "/infra/qos-profiles/profile_2", "parent_path": "/infra/domains/d1/groups/group_vm", "relative_path": "profile_2", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_protection": "NOT_PROTECTED", "dscp": { "mode": "TRUSTED", "priority": 0 }, "shaper_configurations": [ { "resource_type": "IngressRateLimiter", "enabled": false, "average_bandwidth": 0, "peak_bandwidth": 0, "burst_size": 0 }, { "resource_type": "IngressBroadcastRateLimiter", "enabled": false, "burst_size": 0, "peak_bandwidth": 0, "average_bandwidth": 0 }, { "resource_type": "EgressRateLimiter", "enabled": false, "average_bandwidth": 0, "peak_bandwidth": 0, "burst_size": 0 } ], "class_of_service": 2, "_revision": 1 } Required Permissions: read Feature: policy_qos Additional Errors:

Create or Replace QoS profile.

Create or Replace QoS profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/qos-profiles/<qos-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
QoSProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/qos-profiles/profile_2 { "dscp": { "mode": "TRUSTED", "priority": 0 }, "shaper_configurations": [ { "resource_type": "IngressRateLimiter", "enabled": false, "average_bandwidth": 0, "peak_bandwidth": 0, "burst_size": 0 }, { "resource_type": "IngressBroadcastRateLimiter", "enabled": false, "burst_size": 0, "peak_bandwidth": 0, "average_bandwidth": 0 }, { "resource_type": "EgressRateLimiter", "enabled": false, "average_bandwidth": 0, "peak_bandwidth": 0, "burst_size": 0 } ], "class_of_service": 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
QoSProfile+

Example Response: { "resource_type": "QoSProfile", "id": "profile_2", "display_name": "profile_2", "path": "/infra/qos-profiles/profile_2", "parent_path": "/infra", "relative_path": "profile_2", "dscp": { "mode": "TRUSTED", "priority": 0 }, "shaper_configurations": [ { "resource_type": "IngressRateLimiter", "enabled": false, "average_bandwidth": 0, "peak_bandwidth": 0, "burst_size": 0 }, { "resource_type": "IngressBroadcastRateLimiter", "enabled": false, "burst_size": 0, "peak_bandwidth": 0, "average_bandwidth": 0 }, { "resource_type": "EgressRateLimiter", "enabled": false, "average_bandwidth": 0, "peak_bandwidth": 0, "burst_size": 0 } ], "class_of_service": 2 "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: crud Feature: policy_qos Additional Errors:

Delete QoS profile

API will delete QoS profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/qos-profiles/<qos-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/qos-profiles/profile_1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_qos Additional Errors:

Policy: Networking: Connectivity: Segment Profiles: QOS Profile Binding

Associated URIs:

List Port QoS Profile Binding Maps

API will list all Port QoS Profile Binding Maps in current port id.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<segment-id>/ports/<port-id>/port-qos-profile-binding-maps
Request Headers:
n/a
Query Parameters:
PortQoSProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-qos-profile-binding-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortQoSProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PortQoSProfileBindingMap", "display_name": "1", "id": "1", "path": "/infra/segments/segment_1/ports/port_1/port-qos-profile-binding-maps/1", "relative_path": "1", "qos_profile_path": "/infra/qos_profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_qos_profile_binding Additional Errors:

Get Port QoS Profile Binding Map

API will get Port QoS Profile Binding Map.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<segment-id>/ports/<port-id>/port-qos-profile-binding-maps/<port-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-qos-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortQoSProfileBindingMap+

Example Response: { "resource_type": "PortQoSProfileBindingMap", "description": "", "display_name":"1", "id":"1", "path": "/infra/segments/segment_1/ports/port_1/port-qos-profile-binding-maps/1", "relative_path": "1", "qos_profile_path":"/infra/qos_profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_qos_profile_binding Additional Errors:

Create Port QoS Profile Binding Map

API will create Port QoS Profile Binding Map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/segments/<segment-id>/ports/<port-id>/port-qos-profile-binding-maps/<port-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortQoSProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-qos-profile-binding-maps/1 { "resource_type":" PortQoSProfileBindingMap", "display_name":"1", "qos_profile_path":"/infra/qos_profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_qos_profile_binding Additional Errors:

Delete Port QoS Profile Binding Profile

API will delete Port QoS Profile Binding Profile. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/segments/<segment-id>/ports/<port-id>/port-qos-profile-binding-maps/<port-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-qos-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_qos_profile_binding Additional Errors:

Update Port QoS Profile Binding Map

API will update Port QoS Profile Binding Map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/segments/<segment-id>/ports/<port-id>/port-qos-profile-binding-maps/<port-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortQoSProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-qos-profile-binding-maps/1 { "resource_type":" PortQoSProfileBindingMap", "display_name":"1", "qos_profile_path":"/infra/qos_profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortQoSProfileBindingMap+

Example Response: { "resource_type": "PortQoSProfileBindingMap", "description": "", "display_name":"1", "id":"1", "path": "/infra/segments/segment_1/ports/port_1/port-qos-profile-binding-maps/1", "relative_path": "1", "qos_profile_path":"/infra/qos_profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_qos_profile_binding Additional Errors:

List Segment QoS Profile Binding Maps

API will list all Segment QoS Profile Binding Maps in current segment id.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<segment-id>/segment-qos-profile-binding-maps
Request Headers:
n/a
Query Parameters:
SegmentQoSProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/segment-qos-profile-binding-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentQoSProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "SegmentQoSProfileBindingMap", "display_name":"1", "id":"1", "path": "/infra/segments/segment_1/segment-qos-profile-binding-maps/1", "relative_path": "1", "qos_profile_path":"/infra/qos_profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_qos_profile_binding Additional Errors:

Create Segment QoS Profile Binding Map

API will create segment QoS profile binding map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/segments/<segment-id>/segment-qos-profile-binding-maps/<segment-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentQoSProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/segment-qos-profile-binding-maps/1 { "resource_type":" SegmentQoSProfileBindingMap", "display_name":"1", "qos_profile_path":"/infra/qos_profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_qos_profile_binding Additional Errors:

Get Segment QoS Profile Binding Map

API will get Segment QoS Profile Binding Map.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<segment-id>/segment-qos-profile-binding-maps/<segment-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/segment-qos-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentQoSProfileBindingMap+

Example Response: { "resource_type": "SegmentQoSProfileBindingMap", "description": "", "display_name":"1", "id":"1", "path": "/infra/segments/segment_1/segment-qos-profile-binding-maps/1", "relative_path": "SegmentQoSProfileBindingMaps", "qos_profile_path":"/infra/qos_profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_qos_profile_binding Additional Errors:

Delete Segment QoS Profile Binding Profile

API will delete Segment QoS Profile Binding Profile. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/segments/<segment-id>/segment-qos-profile-binding-maps/<segment-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/segment-qos-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_qos_profile_binding Additional Errors:

Update Segment QoS Profile Binding Map

API will update Segment QoS Profile Binding Map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/segments/<segment-id>/segment-qos-profile-binding-maps/<segment-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentQoSProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/segments/segment_1/segment-qos-profile-binding-maps/1 { "resource_type":" SegmentQoSProfileBindingMap", "display_name":"1", "description":"", "qos_profile_path":"/infra/qos_profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentQoSProfileBindingMap+

Example Response: { "resource_type": "SegmentQoSProfileBindingMap", "description": "", "display_name":"1", "id":"1", "path": "/infra/segments/segment_1/segment-qos-profile-binding-maps/1", "relative_path": "1", "qos_profile_path":"/infra/qos_profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_qos_profile_binding Additional Errors:

List Port QoS Profile Binding Maps

API will list all Port QoS Profile Binding Maps in current port id.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-qos-profile-binding-maps
Request Headers:
n/a
Query Parameters:
PortQoSProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-qos-profile-binding-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortQoSProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PortQoSProfileBindingMap", "description": "", "display_name":"1", "id":"1", "path": "/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-qos-profile-binding-maps/1", "relative_path": "PortQoSProfileBindingMaps", "qos_profile_path":"/infra/qos_profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_qos_profile_binding Additional Errors:

Update Port QoS Profile Binding Map

API will update Port QoS Profile Binding Map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-qos-profile-binding-maps/<port-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortQoSProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-qos-profile-binding-maps/1 { "resource_type":" PortQoSProfileBindingMap", "display_name":"1", "description":"", "qos_profile_path":"/infra/qos_profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortQoSProfileBindingMap+

Example Response: { "resource_type": "PortQoSProfileBindingMap", "description": "", "display_name":"1", "id":"1", "path": "/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-qos-profile-binding-maps/1", "relative_path": "1", "qos_profile_path":"/infra/qos_profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_qos_profile_binding Additional Errors:

Delete Port QoS Profile Binding Profile

API will delete Port QoS Profile Binding Profile. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-qos-profile-binding-maps/<port-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-qos-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_qos_profile_binding Additional Errors:

Create Port QoS Profile Binding Map

API will create Port QoS Profile Binding Map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-qos-profile-binding-maps/<port-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortQoSProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-qos-profile-binding-maps/1 { "resource_type":" PortQoSProfileBindingMap", "display_name":"1", "qos_profile_path":"/infra/qos_profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_qos_profile_binding Additional Errors:

Get Port QoS Profile Binding Map

API will get Port QoS Profile Binding Map.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-qos-profile-binding-maps/<port-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-qos-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortQoSProfileBindingMap+

Example Response: { "resource_type": "PortQoSProfileBindingMap", "description": "", "display_name":"1", "id":"1", "path": "/infra/tier-1s/tier-1/segments/segment_1/ports/port_1/port-qos-profile-binding-maps/1", "relative_path": "1", "qos_profile_path":"/infra/qos_profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_qos_profile_binding Additional Errors:

List Segment QoS Profile Binding Maps

API will list all Segment QoS Profile Binding Maps in current segment id.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-qos-profile-binding-maps
Request Headers:
n/a
Query Parameters:
SegmentQoSProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/segment-qos-profile-binding-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentQoSProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "SegmentQoSProfileBindingMap", "description": "", "display_name":"1", "id":"1", "path": "/infra/tier-1s/tier-1/segments/segment_1/segment-qos-profile-binding-maps/1", "relative_path": "1", "qos_profile_path":"/infra/qos_profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_qos_profile_binding Additional Errors:

Create Segment QoS Profile Binding Map

API will create segment QoS profile binding map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-qos-profile-binding-maps/<segment-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentQoSProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/segment-qos-profile-binding-maps/1 { "resource_type":" SegmentQoSProfileBindingMap", "display_name":"1", "qos_profile_path":"/infra/qos_profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_qos_profile_binding Additional Errors:

Update Segment QoS Profile Binding Map

API will update Segment QoS Profile Binding Map. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-qos-profile-binding-maps/<segment-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentQoSProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/segment-qos-profile-binding-maps/1 { "resource_type":" SegmentQoSProfileBindingMap", "display_name":"1", "description":"", "qos_profile_path":"/infra/qos_profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentQoSProfileBindingMap+

Example Response: { "resource_type": "SegmentQoSProfileBindingMap", "description": "", "display_name":"1", "id":"1", "path": "/infra/tier-1s/tier-1/segments/segment_1/segment-qos-profile-binding-maps/1", "relative_path": "1", "qos_profile_path":"/infra/qos_profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 0 } Required Permissions: crud Feature: policy_qos_profile_binding Additional Errors:

Get Segment QoS Profile Binding Map

API will get Segment QoS Profile Binding Map.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-qos-profile-binding-maps/<segment-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/segment-qos-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentQoSProfileBindingMap+

Example Response: { "resource_type": "SegmentQoSProfileBindingMap", "description": "", "display_name":"1", "id":"1", "path": "/infra/tier-1s/tier-1/segments/segment_1/segment-qos-profile-binding-maps/1", "relative_path": "1", "qos_profile_path":"/infra/qos_profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_qos_profile_binding Additional Errors:

Delete Segment QoS Profile Binding Profile

API will delete Segment QoS Profile Binding Profile. This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-qos-profile-binding-maps/<segment-qos-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/tier-1s/tier-1/segments/segment_1/segment-qos-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_qos_profile_binding Additional Errors:

Policy: Networking: Connectivity: Segment Profiles: Security Profile Binding

Associated URIs:

List infra segment port security profile binding maps

API will list all port security profile binding maps.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<segment-id>/ports/<port-id>/port-security-profile-binding-maps
Request Headers:
n/a
Query Parameters:
PortSecurityProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-security-profile-binding-maps/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortSecurityProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PortSecurityProfileBindingMap", "id": "port-security-profile-binding-map_1", "display_name": "port-security-profile-binding-map_1", "path": "/infra/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port-security-profile-binding-map_1", "parent_path": "/infra/segments/segment_1/ports/port_1", "relative_path": "port-security-profile-binding-map_1", "marked_for_delete": false, "segment_security_profile_path": "/infra/segment-security-profiles/segmentsecurityprofile_1", "spoofguard_profile_path": "", "_create_user": "admin", "_create_time": 1539130261922, "_last_modified_user": "admin", "_last_modified_time": 1539130308980, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: policy_security_profile_binding Additional Errors:

Delete the infra segment port security profile binding map

API will delete the port security profile binding map.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/segments/<segment-id>/ports/<port-id>/port-security-profile-binding-maps/<port-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port_security_binding_map_1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_security_profile_binding Additional Errors:

Get infra segment port security profile binding map

API will return details of the port security profile binding map. If the
security profile binding map does not exist, it will return 404.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<segment-id>/ports/<port-id>/port-security-profile-binding-maps/<port-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port_security_binding_map_1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortSecurityProfileBindingMap+

Example Response: { "resource_type": "PortSecurityProfileBindingMap", "id": "port-security-profile-binding-map_1", "display_name": "port-security-profile-binding-map_1", "path": "/infra/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port-security-profile-binding-map_1", "parent_path": "/infra/segments/segment_1/ports/port_1", "relative_path": "port-security-profile-binding-map_1", "marked_for_delete": false, "segment_security_profile_path": "/infra/segment-security-profiles/segmentsecurityprofile_1", "spoofguard_profile_path": "/infra/spoofguard-profiles/spoofguardprofile_1", "_create_user": "admin", "_create_time": 1539130261922, "_last_modified_user": "admin", "_last_modified_time": 1539130261922, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_security_profile_binding Additional Errors:

Create or replace the infra segment port security profile binding map

API will create or replace the port security profile binding map.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/segments/<segment-id>/ports/<port-id>/port-security-profile-binding-maps/<port-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortSecurityProfileBindingMap+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port_security_binding_map_1 { "resource_type": "PortSecurityProfileBindingMap", "id": "port-security-profile-binding-map_1", "display_name": "port-security-profile-binding-map_1", "path": "/infra/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port-security-profile-binding-map_1", "parent_path": "/infra/segments/segment_1/ports/port_1", "relative_path": "port-security-profile-binding-map_1", "marked_for_delete": false, "segment_security_profile_path": "/infra/segment-security-profiles/segmentsecurityprofile_1", "spoofguard_profile_path": "", "_create_user": "admin", "_create_time": 1539130261922, "_last_modified_user": "admin", "_last_modified_time": 1539130261922, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortSecurityProfileBindingMap+

Example Response: { "resource_type": "PortSecurityProfileBindingMap", "id": "port-security-profile-binding-map_1", "display_name": "port-security-profile-binding-map_1", "path": "/infra/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port-security-profile-binding-map_1", "parent_path": "/infra/segments/segment_1/ports/port_1", "relative_path": "port-security-profile-binding-map_1", "marked_for_delete": false, "segment_security_profile_path": "/infra/segment-security-profiles/segmentsecurityprofile_1", "spoofguard_profile_path": "", "_create_user": "admin", "_create_time": 1539130261922, "_last_modified_user": "admin", "_last_modified_time": 1539130308980, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_security_profile_binding Additional Errors:

Patch infra segment port security profile binding map

Create a new port security profile binding map if the given security profile
binding map does not exist. Otherwise, patch the existing port security
profile binding map.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/segments/<segment-id>/ports/<port-id>/port-security-profile-binding-maps/<port-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortSecurityProfileBindingMap+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port_security_binding_map_1 { "spoofguard_profile_path": "/infra/spoofguard-profiles/spoofguard_1", "segment_security_profile_path": "/infra/segment-security-profiles/segment_security_1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_security_profile_binding Additional Errors:

List infra segment security profile binding maps

API will list all segment security profile binding maps.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<segment-id>/segment-security-profile-binding-maps
Request Headers:
n/a
Query Parameters:
SegmentSecurityProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/segment-security-profile-binding-maps/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentSecurityProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "SegmentSecurityProfileBindingMap", "id": "segment_security_binding_map_1", "display_name": "segment_security_binding_map_1", "path": "/infra/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1", "parent_path": "/infra/segments/segment_1", "relative_path": "segment_security_binding_map_1", "marked_for_delete": false, "segment_security_profile_path": "/infra/segment-security-profiles/segmentsecurityprofile_1", "spoofguard_profile_path": "", "_create_user": "admin", "_create_time": 1539129491798, "_last_modified_user": "admin", "_last_modified_time": 1539129739799, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: policy_security_profile_binding Additional Errors:

Patch infra segment security profile binding map

Create a new segment security profile binding map if the given security
profile binding map does not exist. Otherwise, patch the existing segment
security profile binding map.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/segments/<segment-id>/segment-security-profile-binding-maps/<segment-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentSecurityProfileBindingMap+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1 { "spoofguard_profile_path": "/infra/spoofguard-profiles/spoofguardprofile_1", "segment_security_profile_path": "/infra/segment-security-profiles/segmentsecurityprofile_1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_security_profile_binding Additional Errors:

Delete infra segment security profile binding map

API will delete segment security profile binding map.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/segments/<segment-id>/segment-security-profile-binding-maps/<segment-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_security_profile_binding Additional Errors:

Create or replace infra segment security profile binding map

API will create or replace segment security profile binding map.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/segments/<segment-id>/segment-security-profile-binding-maps/<segment-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentSecurityProfileBindingMap+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1 { "resource_type": "SegmentSecurityProfileBindingMap", "id": "segment_security_binding_map_1", "display_name": "segment_security_binding_map_1", "path": "/infra/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1", "parent_path": "/infra/segments/segment_1", "relative_path": "segment_security_binding_map_1", "marked_for_delete": false, "segment_security_profile_path": "/infra/segment-security-profiles/segmentsecurityprofile_1", "spoofguard_profile_path": "", "_create_user": "admin", "_create_time": 1539129491798, "_last_modified_user": "admin", "_last_modified_time": 1539129491798, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentSecurityProfileBindingMap+

Example Response: { "resource_type": "SegmentSecurityProfileBindingMap", "id": "segment_security_binding_map_1", "display_name": "segment_security_binding_map_1", "path": "/infra/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1", "parent_path": "/infra/segments/segment_1", "relative_path": "segment_security_binding_map_1", "marked_for_delete": false, "segment_security_profile_path": "/infra/segment-security-profiles/segmentsecurityprofile_1", "spoofguard_profile_path": "", "_create_user": "admin", "_create_time": 1539129491798, "_last_modified_user": "admin", "_last_modified_time": 1539129739799, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_security_profile_binding Additional Errors:

Get infra segment security profile binding map

API will return details of the segment security profile binding map. If the
binding map does not exist, it will return 404.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<segment-id>/segment-security-profile-binding-maps/<segment-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentSecurityProfileBindingMap+

Example Response: { "resource_type": "SegmentSecurityProfileBindingMap", "id": "segment_security_binding_map_1", "display_name": "segment_security_binding_map_1", "path": "/infra/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1", "parent_path": "/infra/segments/segment_1", "relative_path": "segment_security_binding_map_1", "marked_for_delete": false, "segment_security_profile_path": "/infra/segment-security-profiles/segmentsecurityprofile_1", "spoofguard_profile_path": "/infra/spoofguard-profiles/spoofguardprofile_1", "_create_user": "admin", "_create_time": 1539129491798, "_last_modified_user": "admin", "_last_modified_time": 1539129491798, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_security_profile_binding Additional Errors:

List port security profile binding maps

API will list all port security profile binding maps.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-security-profile-binding-maps
Request Headers:
n/a
Query Parameters:
PortSecurityProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier1_1/segments/segment_1/ports/port_1/port-security-profile-binding-maps/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortSecurityProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PortSecurityProfileBindingMap", "id": "port-security-profile-binding-map_1", "display_name": "port-security-profile-binding-map_1", "path": "/infra/tier-1s/tier1_1/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port-security-profile-binding-map_1", "parent_path": "/infra/tier-1s/tier1_1/segments/segment_1/ports/port_1", "relative_path": "port-security-profile-binding-map_1", "marked_for_delete": false, "segment_security_profile_path": "/infra/segment-security-profiles/segmentsecurityprofile_1", "spoofguard_profile_path": "", "_create_user": "admin", "_create_time": 1539130135604, "_last_modified_user": "admin", "_last_modified_time": 1539130486350, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: policy_security_profile_binding Additional Errors:

Create or replace the port security profile binding map

API will create or replace the port security profile binding map.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-security-profile-binding-maps/<port-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortSecurityProfileBindingMap+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier1_1/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port_security_binding_map_1 { "resource_type": "PortSecurityProfileBindingMap", "id": "port-security-profile-binding-map_1", "display_name": "port-security-profile-binding-map_1", "path": "/infra/tier-1s/tier1_1/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port-security-profile-binding-map_1", "parent_path": "/infra/tier-1s/tier1_1/segments/segment_1/ports/port_1", "relative_path": "port-security-profile-binding-map_1", "marked_for_delete": false, "segment_security_profile_path": "/infra/segment-security-profiles/segmentsecurityprofile_1", "spoofguard_profile_path": "", "_create_user": "admin", "_create_time": 1539130135604, "_last_modified_user": "admin", "_last_modified_time": 1539130135604, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortSecurityProfileBindingMap+

Example Response: { "resource_type": "PortSecurityProfileBindingMap", "id": "port-security-profile-binding-map_1", "display_name": "port-security-profile-binding-map_1", "path": "/infra/tier-1s/tier1_1/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port-security-profile-binding-map_1", "parent_path": "/infra/tier-1s/tier1_1/segments/segment_1/ports/port_1", "relative_path": "port-security-profile-binding-map_1", "marked_for_delete": false, "segment_security_profile_path": "/infra/segment-security-profiles/segmentsecurityprofile_1", "spoofguard_profile_path": "", "_create_user": "admin", "_create_time": 1539130135604, "_last_modified_user": "admin", "_last_modified_time": 1539130486350, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_security_profile_binding Additional Errors:

Delete the port security profile binding map

API will delete the port security profile binding map.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-security-profile-binding-maps/<port-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier1_1/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port_security_binding_map_1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_security_profile_binding Additional Errors:

Patch port security profile binding map

Create a new port security profile binding map if the given security profile
binding map does not exist. Otherwise, patch the existing port security
profile binding map.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-security-profile-binding-maps/<port-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortSecurityProfileBindingMap+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier1_1/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port_security_binding_map_1 { "spoofguard_profile_path": "/infra/spoofguard-profiles/spoofguard_1", "segment_security_profile_path": "/infra/segment-security-profiles/segment_security_1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_security_profile_binding Additional Errors:

Get port security profile binding map

API will return details of the port security profile binding map. If the
security profile binding map does not exist, it will return 404.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>/port-security-profile-binding-maps/<port-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier1_1/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port_security_binding_map_1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortSecurityProfileBindingMap+

Example Response: { "resource_type": "PortSecurityProfileBindingMap", "id": "port-security-profile-binding-map_1", "display_name": "port-security-profile-binding-map_1", "path": "/infra/tier-1s/tier1_1/segments/segment_1/ports/port_1/port-security-profile-binding-maps/port-security-profile-binding-map_1", "parent_path": "/infra/tier-1s/tier1_1/segments/segment_1/ports/port_1", "relative_path": "port-security-profile-binding-map_1", "marked_for_delete": false, "segment_security_profile_path": "/infra/segment-security-profiles/segmentsecurityprofile_1", "spoofguard_profile_path": "/infra/spoofguard-profiles/spoofguardprofile_1", "_create_user": "admin", "_create_time": 1539130135604, "_last_modified_user": "admin", "_last_modified_time": 1539130135604, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_security_profile_binding Additional Errors:

List segment security profile binding maps

API will list all segment security profile binding maps.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-security-profile-binding-maps
Request Headers:
n/a
Query Parameters:
SegmentSecurityProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier1_1/segments/segment_1/segment-security-profile-binding-maps/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentSecurityProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "SegmentSecurityProfileBindingMap", "id": "segment_security_binding_map_1", "display_name": "segment_security_binding_map_1", "path": "/infra/tier-1s/tier1_1/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1", "parent_path": "/infra/tier-1s/tier1_1/segments/segment_1", "relative_path": "segment_security_binding_map_1", "marked_for_delete": false, "spoofguard_profile_path": "/infra/spoofguard-profiles/spoofguardprofile_1", "_create_user": "admin", "_create_time": 1539129320511, "_last_modified_user": "admin", "_last_modified_time": 1539129593401, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: policy_security_profile_binding Additional Errors:

Get segment security profile binding map

API will return details of the segment security profile binding map. If the
binding map does not exist, it will return 404.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-security-profile-binding-maps/<segment-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier1_1/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentSecurityProfileBindingMap+

Example Response: { "resource_type": "SegmentSecurityProfileBindingMap", "id": "segment_security_binding_map_1", "display_name": "segment_security_binding_map_1", "path": "/infra/tier-1s/tier1_1/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1", "parent_path": "/infra/tier-1s/tier1_1/segments/segment_1", "relative_path": "segment_security_binding_map_1", "marked_for_delete": false, "segment_security_profile_path": "/infra/segment-security-profiles/segmentsecurityprofile_1", "spoofguard_profile_path": "/infra/spoofguard-profiles/spoofguardprofile_1", "_create_user": "admin", "_create_time": 1539129320511, "_last_modified_user": "admin", "_last_modified_time": 1539129320511, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_security_profile_binding Additional Errors:

Create or replace segment security profile binding map

API will create or replace segment security profile binding map.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-security-profile-binding-maps/<segment-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentSecurityProfileBindingMap+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier1_1/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1 { "resource_type": "SegmentSecurityProfileBindingMap", "id": "segment_security_binding_map_1", "display_name": "segment_security_binding_map_1", "path": "/infra/tier-1s/tier1_1/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1", "parent_path": "/infra/tier-1s/tier1_1/segments/segment_1", "relative_path": "segment_security_binding_map_1", "marked_for_delete": false, "spoofguard_profile_path": "/infra/spoofguard-profiles/spoofguardprofile_1", "segment_security_profile_path": "/infra/segment-security-profiles/segment_security_2", "_create_user": "admin", "_create_time": 1539129320511, "_last_modified_user": "admin", "_last_modified_time": 1539129320511, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentSecurityProfileBindingMap+

Example Response: { "resource_type": "SegmentSecurityProfileBindingMap", "id": "segment_security_binding_map_1", "display_name": "segment_security_binding_map_1", "path": "/infra/tier-1s/tier1_1/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1", "parent_path": "/infra/tier-1s/tier1_1/segments/segment_1", "relative_path": "segment_security_binding_map_1", "marked_for_delete": false, "spoofguard_profile_path": "/infra/spoofguard-profiles/spoofguardprofile_1", "segment_security_profile_path": "/infra/segment-security-profiles/segment_security_2", "_create_user": "admin", "_create_time": 1539129320511, "_last_modified_user": "admin", "_last_modified_time": 1539129593401, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_security_profile_binding Additional Errors:

Patch segment security profile binding map

Create a new segment security profile binding map if the given security
profile binding map does not exist. Otherwise, patch the existing segment
security profile binding map.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-security-profile-binding-maps/<segment-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentSecurityProfileBindingMap+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier1_1/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1 { "spoofguard_profile_path": "/infra/spoofguard-profiles/spoofguardprofile_1", "segment_security_profile_path": "/infra/segment-security-profiles/segmentsecurityprofile_1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_security_profile_binding Additional Errors:

Delete segment security profile binding map

API will delete segment security profile binding map.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/segment-security-profile-binding-maps/<segment-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier1_1/segments/segment_1/segment-security-profile-binding-maps/segment_security_binding_map_1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_security_profile_binding Additional Errors:

Policy: Networking: Connectivity: Segment Profiles: Segment Security Profiles

Associated URIs:

List segment security profiles

API will list all segment security profiles.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segment-security-profiles
Request Headers:
n/a
Query Parameters:
SegmentSecurityProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segment-security-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentSecurityProfileListResult+

Example Response: { "results": [ { "bpdu_filter_enable": true, "bpdu_filter_allow": [ "01:80:c2:00:00:00", "01:80:c2:00:00:01" ], "dhcp_server_block_enabled": true, "dhcp_client_block_enabled": true, "non_ip_traffic_block_enabled": true, "dhcp_server_block_v6_enabled": true, "dhcp_client_block_v6_enabled": true, "ra_guard_enabled": true, "rate_limits_enabled": false, "resource_type": "SegmentSecurityProfile", "id": "my-segment-security-profile", "display_name": "MySegmentSecurityProfile", "description": "MySegmentSecurityProfile", "path": "/infra/segment-security-profiles/my-segment-security-profile", "relative_path": "my-segment-security-profile", "parent_path": "/infra/segment-security-profiles/my-segment-security-profile", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1544566776526, "_last_modified_user": "admin", "_last_modified_time": 1544566776526, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "bpdu_filter_enable": true, "bpdu_filter_allow": [], "dhcp_server_block_enabled": true, "dhcp_client_block_enabled": false, "non_ip_traffic_block_enabled": false, "dhcp_server_block_v6_enabled": true, "dhcp_client_block_v6_enabled": false, "ra_guard_enabled": false, "rate_limits_enabled": false, "rate_limits": { "rx_broadcast": 0, "tx_broadcast": 0, "rx_multicast": 0, "tx_multicast": 0 }, "resource_type": "SegmentSecurityProfile", "id": "default-segment-security-profile", "display_name": "default-segment-security-profile", "path": "/infra/segment-security-profiles/default-segment-security-profile", "relative_path": "default-segment-security-profile", "parent_path": "/infra/segment-security-profiles/default-segment-security-profile", "marked_for_delete": false, "_create_user": "system", "_create_time": 1544555959907, "_last_modified_user": "system", "_last_modified_time": 1544555959907, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 2, "sort_by": "display_name", "sort_ascending": true } Required Permissions: read Feature: policy_segment_security Additional Errors:

GET Segment security profile id

API will return details of the segment security profile with given id. If the
profile does not exist, it will return 404.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segment-security-profiles/<segment-security-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segment-security-profiles/my-segment-security-profile-id Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentSecurityProfile+

Example Response: { "bpdu_filter_enable": true, "bpdu_filter_allow": [ "01:80:c2:00:00:00", "01:80:c2:00:00:01" ], "dhcp_server_block_enabled": true, "dhcp_client_block_enabled": true, "non_ip_traffic_block_enabled": true, "dhcp_server_block_v6_enabled": true, "dhcp_client_block_v6_enabled": true, "ra_guard_enabled": true, "rate_limits_enabled": false, "resource_type": "SegmentSecurityProfile", "id": "my-segment-security-profile", "display_name": "MySegmentSecurityProfile", "description": "MySegmentSecurityProfile", "path": "/infra/segment-security-profiles/my-segment-security-profile", "relative_path": "my-segment-security-profile", "parent_path": "/infra/segment-security-profiles/my-segment-security-profile", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1544566776526, "_last_modified_user": "admin", "_last_modified_time": 1544566776526, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_segment_security Additional Errors:

PATCH segment security profile id

Create a new segment security profile if the segment security profile with given id does not
exist. Otherwise, PATCH the existing segment security profile
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/segment-security-profiles/<segment-security-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentSecurityProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/segment-security-profiles/my-segment-security-profile { "resource_type": "SegmentSecurityProfile", "id": "MySegmentSecurityProfile", "display_name": "MySegmentSecurityProfile", "description": "MySegmentSecurityProfile", "bpdu_filter_enable": true, "bpdu_filter_allow":["01:80:c2:00:00:00", "01:80:c2:00:00:01"], "dhcp_server_block_enabled": true, "dhcp_client_block_enabled": true, "non_ip_traffic_block_enabled": true, "dhcp_server_block_v6_enabled": true, "dhcp_client_block_v6_enabled": true, "ra_guard_enabled": true } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_segment_security Additional Errors:

PUT segment security profile id

Create or replace a segment security profile
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/segment-security-profiles/<segment-security-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentSecurityProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/segment-security-profiles/my-segment-security-profile { "resource_type": "SegmentSecurityProfile", "id": "MySegmentSecurityProfile", "display_name": "MySegmentSecurityProfile", "description": "MySegmentSecurityProfile", "bpdu_filter_enable": true, "bpdu_filter_allow":["01:80:c2:00:00:00", "01:80:c2:00:00:01"], "dhcp_server_block_enabled": true, "dhcp_client_block_enabled": true, "non_ip_traffic_block_enabled": true, "dhcp_server_block_v6_enabled": true, "dhcp_client_block_v6_enabled": true, "ra_guard_enabled": true } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentSecurityProfile+

Example Response: { "resource_type":"SegmentSecurityProfile", "id":"MySegmentSecurityProfile", "display_name": "MySegmentSecurityProfile", "description": "MySegmentSecurityProfile", "path": "/infra/segment-security-profiles/my-segment-security-profile-id", "relative_path": "MySegmentSecurityProfile", "bpdu_filter_enable": "true", "bpdu_filter_allow":["01:80:c2:00:00:00", "01:80:c2:00:00:01"], "dhcp_server_block_enabled": Boolean, "dhcp_server_block_enabled": Boolean, "non_ip_traffic_block_enabled": Boolean, "dhcp_server_block_v6_enabled": "true" "dhcp_server_block_v6_enabled": "true" "ra_guard_enabled":"true" "_create_user": "admin", "_create_time": 1488995381918, "_last_modified_user": "admin", "_last_modified_time": 1488995381918, "_system_owned": false, "_revision": 0 } Required Permissions: crud Feature: policy_segment_security Additional Errors:

DELETE segment security profile

API will delete segment security profile with the given id.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/segment-security-profiles/<segment-security-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/segment-security-profiles/my-segment-security-profile Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_segment_security Additional Errors:

Policy: Networking: Connectivity: Segment Profiles: Spoofguard Profiles

Associated URIs:

List SpoofGuard profiles

API will list all SpoofGuard profiles.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/spoofguard-profiles
Request Headers:
n/a
Query Parameters:
SpoofGuardProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/spoofguard-profiles/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SpoofGuardProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 2, "results": [ { "resource_type": "SpoofGuardProfile", "id": "default-spoofguard-profile", "display_name": "default-spoofguard-profile", "path": "/infra/spoofguard-profiles/default-spoofguard-profile", "parent_path": "/infra/spoofguard-profiles/default-spoofguard-profile", "relative_path": "default-spoofguard-profile", "marked_for_delete": false, "address_binding_whitelist": false, "_create_user": "system", "_create_time": 1539118620552, "_last_modified_user": "system", "_last_modified_time": 1539118620552, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "SpoofGuardProfile", "id": "spoofguardprofile_1", "display_name": "spoofguardprofile_1", "path": "/infra/spoofguard-profiles/spoofguardprofile_1", "parent_path": "/infra/spoofguard-profiles/spoofguardprofile_1", "relative_path": "spoofguardprofile_1", "marked_for_delete": false, "address_binding_whitelist": false, "_create_user": "admin", "_create_time": 1539128784467, "_last_modified_user": "admin", "_last_modified_time": 1539128784467, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_spoofguard Additional Errors:

Delete SpoofGuard profile

API will delete SpoofGuard profile with the given id.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/spoofguard-profiles/<spoofguard-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/spoofguard-profiles/spoofguardprofile_1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_spoofguard Additional Errors:

Get SpoofGuard profile

API will return details of the SpoofGuard profile with given id. If the
profile does not exist, it will return 404.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/spoofguard-profiles/<spoofguard-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/spoofguard-profiles/spoofguardprofile_1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SpoofGuardProfile+

Example Response: { "resource_type": "SpoofGuardProfile", "id": "spoofguardprofile_1", "display_name": "spoofguardprofile_1", "path": "/infra/spoofguard-profiles/spoofguardprofile_1", "parent_path": "/infra/spoofguard-profiles/spoofguardprofile_1", "relative_path": "spoofguardprofile_1", "marked_for_delete": false, "address_binding_whitelist": false, "_create_user": "admin", "_create_time": 1539128784467, "_last_modified_user": "admin", "_last_modified_time": 1539128784467, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_spoofguard Additional Errors:

Patch SpoofGuard profile

Create a new SpoofGuard profile if the SpoofGuard profile with the given id
does not exist. Otherwise, patch with the existing SpoofGuard profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/spoofguard-profiles/<spoofguard-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SpoofGuardProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/spoofguard-profiles/spoofguardprofile_1 { "display_name": "SpoofGuardProfile", "description": "SpoofGuardProfile", "address_binding_whitelist": true } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_spoofguard Additional Errors:

Create or replace SpoofGuard profile

API will create or replace SpoofGuard profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/spoofguard-profiles/<spoofguard-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SpoofGuardProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/spoofguard-profiles/spoofguardprofile_1 { "resource_type": "SpoofGuardProfile", "id": "spoofguardprofile_1", "display_name": "spoofguardprofile_1", "path": "/infra/spoofguard-profiles/spoofguardprofile_1", "parent_path": "/infra/spoofguard-profiles/spoofguardprofile_1", "relative_path": "spoofguardprofile_1", "address_binding_whitelist": true, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SpoofGuardProfile+

Example Response: { "resource_type": "SpoofGuardProfile", "id": "spoofguardprofile_1", "display_name": "spoofguardprofile_1", "path": "/infra/spoofguard-profiles/spoofguardprofile_1", "parent_path": "/infra/spoofguard-profiles/spoofguardprofile_1", "relative_path": "spoofguardprofile_1", "marked_for_delete": false, "address_binding_whitelist": true, "_create_user": "admin", "_create_time": 1539128784467, "_last_modified_user": "admin", "_last_modified_time": 1539129032044, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_spoofguard Additional Errors:

Policy: Networking: Connectivity: Segments

Associated URIs:

List all segments under infra

Paginated list of all segments under infra.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments
Request Headers:
n/a
Query Parameters:
SegmentListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "Segment", "id": "web-tier", "display_name": "web-tier", "path": "/infra/segments/web-tier", "parent_path": "/infra/segments/web-tier", "relative_path": "web-tier", "subnets": [ { "gateway_address": "40.1.1.1/16", "dhcp_ranges": [ "40.1.2.0/24" ] } ], "connectivity_path": "/infra/tier-1s/mgw", "_create_user": "admin", "_create_time": 1516668961954, "_last_modified_user": "admin", "_last_modified_time": 1516668961954, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update a infra segment

If segment with the segment-id is not already present, create a new segment.
If it already exists, replace the segment with this object.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/segments/<segment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Segment+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/segments/web-tier { "display_name":"web-tier", "subnets": [ { "gateway_address": "40.1.1.1/16", "dhcp_ranges": [ "40.1.2.0/24" ] } ], "connectivity_path": "/infra/tier-1s/mgw", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Segment+

Example Response: { "resource_type": "Segment", "id": "web-tier", "display_name": "web-tier", "path": "/infra/tier-1s/cgw/segments/web-tier", "parent_path": "/infra/tier-1s/cgw", "relative_path": "web-tier", "subnets": [ { "gateway_address": "40.1.1.1/16", "dhcp_ranges": [ "40.1.2.0/24" ] } ], "connectivity_path": "/infra/tier-1s/mgw", "_create_user": "admin", "_create_time": 1516668961954, "_last_modified_user": "admin", "_last_modified_time": 1516668961954, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Delete infra segment

Delete infra segment This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/segments/<segment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/segments/web-tier Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a segment

If segment with the segment-id is not already present, create a new segment.
If it already exists, update the segment with specified attributes.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/segments/<segment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Segment+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/segments/web-tier { "display_name":"web-tier", "subnets": [ { "gateway_address": "40.1.1.1/16", "dhcp_ranges": [ "40.1.2.0/24" ] } ], "connectivity_path": "/infra/tier-1s/mgw" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Read infra segment

Read infra segment This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<segment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments/web-tier Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Segment+

Example Response: { "resource_type": "Segment", "id": "web-tier", "display_name": "web-tier", "path": "/infra/tier-1s/cgw/segments/web-tier", "parent_path": "/infra/tier-1s/cgw", "relative_path": "web-tier", "subnets": [ { "gateway_address": "40.1.1.1/16", "dhcp_ranges": [ "40.1.2.0/24" ] } ], "connectivity_path": "/infra/tier-1s/mgw", "_create_user": "admin", "_create_time": 1516668961954, "_last_modified_user": "admin", "_last_modified_time": 1516668961954, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

List infra segment ports

List all the ports for an infra.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<segment-id>/ports
Request Headers:
n/a
Query Parameters:
SegmentPortListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments/production-t1-seg/ports/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentPortListResult+

Example Response: { "results": [ { "resource_type": "SegmentPort", "id": "default:183a3789-826b-41fc-8642-a6834551d4bc", "display_name": "default:183a3789-826b-41fc-8642-a6834551d4bc", "path": "/infra/segments/production-t1-seg/ports/default:183a3789-826b-41fc-8642-a6834551d4bc", "relative_path": "default:183a3789-826b-41fc-8642-a6834551d4bc", "parent_path": "/infra/segments/production-t1-seg", "marked_for_delete": false, "_create_user": "system", "_create_time": 1544503100539, "_last_modified_user": "system", "_last_modified_time": 1544503100539, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "SegmentPort", "id": "default:7555e0d8-f8f7-47c1-a93c-436eb5a6628a", "display_name": "default:7555e0d8-f8f7-47c1-a93c-436eb5a6628a", "path": "/infra/segments/production-t1-seg/ports/default:7555e0d8-f8f7-47c1-a93c-436eb5a6628a", "relative_path": "default:7555e0d8-f8f7-47c1-a93c-436eb5a6628a", "parent_path": "/infra/segments/production-t1-seg", "marked_for_delete": false, "_create_user": "system", "_create_time": 1544503100542, "_last_modified_user": "system", "_last_modified_time": 1544503100542, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "SegmentPort", "id": "default:ab5e6c6d-ca35-499d-b448-fbb82ed1664b", "display_name": "default:ab5e6c6d-ca35-499d-b448-fbb82ed1664b", "path": "/infra/segments/production-t1-seg/ports/default:ab5e6c6d-ca35-499d-b448-fbb82ed1664b", "relative_path": "default:ab5e6c6d-ca35-499d-b448-fbb82ed1664b", "parent_path": "/infra/segments/production-t1-seg", "marked_for_delete": false, "_create_user": "system", "_create_time": 1544503100524, "_last_modified_user": "system", "_last_modified_time": 1544503100524, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 3, "sort_by": "display_name", "sort_ascending": true } Required Permissions: read Feature: policy_connectivity Additional Errors:

Get infra segment port by ID

Get detail information on an infra segment port by giving ID.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<segment-id>/ports/<port-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/segments/web-tier/ports/port1 { "address_bindings": [ { "ip_address":"1.1.1.1", "mac_address":"aa:bb:cc:dd:ee:ff" }, { "ip_address":"1.1.1.2", "mac_address":"aa:bb:cc:dd:ee:f1" } ], "tags": [ {"tag":"port-1 tag 1 from Policy","scope":"Policy"} ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentPort+

Example Response: { "resource_type": "SegmentPort", "id": "port1", "display_name": "port1", "path": "/infra/segments/web-tier/ports/port1", "relative_path": "port1", "parent_path": "/infra/segments/web-tier", "address_bindings": [ { "ip_address":"1.1.1.1", "mac_address":"aa:bb:cc:dd:ee:ff" }, { "ip_address":"1.1.1.2", "mac_address":"aa:bb:cc:dd:ee:f1" } ], "tags": [ { "tag":"port-1 tag 1 from Policy", "scope":"Policy" } ], "marked_for_delete": false, "_create_user": "admin", "_create_time": 1544503100539, "_last_modified_user": "admin", "_last_modified_time": 1544503100539, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update an infra segment port

Create an infra segment port if it does not exist based on the IDs, or update existing port
information by replacing the port object already exists.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/segments/<segment-id>/ports/<port-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentPort+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/segments/web-tier/ports/port1 { "address_bindings": [ { "ip_address":"1.1.1.1", "mac_address":"aa:bb:cc:dd:ee:ff" }, { "ip_address":"1.1.1.2", "mac_address":"aa:bb:cc:dd:ee:f1" } ], "tags": [ {"tag":"port-1 tag 1 from Policy","scope":"Policy"} ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentPort+

Example Response: { "resource_type": "SegmentPort", "id": "port1", "display_name": "port1", "path": "/infra/segments/web-tier/ports/port1", "relative_path": "port1", "parent_path": "/infra/segments/web-tier", "address_bindings": [ { "ip_address":"1.1.1.1", "mac_address":"aa:bb:cc:dd:ee:ff" }, { "ip_address":"1.1.1.2", "mac_address":"aa:bb:cc:dd:ee:f1" } ], "tags": [ { "tag":"port-1 tag 1 from Policy", "scope":"Policy" } ], "marked_for_delete": false, "_create_user": "admin", "_create_time": 1544503100539, "_last_modified_user": "admin", "_last_modified_time": 1544503100539, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Delete an infra segment port

Delete an infra segment port by giving ID.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/segments/<segment-id>/ports/<port-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/segments/web-tier/ports/port1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Patch an infra segment port

Create an infra segment port if it does not exist based on the IDs, or update existing port
information by replacing the port object fields which presents in the request body.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/segments/<segment-id>/ports/<port-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentPort+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/segments/web-tier/ports/port1 { "address_bindings": [ { "ip_address":"1.1.1.1", "mac_address":"aa:bb:cc:dd:ee:ff" }, { "ip_address":"1.1.1.2", "mac_address":"aa:bb:cc:dd:ee:f1" } ], "tags": [ {"tag":"port-1 tag 1 from Policy","scope":"Policy"} ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Force delete infra segment

Force delete bypasses validations during segment deletion. This may result in an inconsistent connectivity. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/segments/<segment-id>?force=true
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/segments/web-tier Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Get infra segment port statistics information

Get infra segment port statistics information.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<segments-id>/ports/<port-id>/statistics
Request Headers:
n/a
Query Parameters:
L2L3RuntimeRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentPortStatistics+

Example Response: { "rx_packets": { "total": 0 }, "rx_bytes": { "total": 0 }, "tx_packets": { "total": 0 }, "tx_bytes": { "total": 0 }, "logical_port_id": "706aecff-7741-4856-bc9b-d96fbcf474b8" } Required Permissions: read Feature: policy_connectivity Additional Errors:

Get infra segment statistics information

Get infra segment statistics information.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/<segments-id>/statistics
Request Headers:
n/a
Query Parameters:
L2L3RuntimeRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments/tier0-ls/statistics?enforcement_point_path=/infra/sites/default/enforcement-points/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentStatistics+

Example Response: { "rx_packets": { "dropped": 0, "total": 13 }, "rx_bytes": { "total": 642 }, "tx_packets": { "dropped": 0, "total": 0 }, "tx_bytes": { "total": 0 }, "logical_switch_id": "8ff845d2-06a4-47d5-adb2-dd386053e88d", "last_update_timestamp": 1548964270603 } Required Permissions: read Feature: policy_connectivity Additional Errors:

List Service Segments

Paginated list of all Service Segments
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/service-segments
Request Headers:
n/a
Query Parameters:
ServiceSegmentListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments/service-segments Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceSegmentListResult+

Example Response: { "results": [ { "transport_zone_path": "/infra/sites/default/enforcement-points/default/transport-zones/be553b11-040b-4a51-870d-c32fced0ba7d", "resource_type": "ServiceSegment", "id": "service-segment-1", "display_name": "service-segment-1", "path": "/infra/segments/service-segments/service-segment-1", "relative_path": "service-segment-1", "parent_path": "/infra/segments/service-segments/service-segment-1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1543227416946, "_last_modified_user": "admin", "_last_modified_time": 1543227416946, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 1, "sort_by": "display_name", "sort_ascending": true } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create a service segment

A service segment with the service-segment-id is created.
Modification of service segment is not supported.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/segments/service-segments/<service-segment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceSegment+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/segments/service-segments/service-segment-1 { "display_name": "service-segment-1", "resource_type": "ServiceSegment", "transport_zone_path": "/infra/sites/default/enforcement-points/default/transport-zones/be553b11-040b-4a51-870d-c32fced0ba7d" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Delete Service Segment

Delete Service Segment with given ID This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/segments/service-segments/<service-segment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/segments/service-segments/service-segment-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Read Service Segment

Read a Service Segment with the given id Request:
Method:
GET
URI Path:
/policy/api/v1/infra/segments/service-segments/<service-segment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/segments/service-segments/service-segment-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceSegment+

Example Response: { "transport_zone_path": "/infra/sites/default/enforcement-points/default/transport-zones/be553b11-040b-4a51-870d-c32fced0ba7d", "resource_type": "ServiceSegment", "id": "service-segment-1", "display_name": "service-segment-1", "path": "/infra/segments/service-segments/service-segment-1", "relative_path": "service-segment-1", "parent_path": "/infra/segments/service-segments/service-segment-1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1543227416946, "_last_modified_user": "admin", "_last_modified_time": 1543227416946, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create service segment

A service segment with the service-segment-id is created.
Modification of service segment is not supported.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/segments/service-segments/<service-segment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceSegment+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/segments/service-segments/service-segment-1 { "display_name": "service-segment-1", "resource_type": "ServiceSegment", "transport_zone_path": "/infra/sites/default/enforcement-points/default/transport-zones/be553b11-040b-4a51-870d-c32fced0ba7d" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceSegment+

Example Response: { "resource_type": "ServiceSegment", "id": "service-segment-1", "display_name": "service-segment-1", "path": "/infra/segments/service-segments/service-segment-1", "relative_path": "service-segment-1", "parent_path": "/infra/segments/service-segments/service-segment-1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1543227599024, "_last_modified_user": "admin", "_last_modified_time": 1543227599024, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

List all segments under tier-1 instance

Paginated list of all segments under Tier-1 instance
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments
Request Headers:
n/a
Query Parameters:
SegmentListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/segments Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "Segment", "id": "web-tier", "display_name": "web-tier", "path": "/infra/tier-1s/cgw/segments/web-tier", "parent_path": "/infra/tier-1s/cgw", "relative_path": "web-tier", "subnets": [ { "gateway_address": "40.1.1.1/16", "dhcp_ranges": [ "40.1.2.0/24" ] } ], "_create_user": "admin", "_create_time": 1516668961954, "_last_modified_user": "admin", "_last_modified_time": 1516668961954, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_connectivity Additional Errors:

Delete segment

Delete segment Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/segments/web-tier Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a segment

If segment with the segment-id is not already present, create a new segment.
If it already exists, update the segment with specified attributes.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Segment+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/segments/web-tier { "display_name":"web-tier", "subnets": [ { "gateway_address": "40.1.1.1/16", "dhcp_ranges": [ "40.1.2.0/24" ] } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a segment

If segment with the segment-id is not already present, create a new segment.
If it already exists, replace the segment with this object.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Segment+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/segments/web-tier { "display_name":"web-tier", "subnets": [ { "gateway_address": "40.1.1.1/16", "dhcp_ranges": [ "40.1.2.0/24" ] } ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Segment+

Example Response: { "resource_type": "Segment", "id": "web-tier", "display_name": "web-tier", "path": "/infra/tier-1s/cgw/segments/web-tier", "parent_path": "/infra/tier-1s/cgw", "relative_path": "web-tier", "subnets": [ { "gateway_address": "40.1.1.1/16", "dhcp_ranges": [ "40.1.2.0/24" ] } ], "_create_user": "admin", "_create_time": 1516668961954, "_last_modified_user": "admin", "_last_modified_time": 1516668961954, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Read segment

Read segment Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/segments/web-tier Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Segment+

Example Response: { "resource_type": "Segment", "id": "web-tier", "display_name": "web-tier", "path": "/infra/tier-1s/cgw/segments/web-tier", "parent_path": "/infra/tier-1s/cgw", "relative_path": "web-tier", "subnets": [ { "gateway_address": "40.1.1.1/16", "dhcp_ranges": [ "40.1.2.0/24" ] } ], "_create_user": "admin", "_create_time": 1516668961954, "_last_modified_user": "admin", "_last_modified_time": 1516668961954, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

List Tier-1 segment ports

List all the ports for a Tier-1 segment.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports
Request Headers:
n/a
Query Parameters:
SegmentPortListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/production_t1/segments/production-t1-seg/ports/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentPortListResult+

Example Response: { "results": [ { "resource_type": "SegmentPort", "id": "default:183a3789-826b-41fc-8642-a6834551d4bc", "display_name": "default:183a3789-826b-41fc-8642-a6834551d4bc", "path": "/infra/tier-1s/production_t1/segments/production-t1-seg/ports/default:183a3789-826b-41fc-8642-a6834551d4bc", "relative_path": "default:183a3789-826b-41fc-8642-a6834551d4bc", "parent_path": "/infra/tier-1s/production_t1/segments/production-t1-seg", "marked_for_delete": false, "_create_user": "system", "_create_time": 1544503100539, "_last_modified_user": "system", "_last_modified_time": 1544503100539, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "SegmentPort", "id": "default:7555e0d8-f8f7-47c1-a93c-436eb5a6628a", "display_name": "default:7555e0d8-f8f7-47c1-a93c-436eb5a6628a", "path": "/infra/tier-1s/production_t1/segments/production-t1-seg/ports/default:7555e0d8-f8f7-47c1-a93c-436eb5a6628a", "relative_path": "default:7555e0d8-f8f7-47c1-a93c-436eb5a6628a", "parent_path": "/infra/tier-1s/production_t1/segments/production-t1-seg", "marked_for_delete": false, "_create_user": "system", "_create_time": 1544503100542, "_last_modified_user": "system", "_last_modified_time": 1544503100542, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "SegmentPort", "id": "default:ab5e6c6d-ca35-499d-b448-fbb82ed1664b", "display_name": "default:ab5e6c6d-ca35-499d-b448-fbb82ed1664b", "path": "/infra/tier-1s/production_t1/segments/production-t1-seg/ports/default:ab5e6c6d-ca35-499d-b448-fbb82ed1664b", "relative_path": "default:ab5e6c6d-ca35-499d-b448-fbb82ed1664b", "parent_path": "/infra/tier-1s/production_t1/segments/production-t1-seg", "marked_for_delete": false, "_create_user": "system", "_create_time": 1544503100524, "_last_modified_user": "system", "_last_modified_time": 1544503100524, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 3, "sort_by": "display_name", "sort_ascending": true } Required Permissions: read Feature: policy_connectivity Additional Errors:

Get Tier-1 segment port by ID

Get detail information on a Tier-1 segment port by giving ID.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/segments/web-tier/ports/port1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentPort+

Example Response: { "resource_type": "SegmentPort", "id": "port1", "display_name": "port1", "path": "/infra/tier-1s/cgw/segments/web-tier/ports/port1", "relative_path": "port1", "parent_path": "/infra/tier-1s/cgw/segments/web-tier", "address_bindings": [ { "ip_address":"1.1.1.1", "mac_address":"aa:bb:cc:dd:ee:ff" }, { "ip_address":"1.1.1.2", "mac_address":"aa:bb:cc:dd:ee:f1" } ], "tags": [ { "tag":"port-1 tag 1 from Policy", "scope":"Policy" } ], "marked_for_delete": false, "_create_user": "admin", "_create_time": 1544503100539, "_last_modified_user": "admin", "_last_modified_time": 1544503100539, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Patch a Tier-1 segment port

Create a Tier-1 segment port if it does not exist based on the IDs, or update existing port
information by replacing the port object fields which presents in the request body.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentPort+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/segments/web-tier/ports/port1 { "address_bindings": [ { "ip_address":"1.1.1.1", "mac_address":"aa:bb:cc:dd:ee:ff" }, { "ip_address":"1.1.1.2", "mac_address":"aa:bb:cc:dd:ee:f1" } ], "tags": [ {"tag":"port-1 tag 1 from Policy","scope":"Policy"} ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Delete a Tier-1 segment port

Delete a Tier-1 segment port by giving ID.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/segments/web-tier/ports/port1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a Tier-1 segment port

Create a Tier-1 segment port if it does not exist based on the IDs, or update existing port
information by replacing the port object already exists.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/ports/<port-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SegmentPort+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/segments/web-tier/ports/port1 { "address_bindings": [ { "ip_address":"1.1.1.1", "mac_address":"aa:bb:cc:dd:ee:ff" }, { "ip_address":"1.1.1.2", "mac_address":"aa:bb:cc:dd:ee:f1" } ], "tags": [ {"tag":"port-1 tag 1 from Policy","scope":"Policy"} ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentPort+

Example Response: { "resource_type": "SegmentPort", "id": "port1", "display_name": "port1", "path": "/infra/tier-1s/cgw/segments/web-tier/ports/port1", "relative_path": "port1", "parent_path": "/infra/tier-1s/cgw/segments/web-tier", "address_bindings": [ { "ip_address":"1.1.1.1", "mac_address":"aa:bb:cc:dd:ee:ff" }, { "ip_address":"1.1.1.2", "mac_address":"aa:bb:cc:dd:ee:f1" } ], "tags": [ { "tag":"port-1 tag 1 from Policy", "scope":"Policy" } ], "marked_for_delete": false, "_create_user": "admin", "_create_time": 1544503100539, "_last_modified_user": "admin", "_last_modified_time": 1544503100539, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update a static ARP config

Create static ARP config with Tier-1 and segment IDs provided if it doesn't exist,
update with provided config if it's already created.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/static-arp
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
StaticARPConfig+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-1s/production_t1/segments/production-t1-seg/static-arp { "ip_address":"1.1.1.1", "mac_address":"aa:bb:cc:44:55:66" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Read static ARP config

Read static ARP config Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/static-arp
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/production_t1/segments/production-t1-seg/static-arp Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StaticARPConfig+

Example Response: { "ip_address": "1.1.1.1", "mac_address": "aa:bb:cc:44:55:66", "resource_type": "StaticARPConfig", "id": "static-arp", "display_name": "static-arp", "path": "/infra/tier-1s/production_t1/segments/production-t1-seg/static-arp", "relative_path": "static-arp", "parent_path": "/infra/tier-1s/production_t1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1544640364065, "_last_modified_user": "admin", "_last_modified_time": 1544640364065, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update a static ARP config

Create static ARP config with Tier-1 and segment IDs provided if it doesn't exist,
update with provided config if it's already created.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/static-arp
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
StaticARPConfig+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-1s/production_t1/segments/production-t1-seg/static-arp { "ip_address":"1.1.1.1", "mac_address":"aa:bb:cc:44:55:66" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StaticARPConfig+

Example Response: { "ip_address": "1.1.1.1", "mac_address": "aa:bb:cc:44:55:66", "resource_type": "StaticARPConfig", "id": "static-arp", "display_name": "static-arp", "path": "/infra/tier-1s/production_t1/segments/production-t1-seg/static-arp", "relative_path": "static-arp", "parent_path": "/infra/tier-1s/production_t1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1544640364065, "_last_modified_user": "admin", "_last_modified_time": 1544640364065, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Delete static ARP config

Delete static ARP config Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>/static-arp
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/production_t1/segments/production-t1-seg/static-arp Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Force delete segment

Force delete bypasses validations during segment deletion. This may result in an inconsistent connectivity.
Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segment-id>?force=true
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/cgw/segments/web-tier?force=true Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Get segment port statistics information

Get tier1 segment port statistics information.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segments-id>/ports/<port-id>/statistics
Request Headers:
n/a
Query Parameters:
L2L3RuntimeRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentPortStatistics+

Example Response: { "rx_packets": { "multicast_broadcast": 6648, "dropped": 793, "total": 8546 }, "rx_bytes": { "multicast_broadcast": 565080, "dropped": 0, "total": 898998 }, "tx_packets": { "multicast_broadcast": 6648, "dropped": 0, "total": 8546 }, "tx_bytes": { "multicast_broadcast": 498600, "dropped": 0, "total": 880098 }, "dropped_by_security_packets": { "spoof_guard_dropped": [ { "packet_type": "IPV4", "counter": 0 }, { "packet_type": "IPV6", "counter": 0 }, { "packet_type": "ARP", "counter": 0 }, { "packet_type": "ND", "counter": 0 }, { "packet_type": "NON_IP", "counter": 0 } ], "bpdu_filter_dropped": 0, "dhcp_server_dropped_ipv4": 0, "dhcp_server_dropped_ipv6": 0, "dhcp_client_dropped_ipv4": 0, "dhcp_client_dropped_ipv6": 0 }, "mac_learning": { "mac_not_learned_packets_allowed": 0, "mac_not_learned_packets_dropped": 0, "macs_learned": 0 }, "logical_port_id": "cf3a0716-3ba0-4327-a8e5-b1e76269108f", "last_update_timestamp": 1548964938985 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Get segment statistics information

Get tier1 segment statistics information.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/segments/<segments-id>/statistics
Request Headers:
n/a
Query Parameters:
L2L3RuntimeRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/it_t1/segments/it-t1-seg/statistics?enforcement_point_path=/infra/sites/default/enforcement-points/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SegmentStatistics+

Example Response: { "rx_packets": { "multicast_broadcast": 19914, "dropped": 2358, "total": 28909 }, "rx_bytes": { "multicast_broadcast": 1692690, "dropped": 0, "total": 3692670 }, "tx_packets": { "multicast_broadcast": 19914, "dropped": 0, "total": 28968 }, "tx_bytes": { "multicast_broadcast": 1493550, "dropped": 0, "total": 2853978 }, "dropped_by_security_packets": { "spoof_guard_dropped": [ { "packet_type": "IPV4", "counter": 0 }, { "packet_type": "IPV6", "counter": 0 }, { "packet_type": "ARP", "counter": 0 }, { "packet_type": "ND", "counter": 0 }, { "packet_type": "NON_IP", "counter": 0 } ], "bpdu_filter_dropped": 0, "dhcp_server_dropped_ipv4": 0, "dhcp_server_dropped_ipv6": 0, "dhcp_client_dropped_ipv4": 0, "dhcp_client_dropped_ipv6": 0 }, "mac_learning": { "mac_not_learned_packets_allowed": 0, "mac_not_learned_packets_dropped": 0, "macs_learned": 0 }, "logical_switch_id": "3df039b1-d031-4733-987f-fcf8a4ed3e5b", "last_update_timestamp": 1548964636611 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Policy: Networking: IP Management: DHCP

Policy: Networking: IP Management: DHCP: DHCP Relay Configs

Associated URIs:

List DHCP relay config instances

Paginated list of all DHCP relay config instances
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/dhcp-relay-configs
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/dhcp-relay-configs Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpRelayConfigListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "DhcpRelayConfig", "id": "dhcp-relay1", "display_name": "dhcp-relay1", "path": "/infra/dhcp-relay-configs/dhcp-relay1", "parent_path": "/infra", "relative_path": "dhcp-relay1", "server_addresses": [ "10.1.1.1", "10.1.1.2" ] "_create_user": "admin", "_create_time": 1516668826912, "_last_modified_user": "admin", "_last_modified_time": 1516668826912, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_dhcp Additional Errors:

Create or update DHCP relay configuration

If DHCP relay config with the dhcp-relay-config-id is not already present, create a new DHCP relay config instance.
If it already exists, update the DHCP relay config instance with specified attributes.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/dhcp-relay-configs/<dhcp-relay-config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DhcpRelayConfig+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/dhcp-relay-configs/dhcp-relay1 { "server_addresses": [ "10.1.1.1", "10.1.1.2" ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_dhcp Additional Errors:

Read DHCP relay configuration

Read DHCP relay configuration This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/dhcp-relay-configs/<dhcp-relay-config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/dhcp-relay-configs/dhcp-relay1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpRelayConfig+

Example Response: { "resource_type": "DhcpRelayConfig", "id": "dhcp-relay1", "display_name": "dhcp-relay1", "path": "/infra/dhcp-relay-configs/dhcp-relay1", "parent_path": "/infra", "relative_path": "dhcp-relay1", "server_addresses": [ "10.1.1.1", "10.1.1.2" ] "_create_user": "admin", "_create_time": 1516668826912, "_last_modified_user": "admin", "_last_modified_time": 1516668826912, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_dhcp Additional Errors:

Delete DHCP relay configuration

Delete DHCP relay configuration This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/dhcp-relay-configs/<dhcp-relay-config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/dhcp-relay-configs/dhcp-relay1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_dhcp Additional Errors:

Create or update DHCP relay configuration

If DHCP relay config with the dhcp-relay-config-id is not already present,
create a new DHCP relay config instance. If it already exists, replace
the DHCP relay config instance with this object.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/dhcp-relay-configs/<dhcp-relay-config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DhcpRelayConfig+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/dhcp-relay-configs/dhcp-relay1 { "server_addresses": [ "10.1.1.1", "10.1.1.2" ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpRelayConfig+

Example Response: { "resource_type": "DhcpRelayConfig", "id": "dhcp-relay1", "display_name": "dhcp-relay1", "path": "/infra/dhcp-relay-configs/dhcp-relay1", "parent_path": "/infra", "relative_path": "dhcp-relay1", "server_addresses": [ "10.1.1.1", "10.1.1.2" ] "_create_user": "admin", "_create_time": 1516668826912, "_last_modified_user": "admin", "_last_modified_time": 1516668826912, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_dhcp Additional Errors:

Policy: Networking: IP Management: DHCP: DHCP Server Configs

Associated URIs:

List DHCP server config instances

Paginated list of all DHCP server config instances
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/dhcp-server-configs
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/dhcp-server-configs Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpServerConfigListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "DhcpServerConfig", "id": "dhcp-srv1", "display_name": "dhcp-srv1", "path": "/infra/dhcp-server-configs/dhcp-srv1", "parent_path": "/infra", "relative_path": "dhcp-srv1", "server_address": "10.1.1.1/30", "lease_time": 10000, "_create_user": "admin", "_create_time": 1516668826912, "_last_modified_user": "admin", "_last_modified_time": 1516668826912, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_dhcp Additional Errors:

Delete DHCP server configuration

Delete DHCP server configuration This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/dhcp-server-configs/<dhcp-server-config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/dhcp-server-configs/dhcp-srv1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_dhcp Additional Errors:

Create or update DHCP server configuration

If DHCP server config with the dhcp-server-config-id is not already
present, create a new DHCP server config instance. If it already exists,
replace the DHCP server config instance with this object.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/dhcp-server-configs/<dhcp-server-config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DhcpServerConfig+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/dhcp-server-configs/dhcp-srv1 { "server_address": "10.1.1.1/30", "lease_time": 10000, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpServerConfig+

Example Response: { "resource_type": "DhcpServerConfig", "id": "dhcp-srv1", "display_name": "dhcp-srv1", "path": "/infra/dhcp-server-configs/dhcp-srv1", "parent_path": "/infra", "relative_path": "dhcp-srv1", "server_address": "10.1.1.1/30", "lease_time": 10000, "_create_user": "admin", "_create_time": 1516668826912, "_last_modified_user": "admin", "_last_modified_time": 1516668826912, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_dhcp Additional Errors:

Create or update DHCP server configuration

If DHCP server config with the dhcp-server-config-id is not already
present, create a new DHCP server config instance. If it already exists,
update the DHCP server config instance with specified attributes.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/dhcp-server-configs/<dhcp-server-config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DhcpServerConfig+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/dhcp-server-configs/dhcp-srv1 { "server_address": "10.1.1.1/30", "lease_time": 10000 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_dhcp Additional Errors:

Read DHCP server configuration

Read DHCP server configuration This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/dhcp-server-configs/<dhcp-server-config-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/dhcp-server-configs/dhcp-srv1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DhcpServerConfig+

Example Response: { "resource_type": "DhcpServerConfig", "id": "dhcp-srv1", "display_name": "dhcp-srv1", "path": "/infra/dhcp-server-configs/dhcp-srv1", "parent_path": "/infra", "relative_path": "dhcp-srv1", "server_address": "10.1.1.1/30", "lease_time": 10000, "_create_user": "admin", "_create_time": 1516668826912, "_last_modified_user": "admin", "_last_modified_time": 1516668826912, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_dhcp Additional Errors:

Policy: Networking: IP Management: DNS

Policy: Networking: IP Management: DNS: DNS Forwarder

Associated URIs:

List Dns Forwarder Zones

Paginated list of all Dns Forwarder Zones
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/dns-forwarder-zones
Request Headers:
n/a
Query Parameters:
PolicyDnsForwarderZoneListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/dns-forwarder-zones Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyDnsForwarderZoneListResult+

Example Response: { "sort_ascending" : true, "sort_by" : "display_name", "result_count" : 2, "results" : [ { "resource_type" : "PolicyDnsForwarderZone", "id" : "default-1", "display_name" : "$1", "path" : "/infra/dns-forwarder-zones/default-1", "parent_path" : "/infra/dns-forwarder-zones/default-1", "relative_path" : "default-1", "dns_domain_names" : [ ], "upstream_servers" : [ "3.3.3.3", "4.4.4.4" ], "_create_user" : "a;a", "_create_time" : 1517400275031, "_last_modified_user" : "a;a", "_last_modified_time" : 1517400275031, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 0 }, { "resource_type" : "PolicyDnsForwarderZone", "id" : "conditional-1", "display_name" : "$1", "path" : "/infra/dns-forwarder-zones/conditional-1", "parent_path" : "/infra/dns-forwarder-zones/conditional-1", "relative_path" : "conditional-1", "dns_domain_names" : [ "foo.com" ], "upstream_servers" : [ "1.1.1.1", "2.2.2.2" ], "_create_user" : "a;a", "_create_time" : 1517400132921, "_last_modified_user" : "a;a", "_last_modified_time" : 1517400132921, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: policy_dns Additional Errors:

Create or update the DNS Forwarder Zone

Create or update the DNS Forwarder Zone Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/dns-forwarder-zones/<dns-forwarder-zone-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyDnsForwarderZone+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/dns-forwarder-zones/conditional-1 { "display_name" : "Conditional 1", "dns_domain_names" : [ "foo.com" ], "upstream_servers" : [ "1.1.1.1", "2.2.2.2" ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dns Additional Errors:

Create or update the DNS Forwarder Zone

Create or update the DNS Forwarder Zone Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/dns-forwarder-zones/<dns-forwarder-zone-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyDnsForwarderZone+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/dns-forwarder-zones/conditional-1 { "display_name" : "Conditional 1", "dns_domain_names" : [ "foo.com" ], "upstream_servers" : [ "1.1.1.1", "2.2.2.2" ], "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyDnsForwarderZone+

Example Response: { "resource_type" : "PolicyDnsForwarderZone", "id" : "conditional-1", "display_name" : "$1", "path" : "/infra/dns-forwarder-zones/conditional-1", "parent_path" : "/infra/dns-forwarder-zones/conditional-1", "relative_path" : "conditional-1", "dns_domain_names" : [ "foo.com" ], "upstream_servers" : [ "1.1.1.1", "2.2.2.2" ], "_create_user" : "a;a", "_create_time" : 1517400132921, "_last_modified_user" : "a;a", "_last_modified_time" : 1517400132921, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: policy_dns Additional Errors:

Delete the DNS Forwarder Zone

Delete the DNS Forwarder Zone Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/dns-forwarder-zones/<dns-forwarder-zone-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/dns-forwarder-zones/conditional-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dns Additional Errors:

Read the DNS Forwarder Zone

Read the DNS Forwarder Zone Request:
Method:
GET
URI Path:
/policy/api/v1/infra/dns-forwarder-zones/<dns-forwarder-zone-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/dns-forwarder-zones/conditional-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyDnsForwarderZone+

Example Response: { "resource_type" : "PolicyDnsForwarderZone", "id" : "conditional-1", "display_name" : "$1", "path" : "/infra/dns-forwarder-zones/conditional-1", "parent_path" : "/infra/dns-forwarder-zones/conditional-1", "relative_path" : "conditional-1", "dns_domain_names" : [ "foo.com" ], "upstream_servers" : [ "1.1.1.1", "2.2.2.2" ], "_create_user" : "a;a", "_create_time" : 1517400132921, "_last_modified_user" : "a;a", "_last_modified_time" : 1517400132921, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: policy_dns Additional Errors:

Update the DNS Forwarder

Update the DNS Forwarder Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/dns-forwarder
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyDnsForwarder+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/<tier-0-id>/dns-forwarder { "display_name" : "dns-forwarder", "listener_ip" : "5.5.5.5", "default_forwarder_zone_path" : "/infra/dns-forwarder-zones/default-1", "conditional_forwarder_zone_paths" : ["/infra/dns-forwarder-zones/conditional-1"] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dns Additional Errors:

Perform the specified DNS forwarder action

Perform the specified action for Tier0 DNS forwarder on specified enforcement point.
Request:
Method:
POST
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/dns-forwarder
Request Headers:
n/a
Query Parameters:
EPActionForDnsForwarderRequestParameters+
Request Body:
n/a

Example Request: 1. Clear cache POST https://<policy-mgr>/policy/api/v1/infra/tier-0s/tier0/dns-forwarder?action=clear_cache Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dns Additional Errors:

Read the DNS Forwarder for the given tier-0 instance

Read the DNS Forwarder for the given tier-0 instance Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/dns-forwarder
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/<tier-0-id>/dns-forwarder Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyDnsForwarder+

Example Response: { "resource_type" : "PolicyDnsForwarder", "id" : "dns-forwarder", "display_name" : "dns-forwarder", "path" : "/infra/tier-0s/prv/dns-forwarder", "parent_path" : "/infra/tier-0s/prv", "relative_path" : "dns-forwarder", "listener_ip" : "5.5.5.5", "conditional_forwarder_zone_paths" : [ "/infra/dns-forwarder-zones/conditional-1" ], "log_level" : "INFO", "enabled" : true, "default_forwarder_zone_path" : "/infra/dns-forwarder-zones/default-1", "_create_user" : "a;a", "_create_time" : 1517403652195, "_last_modified_user" : "a;a", "_last_modified_time" : 1517403652195, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: read Feature: policy_dns Additional Errors:

Delete DNS configuration for tier-0 instance

Delete DNS configuration for tier-0 instance Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/dns-forwarder
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/<tier-0-id>/dns-forwarder Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dns Additional Errors:

Update the DNS Forwarder

Update the DNS Forwarder Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/dns-forwarder
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyDnsForwarder+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/<tier-0-id>/dns-forwarder { "display_name" : "dns-forwarder", "listener_ip" : "5.5.5.5", "default_forwarder_zone_path" : "/infra/dns-forwarder-zones/default-1", "conditional_forwarder_zone_paths" : ["/infra/dns-forwarder-zones/conditional-1"], "enabled": false, "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyDnsForwarder+

Example Response: { "resource_type" : "PolicyDnsForwarder", "id" : "dns-forwarder", "display_name" : "dns-forwarder", "path" : "/infra/tier-0s/prv/dns-forwarder", "parent_path" : "/infra/tier-0s/prv", "relative_path" : "dns-forwarder", "listener_ip" : "5.5.5.5", "conditional_forwarder_zone_paths" : [ "/infra/dns-forwarder-zones/conditional-1" ], "log_level" : "INFO", "enabled" : false, "default_forwarder_zone_path" : "/infra/dns-forwarder-zones/default-1", "_create_user" : "a;a", "_create_time" : 1517403652195, "_last_modified_user" : "a;a", "_last_modified_time" : 1517403652195, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: policy_dns Additional Errors:

Resolve a given address via the dns forwarder at Tier0

Query the nameserver for an ip-address or a FQDN of the given an address optionally using
an specified DNS server. If the address is a fqdn, nslookup will resolve ip-address with it.
If the address is an ip-address, do a reverse lookup and answer fqdn(s).
If enforcement point is specified, then DNS forwarder nslookup answer will get fetched from
specified enforcement point. Otherwise from all enforcement points.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/dns-forwarder/nslookup
Request Headers:
n/a
Query Parameters:
PolicyNsLookupParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/tier0/dns-forwarder/nslookup?address=vmware.com&enforcement_point_path=/infra/sites/default/enforcement-points/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregatePolicyDnsAnswer+

Example Response: { "dns_answer_per_enforcement_point": [ { "resource_type": "NsxTDnsAnswer", "enforcement_point_path": "/infra/sites/default/enforcement-points/default", "dns_server" : "10.117.0.1#53", "edge_node_id" : "e2fa39aa-f4ca-4781-ac48-60a6c47d34e0", "authoritative_answer" : [ { "name": "vmware.com" "address": "10.113.63.149" } ] } ], "intent_path": "/infra/tier-0s/tier0/dns-forwarder" } Required Permissions: read Feature: policy_dns Additional Errors:

Get tier-0 DNS forwarder statistics

Get statistics of tier-0 DNS forwarder.
- no enforcement point path specified: Statistics will be evaluated on each enforcement
point.
- {enforcement_point_path}: Statistics are evaluated only on the given enforcement point.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/dns-forwarder/statistics
Request Headers:
n/a
Query Parameters:
PolicyRuntimeOnEpRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/tier-01/dns-forwarder/statistics Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateDNSForwarderStatistics+

Example Response: { "statistics_per_enforcement_point": [ { "resource_type": "NsxTDNSForwarderStatistics", "enforcement_point_path": "/infra/sites/default/enforcement-points/default", "queries_answered_locally": 0, "conditional_forwarder_statistics": [ { "upstream_statistics": [ { "queries_succeeded": 0, "queries_failed": 0, "upstream_server": "10.0.0.0" }, { "queries_succeeded": 0, "queries_failed": 0, "upstream_server": "10.2.0.0" } ], "domain_names": [ "fqdn1", "fqdn2" ] } ], "default_forwarder_statistics": { "upstream_statistics": [ { "queries_succeeded": 0, "queries_failed": 0, "upstream_server": "11.0.0.0" }, { "queries_succeeded": 0, "queries_failed": 0, "upstream_server": "11.2.0.0" } ] }, "used_cache_stats": [ { "node_id": "6f1c310b-aeed-445e-aef9-9722c8967ab8", "used_cache_size": 300, "cached_entries_number": 200 }, { "node_id": "5b171969-1539-4be4-a761-83f46b6a262f", "used_cache_size": 200, "cached_entries_number": 190 } ], "queries_forwarded": 0, "configured_cache_size": 4096, "total_queries": 0 } ], "intent_path": "/infra/tier-0s/tier-01/dns-forwarder" } Required Permissions: read Feature: policy_statistics Additional Errors:

Get current status of tier-0 DNS forwarder

Get current status of tier-0 DNS forwarder.
- no enforcement point path specified: Status will be evaluated on each enforcement
point.
- {enforcement_point_path}: Status will be evaluated only on the given enforcement
point.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/dns-forwarder/status
Request Headers:
n/a
Query Parameters:
PolicyRuntimeOnEpRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/tier-01/dns-forwarder/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateDNSForwarderStatus+

Example Response: { "status_per_enforcement_point": [ { "resource_type": "NsxTDNSForwarderStatus", "enforcement_point_path": "/infra/sites/default/enforcement-points/default", "timestamp": 1537263302625, "status": "UP" }, { "resource_type": "NsxTDNSForwarderStatus", "enforcement_point_path": "/infra/sites/default/enforcement-points/default1", "extra_message": "ERROR status could be an intermediate state during failover between transport nodes. Please recheck the status a few minutes later.", "timestamp": 1537263302625, "status": "ERROR" } ], "intent_path": "/infra/tier-0s/tier-01/dns-forwarder" } Required Permissions: read Feature: policy_statistics Additional Errors:

Create or update the DNS Forwarder

Create or update the DNS Forwarder Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/dns-forwarder
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyDnsForwarder+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-1s/<tier-1-id>/dns-forwarder { "display_name" : "dns-forwarder", "listener_ip" : "5.5.5.5", "default_forwarder_zone_path" : "/infra/dns-forwarder-zones/default-1", "conditional_forwarder_zone_paths" : ["/infra/dns-forwarder-zones/conditional-1"] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dns Additional Errors:

Perform the specified DNS forwarder action

Perform the specified action for Tier0 DNS forwarder on specified enforcement point.
Request:
Method:
POST
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/dns-forwarder
Request Headers:
n/a
Query Parameters:
EPActionForDnsForwarderRequestParameters+
Request Body:
n/a

Example Request: 1. Clear cache POST https://<policy-mgr>/policy/api/v1/infra/tier-0s/tier1/dns-forwarder?action=clear_cache&enforcement_point_path=/infra/sites/default/enforcement-points/ep Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dns Additional Errors:

Read the DNS Forwarder for the given tier-1 instance

Read the DNS Forwarder for the given tier-1 instance Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/dns-forwarder
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/<tier-1-id>/dns-forwarder Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyDnsForwarder+

Example Response: { "resource_type" : "PolicyDnsForwarder", "id" : "dns-forwarder", "display_name" : "dns-forwarder", "path" : "/infra/tier-1s/net-1/dns-forwarder", "parent_path" : "/infra/tier-1s/net-1", "relative_path" : "dns-forwarder", "listener_ip" : "5.5.5.5", "conditional_forwarder_zone_paths" : [ "/infra/dns-forwarder-zones/conditional-1" ], "log_level" : "INFO", "enabled" : true, "default_forwarder_zone_path" : "/infra/dns-forwarder-zones/default-1", "_create_user" : "a;a", "_create_time" : 1517403652195, "_last_modified_user" : "a;a", "_last_modified_time" : 1517403652195, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: read Feature: policy_dns Additional Errors:

Create or update the DNS Forwarder

Create or update the DNS Forwarder Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/dns-forwarder
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyDnsForwarder+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-1s/<tier-1-id>/dns-forwarder { "display_name" : "dns-forwarder", "listener_ip" : "5.5.5.5", "default_forwarder_zone_path" : "/infra/dns-forwarder-zones/default-1", "conditional_forwarder_zone_paths" : ["/infra/dns-forwarder-zones/conditional-1"], "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyDnsForwarder+

Example Response: { "resource_type" : "PolicyDnsForwarder", "id" : "dns-forwarder", "display_name" : "dns-forwarder", "path" : "/infra/tier-1s/net-1/dns-forwarder", "parent_path" : "/infra/tier-1s/net-1", "relative_path" : "dns-forwarder", "listener_ip" : "5.5.5.5", "conditional_forwarder_zone_paths" : [ "/infra/dns-forwarder-zones/conditional-1" ], "log_level" : "INFO", "enabled" : true, "default_forwarder_zone_path" : "/infra/dns-forwarder-zones/default-1", "_create_user" : "a;a", "_create_time" : 1517403652195, "_last_modified_user" : "a;a", "_last_modified_time" : 1517403652195, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: policy_dns Additional Errors:

Delete DNS configuration for tier-1 instance

Delete DNS configuration for tier-1 instance Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/dns-forwarder
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/<tier-1-id>/dns-forwarder Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dns Additional Errors:

Resolve a given address via the dns forwarder at Tier1

Query the nameserver for an ip-address or a FQDN of the given an address optionally using
an specified DNS server. If the address is a fqdn, nslookup will resolve ip-address with it.
If the address is an ip-address, do a reverse lookup and answer fqdn(s).
If enforcement point is specified, then DNS forwarder nslookup answer will get fetched from
specified enforcement point. Otherwise from all enforcement points.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/dns-forwarder/nslookup
Request Headers:
n/a
Query Parameters:
PolicyNsLookupParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier1/dns-forwarder/nslookup?address=vmware.com&enforcement_point_path=/infra/sites/default/enforcement-points/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregatePolicyDnsAnswer+

Example Response: { "dns_answer_per_enforcement_point": [ { "resource_type": "NsxTDnsAnswer", "enforcement_point_path": "/infra/sites/default/enforcement-points/default", "dns_server" : "10.117.0.1#53", "edge_node_id" : "e2fa39aa-f4ca-4781-ac48-60a6c47d34e0", "authoritative_answer" : [ { "name": "vmware.com" "address": "10.113.63.149" } ] } ], "intent_path": "/infra/tier-1s/tier1/dns-forwarder" } Required Permissions: read Feature: policy_dns Additional Errors:

Get tier-1 DNS forwarder statistics

Get statistics of tier-1 DNS forwarder.
- no enforcement point path specified: Statistics will be evaluated on each enforcement
point.
- {enforcement_point_path}: Statistics are evaluated only on the given enforcement point.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/dns-forwarder/statistics
Request Headers:
n/a
Query Parameters:
PolicyRuntimeOnEpRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier-1/dns-forwarder/statistics?enforcement_point_path=/infra/sites/default/enforcement-points/ep1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateDNSForwarderStatistics+

Example Response: { "statistics_per_enforcement_point": [ { "resource_type": "NsxTDNSForwarderStatistics", "enforcement_point_path": "/infra/sites/default/enforcement-points/default", "queries_answered_locally": 0, "conditional_forwarder_statistics": [ { "upstream_statistics": [ { "queries_succeeded": 0, "queries_failed": 0, "upstream_server": "10.0.0.0" }, { "queries_succeeded": 0, "queries_failed": 0, "upstream_server": "10.2.0.0" } ], "domain_names": [ "fqdn1", "fqdn2" ] } ], "default_forwarder_statistics": { "upstream_statistics": [ { "queries_succeeded": 0, "queries_failed": 0, "upstream_server": "11.0.0.0" }, { "queries_succeeded": 0, "queries_failed": 0, "upstream_server": "11.2.0.0" } ] }, "used_cache_stats": [ { "node_id": "6f1c310b-aeed-445e-aef9-9722c8967ab8", "used_cache_size": 300, "cached_entries_number": 200 }, { "node_id": "5b171969-1539-4be4-a761-83f46b6a262f", "used_cache_size": 200, "cached_entries_number": 190 } ], "queries_forwarded": 0, "configured_cache_size": 2048, "total_queries": 0 } ], "intent_path": "/infra/tier-1s/tier-1/dns-forwarder" } Required Permissions: read Feature: policy_statistics Additional Errors:

Get current status of tier-1 DNS forwarder

Get current status of tier-1 DNS forwarder.
- no enforcement point path specified: Status will be evaluated on each enforcement
point.
- {enforcement_point_path}: Status will be evaluated only on the given enforcement
point.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/dns-forwarder/status
Request Headers:
n/a
Query Parameters:
PolicyRuntimeOnEpRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/tier-1/dns-forwarder/status?enforcement_point_path=/infra/sites/default/enforcement-points/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateDNSForwarderStatus+

Example Response: { "status_per_enforcement_point": [ { "resource_type": "NsxTDNSForwarderStatus", "enforcement_point_path": "/infra/sites/default/enforcement-points/default", "timestamp": 1537263302625, "status": "UP" } ], "intent_path": "/infra/tier-1s/tier-1/dns-forwarder" } Required Permissions: read Feature: policy_statistics Additional Errors:

Policy: Networking: IP Management: IP Address Pools

Policy: Networking: IP Management: IP Address Pools: IP Blocks

Associated URIs:

List IpAddressBlocks

Paginated list of IpAddressBlocks.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ip-blocks
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ip-blocks Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpAddressBlockListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "IpAddressBlock", "id": "Finance-block", "display_name": "Finance-block", "path": "/infra/ip-blocks/Finance-block", "parent_path": "/infra/ip-blocks", "relative_path": "Finance-block", "cidr": "192.168.0.0/16", "_create_user": "admin", "_create_time": 1516387911610, "_last_modified_user": "admin", "_last_modified_time": 1516387911610, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_ipam Additional Errors:

Read a IpAddressBlock

Read IpAddressBlock with given Id.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ip-blocks/<ip-block-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ip-blocks/Finance-block Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpAddressBlock+

Example Response: { "resource_type": "IpAddressBlock", "id": "Finance-block", "display_name": "Finance-block", "path": "/infra/ip-blocks/Finance-block", "parent_path": "/infra/ip-blocks", "relative_path": "Finance-block", "cidr": "192.168.0.0/16", "_create_user": "admin", "_create_time": 1516387911610, "_last_modified_user": "admin", "_last_modified_time": 1516387911610, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_ipam Additional Errors:

Create or Replace IpAddressBlock

Create a new IpAddressBlock with given ID if it does not exist.
If IpAddressBlock with given ID already exists, it will update existing instance.
This is a full replace.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/ip-blocks/<ip-block-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpAddressBlock+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/ip-blocks/Finance-block { "display_name": "Finance-block", "description": "Finance-block", "cidr": "192.168.0.0/16", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpAddressBlock+

Example Response: { "resource_type": "IpAddressBlock", "id": "Finance-block", "display_name": "Finance-block", "path": "/infra/ip-blocks/Finance-block", "parent_path": "/infra/ip-blocks", "relative_path": "Finance-block", "cidr": "192.168.0.0/16", "_create_user": "admin", "_create_time": 1516387911610, "_last_modified_user": "admin", "_last_modified_time": 1516387911610, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_ipam Additional Errors:

Delete an IpAddressBlock

Delete the IpAddressBlock with the given id.
Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/ip-blocks/<ip-block-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/ip-blocks/Finance-block Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipam Additional Errors:

Create a new IPBlock

Creates a new IpAddressBlock with specified ID if not already present.
If IpAddressBlock of given ID is already present, then the instance is
updated with specified attributes.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/ip-blocks/<ip-block-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpAddressBlock+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/ip-blocks/Finance-block { "display_name": "Finance-block", "description": "Finance-block Description", "cidr": "192.168.0.0/16" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipam Additional Errors:

Policy: Networking: IP Management: IP Address Pools: IP Pools

Associated URIs:

List IpAddressPools

Paginated list of IpAddressPools.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ip-pools
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ip-pools Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpAddressPoolListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "IpAddressPool", "id": "IpPool-Tenant-1", "display_name": "IpPool-Tenant-1", "path": "/infra/ip-pools/IpPool-Tenant-1", "parent_path": "/infra", "relative_path": "IpPool-Tenant-1", "_create_user": "admin", "_create_time": 1516387911610, "_last_modified_user": "admin", "_last_modified_time": 1516387911610, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_ipam Additional Errors:

Create a new IP address pool

Creates a new IpAddressPool with specified ID if not already present.
If IpAddressPool of given ID is already present, then the instance is
updated. This is a full replace.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/ip-pools/<ip-pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpAddressPool+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/ip-pools/IpPool-Tenant-1 { "display_name": "IpPool-Tenant-1", "description": "IpPool-Tenant-1 Description" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipam Additional Errors:

Delete an IpAddressPool

Delete the IpAddressPool with the given id.
Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/ip-pools/<ip-pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/IpPool-Tenant-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipam Additional Errors:

Create or Replace IpAddressPool

Create a new IpAddressPool with given ID if it does not exist.
If IpAddressPool with given ID already exists, it will update existing instance.
This is a full replace.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/ip-pools/<ip-pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpAddressPool+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/ip-pools/IpPool-Tenant-1 { "display_name": "IPBlock-Tenant-1", "description": "IPBlock-Tenant-1 Description", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpAddressPool+

Example Response: { "resource_type": "IpAddressPool", "id": "IpPool-Tenant-1", "display_name": "IpPool-Tenant-1", "path": "/infra/ip-pools/IpPool-Tenant-1", "parent_path": "/infra", "relative_path": "IpPool-Tenant-1", "_create_user": "admin", "_create_time": 1516387911610, "_last_modified_user": "admin", "_last_modified_time": 1516387911610, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_ipam Additional Errors:

Read an IpAddressPool

Read IpAddressPool with given Id.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ip-pools/<ip-pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ip-pools/IpPool-Tenant-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpAddressPool+

Example Response: { "resource_type": "IpAddressPool", "id": "IpPool-Tenant-1", "display_name": "IpPool-Tenant-1", "path": "/infra/ip-pools/IpPool-Tenant-1", "parent_path": "/infra", "relative_path": "IpPool-Tenant-1", "_create_user": "admin", "_create_time": 1516387911610, "_last_modified_user": "admin", "_last_modified_time": 1516387911610, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_ipam Additional Errors:

List IpAddressPool Allocations

Returns information about which addresses have been allocated from a
specified IP address pool in policy.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ip-pools/<ip-pool-id>/ip-allocations
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ip-pools/IpPool-Tenant-1/ip-allocations Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpAddressAllocationListResult+

Example Response: { "result_count": 2, "results": [ { "resource_type": "IpAddressAllocation", "id": "ip-1-allocation", "display_name": "ip-1-allocation", "path": "/infra/ip-pools/IpPool-Tenant-1/ip-allocations/ip-1-allocation", "relative_path": "ip-1-allocation", "parent_path": "/infra/ip-pools/IpPool-Tenant-1", "marked_for_delete": false, "allocation_ip": "10.0.0.5" "_create_user": "admin", "_create_time": 1543966814544, "_last_modified_user": "admin", "_last_modified_time": 1543966814544, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "IpAddressAllocation", "id": "ip-2-allocation", "display_name": "ip-2-allocation", "path": "/infra/ip-pools/IpPool-Tenant-1/ip-allocations/ip-2-allocation", "relative_path": "ip-2-allocation", "parent_path": "/infra/ip-pools/IpPool-Tenant-1", "marked_for_delete": false, "allocation_ip": "10.0.0.6" "_create_user": "admin", "_create_time": 1543966814545, "_last_modified_user": "admin", "_last_modified_time": 1543966814544, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_ipam Additional Errors:

Records intent to release an IP from an IpPool.

Releases the IP that was allocated for this allocation request
Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/ip-pools/<ip-pool-id>/ip-allocations/<ip-allocation-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/IpPool-Tenant-1/ip-allocations/ip-1-allocation Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipam Additional Errors:

Records intent to allocate an IP Address from an IP Pool

If allocation of the same ID is found, this is a no-op. If no allocation
of the specified ID is found, then a new allocation is created.
An allocation cannot be updated once created.
When an allocation is requested from an IpAddressPool, the IP could be
allocated from any subnet in the pool that has the available capacity.
Request to allocate an IP will fail if no subnet was previously created.
If specific IP was requested, the status of allocation is reflected in the
realized state.
If any IP is requested, the IP finally allocated is obtained by polling on
the realized state until the allocated IP is returned in the extended
attributes.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/ip-pools/<ip-pool-id>/ip-allocations/<ip-allocation-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpAddressAllocation+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/ip-pools/IpPool-Tenant-1/ip-allocations/ip-1-allocation {} Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipam Additional Errors:

Read policy IpPool allocation

Read a previously created allocation
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ip-pools/<ip-pool-id>/ip-allocations/<ip-allocation-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ip-pools/IpPool-Tenant-1/ip-allocations/ip-1-allocation Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpAddressAllocation+

Example Response: { "resource_type": "IpAddressAllocation", "id": "ip-1-allocation", "display_name": "ip-1-allocation", "path": "/infra/ip-pools/IpPool-Tenant-1/ip-allocations/ip-1-allocation", "relative_path": "ip-1-allocation", "parent_path": "/infra/ip-pools/IpPool-Tenant-1", "marked_for_delete": false, "allocation_ip": "10.0.0.5" "_create_user": "admin", "_create_time": 1543966814544, "_last_modified_user": "admin", "_last_modified_time": 1543966814544, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_ipam Additional Errors:

Records intent to allocate an IP Address from an IP Pool

If allocation of the same ID is found, this is a no-op. If no allocation
of the specified ID is found, then a new allocation is created.
An allocation cannot be updated once created.
When an IP allocation is requested from an IpAddressPool, the IP could be
allocated from any subnet in the pool that has the available capacity.
Request to allocate an IP will fail if no subnet was previously created.
If specific IP was requested, the status of allocation is reflected in the
realized state.
If any IP is requested, the IP finally allocated is obtained by polling on
the realized state until the allocated IP is returned in the extended
attributes.
An allocation cannot be updated once created.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/ip-pools/<ip-pool-id>/ip-allocations/<ip-allocation-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpAddressAllocation+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/ip-pools/IpPool-Tenant-1/ip-allocations/ip-1-allocation { "allocation_ip": "10.0.0.5" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpAddressAllocation+

Example Response: { "resource_type": "IpAddressAllocation", "id": "ip-1-allocation", "display_name": "ip-1-allocation", "path": "/infra/ip-pools/IpPool-Tenant-1/ip-allocations/ip-1-allocation", "relative_path": "ip-1-allocation", "parent_path": "/infra/ip-pools/IpPool-Tenant-1", "marked_for_delete": false, "allocation_ip": "10.0.0.5" "_create_user": "admin", "_create_time": 1543966814544, "_last_modified_user": "admin", "_last_modified_time": 1543966814544, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_ipam Additional Errors:

List IpAddressPoolSubnets

Paginated list of IpAddressPoolSubnets.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ip-pools/<ip-pool-id>/ip-subnets
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ip-pools/IpPool-Tenant-1/ip-subnets Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpAddressPoolSubnetListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "IpAddressPoolBlockSubnet", "id": "Subnet-1", "display_name": "Subnet-1", "path": "/infra/ip-pools/IpPool-Tenant-1/ip-subnets/Subnet-1", "parent_path": "/infra/ip-pools/IpPool-Tenant-1/ip-subnets", "relative_path": "Subnet-1", "size": "16", "ip_block_path":"/infra/ip-blocks/Finance-block" "_create_user": "admin", "_create_time": 1516387911610, "_last_modified_user": "admin", "_last_modified_time": 1516387911610, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_ipam Additional Errors:

Create a new IP Subnet

Creates a new IpAddressPoolSubnet with the specified ID if it does not
already exist. If a IpAddressPoolSubnet of the given ID already exists,
IpAddressPoolSubnet will be updated. This is a full replace.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/ip-pools/<ip-pool-id>/ip-subnets/<ip-subnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpAddressPoolBlockSubnet+
IpAddressPoolStaticSubnet+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/ip-pools/IpPool-Tenant-1/ip-subnets/Subnet-1 { "display_name": "Subnet-1", "description": "Subnet-1 Description", "resource_type": "IpAddressPoolBlockSubnet", "size": "16", "ip_block_path":"/infra/ip-blocks/Finance-block" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpAddressPoolBlockSubnet+
IpAddressPoolStaticSubnet+

Example Response: { "resource_type": "IpAddressPoolBlockSubnet", "id": "Subnet-1", "display_name": "Subnet-1", "path": "/infra/ip-pools/IpPool-Tenant-1/ip-subnets/Subnet-1", "parent_path": "/infra/ip-pools/IpPool-Tenant-1", "relative_path": "Subnet-1", "size": "16", "ip_block_path":"/infra/ip-blocks/Finance-block" "_create_user": "admin", "_create_time": 1516387911610, "_last_modified_user": "admin", "_last_modified_time": 1516387911610, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_ipam Additional Errors:

Delete an IpAddressPoolSubnet

Delete the IpAddressPoolSubnet with the given id.
Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/ip-pools/<ip-pool-id>/ip-subnets/<ip-subnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/IpPool-Tenant-1/ip-subnets/Subnet-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipam Additional Errors:

Create a new IP Subnet

Creates a new IpAddressPoolSubnet with the specified ID if it does not
already exist. If a IpAddressPoolSubnet of the given ID already exists,
IpAddressPoolSubnet will be updated. This is a full replace.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/ip-pools/<ip-pool-id>/ip-subnets/<ip-subnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IpAddressPoolBlockSubnet+
IpAddressPoolStaticSubnet+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/ip-pools/IpPool-Tenant-1/ip-subnets/Subnet-1 { "display_name": "Subnet-1", "description": "Subnet-1 Description", "resource_type": "IpAddressPoolBlockSubnet", "size": "16", "IP_block_path":"/infra/ip-blocks/Finance-block" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipam Additional Errors:

Read an IpAddressPoolSubnet

Read IpAddressPoolSubnet with given Id.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ip-pools/<ip-pool-id>/ip-subnets/<ip-subnet-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ip-pools/IpPool-Tenant-1/ip-subnets/Subnet-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IpAddressPoolBlockSubnet+
IpAddressPoolStaticSubnet+

Example Response: { "resource_type": "IpAddressPoolBlockSubnet", "id": "Subnet-1", "display_name": "Subnet-1", "path": "/infra/ip-pools/IpPool-Tenant-1/ip-subnets/Subnet-1", "parent_path": "/infra/ip-pools/IpPool-Tenant-1/ip-subnets", "relative_path": "Subnet-1", "size": "16", "ip_block_path":"/infra/ip-blocks/Finance-block" "_create_user": "admin", "_create_time": 1516387911610, "_last_modified_user": "admin", "_last_modified_time": 1516387911610, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_ipam Additional Errors:

Policy: Networking: IP Management

Policy: Networking: IP Management: IPV6 Profiles

Associated URIs:

List all IPv6 DAD profiles

Paginated list of all DHCP relay config instances
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipv6-dad-profiles
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipv6-dad-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Ipv6DadProfileListResult+

Example Response: { "results": [ { "dad_mode": "LOOSE", "wait_time": 1, "ns_retries": 3, "resource_type": "Ipv6DadProfile", "id": "default", "display_name": "default", "path": "/infra/ipv6-dad-profiles/default", "relative_path": "default", "parent_path": "/infra/ipv6-dad-profiles/default", "marked_for_delete": false, "_create_user": "system", "_create_time": 1553814058782, "_last_modified_user": "system", "_last_modified_time": 1553814058782, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 1, "sort_by": "display_name", "sort_ascending": true } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update IPv6 DAD profile

If profile with the dad-profile-id is not already present,
create a new IPv6 DAD profile instance. If it already exists, replace
the IPv6 DAD profile instance with this object.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/ipv6-dad-profiles/<dad-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Ipv6DadProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/ipv6-dad-profiles/dad1 { "dad_mode": "STRICT", "wait_time": 10, "ns_retries": 9, "resource_type": "Ipv6DadProfile", "id": "dad1", "display_name": "dad1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Ipv6DadProfile+

Example Response: { "dad_mode": "STRICT", "wait_time": 10, "ns_retries": 9, "resource_type": "Ipv6DadProfile", "id": "dad1", "display_name": "dad1", "path": "/infra/ipv6-dad-profiles/dad1", "relative_path": "dad1", "parent_path": "/infra/ipv6-dad-profiles/dad1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1553898809269, "_last_modified_user": "admin", "_last_modified_time": 1553898809269, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Delete IPv6 DAD profile

Delete IPv6 DAD profile Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/ipv6-dad-profiles/<dad-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/ipv6-dad-profiles/dad1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update IPv6 DAD profile

If profile with the dad-profile-id is not already present,
create a new IPv6 DAD profile instance. If it already exists, update
the IPv6 DAD profile instance with specified attributes.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/ipv6-dad-profiles/<dad-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Ipv6DadProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/ipv6-dad-profiles/dad1 { "dad_mode": "STRICT", "wait_time": 10, "ns_retries": 9, "resource_type": "Ipv6DadProfile", "id": "dad1", "display_name": "dad1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Read IPv6 DAD profile

Read IPv6 DAD profile Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipv6-dad-profiles/<dad-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipv6-dad-profiles/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Ipv6DadProfile+

Example Response: { "dad_mode": "LOOSE", "wait_time": 1, "ns_retries": 3, "resource_type": "Ipv6DadProfile", "id": "default", "display_name": "default", "path": "/infra/ipv6-dad-profiles/default", "relative_path": "default", "parent_path": "/infra/ipv6-dad-profiles/default", "marked_for_delete": false, "_create_user": "system", "_create_time": 1553814058782, "_last_modified_user": "system", "_last_modified_time": 1553814058782, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_connectivity Additional Errors:

List all IPv6 NDRA profiles

Paginated list of all DHCP relay config instances
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipv6-ndra-profiles
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipv6-ndra-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Ipv6NdraProfileListResult+

Example Response: { "results": [ { "ra_mode": "SLAAC_DNS_THROUGH_RA", "ra_config": { "ra_interval": 600000, "hop_limit": 64, "router_lifetime": 1800, "prefix_lifetime": 2592000, "prefix_preferred_time": 604800 }, "dns_config": { "domain_name": [], "domain_name_lifetime": 1800000, "dns_server": [], "dns_server_lifetime": 1800000 }, "reachable_timer": 0, "retransmit_interval": 0, "resource_type": "Ipv6NdraProfile", "id": "default", "display_name": "default", "path": "/infra/ipv6-ndra-profiles/default", "relative_path": "default", "parent_path": "/infra/ipv6-ndra-profiles/default", "marked_for_delete": false, "_create_user": "system", "_create_time": 1553803964508, "_last_modified_user": "system", "_last_modified_time": 1553803964508, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "ra_mode": "SLAAC_DNS_THROUGH_RA", "ra_config": { "ra_interval": 400, "hop_limit": 64, "router_lifetime": 1800, "prefix_lifetime": 2592000, "prefix_preferred_time": 604800 }, "dns_config": { "domain_name": [], "domain_name_lifetime": 1800000, "dns_server": [], "dns_server_lifetime": 1800000 }, "reachable_timer": 0, "retransmit_interval": 0, "resource_type": "Ipv6NdraProfile", "id": "ra1", "display_name": "ra1", "path": "/infra/ipv6-ndra-profiles/ra1", "relative_path": "ra1", "parent_path": "/infra/ipv6-ndra-profiles/ra1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1553898363040, "_last_modified_user": "admin", "_last_modified_time": 1553898441728, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ], "result_count": 2, "sort_by": "display_name", "sort_ascending": true } Required Permissions: read Feature: policy_connectivity Additional Errors:

Read IPv6 NDRA profile

Read IPv6 NDRA profile Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipv6-ndra-profiles/<ndra-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipv6-ndra-profiles/ra1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Ipv6NdraProfile+

Example Response: { "ra_mode": "SLAAC_DNS_THROUGH_RA", "ra_config": { "ra_interval": 400, "hop_limit": 64, "router_lifetime": 1800, "prefix_lifetime": 2592000, "prefix_preferred_time": 604800 }, "dns_config": { "domain_name": [], "domain_name_lifetime": 1800000, "dns_server": [], "dns_server_lifetime": 1800000 }, "reachable_timer": 0, "retransmit_interval": 0, "resource_type": "Ipv6NdraProfile", "id": "ra1", "display_name": "ra1", "path": "/infra/ipv6-ndra-profiles/ra1", "relative_path": "ra1", "parent_path": "/infra/ipv6-ndra-profiles/ra1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1553898363040, "_last_modified_user": "admin", "_last_modified_time": 1553898441728, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: read Feature: policy_connectivity Additional Errors:

Create or update IPv6 NDRA profile

If profile with the ndra-profile-id is not already present,
create a new IPv6 NDRA profile instance. If it already exists, update
the IPv6 NDRA profile instance with specified attributes.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/ipv6-ndra-profiles/<ndra-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Ipv6NdraProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/ipv6-ndra-profiles/ra1 { "ra_mode": "SLAAC_DNS_THROUGH_RA", "ra_config": { "ra_interval": 400, "hop_limit": 64, "router_lifetime": 1800, "prefix_lifetime": 2592000, "prefix_preferred_time": 604800 }, "dns_config": { "domain_name": [], "domain_name_lifetime": 1800000, "dns_server": [], "dns_server_lifetime": 1800000 }, "reachable_timer": 0, "retransmit_interval": 0, "resource_type": "Ipv6NdraProfile", "id": "ra1", "display_name": "ra1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Create or update IPv6 NDRA profile

If profile with the ndra-profile-id is not already present,
create a new IPv6 NDRA profile instance. If it already exists, replace
the IPv6 NDRA profile instance with this object.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/ipv6-ndra-profiles/<ndra-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Ipv6NdraProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/ipv6-ndra-profiles/ra1 { "ra_mode": "SLAAC_DNS_THROUGH_RA", "ra_config": { "ra_interval": 600, "hop_limit": 64, "router_lifetime": 1800, "prefix_lifetime": 2592000, "prefix_preferred_time": 604800 }, "dns_config": { "domain_name": [], "domain_name_lifetime": 1800000, "dns_server": [], "dns_server_lifetime": 1800000 }, "reachable_timer": 0, "retransmit_interval": 0, "resource_type": "Ipv6NdraProfile", "id": "ra1", "display_name": "ra1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Ipv6NdraProfile+

Example Response: { "ra_mode": "SLAAC_DNS_THROUGH_RA", "ra_config": { "ra_interval": 600, "hop_limit": 64, "router_lifetime": 1800, "prefix_lifetime": 2592000, "prefix_preferred_time": 604800 }, "dns_config": { "domain_name": [], "domain_name_lifetime": 1800000, "dns_server": [], "dns_server_lifetime": 1800000 }, "reachable_timer": 0, "retransmit_interval": 0, "resource_type": "Ipv6NdraProfile", "id": "ra1", "display_name": "ra1", "path": "/infra/ipv6-ndra-profiles/ra1", "relative_path": "ra1", "parent_path": "/infra/ipv6-ndra-profiles/ra1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1553898363040, "_last_modified_user": "admin", "_last_modified_time": 1553898363040, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_connectivity Additional Errors:

Delete IPv6 NDRA profile

Delete IPv6 NDRA profile Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/ipv6-ndra-profiles/<ndra-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/ipv6-ndra-profiles/ra1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_connectivity Additional Errors:

Policy: Networking: Network Services

Policy: Networking: Network Services: Forwarding Policies

Associated URIs:

List forwarding policies for the given domain

List all forwarding policies for the given domain ordered by precedence.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/forwarding-policies
Request Headers:
n/a
Query Parameters:
SecurityPolicyListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ForwardingPolicyListResult+

Required Permissions: read Feature: policy_forwarding Additional Errors:

Read forwarding policy

Read forwarding policy.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/forwarding-policies/<forwarding-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/domain-1/forwarding-policies/forwarding-policy-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ForwardingPolicy+

Example Response: { "resource_type": "ForwardingPolicy", "description": "forwarding-policy-1", "id": "forwarding-policy-1", "display_name": "forwarding-policy", "path": "/infra/domains/domain1/forwarding-policies/forwarding-policy-1", "relative_path": "forwarding-policy-1000", "service_instance_path": "/infra/service/PAN", "_create_user": "admin", "_create_time": 1513751042428, "_last_modified_user": "admin", "_last_modified_time": 1513856178337, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 4 } Required Permissions: read Feature: policy_forwarding Additional Errors:

Create or update forwarding policy

Create or update the forwarding policy.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/forwarding-policies/<forwarding-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ForwardingPolicy+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/domains/domain-1/forwarding-policies/forwarding-policy-1 { "resource_type": "ForwardingPolicy", "description": "forwarding-policy-1", "id": "forwarding-policy-1", "display_name": "forwarding-policy", "path": "/infra/domains/domain1/forwarding-policies/forwarding-policy-1", "relative_path": "forwarding-policy-1", "_create_user": "admin", "_create_time": 1513751042428, "_last_modified_user": "admin", "_last_modified_time": 1513856178337, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 4 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_forwarding Additional Errors:

Delete forwarding policy

Delete forwarding policy. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/forwarding-policies/<forwarding-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/domains/domain-1/forwarding-policies/forwarding-policy-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_forwarding Additional Errors:

Create or update forwarding policy

Create or update the forwarding policy.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/forwarding-policies/<forwarding-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ForwardingPolicy+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/domains/domain-1/forwarding-policies/forwarding-policy-1 { "resource_type": "ForwardingPolicy", "description": "forwarding-policy-1", "id": "forwarding-policy-1", "display_name": "forwarding-policy", "path": "/infra/domains/domain1/forwarding-policies/forwarding-policy-1", "relative_path": "forwarding-policy-1", "service_instance_path": "/infra/service/PAN", "_create_user": "admin", "_create_time": 1513751042428, "_last_modified_user": "admin", "_last_modified_time": 1513856178337, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 4 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ForwardingPolicy+

Example Response: { "resource_type": "ForwardingPolicy", "description": "forwarding-policy-1", "id": "forwarding-policy-1", "display_name": "forwarding-policy", "path": "/infra/domains/domain1/forwarding-policies/forwarding-policy-1", "relative_path": "forwarding-policy-1", "service_instance_path": "/infra/service/PAN", "_create_user": "admin", "_create_time": 1513751042428, "_last_modified_user": "admin", "_last_modified_time": 1513856178337, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 4 } Required Permissions: crud Feature: policy_forwarding Additional Errors:

List rules

List rules This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/forwarding-policies/<forwarding-policy-id>/rules
Request Headers:
n/a
Query Parameters:
ForwardingRuleListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/domain-1/forwarding-policies/forwarding-policy-1 /rules Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ForwardingRuleListResult+

Example Response: { { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "ForwardingRule", "description": "s3 rule", "id": "rule-1", "display_name": "rule-1", "action":"FORWARD_TO_UNDERLAY", "tags": [], "path": "/infra/domains/domain1/forwarding-policies/forwarding-policy-1000/rules/forwarding-rule-1", "relative_path": "rule-1", "sequence_number": 0, "source_groups": [ "/infra/domains/domain1/groups/srcgrp" ], "services": [ "ANY" ], "logged": false, "destination_groups": [ "/infra/domains/default/groups/S3" ], "_create_user": "admin", "_create_time": 1509362026134, "_last_modified_user": "admin", "_last_modified_time": 1509362026135, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1, "scope" : [ "ANY" ] }] } Required Permissions: read Feature: policy_forwarding Additional Errors:

Delete ForwardingRule

Delete ForwardingRule This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/forwarding-policies/<forwarding-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/domains/domain-1/forwarding-policies/forwarding-policy-1/rules/rule-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_forwarding Additional Errors:

Update forwarding rule

Create a rule with the rule-id is not already present,
otherwise update the rule.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/forwarding-policies/<forwarding-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ForwardingRule+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/domains/domain-1/forwarding-policies/forwarding-policy-1 /rules/forwarding-rule-1 { "resource_type": "ForwardingRule", "description": "s3 rule", "id": "rule-1", "display_name": "rule-1", "action":"FORWARD_TO_UNDERLAY", "tags": [], "path": "/infra/domains/domain1/forwarding-policies/forwarding-policy-1000/rules/forwarding-rule-1", "relative_path": "rule-1", "sequence_number": 0, "source_groups": [ "/infra/domains/domain1/groups/srcgrp" ], "services": [ "ANY" ], "logged": false, "destination_groups": [ "/infra/domains/default/groups/S3" ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_forwarding Additional Errors:

Update forwarding rule

Create a rule with the rule-id is not already present,
otherwise update the rule.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/forwarding-policies/<forwarding-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ForwardingRule+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/domains/domain-1/forwarding-policies/forwarding-policy-1 /rules/forwarding-rule-1 { "resource_type": "ForwardingRule", "description": "s3 rule", "id": "rule-1", "display_name": "rule-1", "action":"FORWARD_TO_UNDERLAY", "tags": [], "path": "/infra/domains/domain1/forwarding-policies/forwarding-policy-1000/rules/forwarding-rule-1", "relative_path": "rule-1", "sequence_number": 0, "source_groups": [ "/infra/domains/domain1/groups/srcgrp" ], "services": [ "ANY" ], "logged": false, "destination_groups": [ "/infra/domains/default/groups/S3" ], "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ForwardingRule+

Example Response: { "resource_type": "ForwardingRule", "description": "s3 rule", "id": "rule-1", "display_name": "rule-1", "action":"FORWARD_TO_UNDERLAY", "tags": [], "path": "/infra/domains/domain1/forwarding-policies/forwarding-policy-1000/rules/forwarding-rule-1", "relative_path": "rule-1", "sequence_number": 0, "source_groups": [ "/infra/domains/domain1/groups/srcgrp" ], "services": [ "ANY" ], "logged": false, "destination_groups": [ "/infra/domains/default/groups/S3" ], "_create_user": "admin", "_create_time": 1509362026134, "_last_modified_user": "admin", "_last_modified_time": 1509362026135, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_forwarding Additional Errors:

Read rule

Read rule This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/forwarding-policies/<forwarding-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/domain-1/forwarding-policies/forwarding-policy-1/rules/rule-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ForwardingRule+

Example Response: { "resource_type": "ForwardingRule", "description": "s3 rule", "id": "rule-1", "display_name": "rule-1", "action":"FORWARD_TO_UNDERLAY", "tags": [], "path": "/infra/domains/domain1/forwarding-policies/forwarding-policy-1000/rules/forwarding-rule-1", "relative_path": "rule-1", "sequence_number": 0, "source_groups": [ "/infra/domains/domain1/groups/srcgrp" ], "services": [ "ANY" ], "logged": false, "destination_groups": [ "/infra/domains/default/groups/S3" ], "_create_user": "admin", "_create_time": 1509362026134, "_last_modified_user": "admin", "_last_modified_time": 1509362026135, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: read Feature: policy_forwarding Additional Errors:

Policy: Networking: Network Services: Load Balancing

Policy: Networking: Network Services: Load Balancing: Load Balancer Pools

Associated URIs:

List LBPools

Paginated list of all LBPools.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-pools
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-pools Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBPoolListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "LBPool", "id": "testPool1", "display_name": "/infra/lb-pools/testPool1", "path": "/infra/lb-pools/testPool1", "parent_path": "/infra/lb-pools/testPool1", "relative_path": "testPool1", "marked_for_delete": false, "member_group": { "port": 80, "group_path": "/infra/domains/testDom/groups/testGroup" }, "active_monitor_paths": [ "/infra/lb-monitor-profiles/default-http-lb-monitor" ], "snat_translation": { "type": "LBSnatAutoMap", "port_overload": 32 }, "tcp_multiplexing_enabled": false, "tcp_multiplexing_number": 6, "min_active_members": 1, "algorithm": "ROUND_ROBIN", "_create_user": "admin", "_create_time": 1531109334077, "_last_modified_user": "admin", "_last_modified_time": 1531109864964, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } ] } Required Permissions: read Feature: policy_lb Additional Errors:

Delete LBPool and all the entities contained by this LBPool

Delete the LBPool along with all the entities contained
by this LBPool.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/lb-pools/<lb-pool-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/lb-pools/myPool Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Create or update a LBPool

If a LBPool with the lb-pool-id is not already present,
create a new LBPool. If it already exists, update the
LBPool. This is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/lb-pools/<lb-pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBPool+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/lb-pools/testPool1 { "active_monitor_paths":[ "/infra/lb-monitor-profiles/default-http-lb-monitor"], "snat_translation": { "type": "LBSnatAutoMap" }, "member_group":{ "group_path":"/infra/domains/testDom/groups/testGroup", "port":80 } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBPool+

Example Response: { "resource_type": "LBPool", "id": "testPool1", "display_name": "/infra/lb-pools/testPool1", "path": "/infra/lb-pools/testPool1", "parent_path": "/infra/lb-pools/testPool1", "relative_path": "testPool1", "marked_for_delete": false, "member_group": { "port": 80, "group_path": "/infra/domains/testDom/groups/testGroup" }, "active_monitor_paths": [ "/infra/lb-monitor-profiles/default-http-lb-monitor" ], "snat_translation": { "type": "LBSnatAutoMap", "port_overload": 32 }, "algorithm": "ROUND_ROBIN", "tcp_multiplexing_enabled": false, "tcp_multiplexing_number": 6, "min_active_members": 1, "_create_user": "admin", "_create_time": 1531109334077, "_last_modified_user": "admin", "_last_modified_time": 1531109864964, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_lb Additional Errors:

Create or update a LBPool

If a LBPool with the lb-pool-id is not already present,
create a new LBPool. If it already exists, update the
LBPool. This is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/lb-pools/<lb-pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBPool+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/lb-pools/myPool { "active_monitor_paths":[ "/infra/lb-monitor-profiles/default-http-lb-monitor"], "snat_translation": { "type": "LBSnatAutoMap" }, "member_group":{ "group_path":"/infra/domains/testDom/groups/testGroup", "port":80 } } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Read LBPool

Read a LBPool.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-pools/<lb-pool-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-pools/myPool Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBPool+

Example Response: { "resource_type": "LBPool", "id": "myPool", "display_name": "/infra/lb-pools/myPool", "path": "/infra/lb-pools/myPool", "parent_path": "/infra/lb-pools/myPool", "relative_path": "myPool", "marked_for_delete": false, "member_group": { "port": 80, "group_path": "/infra/domains/testDom/groups/testGroup" }, "active_monitor_paths": [ "/infra/lb-monitor-profiles/default-http-lb-monitor" ], "snat_translation": { "type": "LBSnatAutoMap", "port_overload": 32 }, "tcp_multiplexing_enabled": false, "tcp_multiplexing_number": 6, "min_active_members": 1, "algorithm": "ROUND_ROBIN", "_create_user": "admin", "_create_time": 1531109334077, "_last_modified_user": "admin", "_last_modified_time": 1531109864964, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: read Feature: policy_lb Additional Errors:

Policy: Networking: Network Services: Load Balancing: Load Balancer Profiles

Policy: Networking: Network Services: Load Balancing: Load Balancer Profiles: Load Balancer Application Profiles

Associated URIs:

List LBAppProfiles

Paginated list of all LBAppProfiles.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-app-profiles
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-app-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBAppProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 3, "results": [ { "resource_type": "LBHttpProfile", "id": "default-http-lb-app-profile", "display_name": "default-http-lb-app-profile", "path": "/infra/lb-app-profiles/default-http-lb-app-profile", "parent_path": "/infra/lb-app-profiles/default-http-lb-app-profile", "relative_path": "default-http-lb-app-profile", "http_redirect_to_https": false, "ntlm": false, "idle_timeout": 15, "request_header_size": 1024, "response_timeout": 60, "response_header_size": 4096, "marked_for_delete": false, "_create_user": "system", "_create_time": 1531098352526, "_last_modified_user": "system", "_last_modified_time": 1531098352526, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "LBFastTcpProfile", "id": "default-tcp-lb-app-profile", "display_name": "default-tcp-lb-app-profile", "path": "/infra/lb-app-profiles/default-tcp-lb-app-profile", "parent_path": "/infra/lb-app-profiles/default-tcp-lb-app-profile", "relative_path": "default-tcp-lb-app-profile", "marked_for_delete": false, "idle_timeout": 1000, "close_timeout": 8, "ha_flow_mirroring_enabled": false, "_create_user": "system", "_create_time": 1531098352604, "_last_modified_user": "system", "_last_modified_time": 1531098352604, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "LBFastUdpProfile", "id": "default-udp-lb-app-profile", "display_name": "default-udp-lb-app-profile", "path": "/infra/lb-app-profiles/default-udp-lb-app-profile", "parent_path": "/infra/lb-app-profiles/default-udp-lb-app-profile", "relative_path": "default-udp-lb-app-profile", "marked_for_delete": false, "idle_timeout": 300, "flow_mirroring_enabled": false, "_create_user": "system", "_create_time": 1531098352626, "_last_modified_user": "system", "_last_modified_time": 1531098352626, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_lb Additional Errors:

Read LBAppProfile

Read a LBAppProfile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-app-profiles/<lb-app-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-app-profiles/default-http-lb-profile Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBFastTcpProfile+
LBFastUdpProfile+
LBHttpProfile+

Example Response: { "resource_type": "LBAppProfile", "id": "default-http-lb-profile", "display_name": "/infra/lb-app-profiles/default-http-lb-profile", "path": "/infra/lb-app-profiles/default-http-lb-profile", "parent_path": "/infra/lb-app-profiles/default-http-lb-profile", "relative_path": "default-http-lb-profile", "http_redirect_to_https": false, "ntlm": false, "idle_timeout": 15, "request_header_size": 1024, "response_timeout": 60, "response_header_size": 4096, "_create_user": "admin", "_create_time": 1516338498235, "_last_modified_user": "admin", "_last_modified_time": 1516338498235, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_lb Additional Errors:

Delete LBAppProfile and all the entities contained by this LBAppProfile

Delete the LBAppProfile along with all the entities contained
by this LBAppProfile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/lb-app-profiles/<lb-app-profile-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/lb-app-profiles/my-http-profile Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Create or update a LBAppProfile

If a LBAppProfile with the lb-app-profile-id is not already present, create
a new LBAppProfile. If it already exists, update the LBAppProfile. This
is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/lb-app-profiles/<lb-app-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBFastTcpProfile+
LBFastUdpProfile+
LBHttpProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/lb-app-profiles/my-http-app-profile { "resource_type": "LBHttpProfile", "x_forwarded_for":"INSERT" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Create or update a LBAppProfile

If a LBAppProfile with the lb-app-profile-id is not already present, create
a new LBAppProfile. If it already exists, update the LBAppProfile. This
is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/lb-app-profiles/<lb-app-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBFastTcpProfile+
LBFastUdpProfile+
LBHttpProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/lb-app-profiles/my-http-profile { "resource_type": "LBHttpProfile", "x_forwarded_for":"INSERT" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBFastTcpProfile+
LBFastUdpProfile+
LBHttpProfile+

Example Response: { "resource_type": "LBHttpProfile", "id": "my-http-profile", "display_name": "my-http-profile", "path": "/infra/lb-app-profiles/my-http-profile", "parent_path": "/infra/lb-app-profiles/my-http-profile", "relative_path": "my-http-profile", "marked_for_delete": false, "x_forwarded_for": "INSERT", "http_redirect_to_https": false, "ntlm": false, "idle_timeout": 15, "request_header_size": 1024, "response_timeout": 60, "response_header_size": 4096, "_create_user": "admin", "_create_time": 1531111619449, "_last_modified_user": "admin", "_last_modified_time": 1531111619449, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_lb Additional Errors:

Policy: Networking: Network Services: Load Balancing: Load Balancer Profiles: Load Balancer Monitor Profiles

Associated URIs:

List LBMonitorProfiles for infra

Paginated list of all LBMonitorProfiles for infra.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-monitor-profiles
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-monitor-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBMonitorProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 6, "results": [ { "resource_type": "LBHttpMonitorProfile", "id": "httpMonitor", "display_name": "/infra/lb-monitor-profiles/httpMonitor", "path": "/infra/lb-monitor-profiles/httpMonitor", "parent_path": "/infra/lb-monitor-profiles/httpMonitor", "relative_path": "httpMonitor", "monitor_port": 80, "interval": 42, "timeout": 14, "rise_count": 4, "fall_count": 4, "request_url": "/default/", "request_method": "GET", "request_version": "HTTP_VERSION_1_1", "response_status_codes": [ 200, 300 ], "_create_user": "admin", "_create_time": 1516320198570, "_last_modified_user": "admin", "_last_modified_time": 1516320198570, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "LBUdpMonitorProfile", "id": "udpMonitor", "display_name": "/infra/lb-monitor-profiles/udpMonitor", "path": "/infra/lb-monitor-profiles/udpMonitor", "parent_path": "/infra/lb-monitor-profiles/udpMonitor", "relative_path": "udpMonitor", "monitor_port": 80, "interval": 42, "timeout": 15, "rise_count": 3, "fall_count": 3, "receive": "recieve_msg", "send": "send_msg", "_create_user": "admin", "_create_time": 1516320209965, "_last_modified_user": "admin", "_last_modified_time": 1516320209965, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "LBHttpMonitorProfile", "id": "default-http-lb-monitor", "display_name": "default-http-lb-monitor", "path": "/infra/lb-monitor-profiles/default-http-lb-monitor", "parent_path": "/infra/lb-monitor-profiles/default-http-lb-monitor", "relative_path": "default-http-lb-monitor", "marked_for_delete": false, "monitor_port": 80, "interval": 5, "timeout": 15, "rise_count": 3, "fall_count": 3, "request_url": "/", "_create_user": "system", "_create_time": 1530036080260, "_last_modified_user": "system", "_last_modified_time": 1530036080260, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "LBHttpsMonitorProfile", "id": "default-https-lb-monitor", "display_name": "default-https-lb-monitor", "path": "/infra/lb-monitor-profiles/default-https-lb-monitor", "parent_path": "/infra/lb-monitor-profiles/default-https-lb-monitor", "relative_path": "default-https-lb-monitor", "marked_for_delete": false, "monitor_port": 443, "interval": 5, "timeout": 15, "rise_count": 3, "fall_count": 3, "request_url": "/", "request_method": "GET", "request_version": "HTTP_VERSION_1_1", "_create_user": "system", "_create_time": 1530036080279, "_last_modified_user": "system", "_last_modified_time": 1530036080279, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "LBIcmpMonitorProfile", "id": "default-icmp-lb-monitor", "display_name": "default-icmp-lb-monitor", "path": "/infra/lb-monitor-profiles/default-icmp-lb-monitor", "parent_path": "/infra/lb-monitor-profiles/default-icmp-lb-monitor", "relative_path": "default-icmp-lb-monitor", "marked_for_delete": false, "interval": 5, "timeout": 15, "rise_count": 3, "fall_count": 3, "data_length": 56, "_create_user": "system", "_create_time": 1530036080320, "_last_modified_user": "system", "_last_modified_time": 1530036080320, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "LBTcpMonitorProfile", "id": "default-tcp-lb-monitor", "display_name": "default-tcp-lb-monitor", "path": "/infra/lb-monitor-profiles/default-tcp-lb-monitor", "parent_path": "/infra/lb-monitor-profiles/default-tcp-lb-monitor", "relative_path": "default-tcp-lb-monitor", "marked_for_delete": false, "interval": 5, "timeout": 15, "rise_count": 3, "fall_count": 3, "_create_user": "system", "_create_time": 1530036080242, "_last_modified_user": "system", "_last_modified_time": 1530036080242, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "max_fails": 5, "timeout": 5, "resource_type": "LBPassiveMonitorProfile", "id": "default-passive-lb-monitor", "display_name": "default-passive-lb-monitor", "path": "/infra/lb-monitor-profiles/default-passive-lb-monitor", "relative_path": "default-passive-lb-monitor", "parent_path": "/infra/lb-monitor-profiles/default-passive-lb-monitor", "marked_for_delete": false, "_create_user": "system", "_create_time": 1543304450707, "_last_modified_user": "system", "_last_modified_time": 1543304450707, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_lb Additional Errors:

Read LBMonitorProfile

Read a LBMonitorProfile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-monitor-profiles/<lb-monitor-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-monitor-profiles/httpMonitor Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBActiveMonitor+
LBHttpMonitorProfile+
LBHttpsMonitorProfile+
LBIcmpMonitorProfile+
LBPassiveMonitorProfile+
LBTcpMonitorProfile+
LBUdpMonitorProfile+

Example Response: { "resource_type": "LBHttpMonitorProfile", "id": "httpMonitor", "display_name": "/infra/lb-monitor-profiles/httpMonitor", "path": "/infra/lb-monitor-profiles/httpMonitor", "parent_path": "/infra/lb-monitor-profiles/httpMonitor", "relative_path": "httpMonitor", "monitor_port": 80, "interval": 9, "timeout": 14, "rise_count": 4, "fall_count": 4, "request_url": "/default/", "request_method": "GET", "request_version": "HTTP_VERSION_1_1", "response_status_codes": [ 200, 300 ], "_create_user": "admin", "_create_time": 1516581593173, "_last_modified_user": "admin", "_last_modified_time": 1516581593173, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_lb Additional Errors:

Create or update a LBMonitorProfile

If a LBMonitorProfile with the lb-monitor-profile-id is not
already present, create a new LBMonitorProfile. If it already exists,
update the LBMonitorProfile. This is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/lb-monitor-profiles/<lb-monitor-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBActiveMonitor+
LBHttpMonitorProfile+
LBHttpsMonitorProfile+
LBIcmpMonitorProfile+
LBPassiveMonitorProfile+
LBTcpMonitorProfile+
LBUdpMonitorProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/lb-monitor-profiles/httpMonitor { "resource_type": "LBHttpMonitorProfile", "monitor_port": 80, "interval": 9, "timeout": 14, "rise_count": 4, "fall_count": 4, "request_url":"/default/", "request_method": "GET", "request_version": "HTTP_VERSION_1_1", "response_status_codes": [ 200, 300 ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Delete LBMonitorProfile and all the entities contained by this LBMonitorProfile

Delete the LBMonitorProfile along with all the entities contained
by this LBMonitorProfile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/lb-monitor-profiles/<lb-monitor-profile-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/lb-monitor-profiles/httpMonitor Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Create or update a LBMonitorProfile

If a LBMonitorProfile with the lb-monitor-profile-id is not
already present, create a new LBMonitorProfile. If it already exists,
update the LBMonitorProfile. This is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/lb-monitor-profiles/<lb-monitor-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBActiveMonitor+
LBHttpMonitorProfile+
LBHttpsMonitorProfile+
LBIcmpMonitorProfile+
LBPassiveMonitorProfile+
LBTcpMonitorProfile+
LBUdpMonitorProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/lb-monitor-profiles/httpMonitor { "resource_type": "LBHttpMonitorProfile", "monitor_port": 80, "interval": 42, "timeout": 14, "rise_count": 4, "fall_count": 4, "request_url":"/default/", "request_method": "GET", "request_version": "HTTP_VERSION_1_1", "response_status_codes": [ 200, 300 ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBActiveMonitor+
LBHttpMonitorProfile+
LBHttpsMonitorProfile+
LBIcmpMonitorProfile+
LBPassiveMonitorProfile+
LBTcpMonitorProfile+
LBUdpMonitorProfile+

Example Response: { "resource_type": "LBHttpMonitorProfile", "id": "httpMonitor", "display_name": "/infra/lb-monitor-profiles/httpMonitor", "path": "/infra/lb-monitor-profiles/httpMonitor", "parent_path": "/infra/lb-monitor-profiles/httpMonitor", "relative_path": "httpMonitor", "monitor_port": 80, "interval": 42, "timeout": 14, "rise_count": 4, "fall_count": 4, "request_url": "/default/", "request_method": "GET", "request_version": "HTTP_VERSION_1_1", "response_status_codes": [ 200, 300 ], "_create_user": "admin", "_create_time": 1516581593173, "_last_modified_user": "admin", "_last_modified_time": 1516581593173, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_lb Additional Errors:

Policy: Networking: Network Services: Load Balancing: Load Balancer Profiles: Load Balancer Persistence Profiles

Associated URIs:

List LBPersistenceProfiles for infra

Paginated list of all LBPersistenceProfiles for infra.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-persistence-profiles
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-persistence-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBPersistenceProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 3, "results": [ { "resource_type": "LBCookiePersistenceProfile", "id": "cookieSharedPersistence", "display_name": "/infra/lb-persistence-profiles/cookieSharedPersistence", "path": "/infra/lb-persistence-profiles/cookieSharedPersistence", "parent_path": "/infra/lb-persistence-profiles/cookieSharedPersistence", "relative_path": "cookieSharedPersistence", "cookie_name": "NSXLB", "cookie_mode": "INSERT", "cookie_fallback": true, "cookie_garble": true, "persistence_shared": true, "_create_user": "admin", "_create_time": 1516320262166, "_last_modified_user": "admin", "_last_modified_time": 1516320262166, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "LBCookiePersistenceProfile", "id": "default-cookie-lb-persistence-profile", "display_name": "/infra/lb-persistence-profiles/default-cookie-lb-persistence-profile", "path": "/infra/lb-persistence-profiles/default-cookie-lb-persistence-profile", "parent_path": "/infra/lb-persistence-profiles/default-cookie-lb-persistence-profile", "relative_path": "default-cookie-lb-persistence-profile", "cookie_name": "NSXLB", "cookie_mode": "INSERT", "cookie_fallback": true, "cookie_garble": true, "persistence_shared": false, "_create_user": "admin", "_create_time": 1516320253128, "_last_modified_user": "admin", "_last_modified_time": 1516320253128, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "LBSourceIpPersistenceProfile", "id": "default-source-ip-lb-persistence-profile", "display_name": "/infra/lb-persistence-profiles/default-source-ip-lb-persistence-profile", "path": "/infra/lb-persistence-profiles/default-source-ip-lb-persistence-profile", "parent_path": "/infra/lb-persistence-profiles/default-source-ip-lb-persistence-profile", "relative_path": "default-source-ip-lb-persistence-profile", "purge": "FULL", "timeout": 300, "persistence_shared": false, "_create_user": "admin", "_create_time": 1516320265151, "_last_modified_user": "admin", "_last_modified_time": 1516320265151, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_lb Additional Errors:

Delete LBPersistenceProfile and all the entities contained by this LBPersistenceProfile

Delete the LBPersistenceProfile along with all the entities
contained by this LBPersistenceProfile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/lb-persistence-profiles/<lb-persistence-profile-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/lb-persistence-profiles/sourceIpPersistence Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Create or update a LBPersistenceProfile

If a LBPersistenceProfile with the lb-persistence-profile-id is not
already present, create a new LBPersistenceProfile. If it already exists,
update the LBPersistenceProfile. This is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/lb-persistence-profiles/<lb-persistence-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBCookiePersistenceProfile+
LBGenericPersistenceProfile+
LBSourceIpPersistenceProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/lb-persistence-profiles/sourceIpPersistence { "resource_type": "LBSourceIpPersistenceProfile" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBCookiePersistenceProfile+
LBGenericPersistenceProfile+
LBSourceIpPersistenceProfile+

Example Response: { "resource_type": "LBSourceIpPersistenceProfile", "id": "sourceIpPersistence", "display_name": "/infra/lb-persistence-profiles/sourceIpPersistence", "path": "/infra/lb-persistence-profiles/sourceIpPersistence", "parent_path": "/infra/lb-persistence-profiles/sourceIpPersistence", "relative_path": "sourceIpPersistence", "purge": "FULL", "timeout": 300, "ha_persistence_mirroring_enabled": false, "persistence_shared": false, "_create_user": "admin", "_create_time": 1516320253128, "_last_modified_user": "admin", "_last_modified_time": 1516320253128, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_lb Additional Errors:

Read LBPersistenceProfile

Read a LBPersistenceProfile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-persistence-profiles/<lb-persistence-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-persistence-profiles/cookieSharedPersistence Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBCookiePersistenceProfile+
LBGenericPersistenceProfile+
LBSourceIpPersistenceProfile+

Example Response: { "resource_type": "LBCookiePersistenceProfile", "id": "cookieSharedPersistence", "display_name": "/infra/lb-persistence-profiles/cookieSharedPersistence", "path": "/infra/lb-persistence-profiles/cookieSharedPersistence", "parent_path": "/infra/lb-persistence-profiles/cookieSharedPersistence", "relative_path": "cookieSharedPersistence", "persistence_shared": true, "cookie_name": "NSXLB", "cookie_mode": "INSERT", "cookie_fallback": true, "cookie_garble": true, "_create_user": "admin", "_create_time": 1516320262166, "_last_modified_user": "admin", "_last_modified_time": 1516320262166, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_lb Additional Errors:

Create or update a LBPersistenceProfile

If a LBPersistenceProfile with the lb-persistence-profile-id is not
already present, create a new LBPersistenceProfile. If it already exists,
update the LBPersistenceProfile. This is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/lb-persistence-profiles/<lb-persistence-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBCookiePersistenceProfile+
LBGenericPersistenceProfile+
LBSourceIpPersistenceProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/lb-persistence-profiles/cookieSharedPersistence { "resource_type": "LBCookiePersistenceProfile", "cookie_name": "NSXLB", "cookie_mode": "INSERT", "cookie_fallback": true, "cookie_garble": true, "persistence_shared": true } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Policy: Networking: Network Services: Load Balancing: Load Balancer Profiles: Load Balancer SSL Profiles

Policy: Networking: Network Services: Load Balancing: Load Balancer Profiles: Load Balancer SSL Profiles: Load Balancer Client SSL Profiles

Associated URIs:

List LBClientSslProfiles

Paginated list of all LBClientSslProfiles.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-client-ssl-profiles
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-client-ssl-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBClientSslProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 3, "results": [ { "cipher_group_label": "BALANCED", "ciphers": [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" ], "protocols": [ "TLS_V1_1", "TLS_V1_2" ], "session_cache_enabled": true, "session_cache_timeout": 300, "prefer_server_ciphers": true, "is_secure": true, "is_fips": true, "resource_type": "LBClientSslProfile", "id": "default-balanced-client-ssl-profile", "display_name": "default-balanced-client-ssl-profile", "path": "/infra/lb-client-ssl-profiles/default-balanced-client-ssl-profile", "relative_path": "default-balanced-client-ssl-profile", "parent_path": "/infra/lb-client-ssl-profiles/default-balanced-client-ssl-profile", "marked_for_delete": false, "_create_user": "system", "_create_time": 1543304450941, "_last_modified_user": "system", "_last_modified_time": 1543304450941, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "cipher_group_label": "HIGH_COMPATIBILITY", "ciphers": [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" ], "protocols": [ "TLS_V1_1", "TLS_V1_2" ], "session_cache_enabled": true, "session_cache_timeout": 300, "prefer_server_ciphers": true, "is_secure": true, "is_fips": true, "resource_type": "LBClientSslProfile", "id": "default-high-compatibility-client-ssl-profile", "display_name": "default-high-compatibility-client-ssl-profile", "path": "/infra/lb-client-ssl-profiles/default-high-compatibility-client-ssl-profile", "relative_path": "default-high-compatibility-client-ssl-profile", "parent_path": "/infra/lb-client-ssl-profiles/default-high-compatibility-client-ssl-profile", "marked_for_delete": false, "_create_user": "system", "_create_time": 1543304450931, "_last_modified_user": "system", "_last_modified_time": 1543304450931, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "cipher_group_label": "HIGH_SECURITY", "ciphers": [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" ], "protocols": [ "TLS_V1_1", "TLS_V1_2" ], "session_cache_enabled": true, "session_cache_timeout": 300, "prefer_server_ciphers": true, "is_secure": true, "is_fips": true, "resource_type": "LBClientSslProfile", "id": "default-high-security-client-ssl-profile", "display_name": "default-high-security-client-ssl-profile", "path": "/infra/lb-client-ssl-profiles/default-high-security-client-ssl-profile", "relative_path": "default-high-security-client-ssl-profile", "parent_path": "/infra/lb-client-ssl-profiles/default-high-security-client-ssl-profile", "marked_for_delete": false, "_create_user": "system", "_create_time": 1543304450957, "_last_modified_user": "system", "_last_modified_time": 1543304450957, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_lb Additional Errors:

Create or update a LBClientSslProfile

If a LBClientSslProfile with the lb-client-ssl-profile-id is not already
present, create a new LBClientSslProfile. If it already exists, update the
LBClientSslProfile. This is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/lb-client-ssl-profiles/<lb-client-ssl-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBClientSslProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/lb-client-ssl-profiles/myClientSslProfile { "resource_type": "LBClientSslProfile", "cipher_group_label":"BALANCED", "session_cache_enabled":false } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Create or update a LBClientSslProfile

If a LBClientSslProfile with the lb-client-ssl-profile-id is not already
present, create a new LBClientSslProfile. If it already exists, update the
LBClientSslProfile. This is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/lb-client-ssl-profiles/<lb-client-ssl-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBClientSslProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/lb-client-ssl-profiles/testClientSslProfile { "resource_type": "LBClientSslProfile", "cipher_group_label":"BALANCED", "session_cache_enabled":false } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBClientSslProfile+

Example Response: { "resource_type": "LBClientSslProfile", "cipher_group_label": "CUSTOM", "ciphers": [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" ], "protocols": [ "TLS_V1_2" ], "session_cache_enabled": true, "session_cache_timeout": 300, "prefer_server_ciphers": true, "is_secure": true, "is_fips": true, "resource_type": "LBClientSslProfile", "id": "testClientSslProfile", "display_name": "testClientSslProfile", "path": "/infra/lb-client-ssl-profiles/testClientSslProfile", "relative_path": "testClientSslProfile", "parent_path": "/infra/lb-client-ssl-profiles/testClientSslProfile", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1543420840714, "_last_modified_user": "admin", "_last_modified_time": 1543420840714, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_lb Additional Errors:

Read LBClientSslProfile

Read a LBClientSslProfile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-client-ssl-profiles/<lb-client-ssl-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-client-ssl-profiles/default-balanced-client-ssl-profile Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBClientSslProfile+

Example Response: { "cipher_group_label": "BALANCED", "ciphers": [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" ], "protocols": [ "TLS_V1_1", "TLS_V1_2" ], "session_cache_enabled": true, "session_cache_timeout": 300, "prefer_server_ciphers": true, "is_secure": true, "is_fips": true, "resource_type": "LBClientSslProfile", "id": "default-balanced-client-ssl-profile", "display_name": "default-balanced-client-ssl-profile", "path": "/infra/lb-client-ssl-profiles/default-balanced-client-ssl-profile", "relative_path": "default-balanced-client-ssl-profile", "parent_path": "/infra/lb-client-ssl-profiles/default-balanced-client-ssl-profile", "marked_for_delete": false, "_create_user": "system", "_create_time": 1543304450941, "_last_modified_user": "system", "_last_modified_time": 1543304450941, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_lb Additional Errors:

Delete LBClientSslProfile and all the entities contained by this LBClientSslProfile

Delete the LBClientSslProfile along with all the entities contained
by this LBClientSslProfile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/lb-client-ssl-profiles/<lb-client-ssl-profile-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/lb-client-ssl-profiles/mySslProfile Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Policy: Networking: Network Services: Load Balancing: Load Balancer Profiles: Load Balancer SSL Profiles: Load Balancer SSL Ciphers And Protocols

Associated URIs:

Retrieve a list of supported SSL ciphers and protocols

Retrieve a list of supported SSL ciphers and protocols.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-ssl-ciphers-and-protocols
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https:///<policy-mgr>/policy/api/v1/infra/lb-ssl-ciphers-and-protocols Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LbSslCipherAndProtocolListResult+

Example Response: { "result_count" : 35, "ciphers" : [ { "cipher" : "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY", "HIGH_SECURITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "cipher_group_labels" : [ "CUSTOM", "HIGH_SECURITY" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_RSA_WITH_AES_256_CBC_SHA", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_RSA_WITH_AES_128_CBC_SHA", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "cipher_group_labels" : [ "CUSTOM", "HIGH_COMPATIBILITY" ], "is_secure" : false, "is_default" : false }, { "cipher" : "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_RSA_WITH_AES_128_CBC_SHA256", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_RSA_WITH_AES_128_GCM_SHA256", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_RSA_WITH_AES_256_CBC_SHA256", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_RSA_WITH_AES_256_GCM_SHA384", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY", "HIGH_SECURITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY", "HIGH_SECURITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "cipher_group_labels" : [ "CUSTOM", "BALANCED", "HIGH_COMPATIBILITY", "HIGH_SECURITY" ], "is_secure" : true, "is_default" : true }, { "cipher" : "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false }, { "cipher" : "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", "cipher_group_labels" : [ "CUSTOM" ], "is_secure" : true, "is_default" : false } ], "protocols" : [ { "protocol" : "SSL_V3", "is_secure" : false, "is_default" : false }, { "protocol" : "TLS_V1", "is_secure" : false, "is_default" : false }, { "protocol" : "TLS_V1_1", "is_secure" : true, "is_default" : true }, { "protocol" : "TLS_V1_2", "is_secure" : true, "is_default" : true } ] } Required Permissions: read Feature: policy_lb Additional Errors:

Policy: Networking: Network Services: Load Balancing: Load Balancer Profiles: Load Balancer SSL Profiles: Load Balancer Server SSL Profiles

Associated URIs:

List LBServerSslProfiles

Paginated list of all LBServerSslProfiles.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-server-ssl-profiles
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-server-ssl-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBServerSslProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 3, "results": [ { "cipher_group_label": "BALANCED", "ciphers": [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" ], "protocols": [ "TLS_V1_1", "TLS_V1_2" ], "session_cache_enabled": true, "is_secure": true, "is_fips": true, "resource_type": "LBServerSslProfile", "id": "default-balanced-server-ssl-profile", "display_name": "default-balanced-server-ssl-profile", "path": "/infra/lb-server-ssl-profiles/default-balanced-server-ssl-profile", "relative_path": "default-balanced-server-ssl-profile", "parent_path": "/infra/lb-server-ssl-profiles/default-balanced-server-ssl-profile", "marked_for_delete": false, "_create_user": "system", "_create_time": 1543304450989, "_last_modified_user": "system", "_last_modified_time": 1543304450989, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "cipher_group_label": "HIGH_COMPATIBILITY", "ciphers": [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" ], "protocols": [ "TLS_V1_1", "TLS_V1_2" ], "session_cache_enabled": true, "is_secure": true, "is_fips": true, "resource_type": "LBServerSslProfile", "id": "default-high-compatibility-server-ssl-profile", "display_name": "default-high-compatibility-server-ssl-profile", "path": "/infra/lb-server-ssl-profiles/default-high-compatibility-server-ssl-profile", "relative_path": "default-high-compatibility-server-ssl-profile", "parent_path": "/infra/lb-server-ssl-profiles/default-high-compatibility-server-ssl-profile", "marked_for_delete": false, "_create_user": "system", "_create_time": 1543304450974, "_last_modified_user": "system", "_last_modified_time": 1543304450974, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "cipher_group_label": "HIGH_SECURITY", "ciphers": [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" ], "protocols": [ "TLS_V1_1", "TLS_V1_2" ], "session_cache_enabled": true, "is_secure": true, "is_fips": true, "resource_type": "LBServerSslProfile", "id": "default-high-security-server-ssl-profile", "display_name": "default-high-security-server-ssl-profile", "path": "/infra/lb-server-ssl-profiles/default-high-security-server-ssl-profile", "relative_path": "default-high-security-server-ssl-profile", "parent_path": "/infra/lb-server-ssl-profiles/default-high-security-server-ssl-profile", "marked_for_delete": false, "_create_user": "system", "_create_time": 1543304450998, "_last_modified_user": "system", "_last_modified_time": 1543304450998, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_lb Additional Errors:

Read LBServerSslProfile

Read a LBServerSslProfile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-server-ssl-profiles/<lb-server-ssl-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-server-ssl-profiles/default-balanced-server-ssl-profile Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBServerSslProfile+

Example Response: { "cipher_group_label": "BALANCED", "ciphers": [ "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" ], "protocols": [ "TLS_V1_1", "TLS_V1_2" ], "session_cache_enabled": true, "is_secure": true, "is_fips": true, "resource_type": "LBServerSslProfile", "id": "default-balanced-server-ssl-profile", "display_name": "default-balanced-server-ssl-profile", "path": "/infra/lb-server-ssl-profiles/default-balanced-server-ssl-profile", "relative_path": "default-balanced-server-ssl-profile", "parent_path": "/infra/lb-server-ssl-profiles/default-balanced-server-ssl-profile", "marked_for_delete": false, "_create_user": "system", "_create_time": 1543304450989, "_last_modified_user": "system", "_last_modified_time": 1543304450989, "_system_owned": true, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_lb Additional Errors:

Create or update a LBServerSslProfile

If a LBServerSslProfile with the lb-server-ssl-profile-id is not already
present, create a new LBServerSslProfile. If it already exists, update the
LBServerSslProfile. This is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/lb-server-ssl-profiles/<lb-server-ssl-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBServerSslProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/lb-server-ssl-profiles/testServerSslProfile { "resource_type": "LBServerSslProfile", "cipher_group_label":"HIGH_SECURITY", "session_cache_enabled":true, "ciphers":[ "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" ], "protocols":[ "TLS_V1_2" ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBServerSslProfile+

Example Response: { "cipher_group_label": "HIGH_SECURITY", "ciphers": [ "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" ], "protocols": [ "TLS_V1_2" ], "session_cache_enabled": true, "is_secure": true, "is_fips": true, "resource_type": "LBServerSslProfile", "id": "testServerSslProfile", "display_name": "testServerSslProfile", "path": "/infra/lb-server-ssl-profiles/testServerSslProfile", "relative_path": "testServerSslProfile", "parent_path": "/infra/lb-server-ssl-profiles/testServerSslProfile", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1543454526012, "_last_modified_user": "admin", "_last_modified_time": 1543454526012, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_lb Additional Errors:

Delete LBServerSslProfile and all the entities contained by this LBServerSslProfile

Delete the LBServerSslProfile along with all the entities contained
by this LBServerSslProfile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/lb-server-ssl-profiles/<lb-server-ssl-profile-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/lb-server-ssl-profiles/mySslProfile Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Create or update a LBServerSslProfile

If a LBServerSslProfile with the lb-server-ssl-profile-id is not already
present, create a new LBServerSslProfile. If it already exists, update the
LBServerSslProfile. This is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/lb-server-ssl-profiles/<lb-server-ssl-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBServerSslProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/lb-server-ssl-profiles/myServerSslProfile { "resource_type": "LBServerSslProfile", "cipher_group_label":"HIGH_SECURITY", "session_cache_enabled":true, } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Policy: Networking: Network Services: Load Balancing: Load Balancer Services

Associated URIs:

List LBService

Paginated list of all LBService.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-services
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-services Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBServiceListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "LBService", "id": "cgwLbService", "display_name": "cgwLbService", "path": "/infra/lb-services/cgwLbService", "parent_path": "/infra", "relative_path": "cgwLbService", "marked_for_delete": false, "size": "SMALL", "error_log_level": "INFO", "access_log_enabled": false, "enabled": true, "_create_user": "admin", "_create_time": 1531109024949, "_last_modified_user": "admin", "_last_modified_time": 1531109024949, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_lb Additional Errors:

Delete LBService and all the entities contained by this LBService

Delete the LBService along with all the entities contained by
this LBService.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/lb-services/<lb-service-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/lb-services/cgwService Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Create or update a LBVirtualServer

If a LBService with the lb-service-id is not already
present, create a new LBService. If it already exists, update the
LBService. This is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/lb-services/<lb-service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBService+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/lb-services/cgwService { "resource_type": "LBService", "enabled": true, "size":"SMALL" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Read LBService

Read an LBService.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-services/<lb-service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-services/cgwService Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBService+

Example Response: { "resource_type": "LBService", "id": "cgwLbService", "display_name": "cgwLbService", "path": "/infra/lb-services/cgwLbService", "parent_path": "/infra", "relative_path": "cgwLbService", "marked_for_delete": false, "size": "SMALL", "error_log_level": "INFO", "access_log_enabled": false, "enabled": true, "_create_user": "admin", "_create_time": 1531109024949, "_last_modified_user": "admin", "_last_modified_time": 1531109024949, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_lb Additional Errors:

Create or update a LBService

If a LBService with the lb-service-id is not already
present, create a new LBService. If it already exists, update the
LBService. This is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/lb-services/<lb-service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBService+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/lb-services/cgwService { "resource_type": "LBService", "enabled": true, "size":"SMALL" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBService+

Example Response: { "resource_type": "LBService", "id": "cgwLbService", "display_name": "cgwLbService", "path": "/infra/lb-services/cgwLbService", "parent_path": "/infra", "relative_path": "cgwLbService", "marked_for_delete": false, "size": "SMALL", "error_log_level": "INFO", "access_log_enabled": false, "enabled": true, "_create_user": "admin", "_create_time": 1531109024949, "_last_modified_user": "admin", "_last_modified_time": 1531109024949, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_lb Additional Errors:

Policy: Networking: Network Services: Load Balancing: Load Balancer Usage

Policy: Networking: Network Services: Load Balancing: Load Balancer Usage: Statistics

Associated URIs:

Get LBPool statistics information

Get LBPoolStatistics information.
- no enforcement point path specified: Information will be aggregated from
each enforcement point.
- {enforcement_point_path}: Information will be retrieved only from the
given enforcement point.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-services/<lb-service-id>/lb-pools/<lb-pool-id>/statistics
Request Headers:
n/a
Query Parameters:
PolicyRuntimeRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateLBPoolStatistics+

Required Permissions: read Feature: policy_statistics Additional Errors:

Get LBVirtualServer statistics information

Get LBVirtualServerStatistics information.
- no enforcement point path specified: Information will be aggregated from
each enforcement point.
- {enforcement_point_path}: Information will be retrieved only from the
given enforcement point.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-services/<lb-service-id>/lb-virtual-servers/<lb-virtual-server-id>/statistics
Request Headers:
n/a
Query Parameters:
PolicyRuntimeRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateLBVirtualServerStatistics+

Required Permissions: read Feature: policy_statistics Additional Errors:

Get LBService statistics information

Get LBServiceStatistics information.
- no enforcement point path specified: Information will be aggregated from
each enforcement point.
- {enforcement_point_path}: Information will be retrieved only from the
given enforcement point.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-services/<lb-service-id>/statistics
Request Headers:
n/a
Query Parameters:
PolicyRuntimeRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateLBServiceStatistics+

Required Permissions: read Feature: policy_statistics Additional Errors:

Policy: Networking: Network Services: Load Balancing: Load Balancer Usage: Status

Associated URIs:

Get LBService status information

Get LBService detailed status information.
- no enforcement point path specified: Information will be aggregated from
each enforcement point.
- {enforcement_point_path}: Information will be retrieved only from the
given enforcement point.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-services/<lb-service-id>/detailed-status
Request Headers:
n/a
Query Parameters:
PolicyRuntimeRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateLBServiceStatus+

Required Permissions: read Feature: policy_statistics Additional Errors:

Get LBPool status information

Get LBPool detailed status information.
- no enforcement point path specified: Information will be aggregated from
each enforcement point.
- {enforcement_point_path}: Information will be retrieved only from the
given enforcement point.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-services/<lb-service-id>/lb-pools/<lb-pool-id>/detailed-status
Request Headers:
n/a
Query Parameters:
PolicyRuntimeRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateLBPoolStatus+

Required Permissions: read Feature: policy_statistics Additional Errors:

Get LBVirtualServer status information

Get LBVirtualServer detailed status information.
- no enforcement point path specified: Information will be aggregated from
each enforcement point.
- {enforcement_point_path}: Information will be retrieved only from the
given enforcement point.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-services/<lb-service-id>/lb-virtual-servers/<lb-virtual-server-id>/detailed-status
Request Headers:
n/a
Query Parameters:
PolicyRuntimeRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateLBVirtualServerStatus+

Required Permissions: read Feature: policy_statistics Additional Errors:

Policy: Networking: Network Services: Load Balancing: Load Balancer Usage: Usage

Associated URIs:

Read load balancer usage for the given node

API is used to retrieve node usage for load balancer which contains basic
information, LB entity usages and capacities for the given node.
Currently only edge node is supported.
The parameter ?node_path= is required. For example, ?node_path=
/infra/sites/default/enforcement-points/default/edge-clusters/
85175e0b-4d74-461d-83e1-f3b785adef9c/edge-nodes/
86e077c0-449f-11e9-87c8-02004eb37029.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-node-usage
Request Headers:
n/a
Query Parameters:
LBNodeUsageRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBEdgeNodeUsage+

Required Permissions: read Feature: policy_statistics Additional Errors:

Read load balancer node usage summary

The API is used to retrieve the load balancer node usage summary of all
nodes for every enforcement point.
- If the parameter ?include_usages=true exists, the property node_usages
are included in response. By default, the property node_usages is not
included in response.
- If parameter ?enforcement_point_path= exists,
only node usage summary from specific enforcement point is included
in response. If no enforcement point path is specified, information will
be aggregated from each enforcement point.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-node-usage-summary
Request Headers:
n/a
Query Parameters:
LBNodeUsageSummaryRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateLBNodeUsageSummary+

Required Permissions: read Feature: policy_statistics Additional Errors:

Read load balancer service usage summary

API is used to retrieve the load balancer usage summary for
all load balancer services.
If the parameter ?include_usages=true exists, the property service-usages
is included in the response. By default, service-usages is not included
in the response.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-service-usage-summary
Request Headers:
n/a
Query Parameters:
LBUsageSummaryRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBServiceUsageSummary+

Required Permissions: read Feature: policy_statistics Additional Errors:

Get LBService usage information

Get LBServiceUsage information.
- no enforcement point path specified: Information will be aggregated from
each enforcement point.
- {enforcement_point_path}: Information will be retrieved only from the
given enforcement point.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-services/<lb-service-id>/service-usage
Request Headers:
n/a
Query Parameters:
PolicyRuntimeRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateLBServiceUsage+

Required Permissions: read Feature: policy_statistics Additional Errors:

Policy: Networking: Network Services: Load Balancing: Load Balancer Virtual Servers

Associated URIs:

List LBVirtualServers

Paginated list of all LBVirtualServers.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-virtual-servers
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-virtual-servers Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBVirtualServerListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "LBVirtualServer", "id": "httpsVirtualServer", "display_name": "httpsVirtualServer", "path": "/infra/lb-virtual-servers/httpsVirtualServer", "parent_path": "/infra/lb-virtual-servers/httpsVirtualServer", "relative_path": "httpsVirtualServer", "marked_for_delete": false, "enabled": true, "application_profile_path": "/infra/lb-app-profiles/default-http-lb-app-profile", "client_ssl_profile_binding": { "ssl_profile_path": "/infra/lb-client-ssl-profiles/default-balanced-client-ssl-profile", "default_certificate_path": "/infra/certificates/selfSignedCert" }, "ip_address": "30.1.2.4", "ports": [ "80" ], "access_log_enabled": true, "_create_user": "admin", "_create_time": 1531108882118, "_last_modified_user": "admin", "_last_modified_time": 1531108882118, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_lb Additional Errors:

Read LBVirtualServer

Read a LBVirtualServer.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/lb-virtual-servers/<lb-virtual-server-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/lb-virtual-server/tcpVirtualServer Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBVirtualServer+

Example Response: { "resource_type": "LBVirtualServer", "id": "tcpVs1", "display_name": "tcpVirtualServer", "path": "/infra/lb-virtual-servers/tcpVirtualServer", "parent_path": "/infra/lb-virtual-servers/tcpVirtualServer", "relative_path": "tcpVirtualServer", "marked_for_delete": false, "enabled": true, "application_profile_path": "/infra/lb-app-profiles/default-tcp-lb-app-profile", "ip_address": "30.1.1.1", "ports": [ "1019" ], "access_log_enabled": false, "_create_user": "admin", "_create_time": 1531108363743, "_last_modified_user": "admin", "_last_modified_time": 1531108363743, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_lb Additional Errors:

Create or update a LBVirtualServer

If a LBVirtualServer with the lb-virtual-server-id is not already
present, create a new LBVirtualServer. If it already exists, update the
LBVirtualServer. This is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/lb-virtual-servers/<lb-virtual-server-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBVirtualServer+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/lb-virtual-server/tcpVirtualServer { "resource_type": "LBVirtualServer", "ip_address":"30.1.1.1", "ports": ["1019"], "application_profile_path": "/infra/lb-app-profiles/default-tcp-lb-app-profile" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Delete LBVirtualServer and all the entities contained by this LBVirtualServer

Delete the LBVirtualServer along with all the entities contained by
this LBVirtualServer.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/lb-virtual-servers/<lb-virtual-server-id>
Request Headers:
n/a
Query Parameters:
DeleteRequestParameters+
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/lb-virtual-servers/httpVirtualServer Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Example Response: 200 OK Required Permissions: crud Feature: policy_lb Additional Errors:

Create or update a LBVirtualServer

If a LBVirtualServer with the lb-virtual-server-id is not already
present, create a new LBVirtualServer. If it already exists, update the
LBVirtualServer. This is a full replace.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/lb-virtual-servers/<lb-virtual-server-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
LBVirtualServer+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/lb-virtual-servers/tcpVirtualServer { "resource_type": "LBVirtualServer", "ip_address":"30.1.1.1", "ports": ["1019"], "application_profile_path": "/infra/lb-app-profiles/default-tcp-lb-app-profile" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
LBVirtualServer+

Example Response: { "resource_type": "LBVirtualServer", "id": "tcpVirtualServer", "display_name": "tcpVirtualServer", "path": "/infra/lb-virtual-servers/tcpVirtualServer", "parent_path": "/infra/lb-virtual-servers/tcpVirtualServer", "relative_path": "tcpVirtualServer", "marked_for_delete": false, "enabled": true, "application_profile_path": "/infra/lb-app-profiles/default-tcp-lb-app-profile", "ip_address": "30.1.1.1", "ports": [ "1019" ], "access_log_enabled": false, "_create_user": "admin", "_create_time": 1531108363743, "_last_modified_user": "admin", "_last_modified_time": 1531108363743, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_lb Additional Errors:

Policy: Networking: Network Services: NAT

Associated URIs:

List NAT Rules

List NAT Rules from Tier-0 denoted by Tier-0 ID, under NAT section denoted by <nat-id>. Under tier-0 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/nat/<nat-id>/nat-rules
Request Headers:
n/a
Query Parameters:
PolicyNatRuleListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_provider-demo/nat/USER/nat-rules Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyNatRuleListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 3, "results": [ { "resource_type": "PolicyNatRule", "description": "Example of a NAT rule", "id": "MyNATRule", "display_name": "MyNATRule", "path": "/infra/tier-0s/vmc_provider-demo/nat/USER/nat-rules/MyNATRule", "parent_path": "/infra/tier-0s/vmc_provider-demo/nat/USER", "relative_path": "MyNATRule", "sequence_number": 1, "service": "", "scope": [], "action": "REFLEXIVE", "source_network": "10.117.5.73", "translated_network": "192.168.1.1", "enabled": true, "logging": false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "_create_user": "admin", "_create_time": 1516015559976, "_last_modified_user": "admin", "_last_modified_time": 1516015559976, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "PolicyNatRule", "description": "Example of a NAT rule", "id": "MyNATRule3", "display_name": "MyNATRule3", "path": "/infra/tier-0s/vmc_provider-demo/nat/USER/nat-rules/MyNATRule3", "parent_path": "/infra/tier-0s/vmc_provider-demo/nat/USER", "relative_path": "MyNATRule3", "sequence_number": 10, "service": "/infra/services/AD_Server", "scope": [], "action": "DNAT", "translated_ports": "80-82", "destination_network": "10.117.5.19", "translated_network": "192.168.1.1", "enabled": true, "logging": false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "_create_user": "admin", "_create_time": 1516084472276, "_last_modified_user": "admin", "_last_modified_time": 1516084472276, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "PolicyNatRule", "description": "Example of a NAT rule", "id": "MyNATRuleDemo", "display_name": "MyNATRuleDemo", "path": "/infra/tier-0s/vmc_provider-demo/nat/USER/nat-rules/MyNATRuleDemo", "parent_path": "/infra/tier-0s/vmc_provider-demo/nat/USER", "relative_path": "MyNATRuleDemo", "sequence_number": 10, "service": "/infra/services/AD_Server", "scope": [ "infra/tier-0s/provider1/local-services/localService1/interfaces/internet" ], "action": "DNAT", "translated_ports": "80-82", "destination_network": "10.117.5.19", "translated_network": "192.168.1.1", "enabled": true, "logging": false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "_create_user": "admin", "_create_time": 1516181809835, "_last_modified_user": "admin", "_last_modified_time": 1516181809835, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_nat_rules Additional Errors:

Update NAT Rule

Update NAT Rule on Tier-0 denoted by Tier-0 ID, under NAT section denoted by <nat-id>. Under tier-0 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/nat/<nat-id>/nat-rules/<nat-rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyNatRule+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_provider-demo/nat/USER/nat-rules/MyNATRuleDemo { "display_name" : "MyNATRuleDemo", "description" : "Example of a NAT rule", "action" : "DNAT", "destination_network" : "10.117.5.19", "service": "/infra/services/AD_Server", "translated_network" : "192.168.1.1", "translated_ports" : "80-82", "sequence_number" : 10, "scope" : ["infra/tier-0s/provider1/local-services/localService1/interfaces/internet"], "enabled": true, "logging" : false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyNatRule+

Example Response: { "resource_type": "PolicyNatRule", "description": "Example of a NAT rule", "id": "MyNATRuleDemo", "display_name": "MyNATRuleDemo", "path": "/infra/tier-0s/vmc_provider-demo/nat/USER/nat-rules/MyNATRuleDemo", "parent_path": "/infra/tier-0s/vmc_provider-demo/nat/USER", "relative_path": "MyNATRuleDemo", "sequence_number": 10, "service": "/infra/services/AD_Server", "scope": [ "infra/tier-0s/provider1/local-services/localService1/interfaces/internet" ], "action": "DNAT", "translated_ports": "80-82", "destination_network": "10.117.5.19", "translated_network": "192.168.1.1", "enabled" : true, "logging" : false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "_create_user": "admin", "_create_time": 1516181809835, "_last_modified_user": "admin", "_last_modified_time": 1516181809835, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_nat_rules Additional Errors:

Delete NAT Rule

Delete NAT Rule from Tier-0 denoted by Tier-0 ID, under NAT section denoted by <nat-id>. Under tier-0 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/nat/<nat-id>/nat-rules/<nat-rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_provider-demo/nat/USER/nat-rules/MyNATRule4 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_nat_rules Additional Errors:

Create or update a NAT Rule on tier-0

If a NAT Rule is not already present on Tier-0 denoted by Tier-0 ID,
under NAT section denoted by <nat-id>, create a new NAT Rule.
If it already exists, update the NAT Rule.
Under tier-0 there will be 3 different NATs(sections).
(INTERNAL, USER and DEFAULT)
For more details related to NAT section please refer to PolicyNAT schema.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/nat/<nat-id>/nat-rules/<nat-rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyNatRule+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_provider-demo/nat/USER/nat-rules/MyNATRuleDemo { "display_name" : "MyNATRuleDemo", "description" : "Example of a NAT rule", "action" : "DNAT", "destination_network" : "10.117.5.19", "service": "/infra/services/AD_Server", "translated_network" : "192.168.1.1", "translated_ports" : "80-82", "sequence_number" : 10, "scope" : ["infra/tier-0s/provider1/local-services/localService1/interfaces/internet"], "enabled": true, "logging" : false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_nat_rules Additional Errors:

Get NAT Rule

Get NAT Rule from Tier-0 denoted by Tier-0 ID, under NAT section
denoted by <nat-id>.
Under tier-0 there will be 3 different NATs(sections).
(INTERNAL, USER and DEFAULT)
For more details related to NAT section please refer to PolicyNAT schema.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/nat/<nat-id>/nat-rules/<nat-rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc_provider-demo/nat/USER/nat-rules/MyNATRule3 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyNatRule+

Example Response: { "resource_type": "PolicyNatRule", "description": "Example of a NAT rule", "id": "MyNATRule3", "display_name": "MyNATRule3", "path": "/infra/tier-0s/vmc_provider-demo//nat/USER/nat-rules/MyNATRule3", "parent_path": "/infra/tier-0s/vmc_provider-demo/nat/USER", "relative_path": "MyNATRule3", "sequence_number": 10, "service": "/infra/services/AD_Server", "enabled": true, "logging": false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "scope": [], "action": "DNAT", "translated_ports": "80-82", "destination_network": "10.117.5.19", "translated_network": "192.168.1.1", "_create_user": "admin", "_create_time": 1516084472276, "_last_modified_user": "admin", "_last_modified_time": 1516084472276, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_nat_rules Additional Errors:

Get NAT Rule Statistics

Get NAT Rule Statistics from Tier-0 denoted by Tier-0 ID, under NAT section
denoted by <nat-id>.
Under tier-0 there will be 3 different NATs(sections).
(INTERNAL, USER and DEFAULT)
For more details related to NAT section please refer to PolicyNAT schema.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/nat/<nat-id>/nat-rules/<nat-rule-id>/statistics
Request Headers:
n/a
Query Parameters:
StatisticsRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyNatRuleStatisticsListResult+

Example Response: { "results": [ { "rule_path": "/infra/tier-0s/provider/nat/USER/nat-rules/1", "enforcement_point_path": "/infra/sites/default/enforcement-points/default", "rule_statistics": [ { "total_bytes": 0, "active_sessions": 0, "total_packets": 0, "last_update_timestamp": 1537502752201 }, { "total_bytes": 0, "active_sessions": 0, "total_packets": 0, "last_update_timestamp": 1537502753915 } ] } ] } Required Permissions: read Feature: policy_nat_rules Additional Errors:

List NAT Rules Statistics

List NAT Rules Statistics from Tier-0 denoted by Tier-0 ID. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/nat/statistics
Request Headers:
n/a
Query Parameters:
PolicyNatRuleStatisticsListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyNatRuleStatisticsPerLogicalRouterListResult+

Example Response: { "results": [ { "router_path": "/infra/tier-0s/provider", "last_update_timestamp": 1537451344028, "enforcement_point_path": "/infra/sites/default/enforcement-points/default", "statistics": { "total_bytes": 0, "active_sessions": 0, "total_packets": 0 }, "per_node_statistics": [ { "total_bytes": 0, "active_sessions": 0, "total_packets": 0, "transport_node_path": "/infra/sites/default/enforcement-points/default/edge-clusters/2253f301-a0d5-4797-bc7d-4c1a0de5832c/edge-nodes/a25d425e-bc09-11e8-b13d-000c29906046", "last_update_timestamp": 1537451344028 } ] } ] } Required Permissions: read Feature: policy_nat_rules Additional Errors:

List NAT Rules

List NAT Rules from Tier-1 denoted by Tier-1 ID, under NAT section denoted by <nat-id>. Under tier-1 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/nat/<nat-id>/nat-rules
Request Headers:
n/a
Query Parameters:
PolicyNatRuleListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/vmc_network-demo/nat/USER/nat-rules Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyNatRuleListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 3, "results": [ { "resource_type": "PolicyNatRule", "description": "Example of a NAT rule", "id": "MyNATRule", "display_name": "MyNATRule", "path": "/infra/tier-1s/vmc_network-demo/nat/USER/nat-rules/MyNATRule", "parent_path": "/infra/tier-1s/vmc_network-demo/nat/USER", "relative_path": "MyNATRule", "sequence_number": 1, "service": "", "scope": [], "action": "REFLEXIVE", "enabled" : true, "logging" : false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "source_network": "10.117.5.73", "translated_network": "192.168.1.1", "_create_user": "admin", "_create_time": 1516015559976, "_last_modified_user": "admin", "_last_modified_time": 1516015559976, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "PolicyNatRule", "description": "Example of a NAT rule", "id": "MyNATRule3", "display_name": "MyNATRule3", "path": "/infra/tier-1s/vmc_network-demo/nat/USER/nat-rules/MyNATRule3", "parent_path": "/infra/tier-1s/vmc_network-demo/nat/USER", "relative_path": "MyNATRule3", "sequence_number": 10, "service": "/infra/services/AD_Server", "scope": [], "action": "DNAT", "enabled" : true, "logging" : false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "translated_ports": "80-82", "destination_network": "10.117.5.19", "translated_network": "192.168.1.1", "_create_user": "admin", "_create_time": 1516084472276, "_last_modified_user": "admin", "_last_modified_time": 1516084472276, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "PolicyNatRule", "description": "Example of a NAT rule", "id": "MyNATRuleDemo", "display_name": "MyNATRuleDemo", "path": "/infra/tier-1s/vmc_network-demo/nat/USER/nat-rules/MyNATRuleDemo", "parent_path": "/infra/tier-1s/vmc_network-demo/nat/USER", "relative_path": "MyNATRuleDemo", "sequence_number": 10, "service": "/infra/services/AD_Server", "scope": [ "infra/tier-0s/tier-0-vmc/interfaces/internet" ], "action": "DNAT", "enabled" : true, "logging" : false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "translated_ports": "80-82", "destination_network": "10.117.5.19", "translated_network": "192.168.1.1", "_create_user": "admin", "_create_time": 1516181809835, "_last_modified_user": "admin", "_last_modified_time": 1516181809835, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_nat_rules Additional Errors:

Delete NAT Rule

Delete NAT Rule from Tier-1 denoted by Tier-1 ID, under NAT section denoted by <nat-id>. Under tier-1 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/nat/<nat-id>/nat-rules/<nat-rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/vmc_network-demo/nat/USER/nat-rules/MyNATRule4 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_nat_rules Additional Errors:

Update NAT Rule

Update NAT Rule on Tier-1 denoted by Tier-1 ID, under NAT section denoted by <nat-id>. Under tier-1 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/nat/<nat-id>/nat-rules/<nat-rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyNatRule+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-1s/vmc_network-demo/nat/USER/nat-rules/MyNATRuleDemo { "display_name" : "MyNATRuleDemo", "description" : "Example of a NAT rule", "action" : "DNAT", "destination_network" : "10.117.5.19", "service": "/infra/services/AD_Server", "translated_network" : "192.168.1.1", "translated_ports" : "80-82", "sequence_number" : 10, "enabled" : true, "logging" : false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "scope" : ["infra/tier-0s/tier-0-vmc/interfaces/internet"], "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyNatRule+

Example Response: { "resource_type": "PolicyNatRule", "description": "Example of a NAT rule", "id": "MyNATRuleDemo", "display_name": "MyNATRuleDemo", "path": "/infra/tier-1s/vmc_network-demo/nat/USER/nat-rules/MyNATRuleDemo", "parent_path": "/infra/tier-1s/vmc_network-demo/nat/USER", "relative_path": "MyNATRuleDemo", "sequence_number": 10, "service": "/infra/services/AD_Server", "scope": [ "infra/tier-0s/tier-0-vmc/interfaces/internet" ], "action": "DNAT", "translated_ports": "80-82", "destination_network": "10.117.5.19", "translated_network": "192.168.1.1", "enabled" : true, "logging" : false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "_create_user": "admin", "_create_time": 1516181809835, "_last_modified_user": "admin", "_last_modified_time": 1516181809835, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_nat_rules Additional Errors:

Get NAT Rule

Get NAT Rule from Tier-1 denoted by Tier-1 ID, under NAT section
denoted by <nat-id>.
Under tier-1 there will be 3 different NATs(sections).
(INTERNAL, USER and DEFAULT)
For more details related to NAT section please refer to PolicyNAT schema.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/nat/<nat-id>/nat-rules/<nat-rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/vmc_network-demo/nat/USER/nat-rules/MyNATRule3 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyNatRule+

Example Response: { "resource_type": "PolicyNatRule", "description": "Example of a NAT rule", "id": "MyNATRule3", "display_name": "MyNATRule3", "path": "/infra/tier-1s/vmc_network-demo/nat/USER/nat-rules/MyNATRule3", "parent_path": "/infra/tier-1s/vmc_network-demo/nat/USER", "relative_path": "MyNATRule3", "sequence_number": 10, "service": "/infra/services/AD_Server", "scope": [], "action": "DNAT", "translated_ports": "80-82", "destination_network": "10.117.5.19", "translated_network": "192.168.1.1", "enabled" : true, "logging" : false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "_create_user": "admin", "_create_time": 1516084472276, "_last_modified_user": "admin", "_last_modified_time": 1516084472276, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_nat_rules Additional Errors:

Create or update a Nat Rule

If a NAT Rule is not already present on Tier-1 denoted by Tier-1 ID,
under NAT section denoted by <nat-id>, create a new NAT Rule.
If it already exists, update the NAT Rule.
Under tier-1 there will be 3 different NATs(sections).
(INTERNAL, USER and DEFAULT)
For more details related to NAT section please refer to PolicyNAT schema.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/nat/<nat-id>/nat-rules/<nat-rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyNatRule+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-1s/vmc_network-demo/nat/USER/nat-rules/MyNATRuleDemo { "display_name" : "MyNATRuleDemo", "description" : "Example of a NAT rule", "action" : "DNAT", "destination_network" : "10.117.5.19", "service": "/infra/services/AD_Server", "translated_network" : "192.168.1.1", "translated_ports" : "80-82", "sequence_number" : 10, "enabled" : true, "logging" : false, "firewall_match" : "MATCH_EXTERNAL_ADDRESS", "scope" : ["infra/tier-0s/tier-0-vmc/interfaces/internet"], "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_nat_rules Additional Errors:

Get NAT Rule Statistics

Get NAT Rule Statistics from Tier-1 denoted by Tier-1 ID, under NAT section
denoted by <nat-id>.
Under tier-1 there will be 3 different NATs(sections).
(INTERNAL, USER and DEFAULT)
For more details related to NAT section please refer to PolicyNAT schema.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/nat/<nat-id>/nat-rules/<nat-rule-id>/statistics
Request Headers:
n/a
Query Parameters:
StatisticsRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyNatRuleStatisticsListResult+

Example Response: { "results": [ { "rule_path": "/infra/tier-1s/network/nat/USER/nat-rules/1", "enforcement_point_path": "/infra/sites/default/enforcement-points/default", "rule_statistics": [ { "total_bytes": 0, "active_sessions": 0, "total_packets": 0, "last_update_timestamp": 1537502752201 }, { "total_bytes": 0, "active_sessions": 0, "total_packets": 0, "last_update_timestamp": 1537502753915 } ] } ] } Required Permissions: read Feature: policy_nat_rules Additional Errors:

List NAT Rules Statistics

List NAT Rules Statistics from Tier-1 denoted by Tier-1 ID. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/nat/statistics
Request Headers:
n/a
Query Parameters:
PolicyNatRuleStatisticsListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyNatRuleStatisticsPerLogicalRouterListResult+

Example Response: { "results": [ { "router_path": "/infra/tier-1s/network", "last_update_timestamp": 1537451344028, "enforcement_point_path": "/infra/sites/default/enforcement-points/default", "statistics": { "total_bytes": 0, "active_sessions": 0, "total_packets": 0 }, "per_node_statistics": [ { "total_bytes": 0, "active_sessions": 0, "total_packets": 0, "transport_node_path": "/infra/sites/default/enforcement-points/default/edge-clusters/2253f301-a0d5-4797-bc7d-4c1a0de5832c/edge-nodes/a25d425e-bc09-11e8-b13d-000c29906046", "last_update_timestamp": 1537451344028 } ] } ] } Required Permissions: read Feature: policy_nat_rules Additional Errors:

Policy: Networking: Network Services: VPN: IPSEC

Policy: Networking: Network Services: VPN: IPSEC: DPD Profiles

Associated URIs:

List DPD profiles

Get paginated list of all DPD Profiles. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipsec-vpn-dpd-profiles
Request Headers:
n/a
Query Parameters:
IPSecVpnDpdProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipsec-vpn-dpd-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnDpdProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ "resource_type" : "IPSecVpnDpdProfile", "path": "/infra/ipsec-vpn-dpd-profiles/aws-dpd-profile", "enabled" : true, "dpd_probe_interval" : 90, "_create_time" : 1517289492627, "_last_modified_user" : "system", "_last_modified_time" : 1517289492627, "_system_owned" : false, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 3 } ] } Required Permissions: read Feature: policy_vpn Additional Errors:

Create or fully replace a custom IPSec tunnel Profile

Create or patch dead peer detection (DPD) profile. Any change in profile affects all sessions consuming this profile. System will be provisioned with system owned editable default DPD profile. Any change in profile affects all sessions consuming this profile. Revision is optional for creation and required for update. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/ipsec-vpn-dpd-profiles/<dpd-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVpnDpdProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/ipsec-vpn-dpd-profiles/aws-dpd-profile { "resource_type" : "IPSecVpnDpdProfile", "display_name" : "aws-dpd-profile", "enabled" : true, "dpd_probe_interval" : 90, "_revision" : 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnDpdProfile+

Example Response: { "resource_type" : "IPSecVpnDpdProfile", "display_name" : "aws-dpd-profile", "path": "/infra/ipsec-vpn-dpd-profiles/aws-dpd-profile", "enabled" : true, "dpd_probe_interval" : 90, "_create_time" : 1517289492627, "_last_modified_user" : "system", "_last_modified_time" : 1517289492627, "_system_owned" : false, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: crud Feature: policy_vpn Additional Errors:

Get dead peer detection (DPD) profile

Get custom dead peer detection (DPD) profile, given the particular id. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipsec-vpn-dpd-profiles/<dpd-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipsec-vpn-dpd-profiles/aws-dpd-profile Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnDpdProfile+

Example Response: { "resource_type" : "IPSecVpnDpdProfile", "display_name" : "aws-tunnel-profile", "path": "/infra/ipsec-vpn-dpd-profiles/aws-dpd-profile", "enabled" : true, "dpd_probe_interval" : 90, "_create_time" : 1517289492627, "_last_modified_user" : "system", "_last_modified_time" : 1517289492627, "_system_owned" : false, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: read Feature: policy_vpn Additional Errors:

Create or patch a custom DPD Profile

Create or patch dead peer detection (DPD) profile. Any change in profile affects all sessions consuming this profile. System will be provisioned with system owned editable default DPD profile. Any change in profile affects all sessions consuming this profile. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/ipsec-vpn-dpd-profiles/<dpd-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVpnDpdProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/ipsec-vpn-dpd-profiles/aws-dpd-profile { "resource_type" : "IPSecVpnDpdProfile", "display_name" : "aws-dpd-profile", "enabled" : true, "dpd_probe_interval" : 90 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Delete custom dead peer detection (DPD) profile

Delete custom dead peer detection (DPD) profile. Profile can not be deleted if profile has references to it. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/ipsec-vpn-dpd-profiles/<dpd-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/ipsec-vpn-dpd-profiles/aws-dpd-profile Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Policy: Networking: Network Services: VPN: IPSEC: IKE Profiles

Associated URIs:

List IKE profiles

Get paginated list of all IKE Profiles. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipsec-vpn-ike-profiles
Request Headers:
n/a
Query Parameters:
IPSecVpnIkeProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipsec-vpn-ike-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnIkeProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ "resource_type" : "IPSecVpnIkeProfile", "path": "/infra/ipsec-vpn-ike-profiles/aws-ike-profile", "encryption_algorithms" : [ "AES_128" ], "ike_version" : "IKE_V1", "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 86400, "dh_groups" : [ "GROUP14" ], "_create_time" : 1517289492627, "_last_modified_user" : "system", "_last_modified_time" : 1517289492627, "_system_owned" : false, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 3 } ] } Required Permissions: read Feature: policy_vpn Additional Errors:

Create or patch a custom internet key exchange (IKE) Profile

Create or patch custom internet key exchange (IKE) Profile. IKE Profile is a reusable profile that captures IKE and phase one negotiation parameters. System will be pre provisioned with system owned editable default IKE profile and suggested set of profiles that can be used for peering with popular remote peers like AWS VPN. User can create custom profiles as needed. Any change in profile affects all sessions consuming this profile. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/ipsec-vpn-ike-profiles/<ike-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVpnIkeProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/ipsec-vpn-ike-profiles/aws-ike-profile { "resource_type" : "IPSecVpnIkeProfile", "display_name" : "aws-ike-profile", "encryption_algorithms" : [ "AES_128" ], "ike_version" : "IKE_FLEX", "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 86400, "dh_groups" : [ "GROUP14" ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Get IKE Profile

Get custom IKE Profile, given the particular id. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipsec-vpn-ike-profiles/<ike-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipsec-vpn-ike-profiles/aws-ike-profile Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnIkeProfile+

Example Response: { "resource_type" : "IPSecVpnIkeProfile", "display_name" : "aws-ike-profile", "path": "/infra/ipsec-vpn-ike-profiles/aws-ike-profile", "encryption_algorithms" : [ "AES_128" ], "ike_version" : "IKE_V1", "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 86400, "dh_groups" : [ "GROUP14" ], "_create_time" : 1517289492627, "_last_modified_user" : "system", "_last_modified_time" : 1517289492627, "_system_owned" : false, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: read Feature: policy_vpn Additional Errors:

Delete custom IKE Profile

Delete custom IKE Profile. Profile can not be deleted if profile has references to it. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/ipsec-vpn-ike-profiles/<ike-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/ipsec-vpn-ike-profiles/aws-ike-profile Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Create or fully replace a custom internet key exchange (IKE) Profile

Create or fully replace custom internet key exchange (IKE) Profile. IKE Profile is a reusable profile that captures IKE and phase one negotiation parameters. System will be pre provisioned with system owned editable default IKE profile and suggested set of profiles that can be used for peering with popular remote peers like AWS VPN. User can create custom profiles as needed. Any change in profile affects all sessions consuming this profile. Revision is optional for creation and required for update. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/ipsec-vpn-ike-profiles/<ike-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVpnIkeProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/ipsec-vpn-ike-profiles/aws-ike-profile { "resource_type" : "IPSecVpnIkeProfile", "display_name" : "aws-ike-profile", "encryption_algorithms" : [ "AES_128" ], "ike_version" : "IKE_V1", "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 86400, "dh_groups" : [ "GROUP14" ], "_revision" : 2, } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnIkeProfile+

Example Response: { "resource_type" : "IPSecVpnIkeProfile", "display_name" : "aws-ike-profile", "path": "/infra/ipsec-vpn-ike-profiles/aws-ike-profile", "encryption_algorithms" : [ "AES_128" ], "ike_version" : "IKE_V1", "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 86400, "dh_groups" : [ "GROUP14" ], "_create_time" : 1517289492627, "_last_modified_user" : "system", "_last_modified_time" : 1517289492627, "_system_owned" : false, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: crud Feature: policy_vpn Additional Errors:

Policy: Networking: Network Services: VPN: IPSEC: IPSEC Profiles

Associated URIs:

List IPSec tunnel profiles

Get paginated list of all IPSec tunnel Profiles. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipsec-vpn-tunnel-profiles
Request Headers:
n/a
Query Parameters:
IPSecVpnTunnelProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipsec-vpn-tunnel-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnTunnelProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ "resource_type" : "IPSecVpnTunnelProfile", "path": "/infra/ipsec-vpn-tunnel-profiles/aws-tunnel-profile", "enable_perfect_forward_secrecy" : true, "encryption_algorithms" : [ "AES_128" ], "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 3600, "dh_groups" : [ "GROUP14" ], "df_policy" : "COPY", "_create_time" : 1517289492627, "_last_modified_user" : "system", "_last_modified_time" : 1517289492627, "_system_owned" : false, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 3 } ] } Required Permissions: read Feature: policy_vpn Additional Errors:

Create or patch a custom IPSec tunnel Profile

Create or patch custom IPSec tunnel profile. IPSec tunnel profile is a reusable profile that captures phase two negotiation parameters and tunnel properties. System will be provisioned with system owned editable default IPSec tunnel profile. Any change in profile affects all sessions consuming this profile. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/ipsec-vpn-tunnel-profiles/<tunnel-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVpnTunnelProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/ipsec-vpn-tunnel-profiles/aws-tunnel-profile { "resource_type" : "IPSecVpnTunnelProfile", "display_name" : "aws-tunnel-profile", "enable_perfect_forward_secrecy" : true, "encryption_algorithms" : [ "AES_128" ], "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 3600, "dh_groups" : [ "GROUP14" ], "df_policy" : "COPY" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Create or fully replace a custom IPSec tunnel Profile

Create or fully replace custom IPSec tunnel profile. IPSec tunnel profile is a reusable profile that captures phase two negotiation parameters and tunnel properties. System will be provisioned with system owned editable default IPSec tunnel profile. Any change in profile affects all sessions consuming this profile. Revision is optional for creation and required for update. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/ipsec-vpn-tunnel-profiles/<tunnel-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVpnTunnelProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/ipsec-vpn-tunnel-profiles/aws-tunnel-profile { "resource_type" : "IPSecVpnTunnelProfile", "display_name" : "aws-tunnel-profile", "enable_perfect_forward_secrecy" : true, "encryption_algorithms" : [ "AES_128" ], "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 3600, "dh_groups" : [ "GROUP14" ], "df_policy" : "COPY" "_revision" : 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnTunnelProfile+

Example Response: { "resource_type" : "IPSecVpnTunnelProfile", "display_name" : "aws-tunnel-profile", "path": "/infra/ipsec-vpn-ike-profiles/aws-tunnel-profile", "enable_perfect_forward_secrecy" : true, "encryption_algorithms" : [ "AES_128" ], "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 3600, "dh_groups" : [ "GROUP14" ], "df_policy" : "COPY", "_create_time" : 1517289492627, "_last_modified_user" : "system", "_last_modified_time" : 1517289492627, "_system_owned" : false, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: crud Feature: policy_vpn Additional Errors:

Get IPSec tunnel Profile

Get custom IPSec tunnel Profile, given the particular id. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipsec-vpn-tunnel-profiles/<tunnel-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipsec-vpn-tunnel-profiles/aws-tunnel-profile Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnTunnelProfile+

Example Response: { "resource_type" : "IPSecVpnTunnelProfile", "display_name" : "aws-tunnel-profile", "path": "/infra/ipsec-vpn-tunnel-profiles/aws-tunnel-profile", "enable_perfect_forward_secrecy" : true, "encryption_algorithms" : [ "AES_128" ], "digest_algorithms" : [ "SHA2_256" ], "sa_life_time" : 3600, "dh_groups" : [ "GROUP14" ], "df_policy" : "COPY", "_create_time" : 1517289492627, "_last_modified_user" : "system", "_last_modified_time" : 1517289492627, "_system_owned" : false, "_create_user" : "system", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: read Feature: policy_vpn Additional Errors:

Delete custom IPSec tunnel Profile

Delete custom IPSec tunnel Profile. Profile can not be deleted if profile has references to it. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/ipsec-vpn-tunnel-profiles/<tunnel-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/ipsec-vpn-tunnel-profiles/aws-tunnel-profile Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Policy: Networking: Network Services: VPN: IPSEC: Local Endpoints

Associated URIs:

Get IPSec VPN local endpoint list result

Get paginated list of all IPSec VPN local endpoints
for a given locale service under Tier-0.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/local-endpoints
Request Headers:
n/a
Query Parameters:
IPSecVpnLocalEndpointListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/local-endpoints Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnLocalEndpointListResult+

Example Response: { "result_count" : 1, "results" : [ { "resource_type" : "IPSecVpnLocalEndpoint", "path" : "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "description" : "Local endpoint 1", "display_name" : "Local endpoint 1", "local_id": "40.40.40.1", "local_address" : "40.40.40.1", "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 3 } ] } Required Permissions: read Feature: policy_vpn Additional Errors:

Create or fully replace IPSec VPN local endpoint

Create or fully replace IPSec VPN local endpoint
for a given locale service under Tier-0.
Revision is optional for creation and required for update.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/local-endpoints/<local-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVpnLocalEndpoint+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le { "resource_type": "IPSecVpnLocalEndpoint", "description" : "Local endpoint 1", "display_name" : "Local endpoint 1", "local_id" : "40.40.40.1", "local_address" : "40.40.40.1", "_revision": 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnLocalEndpoint+

Example Response: { "resource_type" : "IPSecVpnLocalEndpoint", "path" : "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "description" : "Local endpoint 1", "display_name" : "Local endpoint 1", "local_id" : "40.40.40.1", "local_address" : "40.40.40.1", "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: crud Feature: policy_vpn Additional Errors:

Delete IPSec VPN local endpoint

Delete IPSec VPN local endpoint for a given locale
service under Tier-0.
Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/local-endpoints/<local-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Create or patch a custom IPSec VPN local endpoint

Create or patch a custom IPSec VPN local endpoint
for a given locale service under Tier-0.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/local-endpoints/<local-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVpnLocalEndpoint+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le { "resource_type" : "IPSecVpnLocalEndpoint", "description" : "Local endpoint 1", "display_name" : "Local endpoint 1", "local_id" : "40.40.40.1", "local_address" : "40.40.40.1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Get IPSec VPN local endpoint

Get IPSec VPN local endpoint for a given locale
service under Tier-0.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/local-endpoints/<local-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnLocalEndpoint+

Example Response: { "resource_type" : "IPSecVpnLocalEndpoint", "path" : "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "description" : "Local endpoint 1", "display_name" : "Local endpoint 1", "local_id" : "40.40.40.1", "local_address" : "40.40.40.1", "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: read Feature: policy_vpn Additional Errors:

Get IPSec VPN local endpoint list result

Get paginated list of all IPSec VPN local endpoints
for a given locale service under Tier-1.
This API is only available when using VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/local-endpoints
Request Headers:
n/a
Query Parameters:
IPSecVpnLocalEndpointListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/local-endpoints Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnLocalEndpointListResult+

Example Response: { "result_count" : 1, "results" : [ { "resource_type" : "IPSecVpnLocalEndpoint", "path" : "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "description" : "Local endpoint 1", "display_name" : "Local endpoint 1", "local_id": "40.40.40.1", "local_address" : "40.40.40.1", "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 3 } ] } Required Permissions: read Feature: policy_vpn Additional Errors:

Get IPSec VPN local endpoint

Get IPSec VPN local endpoint for a given locale
service under Tier-1.
This API is only available when using VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/local-endpoints/<local-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnLocalEndpoint+

Example Response: { "resource_type" : "IPSecVpnLocalEndpoint", "path" : "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "description" : "Local endpoint 1", "display_name" : "Local endpoint 1", "local_id" : "40.40.40.1", "local_address" : "40.40.40.1", "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: read Feature: policy_vpn Additional Errors:

Create or fully replace IPSec VPN local endpoint

Create or fully replace IPSec VPN local endpoint
for a given locale service under Tier-1.
Revision is optional for creation and required for update.
This API is only available when using VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/local-endpoints/<local-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVpnLocalEndpoint+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le { "resource_type": "IPSecVpnLocalEndpoint", "description" : "Local endpoint 1", "display_name" : "Local endpoint 1", "local_id" : "40.40.40.1", "local_address" : "40.40.40.1", "_revision": 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnLocalEndpoint+

Example Response: { "resource_type" : "IPSecVpnLocalEndpoint", "path" : "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "description" : "Local endpoint 1", "display_name" : "Local endpoint 1", "local_id" : "40.40.40.1", "local_address" : "40.40.40.1", "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: crud Feature: policy_vpn Additional Errors:

Create or patch a custom IPSec VPN local endpoint

Create or patch a custom IPSec VPN local endpoint for a given locale service under Tier-1. This API is only available when using VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/local-endpoints/<local-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVpnLocalEndpoint+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le { "resource_type" : "IPSecVpnLocalEndpoint", "description" : "Local endpoint 1", "display_name" : "Local endpoint 1", "local_id" : "40.40.40.1", "local_address" : "40.40.40.1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Delete IPSec VPN local endpoint

Delete IPSec VPN local endpoint for a given locale
service under Tier-1.
This API is only available when using VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/local-endpoints/<local-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Policy: Networking: Network Services: VPN: IPSEC: Services

Associated URIs:

Get IPSec VPN service list result

Get paginated list of all IPSec VPN services
for given locale service under Tier-0.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services
Request Headers:
n/a
Query Parameters:
IPSecVpnServiceListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnServiceListResult+

Example Response: { "result_count" : 1, "results" : [ { "resource_type" : "IPSecVpnService", "path" : "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default", "ike_log_level" : "ERROR", "enabled" : false, "bypass_rules" : [], "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 3 } ] } Required Permissions: read Feature: policy_vpn Additional Errors:

Create or patch IPSec VPN service

Create or patch IPSec VPN service for given locale
service under Tier-0.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVpnService+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default { "resource_type": "IPSecVpnService", "ike_log_level": "ERROR", "enabled": true } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Delete IPSec VPN service

Delete IPSec VPN service for given locale
service under Tier-0.
Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Create or fully replace IPSec VPN service

Create or fully replace IPSec VPN service for given
locale service under Tier-0.
Revision is optional for creation and required for update.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVpnService+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default { "resource_type" : "IPSecVpnService", "ike_log_level" : "ERROR", "enabled" : true, "_revision" : 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnService+

Example Response: { "resource_type" : "IPSecVpnService", "path" : "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default", "ike_log_level" : "ERROR", "enabled" : false, "bypass_rules" : [], "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: crud Feature: policy_vpn Additional Errors:

Get IPSec VPN service

Get IPSec VPN service for given locale
service under Tier-0.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnService+

Example Response: { "resource_type" : "IPSecVpnService", "path" : "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default", "ike_log_level" : "ERROR", "enabled" : false, "bypass_rules" : [], "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: read Feature: policy_vpn Additional Errors:

Get IPSec VPN service list result

Get paginated list of all IPSec VPN services
for a given locale service under Tier-1.
This API is only available when using VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services
Request Headers:
n/a
Query Parameters:
IPSecVpnServiceListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnServiceListResult+

Example Response: { "result_count" : 1, "results" : [ { "resource_type" : "IPSecVpnService", "path" : "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default", "enabled" : false, "bypass_rules" : [], "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 3 } ] } Required Permissions: read Feature: policy_vpn Additional Errors:

Delete IPSec VPN service

Delete IPSec VPN service for a given locale service under Tier-1. This API is only available when using VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Get IPSec VPN service

Get IPSec VPN service for a given locale
service under Tier-1.
This API is only available when using VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnService+

Example Response: { "resource_type" : "IPSecVpnService", "path" : "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default", "enabled" : false, "bypass_rules" : [], "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: read Feature: policy_vpn Additional Errors:

Create or patch IPSec VPN service

Create or patch IPSec VPN service for a given locale
service under Tier-1.
This API is only available when using VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVpnService+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default { "resource_type": "IPSecVpnService", "enabled": true } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Create or fully replace IPSec VPN service

Create or fully replace IPSec VPN service
for a given locale service under Tier-1.
Revision is optional for creation and required for update.
This API is only available when using VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPSecVpnService+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default { "resource_type" : "IPSecVpnService", "enabled" : true, "_revision" : 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnService+

Example Response: { "resource_type" : "IPSecVpnService", "path" : "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default", "enabled" : false, "bypass_rules" : [], "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: crud Feature: policy_vpn Additional Errors:

Policy: Networking: Network Services: VPN: IPSEC: Sessions

Associated URIs:

Get IPSec VPN sessions list result

Get paginated list of all IPSec VPN sessions
for a given locale service under Tier-0.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions
Request Headers:
n/a
Query Parameters:
IPSecVpnSessionListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnSessionListResult+

Example Response: { "result_count" : 1, "results" : [ { "resource_type": "RouteBasedIPSecVpnSession", "display_name" : "rbs-1", "description" : "Route based vpn session 1", "path": "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1", "parent_path": "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default", "relative_path": "rbs-1", "enabled" : true, "connection_initiation_mode" : "INITIATOR", "authentication_mode" : "PSK", "tunnel_profile_path" : "/infra/ipsec-vpn-tunnel-profiles/custom-tunnel-profile", "dpd_profile_path" : "/infra/ipsec-vpn-dpd-profiles/custom-dpd-profile", "ike_profile_path" : "/infra/ipsec-vpn-ike-profiles/custom-ike-profile", "local_endpoint_path" : "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "peer_address" : "2.1.4.1", "peer_id" : "2.1.4.1", "tunnel_interfaces" : [ { "resource_type" : "IPSecVpnTunnelInterface", "path": "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1/interfaces/default-tunnel-interface", "parent_path": "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1", "relative_path": "default-tunnel-interface", "ip_subnets" : [ { "ip_addresses" : [ "169.90.50.1" ], "prefix_length" : 30 } ], "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision" : 2, } ], "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: policy_vpn Additional Errors:

Create or patch an IPSec VPN session

Create or patch an IPSec VPN session for
a given locale service under Tier-0.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyBasedIPSecVpnSession+
RouteBasedIPSecVpnSession+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1 { "resource_type": "PolicyBasedIPSecVpnSession", "description": "Policy based vpn session 1", "display_name": "pbs-1", "enabled" : true, "connection_initiation_mode" : "INITIATOR", "authentication_mode" : "PSK", "tunnel_profile_path" : "/infra/ipsec-vpn-tunnel-profiles/custom-tunnel-profile", "dpd_profile_path" : "/infra/ipsec-vpn-dpd-profiles/custom-dpd-profile", "ike_profile_path" : "/infra/ipsec-vpn-ike-profiles/custom-ike-profile", "local_endpoint_path" : "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "psk" : "test", "peer_address" : "2.1.4.1", "peer_id" : "2.1.4.1", "rules" : [ { "resource_type": "IPSecVpnRule", "id": "custom-rule-1", "sources": [ { "subnet" : "10.0.2.0/24" }, { "subnet" : "10.0.1.0/24" } ], "destinations" : [ { "subnet" : "10.1.1.0/24" } ], "enabled" : true, "logged" : true, "action": "PROTECT" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Get IPSec VPN Session

Get IPSec VPN session without sensitive data
for a given locale service under Tier-0.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyBasedIPSecVpnSession+
RouteBasedIPSecVpnSession+

Example Response: { "resource_type": "PolicyBasedIPSecVpnSession", "description": "Policy based vpn session 1", "display_name": "pbs-1", "enabled" : true, "connection_initiation_mode" : "INITIATOR", "authentication_mode" : "PSK", "tunnel_profile_path" : "/infra/ipsec-vpn-tunnel-profiles/custom-tunnel-profile", "dpd_profile_path" : "/infra/ipsec-vpn-dpd-profiles/custom-dpd-profile", "ike_profile_path" : "/infra/ipsec-vpn-ike-profiles/custom-ike-profile", "local_endpoint_path" : "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "peer_address" : "2.1.4.1", "peer_id" : "2.1.4.1", "rules" : [ { "resource_type": "IPSecVpnRule", "id": "custom-rule-1", "path": "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1/rules/custom-rule-1", "parent_path": "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1", "relative_path": "custom-rule-1", "sources": [ { "subnet" : "10.0.2.0/24" }, { "subnet" : "10.0.1.0/24" } ], "destinations" : [ { "subnet" : "10.1.1.0/24" } ], "enabled" : true, "logged" : true, "action": "PROTECT", "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: policy_vpn Additional Errors:

Delete IPSec VPN session

Delete IPSec VPN session for a given locale
service under Tier-0.
Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Create or fully replace IPSec VPN session

Create or fully replace IPSec VPN session for a given
locale service under Tier-0.
Revision is optional for creation and required for update.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyBasedIPSecVpnSession+
RouteBasedIPSecVpnSession+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1 { "resource_type": "RouteBasedIPSecVpnSession", "display_name" : "rbs-1", "description" : "Route based vpn session 1", "enabled" : true, "connection_initiation_mode" : "INITIATOR", "authentication_mode" : "PSK", "tunnel_profile_path" : "/infra/ipsec-vpn-tunnel-profiles/custom-tunnel-profile", "dpd_profile_path" : "/infra/ipsec-vpn-dpd-profiles/custom-dpd-profile", "ike_profile_path" : "/infra/ipsec-vpn-ike-profiles/custom-ike-profile", "local_endpoint_path" : "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "psk" : "test", "peer_address" : "2.1.4.1", "peer_id" : "2.1.4.1", "tunnel_interfaces" : [ { "ip_subnets" : [ { "ip_addresses" : [ "169.90.50.1" ], "prefix_length" : 30 } ], "_revision" : 2, } ], "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyBasedIPSecVpnSession+
RouteBasedIPSecVpnSession+

Example Response: { "resource_type": "RouteBasedIPSecVpnSession", "display_name" : "rbs-1", "description" : "Route based vpn session 1", "path": "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1", "parent_path": "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default", "relative_path": "rbs-1", "enabled" : true, "connection_initiation_mode" : "INITIATOR", "authentication_mode" : "PSK", "tunnel_profile_path" : "/infra/ipsec-vpn-tunnel-profiles/custom-tunnel-profile", "dpd_profile_path" : "/infra/ipsec-vpn-dpd-profiles/custom-dpd-profile", "ike_profile_path" : "/infra/ipsec-vpn-ike-profiles/custom-ike-profile", "local_endpoint_path" : "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "psk" : "test", "peer_address" : "2.1.4.1", "peer_id" : "2.1.4.1", "tunnel_interfaces" : [ { "resource_type" : "IPSecVpnTunnelInterface", "path": "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1/interfaces/default-tunnel-interface", "parent_path": "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1", "relative_path": "default-tunnel-interface", "ip_subnets" : [ { "ip_addresses" : [ "169.90.50.1" ], "prefix_length" : 30 } ], "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision" : 2, } ], "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: policy_vpn Additional Errors:

Get IPSec VPN configuration for the peer site

Download IPSec VPN configuration for the peer site. Peer config also
contains PSK; be careful when sharing or storing it.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>/peer-config
Request Headers:
n/a
Query Parameters:
PolicyRuntimeOnEpRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1/peer-config Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/plain; charset=utf-8
Response Body:
string

Example Response: # Suggestive peer configuration for Policy IPSec VPN # # IPSec VPN path : /infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1/peer-config # IPSec VPN name : rbs-1 # IPSec VPN description : # Tier 0 path : /infra/tier-0s/ext_net # # Enforcement point path : /infra/deployment-zones/default/enforcement-points/nsxt # Enforcement point type : NSXT # # Suggestive peer configuration for IPSec VPN Connection # # IPSecVPNSession Id : aafeb845-e2fa-4c86-9f0e-43c5ed3ef707 # IPSecVPNSession name : PROVIDER.ext_net.pa-paris-rb-vpn # IPSecVPNSession description: # IPSecVPNSession enabled : true # IPSecVPNSession type : Route based VPN # Logical router Id : d58beabb-853c-473c-ad8d-34bd9c644692 # Generated Time : Tue Apr 03 14:21:13 GMT 2018 # # Internet Key Exchange Configuration [Phase 1] # Configure the IKE SA as outlined below IKE version : IKE_V2 Connection initiation mode : INITIATOR Authentication method : PSK Pre shared key : 12345 Authentication algorithm : [SHA2_256] Encryption algorithm : [AES_128] SA life time : 86400 Negotiation mode : Not applicable for ikev2 DH group : [GROUP14] # IPsec_configuration [Phase 2] # Configure the IPsec SA as outlined below Transform Protocol : ESP Authentication algorithm : [] Sa life time : 3600 Encryption algorithm : [AES_GCM_128] Encapsulation mode : TUNNEL_MODE Enable perfect forward secrecy : true Perfect forward secrecy DH group: [GROUP14] # IPsec Dead Peer Detection (DPD) settings DPD enabled : true DPD probe interval : 60 # Peer configuration Peer address : 88.88.72.22 # Peer gateway public IP. Peer id : 88.88.72.22 Peer Subnet : 0.0.0.0/0 # Local configuration Local address : 44.44.44.46 # Local gateway public IP. Local id : 99.33.33.33 Local Subnet : 0.0.0.0/0 # Virtual Tunnel Interface Peer VTI address : 192.168.2.1 Local VTI address : 192.168.2.11 Tunnel Interface MTU : 1416 bytes # # BGP Configuration # BGP neighbour IP : 192.168.2.1 BGP neighbour AS number : 2000 BGP local IP : 192.168.2.11 BGP local AS number : 65556 BGP secret : PolicyRocks BGP hold down timer : 180 BGP keep alive timer : 60 BFD Status : false Required Permissions: crud Feature: policy_vpn Additional Errors:

Get IPSec VPN Session

Get IPSec VPN session with senstive data for
a given locale service under Tier-0.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>?action=show_sensitive_data
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1?action=show_sensitive_data Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyBasedIPSecVpnSession+
RouteBasedIPSecVpnSession+

Example Response: { "resource_type": "PolicyBasedIPSecVpnSession", "description": "Policy based vpn session 1", "display_name": "pbs-1", "enabled" : true, "connection_initiation_mode" : "INITIATOR", "authentication_mode" : "PSK", "tunnel_profile_path" : "/infra/ipsec-vpn-tunnel-profiles/custom-tunnel-profile", "dpd_profile_path" : "/infra/ipsec-vpn-dpd-profiles/custom-dpd-profile", "ike_profile_path" : "/infra/ipsec-vpn-ike-profiles/custom-ike-profile", "local_endpoint_path" : "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "psk" : "test", "peer_address" : "2.1.4.1", "peer_id" : "2.1.4.1", "rules" : [ { "resource_type": "IPSecVpnRule", "id": "custom-rule-1", "path": "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1/rules/custom-rule-1", "parent_path": "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1", "relative_path": "custom-rule-1", "sources": [ { "subnet" : "10.0.2.0/24" }, { "subnet" : "10.0.1.0/24" } ], "destinations" : [ { "subnet" : "10.1.1.0/24" } ], "enabled" : true, "logged" : true, "action": "PROTECT", "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: policy_vpn Additional Errors:

Get IPSec VPN sessions list result

Get paginated list of all IPSec VPN sessions for a given locale
service under Tier-1.
This API is only available when using VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions
Request Headers:
n/a
Query Parameters:
IPSecVpnSessionListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPSecVpnSessionListResult+

Example Response: { "result_count" : 1, "results" : [ { "resource_type": "RouteBasedIPSecVpnSession", "display_name" : "rbs-1", "description" : "Route based vpn session 1", "path": "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1", "parent_path": "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default", "relative_path": "rbs-1", "enabled" : true, "connection_initiation_mode" : "INITIATOR", "authentication_mode" : "PSK", "tunnel_profile_path" : "/infra/ipsec-vpn-tunnel-profiles/custom-tunnel-profile", "dpd_profile_path" : "/infra/ipsec-vpn-dpd-profiles/custom-dpd-profile", "ike_profile_path" : "/infra/ipsec-vpn-ike-profiles/custom-ike-profile", "local_endpoint_path" : "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "peer_address" : "2.1.4.1", "peer_id" : "2.1.4.1", "tunnel_interfaces" : [ { "resource_type" : "IPSecVpnTunnelInterface", "path": "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1/interfaces/default-tunnel-interface", "parent_path": "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1", "relative_path": "default-tunnel-interface", "ip_subnets" : [ { "ip_addresses" : [ "169.90.50.1" ], "prefix_length" : 30 } ], "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision" : 2, } ], "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: policy_vpn Additional Errors:

Create or patch an IPSec VPN session

Create or patch an IPSec VPN session for a given locale
service under Tier-1.
This API is only available when using VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyBasedIPSecVpnSession+
RouteBasedIPSecVpnSession+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1 { "resource_type": "PolicyBasedIPSecVpnSession", "description": "Policy based vpn session 1", "display_name": "pbs-1", "enabled" : true, "connection_initiation_mode" : "INITIATOR", "authentication_mode" : "PSK", "tunnel_profile_path" : "/infra/ipsec-vpn-tunnel-profiles/custom-tunnel-profile", "dpd_profile_path" : "/infra/ipsec-vpn-dpd-profiles/custom-dpd-profile", "ike_profile_path" : "/infra/ipsec-vpn-ike-profiles/custom-ike-profile", "local_endpoint_path" : "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "psk" : "test", "peer_address" : "2.1.4.1", "peer_id" : "2.1.4.1", "rules" : [ { "resource_type": "IPSecVpnRule", "id": "custom-rule-1", "sources": [ { "subnet" : "10.0.2.0/24" }, { "subnet" : "10.0.1.0/24" } ], "destinations" : [ { "subnet" : "10.1.1.0/24" } ], "enabled" : true, "logged" : true, "action": "PROTECT" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Delete IPSec VPN session

Delete IPSec VPN session for a given locale service under Tier-1. This API is only available when using VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Create or fully replace IPSec VPN session

Create or fully replace IPSec VPN session for a given locale
service under Tier-1.
Revision is optional for creation and required for update.
This API is only available when using VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyBasedIPSecVpnSession+
RouteBasedIPSecVpnSession+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1 { "resource_type": "RouteBasedIPSecVpnSession", "display_name" : "rbs-1", "description" : "Route based vpn session 1", "enabled" : true, "connection_initiation_mode" : "INITIATOR", "authentication_mode" : "PSK", "tunnel_profile_path" : "/infra/ipsec-vpn-tunnel-profiles/custom-tunnel-profile", "dpd_profile_path" : "/infra/ipsec-vpn-dpd-profiles/custom-dpd-profile", "ike_profile_path" : "/infra/ipsec-vpn-ike-profiles/custom-ike-profile", "local_endpoint_path" : "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "psk" : "test", "peer_address" : "2.1.4.1", "peer_id" : "2.1.4.1", "tunnel_interfaces" : [ { "ip_subnets" : [ { "ip_addresses" : [ "169.90.50.1" ], "prefix_length" : 30 } ], "_revision" : 2, } ], "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyBasedIPSecVpnSession+
RouteBasedIPSecVpnSession+

Example Response: { "resource_type": "RouteBasedIPSecVpnSession", "display_name" : "rbs-1", "description" : "Route based vpn session 1", "path": "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1", "parent_path": "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default", "relative_path": "rbs-1", "enabled" : true, "connection_initiation_mode" : "INITIATOR", "authentication_mode" : "PSK", "tunnel_profile_path" : "/infra/ipsec-vpn-tunnel-profiles/custom-tunnel-profile", "dpd_profile_path" : "/infra/ipsec-vpn-dpd-profiles/custom-dpd-profile", "ike_profile_path" : "/infra/ipsec-vpn-ike-profiles/custom-ike-profile", "local_endpoint_path" : "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "psk" : "test", "peer_address" : "2.1.4.1", "peer_id" : "2.1.4.1", "tunnel_interfaces" : [ { "resource_type" : "IPSecVpnTunnelInterface", "path": "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1/interfaces/default-tunnel-interface", "parent_path": "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1", "relative_path": "default-tunnel-interface", "ip_subnets" : [ { "ip_addresses" : [ "169.90.50.1" ], "prefix_length" : 30 } ], "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision" : 2, } ], "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: policy_vpn Additional Errors:

Get IPSec VPN Session

Get IPSec VPN session without sensitive data for a given locale
service under Tier-1.
This API is only available when using VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyBasedIPSecVpnSession+
RouteBasedIPSecVpnSession+

Example Response: { "resource_type": "PolicyBasedIPSecVpnSession", "description": "Policy based vpn session 1", "display_name": "pbs-1", "enabled" : true, "connection_initiation_mode" : "INITIATOR", "authentication_mode" : "PSK", "tunnel_profile_path" : "/infra/ipsec-vpn-tunnel-profiles/custom-tunnel-profile", "dpd_profile_path" : "/infra/ipsec-vpn-dpd-profiles/custom-dpd-profile", "ike_profile_path" : "/infra/ipsec-vpn-ike-profiles/custom-ike-profile", "local_endpoint_path" : "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "peer_address" : "2.1.4.1", "peer_id" : "2.1.4.1", "rules" : [ { "resource_type": "IPSecVpnRule", "id": "custom-rule-1", "path": "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1/rules/custom-rule-1", "parent_path": "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1", "relative_path": "custom-rule-1", "sources": [ { "subnet" : "10.0.2.0/24" }, { "subnet" : "10.0.1.0/24" } ], "destinations" : [ { "subnet" : "10.1.1.0/24" } ], "enabled" : true, "logged" : true, "action": "PROTECT", "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: policy_vpn Additional Errors:

Get IPSec VPN configuration for the peer site

Download IPSec VPN configuration for the peer site. Peer config also
contains PSK; be careful when sharing or storing it.
This API is only available when using VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>/peer-config
Request Headers:
n/a
Query Parameters:
PolicyRuntimeOnEpRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1/peer-config Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: text/plain; charset=utf-8
Response Body:
string

Example Response: # Suggestive peer configuration for Policy IPSec VPN # # IPSec VPN path : /infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1/peer-config # IPSec VPN name : rbs-1 # IPSec VPN description : # Tier 1 path : /infra/tier-1s/int_net # # Enforcement point path : /infra/deployment-zones/default/enforcement-points/nsxt # Enforcement point type : NSXT # # Suggestive peer configuration for IPSec VPN Connection # # IPSecVPNSession Id : aafeb845-e2fa-4c86-9f0e-43c5ed3ef707 # IPSecVPNSession name : PROVIDER.int_net.pa-paris-rb-vpn # IPSecVPNSession description: # IPSecVPNSession enabled : true # IPSecVPNSession type : Route based VPN # Logical router Id : d58beabb-853c-473c-ad8d-34bd9c644692 # Generated Time : Tue Apr 03 14:21:13 GMT 2018 # # Internet Key Exchange Configuration [Phase 1] # Configure the IKE SA as outlined below IKE version : IKE_V2 Connection initiation mode : INITIATOR Authentication method : PSK Pre shared key : 12345 Authentication algorithm : [SHA2_256] Encryption algorithm : [AES_128] SA life time : 86400 Negotiation mode : Not applicable for ikev2 DH group : [GROUP14] # IPsec_configuration [Phase 2] # Configure the IPsec SA as outlined below Transform Protocol : ESP Authentication algorithm : [] Sa life time : 3600 Encryption algorithm : [AES_GCM_128] Encapsulation mode : TUNNEL_MODE Enable perfect forward secrecy : true Perfect forward secrecy DH group: [GROUP14] # IPsec Dead Peer Detection (DPD) settings DPD enabled : true DPD probe interval : 60 # Peer configuration Peer address : 88.88.72.22 # Peer gateway public IP. Peer id : 88.88.72.22 Peer Subnet : 0.0.0.0/0 # Local configuration Local address : 44.44.44.46 # Local gateway public IP. Local id : 99.33.33.33 Local Subnet : 0.0.0.0/0 # Virtual Tunnel Interface Peer VTI address : 192.168.2.1 Local VTI address : 192.168.2.11 Tunnel Interface MTU : 1416 bytes # # BGP Configuration # BGP neighbour IP : 192.168.2.1 BGP neighbour AS number : 2000 BGP local IP : 192.168.2.11 BGP local AS number : 65556 BGP secret : PolicyRocks BGP hold down timer : 180 BGP keep alive timer : 60 BFD Status : false Required Permissions: crud Feature: policy_vpn Additional Errors:

Get IPSec VPN Session

Get IPSec VPN session with senstive data for a given locale
service under Tier-1.
This API is only available when using VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>?action=show_sensitive_data
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1?action=show_sensitive_data Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyBasedIPSecVpnSession+
RouteBasedIPSecVpnSession+

Example Response: { "resource_type": "PolicyBasedIPSecVpnSession", "description": "Policy based vpn session 1", "display_name": "pbs-1", "enabled" : true, "connection_initiation_mode" : "INITIATOR", "authentication_mode" : "PSK", "tunnel_profile_path" : "/infra/ipsec-vpn-tunnel-profiles/custom-tunnel-profile", "dpd_profile_path" : "/infra/ipsec-vpn-dpd-profiles/custom-dpd-profile", "ike_profile_path" : "/infra/ipsec-vpn-ike-profiles/custom-ike-profile", "local_endpoint_path" : "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/local-endpoints/default-le", "psk" : "test", "peer_address" : "2.1.4.1", "peer_id" : "2.1.4.1", "rules" : [ { "resource_type": "IPSecVpnRule", "id": "custom-rule-1", "path": "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1/rules/custom-rule-1", "parent_path": "/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/pbs-1", "relative_path": "custom-rule-1", "sources": [ { "subnet" : "10.0.2.0/24" }, { "subnet" : "10.0.1.0/24" } ], "destinations" : [ { "subnet" : "10.1.1.0/24" } ], "enabled" : true, "logged" : true, "action": "PROTECT", "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: policy_vpn Additional Errors:

Policy: Networking: Network Services: VPN: IPSEC: Statistics

Associated URIs:

Get IPSec VPN session statistics.

- no enforcement point path specified: statistics are evaluated on each enforcement point.
- an enforcement point path is specified: statistics are evaluated only on the given
enforcement point.
- source=realtime: statistics are fetched realtime from the enforcement point.
- source=cached: cached statistics from enforcement point are returned.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>/statistics
Request Headers:
n/a
Query Parameters:
PolicyRuntimeRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1/statistics Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateIPSecVpnSessionStatistics+

Required Permissions: read Feature: policy_statistics Additional Errors:

Get IPSec VPN session statistics.

- no enforcement point path specified: statistics are evaluated on each enforcement point.
- an enforcement point path is specified: statistics are evaluated only on the given
enforcement point.
- source=realtime: statistics are fetched realtime from the enforcement point.
- source=cached: cached statistics from enforcement point are returned.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>/statistics
Request Headers:
n/a
Query Parameters:
PolicyRuntimeRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1/statistics Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateIPSecVpnSessionStatistics+

Required Permissions: read Feature: policy_statistics Additional Errors:

Policy: Networking: Network Services: VPN: IPSEC: Status

Associated URIs:

Get IPSec VPN session detailed status.

- no enforcement point path specified: detailed status is evaluated on each enforcement point.
- an enforcement point path is specified: detailed status is evaluated only on the given
enforcement point.
- source=realtime: detailed status is fetched realtime from the enforcement point.
- source=cached: cached detailed status from enforcement point is returned.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>/detailed-status
Request Headers:
n/a
Query Parameters:
PolicyRuntimeRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1/detailed-status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateIPSecVpnSessionStatus+

Required Permissions: read Feature: policy_statistics Additional Errors:

Get IPSec VPN session detailed status.

- no enforcement point path specified: detailed status is evaluated on each enforcement point.
- an enforcement point path is specified: detailed status is evaluated only on the given
enforcement point.
- source=realtime: detailed status is fetched realtime from the enforcement point.
- source=cached: cached detailed status from enforcement point is returned.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>/detailed-status
Request Headers:
n/a
Query Parameters:
PolicyRuntimeRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/int_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1/detailed-status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateIPSecVpnSessionStatus+

Required Permissions: read Feature: policy_statistics Additional Errors:

Policy: Networking: Network Services: VPN: L2VPN

Policy: Networking: Network Services: VPN: L2VPN: Services

Associated URIs:

Get L2VPN service list result

Get paginated list of all L2VPN services. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/l2vpn-services
Request Headers:
n/a
Query Parameters:
L2VPNServiceListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/l2vpn-services Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VPNServiceListResult+

Example Response: { "result_count" : 1, "results" : [ { "resource_type" : "L2VPNService", "path" : "/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default", "enable_hub" : true, "mode" : "SERVER", "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 3 } ] } Required Permissions: read Feature: policy_vpn Additional Errors:

Create or fully replace L2VPN service

Create or fully replace L2VPN service for given locale service. Revision is optional for creation and required for update. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/l2vpn-services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
L2VPNService+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default { "enable_hub" : true, "_revision" : 2 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VPNService+

Example Response: { "resource_type" : "L2VPNService", "path" : "/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default", "enable_hub" : true, "mode" : "SERVER", "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: crud Feature: policy_vpn Additional Errors:

Create or patch L2VPN service

Create or patch L2VPN service for given locale service. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/l2vpn-services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
L2VPNService+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default { "enable_hub": true, } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Delete L2VPN service

Delete L2VPN service for given locale service. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/l2vpn-services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Get L2VPN service

Get L2VPN service for given locale service. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/l2vpn-services/<service-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VPNService+

Example Response: { "resource_type" : "L2VPNService", "path" : "/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default", "enable_hub" : true, "mode" : "SERVER", "_create_time" : 1517293097281, "_last_modified_user" : "admin", "_last_modified_time" : 1517293097281, "_system_owned" : false, "_create_user" : "admin", "_protection" : "NOT_PROTECTED", "_revision" : 3 } Required Permissions: read Feature: policy_vpn Additional Errors:

Policy: Networking: Network Services: VPN: L2VPN: Sessions

Associated URIs:

Get L2VPN sessions list result

Get paginated list of all L2VPN sessions. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/l2vpn-services/<service-id>/sessions
Request Headers:
n/a
Query Parameters:
L2VPNSessionListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default/sessions Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VPNSessionListResult+

Example Response: { "result_count" : 1, "results" : [ { "resource_type": "L2VPNSession", "description": "Stretched Palo Alto Site", "display_name": "stretched-pa-site", "enabled" : true, "transport_tunnels": [ "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1" ], "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: policy_vpn Additional Errors:

Create or fully replace L2VPN session

Create or fully replace L2VPN session. API supported only when
L2VPN Service is in Server Mode.
Revision is optional for creation and required for update.
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/l2vpn-services/<service-id>/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
L2VPNSession+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default/sessions/stretched-pa-site { "description": "Stretched Palo Alto Site", "display_name": "stretched-pa-site", "enabled" : true, "transport_tunnels": [ "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1" ], "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VPNSession+

Example Response: { "resource_type": "L2VPNSession", "description": "Stretched Palo Alto Site", "display_name": "stretched-pa-site", "enabled" : true, "transport_tunnels": [ "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1" ], "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: policy_vpn Additional Errors:

Delete L2VPN session

Delete L2VPN session. When L2VPN Service is in CLIENT Mode, the L2VPN Session is deleted along with its transpot tunnels and related resources. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/l2vpn-services/<service-id>/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default/sessions/stretched-pa-site Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Create or patch an L2VPN session

Create or patch an L2VPN session. API supported only when
L2VPN Service is in Server Mode.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/l2vpn-services/<service-id>/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
L2VPNSession+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default/sessions/stretched-pa-site { "description": "Stretched Palo Alto Site", "display_name": "stretched-pa-site", "enabled" : true, "transport_tunnels": [ "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1" ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Get L2VPN Session

Get L2VPN session. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/l2vpn-services/<service-id>/sessions/<session-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default/sessions/stretched-pa-site Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
L2VPNSession+

Example Response: { "resource_type": "L2VPNSession", "description": "Stretched Palo Alto Site", "display_name": "stretched-pa-site", "enabled" : true, "transport_tunnels": [ "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1" ], "_create_user": "admin", "_create_time": 1516385949942, "_last_modified_user": "admin", "_last_modified_time": 1516385949942, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: policy_vpn Additional Errors:

Get L2VPN session configuration for the peer site

Get peer config for the L2VPN session to configure the remote
side of the tunnel.
- no enforcement point path specified: L2VPN Session Peer Codes
will be evaluated on each enforcement point.
- enforcement point paths specified: L2VPN Session Peer Codes
are evaluated only on the given enforcement points.
API supported only when L2VPN Service is in Server Mode.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/l2vpn-services/<service-id>/sessions/<session-id>/peer-config
Request Headers:
n/a
Query Parameters:
PolicyRuntimeOnEpRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default/sessions/streteched-pa-site/peer-config Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateL2VPNSessionPeerConfig+

Example Response: { "l2vpn_session_path": "/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default/sessions/streteched-pa-site", "peer_config_per_enforcement_point": [ { "resource_type": "L2VPNSessionPeerCodes", "enforcement_point_path": "/infra/deployment-zones/default/enforcement-points/nsxt", "peer_codes": [ { "peer_code": "MCw0YTc2YTNlLHsic2l0ZU5hbWUiOiJwb2xpY3ktc2Vzc2lvbi1QUk9WSURFUi5obWl6YS5wYS1wdW5lLXJiLXZwbiIs InNyY1RhcElwIjoiMTY5LjI1NC42NC4yIiwiZHN0VGFwSXAiOiIxNjkuMjU0LjY0LjEiLCJpa2VPcHRpb24iOiJpa2V2 MiIsImVuY2FwUHJvdG8iOiJncmUvaXBzZWMiLCJkaEdyb3VwIjoiZGgxNCIsImVuY3J5cHRBbmREaWdlc3QiOiJhZXMt Z2NtL3NoYS0yNTYiLCJwc2siOiJkZWZhdWx0IiwidHVubmVscyI6W3sibG9jYWxJZCI6IjI0LjI0LjI0LjI0IiwicGVl cklkIjoiMTEuMTEuMTEuMTEifV19", "transport_tunnel_path": "/infra/tier-0s/ext_net/locale-services/default/ipsec-vpn-services/default/sessions/rbs-1" } ] } ] } Required Permissions: crud Feature: policy_vpn Additional Errors:

Create or patch an L2VPN session from Peer Codes

Create or patch an L2VPN session from Peer Codes.
In addition to the L2VPN Session, the IPSec VPN Session, along
with the IKE, Tunnel, and DPD Profiles are created and owned by
the system. IPSec VPN Service and Local Endpoint are created only
when required, i.e., an IPSec VPN Service does not already exist,
or an IPSec VPN Local Endpoint with same local address does not
already exist.
Updating the L2VPN Session can be performed only through this API
by specifying new peer codes. Use of specific APIs to update the
L2VPN Session and the different resources associated with it is
not allowed, except for IPSec VPN Service and Local Endpoint,
resources that are not system owned.
API supported only when L2VPN Service is in Client Mode.
Request:
Method:
POST
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/l2vpn-services/<service-id>/sessions/<session-id>?action=create_with_peer_code
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
L2VPNSessionData+

Example Request: POST https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default/sessions/stretched-pa-site?action=create_with_peer_codes { "description": "Stretched Palo Alto Site", "display_name": "stretched-pa-site", "transport_tunnels": [ { "peer_code": "MCw0YTc2YTNlLHsic2l0ZU5hbWUiOiJwb2xpY3ktc2Vzc2lvbi1QUk9WSURFUi5obWl6YS5wYS1wdW5lLXJiLXZwbiIs InNyY1RhcElwIjoiMTY5LjI1NC42NC4yIiwiZHN0VGFwSXAiOiIxNjkuMjU0LjY0LjEiLCJpa2VPcHRpb24iOiJpa2V2 MiIsImVuY2FwUHJvdG8iOiJncmUvaXBzZWMiLCJkaEdyb3VwIjoiZGgxNCIsImVuY3J5cHRBbmREaWdlc3QiOiJhZXMt Z2NtL3NoYS0yNTYiLCJwc2siOiJkZWZhdWx0IiwidHVubmVscyI6W3sibG9jYWxJZCI6IjI0LjI0LjI0LjI0IiwicGVl cklkIjoiMTEuMTEuMTEuMTEifV19", "peer_address": "10.10.10.10", "local_address": "20.20.20.20" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vpn Additional Errors:

Policy: Networking: Network Services: VPN: L2VPN: Statistics

Associated URIs:

Get L2VPN session statistics.

- no enforcement point path specified: statistics are evaluated on each enforcement point.
- an enforcement point path is specified: statistics are evaluated only on the given
enforcement point.
- source=realtime: statistics are fetched realtime from the enforcement point.
- source=cached: cached statistics from the enforcement point are returned.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/l2vpn-services/<service-id>/sessions/<session-id>/statistics
Request Headers:
n/a
Query Parameters:
PolicyRuntimeRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default/sessions/rbs-1/statistics Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateL2VPNSessionStatistics+

Required Permissions: read Feature: policy_statistics Additional Errors:

Policy: Networking: Network Services: VPN: L2VPN: Status

Associated URIs:

Get L2VPN session detailed status.

- no enforcement point path specified: detailed tatus is evaluated on each enforcement point.
- an enforcement point path is specified: detailed status is evaluated only on the given
enforcement point.
- source=realtime: detailed tatus is fetched realtime from the enforcement point.
- source=cached: cached detailed status is returned.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/l2vpn-services/<service-id>/sessions/<session-id>/detailed-status
Request Headers:
n/a
Query Parameters:
PolicyRuntimeRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/ext_net/locale-services/default/l2vpn-services/default/sessions/stretched-pa-site/detailed-status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
AggregateL2VPNSessionStatus+

Required Permissions: read Feature: policy_statistics Additional Errors:

Policy: Operations

Policy: Operations: Compliance

Associated URIs:

Returns the compliance status

Returns the compliance status and details of non compliant configuration Request:
Method:
GET
URI Path:
/policy/api/v1/compliance/status
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/compliance/status Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyComplianceStatus+

Example Response: { "last_updated_time" : 1535016210856, "non_compliant_configs": [ { "description": "TLS version 1.0 used for establishing secure socket connection. It is recommended to run TLSv 1.1 or higher and fully disable TLSv1.0 that have protocol weaknesses.", "reported_by": { "target_display_name": "test-profile", "is_valid": true, "target_type": "LB_CLIENT_SSL_PROFILE", "target_id": "/infra/lb-client-ssl-profiles/test-profile", "path": "/infra/lb-client-ssl-profiles/test-profile" }, "non_compliance_code": 72022 } ] } Required Permissions: read Feature: infra_admin Additional Errors:

Policy: Operations: Finetuning

Associated URIs:

For each type of entity what are the attributes owned by policy.

This API provides field names of attributes in NSX types that are owned by
Policy, as opposed to those owned by the enforcement point. For any type on NSX,
some of the attributes of that type may be owned and set by Policy when realizing
the intent, while some others may be owned and set by the enforcement point itself.
This information can be used to disable updates to Policy owned attributes by the
advanced networking UI, while allowing tweaking to the attributes owned by the
management plane.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/fine-tuning/resources
Request Headers:
n/a
Query Parameters:
ResourceInfoSearchParameters+
Request Body:
n/a

Example Request: https://<policy-mgr>/policy/api/v1/fine-tuning/resources?type=InstanceDeploymentConfigDto Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ResourceInfoListResult+

Example Response: { "result_count": 1, "results": [{ "resource_name": "InstanceDeploymentConfigDto", "fields": [{ "sub_type": { "resource_name": "VmNicInfoDto", "fields": [{ "sub_type": { "resource_name": "NicInfoDto", "fields": [{ "field_name": "gateway_address" }, { "field_name": "network_id" }, { "field_name": "subnet_mask" }, { "field_name": "ip_address" }] }, "field_name": "nic_infos" }] }, "field_name": "vm_nic_infos" }, { "field_name": "compute_id" }, { "field_name": "storage_id" }, { "field_name": "context_id" }] }] } Required Permissions: read Feature: policy_fine_tuning Additional Errors:

Policy: Operations: IPFIX

Policy: Operations: IPFIX: Firewall IPFIX Collectors

Associated URIs:

List IPFIX Collector profiles.

API will provide list of all IPFIX dfw collector profiles and
their details.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipfix-dfw-collector-profiles
Request Headers:
n/a
Query Parameters:
IPFIXDFWCollectorProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipfix-dfw-collector-profiles/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPFIXDFWCollectorProfileListResult+

Example Response: { "results": [ { "ipfix_dfw_collectors": [ { "collector_ip_address": "230.90.90.90", "collector_port": 1569, "marked_for_delete": false, "_protection": "NOT_PROTECTED" } ], "resource_type": "IPFIXDFWCollectorProfile", "id": "profile1", "display_name": "profile1", "path": "/infra/ipfix-dfw-collector-profiles/profile1", "relative_path": "profile1", "parent_path": "/infra/ipfix-dfw-collector-profiles/profile1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1545256220232, "_last_modified_user": "admin", "_last_modified_time": 1545256220232, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 1, "sort_by": "display_name", "sort_ascending": true } Required Permissions: read Feature: policy_ipfix_dfw Additional Errors:

Delete IPFIX dfw Collector profile

API deletes IPFIX dfw collector profile. Flow forwarding to
collector will be stopped.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/ipfix-dfw-collector-profiles/<ipfix-dfw-collector-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/ipfix-dfw-collector-profiles/profile1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipfix_dfw Additional Errors:

Create or Replace IPFIX dfw collector profile

Create or Replace IPFIX dfw collector profile. IPFIX data will be sent to IPFIX
collector port.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/ipfix-dfw-collector-profiles/<ipfix-dfw-collector-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPFIXDFWCollectorProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/ipfix-dfw-collector-profiles/profile1 { "ipfix_dfw_collectors": [ { "collector_ip_address": "230.90.90.90", "collector_port": 1570 } ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPFIXDFWCollectorProfile+

Example Response: { "ipfix_dfw_collectors": [ { "collector_ip_address": "230.90.90.90", "collector_port": 1570, "marked_for_delete": false, "_protection": "NOT_PROTECTED" } ], "resource_type": "IPFIXDFWCollectorProfile", "id": "profile1", "display_name": "profile1", "path": "/infra/ipfix-dfw-collector-profiles/profile1", "relative_path": "profile1", "parent_path": "/infra/ipfix-dfw-collector-profiles/profile1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1545256220232, "_last_modified_user": "admin", "_last_modified_time": 1545257032468, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_ipfix_dfw Additional Errors:

Get IPFIX dfw Collector profile

API will return details of IPFIX dfw collector profile. If profile
does not exist, it will return 404.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipfix-dfw-collector-profiles/<ipfix-dfw-collector-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipfix-dfw-collector-profiles/profile1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPFIXDFWCollectorProfile+

Example Response: { "ipfix_dfw_collectors": [ { "collector_ip_address": "230.90.90.90", "collector_port": 1569, "marked_for_delete": false, "_protection": "NOT_PROTECTED" } ], "resource_type": "IPFIXDFWCollectorProfile", "id": "profile1", "display_name": "profile1", "path": "/infra/ipfix-dfw-collector-profiles/profile1", "relative_path": "profile1", "parent_path": "/infra/ipfix-dfw-collector-profiles/profile1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1545256220232, "_last_modified_user": "admin", "_last_modified_time": 1545256220232, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_ipfix_dfw Additional Errors:

IPFIX dfw collector profile id

Create a new IPFIX dfw collector profile if the IPFIX dfw collector profile with
given id does not already exist. If the IPFIX dfw collector profile with the
given id already exists, patch with the existing IPFIX dfw collector profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/ipfix-dfw-collector-profiles/<ipfix-dfw-collector-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPFIXDFWCollectorProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/ipfix-dfw-collector-profiles/profile1 { "ipfix_dfw_collectors": [ { "collector_ip_address": "230.90.90.90", "collector_port": 1569 } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipfix_dfw Additional Errors:

Policy: Operations: IPFIX: Firewall IPFIX Profiles

Associated URIs:

List IPFIX DFW Profile

API provides list IPFIX DFW profiles available on
selected logical DFW.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipfix-dfw-profiles
Request Headers:
n/a
Query Parameters:
IPFIXDFWProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipfix-dfw-profiles/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPFIXDFWProfileListResult+

Example Response: { "results": [ { "ipfix_dfw_collector_profile_path": "/infra/ipfix-dfw-collector-profiles/profile1", "active_flow_export_timeout": 40, "observation_domain_id": 344, "priority": 770, "resource_type": "IPFIXDFWProfile", "id": "profile1", "display_name": "profile1", "path": "/infra/ipfix-dfw-profiles/profile1", "relative_path": "profile1", "parent_path": "/infra/ipfix-dfw-profiles/profile1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1545257663086, "_last_modified_user": "admin", "_last_modified_time": 1545257663086, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 1, "sort_by": "display_name", "sort_ascending": true } Required Permissions: read Feature: policy_ipfix_dfw Additional Errors:

Get IPFIX DFW Profile

API will return details of IPFIX DFW profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipfix-dfw-profiles/<ipfix-dfw-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipfix-dfw-profiles/profile1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPFIXDFWProfile+

Example Response: { "ipfix_dfw_collector_profile_path": "/infra/ipfix-dfw-collector-profiles/profile1", "active_flow_export_timeout": 40, "observation_domain_id": 344, "priority": 770, "resource_type": "IPFIXDFWProfile", "id": "profile1", "display_name": "profile1", "path": "/infra/ipfix-dfw-profiles/profile1", "relative_path": "profile1", "parent_path": "/infra/ipfix-dfw-profiles/profile1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1545257663086, "_last_modified_user": "admin", "_last_modified_time": 1545257663086, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_ipfix_dfw Additional Errors:

Create or Replace IPFIX DFW collection Config.

Create or replace IPFIX DFW profile. Config will start
forwarding data to provided IPFIX DFW collector.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/ipfix-dfw-profiles/<ipfix-dfw-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPFIXDFWProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/ipfix-dfw-profiles/profile1 { "ipfix_dfw_collector_profile_path": "/infra/ipfix-dfw-collector-profiles/profile1", "observation_domain_id": 344, "active_flow_export_timeout":40, "priority":771, "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPFIXDFWProfile+

Example Response: { "ipfix_dfw_collector_profile_path": "/infra/ipfix-dfw-collector-profiles/profile1", "active_flow_export_timeout": 40, "observation_domain_id": 344, "priority": 771, "resource_type": "IPFIXDFWProfile", "id": "profile1", "display_name": "profile1", "path": "/infra/ipfix-dfw-profiles/profile1", "relative_path": "profile1", "parent_path": "/infra/ipfix-dfw-profiles/profile1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1545257663086, "_last_modified_user": "admin", "_last_modified_time": 1545259987846, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_ipfix_dfw Additional Errors:

Patch IPFIX DFW profile

Create a new IPFIX DFW profile if the IPFIX DFW profile
with given id does not already exist. If the IPFIX DFW
profile with the given id already exists, patch with
the existing IPFIX DFW profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/ipfix-dfw-profiles/<ipfix-dfw-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPFIXDFWProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/ipfix-dfw-profiles/profile1 { "ipfix_dfw_collector_profile_path": "/infra/ipfix-dfw-collector-profiles/profile1", "observation_domain_id": 344, "active_flow_export_timeout":40, "priority":770, "_create_user": "admin", "_create_time": 1545257663086, "_last_modified_user": "admin", "_last_modified_time": 1545259987846, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipfix_dfw Additional Errors:

Delete IPFIX DFW Profile

API deletes IPFIX DFW Profile. Selected IPFIX Collectors will stop
receiving flows.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/ipfix-dfw-profiles/<ipfix-dfw-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/ipfix-dfw-profiles/profile1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipfix_dfw Additional Errors:

Policy: Operations: IPFIX: Switch IPFIX Collectors

Associated URIs:

List IPFIX Collector profiles.

API will provide list of all IPFIX collector profiles and their details.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipfix-l2-collector-profiles
Request Headers:
n/a
Query Parameters:
IPFIXL2CollectorProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipfix-l2-collector-profiles/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPFIXL2CollectorProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "IPFIXL2CollectorProfile", "id": "profile", "display_name": "/infra/ipfix-l2-collector-profiles/profile", "path": "/infra/ipfix-l2-collector-profiles/profile", "parent_path": "/infra", "relative_path": "profile", "ipfix_l2_collectors":[ { "collector_ip_address": "10.24.24.23", "collector_port": 3569 } ], "_create_user": "admin", "_create_time": 1517354268091, "_last_modified_user": "admin", "_last_modified_time": 1517354315280, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_ipfix_switch Additional Errors:

Get IPFIX Collector profile

API will return details of IPFIX collector profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipfix-l2-collector-profiles/<ipfix-l2-collector-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipfix-l2-collector-profiles/profile1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPFIXL2CollectorProfile+

Example Response: { "resource_type": "IPFIXL2CollectorProfile", "id": "profile", "display_name": "/infra/ipfix-l2-collector-profiles/profile", "path": "/infra/ipfix-l2-collector-profiles/profile", "parent_path": "/infra", "relative_path": "profile", "ipfix_l2_collectors":[ { "collector_ip_address": "10.24.24.23", "collector_port": 3569 } ], "_create_user": "admin", "_create_time": 1517354268091, "_last_modified_user": "admin", "_last_modified_time": 1517354315280, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_ipfix_switch Additional Errors:

Create or Replace IPFIX collector profile

Create or Replace IPFIX collector profile. IPFIX data will be sent to IPFIX
collector.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/ipfix-l2-collector-profiles/<ipfix-l2-collector-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPFIXL2CollectorProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/ipfix-l2-collector-profiles/profile1 { "ipfix_l2_collectors":[ { "collector_ip_address": "10.24.24.23", "collector_port": 3569 } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPFIXL2CollectorProfile+

Example Response: { "resource_type": "IPFIXL2CollectorProfile", "id": "profile", "display_name": "/infra/ipfix-l2-collector-profiles/profile", "path": "/infra/ipfix-l2-collector-profiles/profile", "parent_path": "/infra", "relative_path": "profile", "ipfix_l2_collectors":[ { "collector_ip_address": "10.24.24.23", "collector_port": 3569 } ], "_create_user": "admin", "_create_time": 1517354268091, "_last_modified_user": "admin", "_last_modified_time": 1517354315280, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_ipfix_switch Additional Errors:

Delete IPFIX Collector profile

API deletes IPFIX collector profile. Flow forwarding to
collector will be stopped.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/ipfix-l2-collector-profiles/<ipfix-l2-collector-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/ipfix-l2-collector-profiles/profile1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipfix_switch Additional Errors:

Patch IPFIX collector profile

Create a new IPFIX collector profile if the IPFIX collector profile with
given id does not already exist. If the IPFIX collector profile with the
given id already exists, patch with the existing IPFIX collector profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/ipfix-l2-collector-profiles/<ipfix-l2-collector-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPFIXL2CollectorProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/ipfix-l2-collector-profiles/profile1 { "ipfix_l2_collectors":[ { "collector_ip_address": "10.24.24.23", "collector_port": 3569 } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipfix_switch Additional Errors:

Policy: Operations: IPFIX: Switch IPFIX Profiles

Associated URIs:

List IPFIX L2 Profiles

API provides list IPFIX L2 Profiles available on
selected logical l2.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipfix-l2-profiles
Request Headers:
n/a
Query Parameters:
IPFIXL2ProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipfix-l2-profiles/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPFIXL2ProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "IPFIXL2Profile", "id": "ipfixsession_1", "display_name": "/infra/ipfix-l2-profiles/ipfixsession_1", "path": "/infra/ipfix-l2-profiles/ipfixsession_1", "parent_path": "/infra/networks/cgw", "relative_path": "ipfixsession_1", "packet_sample_probability": 0.1, "observation_domain_id": 0, "active_timeout": 700, "max_flows": 1400, "idle_timeout": 300, "ipfix_collector_profile_path": "/infra/ipfix-l2-collector-profiles/profile1", "_create_user": "admin", "_create_time": 1517354664477, "_last_modified_user": "admin", "_last_modified_time": 1517354664477, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_ipfix_switch Additional Errors:

Patch IPFIX L2profile

Create a new IPFIX L2 profile if the IPFIX L2 profile
with given id does not already exist. If the IPFIX L2 profile
with the given id already exists, patch with the existing IPFIX L2
profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/ipfix-l2-profiles/<ipfix-l2-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPFIXL2Profile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/ipfix-l2-profiles/ipfixsession_1 { "ipfix_collector_profile_path": "/infra/ipfix-l2-collector-profiles/profile1", "packet_sample_probability":0.1, "active_timeout":700, "idle_timeout":300, "max_flows": 1400, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipfix_switch Additional Errors:

Get IPFIX L2 Profile

API will return details of IPFIX L2 profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/ipfix-l2-profiles/<ipfix-l2-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/ipfix-l2-profiles/ipfixsession_1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPFIXL2Profile+

Example Response: { "resource_type": "IPFIXL2Profile", "id": "ipfixsession_1", "display_name": "/infra/ipfix-l2-profiles/ipfixsession_1", "path": "/infra/ipfix-l2-profiles/ipfixsession_1", "parent_path": "/infra/networks/cgw", "relative_path": "ipfixsession_1", "packet_sample_probability": 0.1, "observation_domain_id": 0, "active_timeout": 700, "max_flows": 1400, "idle_timeout": 300, "ipfix_collector_profile_path": "/infra/ipfix-l2-collector-profiles/profile1", "_create_user": "admin", "_create_time": 1517354664477, "_last_modified_user": "admin", "_last_modified_time": 1517354664477, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: read Feature: policy_ipfix_switch Additional Errors:

Create or Replace IPFIX L2 profile

Create or replace IPFIX L2 Profile. Profile is reusable entity. Single
profile can attached multiple bindings e.g group, segment and port.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/ipfix-l2-profiles/<ipfix-l2-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
IPFIXL2Profile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/ipfix-l2-profiles/ipfixsession_1 { "ipfix_collector_profile_path": "/infra/ipfix-l2-collector-profiles/profile1", "packet_sample_probability":0.1, "active_timeout":700, "idle_timeout":300, "max_flows": 1400, "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IPFIXL2Profile+

Example Response: { "resource_type": "IPFIXL2Profile", "id": "ipfixsession_1", "display_name": "/infra/ipfix-l2-profiles/ipfixsession_1", "path": "/infra/ipfix-l2-profiles/ipfixsession_1", "parent_path": "/infra/networks/cgw", "relative_path": "ipfixsession_1", "packet_sample_probability": 0.1, "observation_domain_id": 0, "active_timeout": 700, "max_flows": 1400, "idle_timeout": 300, "ipfix_collector_profile_path": "/infra/ipfix-l2-collector-profiles/profile1", "_create_user": "admin", "_create_time": 1517354664477, "_last_modified_user": "admin", "_last_modified_time": 1517354664477, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_ipfix_switch Additional Errors:

Delete IPFIX L2 Profile

API deletes IPFIX L2 Profile. Flow forwarding to
selected collector will be stopped.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/ipfix-l2-profiles/<ipfix-l2-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/ipfix-l2-profiles/ipfixsession_1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ipfix_switch Additional Errors:

Policy: Operations: Port Mirroring

Associated URIs:

List Port Mirroring Profiles

API will list all port mirroring profiles group.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/port-mirroring-profiles
Request Headers:
n/a
Query Parameters:
PortMirroringProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/port-mirroring-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortMirroringProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PortMirroringProfile", "id": "session_2", "display_name": "/infra/port-mirroring-profiles", "path": "/infra/port-mirroring-profiles/session_2", "parent_path": "/infra", "relative_path": "session_2", "snap_length": 744, "destination_group": "/infra/domains/d1/groups/group_ip", "direction": "BIDIRECTIONAL", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353633527, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: policy_port_mirroring Additional Errors:

Details of Port Mirroring Profile

API will return details of port mirroring profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/port-mirroring-profiles/<port-mirroring-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/port-mirroring-profiles/session_2 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortMirroringProfile+

Example Response: { "resource_type": "PortMirroringProfile", "id": "session_2", "display_name": "/infra/infra/port-mirroring-profiles/session_2", "path": "/infra/infra/port-mirroring-profiles/session_2", "parent_path": "/infra/domains/d1/groups/group_vm", "relative_path": "session_2", "snap_length": 744, "destination_group": "/infra/domains/d1/groups/group_ip", "direction": "BIDIRECTIONAL", "encapsulation_type":"GRE", "gre_key" : 5, "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: read Feature: policy_port_mirroring Additional Errors:

Delete Port Mirroring Profile

API will delete port mirroring profile. Mirroring from source to destination
ports will be stopped.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/port-mirroring-profiles/<port-mirroring-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/port-mirroring-profiles/session_1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_port_mirroring Additional Errors:

Create or Replace Port Mirroring Profile.

Create or Replace port mirroring profile. Packets will be mirrored from
source group, segment, port to destination group.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/port-mirroring-profiles/<port-mirroring-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortMirroringProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/port-mirroring-profiles/session_2 { "snap_length": 744, "destination_group": "/infra/domains/d1/groups/group_ip", "direction": "BIDIRECTIONAL", "encapsulation_type":"GRE", "gre_key" : 5 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PortMirroringProfile+

Example Response: { "resource_type": "PortMirroringProfile", "id": "session_2", "display_name": "session_2", "path": "/infra/port-mirroring-profiles/session_2", "parent_path": "/infra", "snap_length": 744, "destination_group": "/infra/domains/d1/groups/group_ip", "relative_path": "session_2" "direction": "BIDIRECTIONAL", "encapsulation_type":"GRE", "gre_key" : 5 "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: crud Feature: policy_port_mirroring Additional Errors:

Patch Port Mirroring Profile.

Create a new Port Mirroring Profile if the Port Mirroring Profile with
given id does not already exist. If the Port Mirroring Profile with the
given id already exists, patch with the existing Port Mirroring Profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/port-mirroring-profiles/<port-mirroring-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PortMirroringProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/port-mirroring-profiles/session_1 { "snap_length": 744, "destination_group": "/infra/domains/d1/groups/group_ip", "direction": "BIDIRECTIONAL", "encapsulation_type":"GRE", "gre_key" : 5 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_port_mirroring Additional Errors:

Policy: Realized State

Associated URIs:

List All alarms in the system

Paginated list of all alarms.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/alarms
Request Headers:
n/a
Query Parameters:
PolicyAlarmResourceListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/realized-state/alarms Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyAlarmResourceListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PolicyAlarmResource", "id": "PROVIDER_INVOCATION_FAILURE", "display_name": "e88f4514-fd2d-4e91-b4b7-e8c9f594ae49", "parent_path": "*/alarms/realized-state", "relative_path": "e88f4514-fd2d-4e91-b4b7-e8c9f594ae49", "message": "I/O error on POST request for \"http://127.0.0.1:7440/nsxapi/api/v1/firewall/sections\": Connect to 127.0.0.1:7440 [/127.0.0.1] failed: Connection refused (Connection refused); nested exception is org.apache.http.conn.HttpHostConnectException: Connect to 127.0.0.1:7440 [/127.0.0.1] failed: Connection refused (Connection refused)", "source_reference": "/infra/realized-state/enforcement-points/default/firewalls/firewall-sections/7f4ce9e1-e1d9-11e8-8ce3-f56aad4808c4.38989010-e1db-11e8-8ce3-f56aad4808c4", "_create_user": "system", "_create_time": 1541519266261, "_last_modified_user": "system", "_last_modified_time": 1541519266261, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: infra_admin Additional Errors:

List Enforcement Points (Experimental)

Paginated list of all enforcement points. Returns the populated enforcement points.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points
Request Headers:
n/a
Query Parameters:
RealizedEnforcementPointListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RealizedEnforcementPointListResult+

Required Permissions: read Feature: infra_admin Additional Errors:

Read Enforcement Point (Experimental)

Read a Enforcement Point and the complete tree underneath. Returns the populated enforcement point object.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RealizedEnforcementPoint+

Required Permissions: read Feature: infra_admin Additional Errors:

List Firewall Sections (Experimental) (Deprecated)

Paginated list of all Firewalls. Returns populated Firewalls.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/firewalls/firewall-sections
Request Headers:
n/a
Query Parameters:
RealizedFirewallSectionListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RealizedFirewallSectionListResult+

Required Permissions: read Feature: infra_admin Additional Errors:

Read Firewall (Experimental) (Deprecated)

Read a Firewall and the complete tree underneath. Returns the
populated Firewall object.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/firewalls/firewall-sections/<firewall-section-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RealizedFirewallSection+

Required Permissions: read Feature: infra_admin Additional Errors:

List NS Groups (Experimental) (Deprecated)

Paginated list of all NSGroups. Returns populated NSGroups.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/groups/nsgroups
Request Headers:
n/a
Query Parameters:
RealizedNSGroupListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GenericPolicyRealizedResourceListResult+

Required Permissions: read Feature: infra_admin Additional Errors:

Read Group (Experimental) (Deprecated)

Read a NSGroup and the complete tree underneath. Returns the
populated NSgroup object.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/groups/nsgroups/<nsgroup-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GenericPolicyRealizedResource+

Required Permissions: read Feature: infra_admin Additional Errors:

List Security Groups (Experimental) (Deprecated)

Paginated list of all Security Groups. Returns populated Security Groups.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/groups/securitygroups
Request Headers:
n/a
Query Parameters:
RealizedSecurityGroupListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RealizedSecurityGroupListResult+

Required Permissions: read Feature: infra_admin Additional Errors:

Read Group (Experimental) (Deprecated)

Read a Security Group and the complete tree underneath. Returns the
populated Security Group object.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/groups/securitygroups/<securitygroup-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RealizedSecurityGroup+

Required Permissions: read Feature: infra_admin Additional Errors:

List IPSets (Experimental) (Deprecated)

Paginated list of all Realized IPSets
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/ip-sets/ip-sets-nsxt
Request Headers:
n/a
Query Parameters:
RealizedIPSetListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GenericPolicyRealizedResourceListResult+

Required Permissions: read Feature: infra_admin Additional Errors:

Read IPSet Realized state (Experimental) (Deprecated)

Read an IPSet
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/ip-sets/ip-sets-nsxt/<ip-set-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GenericPolicyRealizedResource+

Required Permissions: read Feature: infra_admin Additional Errors:

List MACSets (Experimental) (Deprecated)

Paginated list of all Realized MACSets
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/mac-sets/mac-sets-nsxt
Request Headers:
n/a
Query Parameters:
RealizedMACSetListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GenericPolicyRealizedResourceListResult+

Required Permissions: read Feature: infra_admin Additional Errors:

Read MACSet Realized state (Experimental) (Deprecated)

Read an MACSet
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/mac-sets/mac-sets-nsxt/<mac-set-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GenericPolicyRealizedResource+

Required Permissions: read Feature: infra_admin Additional Errors:

List Realized NSServices (Experimental) (Deprecated)

Paginated list of all Realized NSService.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/services/nsservices
Request Headers:
n/a
Query Parameters:
GenericPolicyRealizedResourceListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GenericPolicyRealizedResourceListResult+

Required Permissions: read Feature: infra_admin Additional Errors:

Read NSService (Experimental) (Deprecated)

Read a NSService.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/services/nsservices/<nsservice-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GenericPolicyRealizedResource+

Required Permissions: read Feature: infra_admin Additional Errors:

Listing of VIFs on the NSX Manager

This API lists VIFs from the specified NSX Manager.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/vifs
Request Headers:
n/a
Query Parameters:
VifsOnEPListRequestParams+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/realized-state/enforcement-points/default/vifs Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VirtualNetworkInterfaceListResult+

Example Response: { "cursor": "0036077582cc-1b2e-492b-a546-008e970ddd97nnuullll", "result_count": 23, "results": [ { "resource_type": "VirtualNetworkInterface", "display_name": "Network adapter 1", "device_key": "4000", "device_name": "Network adapter 1", "ip_address_info": [ { "ip_addresses": [ "10.161.65.204", "fd01:0:101:2610:250:56ff:feab:e4be", "fd01:0:101:2610:108e:67da:8759:fffe", "fe80::250:56ff:feab:e4be" ], "source": "VM_TOOLS" } ], "vm_local_id_on_host": "3", "mac_address": "00:50:56:ab:e4:be", "owner_vm_id": "a5732786-a9c1-4139-a4cf-97b97881cb15", "external_id": "a5732786-a9c1-4139-a4cf-97b97881cb15-4000", "host_id": "5875b04c-8e75-11e8-850e-a7ec6eb06bc0", "_last_sync_time": 1532349565124 } ] } Required Permissions: read Feature: policy_vm_vm_info Additional Errors:

Listing of Virtual machines on the NSX Manager (Deprecated)

This API filters objects of type virtual machines from the specified NSX Manager.
This API has been deprecated. Please use the new API
GET /infra/realized-state/virtual-machines
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/virtual-machines
Request Headers:
n/a
Query Parameters:
AdditionalSearchParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/realized-state/enforcement-points/default/virtual-machines Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SearchResponse+

Example Response: { "cursor": "1", "result_count": 10004, "results": [ { "compute_ids": [ "moIdOnHost:1", "hostLocalId:1", "locationId:564d75b2-7e28-7e78-dd77-64e5fd6128e1", "instanceUuid:04fb2e78-e4bc-416f-b9dc-18b9f05e6227", "externalId:564d75b2-7e28-7e78-dd77-64e5fd6128e1", "biosUuid:564d75b2-7e28-7e78-dd77-64e5fd6128e1" ], "resource_type": "VirtualMachine", "external_id": "564d75b2-7e28-7e78-dd77-64e5fd6128e1", "source": { "target_display_name": "sc-rdops-vm09-dhcp-16-203.eng.vmware.com", "is_valid": true, "target_type": "HostNode", "target_id": "1afea8da-d4e2-11e7-93c3-c57b39f75a4f" }, "_last_sync_time": 1512031301409, "display_name": "1-vm_ubuntu_1404_srv_64-local-586-04fb2e78-e4bc-416f-b9dc-18b9f05e6227", "type": "REGULAR", "power_state": "VM_RUNNING", "host_id": "1afea8da-d4e2-11e7-93c3-c57b39f75a4f", "local_id_on_host": "1" } ] } Required Permissions: read Feature: policy_vm_vm_info Additional Errors:

Read the details of a virtual machine on the NSX Manager

This API return optional details about a virtual machines (e.g. user login session) from the
specified enforcement point.
In case of NSXT, virtual-machine-id would be the value of the external_id of the virtual machine.
This API is only available when using VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/virtual-machines/<virtual-machine-id>/details
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/realized-state/enforcement-points/default/virtual-machines/564d75b2-7e28-7e78-dd77-64e5fd6128e1/details Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VirtualMachineDetails+

Example Response: { "active_sessions": [ { "domain_name": "test.com", "user_name": "test6", "login_time": 1540338056213, "logout_time": 0, "user_session_id": 0 }], "archived_sessions": [ { "domain_name": "test.com", "user_name": "test6", "login_time": 1540338057355, "logout_time": 154033872131, "user_session_id": 3, }, { "domain_name": "test.com", "user_name": "test6", "login_time": 1540338059011, "logout_time": 1540338061036, "user_session_id": 4 } ] } Required Permissions: read Feature: identity_firewall Additional Errors:

Apply tags on virtual machine

Allows an admin to apply multiple tags to a virtual machine. This operation
does not store the intent on the policy side. It applies the tag directly
on the specified enforcement point. This operation will replace the existing
tags on the virtual machine with the ones that have been passed. If the
application of tag fails on the enforcement point, then an error is
reported. The admin will have to retry the operation again. Policy
framework does not perform a retry. Failure could occur due to multiple
reasons. For e.g enforcement point is down, Enforcement point could not
apply the tag due to constraints like max tags limit exceeded, etc.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
POST
URI Path:
/policy/api/v1/infra/realized-state/enforcement-points/<enforcement-point-name>/virtual-machines?action=update_tags
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
VirtualMachineTagsUpdate+

Example Request: POST https://<policy-mgr>/policy/api/v1/infra/realized-state/enforcement-points/default/virtual-machines?action=update_tags { "virtual_machine_id": "ID-0", "tags": [ {"scope": "web", "tag": "web-vm"}, {"scope": "ostype", "tag": "WINDOWS"} ] } Successful Response:
Response Code:
204 No Content
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_vm_vm_tags Additional Errors:

Get list of realized objects associated with intent object

Get list of realized entities associated with intent object,
specified by path in query parameter
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/realized-entities
Request Headers:
n/a
Query Parameters:
IntentPathRequestParameter+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/realized-state/realized-entities?intent_path=/infra/domains/d1/groups/g1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GenericPolicyRealizedResourceListResult+

Example Response: { "result_count": 1, "results": [ { "resource_type": "GenericPolicyRealizedResource", "id": "DOMAIN-d1-g1", "display_name": "DOMAIN-d1-g1", "path": "/infra/realized-state/enforcement-points/nsx-1/groups/nsgroups/DOMAIN-d1-g1", "parent_path": "/infra/realized-state/enforcement-points/nsx-1", "relative_path": "DOMAIN-d1-g1", "intent_reference": [ "/infra/domains/d1/groups/g1" ], "realization_specific_identifier": "22db5ae1-f1d7-4fa0-aa98-6176a3b80d0d", "alarms": [], "state": "REALIZED", "runtime_status": "UNKNOWN", "extended_attributes": [ { "values": [ "/infra/realized-state/enforcement-points/nsx-1/virtual-machines/564d1fb9-f50d-5533-d189-550394ba7252", "/infra/realized-state/enforcement-points/nsx-1/virtual-machines/564d2588-5ccf-7825-32f9-d5e1f344fe40", "/infra/realized-state/enforcement-points/nsx-1/virtual-machines/564d6341-5655-5cdb-2a90-fad1b762789b", "/infra/realized-state/enforcement-points/nsx-1/virtual-machines/564d922d-f3cb-ae5c-3e3d-d76a55990905" ], "data_type": "STRING", "key": "VIRTUAL_MACHINES", "multivalue": true } ], "entity_type": "RealizedGroup", "_create_user": "system", "_create_time": 1519051314478, "_last_modified_user": "admin", "_last_modified_time": 1519057587852, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 5 } ] } Required Permissions: read Feature: infra_admin Additional Errors:

Get realized entity uniquely identified by realized path

Get realized entity uniquely identified by realized path,
specified by query parameter
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/realized-entity
Request Headers:
n/a
Query Parameters:
RealizedPathRequestParameter+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/realized-state/realized-entity?realized_path=/infra/realized-state/enforcement-points/nsx-1/groups/nsgroups/DOMAIN-d1-g1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GenericPolicyRealizedResource+

Example Response: { "resource_type": "GenericPolicyRealizedResource", "id": "DOMAIN-d1-g1", "display_name": "DOMAIN-d1-g1", "path": "/infra/realized-state/enforcement-points/nsx-1/groups/nsgroups/DOMAIN-d1-g1", "parent_path": "/infra/realized-state/enforcement-points/nsx-1", "relative_path": "DOMAIN-d1-g1", "intent_reference": [ "/infra/domains/d1/groups/g1" ], "realization_specific_identifier": "22db5ae1-f1d7-4fa0-aa98-6176a3b80d0d", "alarms": [], "state": "REALIZED", "runtime_status": "UNKNOWN", "extended_attributes": [ { "values": [ "/infra/realized-state/enforcement-points/nsx-1/virtual-machines/564d1fb9-f50d-5533-d189-550394ba7252", "/infra/realized-state/enforcement-points/nsx-1/virtual-machines/564d2588-5ccf-7825-32f9-d5e1f344fe40", "/infra/realized-state/enforcement-points/nsx-1/virtual-machines/564d6341-5655-5cdb-2a90-fad1b762789b", "/infra/realized-state/enforcement-points/nsx-1/virtual-machines/564d922d-f3cb-ae5c-3e3d-d76a55990905" ], "data_type": "STRING", "key": "VIRTUAL_MACHINES", "multivalue": true } ], "entity_type": "RealizedGroup", "_create_user": "system", "_create_time": 1519051314478, "_last_modified_user": "admin", "_last_modified_time": 1519057587852, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 5 } Required Permissions: read Feature: infra_admin Additional Errors:

Refresh all realized entities associated with the intent-path

Refresh the status and statistics of all realized entities associated
with given intent path synchronously.
Request:
Method:
POST
URI Path:
/policy/api/v1/infra/realized-state/realized-entity?action=refresh
Request Headers:
n/a
Query Parameters:
RealizedStateRequestParameter+
Request Body:
n/a

Example Request: POST https://<policy-mgr>/policy/api/v1/infra/realized-state/realized-entity?action=refresh&intent_path=/infra/domains/d1/groups/g1&enforcement_point_path=/infra/deployment-zones/default/enforcement-points/ep1 Successful Response:
Response Code:
204 No Content
Response Headers:
n/a
Response Body:
n/a

Required Permissions: read Feature: infra_admin Additional Errors:

Get consolidated status of an intent object

Get Consolidated Status of an intent object (with or without enforcement specific status details).
The request is evaluated as follows:
- : the request is evaluated on all enforcement points for the given intent without
enforcement point specific details.
- : the request is evaluated on all enforcement points for
the given intent with enforcement point specific details.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/status
Request Headers:
n/a
Query Parameters:
IntentStatusRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/realized-state/status?intent_path=/infra/domains/default/security-policies/block-external&include_enforced_status=true Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ConsolidatedRealizedStatus+

Example Response: { "consolidated_status": { "consolidated_status": "ERROR" }, "consolidated_status_per_enforcement_point": [ { "enforced_status": { "enforced_status_info": { "enforced_status": { "status": "UNKNOWN" }, "enforced_status_per_scope": [ { "enforced_status_per_transport_node": [ { "path": "/infra/sites/default/enforcement-points/default/edge-clusters/ec/edge-nodes/c578e7ba-5ce5-11e9-acec-41d19997391c", "enforced_status": { "status": "FAILURE", "status_message": "Internal error(1101) occurred on transport node c578e7ba-5ce5-11e9-acec-41d19997391c." } }, { "path": "/infra/sites/default/enforcement-points/default/edge-clusters/ec/edge-nodes/a744cd7e-5ce5-11e9-a24b-df71fdc87f85", "enforced_status": { "status": "SUCCESS" } }, { "path": "/infra/sites/default/enforcement-points/default/edge-clusters/ec/edge-nodes/77af8e10-5ce5-11e9-9149-5bb770f7c6c7", "enforced_status": { "status": "SUCCESS" } }, { "path": "/infra/sites/default/enforcement-points/default/edge-clusters/ec/edge-nodes/93ecd452-5ce5-11e9-8c18-bdce5885e998", "enforced_status": { "status": "SUCCESS" } } ], "resource_type": "TransportNodeSpanEnforcedStatus" } ] }, "pending_changes_info": { "pending_changes_flag": false } }, "enforcement_point_path": "/infra/sites/default/enforcement-points/default", "enforcement_point_id": "default", "consolidated_status": { "consolidated_status": "UNKNOWN" } } ], "intent_path": "/infra/domains/default/security-policies/block-external" } Required Permissions: read Feature: infra_admin Additional Errors:

List all virtual machines

This API filters objects of type virtual machine. This API also gives some VM
details such as VM name, IDs and the current state of the VMs.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/realized-state/virtual-machines
Request Headers:
n/a
Query Parameters:
RealizationListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/realized-state/virtual-machines?enforcement_point_path=/infra/deployment-zones/default/enforcement-points/ep1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VirtualMachineListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "compute_ids": [ "moIdOnHost:1", "hostLocalId:1", "locationId:564d75b2-7e28-7e78-dd77-64e5fd6128e1", "instanceUuid:04fb2e78-e4bc-416f-b9dc-18b9f05e6227", "externalId:564d75b2-7e28-7e78-dd77-64e5fd6128e1", "biosUuid:564d75b2-7e28-7e78-dd77-64e5fd6128e1" ], "resource_type": "VirtualMachine", "external_id": "564d75b2-7e28-7e78-dd77-64e5fd6128e1", "source": { "target_display_name": "sc-rdops-vm09-dhcp-16-203.eng.vmware.com", "is_valid": true, "target_type": "HostNode", "target_id": "1afea8da-d4e2-11e7-93c3-c57b39f75a4f" }, "_last_sync_time": 1512031301409, "display_name": "1-vm_ubuntu_1404_srv_64-local-586-04fb2e78-e4bc-416f-b9dc-18b9f05e6227", "type": "REGULAR", "power_state": "VM_RUNNING", "host_id": "1afea8da-d4e2-11e7-93c3-c57b39f75a4f", "local_id_on_host": "1" } ] } Required Permissions: read Feature: infra_admin Additional Errors:

Policy: Security

Policy: Security: Distributed Firewall

Associated URIs:

List communication maps (Deprecated)

List all communication maps for a domain.
This API is deprecated. Please use the following API instead.
GET /infra/domains/domain-id/security-policies
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/communication-maps
Request Headers:
n/a
Query Parameters:
CommunicationMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/vmc/communication-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CommunicationMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 2, "results": [ { "resource_type": "CommunicationMap", "description": "comm map", "id": "application-section-1", "display_name": "application-section-1", "path": "/infra/domains/vmc/communication-maps/application-section-1", "parent_path": "/infra/domains/vmc", "relative_path": "application-section-1", "category": "Application", "precedence": 0, "_create_user": "admin", "_create_time": 1517317362027, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 }, { "resource_type": "CommunicationMap", "id": "communication-map", "display_name": "communication-map", "path": "/infra/domains/vmc/communication-maps/communication-map", "parent_path": "/infra/domains/vmc", "relative_path": "communication-map", "precedence": 100, "_create_user": "admin", "_create_time": 1517307910504, "_last_modified_user": "admin", "_last_modified_time": 1517307910504, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_dfw Additional Errors:

Patch communication map (Deprecated)

Patch the communication map for a domain. If a communication map for the
given communication-map-id is not present, the object will get created and
if it is present it will be updated. This is a full replace
This API is deprecated. Please use the following API instead.
PATCH /infra/domains/domain-id/security-policies/security-policy-id
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
CommunicationMap+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/domains/vmc/communication-maps/application-section-1 { "description": "comm map patched", "display_name": "application-section-1", "category":"Application", "communication_entries": [ { "description": " comm entry", "display_name": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "action": "ALLOW" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Deletes a communication map from this domain (Deprecated)

Deletes the communication map along with all the communication entries
This API is deprecated. Please use the following API instead.
DELETE /infra/domains/domain-id/security-policies/security-policy-id
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/domains/vmc/communication-maps/application-section-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or Update communication map (Deprecated)

Create or Update the communication map for a domain. This is a full replace.
All the CommunicationEntries are replaced.
This API is deprecated. Please use the following API instead.
PUT /infra/domains/domain-id/security-policies/security-policy-id
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
CommunicationMap+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/domains/vmc/communication-maps/application-section-1 { "description": "comm map", "display_name": "application-section-1", "_revision":0, "category":"Application", "communication_entries": [ { "description": " comm entry", "display_name": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "action": "ALLOW" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CommunicationMap+

Example Response: { "resource_type": "CommunicationMap", "description": "comm map", "id": "application-section-1", "display_name": "application-section-1", "path": "/infra/domains/vmc/communication-maps/application-section-1", "parent_path": "/infra/domains/vmc", "relative_path": "application-section-1", "communication_entries": [ { "resource_type": "CommunicationEntry", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/communication-maps/application-section-1/communication-entries/ce-1", "parent_path": "/infra/domains/vmc/communication-maps/application-section-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ], "category": "Application", "precedence": 0, "_create_user": "admin", "_create_time": 1517317362027, "_last_modified_user": "admin", "_last_modified_time": 1517317362027, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Read communication-map (Deprecated)

Read communication-map for a domain.
This API is deprecated. Please use the following API instead.
GET /infra/domains/domain-id/security-policies/security-policy-id
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/vmc/communication-maps/application-section-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CommunicationMap+

Example Response: { "resource_type": "CommunicationMap", "description": "comm map", "id": "application-section-1", "display_name": "application-section-1", "path": "/infra/domains/vmc/communication-maps/application-section-1", "parent_path": "/infra/domains/vmc", "relative_path": "application-section-1", "communication_entries": [ { "resource_type": "CommunicationEntry", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/communication-maps/application-section-1/communication-entries/ce-1", "parent_path": "/infra/domains/vmc/communication-maps/application-section-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ], "category": "Application", "precedence": 0, "_create_user": "admin", "_create_time": 1517317362027, "_last_modified_user": "admin", "_last_modified_time": 1517317362027, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_dfw Additional Errors:

List CommunicationEntries (Deprecated)

List CommunicationEntries
This API is deprecated. Please use the following API instead.
GET /infra/domains/domain-id/security-policies/security-policy-id/rules
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries
Request Headers:
n/a
Query Parameters:
CommunicationEntryListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/vmc/communication-maps/application-section-1/communication-entries Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CommunicationEntryListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "CommunicationEntry", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/communication-maps/application-section-1/communication-entries/ce-1", "parent_path": "/infra/domains/vmc/communication-maps/application-section-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: policy_dfw Additional Errors:

Patch a CommunicationEntry (Deprecated)

Patch the CommunicationEntry. If a communication entry for the given
communication-entry-id is not present, the object will get created and if
it is present it will be updated. This is a full replace
This API is deprecated. Please use the following API instead.
PATCH /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries/<communication-entry-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
CommunicationEntry+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/domains/vmc/communication-maps/application-section-1/communication-entries/ce-1 { "description": " comm entry", "display_name": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc_domain/groups/webgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc_domain/groups/dbgroup" ], "scope": [ "ANY" ], "action": "DROP", "services": [ "ANY" ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Delete CommunicationEntry (Deprecated)

Delete CommunicationEntry
This API is deprecated. Please use the following API instead.
DELETE /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries/<communication-entry-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/domains/vmc/communication-maps/application-section-1/communication-entries/ce-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Read CommunicationEntry (Deprecated)

Read CommunicationEntry
This API is deprecated. Please use the following API instead.
GET /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries/<communication-entry-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/vmc/communication-maps/application-section-1/communication-entries/ce-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CommunicationEntry+

Example Response: { "resource_type": "CommunicationEntry", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/communication-maps/application-section-1/communication-entries/ce-1", "parent_path": "/infra/domains/vmc/communication-maps/application-section-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Create or update a CommunicationEntry (Deprecated)

Update the CommunicationEntry. If a CommunicationEntry with the communication-entry-id
is not already present, this API fails with a 404. Creation of CommunicationEntries
is not allowed using this API.
This API is deprecated. Please use the following API instead
PUT /infra/domains/domain-id/security-policies/securit-policy-id/rules/rule-id
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries/<communication-entry-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
CommunicationEntry+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/domains/vmc/communication-maps/application-section-1/communication-entries/ce-1 { "description": " comm entry", "display_name": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc_domain/groups/webgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc_domain/groups/dbgroup" ], "scope": [ "ANY" ], "action": "DROP", "services": [ "ANY" ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CommunicationEntry+

Example Response: { "resource_type": "CommunicationEntry", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/communication-maps/application-section-1/communication-entries/ce-1", "parent_path": "/infra/domains/vmc/communication-maps/application-section-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Revise the positioning of communication entry (Deprecated)

This is used to re-order a communictation entry within a communication map.
This API is deprecated. Please use the following API instead.
POST /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id?action=revise
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
POST
URI Path:
/policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries/<communication-entry-id>?action=revise
Request Headers:
n/a
Query Parameters:
CommunicationEntryInsertParameters+
Request Body:
CommunicationEntry+

Example Request: POST https://<policy-mgr>/policy/api/v1/infra/domains/vmc/communication-maps/emergency-section/communication-entries/ce-1?action=revise&anchor_path=/infra/domains/vmc/communication-maps/emergency-section/communication-entries/ce-2&operation=insert_after { "description": " comm entry", "display_name": "ce-1", "path": "/infra/domains/vmc_domain/communication-maps/emergency-section/communication-entries/ce-1", "parent_path": "/infra/domains/vmc_domain/communication-maps/emergency-section", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc_domain/groups/webgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc_domain/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/AD_Server", "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CommunicationEntry+

Example Response: { "resource_type": "CommunicationEntry", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/communication-maps/application-section-1/communication-entries/ce-1", "parent_path": "/infra/domains/vmc/communication-maps/application-section-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Revise the positioning of communication maps (Deprecated)

This is used to set a precedence of a communication map w.r.t others.
This API is deprecated. Please use the following API instead.
POST /infra/domains/domain-id/security-policies/security-policy-id?action=revise
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
POST
URI Path:
/policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>?action=revise
Request Headers:
n/a
Query Parameters:
CommunicationMapInsertParameters+
Request Body:
CommunicationMap+

Example Request: POST https://<policy-mgr>/policy/api/v1/infra/domains/vmc/communication-maps/application-section-1?action=revise&anchor_path=/infra/domains/vmc/communication-maps/emergency-section&operation=insert_before { "description": "comm map revised", "display_name": "application-section-1", "category":"Application", "communication_entries": [ { "description": " comm entry", "display_name": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "action": "ALLOW" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
CommunicationMap+

Example Response: { "resource_type": "CommunicationMap", "description": "comm map", "id": "application-section-1", "display_name": "application-section-1", "path": "/infra/domains/vmc/communication-maps/application-section-1", "parent_path": "/infra/domains/vmc", "relative_path": "application-section-1", "communication_entries": [ { "resource_type": "CommunicationEntry", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/communication-maps/application-section-1/communication-entries/ce-1", "parent_path": "/infra/domains/vmc/communication-maps/application-section-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ], "category": "Application", "precedence": 0, "_create_user": "admin", "_create_time": 1517317362027, "_last_modified_user": "admin", "_last_modified_time": 1517317362027, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_dfw Additional Errors:

List security policies

List all security policies for a domain.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/security-policies
Request Headers:
n/a
Query Parameters:
SecurityPolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/vmc/security-policies Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SecurityPolicyListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 2, "results": [ { "resource_type": "SecurityPolicy", "description": "comm map", "id": "application-section-1", "display_name": "application-section-1", "path": "/infra/domains/vmc/security-policies/application-section-1", "parent_path": "/infra/domains/vmc", "relative_path": "application-section-1", "category": "Application", "precedence": 0, "_create_user": "admin", "_create_time": 1517317362027, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 }, { "resource_type": "SecurityPolicy", "id": "security-policy", "display_name": "security-policy", "path": "/infra/domains/vmc/security-policies/security-policy", "parent_path": "/infra/domains/vmc", "relative_path": "security-policy", "precedence": 100, "_create_user": "admin", "_create_time": 1517307910504, "_last_modified_user": "admin", "_last_modified_time": 1517307910504, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_dfw Additional Errors:

Create or Update security policy

Create or Update the security policy for a domain. This is a full replace.
All the rules are replaced.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SecurityPolicy+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/domains/vmc/security-policies/application-section-1 { "description": "comm map", "display_name": "application-section-1", "category": "Application", "rules": [ { "description": " comm entry", "display_name": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "action": "ALLOW" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SecurityPolicy+

Example Response: { "resource_type": "SecurityPolicy", "description": "comm map", "id": "application-section-1", "display_name": "application-section-1", "path": "/infra/domains/vmc/security-policies/application-section-1", "parent_path": "/infra/domains/vmc", "relative_path": "application-section-1", "rules": [ { "resource_type": "Rule", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/security-policies/application-section-1/rules/ce-1", "parent_path": "/infra/domains/vmc/security-policies/application-section-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ], "category": "Application", "precedence": 0, "_create_user": "admin", "_create_time": 1517317362027, "_last_modified_user": "admin", "_last_modified_time": 1517317362027, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Deletes a security policy from this domain

Deletes the security policy along with all the rules
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/domains/vmc/security-policies/application-section-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Read security policy

Read security policy for a domain.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/vmc/security-policies/application-section-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SecurityPolicy+

Example Response: { "resource_type": "SecurityPolicy", "description": "comm map", "id": "application-section-1", "display_name": "application-section-1", "path": "/infra/domains/vmc/security-policies/application-section-1", "parent_path": "/infra/domains/vmc", "relative_path": "application-section-1", "rules": [ { "resource_type": "Rule", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/security-policies/application-section-1/rules/ce-1", "parent_path": "/infra/domains/vmc/security-policies/application-section-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ], "category": "Application", "precedence": 0, "_create_user": "admin", "_create_time": 1517317362027, "_last_modified_user": "admin", "_last_modified_time": 1517317362027, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_dfw Additional Errors:

Patch security policy

Patch the security policy for a domain. If a security policy for the given
security-policy-id is not present, the object will get created and if it is
present it will be updated. This is a full replace
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SecurityPolicy+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/domains/vmc/security-policies/application-section-1 { "description": "comm map patched", "display_name": "application-section-1", "category":"Application", "rules": [ { "description": " comm entry", "display_name": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "action": "ALLOW" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

List rules

List rules This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules
Request Headers:
n/a
Query Parameters:
RuleListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/vmc/security-policies/application-section-1/rules Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RuleListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "Rule", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/security-policies/application-section-1/rules/ce-1", "parent_path": "/infra/domains/vmc/security-policies/application-section-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: policy_dfw Additional Errors:

Patch a rule

Patch the rule. If Rule corresponding to the the given rule-id is
not present, the object will get created and if it is present it will be
updated. This is a full replace
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Rule+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/domains/vmc/security-policies/application-section-1/rules/ce-1 { "description": " comm entry", "display_name": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc_domain/groups/webgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc_domain/groups/dbgroup" ], "scope": [ "ANY" ], "action": "DROP", "services": [ "ANY" ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Delete rule

Delete rule This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/domains/vmc/security-policies/application-section-1/rules/ce-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Read rule

Read rule This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/vmc/security-policies/application-section-1/rules/ce-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Rule+

Example Response: { "resource_type": "Rule", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/security-policies/application-section-1/rules/ce-1", "parent_path": "/infra/domains/vmc/security-policies/application-section-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Create or update a rule

Update the rule. Create new rule if a rule with the rule-id is not already present.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Rule+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/domains/vmc/security-policies/application-section-1/rules/ce-1 { "description": "comm entry", "display_name": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc_domain/groups/webgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc_domain/groups/dbgroup" ], "scope": [ "ANY" ], "action": "DROP", "services": [ "ANY" ], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Rule+

Example Response: { "resource_type": "Rule", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/security-policies/application-section-1/rules/ce-1", "parent_path": "/infra/domains/vmc/security-policies/application-section-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Revise the positioning of rule

This is used to re-order a rule within a security policy.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
POST
URI Path:
/policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>?action=revise
Request Headers:
n/a
Query Parameters:
RuleInsertParameters+
Request Body:
Rule+

Example Request: POST https://<policy-mgr>/policy/api/v1/infra/domains/vmc/security-policies/emergency-section/rules/ce-1?action=revise&anchor_path=/infra/domains/vmc/security-policies/emergency-section/rules/ce-2&operation=insert_after { "description": " comm entry", "display_name": "ce-1", "path": "/infra/domains/vmc_domain/security-policies/emergency-section/rules/ce-1", "parent_path": "/infra/domains/vmc_domain/security-policies/emergency-section", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc_domain/groups/webgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc_domain/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/AD_Server", "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Rule+

Example Response: { "resource_type": "Rule", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/security-policies/application-section-1/rules/ce-1", "parent_path": "/infra/domains/vmc/security-policies/application-section-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Revise the positioning of security policies

This is used to set a precedence of a security policy w.r.t others.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
POST
URI Path:
/policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>?action=revise
Request Headers:
n/a
Query Parameters:
SecurityPolicyInsertParameters+
Request Body:
SecurityPolicy+

Example Request: POST https://<policy-mgr>/policy/api/v1/infra/domains/vmc/security-policies/application-section-1?action=revise&anchor_path=/infra/domains/vmc/security-policies/emergency-section&operation=insert_before { "description": "comm map revised", "display_name": "application-section-1", "category":"Application", "rules": [ { "description": " comm entry", "display_name": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "action": "ALLOW" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SecurityPolicy+

Example Response: { "resource_type": "SecurityPolicy", "description": "comm map", "id": "application-section-1", "display_name": "application-section-1", "path": "/infra/domains/vmc/security-policies/application-section-1", "parent_path": "/infra/domains/vmc", "relative_path": "application-section-1", "rules": [ { "resource_type": "Rule", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/security-policies/application-section-1/rules/ce-1", "parent_path": "/infra/domains/vmc/security-policies/application-section-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "ANY" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ], "category": "Application", "precedence": 0, "_create_user": "admin", "_create_time": 1517317362027, "_last_modified_user": "admin", "_last_modified_time": 1517317362027, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Policy: Security: Distributed Firewall: Statistics

Associated URIs:

Get rule statistics

Get statistics of a rule.
- no enforcement point path specified: Stats will be evaluated on each enforcement
point.
- {enforcement_point_path}: Stats are evaluated only on the given enforcement point.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>/statistics
Request Headers:
n/a
Query Parameters:
StatisticsRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/web-domain/communciation-maps/emergency/rules/ce-1/statistics?enforcement_point_path=/infra/deployment-zones/default/enforcement-points/ep1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RuleStatisticsListResult+

Example Response: { "results" : [ { "rule": "ce-1", "packet_count": 3806, "session_count": 819, "hit_count": 345, "byte_count": 322989, "popularity_index": 85, "max_popularity_index": 85, "max_session_count": 819, "total_session_count": 881 } ], "cursor" : 1, "result_count" : 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Get security policy statistics

Get statistics of a security policy.
- no enforcement point path specified: Stats will be evaluated on each enforcement
point.
- {enforcement_point_path}: Stats are evaluated only on the given enforcement point.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/statistics
Request Headers:
n/a
Query Parameters:
StatisticsRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/web-domain/communciation-maps/emergency/statistics?enforcement_point_path=/infra/deployment-zones/default/enforcement-points/ep1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SecurityPolicyStatisticsListResult+

Example Response: { "results" : [ { "rule": "ce-1", "packet_count": 3806, "session_count": 819, "hit_count": 45, "byte_count": 322989, "popularity_index": 85, "max_popularity_index": 85, "max_session_count": 819, "total_session_count": 881 }, { "rule": "ce-2", "packet_count": 8762, "session_count": 62, "hit_count": 45, "byte_count": 76201, "popularity_index": 13, "max_popularity_index": 85, "max_session_count": 819, "total_session_count": 881 } ], "cursor" : 1, "result_count" : 2 } Required Permissions: read Feature: policy_dfw Additional Errors:

Reset firewall rule statistics

Sets firewall rule statistics counter to zero. This operation is supported
for given category, for example: DFW i.e. for all layer3 firewall
(transport nodes only) rules or EDGE i.e. for all layer3 edge firewall
(edge nodes only) rules.
- no enforcement point path specified: Stats will be evaluated on each enforcement
point.
- {enforcement_point_path}: Stats are evaluated only on the given enforcement point.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
POST
URI Path:
/policy/api/v1/infra/settings/firewall/stats?action=reset
Request Headers:
n/a
Query Parameters:
ResetStatsRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Policy: Security: Firewall Config

Associated URIs:

List compute cluster idfw Configuration

API will list all compute cluster wise identity firewall configuration
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/settings/firewall/idfw/cluster
Request Headers:
n/a
Query Parameters:
ComputeClusterIdfwConfigurationListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/settings/firewall/idfw/cluster Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeClusterIdfwConfigurationListResult+

Example Response: { "results": [ { "cluster_idfw_enabled": false, "member": { "target_id": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "target_type": "VC_Cluster" }, "resource_type": "ComputeClusterIdfwConfiguration", "id": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "display_name": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "path": "/infra/settings/firewall/idfw/cluster/67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "relative_path": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "parent_path": "/infra/settings/firewall/idfw/cluster/67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "marked_for_delete": false, "_system_owned": false, "_create_user": "admin", "_create_time": 1557913530519, "_last_modified_user": "admin", "_last_modified_time": 1558072998668, "_protection": "NOT_PROTECTED", "_revision": 20 } ], "result_count": 1, "sort_by": "display_name", "sort_ascending": true } Required Permissions: read Feature: policy_dfw Additional Errors:

Create or update compute cluster idfw configuration

Update the compute cluster idfw configuration This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/settings/firewall/idfw/cluster/<cluster-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ComputeClusterIdfwConfiguration+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/settings/firewall/idfw/cluster/67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7 { "cluster_idfw_enabled": false, "member": { "target_id": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "target_type": "VC_Cluster" }, "resource_type": "ComputeClusterIdfwConfiguration", "id": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "display_name": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeClusterIdfwConfiguration+

Example Response: { "cluster_idfw_enabled": false, "member": { "target_id": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "target_type": "VC_Cluster" }, "resource_type": "ComputeClusterIdfwConfiguration", "id": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "display_name": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "path": "/infra/settings/firewall/idfw/cluster/67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "relative_path": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "parent_path": "/infra/settings/firewall/idfw/cluster/67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "marked_for_delete": false, "_system_owned": false, "_create_user": "admin", "_create_time": 1557913530519, "_last_modified_user": "admin", "_last_modified_time": 1558072998668, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Patch compute cluster idfw configuration

Patch compute cluster identity firewall configuration. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/settings/firewall/idfw/cluster/<cluster-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ComputeClusterIdfwConfiguration+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/settings/firewall/idfw/cluster/67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7 { "cluster_idfw_enabled": false, "member": { "target_id": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "target_type": "VC_Cluster" } } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Read compute cluster idfw configuration

Read compute cluster identity firewall configuration
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/settings/firewall/idfw/cluster/<cluster-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/settings/firewall/idfw/cluster/67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ComputeClusterIdfwConfiguration+

Example Response: { "cluster_idfw_enabled": false, "member": { "target_id": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "target_type": "VC_Cluster" }, "resource_type": "ComputeClusterIdfwConfiguration", "id": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "display_name": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "path": "/infra/settings/firewall/idfw/cluster/67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "relative_path": "67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "parent_path": "/infra/settings/firewall/idfw/cluster/67d830f8-f053-4512-beb8-5bae5427ab31:domain-c7", "marked_for_delete": false, "_system_owned": false, "_create_user": "admin", "_create_time": 1557913530519, "_last_modified_user": "admin", "_last_modified_time": 1558072998668, "_protection": "NOT_PROTECTED", "_revision": 20 } Required Permissions: read Feature: policy_dfw Additional Errors:

Read idfw configuration for standalone host

Read identity firewall configuration for standalone host
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/settings/firewall/idfw/standalone-host-switch-setting
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/settings/firewall/idfw/standalone-host-switch-setting Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StandaloneHostIdfwConfiguration+

Example Response: { "idfw_enabled": true, "resource_type": "StandaloneHostIdfwConfiguration", "id": "standalone-host-switch-setting", "display_name": "/infra/settings/firewall/idfw/standalone-host-switch-setting", "path": "/infra/settings/firewall/idfw/standalone-host-switch-setting", "relative_path": "standalone-host-switch-setting", "marked_for_delete": false, "_system_owned": false, "_create_user": "admin", "_create_time": 1558703164396, "_last_modified_user": "admin", "_last_modified_time": 1558780407911, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Patch idfw configuration for standalone host

Patch identity firewall configuration for standalone host This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/settings/firewall/idfw/standalone-host-switch-setting
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
StandaloneHostIdfwConfiguration+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/settings/firewall/idfw/standalone-host-switch-setting { "idfw_enabled": false } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or update idfw configuration for standalone host

Update the idfw configuration for standalone host This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/settings/firewall/idfw/standalone-host-switch-setting
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
StandaloneHostIdfwConfiguration+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/settings/firewall/idfw/standalone-host-switch-setting { "idfw_enabled": false, "resource_type": "StandaloneHostIdfwConfiguration", "id": "standalone-host-switch-setting", "display_name": "/infra/settings/firewall/idfw/standalone-host-switch-setting", "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
StandaloneHostIdfwConfiguration+

Example Response: { "idfw_enabled": false, "resource_type": "StandaloneHostIdfwConfiguration", "id": "standalone-host-switch-setting", "display_name": "/infra/settings/firewall/idfw/standalone-host-switch-setting", "path": "/infra/settings/firewall/idfw/standalone-host-switch-setting", "relative_path": "standalone-host-switch-setting", "marked_for_delete": false, "_system_owned": false, "_create_user": "admin", "_create_time": 1558703164396, "_last_modified_user": "admin", "_last_modified_time": 1558780407911, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Update dfw firewall configuration

Update dfw firewall related configurations.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/settings/firewall/security
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DfwFirewallConfiguration+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/settings/firewall/security { "idfw_enabled": true, "resource_type": "DfwFirewallConfiguration", "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DfwFirewallConfiguration+

Example Response: { "idfw_enabled": true, "resource_type": "DfwFirewallConfiguration", "id": "security", "display_name": "/infra/settings/firewall/security", "path": "/infra/settings/firewall/security", "relative_path": "security", "marked_for_delete": false, "default_security_posture": "BLACKLIST", "enable_default_rule_logging": false, "enable_firewall": true, "disable_drafts": false, "_create_user": "system", "_create_time": 1554274751846, "_last_modified_user": "admin", "_last_modified_time": 1554275071006, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Get dfw firewall configuration

Get the current dfw firewall configurations. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/settings/firewall/security
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/settings/firewall/security Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DfwFirewallConfiguration+

Example Response: { "idfw_enabled": true, "resource_type": "DfwFirewallConfiguration", "id": "security", "display_name": "security", "path": "/infra/settings/firewall/security", "relative_path": "security", "marked_for_delete": false, "default_security_posture": "BLACKLIST", "enable_default_rule_logging": false, "enable_firewall": true, "disable_drafts": false, "_create_user": "system", "_create_time": 1554274751846, "_last_modified_user": "system", "_last_modified_time": 1554274751846, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_dfw Additional Errors:

Update dfw firewall configuration

Update dfw firewall related configurations.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/settings/firewall/security
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DfwFirewallConfiguration+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/settings/firewall/security { "idfw_enabled": false, "resource_type": "DfwFirewallConfiguration" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Read security policy exclude list

Read exclude list for firewall
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/settings/firewall/security/exclude-list
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/settings/firewall/security/exclude-list Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyExcludeList+

Example Response: { "members": [ "/infra/domains/default/groups/grp1" ], "resource_type": "PolicyExcludeList", "id": "security-policy", "display_name": "/infra/settings/firewall/security/exclude-list", "path": "/infra/settings/firewall/security/exclude-list", "relative_path": "security-policy", "marked_for_delete": false, "_create_user": "system", "_create_time": 1552908666342, "_last_modified_user": "admin", "_last_modified_time": 1553087794966, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Create or update exclusion list for security policy

Update the exclusion list for security policy
Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/settings/firewall/security/exclude-list
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyExcludeList+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/settings/firewall/security/exclude-list { "members": ["/infra/domains/default/groups/grp1"], "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyExcludeList+

Example Response: { "members": [ "/infra/domains/default/groups/grp1" ], "resource_type": "PolicyExcludeList", "id": "security-policy", "display_name": "/infra/settings/firewall/security/exclude-list", "path": "/infra/settings/firewall/security/exclude-list", "relative_path": "security-policy", "marked_for_delete": false, "_create_user": "system", "_create_time": 1552908666342, "_last_modified_user": "admin", "_last_modified_time": 1553087794966, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Patch exclusion list for security policy

Patch exclusion list for security policy.
Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/settings/firewall/security/exclude-list
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyExcludeList+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/settings/firewall/security/exclude-list { "members": ["/infra/domains/default/groups/grp1"] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Policy: Security: Gateway Firewall

Associated URIs:

List gateway policies

List all gateway policies for specified Domain. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/gateway-policies
Request Headers:
n/a
Query Parameters:
SecurityPolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/vmc-domain/gateway-policies Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GatewayPolicyListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 2, "results": [ { "resource_type": "GatewayPolicy", "id": "default", "display_name": "/infra/domains/vmc-domain/gateway-policies/default", "path": "/infra/domains/vmc-domain/gateway-policies/default", "parent_path": "/infra/domains/vmc-domain", "relative_path": "default", "precedence": 0, "category": "LocalGatewayRules", "_create_user": "admin", "_create_time": 1516295469775, "_last_modified_user": "admin", "_last_modified_time": 1516432061800, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 6 }, { "resource_type": "GatewayPolicy", "id": "internal", "display_name": "internal", "path": "/infra/domains/vmc-domain/gateway-policies/internal", "parent_path": "/infra/domains/vmc-domain", "relative_path": "internal", "precedence": 200, "category": "SharedPreRules", "_create_user": "admin", "_create_time": 1516295469778, "_last_modified_user": "admin", "_last_modified_time": 1516295469778, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_edge_fw Additional Errors:

Read gateway policy

Read gateway policy for a domain.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/vmc-domain/gateway-policies/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GatewayPolicy+

Example Response: { "resource_type": "GatewayPolicy", "id": "default", "display_name": "/infra/domains/vmc-domain/gateway-policies/default", "path": "/infra/domains/vmc-domain/gateway-policies/default", "parent_path": "/infra/domains/vmc-domain", "relative_path": "default", "category": "SharedPreRules", "rules": [ { "resource_type": "Rule", "description": "entry1", "id": "entry1", "display_name": "entry1", "path": "/infra/domains/vmc-domain/gateway-policies/default/rules/entry1", "parent_path": "/infra/domains/vmc-domain/gateway-policies/default", "relative_path": "entry1", "sequence_number": 0, "source_groups": [ "/infra/tier-0s/vmc/groups/source" "logged": false, "destination_groups": [ "/infra/domains/vmc-domain/groups/destination" ], "scope": [ "/infra/tier-0s/vmc" ], "action": "ALLOW", "services": [ "/infra/services/HTTP" ], "_create_user": "admin", "_create_time": 1516386404233, "_last_modified_user": "admin", "_last_modified_time": 1516431370604, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 3 } ], "precedence": 0, "_create_user": "admin", "_create_time": 1516295469775, "_last_modified_user": "admin", "_last_modified_time": 1516432061797, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 5 } Required Permissions: read Feature: policy_edge_fw Additional Errors:

Update gateway policy

Update the gateway policy for a domain. This is a full replace.
All the rules are replaced.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
GatewayPolicy+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/domains/vmc-domain/gateway-policies/default { "rules": [ { "resource_type": "Rule", "description": "entry1", "id": "entry1", "display_name": "entry1", "path": "/infra/domains/vmc-domain/gateway-policies/default/rules/entry1", "parent_path": "/infra/domains/vmc-domain/gateway-policies/default", "relative_path": "entry1", "sequence_number": 0, "category": "SharedPreRules", "source_groups": [ "/infra/tier-0s/vmc/groups/source" ], "logged": false, "destination_groups": [ "/infra/domains/vmc-domain/groups/destination" ], "scope": [ "/infra/tier-0s/vmc" ], "action": "ALLOW", "services": [ "/infra/services/HTTP" ] } ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_edge_fw Additional Errors:

Delete GatewayPolicy

Delete GatewayPolicy This API is only available when using VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/domains/vmc-domain/gateway-policies/map1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_edge_fw Additional Errors:

Update gateway policy

Update the gateway policy for a domain. This is a full replace.
All the rules are replaced.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
GatewayPolicy+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/domains/vmc-domain/gateway-policies/default { "category": "SharedPreRules", "rules": [ { "resource_type": "Rule", "description": "entry1", "id": "entry1", "display_name": "entry1", "path": "/infra/domains/vmc-domain/gateway-policies/default/rules/entry1", "parent_path": "/infra/domains/vmc-domain/gateway-policies/default", "relative_path": "entry1", "sequence_number": 0, "source_groups": [ "/infra/tier-0s/vmc/groups/source" ], "logged": false, "destination_groups": [ "/infra/domains/vmc-domain/groups/destination" ], "scope": [ "/infra/tier-0s/vmc" ], "action": "ALLOW", "services": [ "/infra/services/HTTP" ], "_revision": 3 } ], "_revision": 4 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GatewayPolicy+

Example Response: { "resource_type": "GatewayPolicy", "id": "default", "display_name": "/infra/domains/vmc-domain/gateway-policies/default", "path": "/infra/domains/vmc-domain/gateway-policies/default", "parent_path": "/infra/domains/vmc-domain", "relative_path": "default", "category": "SharedPreRules", "rules": [ { "resource_type": "Rule", "description": "entry1", "id": "entry1", "display_name": "entry1", "path": "/infra/domains/vmc-domain/gateway-policies/default/rules/entry1", "parent_path": "/infra/domains/vmc-domain/gateway-policies/default", "relative_path": "entry1", "sequence_number": 0, "source_groups": [ "/infra/tier-0s/vmc/groups/source" ], "logged": false, "destination_groups": [ "/infra/domains/vmc-domain/groups/destination" ], "scope": [ "/infra/tier-0s/vmc" ], "action": "ALLOW", "services": [ "/infra/services/HTTP" ], "_create_user": "admin", "_create_time": 1516386404233, "_last_modified_user": "admin", "_last_modified_time": 1516431370604, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 3 } ], "precedence": 0, "_create_user": "admin", "_create_time": 1516295469775, "_last_modified_user": "admin", "_last_modified_time": 1516432061797, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 5 } Required Permissions: crud Feature: policy_edge_fw Additional Errors:

List rules

List rules This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules
Request Headers:
n/a
Query Parameters:
RuleListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/vmc-domain/gateway-policies/default/rules/entry1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RuleListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "Rule", "description": "entry1", "id": "entry1", "display_name": "entry1", "path": "/infra/domains/vmc-domain/gateway-policies/default/rules/entry1", "parent_path": "/infra/domains/vmc-domain/gateway-policies/default", "relative_path": "entry1", "sequence_number": 0, "source_groups": [ "/infra/tier-0s/vmc/groups/source" ], "logged": false, "destination_groups": [ "/infra/domains/vmc-domain/groups/destination" ], "scope": [ "/infra/tier-0s/vmc" ], "action": "ALLOW", "services": [ "/infra/services/HTTP" ], "_create_user": "admin", "_create_time": 1516386404233, "_last_modified_user": "admin", "_last_modified_time": 1516431370604, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 3 } ] } Required Permissions: read Feature: policy_edge_fw Additional Errors:

Update gateway rule

Update the gateway rule.
Create new rule if a rule with the rule-id is not already present.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Rule+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/domains/vmc-domain/gateway-policies/default/rules/entry1 { "sequence_number": 0, "source_groups": [ "/infra/tier-0s/vmc/groups/source" ], "services": ["/infra/services/HTTP"], "logged": false, "destination_groups": [ "/infra/domains/vmc-domain/groups/destination" ], "scope": [ "/infra/tier-0s/vmc" ], "action":"ALLOW" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_edge_fw Additional Errors:

Update gateway rule

Update the gateway rule.
Create new rule if a rule with the rule-id is not already present.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
Rule+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/domains/vmc-domain/gateway-policies/default/rules/entry1 { "sequence_number": 0, "source_groups": [ "/infra/tier-0s/vmc/groups/source" ], "services": ["/infra/services/HTTP"], "logged": false, "destination_groups": [ "/infra/domains/vmc-domain/groups/destination" ], "scope": [ "/infra/tier-0s/vmc" ], "action":"ALLOW", "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Rule+

Example Response: { "resource_type": "Rule", "description": "entry1", "id": "entry1", "display_name": "entry1", "path": "/infra/domains/vmc-domain/gateway-policies/default/rules/entry1", "parent_path": "/infra/domains/vmc-domain/gateway-policies/default", "relative_path": "entry1", "sequence_number": 0, "source_groups": [ "/infra/tier-0s/vmc/groups/source" ], "logged": false, "destination_groups": [ "/infra/domains/vmc-domain/groups/destination" ], "scope": [ "/infra/tier-0s/vmc" ], "action": "ALLOW", "services": [ "/infra/services/HTTP" ], "_create_user": "admin", "_create_time": 1516386404233, "_last_modified_user": "admin", "_last_modified_time": 1516431370604, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: crud Feature: policy_edge_fw Additional Errors:

Delete rule

Delete rule This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/domains/vmc-domain/gateway-policies/default/rules/entry1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_edge_fw Additional Errors:

Read rule

Read rule This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/vmc-domain/gateway-policies/default/rules/entry1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Rule+

Example Response: { "resource_type": "Rule", "description": "entry1", "id": "entry1", "display_name": "entry1", "path": "/infra/domains/vmc-domain/gateway-policies/default/rules/entry1", "parent_path": "/infra/domains/vmc-domain/gateway-policies/default", "relative_path": "entry1", "sequence_number": 0, "source_groups": [ "/infra/tier-0s/vmc/groups/source" ], "logged": false, "destination_groups": [ "/infra/domains/vmc-domain/groups/destination" ], "scope": [ "/infra/tier-0s/vmc" ], "action": "ALLOW", "services": [ "/infra/services/HTTP" ], "_create_user": "admin", "_create_time": 1516386404233, "_last_modified_user": "admin", "_last_modified_time": 1516431370604, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: read Feature: policy_edge_fw Additional Errors:

Revise the positioning of gateway rule

This is used to re-order a gateway rule within a gateway policy.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
POST
URI Path:
/policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules/<rule-id>?action=revise
Request Headers:
n/a
Query Parameters:
RuleInsertParameters+
Request Body:
Rule+

Example Request: POST https://<policy-mgr>/policy/api/v1/infra/domains/vmc/gateway-policies/cgw-1/rules/ce-1?action=revise&anchor_path=/infra/domains/vmc/gateway-policies/cgw-1/rules/ce-2&operation=insert_after { "description": " comm entry", "display_name": "ce-1", "path": "/infra/domains/vmc_domain/gateway-policies/cgw-1/rules/ce-1", "parent_path": "/infra/domains/vmc_domain/gateway-policies/cgw-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc_domain/groups/webgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc_domain/groups/appgroup" ], "scope": [ "/infra/tier-1s/cgw" ], "action": "ALLOW", "services": [ "/infra/services/AD_Server", "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
Rule+

Example Response: { "resource_type": "Rule", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/gateway-policies/cgw-1/rules/ce-1", "parent_path": "/infra/domains/vmc/gateway-policies/cgw-1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "/infra/tier-1s/cgw" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_edge_fw Additional Errors:

Revise the positioning of gateway policy

This is used to set a precedence of a gateway policy w.r.t others.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
POST
URI Path:
/policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>?action=revise
Request Headers:
n/a
Query Parameters:
SecurityPolicyInsertParameters+
Request Body:
GatewayPolicy+

Example Request: POST https://<policy-mgr>/policy/api/v1/infra/domains/vmc/gateway-policies/cgw-1?action=revise&anchor_path=/infra/domains/vmc/gateway-policies/cgw-2&operation=insert_before { "description": "policy revised", "display_name": "cgw-1", "category": "SharedPreRules", "rules": [ { "description": " rule", "display_name": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "scope": [ "/infra/tier-1s/cgw" ], "action": "ALLOW" } ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GatewayPolicy+

Example Response: { "resource_type": "GatewayPolicy", "description": "comm map revised", "id": "cgw-1", "display_name": "cgw-1", "path": "/infra/domains/vmc/gateway-policies/cgw-1", "parent_path": "/infra/domains/vmc", "relative_path": "cgw-1", "rules": [ { "resource_type": "Rule", "description": " comm entry", "id": "ce-1", "display_name": "ce-1", "path": "/infra/domains/vmc/gateway-policies/cgw1/rules/ce-1", "parent_path": "/infra/domains/vmc/gateway-policies/cgw1", "relative_path": "ce-1", "sequence_number": 1, "source_groups": [ "/infra/domains/vmc/groups/dbgroup" ], "logged": false, "destination_groups": [ "/infra/domains/vmc/groups/appgroup" ], "scope": [ "/infra/tier-1s/cgw" ], "action": "ALLOW", "services": [ "/infra/services/HTTP", "/infra/services/CIM-HTTP" ], "_create_user": "admin", "_create_time": 1517317382942, "_last_modified_user": "admin", "_last_modified_time": 1517317382962, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ], "category": "SharedPreRules", "precedence": 0, "_create_user": "admin", "_create_time": 1517317362027, "_last_modified_user": "admin", "_last_modified_time": 1517317362027, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_edge_fw Additional Errors:

Get list of gateway policies with rules that belong to the specific Tier-0 logical router.

Get filtered view of gateway rules associated
with the Tier-0. The gateay policies are returned in the
order of category and precedence.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/gateway-firewall
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/gateway-firewall Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GatewayPolicyListResult+

Example Response: { "result_count": 2, "results": [ { "resource_type": "GatewayPolicy", "id": "internal", "display_name": "internal", "path": "/infra/domains/vmc-domain/gateway-policies/internal", "parent_path": "/infra/domains/vmc-domain", "relative_path": "internal", "precedence": 10, "category": "PRE_RULES", "rules": [ { "resource_type": "Rule", "description": "entry1", "id": "entry1", "display_name": "entry1", "path": "/infra/domains/vmc-domain/gateway-policies/default/rules/entry1", "parent_path": "/infra/domains/vmc-domain/gateway-policies/default", "relative_path": "entry1", "sequence_number": 0, "source_groups": [ "/infra/domains/vmc/groups/source" ], "logged": false, "destination_groups": [ "/infra/domains/vmc-domain/groups/destination" ], "scope": [ "/infra/tier-0s/vmc" ], "action": "ALLOW", "services": [ "/infra/services/HTTP" ], "_create_user": "admin", "_create_time": 1516386404233, "_last_modified_user": "admin", "_last_modified_time": 1516431370604, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 3 } ], "_create_user": "admin", "_create_time": 1516295469778, "_last_modified_user": "admin", "_last_modified_time": 1516295469778, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "GatewayPolicy", "id": "default", "display_name": "/infra/domains/vmc-domain/gateway-policies/default", "path": "/infra/domains/vmc-domain/gateway-policies/default", "parent_path": "/infra/domains/vmc-domain", "relative_path": "default", "precedence": 10, "category": "POST_RULES", "rules": [ { "resource_type": "Rule", "description": "entry1", "id": "entry1", "display_name": "entry1", "path": "/infra/domains/vmc-domain/gateway-policies/default/rules/entry1", "parent_path": "/infra/domains/vmc-domain/gateway-policies/default", "relative_path": "entry1", "sequence_number": 0, "source_groups": [ "/infra/domains/vmc/groups/source" ], "logged": false, "destination_groups": [ "/infra/domains/vmc-domain/groups/destination" ], "scope": [ "/infra/tier-0s/vmc/locale-services/locale-1" ], "action": "ALLOW", "services": [ "/infra/services/HTTP" ], "_create_user": "admin", "_create_time": 1516386404233, "_last_modified_user": "admin", "_last_modified_time": 1516431370604, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 3 } ], "_create_user": "admin", "_create_time": 1516295469775, "_last_modified_user": "admin", "_last_modified_time": 1516432061800, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 6 } ] } Required Permissions: read Feature: policy_edge_fw Additional Errors:

Get list of gateway policies with rules that belong to the specific Tier-0 LocalServices.

Get filtered view of Gateway Firewall rules associated
with the Tier-0 Locale Services. The gateway policies are
returned in the order of category and sequence number.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-services-id>/gateway-firewall
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/locale-1/gateway-firewall Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GatewayPolicyListResult+

Example Response: { "result_count": 1, "results": [ { "resource_type": "GatewayPolicy", "id": "default", "display_name": "/infra/domains/vmc-domain/gateway-policies/default", "path": "/infra/domains/vmc-domain/gateway-policies/default", "parent_path": "/infra/domains/vmc-domain", "relative_path": "default", "precedence": 10, "category": "POST_RULES", "rules": [ { "resource_type": "Rule", "description": "entry1", "id": "entry1", "display_name": "entry1", "path": "/infra/domains/vmc-domain/gateway-policies/default/rules/entry1", "parent_path": "/infra/domains/vmc-domain/gateway-policies/default", "relative_path": "entry1", "sequence_number": 0, "source_groups": [ "/infra/domains/vmc/groups/source" ], "logged": false, "destination_groups": [ "/infra/domains/vmc-domain/groups/destination" ], "scope": [ "/infra/tier-0s/vmc/locale-services/locale-1" ], "action": "ALLOW", "services": [ "/infra/services/HTTP" ], "_create_user": "admin", "_create_time": 1516386404233, "_last_modified_user": "admin", "_last_modified_time": 1516431370604, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 3 } ], "_create_user": "admin", "_create_time": 1516295469775, "_last_modified_user": "admin", "_last_modified_time": 1516432061800, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 6 } ] } Required Permissions: read Feature: policy_edge_fw Additional Errors:

Get list of gateway policies with rules that belong to the specific Tier-1.

Get filtered view of Gateway Firewall rules associated with the Tier-1.
The gateway policies are returned in the order of category and sequence number.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/gateway-firewall
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/t1/gateway-firewall Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GatewayPolicyListResult+

Example Response: { "result_count": 2, "results": [ { "resource_type": "GatewayPolicy", "id": "internal", "display_name": "internal", "path": "/infra/domains/vmc-domain/gateway-policies/internal", "parent_path": "/infra/domains/vmc-domain", "relative_path": "internal", "precedence": 10, "category": "PRE_RULES", "rules": [ { "resource_type": "Rule", "description": "entry1", "id": "entry1", "display_name": "entry1", "path": "/infra/domains/vmc-domain/gateway-policies/default/rules/entry1", "parent_path": "/infra/domains/vmc-domain/gateway-policies/default", "relative_path": "entry1", "sequence_number": 0, "source_groups": [ "/infra/domains/vmc/groups/source" ], "logged": false, "destination_groups": [ "/infra/domains/vmc-domain/groups/destination" ], "scope": [ "/infra/tier-1s/t1" ], "action": "ALLOW", "services": [ "/infra/services/HTTP" ], "_create_user": "admin", "_create_time": 1516386404233, "_last_modified_user": "admin", "_last_modified_time": 1516431370604, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 3 } ], "_create_user": "admin", "_create_time": 1516295469778, "_last_modified_user": "admin", "_last_modified_time": 1516295469778, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 }, { "resource_type": "GatewayPolicy", "id": "default", "display_name": "/infra/domains/vmc-domain/gateway-policies/default", "path": "/infra/domains/vmc-domain/gateway-policies/default", "parent_path": "/infra/domains/vmc-domain", "relative_path": "default", "precedence": 10, "category": "POST_RULES", "rules": [ { "resource_type": "Rule", "description": "entry1", "id": "entry1", "display_name": "entry1", "path": "/infra/domains/vmc-domain/gateway-policies/default/rules/entry1", "parent_path": "/infra/domains/vmc-domain/gateway-policies/default", "relative_path": "entry1", "sequence_number": 0, "source_groups": [ "/infra/domains/vmc/groups/source" ], "logged": false, "destination_groups": [ "/infra/domains/vmc-domain/groups/destination" ], "scope": [ "/infra/tier-1s/t1/locale-services/locale-1" ], "action": "ALLOW", "services": [ "/infra/services/HTTP" ], "_create_user": "admin", "_create_time": 1516386404233, "_last_modified_user": "admin", "_last_modified_time": 1516431370604, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 3 } ], "_create_user": "admin", "_create_time": 1516295469775, "_last_modified_user": "admin", "_last_modified_time": 1516432061800, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 6 } ] } Required Permissions: read Feature: policy_edge_fw Additional Errors:

Get list of gateway policies with rules that belong to the specific Tier-1 LocalServices.

Get filtered view of Gateway Firewall rules associated
with the Tier-1 Locale Services. The gateway policies are
returned in the order of category and sequence number.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-services-id>/gateway-firewall
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/t1/locale-services/locale-1/gateway-firewall Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GatewayPolicyListResult+

Example Response: { "result_count": 1, "results": [ { "resource_type": "GatewayPolicy", "id": "default", "display_name": "/infra/domains/vmc-domain/gateway-policies/default", "path": "/infra/domains/vmc-domain/gateway-policies/default", "parent_path": "/infra/domains/vmc-domain", "relative_path": "default", "precedence": 10, "category": "POST_RULES", "rules": [ { "resource_type": "Rule", "description": "entry1", "id": "entry1", "display_name": "entry1", "path": "/infra/domains/vmc-domain/gateway-policies/default/rules/entry1", "parent_path": "/infra/domains/vmc-domain/gateway-policies/default", "relative_path": "entry1", "sequence_number": 0, "source_groups": [ "/infra/domains/vmc/groups/source" ], "logged": false, "destination_groups": [ "/infra/domains/vmc-domain/groups/destination" ], "scope": [ "/infra/tier-1s/t1/locale-services/locale-1" ], "action": "ALLOW", "services": [ "/infra/services/HTTP" ], "_create_user": "admin", "_create_time": 1516386404233, "_last_modified_user": "admin", "_last_modified_time": 1516431370604, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 3 } ], "_create_user": "admin", "_create_time": 1516295469775, "_last_modified_user": "admin", "_last_modified_time": 1516432061800, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 6 } ] } Required Permissions: read Feature: policy_edge_fw Additional Errors:

Policy: Security: Gateway Firewall: Statistics

Associated URIs:

Get gateway rule statistics

Get statistics of a gateway rule.
- no enforcement point path specified: Stats will be evaluated on each enforcement.
point.
- {enforcement_point_path}: Stats are evaluated only on the given enforcement point.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules/<rule-id>/statistics
Request Headers:
n/a
Query Parameters:
StatisticsRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/web-domain/gateway-policies/emergency/rules/ce-1/statistics?enforcement_point_path=/infra/deployment-zones/default/enforcement-points/ep1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RuleStatisticsListResult+

Example Response: { "results" : [ { "rule": "ce-1", "internal_rule_id": "1001", "packet_count": 3806, "session_count": 819, "hit_count": 45, "byte_count": 322989, "popularity_index": 85, "max_popularity_index": 85, "max_session_count": 819, "total_session_count": 881 } ], "cursor" : 1, "result_count" : 1 } Required Permissions: read Feature: policy_edge_fw Additional Errors:

Get gateway policy statistics

Get statistics of a gateay policy.
- no enforcement point path specified: Stats will be evaluated on each enforcement.
point.
- {enforcement_point_path}: Stats are evaluated only on the given enforcement point.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/statistics
Request Headers:
n/a
Query Parameters:
StatisticsRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/web-domain/gateway-policies/emergency/statistics?enforcement_point_path=/infra/deployment-zones/default/enforcement-points/ep1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SecurityPolicyStatisticsListResult+

Example Response: { "results" : [ { "rule": "ce-1", "internal_rule_id": "1001", "packet_count": 3806, "session_count": 819, "hit_count": 45, "byte_count": 322989, "popularity_index": 85, "max_popularity_index": 85, "max_session_count": 819, "total_session_count": 881 }, { "rule": "ce-2", "internal_rule_id": "1002", "packet_count": 8762, "session_count": 62, "hit_count": 45, "byte_count": 76201, "popularity_index": 13, "max_popularity_index": 85, "max_session_count": 819, "total_session_count": 881 } ], "cursor" : 1, "result_count" : 2 } Required Permissions: read Feature: policy_edge_fw Additional Errors:

Policy: Security: Guest Introspection

Associated URIs:

Delete Endpoint policy

Delete Endpoint policy. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/domains/gi_domain/endpoint-policies/endpoint-policy-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_gi Additional Errors:

Read Endpoint policy

Read Endpoint policy.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/gi_domain/endpoint-policies/map1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EndpointPolicy+

Example Response: { "endpoint_rules": [ { "sequence_number": 0, "groups": [ "/infra/domains/gi_domain/groups/test_group" ], "service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_1" ], "resource_type": "EndpointRule", "id": "gi-entry-1", "display_name": "gi-entry-1", "path": "/infra/domains/gi_domain/endpoint-policies/map1/endpoint-rules/gi-entry-1", "relative_path": "gi-entry-1", "parent_path": "/infra/domains/gi_domain/endpoint-policies/map1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1542326971854, "_last_modified_user": "admin", "_last_modified_time": 1542840286603, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 3 } ], "sequence_number": 0, "resource_type": "EndpointPolicy", "id": "map1", "display_name": "/infra/domains/gi_domain/endpoint-policies/map1", "path": "/infra/domains/gi_domain/endpoint-policies/map1", "relative_path": "map1", "parent_path": "/infra/domains/gi_domain", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1542326971852, "_last_modified_user": "admin", "_last_modified_time": 1542840286582, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: read Feature: policy_gi Additional Errors:

Create or update Endpoint policy

Create or update the Endpoint policy.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
EndpointPolicy+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/domains/gi_domain/endpoint-policies/map1 { "endpoint_rules": [ { "display_name": "gi-entry-1", "sequence_number": 0, "groups": [ "/infra/domains/gi_domain/groups/test_group" ], "service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_1" ] } ], "sequence_number": 1000, "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EndpointPolicy+

Example Response: { "endpoint_rules": [ { "sequence_number": 0, "groups": [ "/infra/domains/gi_domain/groups/test_group" ], "service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_1" ], "resource_type": "EndpointRule", "id": "gi-entry-1", "display_name": "gi-entry-1", "path": "/infra/domains/gi_domain/endpoint-policies/map1/endpoint-rules/gi-entry-1", "relative_path": "gi-entry-1", "parent_path": "/infra/domains/gi_domain/endpoint-policies/map1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1542326971854, "_last_modified_user": "admin", "_last_modified_time": 1542840286603, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 3 } ], "sequence_number": 1000, "resource_type": "EndpointPolicy", "id": "map1", "display_name": "/infra/domains/gi_domain/endpoint-policies/map1", "path": "/infra/domains/gi_domain/endpoint-policies/map1", "relative_path": "map1", "parent_path": "/infra/domains/gi_domain", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1542326971852, "_last_modified_user": "admin", "_last_modified_time": 1542840286582, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: crud Feature: policy_gi Additional Errors:

Create or update Endpoint policy

Create or update the Endpoint policy.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
EndpointPolicy+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/domains/gi_domain/endpoint-policies/map1 { "endpoint_rules": [ { "display_name": "gi-entry-1", "sequence_number": 0, "groups": [ "/infra/domains/gi_domain/groups/test_group" ], "service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_1" ] } ], "sequence_number": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_gi Additional Errors:

List Endpoint rules

List Endpoint rules This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>/endpoint-rules
Request Headers:
n/a
Query Parameters:
EndpointRuleListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/gi_domain/endpoint-policies/map1/endpoint-rules Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EndpointRuleListResult+

Example Response: { "results": [ { "sequence_number": 10, "groups": [ "/infra/domains/gi_domain/groups/test_group" ], "service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_1" ], "resource_type": "EndpointRule", "id": "gi-entry-1", "display_name": "gi-entry-1", "path": "/infra/domains/gi_domain/endpoint-policies/map1/endpoint-rules/gi-entry-1", "relative_path": "gi-entry-1", "parent_path": "/infra/domains/gi_domain/endpoint-policies/map1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1542326971854, "_last_modified_user": "admin", "_last_modified_time": 1542829025115, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 }, { "sequence_number": 11, "groups": [ "/infra/domains/gi_domain/groups/test_group" ], "service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_2" ], "resource_type": "EndpointRule", "id": "gi-entry-2", "display_name": "gi-entry-2", "path": "/infra/domains/gi_domain/endpoint-policies/map1/endpoint-rules/gi-entry-2", "relative_path": "gi-entry-2", "parent_path": "/infra/domains/gi_domain/endpoint-policies/map1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1542829270619, "_last_modified_user": "admin", "_last_modified_time": 1542829270621, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ], "result_count": 2, "sort_by": "display_name", "sort_ascending": true } Required Permissions: read Feature: policy_gi Additional Errors:

Delete EndpointRule

Delete EndpointRule This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>/endpoint-rules/<endpoint-rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/domains/default/endpoint-policies/map1/endpoint-rules/endpoint-rule-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_gi Additional Errors:

Read Endpoint rule

Read Endpoint rule This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>/endpoint-rules/<endpoint-rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/gi_domain/endpoint-policies/map1/endpoint-rules/gi-entry-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EndpointRule+

Example Response: { "sequence_number": 10, "groups": [ "/infra/domains/gi_domain/groups/test_group" ], "service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_1" ], "resource_type": "EndpointRule", "id": "gi-entry-1", "display_name": "gi-entry-1", "path": "/infra/domains/gi_domain/endpoint-policies/map1/endpoint-rules/gi-entry-1", "relative_path": "gi-entry-1", "parent_path": "/infra/domains/gi_domain/endpoint-policies/map1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1542326971854, "_last_modified_user": "admin", "_last_modified_time": 1542829025115, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: read Feature: policy_gi Additional Errors:

Update Endpoint rule

Create a Endpoint rule with the endpoint-rule-id is not already present,
otherwise update the Endpoint Rule.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>/endpoint-rules/<endpoint-rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
EndpointRule+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/domains/gi_domain/endpoint-policies/map1 /endpoint-rules/endpoint-rule-1 { "display_name": "endpoint-rule-1", "sequence_number": 10, "groups": [ "/infra/domains/gi_domain/groups/test_group" ], "services": [ "/infra/service-references/SR_1/service-profiles/SP_1" ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_gi Additional Errors:

Update Endpoint rule

Create a Endpoint rule with the endpoint-rule-id is not already present,
otherwise update the Endpoint Rule.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>/endpoint-rules/<endpoint-rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
EndpointRule+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/domains/gi_domain/endpoint-policies/map1/endpoint-rules/gi-entry-1 { "display_name": "gi-entry-1", "sequence_number": 10, "groups": [ "/infra/domains/gi_domain/groups/test_group" ], "service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_1" ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EndpointRule+

Example Response: { "sequence_number": 10, "groups": [ "/infra/domains/gi_domain/groups/test_group" ], "service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_1" ], "resource_type": "EndpointRule", "id": "gi-entry-1", "display_name": "gi-entry-1", "path": "/infra/domains/gi_domain/endpoint-policies/map1/endpoint-rules/gi-entry-1", "relative_path": "gi-entry-1", "parent_path": "/infra/domains/gi_domain/endpoint-policies/map1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1542326971854, "_last_modified_user": "admin", "_last_modified_time": 1542829025115, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 2 } Required Permissions: crud Feature: policy_gi Additional Errors:

List Endpoint policies

List all Endpoint policies across all domains ordered by precedence.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/endpoint-policies
Request Headers:
n/a
Query Parameters:
EndpointPolicyListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
EndpointPolicyListResult+

Required Permissions: read Feature: policy_gi Additional Errors:

Policy: Security: Profiles

Policy: Security: Profiles: DNS Security

Associated URIs:

List all DNS security profiles

List all DNS security profiles Request:
Method:
GET
URI Path:
/policy/api/v1/infra/dns-security-profiles
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/dns-security-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DnsSecurityProfileListResult+

Example Response: { "results": [ { "resource_type" : "DnsSecurityProfile", "id" : "default", "display_name" : "default-dns-profile", "path" : "/infra/dns-security-profiles/default", "parent_path" : "/infra/dns-security-profiles", "relative_path" : "default", "display_name" : "default-dns-profile", "ttl" : 10000, "_create_user" : "admin", "_create_time" : 1517403652195, "_last_modified_user" : "admin", "_last_modified_time" : 1517403652195, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 1 } ], "result_count": 1, "sort_by": "display_name", "sort_ascending": true } Required Permissions: read Feature: policy_dfw Additional Errors:

Create or update DNS security profile

Create or update DNS security profile Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/dns-security-profiles/<profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DnsSecurityProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/dns-security-profiles/default { "display_name" : "default-dns-profile", "ttl" : 10000, "_revision" : 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DnsSecurityProfile+

Example Response: { "resource_type" : "DnsSecurityProfile", "id" : "default", "display_name" : "default-dns-profile", "path" : "/infra/dns-security-profiles/default", "parent_path" : "/infra/dns-security-profiles", "relative_path" : "default", "display_name" : "default-dns-profile", "ttl" : 10000, "_create_user" : "admin", "_create_time" : 1517403652195, "_last_modified_user" : "admin", "_last_modified_time" : 1517403652195, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or update DNS security profile

Create or update DNS security profile Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/dns-security-profiles/<profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DnsSecurityProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/dns-security-profiles/default { "display_name" : "default-dns-profile", "ttl" : 10000, } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Delete DNS security profile

Delete DNS security profile Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/dns-security-profiles/<profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/dns-security-profiles/default Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Read the DNS Forwarder for the given tier-0 instance

Read the DNS Forwarder for the given tier-0 instance Request:
Method:
GET
URI Path:
/policy/api/v1/infra/dns-security-profiles/<profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/dns-security-profiles/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DnsSecurityProfile+

Example Response: { "resource_type" : "DnsSecurityProfile", "id" : "default", "display_name" : "default-dns-profile", "path" : "/infra/dns-security-profiles/default", "parent_path" : "/infra/dns-security-profiles", "relative_path" : "default", "display_name" : "default-dns-profile", "ttl" : 10000, "_create_user" : "admin", "_create_time" : 1517403652195, "_last_modified_user" : "admin", "_last_modified_time" : 1517403652195, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Get DNS security profile binding map

API will get DNS security profile binding map Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/dns-security-profile-binding-maps
Request Headers:
n/a
Query Parameters:
DnsSecurityProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/domains/default/groups/test-group/dns-security-profile-binding-maps/ Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DnsSecurityProfileBindingMapListResult+

Example Response: { "results": [ { "sequence_number": 200, "resource_type": "DnsSecurityProfileBindingMap", "id": "my-bm", "display_name": "my-bm", "path": "/infra/domains/default/groups/test-group/dns-security-profile-binding-maps/my-bm", "relative_path": "my-bm", "parent_path": "/infra/domains/default/groups/test-group", "marked_for_delete": false, "profile_path": "/infra/dns-security-profiles/test-dns-prof", "_create_user": "admin", "_create_time": 1556645347540, "_last_modified_user": "admin", "_last_modified_time": 1556693535395, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ], "result_count": 1, "sort_by": "display_name", "sort_ascending": true } Required Permissions: read Feature: policy_dfw Additional Errors:

Update DNS security profile binding map

API will update DNS security profile binding map Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/dns-security-profile-binding-maps/<dns-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DnsSecurityProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/domains/default/groups/test-group/dns-security-profile-binding-maps/my-bm { "profile_path": "/infra/dns-security-profiles/test-dns-prof", "sequence_number": 200 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DnsSecurityProfileBindingMap+

Example Response: { "sequence_number": 200, "resource_type": "DnsSecurityProfileBindingMap", "id": "my-bm", "display_name": "my-bm", "path": "/infra/domains/default/groups/test-group/dns-security-profile-binding-maps/my-bm", "relative_path": "my-bm", "parent_path": "/infra/domains/default/groups/test-group", "marked_for_delete": false, "profile_path": "/infra/dns-security-profiles/test-dns-prof", "_create_user": "admin", "_create_time": 1556645347540, "_last_modified_user": "admin", "_last_modified_time": 1556693535395, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or update DNS security profile binding map

API will create or update DNS security profile binding map Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/dns-security-profile-binding-maps/<dns-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DnsSecurityProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/domains/default/groups/test-vm-group/dns-security-profile-binding-maps/my-bm { "profile_path": "/infra/dns-security-profiles/test-dns-prof", "sequence_number": 200 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Delete DNS security profile binding map

API will delete DNS security profile binding map Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/dns-security-profile-binding-maps/<dns-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/domains/default/groups/test-group/dns-security-profile-binding-maps/my-bm Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Get DNS security profile binding map

API will get DNS security profile binding map Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/dns-security-profile-binding-maps/<dns-security-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/domains/default/groups/test-group/dns-security-profile-binding-maps/my-bm Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DnsSecurityProfileBindingMap+

Example Response: { "sequence_number": 200, "resource_type": "DnsSecurityProfileBindingMap", "id": "my-bm", "display_name": "my-bm", "path": "/infra/domains/default/groups/test-group/dns-security-profile-binding-maps/my-bm", "relative_path": "my-bm", "parent_path": "/infra/domains/default/groups/test-group", "marked_for_delete": false, "profile_path": "/infra/dns-security-profiles/test-dns-prof", "_create_user": "admin", "_create_time": 1556645347540, "_last_modified_user": "admin", "_last_modified_time": 1556693535395, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Policy: Security: Profiles: Flood Protection

Associated URIs:

List Firewall Flood Protection Profile Binding Maps

API will list all Firewall Flood Protection Profile Binding Maps in current group id.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-flood-protection-profile-binding-maps
Request Headers:
n/a
Query Parameters:
PolicyFirewallFloodProtectionProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/domain_1/groups/group_1/firewall-flood-protection-profile-binding-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyFirewallFloodProtectionProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PolicyFirewallFloodProtectionProfileBindingMap", "description": "", "id":"1", "display_name": "binding-map-1", "path": "/infra/domains/domain_1/groups/group_1/firewall-flood-protection-profile-binding-maps/1", "relative_path": "PolicyFirewallFloodProtectionProfileBindingMaps", "profile_path":"/infra/flood-protection-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_dfw Additional Errors:

Get Firewall Flood Protection Profile Binding Map

API will get Firewall Flood Protection Profile Binding Map
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-flood-protection-profile-binding-maps/<firewall-flood-protection-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/domains/domain_1/groups/group_1/firewall-flood-protection-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyFirewallFloodProtectionProfileBindingMap+

Example Response: { "resource_type": "PolicyFirewallFloodProtectionProfileBindingMap", "description": "", "id":"1", "display_name": "binding-map-1", "path": "/infra/domains/domain_1/groups/group_1/firewall-flood-protection-profile-binding-maps/1", "relative_path": "PolicyFirewallFloodProtectionProfileBindingMaps", "profile_path":"/infra/flood-protection-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Create or update Firewall Flood Protection Profile Binding Map

API will create or update Firewall Flood Protection profile binding map Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-flood-protection-profile-binding-maps/<firewall-flood-protection-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyFirewallFloodProtectionProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/domains/domain_1/groups/group_1/firewall-flood-protection-profile-binding-maps/1 { "resource_type":" PolicyFirewallFloodProtectionProfileBindingMap", "display_name": "binding-map-1", "description":"", "profile_path":"/infra/flood-protection-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Delete Firewall Flood Protection Profile Binding

API will delete Firewall Flood Protection Profile Binding Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-flood-protection-profile-binding-maps/<firewall-flood-protection-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/domains/domain_1/groups/group_1/firewall-flood-protection-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Update Firewall Flood Protection Profile Binding Map

API will update Firewall Flood Protection Profile Binding Map Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-flood-protection-profile-binding-maps/<firewall-flood-protection-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyFirewallFloodProtectionProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/domains/domain_1/groups/group_1/firewall-flood-protection-profile-binding-maps/1 { "resource_type":" PolicyFirewallFloodProtectionProfileBindingMap", "display_name": "binding-map-1", "description":"", "profile_path":"/infra/flood-protection-profiles/1", "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyFirewallFloodProtectionProfileBindingMap+

Example Response: { "resource_type": "PolicyFirewallFloodProtectionProfileBindingMap", "description": "", "id":"1", "display_name": "PolicyFirewallFloodProtectionProfileBindingMap", "path": "/infra/domains/domain_1/groups/group_1/firewall-flood-protection-profile-binding-maps/1", "relative_path": "PolicyFirewallFloodProtectionProfileBindingMaps", "profile_path":"/infra/flood-protection-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

List Firewall Flood Protection Profile Binding Maps for all domains

API will list all Firewall Flood Protection Profile Binding Maps across all domains.
This API returns the binding maps order by the sequence number.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/firewall-flood-protection-profile-binding-maps
Request Headers:
n/a
Query Parameters:
PolicyFirewallFloodProtectionProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/firewall-flood-protection-profile-binding-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyFirewallFloodProtectionProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PolicyFirewallFloodProtectionProfileBindingMap", "description": "", "id":"1", "display_name": "binding-map-1", "path": "/infra/domains/domain_1/groups/group_1/firewall-flood-protection-profile-binding-maps/1", "relative_path": "PolicyFirewallFloodProtectionProfileBindingMaps", "profile_path":"/infra/flood-protection-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_dfw Additional Errors:

List Flood Protection Profiles

API will list all Flood Protection Profiles Request:
Method:
GET
URI Path:
/policy/api/v1/infra/flood-protection-profiles
Request Headers:
n/a
Query Parameters:
FloodProtectionProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/flood-protection-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FloodProtectionProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "FloodProtectionProfile", "description": "", "id": "profile-1", "display_name": "profile-1", "path": "/infra/flood-protection-profiles/profile-1", "relative_path": "profile-1", "udp_active_flow_limit": 100, "icmp_active_flow_limit": 30, "tcp_half_open_conn_limit": 200, "other_active_conn_limit": 50, "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_dfw Additional Errors:

Update Firewall Flood Protection Profile

API will update Firewall Flood Protection Profile Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/flood-protection-profiles/<flood-protection-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DistributedFloodProtectionProfile+
GatewayFloodProtectionProfile+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/flood-protection-profiles/profile-1 { "resource_type": "FloodProtectionProfile", "description": "", "display_name": "profile-1", "udp_active_flow_limit": 100, "icmp_active_flow_limit": 30, "tcp_half_open_conn_limit": 200, "other_active_conn_limit": 50 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DistributedFloodProtectionProfile+
GatewayFloodProtectionProfile+

Example Response: { "resource_type": "FloodProtectionProfile", "description": "profile-1", "id": "profile-1", "display_name": "profile-1", "path": "/infra/flood-protection-profiles/profile-1", "relative_path": "profile-1", "udp_active_flow_limit": 100, "icmp_active_flow_limit": 30, "tcp_half_open_conn_limit": 200, "other_active_conn_limit": 50, "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Delete Flood Protection Profile

API will delete Flood Protection Profile Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/flood-protection-profiles/<flood-protection-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/flood-protection-profiles/flood-protection-profile-id Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or update Flood Protection Profile

API will create/update Flood Protection Profile Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/flood-protection-profiles/<flood-protection-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
DistributedFloodProtectionProfile+
GatewayFloodProtectionProfile+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/flood-protection-profiles/profile-1 { "resource_type": "FloodProtectionProfile", "description": "", "display_name": "profile-1", "udp_active_flow_limit": 100, "icmp_active_flow_limit": 30, "tcp_half_open_conn_limit": 200, "other_active_conn_limit": 50 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Get Flood Protection Profile

API will get Flood Protection Profile Request:
Method:
GET
URI Path:
/policy/api/v1/infra/flood-protection-profiles/<flood-protection-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/flood-protection-profiles/profile-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
DistributedFloodProtectionProfile+
GatewayFloodProtectionProfile+

Example Response: { "resource_type": "FloodProtectionProfile", "description": "", "id": "profile-1", "display_name": "profile-1", "path": "/infra/flood-protection-profiles/profile-1", "relative_path": "profile-1", "udp_active_flow_limit": 100, "icmp_active_flow_limit": 30, "tcp_half_open_conn_limit": 200, "other_active_conn_limit": 50, "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

List Flood Protection Profiles

API will list all Flood Protection Profiles bindings. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/flood-protection-profiles/<flood-protection-profile-id>/bindings
Request Headers:
n/a
Query Parameters:
ProfileBindingListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/flood-protection-profiles/profile-1/bindings Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FloodProtectionProfileBindingListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "FloodProtectionProfileBindingMap", "description": "", "name": "default", "id": "default", "display_name": "default", "path": "/infra/tier-0s/my-t0/flood-protection-profile-bindings/default", "relative_path": "default", "profile_path" : "/infra/flood-protection-profiles/profile-1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_dfw Additional Errors:

Get Flood Protection Profile Binding Map for Tier-0 Logical Router

API will get Flood Protection Profile Binding Map for Tier-0 Logical Router.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/flood-protection-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FloodProtectionProfileBindingMap+

Example Response: { "resource_type": "FloodProtectionProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-0s/my-t0/flood-protection-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/flood-protection-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Delete Flood Protection Profile Binding for Tier-0 Logical Router

API will delete Flood Protection Profile Binding for Tier-0 Logical Router. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/flood-protection-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or update Flood Protection Profile Binding Map for Tier-0 Logical Router

API will create or update Flood Protection profile binding map for Tier-0 Logical Router. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FloodProtectionProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/flood-protection-profile-bindings/default { "resource_type": "FloodProtectionProfileBindingMap", "profile_path": "/infra/flood-protection-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or update Flood Protection Profile Binding Map for Tier-0 Logical Router

API will create or update Flood Protection profile binding map for Tier-0 Logical Router. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FloodProtectionProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/flood-protection-profile-bindings/default { "resource_type":"FloodProtectionProfileBindingMap", "profile_path": "/infra/flood-protection-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FloodProtectionProfileBindingMap+

Example Response: { "resource_type": "FloodProtectionProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-0s/my-t0/flood-protection-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/flood-protection-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or update Flood Protection Profile Binding Map for Tier-0 Logical Router LocaleServices

API will create or update Flood Protection profile binding map for Tier-0 Logical Router LocaleServices. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FloodProtectionProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/locale-services/default/flood-protection-profile-bindings/default { "resource_type": "FloodProtectionProfileBindingMap", "profile_path": "/infra/flood-protection-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Delete Flood Protection Profile Binding for Tier-0 Logical Router LocaleServices

API will delete Flood Protection Profile Binding for Tier-0 Logical Router LocaleServices. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/locale-services/default/flood-protection-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or update Flood Protection Profile Binding Map for Tier-0 Logical Router LocaleServices

API will create or update Flood Protection profile binding map for Tier-0 Logical Router LocaleServices. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FloodProtectionProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/locale-services/default/flood-protection-profile-bindings/default { "resource_type":"FloodProtectionProfileBindingMap", "profile_path": "/infra/flood-protection-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FloodProtectionProfileBindingMap+

Example Response: { "resource_type": "FloodProtectionProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-0s/my-t0/locale-services/default/flood-protection-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/flood-protection-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Get Flood Protection Profile Binding Map for Tier-0 Logical Router LocaleServices

API will get Flood Protection Profile Binding Map for Tier-0 Logical Router LocaleServices.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/locale-services/default/flood-protection-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FloodProtectionProfileBindingMap+

Example Response: { "resource_type": "FloodProtectionProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-0s/my-t0/locale-services/default/flood-protection-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/flood-protection-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Get Flood Protection Profile Binding Map for Tier-1 Logical Router

API will get Flood Protection Profile Binding Map for Tier-1 Logical Router.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/flood-protection-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FloodProtectionProfileBindingMap+

Example Response: { "resource_type": "FloodProtectionProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-1s/my-t1/flood-protection-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/flood-protection-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Create or update Flood Protection Profile Binding Map for Tier-1 Logical Router

API will create or update Flood Protection profile binding map for Tier-1 Logical Router. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FloodProtectionProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/flood-protection-profile-bindings/default { "resource_type": "FloodProtectionProfileBindingMap", "profile_path": "/infra/flood-protection-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or update Flood Protection Profile Binding Map for Tier-1 Logical Router

API will create or update Flood Protection profile binding map for Tier-1 Logical Router. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FloodProtectionProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/flood-protection-profile-bindings/default { "resource_type":"FloodProtectionProfileBindingMap", "profile_path": "/infra/flood-protection-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FloodProtectionProfileBindingMap+

Example Response: { "resource_type": "FloodProtectionProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-1s/my-t1/flood-protection-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/flood-protection-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Delete Flood Protection Profile Binding for Tier-1 Logical Router

API will delete Flood Protection Profile Binding for Tier-1 Logical Router. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/flood-protection-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Get Flood Protection Profile Binding Map for Tier-1 Logical Router LocaleServices

API will get Flood Protection Profile Binding Map for Tier-1 Logical Router LocaleServices.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/locale-services/default/flood-protection-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FloodProtectionProfileBindingMap+

Example Response: { "resource_type": "FloodProtectionProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-1s/my-t1/locale-services/default/flood-protection-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/flood-protection-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Create or update Flood Protection Profile Binding Map for Tier-1 Logical Router LocaleServices

API will create or update Flood Protection profile binding map for Tier-1 Logical Router LocaleServices. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FloodProtectionProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/locale-services/default/flood-protection-profile-bindings/default { "resource_type": "FloodProtectionProfileBindingMap", "profile_path": "/infra/flood-protection-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Delete Flood Protection Profile Binding for Tier-1 Logical Router LocaleServices

API will delete Flood Protection Profile Binding for Tier-1 Logical Router LocaleServices. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/locale-services/default/flood-protection-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or update Flood Protection Profile Binding Map for Tier-1 Logical Router LocaleServices

API will create or update Flood Protection profile binding map for Tier-1 Logical Router LocaleServices. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
FloodProtectionProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/locale-services/default/flood-protection-profile-bindings/default { "resource_type":"FloodProtectionProfileBindingMap", "profile_path": "/infra/flood-protection-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
FloodProtectionProfileBindingMap+

Example Response: { "resource_type": "FloodProtectionProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-1s/my-t1/locale-services/default/flood-protection-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/flood-protection-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Policy: Security: Profiles: Monitoring Profiles

Associated URIs:

List Group Monitoring Profile Binding Maps

API will list all Group Monitoring Profile Binding Maps in current group id.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/group-monitoring-profile-binding-maps
Request Headers:
n/a
Query Parameters:
GroupMonitoringProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/domain_1/groups/group_1/group-monitoring-profile-binding-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GroupMonitoringProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "GroupMonitoringProfileBindingMap", "description": "", "name":"1", "id":"1", "display_name": "GroupMonitoringProfileBindingMap", "path": "/infra/domains/domain_1/groups/group_1/group-monitoring-profile-binding-maps/1", "relative_path": "GroupMonitoringProfileBindingMaps", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "ipfix_dfw_profile_path":"/infra/ipfix-dfw-profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_monitoring_profile_binding Additional Errors:

Update Group Monitoring Profile Binding Map

API will update Group Monitoring Profile Binding Map This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/group-monitoring-profile-binding-maps/<group-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
GroupMonitoringProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/domains/domain_1/groups/group_1/group-monitoring-profile-binding-maps/1 { "resource_type":" GroupMonitoringProfileBindingMap", "display_name": "GroupMonitoringProfileBindingMap Profile Production", "name":"1", "description":"", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "ipfix_dfw_profile_path":"/infra/ipfix-dfw-profiles/1", "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GroupMonitoringProfileBindingMap+

Example Response: { "resource_type": "GroupMonitoringProfileBindingMap", "description": "", "name":"1", "id":"1", "display_name": "GroupMonitoringProfileBindingMap", "path": "/infra/domains/domain_1/groups/group_1/group-monitoring-profile-binding-maps/1", "relative_path": "GroupMonitoringProfileBindingMaps", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "ipfix_dfw_profile_path":"/infra/ipfix-dfw-profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_monitoring_profile_binding Additional Errors:

Create Group Monitoring Profile Binding Map

API will create group monitoring profile binding map This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/group-monitoring-profile-binding-maps/<group-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
GroupMonitoringProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/domains/domain_1/groups/group_1/group-monitoring-profile-binding-maps/1 { "resource_type":" GroupMonitoringProfileBindingMap", "display_name": "GroupMonitoringProfileBindingMap Profile Production", "name":"1", "description":"", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1" "ipfix_dfw_profile_path":"/infra/ipfix-dfw-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_monitoring_profile_binding Additional Errors:

Get Group Monitoring Profile Binding Map

API will get Group Monitoring Profile Binding Map
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/group-monitoring-profile-binding-maps/<group-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/domains/domain_1/groups/group_1/group-monitoring-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
GroupMonitoringProfileBindingMap+

Example Response: { "resource_type": "GroupMonitoringProfileBindingMap", "description": "", "name":"1", "id":"1", "display_name": "GroupMonitoringProfileBindingMap", "path": "/infra/domains/domain_1/groups/group_1/group-monitoring-profile-binding-maps/1", "relative_path": "GroupMonitoringProfileBindingMaps", "port_mirroring_profile_path":"/infra/port-mirroring-profiles/1", "ipfix_l2_profile_path":"/infra/ipfix-l2-profiles/1", "ipfix_dfw_profile_path":"/infra/ipfix-dfw-profiles/1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_monitoring_profile_binding Additional Errors:

Delete Group Monitoring Profile Binding

API will delete Group Monitoring Profile Binding This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/group-monitoring-profile-binding-maps/<group-monitoring-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/domains/domain_1/groups/group_1/group-monitoring-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_monitoring_profile_binding Additional Errors:

Policy: Security: Profiles: Session Timer

Associated URIs:

List Firewall Session Timer Profile Binding Maps

API will list all Firewall Session Timer Profile Binding Maps in current group id.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-session-timer-profile-binding-maps
Request Headers:
n/a
Query Parameters:
PolicyFirewallSessionTimerProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/domain_1/groups/group_1/firewall-session-timer-profile-binding-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyFirewallSessionTimerProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PolicyFirewallSessionTimerProfileBindingMap", "description": "", "id":"1", "display_name": "binding-map-1", "path": "/infra/domains/domain_1/groups/group_1/firewall-session-timer-profile-binding-maps/1", "relative_path": "PolicyFirewallSessionTimerProfileBindingMaps", "firewall_session_timer_profile_path":"/infra/firewall-session-timer-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_dfw Additional Errors:

Get Firewall Session Timer Profile Binding Map

API will get Firewall Session Timer Profile Binding Map
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-session-timer-profile-binding-maps/<firewall-session-timer-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/domains/domain_1/groups/group_1/firewall-session-timer-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyFirewallSessionTimerProfileBindingMap+

Example Response: { "resource_type": "PolicyFirewallSessionTimerProfileBindingMap", "description": "", "id":"1", "display_name": "binding-map-1", "path": "/infra/domains/domain_1/groups/group_1/firewall-session-timer-profile-binding-maps/1", "relative_path": "PolicyFirewallSessionTimerProfileBindingMaps", "firewall_session_timer_profile_path":"/infra/firewall-session-timer-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Create or update Firewall Session Timer Profile Binding Map

API will create or update Firewall Session Timer profile binding map This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-session-timer-profile-binding-maps/<firewall-session-timer-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyFirewallSessionTimerProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/domains/domain_1/groups/group_1/firewall-session-timer-profile-binding-maps/1 { "resource_type":" PolicyFirewallSessionTimerProfileBindingMap", "display_name": "binding-map-1", "description":"", "firewall_session_timer_profile_path":"/infra/firewall-session-timer-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Update Firewall Session Timer Profile Binding Map

API will update Firewall Session Timer Profile Binding Map This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-session-timer-profile-binding-maps/<firewall-session-timer-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyFirewallSessionTimerProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/domains/domain_1/groups/group_1/firewall-session-timer-profile-binding-maps/1 { "resource_type":" PolicyFirewallSessionTimerProfileBindingMap", "display_name": "binding-map-1", "description":"", "firewall_session_timer_profile_path":"/infra/firewall-session-timer-profiles/1", "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyFirewallSessionTimerProfileBindingMap+

Example Response: { "resource_type": "PolicyFirewallSessionTimerProfileBindingMap", "description": "", "id":"1", "display_name": "PolicyFirewallSessionTimerProfileBindingMap", "path": "/infra/domains/domain_1/groups/group_1/firewall-session-timer-profile-binding-maps/1", "relative_path": "PolicyFirewallSessionTimerProfileBindingMaps", "firewall_session_timer_profile_path":"/infra/firewall-session-timer-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Delete Firewall Session Timer Profile Binding

API will delete Firewall Session Timer Profile Binding This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-session-timer-profile-binding-maps/<firewall-session-timer-profile-binding-map-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/domains/domain_1/groups/group_1/firewall-session-timer-profile-binding-maps/1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

List Firewall Session Timer Profile Binding Maps for all domains

API will list all Firewall Session Timer Profile Binding Maps across all domains.
This API returns the binding maps order by the sequence number.
This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/firewall-session-timer-profile-binding-maps
Request Headers:
n/a
Query Parameters:
PolicyFirewallSessionTimerProfileBindingMapListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/firewall-session-timer-profile-binding-maps Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyFirewallSessionTimerProfileBindingMapListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PolicyFirewallSessionTimerProfileBindingMap", "description": "", "id":"1", "display_name": "binding-map-1", "path": "/infra/domains/domain_1/groups/group_1/firewall-session-timer-profile-binding-maps/1", "relative_path": "PolicyFirewallSessionTimerProfileBindingMaps", "firewall_session_timer_profile_path":"/infra/firewall-session-timer-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_dfw Additional Errors:

List Firewall Session Timer Profiles

API will list all Firewall Session Timer Profiles This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/firewall-session-timer-profiles
Request Headers:
n/a
Query Parameters:
PolicyFirewallSessionTimerProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/firewall-session-timer-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyFirewallSessionTimerProfileListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PolicyFirewallSessionTimerProfile", "description": "", "name":"profile-1", "id":"profile-1", "display_name": "profile-1", "path": "/infra/firewall-session-timer-profiles/profile-1", "relative_path": "profile-1", "tcp_first_packet": 120, "tcp_opening": 30, "tcp_established": 43200, "tcp_closing": 900, "tcp_finwait": 20, "tcp_closed": 10, "udp_first_packet": 60, "udp_single": 30, "udp_multiple": 60, "icmp_first_packet": 20, "icmp_error_reply": 10, "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_dfw Additional Errors:

Create or update Firewall Session Timer Profile

API will create/update Firewall Session Timer Profile This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/firewall-session-timer-profiles/<firewall-session-timer-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyFirewallSessionTimerProfile+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/firewall-session-timer-profiles/profile-1 { "resource_type": "PolicyFirewallSessionTimerProfile", "description": "", "display_name": "profile-1", "tcp_first_packet": 120, "tcp_opening": 30, "tcp_established": 43200, "tcp_closing": 900, "tcp_finwait": 20, "tcp_closed": 10, "udp_first_packet": 60, "udp_single": 30, "udp_multiple": 60, "icmp_first_packet": 20, "icmp_error_reply": 10 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Delete Firewall Session Timer Profile

API will delete Firewall Session Timer Profile This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/firewall-session-timer-profiles/<firewall-session-timer-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/firewall-session-timer-profiles/firewall-session-timer-profile-id Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Update Firewall Session Timer Profile

API will update Firewall Session Timer Profile This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/firewall-session-timer-profiles/<firewall-session-timer-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyFirewallSessionTimerProfile+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/firewall-session-timer-profiles/profile-1 { "resource_type": "PolicyFirewallSessionTimerProfile", "description": "", "display_name": "profile-1", "tcp_first_packet": 120, "tcp_opening": 30, "tcp_established": 43200, "tcp_closing": 900, "tcp_finwait": 20, "tcp_closed": 10, "udp_first_packet": 60, "udp_single": 30, "udp_multiple": 60, "icmp_first_packet": 20, "icmp_error_reply": 10 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyFirewallSessionTimerProfile+

Example Response: { "resource_type": "PolicyFirewallSessionTimerProfile", "description": "", "name":"profile-1", "id":"profile-1", "display_name": "profile-1", "path": "/infra/firewall-session-timer-profiles/profile-1", "relative_path": "profile-1", "tcp_first_packet": 120, "tcp_opening": 30, "tcp_established": 43200, "tcp_closing": 900, "tcp_finwait": 20, "tcp_closed": 10, "udp_first_packet": 60, "udp_single": 30, "udp_multiple": 60, "icmp_first_packet": 20, "icmp_error_reply": 10, "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Get Firewall Session Timer Profile

API will get Firewall Session Timer Profile This API is available when using VMware NSX-T or VMware Cloud on AWS. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/firewall-session-timer-profiles/<firewall-session-timer-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/firewall-session-timer-profiles/profile-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyFirewallSessionTimerProfile+

Example Response: { "resource_type": "PolicyFirewallSessionTimerProfile", "description": "", "name":"profile-1", "id":"profile-1", "display_name": "profile-1", "path": "/infra/firewall-session-timer-profiles/profile-1", "relative_path": "profile-1", "tcp_first_packet": 120, "tcp_opening": 30, "tcp_established": 43200, "tcp_closing": 900, "tcp_finwait": 20, "tcp_closed": 10, "udp_first_packet": 60, "udp_single": 30, "udp_multiple": 60, "icmp_first_packet": 20, "icmp_error_reply": 10, "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

List Session Timer Profiles

API will list all Session Timer Profiles bindings. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/session-timer-profiles/<session-timer-profile-id>/bindings
Request Headers:
n/a
Query Parameters:
ProfileBindingListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/session-timer-profiles/profile-1/bindings Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SessionTimerProfileBindingListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "SessionTimerProfileBindingMap", "description": "", "name": "default", "id": "default", "display_name": "default", "path": "/infra/tier-0s/my-t0/session-timer-profile-bindings/default", "relative_path": "default", "profile_path" : "/infra/firewall-session-timer-profiles/profile-1", "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } ] } Required Permissions: read Feature: policy_dfw Additional Errors:

Create or update Session Timer Profile Binding Map for Tier-0 Logical Router LocaleServices

API will create or update Session Timer profile binding map for Tier-0 Logical Router LocaleServices. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SessionTimerProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/locale-services/default/session-timer-profile-bindings/default { "resource_type":"SessionTimerProfileBindingMap", "profile_path": "/infra/firewall-session-timer-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SessionTimerProfileBindingMap+

Example Response: { "resource_type": "SessionTimerProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-0s/my-t0/locale-services/default/session-timer-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/firewall-session-timer-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or update Session Timer Profile Binding Map for Tier-0 Logical Router LocaleServices

API will create or update Session Timer profile binding map for Tier-0 Logical Router LocaleServices. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SessionTimerProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/locale-services/default/session-timer-profile-bindings/default { "resource_type": "SessionTimerProfileBindingMap", "profile_path": "/infra/firewall-session-timer-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Get Session Timer Profile Binding Map for Tier-0 Logical Router LocaleServices

API will get Session Timer Profile Binding Map for Tier-0 Logical Router LocaleServices.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/locale-services/default/session-timer-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SessionTimerProfileBindingMap+

Example Response: { "resource_type": "SessionTimerProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-0s/my-t0/locale-services/default/session-timer-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/firewall-session-timer-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Delete Session Timer Profile Binding for Tier-0 Logical Router LocaleServices

API will delete Session Timer Profile Binding for Tier-0 Logical Router LocaleServices. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/locale-services/default/session-timer-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Get Session Timer Profile Binding Map for Tier-0 Logical Router

API will get Session Timer Profile Binding Map for Tier-0 Logical Router.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/session-timer-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SessionTimerProfileBindingMap+

Example Response: { "resource_type": "SessionTimerProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-0s/my-t0/session-timer-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/firewall-session-timer-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Create or update Session Timer Profile Binding Map for Tier-0 Logical Router

API will create or update Session Timer profile binding map for Tier-0 Logical Router. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SessionTimerProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/session-timer-profile-bindings/default { "resource_type": "SessionTimerProfileBindingMap", "profile_path": "/infra/firewall-session-timer-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Delete Session Timer Profile Binding for Tier-0 Logical Router

API will delete Session Timer Profile Binding for Tier-0 Logical Router. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/session-timer-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or update Session Timer Profile Binding Map for Tier-0 Logical Router

API will create or update Session Timer profile binding map for Tier-0 Logical Router. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier0-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SessionTimerProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/tier-0s/my-t0/session-timer-profile-bindings/default { "resource_type":"SessionTimerProfileBindingMap", "profile_path": "/infra/firewall-session-timer-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SessionTimerProfileBindingMap+

Example Response: { "resource_type": "SessionTimerProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-0s/my-t0/session-timer-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/firewall-session-timer-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or update Session Timer Profile Binding Map for Tier-1 Logical Router LocaleServices

API will create or update Session Timer profile binding map for Tier-1 Logical Router LocaleServices. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SessionTimerProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/locale-services/default/session-timer-profile-bindings/default { "resource_type":"SessionTimerProfileBindingMap", "profile_path": "/infra/firewall-session-timer-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SessionTimerProfileBindingMap+

Example Response: { "resource_type": "SessionTimerProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-1s/my-t1/locale-services/default/session-timer-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/firewall-session-timer-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Delete Session Timer Profile Binding for Tier-1 Logical Router LocaleServices

API will delete Session Timer Profile Binding for Tier-1 Logical Router LocaleServices. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/locale-services/default/session-timer-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Get Session Timer Profile Binding Map for Tier-1 Logical Router LocaleServices

API will get Session Timer Profile Binding Map for Tier-1 Logical Router LocaleServices.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/locale-services/default/session-timer-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SessionTimerProfileBindingMap+

Example Response: { "resource_type": "SessionTimerProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-1s/my-t1/locale-services/default/session-timer-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/firewall-session-timer-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Create or update Session Timer Profile Binding Map for Tier-1 Logical Router LocaleServices

API will create or update Session Timer profile binding map for Tier-1 Logical Router LocaleServices. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SessionTimerProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/locale-services/default/session-timer-profile-bindings/default { "resource_type": "SessionTimerProfileBindingMap", "profile_path": "/infra/firewall-session-timer-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or update Session Timer Profile Binding Map for Tier-1 Logical Router

API will create or update Session Timer profile binding map for Tier-1 Logical Router. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SessionTimerProfileBindingMap+

Example Request: PATCH https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/session-timer-profile-bindings/default { "resource_type": "SessionTimerProfileBindingMap", "profile_path": "/infra/firewall-session-timer-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Create or update Session Timer Profile Binding Map for Tier-1 Logical Router

API will create or update Session Timer profile binding map for Tier-1 Logical Router. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
SessionTimerProfileBindingMap+

Example Request: PUT https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/session-timer-profile-bindings/default { "resource_type":"SessionTimerProfileBindingMap", "profile_path": "/infra/firewall-session-timer-profiles/1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SessionTimerProfileBindingMap+

Example Response: { "resource_type": "SessionTimerProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-1s/my-t1/session-timer-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/firewall-session-timer-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: crud Feature: policy_dfw Additional Errors:

Get Session Timer Profile Binding Map for Tier-1 Logical Router

API will get Session Timer Profile Binding Map for Tier-1 Logical Router.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/session-timer-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
SessionTimerProfileBindingMap+

Example Response: { "resource_type": "SessionTimerProfileBindingMap", "description": "", "id": "default", "display_name": "default", "path": "/infra/tier-1s/my-t1/session-timer-profile-bindings/default", "relative_path": "default", "profile_path": "/infra/firewall-session-timer-profiles/1" "_create_user": "admin", "_create_time": 1516657975538, "_last_modified_user": "admin", "_last_modified_time": 1517353711231, "_system_owned": false, "_revision": 1 } Required Permissions: read Feature: policy_dfw Additional Errors:

Delete Session Timer Profile Binding for Tier-1 Logical Router

API will delete Session Timer Profile Binding for Tier-1 Logical Router. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier1-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<nsx-mgr>/policy/api/v1/infra/tier-1s/my-t1/session-timer-profile-bindings/default Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_dfw Additional Errors:

Policy: Security: Service Insertion

Associated URIs:

List all virtual endpoints

List all virtual endpoints This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/endpoints/virtual-endpoints
Request Headers:
n/a
Query Parameters:
PolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/l1/endpoints/virtual-endpoints Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VirtualEndpointListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "VirtualEndpoint", "id": "VEP_1", "display_name": "VEP_1", "path": "/infra/tier-0s/vmc/locale-services/l1/endpoints/virtual-endpoints/VEP_1", "parent_path": "/infra/tier-0s/vmc", "relative_path": "VEP_1", "marked_for_delete": false, "target_ips": [ { "ip_addresses": [ "111.111.112.11" ], "prefix_length": 32 } ], "service_names": [ "HCX_Service" ], "_create_user": "admin", "_create_time": 1526676234605, "_last_modified_user": "admin", "_last_modified_time": 1526676234605, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_si Additional Errors:

Create or update virtual endpoint

Create or update virtual endpoint.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/endpoints/virtual-endpoints/<virtual-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
VirtualEndpoint+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/endpoints/virtual-endpoints/VEP_1 { "resource_type": "VirtualEndpoint", "display_name": "VEP_1", "target_ips": [ { "ip_addresses": [ "111.111.112.11" ], "prefix_length": 32 } ], "service_names": [ "HCX_Service" ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_si Additional Errors:

Delete virtual endpoint

Delete virtual endpoint This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/endpoints/virtual-endpoints/<virtual-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/endpoints/virtual-endpoints/VEP_1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_si Additional Errors:

Read virtual endpoint

Read virtual endpoint with given id under given Tier0. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/endpoints/virtual-endpoints/<virtual-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/endpoints/virtual-endpoints/VEP_1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VirtualEndpoint+

Example Response: { "resource_type": "VirtualEndpoint", "id": "VEP_1", "display_name": "VEP_1", "path": "/infra/tier-0s/vmc/locale-services/default/endpoints/VEP_1", "parent_path": "/infra/tier-0s/vmc", "relative_path": "VEP_1", "marked_for_delete": false, "target_ips": [ { "ip_addresses": [ "111.111.112.11" ], "prefix_length": 32 } ], "service_names": [ "HCX_Service" ], "_create_user": "admin", "_create_time": 1526676234605, "_last_modified_user": "admin", "_last_modified_time": 1526676234605, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_si Additional Errors:

Create or update virtual endpoint

Create or update virtual endpoint.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/endpoints/virtual-endpoints/<virtual-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
VirtualEndpoint+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/endpoints/virtual-endpoints/VEP_1 { "resource_type": "VirtualEndpoint", "display_name": "VEP_1", "target_ips": [ { "ip_addresses": [ "111.111.112.11" ], "prefix_length": 32 } ], "service_names": [ "HCX_Service" ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
VirtualEndpoint+

Example Response: { "resource_type": "VirtualEndpoint", "id": "VEP_1", "display_name": "VEP_1", "path": "/infra/tier-0s/vmc/locale-services/default/endpoints/virtual-endpoints/VEP_1", "parent_path": "/infra/tier-0s/vmc", "relative_path": "VEP_1", "marked_for_delete": false, "target_ips": [ { "ip_addresses": [ "111.111.112.11" ], "prefix_length": 32 } ], "service_names": [ "HCX_Service" ], "_create_user": "admin", "_create_time": 1526676234605, "_last_modified_user": "admin", "_last_modified_time": 1526676234605, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_si Additional Errors:

Get statistics for all runtimes associated with this PolicyServiceInstance

Get statistics for all data NICs on all runtimes associated with this PolicyServiceInstance.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>/statistics
Request Headers:
n/a
Query Parameters:
PolicySIEnforcementPointRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1//infra/tier-0s/default/locale-services/default/service-instances/PSI_1/statistics Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyServiceInstanceStatistics+

Example Response: { "service_instance_id": "/infra/tier-0s/pepsi/locale-services/1-policyconnectivity-313/service-instances/PSI-1", "enforcement_point_path": "/infra/sites/default/enforcement-points/default", "instance_runtime_statistics": [ { "runtime_id": "5cee6445-c62a-43bc-b3c9-2fb11f48b301", "runtime_name": "ServiceInsertion-NS-33c26724-d628-4f03-a689-33477ec031e9-1", "primary_runtime_stats": true, "interface_statistics": [ { "interface_index": 1, "last_update_timestamp": 1545396650417, "rx_packets": { "multicast_broadcast": 298943512, "total": 301217408 }, "rx_bytes": { "multicast_broadcast": 19379256222, "total": 19515689982 }, "tx_packets": { "multicast_broadcast": 298420856, "dropped": 4820, "total": 299545474 }, "tx_bytes": { "multicast_broadcast": 19348818756, "total": 19416006636 }, "mac_learning": { "macs_learned": 136 } }, { "interface_index": 2, "last_update_timestamp": 1545396650417, "rx_packets": { "multicast_broadcast": 298419043, "total": 299538836 }, "rx_bytes": { "multicast_broadcast": 19348701252, "total": 19415888832 }, "tx_packets": { "multicast_broadcast": 298945259, "dropped": 7715, "total": 301226872 }, "tx_bytes": { "multicast_broadcast": 19379369124, "total": 19515803004 }, "mac_learning": { "macs_learned": 122 } } ] }, { "runtime_id": "fe0a2f86-7d27-41b9-ac52-5459d6bead1e", "runtime_name": "ServiceInsertion-NS-33c26724-d628-4f03-a689-33477ec031e9-2", "primary_runtime_stats": false, "interface_statistics": [ { "interface_index": 2, "last_update_timestamp": 1545396650417, "rx_packets": { "multicast_broadcast": 297799990, "total": 300072079 }, "rx_bytes": { "multicast_broadcast": 19305570996, "total": 19441896336 }, "tx_packets": { "multicast_broadcast": 297227511, "dropped": 19744270, "total": 318084316 }, "tx_bytes": { "multicast_broadcast": 19272225186, "total": 19338977286 }, "mac_learning": { "macs_learned": 114 } }, { "interface_index": 1, "last_update_timestamp": 1545396650417, "rx_packets": { "multicast_broadcast": 297226991, "total": 298339522 }, "rx_bytes": { "multicast_broadcast": 19272191538, "total": 19338943398 }, "tx_packets": { "multicast_broadcast": 297800743, "dropped": 17783194, "total": 317856028 }, "tx_bytes": { "multicast_broadcast": 19305620274, "total": 19441945734 }, "mac_learning": { "macs_learned": 124 } } ] } ] } Required Permissions: read Feature: policy_si Additional Errors:

Get statistics for all runtimes associated with this Tier1 PolicyServiceInstance

Get statistics for all data NICs on all runtimes associated with this Tier1 PolicyServiceInstance.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>/statistics
Request Headers:
n/a
Query Parameters:
PolicySIEnforcementPointRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1//infra/tier-1s/default/locale-services/default/service-instances/T1-PSI-1/statistics Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyServiceInstanceStatistics+

Required Permissions: read Feature: policy_si Additional Errors:

Policy: Security: Service Insertion: Partner Services

Associated URIs:

Read partner services

Read all the partner services available for service insertion This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/partner-services
Request Headers:
n/a
Query Parameters:
ServiceDefinitionListRequestParameters+
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionServiceListResult+

Required Permissions: read Feature: policy_si Additional Errors:

Read partner service identified by provided name

Read the specific partner service identified by provided name. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/partner-services/<service-name>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceDefinition+

Required Permissions: read Feature: policy_si Additional Errors:

Policy: Security: Service Insertion: Redirection Policies

Associated URIs:

List redirection policys for a domain

List redirection policys for a domain This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/redirection-policies
Request Headers:
n/a
Query Parameters:
SecurityPolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/default/redirection-policies Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RedirectionPolicyListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results":[{ "resource_type": "RedirectionPolicy", "description": "redirec-comon-map-1", "id": "redirec-comon-map-1", "display_name": "redirection-communication-map", "path": "/infra/domains/domain1/redirection-policies/redirec-comon-map-1", "relative_path": "redirection-communication-map-1000", "rules": [ ], "redirect_to": ["/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1/service-instance-endpoints/SIE_1"], "_create_user": "admin", "_create_time": 1513751042428, "_last_modified_user": "admin", "_last_modified_time": 1513856178337, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: policy_ni Additional Errors:

Read redirection policy

Read redirection policy.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/default/redirection-policies/redirec-comon-map-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RedirectionPolicy+

Example Response: { "resource_type": "RedirectionPolicy", "description": "redirec-comon-map-1", "id": "redirec-comon-map-1", "display_name": "redirection-communication-map", "path": "/infra/domains/domain1/redirection-policies/redirec-comon-map-1", "relative_path": "redirection-communication-map-1000", "rules": [ { "resource_type": "RedirectionRule", "description": "Updating the comm entry", "id": "redirec-rule-1", "display_name": "comm-entry-1", "tags": [], "path": "/infra/domains/domain1/redirection-policies/redirection-policy-1000/rules/redirec-rule-1", "relative_path": "redirec-rule-1", "sequence_number": 0, "source_groups": [ "/infra/domains/domain1/groups/srcgrp" ], "logged": false, "destination_groups": [ "/infra/domains/domain1/groups/destgrp" ], "services": [ "/infra/services/ORACLE_TNS" ], "scope": [ "ANY" ], "direction": "IN", "action": "REDIRECT", "_create_user": "admin", "_create_time": 1513856178274, "_last_modified_user": "admin", "_last_modified_time": 1513856178327, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ], "redirect_to": ["/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1/service-instance-endpoints/SIE_1"], "service_instance_path": "/infra/service/PAN", "_create_user": "admin", "_create_time": 1513751042428, "_last_modified_user": "admin", "_last_modified_time": 1513856178337, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 4 } Required Permissions: read Feature: policy_ni Additional Errors:

Delete redirection policy

Delete redirection policy. This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/domains/domain-id/redirection-policies/redirection-policy-id Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ni Additional Errors:

Create or update redirection policy

Create or update the redirection policy.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RedirectionPolicy+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/domains/default/redirection-policies/redirec-comon-map-1 { "resource_type": "RedirectionPolicy", "description": "redirec-comon-map-1", "id": "redirec-comon-map-1", "display_name": "redirection-communication-map", "path": "/infra/domains/domain1/redirection-policies/redirec-comon-map-1", "relative_path": "redirec-comon-map-1", "rules": [ ], "redirect_to": ["/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1/service-instance-endpoints/SIE_1"], "service_instance_path": "/infra/service/PAN", "_create_user": "admin", "_create_time": 1513751042428, "_last_modified_user": "admin", "_last_modified_time": 1513856178337, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 4 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RedirectionPolicy+

Example Response: { "resource_type": "RedirectionPolicy", "description": "redirec-comon-map-1", "id": "redirec-comon-map-1", "display_name": "redirection-communication-map", "path": "/infra/domains/domain1/redirection-policies/redirec-comon-map-1", "relative_path": "redirec-comon-map-1", "rules": [ ], "redirect_to": ["/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1/service-instance-endpoints/SIE_1"], "service_instance_path": "/infra/service/PAN", "_create_user": "admin", "_create_time": 1513751042428, "_last_modified_user": "admin", "_last_modified_time": 1513856178337, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 4 } Required Permissions: crud Feature: policy_ni Additional Errors:

Create or update redirection policy

Create or update the redirection policy.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RedirectionPolicy+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/domains/default/redirection-policies/redirec-comon-map-1 { "resource_type": "RedirectionPolicy", "description": "redirec-comon-map-1", "id": "redirec-comon-map-1", "display_name": "redirection-communication-map", "path": "/infra/domains/domain1/redirection-policies/redirec-comon-map-1", "relative_path": "redirec-comon-map-1", "rules": [ ], "redirect_to": ["/infra/tier-0s/vmc/byod-service-instances/locale-services/default/BYOD_PSI_1/service-instance-endpoints/SIE_1"], "service_instance_path": "/infra/service/PAN", "_create_user": "admin", "_create_time": 1513751042428, "_last_modified_user": "admin", "_last_modified_time": 1513856178337, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 4 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ni Additional Errors:

List rules

List rules This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>/rules
Request Headers:
n/a
Query Parameters:
RedirectionRuleListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/default/redirection-policies/rcm-1/rules Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RedirectionRuleListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [{ "resource_type" : "RedirectionRule", "description" : "", "id" : "C1", "display_name" : "C1", "tags" : [ ], "path" : "/infra/domains/D1/communication-map/rules/C1", "relative_path" : "C1", "sequence_number" : 0, "source_groups" : [ "ANY" ], "services": [ "/infra/services/ORACLE_TNS" ], "logged" : false, "destination_groups" : [ "/infra/domains/D1/groups/G1" ], "scope" : [ "ANY" ], "_create_user" : "admin", "_create_time" : 1513697977264, "_last_modified_user" : "admin", "_last_modified_time" : 1513697977269, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 1 } ] } Required Permissions: read Feature: policy_ni Additional Errors:

Update redirection rule

Create a rule with the rule-id is not already present, otherwise update the rule.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RedirectionRule+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/domains/default/redirection-policies/redirection-policy-id /rules/redirec-rule-1 { "resource_type": "RedirectionRule", "description": "Updating the comm entry", "id": "comm-entry-1", "display_name": "comm-entry-1", "action":"REDIRECT", "tags": [], "path": "/infra/domains/domain1/redirection-policies/redirect-policy-1000/rules/redirec-rule-1", "relative_path": "comm-entry-1", "sequence_number": 0, "source_groups": [ "/infra/domains/domain1/groups/srcgrp" ], "services": [ "/infra/services/ORACLE_TNS" ], "logged": false, "destination_groups": [ "/infra/domains/domain1/groups/destgrp" ], "_create_user": "admin", "_create_time": 1509362026134, "_last_modified_user": "admin", "_last_modified_time": 1509362026135, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1, "scope" : [ "ANY" ] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RedirectionRule+

Example Response: { "resource_type": "RedirectionRule", "description": "Updating the comm entry", "id": "comm-entry-1", "display_name": "comm-entry-1", "action":"REDIRECT", "tags": [], "path": "/infra/domains/domain1/redirection-policies/redirect-policy-1000/rules/redirec-rule-1", "relative_path": "comm-entry-1", "sequence_number": 0, "source_groups": [ "/infra/domains/domain1/groups/srcgrp" ], "services": [ "/infra/services/ORACLE_TNS" ], "logged": false, "destination_groups": [ "/infra/domains/domain1/groups/destgrp" ], "_create_user": "admin", "_create_time": 1509362026134, "_last_modified_user": "admin", "_last_modified_time": 1509362026135, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1, "scope" : [ "ANY" ] } Required Permissions: crud Feature: policy_ni Additional Errors:

Delete RedirectionRule

Delete RedirectionRule This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/domains/default/redirection-policies/rcm-1 /rules/rule-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ni Additional Errors:

Read rule

Read rule This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/default/redirection-policies/rcm-1/rules/rule-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RedirectionRule+

Example Response: { "resource_type": "RedirectionRule", "description": "Updating the comm entry", "id": "comm-entry-1", "display_name": "comm-entry-1", "action": "REDIRECT", "tags": [], "path": "/infra/domains/domain1/redirection-policies/redirect-policy-1000/rules/redirec-rule-1", "relative_path": "comm-entry-1", "sequence_number": 0, "source_groups": [ "/infra/domains/domain1/groups/srcgrp" ], "services": [ "/infra/services/ORACLE_TNS" ], "logged": false, "destination_groups": [ "/infra/domains/domain1/groups/destgrp" ], "_create_user": "admin", "_create_time": 1509362026134, "_last_modified_user": "admin", "_last_modified_time": 1509362026135, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1, "scope" : [ "ANY" ] } Required Permissions: read Feature: policy_ni Additional Errors:

Update redirection rule

Create a rule with the rule-id is not already present, otherwise update the rule.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>/rules/<rule-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
RedirectionRule+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/domains/default/redirection-policies/rcm-1/rules/rule-1 { "resource_type": "RedirectionRule", "description": "Updating the comm entry", "id": "comm-entry-1", "display_name": "comm-entry-1", "action":"REDIRECT", "tags": [], "path": "/infra/domains/domain1/redirection-policies/redirect-policy-1000/rules/redirec-rule-1", "relative_path": "comm-entry-1", "sequence_number": 0, "source_groups": [ "/infra/domains/domain1/groups/srcgrp" ], "services": [ "/infra/services/ORACLE_TNS" ], "logged": false, "destination_groups": [ "/infra/domains/domain1/groups/destgrp" ], "_create_user": "admin", "_create_time": 1509362026134, "_last_modified_user": "admin", "_last_modified_time": 1509362026135, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1, "scope" : [ "ANY" ] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ni Additional Errors:

List redirection policys

List all redirection policys across all domains ordered by precedence.
Request:
Method:
GET
URI Path:
/policy/api/v1/infra/domains/redirection-policies
Request Headers:
n/a
Query Parameters:
SecurityPolicyListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/domains/redirection-policies Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
RedirectionPolicyListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results":[{ "resource_type": "RedirectionPolicy", "description": "redirec-comon-map-1", "id": "redirec-comon-map-1", "display_name": "redirection-communication-map", "path": "/infra/domains/domain1/redirection-policies/redirec-comon-map-1", "relative_path": "redirection-communication-map-1000", "rules": [ ], "redirect_to": ["/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1/service-instance-endpoints/SIE_1"], "_create_user": "admin", "_create_time": 1513751042428, "_last_modified_user": "admin", "_last_modified_time": 1513856178337, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } ] } Required Permissions: read Feature: policy_ni Additional Errors:

Policy: Security: Service Insertion: Service Chains

Associated URIs:

List service chains

List all the service chains available for service insertion
This API is only available when using VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/service-chains
Request Headers:
n/a
Query Parameters:
ServiceChainListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/service-chains Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyServiceChainListResult+

Example Response: { "results": [ { "forward_path_service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_1", "/infra/service-references/SR_1/service-profiles/SP_2" ], "reverse_path_service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_2", "/infra/service-references/SR_1/service-profiles/SP_1" ], "service_segment_path": [ "/infra/segments/service-segments/SS_1" ], "failure_policy": "ALLOW", "path_selection_policy": "ANY", "resource_type": "PolicyServiceChain", "id": "PSC_1", "display_name": "PSC_1", "description": "PSC_1 Desc", "path": "/infra/service-chains/PSC_1", "relative_path": "PSC_1", "parent_path": "/infra/service-chains/PSC_1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1546597502506, "_last_modified_user": "admin", "_last_modified_time": 1546597502506, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } ], "result_count": 1, "sort_by": "display_name", "sort_ascending": true } Required Permissions: read Feature: policy_ni Additional Errors:

Create service chain

Create Service chain representing the sequence in which 3rd party
services must be consumed.
This API is only available when using VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/service-chains/<service-chain-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyServiceChain+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/service-chain/SC-1 { "resource_type" : "PolicyServiceChain", "display_name" : "PSC_1", "description" : "PSC_1 Desc", "forward_path_service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_1", "/infra/service-references/SR_1/service-profiles/SP_2" ], "reverse_path_service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_2", "/infra/service-references/SR_1/service-profiles/SP_1" ], "service_segment_path": [ "/infra/segments/service-segments/SS_1" ], "failure_policy": "ALLOW", "path_selection_policy": "ANY" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ni Additional Errors:

Read service chain

This API can be used to read service chain with given service-chain-id. This API is only available when using VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/service-chains/<service-chain-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/service-chains/<psc-id> Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyServiceChain+

Example Response: { "forward_path_service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_1", "/infra/service-references/SR_1/service-profiles/SP_2" ], "reverse_path_service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_2", "/infra/service-references/SR_1/service-profiles/SP_1" ], "service_segment_path": [ "/infra/segments/service-segments/SS_1" ], "failure_policy": "ALLOW", "path_selection_policy": "ANY", "resource_type": "PolicyServiceChain", "id": "PSC_1", "display_name": "PSC_1", "description": "PSC_1 Desc", "path": "/infra/service-chains/PSC_1", "relative_path": "PSC_1", "parent_path": "/infra/service-chains/PSC_1", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1546597502506, "_last_modified_user": "admin", "_last_modified_time": 1546597502506, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_ni Additional Errors:

Delete Service chain

This API can be user to delete service chain with given service-chain-id. This API is only available when using VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/service-chains/<service-chain-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/l1/endpoints/virtual-endpoints/VEP_1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_ni Additional Errors:

Create or update service chain

Create or update Service chain representing the sequence in which 3rd party
services must be consumed.
This API is only available when using VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/service-chains/<service-chain-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyServiceChain+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/service-chain/SC-1 { "resource_type" : "PolicyServiceChain", "display_name" : "PSC_2 Changed", "description" : "PSC_2 Desc Changed", "forward_path_service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_1", "/infra/service-references/SR_1/service-profiles/SP_2" ], "reverse_path_service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_2", "/infra/service-references/SR_1/service-profiles/SP_1" ], "service_segment_path": [ "/infra/segments/service-segments/SS_1" ], "failure_policy": "ALLOW", "path_selection_policy": "ANY", "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyServiceChain+

Example Response: { "forward_path_service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_1", "/infra/service-references/SR_1/service-profiles/SP_2" ], "reverse_path_service_profiles": [ "/infra/service-references/SR_1/service-profiles/SP_2", "/infra/service-references/SR_1/service-profiles/SP_1" ], "service_segment_path": [ "/infra/segments/service-segments/SS_1" ], "failure_policy": "ALLOW", "path_selection_policy": "ANY", "resource_type": "PolicyServiceChain", "id": "PSC_2", "display_name": "PSC_2 Changed Now", "description": "PSC_2 Desc Changed", "path": "/infra/service-chains/PSC_2", "relative_path": "PSC_2", "parent_path": "/infra/service-chains/PSC_2", "marked_for_delete": false, "_create_user": "admin", "_create_time": 1546597986596, "_last_modified_user": "admin", "_last_modified_time": 1546598050671, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 1 } Required Permissions: crud Feature: policy_ni Additional Errors:

List all service chain mappings for given service profile.

List all service chain mappings in the system for the given service profile.
If no explicit enforcement point is provided in the request, will return for
default. Else, will return for specified points.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/service-references/<service-reference-id>/service-profiles/<service-profile-id>/service-chain-mappings
Request Headers:
n/a
Query Parameters:
PolicySIEnforcementPointRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/service-references/SR_1/service-profiles/SP_1/service-chain-mappings Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceChainMappingListResult+

Example Response: { "result_count": 2, "results": [ { "service_chain_id": "1", "service_index": 3, "direction": "FORWARD" }, { "service_chain_id": "1", "service_index": 2, "direction": "REVERSE" } ] } Required Permissions: read Feature: policy_si Additional Errors:

Policy: Security: Service Insertion: Service Definitions

Associated URIs:

Create a Service Definition on given enforcement point.

Create a Service Definition on given enforcement point. Request:
Method:
POST
URI Path:
/policy/api/v1/enforcement-points/<enforcement-point-id>/service-definitions
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceDefinition+

Example Request: POST https://<policy-mgr>/policy/api/v1/enforcement-points/default/service-definitions { "resource_type":"ServiceDefinition", "description":"NS-Service", "display_name":"NS Service_for_VMC", "tags":[ { "scope":"", "tag":"/infra/tier-0s/vmc/locale-services/default/service-instances/PSI-1" } ], "attachment_point":[ "TIER0_LR" ], "transports":[ "L2_BRIDGE" ], "functionalities":[ "NG_FW" ], "on_failure_policy":"ALLOW", "implementations":[ "NORTH_SOUTH" ], } Successful Response:
Response Code:
201 Created
Response Headers:
Content-type: application/json
Response Body:
ServiceDefinition+

Example Response: { "resource_type":"ServiceDefinition", "description":"NS-Service", "id":"748be482-a072-4f26-b707-d6e68fc0de16", "display_name":"NS Service_for_VMC", "tags":[ { "scope":"", "tag":"/infra/tier-0s/vmc/locale-services/default/service-instances/PSI-1" } ], "attachment_point":[ "TIER0_LR" ], "transports":[ "L2_BRIDGE" ], "functionalities":[ "NG_FW" ], "on_failure_policy":"ALLOW", "implementations":[ "NORTH_SOUTH" ], "_create_user":"nsx_policy", "_create_time":1522353953977, "_last_modified_user":"nsx_policy", "_last_modified_time":1522353953977, "_system_owned":false, "_protection":"PROTECTED", "_revision":1 } Required Permissions: crud Feature: policy_si Additional Errors:

Update an existing Service Definition on the given enforcement point

Update an existing Service Definition on the given enforcement point.
Request:
Method:
PUT
URI Path:
/policy/api/v1/enforcement-points/<enforcement-point-id>/service-definitions/<service-definition-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceDefinition+

Example Request: PUT https://<policy-mgr>/policy/api/v1/enforcement-points/default/service-definitions/<sd-id> { "resource_type": "ServiceDefinition", "description": "NS-Service Changed Desc", "display_name": "NS Service_for_VMC", "tags":[ { "scope": "", "tag": "/infra/tier-0s/vmc/locale-services/default/service-instances/PSI-1" } ], "attachment_point": [ "TIER0_LR" ], "transports": [ "L2_BRIDGE" ], "functionalities": [ "NG_FW" ], "on_failure_policy" :"ALLOW", "implementations": [ "NORTH_SOUTH" ], "_revision": 1 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceDefinition+

Example Response: { "resource_type": "ServiceDefinition", "description": "NS-Service Changed Desc", "id": , "display_name": "NS Service_for_VMC", "tags": [ { "scope":"", "tag":"/infra/tier-0s/vmc/locale-services/default/service-instances/PSI-1" } ], "attachment_point": [ "TIER0_LR" ], "transports": [ "L2_BRIDGE" ], "functionalities": [ "NG_FW" ], "on_failure_policy": "ALLOW", "implementations": [ "NORTH_SOUTH" ], "_create_user": "nsx_policy", "_create_time": 1522353953977, "_last_modified_user": "nsx_policy", "_last_modified_time": 1522353953977, "_system_owned": false, "_protection": "PROTECTED", "_revision": 2 } Required Permissions: crud Feature: policy_si Additional Errors:

Read Service Definition with given service-definition-id.

Read Service Definition with given service-definition-id.
Request:
Method:
GET
URI Path:
/policy/api/v1/enforcement-points/<enforcement-point-id>/service-definitions/<service-definition-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/enforcement-points/default/service-definitions/4727f325-f362-4bd6-8006-961dfd3eca32 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceDefinition+

Example Response: { "resource_type":"ServiceDefinition", "description":"NS-Service", "id":"748be482-a072-4f26-b707-d6e68fc0de16", "display_name":"NS Service_for_VMC", "tags":[ { "scope":"", "tag":"/infra/tier-0s/vmc/locale-services/default/service-instances/PSI-1" } ], "attachment_point":[ "TIER0_LR" ], "transports":[ "L2_BRIDGE" ], "functionalities":[ "NG_FW" ], "on_failure_policy":"ALLOW", "implementations":[ "NORTH_SOUTH" ], "_create_user":"nsx_policy", "_create_time":1522353953977, "_last_modified_user":"nsx_policy", "_last_modified_time":1522353953977, "_system_owned":false, "_protection":"PROTECTED", "_revision":1 } Required Permissions: read Feature: policy_si Additional Errors:

Delete an existing Service Definition on the given enforcement point

Delete an existing Service Definition on the given enforcement point.
Request:
Method:
DELETE
URI Path:
/policy/api/v1/enforcement-points/<enforcement-point-id>/service-definitions/<service-definition-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/enforcement-points/default/service-definitions/4727f325-f362-4bd6-8006-961dfd3eca32 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_si Additional Errors:

Policy: Security: Service Insertion: Service Instances

Associated URIs:

List all Service Definitions registered on given enforcement point.

List all Service Definitions registered on given enforcement point.
Request:
Method:
GET
URI Path:
/policy/api/v1/enforcement-points/<enforcement-point-id>/service-definitions
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/enforcement-points/default/service-definitions Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInsertionServiceListResult+

Example Response: { "sort_ascending":true, "result_count":1, "results":[ { "resource_type":"ServiceDefinition", "description":"NS-Service", "id":"748be482-a072-4f26-b707-d6e68fc0de16", "display_name":"NS Service_for_VMC", "tags":[ { "scope":"", "tag":"/infra/tier-0s/vmc/locale-services/default/service-instances/PSI-1" } ], "attachment_point":[ "TIER0_LR" ], "transports":[ "L2_BRIDGE" ], "functionalities":[ "NG_FW" ], "on_failure_policy":"ALLOW", "implementations":[ "NORTH_SOUTH" ], "_create_user":"nsx_policy", "_create_time":1522353953977, "_last_modified_user":"nsx_policy", "_last_modified_time":1522353953977, "_system_owned":false, "_protection":"PROTECTED", "_revision":1 } ] } Required Permissions: read Feature: policy_si Additional Errors:

Read all BYOD service instance objects under a tier-0

Read all BYOD service instance objects under a tier-0 This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances
Request Headers:
n/a
Query Parameters:
PolicyServiceInstanceListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/service-instances Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ByodPolicyServiceInstanceListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "ByodPolicyServiceInstance", "description": "Byod HCX Test 1", "id": "BYOD_PSI_HCX", "display_name": "BYOD_PSI_HCX", "path": "/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_HCX", "parent_path": "/infra/tier-0s/vmc", "relative_path": "BYOD_PSI_HCX", "marked_for_delete": false, "transport_type": "L3_ROUTED", "partner_service_name": "HCX", "deployment_mode": "STAND_ALONE", "_create_time": 1527419235170, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_last_modified_time": 1527419235170, "_create_user": "admin", "_revision": 0 } ] } Required Permissions: read Feature: policy_si Additional Errors:

Delete BYOD policy service instance

Delete BYOD policy service instance This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/service-instances/PAN-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_si Additional Errors:

Read byod service instance

Read byod service instance This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/service-instances/PAN-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ByodPolicyServiceInstance+

Example Response: { "resource_type": "ByodPolicyServiceInstance", "description": "Byod HCX Test 1", "id": "BYOD_PSI_HCX", "display_name": "BYOD_PSI_HCX", "path": "/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_HCX", "parent_path": "/infra/tier-0s/vmc", "relative_path": "BYOD_PSI_HCX", "marked_for_delete": false, "transport_type": "L3_ROUTED", "partner_service_name": "HCX", "deployment_mode": "STAND_ALONE", "_create_time": 1527419235170, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_last_modified_time": 1527419235170, "_create_user": "admin", "_revision": 0 } Required Permissions: read Feature: policy_si Additional Errors:

Create service instance

Create BYOD Service Instance which represent instance of service definition created on manager.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ByodPolicyServiceInstance+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/service-instances/PAN-1 { "resource_type": "ByodPolicyServiceInstance", "description": "Byod HCX Test 1", "id": "BYOD_PSI_HCX", "display_name": "BYOD_PSI_HCX", "transport_type": "L3_ROUTED", "partner_service_name": "HCX", "deployment_mode": "STAND_ALONE" "_revision":0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ByodPolicyServiceInstance+

Example Response: { "resource_type": "ByodPolicyServiceInstance", "description": "Byod HCX Test 1", "id": "BYOD_PSI_HCX", "display_name": "BYOD_PSI_HCX", "path": "/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_HCX", "parent_path": "/infra/tier-0s/vmc", "relative_path": "BYOD_PSI_HCX", "marked_for_delete": false, "transport_type": "L3_ROUTED", "partner_service_name": "HCX", "deployment_mode": "STAND_ALONE", "_create_time": 1527419235170, "_last_modified_user": "admin", "_system_owned": false, "_protection": "NOT_PROTECTED", "_last_modified_time": 1527419235170, "_create_user": "admin", "_revision": 0 } Required Permissions: crud Feature: policy_si Additional Errors:

Create service instance

Create BYOD Service Instance which represent instance of service definition created on manager.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ByodPolicyServiceInstance+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI { "resource_type": "ByodPolicyServiceInstance", "description": "Byod HCX Test 1", "id": "BYOD_PSI_HCX", "display_name": "BYOD_PSI_HCX", "transport_type": "L3_ROUTED", "partner_service_name": "HCX", "deployment_mode": "STAND_ALONE" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_si Additional Errors:

List all service instance endpoint

List all service instance endpoint This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>/service-instance-endpoints
Request Headers:
n/a
Query Parameters:
ServiceInstanceEndpointListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1/service-instance-endpoints Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInstanceEndpointListResult+

Example Response: { "sort_ascending":true, "result_count":1, "results":[ { "resource_type" : "ServiceInstanceEndpoint", "id" : "SIE_1", "display_name" : "SIE_1", "path" : "/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1/service-instance-endpoints/SIE_1", "parent_path" : "/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1", "relative_path" : "SIE_1", "marked_for_delete" : false, "endpoint_type" : "LOGICAL", "target_ips" : [ { "ip_addresses" : [ "135.1.1.1" ] } ], "service_interface_path" : "/infra/tier-0s/vmc/locale-services/default/service-interfaces/SITF_1", "_create_time" : 1524826554351, "_last_modified_user" : "a;a", "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_last_modified_time" : 1524826554351, "_create_user" : "a;a", "_revision" : 0 } ] } Required Permissions: read Feature: policy_si Additional Errors:

Create service instance endpoint

Create Service instance endpoint.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>/service-instance-endpoints/<service-instance-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceInstanceEndpoint+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1/service-instance-endpoints/SIE_1 { "target_ips": [ { "ip_addresses": [ "135.1.1.1" ], "prefix_length": 24 } ], "service_interface_path":"/infra/tier-0s/vmc/locale-services/default/service-interfaces/SITF_1" } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_si Additional Errors:

Delete policy service instance endpoint

Delete policy service instance endpoint This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>/service-instance-endpoints/<service-instance-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1/service-instance-endpoints/SIE_1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_si Additional Errors:

Create service instance endpoint

Create service instance endpoint with given request if not exist.
Modification of service instance endpoint is not allowed.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>/service-instance-endpoints/<service-instance-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceInstanceEndpoint+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1/service-instance-endpoints/SIE_1 { "target_ips": [ { "ip_addresses": [ "135.1.1.1" ], "prefix_length": 24 } ], "endpoint_type":"LOGICAL", "service_interface_path":"/infra/tier-0s/vmc/locale-services/default/service-interfaces/SITF_1" } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInstanceEndpoint+

Example Response: { "resource_type" : "ServiceInstanceEndpoint", "id" : "SIE_1", "display_name" : "SIE_1", "path" : "/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1/service-instance-endpoints/SIE_1", "parent_path" : "/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1", "relative_path" : "SIE_1", "marked_for_delete" : false, "endpoint_type" : "LOGICAL", "target_ips" : [ { "ip_addresses" : [ "135.1.1.1" ] } ], "service_interface_path" : "/infra/tier-0s/vmc/locale-services/default/service-interfaces/SITF_1", "_create_time" : 1524826554351, "_last_modified_user" : "a;a", "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_last_modified_time" : 1524826554351, "_create_user" : "a;a", "_revision" : 0 } Required Permissions: crud Feature: policy_si Additional Errors:

Read service instance endpoint

Read service instance endpoint This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>/service-instance-endpoints/<service-instance-endpoint-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1/service-instance-endpoints/SIE_1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceInstanceEndpoint+

Example Response: { "resource_type" : "ServiceInstanceEndpoint", "id" : "SIE_1", "display_name" : "SIE_1", "path" : "/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1/service-instance-endpoints/SIE_1", "parent_path" : "/infra/tier-0s/vmc/locale-services/default/byod-service-instances/BYOD_PSI_1", "relative_path" : "SIE_1", "marked_for_delete" : false, "endpoint_type" : "LOGICAL", "target_ips" : [ { "ip_addresses" : [ "135.1.1.1" ] } ], "service_interface_path" : "/infra/tier-0s/vmc/locale-services/default/service-interfaces/SITF_1", "_create_time" : 1524826554351, "_last_modified_user" : "a;a", "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_last_modified_time" : 1524826554351, "_create_user" : "a;a", "_revision" : 0 } Required Permissions: read Feature: policy_si Additional Errors:

Read all service instance objects under a tier-0

Read all service instance objects under a tier-0 This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-instances
Request Headers:
n/a
Query Parameters:
PolicyServiceInstanceListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/service-instances Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyServiceInstanceListResult+

Example Response: { "sort_ascending": true, "sort_by": "display_name", "result_count": 1, "results": [ { "resource_type": "PolicyServiceInstance", "description": "PAN partner service", "id": "PAN-5", "display_name": "pan-service-instance", "path": "/infra/tier-0s/vmc/locale-services/default/service-instances/PAN-1", "parent_path": "/infra/tier-0s/vmc", "relative_path": "PAN-1", "primary_interface_mgmt_ip": "10.161.176.255", "secondary_interface_mgmt_ip": "10.161.176.255", "metadata": "JSON String", "partner_service_location": "https://10.161.176.255/home/admin/abc.ovf", "primary_interface_network": "https://10.161.176.255/home/admin", "secondary_interface_network": "https://10.161.176.255/home/admin", "failure_policy": "FAIL_OPEN", "_system_owned": false, "_create_user": "admin", "_create_time": 1516274764993, "_last_modified_user": "admin", "_last_modified_time": 1516274764993, "_protection": "NOT_PROTECTED", "_revision": 0 } ] } Required Permissions: read Feature: policy_si Additional Errors:

Create service instance

Create Service Instance.
Please note that, only display_name, description and deployment_spec_name
are allowed to be modified in an exisiting entity. If the deployment spec
name is changed, it will trigger the upgrade operation for the SVMs.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyServiceInstance+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/service-instances/PAN-1 { "resource_type": "PolicyServiceInstance", "description": "PAN partner service", "id": "pan-service-instance", "display_name": "pan-service-instance", "path": "/infra/domains/D1/service-instances/PAN-1", "relative_path" : "PAN-1", "partner_service_location": "https://10.161.176.255/home/admin/abc.ovf", "primary_interface_network": "https://10.161.176.255/home/admin", "primary_interface_mgmt_ip": "10.161.176.255", "secondary_interface_network": "https://10.161.176.255/home/admin", "secondary_interface_mgmt_ip": "10.161.176.255", "failure_policy": "FAIL_OPEN", "metadata": "JSON String", "_revision":0 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_si Additional Errors:

Read service instance

Read service instance This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/service-instances/PAN-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyServiceInstance+

Example Response: { "resource_type": "PolicyServiceInstance", "description": "PAN partner service", "id": "PAN-5", "display_name": "pan-service-instance", "path": "/infra/tier-0s/vmc/locale-services/default/service-instances/PAN-1", "parent_path": "/infra/tier-0s/vmc", "relative_path": "PAN-1", "primary_interface_mgmt_ip": "10.161.176.255", "secondary_interface_mgmt_ip": "10.161.176.255", "metadata": "JSON String", "partner_service_location": "https://10.161.176.255/home/admin/abc.ovf", "primary_interface_network": "https://10.161.176.255/home/admin", "secondary_interface_network": "https://10.161.176.255/home/admin", "failure_policy": "FAIL_OPEN", "_system_owned": false, "_create_user": "admin", "_create_time": 1516274764993, "_last_modified_user": "admin", "_last_modified_time": 1516274764993, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_si Additional Errors:

Delete policy service instance

Delete policy service instance This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/service-instances/PAN-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_si Additional Errors:

Create service instance

Create service instance.
Please note that, only display_name, description and deployment_spec_name
are allowed to be modified in an exisiting entity. If the deployment spec
name is changed, it will trigger the upgrade operation for the SVMs.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyServiceInstance+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-0s/vmc/locale-services/default/service-instances/PAN-1 { "resource_type": "PolicyServiceInstance", "description": "PAN partner service", "id": "pan-service-instance", "display_name": "pan-service-instance", "path": "/infra/domains/D1/service-instances/PAN-1", "relative_path" : "PAN-1", "partner_service_location": "https://10.161.176.255/home/admin/abc.ovf", "primary_interface_network": "https://10.161.176.255/home/admin", "primary_interface_mgmt_ip": "10.161.176.255", "secondary_interface_network": "https://10.161.176.255/home/admin", "secondary_interface_mgmt_ip": "10.161.176.255", "failure_policy": "FAIL_OPEN", "metadata": "JSON String", "_revision":0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyServiceInstance+

Example Response: { "resource_type": "PolicyServiceInstance", "description": "PAN partner service", "id": "PAN-5", "display_name": "pan-service-instance", "path": "/infra/tier-0s/vmc/locale-services/default/service-instances/PAN-1", "parent_path": "/infra/tier-0s/vmc", "relative_path": "PAN-1", "primary_interface_mgmt_ip": "10.161.176.255", "secondary_interface_mgmt_ip": "10.161.176.255", "metadata": "JSON String", "partner_service_location": "https://10.161.176.255/home/admin/abc.ovf", "primary_interface_network": "https://10.161.176.255/home/admin", "secondary_interface_network": "https://10.161.176.255/home/admin", "failure_policy": "FAIL_OPEN", "_system_owned": false, "_create_user": "admin", "_create_time": 1516274764993, "_last_modified_user": "admin", "_last_modified_time": 1516274764993, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_si Additional Errors:

Read all service instance objects under a tier-1

Read all service instance objects under a tier-1 This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/service-instances
Request Headers:
n/a
Query Parameters:
PolicyServiceInstanceListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/it_t1/locale-services/default/service-instances Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyServiceInstanceListResult+

Required Permissions: read Feature: policy_si Additional Errors:

Delete Tier1 policy service instance

Delete Tier1 policy service instance This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/tier-1s/it_t1/locale-services/default/service-instances/T1-PSI-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_si Additional Errors:

Read Tier1 service instance

Read Tier1 service instance This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/tier-1s/it_t1/locale-services/default/service-instances/T1-PSI-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyServiceInstance+

Example Response: { "context_id": "84e08a3b-5f4c-482f-b76f-ad0d97ae16c3", "compute_id": "resgroup-9", "storage_id": "datastore-12", "primary_interface_network": "/infra/tier-1s/it_t1/segments/it-t1-seg", "primary_interface_mgmt_ip": "172.16.14.105", "secondary_interface_network": "/infra/tier-1s/it_t1/segments/it-t1-seg", "secondary_interface_mgmt_ip": "172.16.14.205", "deployment_spec_name": "NS_DepSpec", "failure_policy": "BLOCK", "deployment_template_name": "NS_DepTemp", "attributes": [ { "key": "LicenseKey", "display_name": "License", "value": "Randon Value", "attribute_type": "STRING" } ], "resource_type": "PolicyServiceInstance", "id": "T1-PSI-1", "display_name": "T1-PSI-1", "description": "NS Service_for_VMC", "path": "/infra/tier-1s/it_t1/service-instances/T1-PSI-1", "relative_path": "T1-PSI-1", "parent_path": "/infra/tier-1s/it_t1", "marked_for_delete": false, "partner_service_name": "NS Service_for_VMC", "deployment_mode": "ACTIVE_STANDBY", "transport_type": "L2_BRIDGE", "_create_user": "admin", "_create_time": 1551851814205, "_last_modified_user": "admin", "_last_modified_time": 1551851814205, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: read Feature: policy_si Additional Errors:

Create Tier1 service instance

Create Tier1 Service Instance.
Please note that, only display_name, description and deployment_spec_name
are allowed to be modified in an exisiting entity. If the deployment spec
name is changed, it will trigger the upgrade operation for the SVMs.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyServiceInstance+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/tier-1s/it_t1/locale-services/default/service-instances/T1-PSI-1 { "resource_type": "PolicyServiceInstance", "description": "NS Service_for_VMC", "display_name": "T1-PSI-1", "partner_service_name": "NS Service_for_VMC", "context_id": "84e08a3b-5f4c-482f-b76f-ad0d97ae16c3", "compute_id": "resgroup-9", "storage_id": "datastore-12", "primary_interface_network": "/infra/tier-1s/it_t1/segments/it-t1-seg", "primary_interface_mgmt_ip": "172.16.14.105", "secondary_interface_network": "/infra/tier-1s/it_t1/segments/it-t1-seg", "secondary_interface_mgmt_ip": "172.16.14.205", "failure_policy": "BLOCK", "deployment_spec_name": "NS_DepSpec", "deployment_template_name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "LicenseKey", "value": "Randon Value" }] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_si Additional Errors:

Create Tier1 service instance

Create Tier1 service instance.
Please note that, only display_name, description and deployment_spec_name
are allowed to be modified in an exisiting entity. If the deployment spec
name is changed, it will trigger the upgrade operation for the SVMs.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyServiceInstance+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/tier-1s/it_t1/locale-services/default/service-instances/T1-PSI-1 { "resource_type": "PolicyServiceInstance", "description": "NS Service_for_VMC", "display_name": "T1-PSI-1", "partner_service_name": "NS Service_for_VMC", "context_id": "84e08a3b-5f4c-482f-b76f-ad0d97ae16c3", "compute_id": "resgroup-9", "storage_id": "datastore-12", "primary_interface_network": "/infra/tier-1s/it_t1/segments/it-t1-seg", "primary_interface_mgmt_ip": "172.16.14.105", "secondary_interface_network": "/infra/tier-1s/it_t1/segments/it-t1-seg", "secondary_interface_mgmt_ip": "172.16.14.205", "failure_policy": "BLOCK", "deployment_spec_name": "NS_DepSpec", "deployment_template_name": "NS_DepTemp", "attributes": [{ "attribute_type": "STRING", "display_name": "License", "key": "LicenseKey", "value": "Randon Value" }] } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyServiceInstance+

Example Response: { "context_id": "84e08a3b-5f4c-482f-b76f-ad0d97ae16c3", "compute_id": "resgroup-9", "storage_id": "datastore-12", "primary_interface_network": "/infra/tier-1s/it_t1/segments/it-t1-seg", "primary_interface_mgmt_ip": "172.16.14.105", "secondary_interface_network": "/infra/tier-1s/it_t1/segments/it-t1-seg", "secondary_interface_mgmt_ip": "172.16.14.205", "deployment_spec_name": "NS_DepSpec", "failure_policy": "BLOCK", "deployment_template_name": "NS_DepTemp", "attributes": [ { "key": "LicenseKey", "display_name": "License", "value": "Randon Value", "attribute_type": "STRING" } ], "resource_type": "PolicyServiceInstance", "id": "T1-PSI-1", "display_name": "T1-PSI-1", "description": "NS Service_for_VMC", "path": "/infra/tier-1s/it_t1/service-instances/T1-PSI-1", "relative_path": "T1-PSI-1", "parent_path": "/infra/tier-1s/it_t1", "marked_for_delete": false, "partner_service_name": "NS Service_for_VMC", "deployment_mode": "ACTIVE_STANDBY", "transport_type": "L2_BRIDGE", "_create_user": "admin", "_create_time": 1551851814205, "_last_modified_user": "admin", "_last_modified_time": 1551851814205, "_system_owned": false, "_protection": "NOT_PROTECTED", "_revision": 0 } Required Permissions: crud Feature: policy_si Additional Errors:

Policy: Security: Service Insertion: Service References

Associated URIs:

List service references

List all the partner service references available for service insertion
This API is only available when using VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/service-references
Request Headers:
n/a
Query Parameters:
ServiceReferenceListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/service-references Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceReferenceListResult+

Example Response: { "sort_ascending" : true, "sort_by" : "display_name", "result_count" : 1, "results" : [ { "resource_type" : "ServiceReference", "id" : "SR_1", "display_name" : "SR 1", "path" : "/infra/service-references/SR_1", "parent_path" : "/infra/service-references/SR_1", "relative_path" : "SR_1", "marked_for_delete" : false, "partner_service_name" : "dummy service", "enabled" : true, "_create_user" : "admin", "_create_time" : 1535549055517, "_last_modified_user" : "admin", "_last_modified_time" : 1535549055517, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: policy_si Additional Errors:

Create service reference

Create Service Reference representing the intent to consume a given 3rd party
service.
This API is only available when using VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/service-references/<service-reference-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceReference+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/service-references/SR_1 { "resource_type": "ServiceReference", "description": "Test Service Reference", "id": "SR_1", "display_name": "SR_1", "partner_service_name": "DummyServiceDefinition", "enabled": true, "_revision":0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceReference+

Example Response: { "resource_type" : "ServiceReference", "id" : "SR_1", "display_name" : "SR 1", "path" : "/infra/service-references/SR_1", "parent_path" : "/infra/service-references/SR_1", "relative_path" : "SR_1", "marked_for_delete" : false, "partner_service_name" : "dummy service", "enabled" : true, "_create_user" : "admin", "_create_time" : 1535549055517, "_last_modified_user" : "admin", "_last_modified_time" : 1535549055517, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: policy_si Additional Errors:

Delete Service Reference

This API can be used to delete a service reference with the given service-reference-id. This API is only available when using VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/service-references/<service-reference-id>
Request Headers:
n/a
Query Parameters:
PolicyServiceReferenceCascadeDeletionParam+
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/service-reference/SR-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_si Additional Errors:

Read service reference

This API can be used to read service reference with the given service-reference-id. This API is only available when using VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/service-references/<service-reference-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/service-references/SR_1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceReference+

Example Response: { "resource_type" : "ServiceReference", "id" : "SR_1", "display_name" : "SR 1", "path" : "/infra/service-references/SR_1", "parent_path" : "/infra/service-references/SR_1", "relative_path" : "SR_1", "marked_for_delete" : false, "partner_service_name" : "dummy service", "enabled" : true, "_create_user" : "admin", "_create_time" : 1535549055517, "_last_modified_user" : "admin", "_last_modified_time" : 1535549055517, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: policy_si Additional Errors:

Create service reference

Create Service Reference representing the intent to consume a given 3rd party
service.
This API is only available when using VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/service-references/<service-reference-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
ServiceReference+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/service-references/SR-1 { "resource_type": "ServiceReference", "description": "Test Service Reference", "id": "SR-1", "display_name": "SR-1", "partner_service_name": "DummyServiceDefinition", "enabled": true, "_revision":0 } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_si Additional Errors:

List service profiles

List all the service profiles available for given service reference
This API is only available when using VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/service-references/<service-reference-id>/service-profiles
Request Headers:
n/a
Query Parameters:
PolicyServiceProfileListRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/service-references/SR_1/service-profiles Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyServiceProfileListResult+

Example Response: { "sort_ascending" : true, "sort_by" : "display_name", "result_count" : 1, "results" : [ { "resource_type" : "PolicyServiceProfile", "id" : "SP_1", "display_name" : "SP 1", "path" : "/infra/service-references/SR_1/service-profiles/SP_1", "parent_path" : "/infra/service-references/SR_1", "relative_path" : "SP_1", "marked_for_delete" : false, "redirection_action" : "COPY", "vendor_template_name" : "test template", "attributes" : [ ], "_create_user" : "admin", "_create_time" : 1535550281517, "_last_modified_user" : "admin", "_last_modified_time" : 1535550281517, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 0 } ] } Required Permissions: read Feature: policy_si Additional Errors:

Create or update service profile

Create or update Service profile to specify vendor temp- late attributes for a given 3rd party service. This API is only available when using VMware NSX-T. Request:
Method:
PUT
URI Path:
/policy/api/v1/infra/service-references/<service-reference-id>/service-profiles/<service-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyServiceProfile+

Example Request: PUT https://<policy-mgr>/policy/api/v1/infra/service-references/SR-1/service-profiles/SP_1 { "id":"SP_1", "display_name":"SP 1", "vendor_template_name":"test template", "redirection_action":"COPY", "attributes":[], "_revision": 0 } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyServiceProfile+

Example Response: { "resource_type" : "PolicyServiceProfile", "id" : "SP_1", "display_name" : "SP 1", "path" : "/infra/service-references/SR_1/service-profiles/SP_1", "parent_path" : "/infra/service-references/SR_1", "relative_path" : "SP_1", "marked_for_delete" : false, "redirection_action" : "COPY", "vendor_template_name" : "test template", "attributes" : [ ], "_create_user" : "admin", "_create_time" : 1535550281517, "_last_modified_user" : "admin", "_last_modified_time" : 1535550281517, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: crud Feature: policy_si Additional Errors:

Read service profile

This API can be used to read service profile with given service-profile-id This API is only available when using VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/service-references/<service-reference-id>/service-profiles/<service-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/service-references/SR-1/service-profiles/SP-1 Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
PolicyServiceProfile+

Example Response: { "resource_type" : "PolicyServiceProfile", "id" : "SP_1", "display_name" : "SP 1", "path" : "/infra/service-references/SR_1/service-profiles/SP_1", "parent_path" : "/infra/service-references/SR_1", "relative_path" : "SP_1", "marked_for_delete" : false, "redirection_action" : "COPY", "vendor_template_name" : "test template", "attributes" : [ ], "_create_user" : "admin", "_create_time" : 1535550281517, "_last_modified_user" : "admin", "_last_modified_time" : 1535550281517, "_system_owned" : false, "_protection" : "NOT_PROTECTED", "_revision" : 0 } Required Permissions: read Feature: policy_si Additional Errors:

Create service profile

Create Service profile to specify vendor template attri- butes for a given 3rd party service. This API is only available when using VMware NSX-T. Request:
Method:
PATCH
URI Path:
/policy/api/v1/infra/service-references/<service-reference-id>/service-profiles/<service-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
PolicyServiceProfile+

Example Request: PATCH https://<policy-mgr>/policy/api/v1/infra/service-references/SR-1/service-profiles/SP_1 { "id":"SP_1", "display_name":"SP 1", "vendor_template_name":"test template", "redirection_action":"COPY", "attributes":[] } Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_si Additional Errors:

Delete Service profile

This API can be used to delete service profile with given service-profile-id This API is only available when using VMware NSX-T. Request:
Method:
DELETE
URI Path:
/policy/api/v1/infra/service-references/<service-reference-id>/service-profiles/<service-profile-id>
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
n/a

Example Request: DELETE https://<policy-mgr>/policy/api/v1/infra/service-references/SR-1/service-profiles/SP-1 Successful Response:
Response Code:
200 OK
Response Headers:
n/a
Response Body:
n/a

Required Permissions: crud Feature: policy_si Additional Errors:

Get Groups used in Redirection rules for a given Service Profile.

List of Groups used in Redirection rules for a given Service Profile.
This API is available when using VMware Cloud on AWS or VMware NSX-T. Request:
Method:
GET
URI Path:
/policy/api/v1/infra/service-references/<service-reference-id>/service-profiles/<service-profile-id>/group-associations
Request Headers:
n/a
Query Parameters:
PolicySIEnforcementPointRequestParameters+
Request Body:
n/a

Example Request: GET https://<policy-mgr>/policy/api/v1/infra/service-references/SR_1/service-profiles/SP_1/group-associations Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
ServiceProfileGroups+

Example Response: { "groups": [ { "group": { "target_id": "3d9d1eb9-4191-4e9a-ba27-ee40ed257613", "target_display_name": "default.db group-1", "target_type": "NSGroup", "is_valid": true }, "group_policy_path": "/policy/api/v1/infra/domains/default/groups/db" }, { "group": { "target_id": "6e337a18-0b5b-430d-ade0-c0550edbd323", "target_display_name": "default.web group-1", "target_type": "NSGroup", "is_valid": true }, "group_policy_path": "/policy/api/v1/infra/domains/default/groups/web" } ], "_protection": "NOT_PROTECTED" } Required Permissions: read Feature: policy_si Additional Errors:

Upgrade

Upgrade: Node Upgrade

Associated URIs:

Get upgrade task status

Get upgrade task status for the given task of the given bundle.
Both bundle_name and task_id must be provided, otherwise you
will receive a 404 NOT FOUND response.
Request:
Method:
GET
URI Path:
/api/v1/node/upgrade
Request Headers:
n/a
Query Parameters:
UpgradeTaskStatusQueryParameters+
Request Body:
n/a

Example Request: GET https://<nsx-mgr>/api/v1/node/upgrade?bundle_name=VMware-NSX-unified-appliance-2.1.0.0.0.6921065&upgrade_task_id=77834e07-7901-4e3d-bfe9-aa1df72cac6b Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeTaskProperties+

Required Permissions: read Feature: system_administration Additional Errors:

Execute upgrade task

Execute upgrade task.
Request:
Method:
POST
URI Path:
/api/v1/node/upgrade/performtask?action=[^/]+
Request Headers:
n/a
Query Parameters:
n/a
Request Body:
UpgradeTaskProperties+

Example Request: POST https://<nsx-mgr>/api/v1/node/upgrade/performtask?action=execute { "bundle_name" : "VMware-NSX-unified-appliance-2.1.0.0.0.6921065", "step": "list_commands", "parameters": { "parameter_key1": "parameter_value1", } } Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
UpgradeTaskProperties+

Required Permissions: crud Feature: system_administration Additional Errors:


API Types


ALGTypeNSService (schema)

An NSService element that represents an ALG protocol

Name Description Type Notes
alg The Application Layer Gateway (ALG) protocol

The Application Layer Gateway (ALG) protocol.
Please note, protocol NBNS_BROADCAST and NBDG_BROADCAST are deprecated.
Please use UDP protocol and create L4 Port Set type of service instead.
string Required
Enum: ORACLE_TNS, FTP, SUN_RPC_TCP, SUN_RPC_UDP, MS_RPC_TCP, MS_RPC_UDP, NBNS_BROADCAST, NBDG_BROADCAST, TFTP
destination_ports The destination_port cannot be empty and must be a single value. array of PortElement Required
Minimum items: 1
Maximum items: 15
resource_type Must be set to the value ALGTypeNSService string Required
Enum: EtherTypeNSService, IPProtocolNSService, IGMPTypeNSService, ICMPTypeNSService, ALGTypeNSService, L4PortSetNSService
source_ports Source ports array of PortElement Maximum items: 15

ALGTypeServiceEntry (schema)

An ServiceEntry that represents an ALG protocol

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alg The Application Layer Gateway (ALG) protocol

The Application Layer Gateway (ALG) protocol.
Please note, protocol NBNS_BROADCAST and NBDG_BROADCAST are deprecated.
Please use UDP protocol and create L4 Port Set type of service instead.
string Required
Enum: ORACLE_TNS, FTP, SUN_RPC_TCP, SUN_RPC_UDP, MS_RPC_TCP, MS_RPC_UDP, NBNS_BROADCAST, NBDG_BROADCAST, TFTP
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
destination_ports The destination_port cannot be empty and must be a single value. array of PortElement Required
Minimum items: 1
Maximum items: 15
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value ALGTypeServiceEntry string Required
Enum: IPProtocolServiceEntry, IGMPTypeServiceEntry, ICMPTypeServiceEntry, ALGTypeServiceEntry, L4PortSetServiceEntry, EtherTypeServiceEntry
source_ports array of PortElement Maximum items: 15
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AbstractSpace (schema)

The space in which policy is being defined

Represents the space in which the policy is being defined.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
connectivity_strategy Connectivity strategy used by this tenant

This field indicates the default connectivity policy for the infra
or tenant space
WHITELIST - Adds a default drop rule. Administrator can then use "allow"
rules (aka whitelist) to allow traffic between groups
BLACKLIST - Adds a default allow rule. Admin can then use "drop" rules
(aka blacklist) to block traffic between groups
WHITELIST_ENABLE_LOGGING - Whitelising with logging enabled
BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled
NONE - No default rules are added.
string Enum: WHITELIST, BLACKLIST, WHITELIST_ENABLE_LOGGING, BLACKLIST_ENABLE_LOGGING, NONE
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value AbstractSpace string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AcceptableComponentVersion (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
acceptable_versions List of component versions array of string Required
component_type Node type string Required
Enum: HOST, EDGE, CCP, MP
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value AcceptableComponentVersion string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AcceptableComponentVersionList (schema)

Name Description Type Notes
results Acceptable version whitelist for different components array of AcceptableComponentVersion Required

Action (schema)

Reaction Action

Reaction Action is the action to take when the stipulated criteria specified
in the event exist over the source. Some example actions include:
- Notify Admin (or VMC's SRE) via email.
- Populate a specific label with the IPSec VPN Session.
- Remove the IPSec VPN Session from a specific label.
This is an abstract type. Concrete child types:
PatchResources
SetFields

Name Description Type Notes
resource_type Resource Type

Reaction Action resource type.
string Required
Enum: PatchResources, SetFields

ActionableResource (schema)

Resources managed during restore process

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_address A resource reference on which actions can be performed string
resource_type Must be set to the value ActionableResource string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ActionableResourceListRequestParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
instruction_id Id of the instruction set whose instructions are to be returned string Required
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ActionableResourceListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List results array of ActionableResource Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AddClusterNodeAction (schema)

Name Description Type Notes
action string Required
Enum: add_cluster_node

AddClusterNodeSpec (schema)

Name Description Type Notes
controller_role_config AddControllerNodeSpec
display_name Display name for the node string
external_id External identifier of the node string
mgr_role_config AddManagementNodeSpec

AddClusterNodeVMInfo (schema)

Info for AddClusterNodeVM

Contains a list of cluster node VM deployment requests and optionally
a clustering configuration.

Name Description Type Notes
clustering_config Configuration for auto-clustering of VMs post-deployment

This property is deprecated since ClusteringConfig is no longer
needed for auto-installation and will be ignored if provided.
ClusteringConfig
(Abstract type: pass one of the following concrete types)
ClusteringConfig
ControlClusteringConfig		 Deprecated
deployment_requests List of deployment requests

Cluster node VM deployment requests to be deployed by the Manager.
array of ClusterNodeVMDeploymentRequest Required
Minimum items: 1

AddControllerNodeSpec (schema)

Name Description Type Notes
clustering_params Clustering parameters for the node

The details of the controller node required for cluster initialization or joining to an existing cluster. If this property is set, the node will be added to an existing cluster or used to create a new cluster. Otherwise no clustering operation/s will be performed.		 ClusteringInfo
control_plane_server_certificate Deprecated. Do not supply a value for this property. string Deprecated
host_msg_client_info MsgClientInfo Required
mpa_msg_client_info MsgClientInfo Required
node_id Internal identifier of the node

Only use this if an id for the node already exists with MP. If not specified, then the node_id will be set to a random id.		 string
type must be set to AddControllerNodeSpec string Required
Enum: AddControllerNodeSpec

AddIntelligenceClusterNodeVMInfo (schema)

Info for AddIntelligenceClusterNodeVM

Contains a list of NSX-Intelligence cluster node VM deployment requests and optionally
a clustering configuration.

Name Description Type Notes
deployment_requests List of deployment requests

Intelligence Cluster node VM deployment requests to be deployed by NSX.
array of IntelligenceClusterNodeVMDeploymentRequest Required
Minimum items: 1

AddManagementNodeSpec (schema)

Name Description Type Notes
cert_thumbprint The certificate thumbprint of the remote node. string
mpa_msg_client_info MsgClientInfo
password The password to be used to authenticate with the remote node. string Required
remote_address The host address of the remote node to which to send this join request. IPAddress Required
type must be set to AddManagementNodeSpec string Required
Enum: AddManagementNodeSpec
user_name The username to be used to authenticate with the remote node. string Required

AdditionalSearchParameters (schema) (Experimental)

Represents search object that provides additional search capabilities

This object presents additional search capabilities over any API through free text query string. e.g. query="Web-VM-1".

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
dsl Search DSL (domain specific language) query

It's human readable and context-based query language for retreiving
information from search indices.
For example: Find router where ip is 10.10.1.10
string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
query Search query string
sort_ascending boolean
sort_by Field by which records are sorted string

AddressBindingEntry (schema)

Combination of IP-MAC-VLAN binding

An address binding entry is a combination of the IP-MAC-VLAN binding for
a logical port. The address bindings can be obtained via various methods
like ARP snooping, DHCP snooping etc. or by user configuration.

Name Description Type Notes
binding Combination of IP-MAC-VLAN binding PacketAddressClassifier
binding_timestamp Timestamp of binding

Timestamp at which the binding was discovered via snooping or manually
specified by the user
EpochMsTimestamp
source Address binding source

Source from which the address binding entry was obtained		 AddressBindingSource Default: "UNKNOWN"

AddressBindingSource (schema)

Source from which the address binding is obtained

Name Description Type Notes
AddressBindingSource Source from which the address binding is obtained string Enum: INVALID, UNKNOWN, USER_DEFINED, ARP_SNOOPING, DHCP_SNOOPING, VM_TOOLS, ND_SNOOPING, DHCPV6_SNOOPING, VM_TOOLS_V6

AddressFamilyType (schema)

Type of Address Family

Name Description Type Notes
AddressFamilyType Type of Address Family string Enum: IPV4_UNICAST, VPNV4_UNICAST, IPV6_UNICAST

AdvanceClusterRestoreInput (schema)

Name Description Type Notes
id Unique id of an instruction (as returned by the GET /restore/status call) for which input is to be provided string Required
Readonly
resources List of resources for which the instruction is applicable. array of SelectableResourceReference Required

AdvanceClusterRestoreRequest (schema)

Name Description Type Notes
data List of instructions and their associated data array of AdvanceClusterRestoreInput Required

AdvertiseRule (schema)

Name Description Type Notes
action Action to ALLOW or DENY advertisement of routes

ALLOW action enables the advertisment and DENY action disables the advertisement of a filtered routes to the connected TIER0 router.		 string Enum: DENY, ALLOW
Default: "ALLOW"
description Description string Maximum length: 1024
display_name Display name string Maximum length: 255
networks network(CIDR) to be routed array of IPCIDRBlock Required
rule_filter Rule filter for the advertise rule AdvertisementRuleFilter

AdvertiseRuleList (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
logical_router_id Logical router id string Readonly
resource_type Must be set to the value AdvertiseRuleList string
rules List of advertisement rules array of AdvertiseRule Minimum items: 0
Default: "[]"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AdvertisementConfig (schema)

Advertisement config

Advertisement config for different types of
routes which need to be advertised from TIER1 logical
router to the linked TIER0 logical router

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
advertise_dns_forwarder Advertise dns forwarder ips

Flag to advertise all routes of dns forwarder listener ips and source ips		 boolean Default: "False"
advertise_ipsec_local_ip Advertise IPSec VPN local endpoint ips

Flag to advertise all IPSec VPN local endpoint ips to linked TIER0 logical router		 boolean Default: "False"
advertise_lb_snat_ip Advertise lb SNAT ips

Flag to advertise all lb SNAT ips		 boolean Default: "False"
advertise_lb_vip Advertise lb vip ips

Flag to advertise lb vip ips		 boolean Default: "False"
advertise_nat_routes Advertise NAT routes

Flag to advertise all routes of nat		 boolean Default: "False"
advertise_nsx_connected_routes Advertise connected routes

Flag to advertise all connected routes		 boolean Default: "False"
advertise_static_routes Advertise static routes

Flag to advertise all static routes		 boolean Default: "False"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Enable advertisement

Flag to enable this configuration		 boolean Default: "False"
id Unique identifier of this resource string Sortable
logical_router_id Logical router id

TIER1 logical router id on which to enable this configuration		 string Readonly
resource_type Must be set to the value AdvertisementConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AdvertisementRuleFilter (schema)

To filter the routes advertised by the TIER1 LR to TIER0 LR. Filtering will be based on the type of route and the prefix operator configured.

Name Description Type Notes
match_route_types Array of route types to filter routes array of AdvertisementRuleFilterRouteType Required
Minimum items: 1
prefix_operator Prefix operator to apply on networks

GE prefix operator filters all the routes having network subset of any of the networks configured in Advertise rule. EQ prefix operator filter all the routes having network equal to any of the network configured in Advertise rule.		 string Required
Enum: GE, EQ
Default: "GE"

AdvertisementRuleFilterRouteType (schema)

Route types to filter TIER1 LR advertised routes

Route types to filter the routes advertised by TIER1 LR. The ANY type filters all routes advertised by TIER1. The STATIC type is deprecated. Please refer to T1_STATIC. The T1_STATIC type filters STATIC routes advertised by TIER1. The NSX_CONNECTED type is deprecated. Please refer to T1_CONNECTED. The T1_CONNECTED type filters directly connected routes including downlink and CSP networks advertised by TIER1. The T1_NAT type filters routes for NAT rules advertised by TIER1. The T1_LB_VIP type filters LB VIP networks advertised by TIER1. The T1_LB_SNAT type filters routes corresponding to LB SNAT rules advertised by TIER1. The T1_DNSFORWARDER type filters routes for DNS FORWARDER advertised by TIER1. The T1_IPSEC_LOCAL_IP type filters IPSec VPN local endpoint ip addresses to be advertised.

Name Description Type Notes
AdvertisementRuleFilterRouteType Route types to filter TIER1 LR advertised routes

Route types to filter the routes advertised by TIER1 LR. The ANY type filters all routes advertised by TIER1. The STATIC type is deprecated. Please refer to T1_STATIC. The T1_STATIC type filters STATIC routes advertised by TIER1. The NSX_CONNECTED type is deprecated. Please refer to T1_CONNECTED. The T1_CONNECTED type filters directly connected routes including downlink and CSP networks advertised by TIER1. The T1_NAT type filters routes for NAT rules advertised by TIER1. The T1_LB_VIP type filters LB VIP networks advertised by TIER1. The T1_LB_SNAT type filters routes corresponding to LB SNAT rules advertised by TIER1. The T1_DNSFORWARDER type filters routes for DNS FORWARDER advertised by TIER1. The T1_IPSEC_LOCAL_IP type filters IPSec VPN local endpoint ip addresses to be advertised.		 string Enum: ANY, STATIC, T1_STATIC, NSX_CONNECTED, T1_CONNECTED, T1_NAT, T1_LB_VIP, T1_LB_SNAT, T1_DNSFORWARDER, T1_IPSEC_LOCAL_IP

AgentInfo (schema)

Agent Information

Information on agent download link and install command.

Name Description Type Notes
agent_download_link Link to Download Agent string
agent_install_command Command to Install Agent string
agent_os_type Agent OS Type string

AgentStatus (schema)

Name Description Type Notes
name Agent name string Enum: NSX_AGENT, NSX_OPSAGENT, NSX_CFGAGENT, NSX_NESTDB
status Agent status string Enum: UP, DOWN, UNKNOWN

AgentStatusCount (schema)

Name Description Type Notes
agents NSX agents status

List of agent statuses belonging to the transport node		 array of AgentStatus
down_count Down count int
status Roll-up agent status string Enum: UP, DOWN, UNKNOWN
up_count Up count int

AggregateDNSForwarderStatistics (schema)

Aggregate of DNS forwarder statistics

Aggregate of DNS forwarder statistics across enforcement points.

Name Description Type Notes
intent_path String path of the DNS forwarder intent

String path of the DNS forwarder intent.
string Required
statistics_per_enforcement_point List of DNS forwarder statistics per enforcement point

List of DNS forwarder statistics per enforcement point.
array of DNSForwarderStatisticsPerEnforcementPoint
(Abstract type: pass one of the following concrete types)
NsxTDNSForwarderStatistics		 Readonly

AggregateDNSForwarderStatus (schema)

Aggregate of DNS forwarder status

Aggregate of DNS forwarder status across enforcement points.

Name Description Type Notes
intent_path String path of the DNS forwarder intent

String path of the DNS forwarder intent.
string Required
status_per_enforcement_point List of DNS forwarder status per enforcement point

List of DNS forwarder status per enforcement point.
array of DNSForwarderStatusPerEnforcementPoint
(Abstract type: pass one of the following concrete types)
NsxTDNSForwarderStatus		 Readonly

AggregateIPSecVpnSessionStatistics (schema)

Aggregate of IPSec VPN Session Statistics

Aggregate of IPSec VPN Session Statistics across Enforcement Points.

Name Description Type Notes
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F.
string Required
Readonly
results List of IPSec VPN Session Statistics per Enforcement Point

List of IPSec VPN Session Statistics per Enforcement Point.
array of IPSecVpnSessionStatisticsPerEP
(Abstract type: pass one of the following concrete types)
IPSecVpnSessionStatisticsNsxT		 Readonly

AggregateIPSecVpnSessionStatus (schema)

Aggregate of IPSec VPN Session Status

Aggregate of IPSec VPN Session Status across Enforcement Points.

Name Description Type Notes
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F.
string Required
Readonly
results List of IPSec VPN Session Status per Enforcement Point

List of IPSec VPN Session Status per Enforcement Point.
array of IPSecVpnSessionStatusPerEP
(Abstract type: pass one of the following concrete types)
IPSecVpnSessionStatusNsxT		 Readonly

AggregateL2VPNSessionPeerConfig (schema)

Aggregate of L2VPN Session Peer Config

Aggregate of L2VPN Session peer config across Enforcement Points.

Name Description Type Notes
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F.
string Required
Readonly
results List of L2VPN Session Peer config per Enforcement Point

List of L2VPN Session peer config per Enforcement Point.
array of L2VPNSessionPeerConfigPerEP
(Abstract type: pass one of the following concrete types)
L2VPNSessionPeerConfigNsxT		 Readonly

AggregateL2VPNSessionStatistics (schema)

Aggregate of L2VPN Session Statistics

Aggregate of L2VPN Session Statistics across Enforcement Points.

Name Description Type Notes
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F.
string Required
Readonly
results List of L2VPN Session Statistics per Enforcement Point

List of L2VPN Session Statistics per Enforcement Point.
array of L2VPNSessionStatisticsPerEP
(Abstract type: pass one of the following concrete types)
L2VPNSessionStatisticsNsxT		 Readonly

AggregateL2VPNSessionStatus (schema)

Aggregate of L2VPN Session Status

Aggregate of L2VPN Session Status across Enforcement Points.

Name Description Type Notes
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F.
string Required
Readonly
results List of L2VPN Session Status per Enforcement Point

List of L2VPN Session Status per Enforcement Point.
array of L2VPNSessionStatusPerEP
(Abstract type: pass one of the following concrete types)
L2VPNSessionStatusNsxT		 Readonly

AggregateLBNodeUsageSummary (schema)

Aggregate of LBNodeUsageSummary across Enforcement Points.

Name Description Type Notes
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F.
string Required
Readonly
results LBNodeUsageSummary list results

LBNodeUsageSummary list results.		 array of LBNodeUsageSummary Readonly

AggregateLBPoolStatistics (schema)

Paged Collection of LBPoolStatisticsPerEP

Name Description Type Notes
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F.
string Required
Readonly
results LBPoolStatisticsPerEP list results

LBPoolStatisticsPerEP list results.		 array of LBPoolStatisticsPerEP
(Abstract type: pass one of the following concrete types)
LBPoolStatistics		 Readonly

AggregateLBPoolStatus (schema)

Paged Collection of LBPoolStatusPerEP

Name Description Type Notes
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F.
string Required
Readonly
results LBPoolStatusPerEP list results

LBPoolStatusPerEP list results.		 array of LBPoolStatusPerEP
(Abstract type: pass one of the following concrete types)
LBPoolStatus		 Readonly

AggregateLBServiceStatistics (schema)

Paged Collection of LBServiceStatisticsPerEP

Name Description Type Notes
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F.
string Required
Readonly
results LBServiceStatisticsPerEP list results

LBServiceStatisticsPerEP list results.		 array of LBServiceStatisticsPerEP
(Abstract type: pass one of the following concrete types)
LBServiceStatistics		 Readonly

AggregateLBServiceStatus (schema)

Paged Collection of LBServiceStatusPerEP

Name Description Type Notes
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F.
string Required
Readonly
results LBServiceStatusPerEP list results

LBServiceStatusPerEP list results.		 array of LBServiceStatusPerEP
(Abstract type: pass one of the following concrete types)
LBServiceStatus		 Readonly

AggregateLBServiceUsage (schema)

Aggregate of LBServiceUsagePerEP across Enforcement Points.

Name Description Type Notes
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F.
string Required
Readonly
results LBServiceUsagePerEP list results

LBServiceUsagePerEP list results.		 array of LBServiceUsagePerEP
(Abstract type: pass one of the following concrete types)
LBServiceUsage		 Readonly

AggregateLBVirtualServerStatistics (schema)

Paged Collection of LBVirtualServerStatisticsPerEP

Name Description Type Notes
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F.
string Required
Readonly
results LBVirtualServerStatisticsPerEP list results

LBVirtualServerStatisticsPerEP list results.		 array of LBVirtualServerStatisticsPerEP
(Abstract type: pass one of the following concrete types)
LBVirtualServerStatistics		 Readonly

AggregateLBVirtualServerStatus (schema)

Paged Collection of LBVirtualServerStatusPerEP

Name Description Type Notes
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F.
string Required
Readonly
results LBVirtualServerStatusPerEP list results

LBVirtualServerStatusPerEP list results.		 array of LBVirtualServerStatusPerEP
(Abstract type: pass one of the following concrete types)
LBVirtualServerStatus		 Readonly

AggregatePolicyDnsAnswer (schema)

Aggregate of DNS forwarder nslookup answer

Aggregate of DNS forwarder nslookup answer across enforcement points.

Name Description Type Notes
dns_answer_per_enforcement_point List of DNS forwarder nslookup answer per enforcement point

List of DNS forwarder nslookup answer per enforcement point.
array of PolicyDnsAnswerPerEnforcementPoint Readonly
intent_path String path of the DNS forwarder intent

String path of the DNS forwarder intent.
string Required

AggregatePolicyRuntimeInfo (schema)

Aggregate of PolicyRuntimeInfoPerEP

Aggregate of PolicyRuntimeInfoPerEP across Enforcement Points.

Name Description Type Notes
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F.
string Required
Readonly

AggregatedDataCounter (schema)

Name Description Type Notes
rx_bytes DataCounter Readonly
rx_packets DataCounter Readonly
tx_bytes DataCounter Readonly
tx_packets DataCounter Readonly

AggregatedDataCounterEx (schema)

Name Description Type Notes
dropped_by_security_packets PacketsDroppedBySecurity Readonly
mac_learning MacLearningCounters Readonly
rx_bytes DataCounter Readonly
rx_packets DataCounter Readonly
tx_bytes DataCounter Readonly
tx_packets DataCounter Readonly

AggregatedLogicalRouterPortCounters (schema)

Name Description Type Notes
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
rx LogicalRouterPortCounters Readonly
tx LogicalRouterPortCounters Readonly

Alarm (schema)

Alarm in NSX that needs users' attention

Name Description Type Notes
id Unique identifier for an NSX Alarm string Required
Readonly
message Description of the Alarm string Required
severity Severity of an Alarm string Required
Readonly
Enum: UNKNOWN, MINOR, MAJOR, CRITICAL
source_comp Alarm source component like nsx-manager, nsx-edge etc string Required
Readonly
source_comp_id Unique identifier(like UUID) for the node sending the Alarm string Required
Readonly
source_subcomp Alarm source sub component like nsx-mpa etc string Required
Readonly
sources Sources emitting this alarm AlarmSource Readonly
state Alarm state Required
Enum: UNKNOWN, ACTIVE, ACKNOWLEDGED, RESOLVED
timestamp Date and time in UTC of the Alarm EpochMsTimestamp Required
Readonly

AlarmListResult (schema)

Alarm collection results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Alarm results array of Alarm Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AlarmQueryParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page)

A log cursor points to a specific line number in the alarm list		 integer
fields Fields to include in query results

Comma-separated field names to include in query result		 string
page_size Maximum number of results to return in this page (server may return fewer)

The page size determines the number of alarms to be returned		 integer Minimum: 0
Maximum: 100
Default: "100"

AlarmSource (schema)

Source of the Alarm

Name Description Type Notes
id Identifier of the Alarm source entity for e.g. Vpn session id, Vpn tunnel id etc. string Readonly
ip_address Ip address string Readonly
ip_address_type Ip address type v4, v6 etc. Readonly
Enum: IPV4, IPV6
local_ip VPN session/tunnel etc. local Ip(v4 or v6) address string Readonly
mount Filesystem mount name string Readonly
peer_ip VPN session/tunnel etc. peer Ip(v4 or v6) address string Readonly

AllAccountsStateInfo (schema)

State Information Of All Accounts

State Information of all accounts like synchronization in progress count.

Name Description Type Notes
sync_in_progress Sync In Progress Count

Number of cloud accounts for which inventory synchronization is in progress.
integer Readonly

AllAccountsStatistics (schema)

All Accounts Statistics

Stores statistics of all accounts managed by CSM.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
accounts_count Accounts Count

Count of the all accounts managed by CSM.		 integer Readonly
accounts_status Status Of All Accounts

Status of all accounts like synchronization in progress count.		 AllAccountsStateInfo Readonly
instance_stats Instance Statistics

Instance statistics accross all accounts managed by CSM.
InstanceStats Readonly
resource_type Resource Type

Optional identifier for listing all accounts statistics of a particular cloud
provider. Legal values are AwsAccount or AzureAccount.
string Enum: AwsAccount, AzureAccount

AllAccountsStatisticsListResult (schema)

All Accounts Statistics List Result

Stores statistics for all accounts managed by CSM.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Results array of AllAccountsStatistics
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AllAccountsStatisticsRequestParameters (schema)

All Accounts Statistics Request Parameters

A set of optional filter paramters to list all accounts statistics.

Name Description Type Notes
cloud_type Cloud Type

Optional identifier for cloud provider based on which all accounts
statistics are to be filtered. Legal values are AWS or AZURE.
string Enum: AWS, AZURE
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
resource_type Resource Type

Optional identifier for listing all accounts statistics of a particular cloud
provider. Legal values are AwsAccount or AzureAccount.
string Enum: AwsAccount, AzureAccount
sort_ascending boolean
sort_by Field by which records are sorted string

AllClusterGroupStatus (schema)

Status of all the cluster groups

A list of the statuses of all the groups in the cluster.

Name Description Type Notes
cluster_id UUID of the cluster string Readonly
groups Array of groups and their statuses array of ClusterGroupStatus Readonly
overall_status Overall status of the cluster string Readonly
Enum: STABLE, DEGRADED, UNAVAILABLE

AllocatedService (schema)

Name Description Type Notes
allocation_details Key-Value map of additional specific properties of services

Additional properties of a service, say the sub_pool_size and
sub_pool_type for a LoadBalancer.
array of KeyValuePair
high_availability_status HA Status of the service context node

Represents the active or the standby state of the service.		 string Readonly
Enum: ACTIVE, STANDBY, DOWN, SYNC, UNKNOWN
service_reference Id and Name of the service context configured on edge node. ResourceReference Required
Readonly

AllocationAction (schema)

Name Description Type Notes
action Specifies allocate or release action string Required
Enum: ALLOCATE, RELEASE

AllocationBasedOnFailureDomain (schema)

Placement based on failure domain of edge node

Auto place TIER1 logical routers, DHCP and MDProxy contexts on two edge
nodes (active and standby) from different failure domains.

Name Description Type Notes
action_type Must be set to the value AllocationBasedOnFailureDomain AllocationRuleActionType Required
enabled Flag to enable failure domain based allocation

Enable placement algorithm to consider failure domain of edge transport
nodes and place active and standby contexts in different failure domains.
boolean Default: "False"

AllocationIpAddress (schema)

Allocation parameters for the IP address (e.g. specific IP address) can be specified. Tags, display_name and description attributes are not supported in this release.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
allocation_id Address that is allocated from pool IPAddress Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value AllocationIpAddress string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AllocationIpAddressListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Pool allocation list results array of AllocationIpAddress Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AllocationPool (schema)

Name Description Type Notes
active_service_count Number of active services on edge node

Represents the number of acitve services running on the edge node.
int Readonly
standby_service_count Number of standby services on edge node

Represents the number of standby services running on the edge node.
int Readonly
sub_pools Edge node sub-pool allocation details

Allocation details of sub-pools configured on edge node.		 array of SubPool

AllocationPoolType (schema)

Types of logical router allocation pool based on services

Name Description Type Notes
AllocationPoolType Types of logical router allocation pool based on services string Enum: LoadBalancerAllocationPool

AllocationRule (schema)

Allocation rule on edge cluster

Allocation rule on edge cluster which will be considered in auto placement
of TIER1 logical routers, DHCP and MDProxy.

Name Description Type Notes
action Action for allocation rule

Set action for each allocation rule		 AllocationRuleAction
(Abstract type: pass one of the following concrete types)
AllocationBasedOnFailureDomain		 Required

AllocationRuleAction (schema)

Set action for allocation rule

Define action for each allocation rule which added on edge cluster.
This is an abstract type. Concrete child types:
AllocationBasedOnFailureDomain

Name Description Type Notes
action_type Type of action for allocation rule

Set action for each allocation rule on edge cluster which will help in
auto placement.
AllocationRuleActionType Required

AllocationRuleActionType (schema)

Type of action for allocation rule

Set action for each allocation rule on edge cluster which will help in auto
placement.

Name Description Type Notes
AllocationRuleActionType Type of action for allocation rule

Set action for each allocation rule on edge cluster which will help in auto
placement.
string Enum: AllocationBasedOnFailureDomain

ApiError (schema)

Detailed information about an API Error

Name Description Type Notes
details Further details about the error string
error_code A numeric error code integer
error_data Additional data about the error object
error_message A description of the error string
module_name The module name where the error occurred string
related_errors Other errors related to this error array of RelatedApiError

ApiRequestBody (schema)

API Request Body

API Request Body is an Event Source that represents an API request body that
is being reveived as part of an API. Supported Request Bodies are those received
as part of a PATCH/PUT/POST request.

Name Description Type Notes
resource_pointer Resource Pointer

Regex path representing a regex expression on resources. This regex is used
to identify the request body(ies) that is/are the source of the Event. For
instance: specifying "Lb* | /infra/tier-0s/vmc/ipsec-vpn-services/default"
as a source means that ANY resource starting with Lb or ANY resource with
"/infra/tier-0s/vmc/ipsec-vpn-services/default" as path would be the source
of the event in question.
string Required
resource_type Must be set to the value ApiRequestBody string Required
Enum: ResourceOperation, ApiRequestBody

ApiServiceConfig (schema)

Configuration of the API service

Properties that affect the configuration of the NSX API service.

Name Description Type Notes
cipher_suites Cipher suites used to secure contents of connection

The TLS cipher suites that the API service will negotiate.		 array of CipherSuite Minimum items: 1
client_api_concurrency_limit Client API rate limit in calls

The maximum number of concurrent API requests that will be serviced for a given authenticated client. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0.		 integer Minimum: 0
Default: "40"
client_api_rate_limit Client API rate limit in calls per second

The maximum number of API requests that will be serviced per second for a given authenticated client. If more API requests are received than can be serviced, a 429 Too Many Requests HTTP response will be returned. To disable API rate limiting, set this value to 0.		 integer Minimum: 0
Default: "100"
connection_timeout NSX connection timeout

NSX connection timeout, in seconds. To disable timeout, set to 0.		 integer Minimum: 0
Maximum: 2147483647
Default: "30"
global_api_concurrency_limit Global API rate limit in calls

The maximum number of concurrent API requests that will be serviced. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0.		 integer Minimum: 0
Default: "199"
lockout_immune_addresses IP addresses which are not subject to lockout on failed login attempts

The list of IP addresses which are not subjected to a lockout on failed login attempts.		 array of IPAddress
protocol_versions TLS protocol versions

The TLS protocol versions that the API service will negotiate.		 array of ProtocolVersion Minimum items: 1
redirect_host Hostname/IP to use in redirect headers

Host name or IP address to use for redirect location headers, or empty string to derive from current request. To disable, set redirect_host to the empty string ("").		 HostnameOrIPv4AddressOrEmptyString Default: ""
session_timeout NSX session inactivity timeout integer Minimum: 0
Maximum: 2147483647
Default: "1800"

AppDiscoveryAppProfileResultSummary (schema)

Application discovery result summary of an App Profile

Contains the application discovery result summary of the App Profile

Name Description Type Notes
app_profile_id ID of the App Profile string
display_name Name of the App Profile string
installed_apps_count Number of apps installed that belongs to this App Profile integer

AppDiscoverySession (schema)

Contains the details of an application discovery session

Contains the details of an application discovery session

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
end_timestamp End time of the session expressed in milliseconds since epoch EpochMsTimestamp
failed_reason The reason for the session status failure. string Readonly
id Unique identifier of this resource string Sortable
reclassification The reclassification status of the discovery session

Some App Profiles that were part of the discovery session could be modified or deleted |
after the session has been completed. NOT_REQUIRED status denotes that there were no such modifications. |
REQUIRED status denotes some App Profiles that were part of the session has been modified/deleted and some |
and some applications might not have been classfifed correctly. Use /session//reclassify API to|
re-classfy the applications discovered based on app profiles.
string Readonly
Enum: NOT_REQUIRED, REQUIRED
resource_type Must be set to the value AppDiscoverySession string
start_timestamp Start time of the session expressed in milliseconds since epoch EpochMsTimestamp
status The status of the session string Readonly
Enum: FAILED, RUNNING, FINISHED
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AppDiscoverySessionResultSummary (schema)

Contains the summary of the results of an application discovery session

Contains the summary of the results of an application discovery session

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
app_profile_summary_list List of App Profiles summary discovered in this session array of AppDiscoveryAppProfileResultSummary
app_profiles List of app profiles targeted to be classified for this session array of AppProfileMetaInfo
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
end_timestamp End time of the session expressed in milliseconds since epoch EpochMsTimestamp
failed_reason The reason for the session status failure. string Readonly
id Unique identifier of this resource string Sortable
ns_groups List of NSGroups provided for discovery for this session array of NSGroupMetaInfo
reclassification The reclassification status of the discovery session

Some App Profiles that were part of the discovery session could be modified or deleted |
after the session has been completed. NOT_REQUIRED status denotes that there were no such modifications. |
REQUIRED status denotes some App Profiles that were part of the session has been modified/deleted and some |
and some applications might not have been classfifed correctly. Use /session//reclassify API to|
re-classfy the applications discovered based on app profiles.
string Readonly
Enum: NOT_REQUIRED, REQUIRED
resource_type Must be set to the value AppDiscoverySessionResultSummary string
start_timestamp Start time of the session expressed in milliseconds since epoch EpochMsTimestamp
status The status of the session string Readonly
Enum: FAILED, RUNNING, FINISHED
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AppDiscoverySessionsListResult (schema)

Application discovery sessions list

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results AppProfile Sessions results array of AppDiscoverySession Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AppDiscoverySessionsParameters (schema)

Parameters to query session with, such as nsgroup id

Parameters to query application discovery sessions with.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
group_id NSGroup id, helps user query sessions related to one nsgroup string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
status Session Status, e.g. get all running sessions string Enum: STARTING, FAILED, RUNNING, FINISHED

AppDiscoveryVmInfo (schema)

AppDiscoveryVmInfo details

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
os_properties OS properties of the VM array of string
os_type OS type of the VM string Enum: INVALID, WINDOWS, LINUX
vm_external_id External Id of the VM string
vm_name Name of the VM string

AppDiscoveryVmInfoListResult (schema)

AppDiscoveryVmInfo list

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results list of AppDiscoveryVmInfos array of AppDiscoveryVmInfo Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AppInfo (schema)

AppInfo details

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
manufacturer Manufacturer of the app string
name Name of the app string
os_type OS type of VM the App belongs to string Enum: INVALID, WINDOWS, LINUX
resource_type Must be set to the value AppInfo string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
version Version of the app string
vm_ids Ids of the VMs in which this app is installed array of string

AppInfoHostVmCsvRecord (schema)

Name Description Type Notes
display_name Name of the app string Readonly
host_vms vm ids that this application belongs to string Readonly
id Id of the app string Readonly
manufacturer Manufacturer of the app string Readonly
os_type OS type of the VM string Enum: INVALID, WINDOWS, LINUX
version Version of the app string Readonly

AppInfoHostVmListInCsvFormat (schema)

Name Description Type Notes
file_name File name

File name set by HTTP server if API returns CSV result as a file.		 string
results List of appplications discovered during an application discovery session array of AppInfoHostVmCsvRecord

AppInfoListResult (schema)

AppInfo Sessions list results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Application details corresponding to the App Profile array of AppInfo Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AppProfile (schema)

AppProfile details

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
app_profile_category Category of the app profile, value could be any string that describes the profile string
app_profile_criteria Criteria of the app profile, value could be any string or "*" (match any string) array of string Required
default_app_profile True if this App Profile is a default profile (automatically created by the system) boolean
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value AppProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AppProfileDeleteRequestParameters (schema)

AppProfile delete request parameters

Name Description Type Notes
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"

AppProfileListRequestParameters (schema)

Parameters to query app profiles with

Parameters to query app profiles with.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

AppProfileListResult (schema)

App Profile ID list

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results AppProfile IDs array of AppProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AppProfileMemberAppsCsvRecord (schema)

Name Description Type Notes
app_profile_category Category of the app profile, value could be any string that describes the profile string Readonly
app_profile_criteria Criteria of the app profile, value could be any string or "*" (match any string) string Readonly
description Description of the app profile string Readonly
display_name Name of the app profile string Readonly
member_apps Applications that are member of this app profile string Readonly

AppProfileMemberAppsListInCsvFormat (schema)

Name Description Type Notes
file_name File name

File name set by HTTP server if API returns CSV result as a file.		 string
results List of app profiles for an application discovery session array of AppProfileMemberAppsCsvRecord

AppProfileMetaInfo (schema)

Metadata about App Profile

Contains the metadata of an App Profile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
app_profile_category Categories of the app profile string
app_profile_id ID of the App Profile string
app_profile_name Name of the App Profile string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value AppProfileMetaInfo string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ApplianceManagementSuppressRedirectQueryParameter (schema)

Name Description Type Notes
suppress_redirect Suppress redirect status if applicable

Do not return a redirect HTTP status.		 boolean Default: "False"

ApplianceManagementTaskListResult (schema)

Appliance management task query results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Task property results array of ApplianceManagementTaskProperties Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ApplianceManagementTaskProperties (schema)

Appliance management task properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
async_response_available True if response for asynchronous request is available boolean Readonly
cancelable True if this task can be canceled boolean Readonly
description Description of the task string Readonly
details Details about the task if known object Readonly
end_time The end time of the task in epoch milliseconds EpochMsTimestamp Readonly
id Identifier for this task string Readonly
Pattern: "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}_[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$"
message A message describing the disposition of the task string Readonly
progress Task progress if known, from 0 to 100 integer Readonly
Minimum: 0
Maximum: 100
request_method HTTP request method string Readonly
request_uri URI of the method invocation that spawned this task string Readonly
start_time The start time of the task in epoch milliseconds EpochMsTimestamp Readonly
status Current status of the task ApplianceManagementTaskStatus Readonly
user Name of the user who created this task string Readonly

ApplianceManagementTaskQueryParameters (schema)

Name Description Type Notes
fields Fields to include in query results

Comma-separated field names to include in query result		 string
request_method Request method(s) to include in query result

Comma-separated request methods to include in query result		 string Pattern: "^(=|!=|~|!~)?.+$"
request_path Request URI path(s) to include in query result

Comma-separated request paths to include in query result		 string Pattern: "^(=|!=|~|!~)?.+$"
request_uri Request URI(s) to include in query result

Comma-separated request URIs to include in query result		 string Pattern: "^(=|!=|~|!~)?.+$"
status Status(es) to include in query result

Comma-separated status values to include in query result		 string Pattern: "^(=|!=|~|!~)?.+$"
user Names of users to include in query result

Comma-separated user names to include in query result		 string Pattern: "^(=|!=|~|!~)?.+$"

ApplianceManagementTaskStatus (schema)

Current status of the appliance management task

Name Description Type Notes
ApplianceManagementTaskStatus Current status of the appliance management task string Enum: running, error, success, canceling, canceled, killed

ApplicationProfileType (schema)

application profile type

An application profile can be bound to a virtual server
to specify the application protocol characteristics. It is used to
influence how load balancing is performed. Currently, three types of
application profiles are supported: LbFastTCPProfile,
LbFastUDPProfile and LbHttpProfile.
LbFastTCPProfile or LbFastUDPProfile is typically
used when the application is using a custom protocol or a standard protocol
not supported by the load balancer. It is also used in cases where the user
only wants L4 load balancing mainly because L4 load balancing has much
higher performance and scalability, and/or supports connection mirroring.
LbHttpProfile is used for both HTTP and HTTPS applications.
Though application rules, if bound to the virtual server, can be used
to accomplish the same goal, LbHttpProfile is intended to
simplify enabling certain common use cases.

Name Description Type Notes
ApplicationProfileType application profile type

An application profile can be bound to a virtual server
to specify the application protocol characteristics. It is used to
influence how load balancing is performed. Currently, three types of
application profiles are supported: LbFastTCPProfile,
LbFastUDPProfile and LbHttpProfile.
LbFastTCPProfile or LbFastUDPProfile is typically
used when the application is using a custom protocol or a standard protocol
not supported by the load balancer. It is also used in cases where the user
only wants L4 load balancing mainly because L4 load balancing has much
higher performance and scalability, and/or supports connection mirroring.
LbHttpProfile is used for both HTTP and HTTPS applications.
Though application rules, if bound to the virtual server, can be used
to accomplish the same goal, LbHttpProfile is intended to
simplify enabling certain common use cases.
string Enum: LbHttpProfile, LbFastTcpProfile, LbFastUdpProfile

AppliedTos (schema)

Entities Applied to Profile

Entity lists where the profile will be enabled on.

Name Description Type Notes
logical_ports Logical Port List array of ResourceReference
logical_switches Logical Switch List array of ResourceReference
nsgroups NSGroup List array of ResourceReference

ArpHeader (schema)

Name Description Type Notes
dst_ip The destination IP address IPv4Address Required
op_code Arp message type

This field specifies the nature of the Arp message being sent.		 string Required
Enum: ARP_REQUEST, ARP_REPLY
Default: "ARP_REQUEST"
src_ip The source IP address

This field specifies the IP address of the sender. If omitted, the src_ip is set to 0.0.0.0.		 IPv4Address

ArpSnoopingConfig (schema)

ARP Snooping Configuration

Contains ARP snooping related configuration.

Name Description Type Notes
arp_binding_limit Maximum number of ARP bindings

Number of arp snooped IP addresses
Indicates the number of arp snooped IP addresses to be remembered
per LogicalPort. Decreasing this value, will retain the latest
bindings from the existing list of address bindings. Increasing this
value will retain existing bindings and also learn any new address
bindings discovered on the port until the new limit is reached.
int Minimum: 1
Maximum: 256
Default: "1"
arp_snooping_enabled Is ARP snooping enabled or not

Indicates whether ARP snooping is enabled		 boolean Default: "True"

AssignedByDhcp (schema)

DHCP based IP assignment.

This type can be specified in ip assignment spec of host switch if DHCP based IP assignment is desired for host switch virtual tunnel endpoints.

Name Description Type Notes
resource_type Must be set to the value AssignedByDhcp string Required
Enum: StaticIpPoolSpec, StaticIpListSpec, AssignedByDhcp, StaticIpMacListSpec

AssociationListRequestParameters (schema)

Association list request parameters

Name Description Type Notes
associated_resource_type Type of the associated resources AssociationTargetType Required
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
fetch_ancestors Fetch complete list of associated resources considering containment and nesting

If set to true, will fetch direct as well as
indirect(considering containment as well as nesting)
associated objects for the given source Id.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
resource_id The resource for which associated resources are to be fetched string Required
resource_type Type of the resource for which associated resources are to be fetched AssociationSourceType Required
sort_ascending boolean
sort_by Field by which records are sorted string

AssociationListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of ResourceReference array of ResourceReference Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AssociationSourceType (schema)

Resource type valid for use as source in association API

Name Description Type Notes
AssociationSourceType Resource type valid for use as source in association API string Enum: NSGroup, IPSet, MACSet, LogicalSwitch, LogicalPort, VirtualMachine, DirectoryGroup, VirtualNetworkInterface, TransportNode

AssociationTargetType (schema)

Resource type valid for use as target in association API

Name Description Type Notes
AssociationTargetType Resource type valid for use as target in association API string Enum: NSGroup

AttachmentContext (schema)

This is an abstract type. Concrete child types:
L2VpnAttachmentContext
VifAttachmentContext

Name Description Type Notes
allocate_addresses A flag to indicate whether to allocate addresses from allocation pools bound to the parent logical switch. string Enum: IpPool, MacPool, Both, None
resource_type Used to identify which concrete class it is string Required

AttachmentType (schema)

Type of attachment for logical port.

Name Description Type Notes
AttachmentType Type of attachment for logical port. string Enum: VIF, LOGICALROUTER, BRIDGEENDPOINT, DHCP_SERVICE, METADATA_PROXY, L2VPN_SESSION

AttachmentTypeQueryString (schema)

Type of attachment for logical port; for query only.

Name Description Type Notes
AttachmentTypeQueryString Type of attachment for logical port; for query only. string Enum: VIF, LOGICALROUTER, BRIDGEENDPOINT, DHCP_SERVICE, METADATA_PROXY, L2VPN_SESSION, NONE

Attribute (schema)

Attributes

Attribute specific to a partner. There attributes are passed on to the partner appliance and is opaque to the NSX Manager. The Attributes used by the partner applicance.

Name Description Type Notes
attribute_type Attributetype.

Attribute Type can be of any of the allowed enum type.		 string Enum: IP_ADDRESS, PORT, PASSWORD, STRING, LONG, BOOLEAN
display_name Display name

Attribute display name string value.		 string
key key

Attribute key string value.		 string Required
read_only read only

Read only Attribute cannot be overdidden by service instance/deployment.		 boolean Default: "False"
value value

Attribute value string value.		 string

AttributeVal (schema)

Attribute values of realized type

Contains type specific properties of generic realized entity

Name Description Type Notes
data_type Datatype of property represented by this attribute

Datatype of the property		 string Required
Readonly
Enum: STRING, DATE, INTEGER, BOOLEAN
key Key for the attribute value

Attribute key		 string
multivalue multivalue flag

If attribute has a single value or collection of values		 boolean Readonly
values List of values for the attribute

List of attribute values		 array of string Readonly

AuditLog (schema)

Audit log in RFC5424 format

Name Description Type Notes
appname Application name field of the log string Required
facility Facility field of the log integer Required
full_log Full log with both header and message string Required
hostname Hostname field of the log string Required
message Message field of the log string Required
msgid Message ID field of the log string Required
priority Priority field of the log integer Required
procid Process ID field of the log integer Required
struct_data Structured data field of the log StructuredData Required
timestamp Date and time in UTC of the log string Required

AuditLogListResult (schema)

Audit log collection results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
last_full_sync_timestamp Timestamp of the last full audit log collection string Required
result_count Count of results found (across all pages), set only on first page integer Readonly
results Audit log results array of AuditLog Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AuditLogQueryParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page)

A log cursor points to a specific line number in the master audit log		 integer
fields Fields to include in query results

Comma-separated field names to include in query result		 string
page_size Maximum number of results to return in this page (server may return fewer)

The page size determines the number of logs to be returned		 integer Minimum: 0
Maximum: 100
Default: "100"

AuditLogRequest (schema)

Name Description Type Notes
log_age_limit Include logs with timstamps not past the age limit in days integer Minimum: 0
log_filter Audit logs should meet the filter condition string
log_filter_type Type of log filter string Enum: TEXT, REGEX
Default: "TEXT"

AuthenticationPolicyProperties (schema)

Configuration of authentication policies for the NSX node

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
api_failed_auth_lockout_period Lockout period in seconds

Once a lockout occurs, the account remains locked out of the API for this time period. Only applies to NSX Manager nodes. Ignored on other node types.		 integer Minimum: 0
Default: "900"
api_failed_auth_reset_period Period, in seconds, for authentication failures to trigger lockout

In order to trigger an account lockout, all authentication failures must occur in this time window. If the reset period expires, the failed login count is reset to zero. Only applies to NSX Manager nodes. Ignored on other node types.		 integer Minimum: 0
Default: "900"
api_max_auth_failures Number of authentication failures that trigger API lockout

Only applies to NSX Manager nodes. Ignored on other node types.		 integer Minimum: 0
Default: "5"
cli_failed_auth_lockout_period Lockout period in seconds

Once a lockout occurs, the account remains locked out of the CLI for this time period. While the lockout period is in effect, additional authentication attempts restart the lockout period, even if a valid password is specified.		 integer Minimum: 0
Default: "900"
cli_max_auth_failures Number of authentication failures that trigger CLI lockout integer Minimum: 0
Default: "5"
minimum_password_length Minimum number of characters required in account passwords integer Minimum: 8
Default: "8"

AuthenticationScheme (schema)

Name Description Type Notes
scheme_name Authentication scheme name string Required

AwsAccount (schema)

AWS account

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
access_key Access key of cloud account

This field is DEPRECATED. Please use the field credentials.		 string Deprecated
auth_mechanism_iam Is the AWS authorization mechanism based on Identity and Access Management(IAM) service?

This field is DEPRECATED. Please use the field auth_method.		 boolean Deprecated
auth_method AWS account authorization method

This property conveys the authorization method to use. Appropriate
credentials/parameters will be expected based on this method selection.
string Readonly
Enum: CREDENTIALS
auth_users Authrized Users

List of authorized users.		 array of CloudUserInfo Readonly
cloud_type Cloud Type string Required
Enum: AWS, AZURE, GOOGLE
credentials AWS Credentials

Credentials of AWS Account.		 AwsCredentials Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id External id for the IAM role csm needs to assume

This field is DEPRECATED. Please use the field credentials.		 string Deprecated
gateway_role_name Gateway Role Name

This field is DEPRECATED. Please use the field credentials.
string Deprecated
has_managed_vpc Has a managed VPC?

This field is DEPRECATED. Please use vpc_stats to get the number of
managed VPCs.
boolean Deprecated
Readonly
iam_role_arn Amazon Resource Name for IAM role CSM needs to assume

This field is DEPRECATED. Please use the field credentials.		 string Deprecated
id Unique identifier of this resource string Sortable
instance_stats Instance statistics

Stores statistics of the number of managed, unmanaged and error virtual
machines.
InstanceStats Readonly
regions_count AWS Regions Count

Count of the AWS regions which have atleast one VPC created.		 integer Readonly
resource_type Must be set to the value AwsAccount string
secret_key Secret key of cloud account

This field is DEPRECATED. Please use the field credentials.		 string Deprecated
status Status of the account AwsAccountStatus Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tenant_id Tenant ID

Tenant ID of the cloud account.		 string Readonly
vpc_stats VPC statistics VpcStats Readonly

AwsAccountStatus (schema)

AWS account status

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
credentials_status Credentials Status

Status of the cloud account credentials synced at the auto interval.
string Readonly
Enum: VALID, INVALID
error_message Error encountered while syncing AWS inventory

Error encountered while syncing AWS inventory such as read timeout.		 string Readonly
inventory_sync_status Inventory Synchronization Status

Status of inventory synchronization process.		 string Readonly
Enum: SYNCED, IN_PROGRESS
inventory_sync_step Inventory sync step

Step of the inventory synchronization process		 string Readonly
Enum: SYNCING_AWS_REGIONS, SYNCING_AWS_VPCS, SYNCING_AWS_AZS, SYNCING_VMS, SYNCING_NSX_DATA, SYNCING_AWS_GATEWAYS, SYNCING_MANAGED_INSTANCES, NOT_APPLICABLE

AwsAccountsListRequestParameters (schema)

These parameters will be used to filter the list of accounts.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_id Identifier for region based on which accounts statistics will be aggregated. Using this request parameter will return only all_accounts_vpc_stats and all_accounts_instance_stats properties. string
sort_ascending boolean
sort_by Field by which records are sorted string

AwsAccountsListResult (schema)

Cloud accounts list

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
all_accounts_instance_stats Instance statistics

This field is DEPRECATED. To obtain statistics about instances, use the
GET /csm/accounts/statistics API.
InstanceStats Deprecated
Readonly
all_accounts_vpc_stats VPC statistics

This field is DEPRECATED. To obtain statistics about VPCs, use the
GET /csm/accounts/statistics API.
VpcStats Deprecated
Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results AWS accounts list result array of AwsAccount Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AwsAvailabilityZoneInfo (schema)

Availability Zone information

Name Description Type Notes
display_name Display name of the availability zone string Readonly
id ID of the availability zone string Readonly

AwsComputeVpcConfig (schema)

AWS Compute VPC Configuration

Stores the parameters required for linking compute VPC
with a transit VPC

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
account_id AWS Account ID

AWS account ID related to the compute VPC. This field is
deprecated. Field account_id can be learnt using vpc_id.
GET /csm/aws/vpcs/ API returns associated_account_ids.
Hence, this field is optional.
string Deprecated
cloud_fallback_security_group_id Id of Cloud Security Group

Id of security group where the VMs should be moved after last gateway
undeployed. This field is required only when
default_quarantine_policy_enabled field is set to false.
string
configuration AWS Transit VPC Configuration

All the required informations regarding a transit VPC
will be absorbed as a part of this field.
AwsTransitVpcConfig Required
default_quarantine_policy_enabled Flag to Identify if Default Quarantine Policy is Enabled

Flag to convey if virtual machines belonging to the compute
virtual private cloud should be quarantined or not.
boolean Default: "False"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
managed_without_agents Managed Without NSX Agents

This flag determines if this compute virtual private cloud is managed
with or without NSX agents.
boolean Default: "False"
resource_type Must be set to the value AwsComputeVpcConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AwsComputeVpcListRequestParameters (schema)

These paramaters will be used to filter the list of compute VPCs.
Multiple parameters can be given as input to 'AND' them.

Name Description Type Notes
account_id AWS account ID

Identifier for account based on which compute VPCs are to be filtered.
string
associated_transit_vpc_id Transit VPC ID

Identifier for filtering all the compute VPCs which are NSX managed
by the given transit VPC.
string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
vpc_id VPC ID

Identifier for VPC based on which the list can be filtered or can be
used to validate that hierarchy is correct
string

AwsComputeVpcListResult (schema)

Compute Vpc list

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of Compute VPC

Array of Compute VPCs		 array of AwsComputeVpcConfig
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AwsComputeVpcStatus (schema)

VPC Status

Stores onboard and offboard status of AWS VPC. There are 4 states in
onboarding a VPC using transit VPC and the corresponding states in
sequence are VALIDATING_ENVIRONMENT, CREATING_SECURITY_GROUPS,
CONFIGURING_GATEWAY and ONBOARD_SUCCESSFUL. There are 3 states in
offboarding a VPC and the corresponding states in sequence are
UNCONFIGURING_GATEWAY, DELETING_SECURITY_GROUPS and OFFBOARD_SUCCESSFUL.
The state of failure in onboarding or offboarding is indicated
by ONBOARD_FAILED and OFFBOARD_FAILED.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
configuration AWS VPC Config

Stores AWS VPC configuration.
AwsVpcConfig
error_code Error Code

Error code related to virtual private cloud
Onboard/Offboard failure.
integer Readonly
error_message Error Message

Error message related to virtual private cloud
Onboard/Offboard failure.
string Readonly
offboard_step States of Virtual Private Cloud While OffBoard

Stores the different states of virtual private cloud while
offboarding from a transit virtual private cloud.
string Readonly
Enum: UNCONFIGURING_GATEWAY, DELETING_SECURITY_GROUPS, OFFBOARD_SUCCESSFUL, OFFBOARD_FAILED, NOT_APPLICABLE
onboard_step States of Virtual Private Cloud While Onboard

Stores the different states of virtual private cloud while
onboarding using a transit virtual private cloud.
string Readonly
Enum: VALIDATING_ENVIRONMENT, CREATING_SECURITY_GROUPS, CONFIGURING_GATEWAY, ONBOARD_SUCCESSFUL, ONBOARD_FAILED, NOT_APPLICABLE
status Virtual Private Cloud Status

Indicates the status of a virtual private cloud.
UP: virtual private cloud is NSX managed.
DOWN: virtual private cloud is NSX managed with errors.
ONBOARDING: virtual private cloud is in the process of
onboarding using a transit virtual private cloud.
OFFBOARDING: virtual private cloud is in the process of
offboarding from a transit virtual private cloud.
NOT_APPLICABLE: virtual private cloud is NSX unmanaged.
string Readonly
Enum: UP, DOWN, ONBOARDING, OFFBOARDING, NOT_APPLICABLE
virtual_private_cloud_name Virtual Private Cloud Name

Name of the transit virtual private cloud.
string Readonly

AwsCredentials (schema)

AWS Account Credentials

Stores information about AWS account credentials.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
access_key Access Key

Access key of the AWS account.		 string
gateway_role Gateway Role Name

Name of the IAM service role that should be attached to the Cloud
Gateways deployed in the AWS account. Based on the permissions in the
role, the gateways will have access to resources in the AWS account.
string
secret_key Secret Key

Secret key of the AWS account.		 string

AwsGatewayAmiInfo (schema)

Aws Gateway Ami Information

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
ami_id AMI id

The ID of the Amazon Machine Image		 string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
region_id Name of the Aws Region in which ami is present string Required
resource_type Must be set to the value AwsGatewayAmiInfo string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AwsGatewayAmisListRequestParameters (schema)

These paramaters will be used to filter the list of AWS Gateway AMIs.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_id Identifier for region based on which list of AWS Gateway AMIs will be obtained string
sort_ascending boolean
sort_by Field by which records are sorted string

AwsGatewayAmisListResult (schema)

List of Aws Gateway amis

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Aws Gateway amis list array of AwsGatewayAmiInfo
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AwsGatewayConfig (schema)

AWS gateway configuration

Stores AWS gateway configuration like ami_id, key_pair_name and
gateway_ha_configuration.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
ami_id AMI id

The ID of the Amazon Machine Image on which this gateway resides
string
cloud_fallback_security_group_id Id of cloud security group

Id of security group where the VMs should be moved after last gateway
undeployed.
string
default_quarantine_policy_enabled Flag to identify if default quarantine policy is enabled boolean Default: "False"
dns_settings DNS settings

Settings related to Cloud gateway DNS configuration. This determines
DNS configuration based on dns_mode.
DnsSettings
gateway_ha_configuration Aws Gateway HA configuration array of AwsGatewayHaConfig
is_ha_enabled Flag to identify if HA is enabled boolean
key_pair_name The key pair name required to authenticate into any instance string
managed_without_agents Managed Without NSX Agents

This flag determines if this virtual private cloud is managed with or
without NSX agents. This flag is applicable only for this network.
If this virtual private cloud is being managed without NSX agents,
quarantine state and threat state will be NOT_APPLICABLE for all the
virtual machines under it.
boolean Default: "False"
nsx_manager_connection NSX Manager connection

Determines if connection to NSX Manager is via public IP or private IP
string Enum: PUBLIC_IP, PRIVATE_IP
proxy_server_profile Id of the proxy server profile

Id of the proxy server profile, corresponding proxy settings
will be applied while deploying the gateway.
string
target_disk_size Target Disk Size

This is the target disk size of the PCG appliance in GB. Based on this
an additional disk is attached to the PCG appliance, if required.
The supported size is 191 GB and this property should only be modified
post upgrade for exisiting PCG appliances.
integer
vpn_service_enabled Flag to enable or disable inter-operation with services via VPN

Flag that will enable or disable inter-operation between NSX and
non-NSX services via VPN.
boolean Default: "True"

AwsGatewayDeployConfig (schema)

Aws gateway deployment configuration

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
account_id ID of the Aws account string Required
configuration Configuration of this gateway AwsGatewayConfig Readonly
vpc_id ID of the vpc string Required

AwsGatewayHaConfig (schema)

AWS subnet configuration to deploy gateways

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
availability_zone Availability Zone string Required
downlink_subnet Downlink subnet string Required
gateway_ha_index Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway. integer Required
management_subnet Management subnet string Required
public_ip_settings Public IP settings for management interface

Stores settings related to AWS gateway Public IP configuration.
The public_ip will be attached to management interface of the
gateway, based on the value of ip_allocation_mode.
GatewayPublicIp
uplink_public_ip_settings Public IP settings for uplink interface

Stores settings related to AWS gateway Public IP configuration.
The public_ip will be attached to uplink interface of
the primary gateway, based on the value of ip_allocation_mode.
GatewayPublicIp
uplink_subnet Uplink subnet string Required

AwsGatewayInfo (schema)

AWS Gateway Information

Stores AWS gateway information like configuration and status.

Name Description Type Notes
configuration Gateway Configuration

Configuration of AWS gateway		 AwsGatewayConfig Readonly
csm_ip_address Cloud service manager IP address

Cloud service manager IP address used to communicate
with the AWS Vpc gateways.
string Readonly
gateway_status Gateway Status

Array of gateway statuses		 AwsGatewayStatus Readonly

AwsGatewayInstanceStatus (schema)

AWS gateway instance status

Stores information about AWS gateway instance status

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
configuration_operation_status Status of different gateway configuration operations

This property provides a consolidated status of supported gateway
configuration operations.
GatewayConfigOperationStatus Readonly
deployment_step Different states of gateway deployment string Readonly
Enum: VALIDATING_ENVIRONMENT, COPYING_IMAGE, CREATING_SECURITY_GROUPS, LAUNCHING_GATEWAY, CREATING_NETWORK_INTERFACES, ATTACHING_NETWORK_INTERFACES, ATTACHING_SECURITY_GROUPS, CONFIGURING_GATEWAY, CREATING_LOGICAL_NETWORK_CONSTRUCTS, DEPLOYMENT_SUCCESSFUL, DEPLOYMENT_FAILED, UNCONFIGURING_GATEWAY, RELEASING_EIPS, TERMINATING_GATEWAY, DELETING_SECURITY_GROUPS, DELETING_CLOUD_RESOURCES, UNDEPLOYMENT_SUCCESSFUL, UNDEPLOYMENT_FAILED, NOT_APPLICABLE
error_code Error code for gateway operation failure integer Readonly
error_message Error message for gateway operation failure string Readonly
gateway_ha_index Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway. integer
gateway_instance_id ID of the gateway instance string
gateway_lcp_connectivity_status Gateway to NSX Controller connectivity status

Status of connectivity between NSX controller and public cloud gateway.
string Readonly
Enum: UP, DOWN, DEGRADED, UNKNOWN
gateway_mpa_connectivity_status Gateway to NSX Manager connectivity status

Status of connectivity between NSX manager and public cloud gateway.
string Readonly
Enum: UP, DOWN, UNKNOWN
gateway_name Name of the gateway instance string
gateway_node_id NSX Node ID of the public cloud gateway string
gateway_status Gateway instance status string Readonly
Enum: UP, DOWN, DEPLOYING, NOT_AVAILABLE, UNDEPLOYING
gateway_tn_id NSX transport node id of the public cloud gateway string
is_gateway_active Flag to identify if this is an active gateway boolean Readonly
private_ip Private IP address of the virtual machine string Readonly
public_ip Public IP address of the virtual machine string Readonly
vpn_private_ip VPN Private IP address

Private IP address of the virtual machine for VPN		 string Readonly

AwsGatewayStatus (schema)

AWS Gateway Status

Stores AWS gateway status related information

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
gateway_cluster_id NSX gateway cluster ID

Cluster ID of NSX gateway		 string
gateway_instances_status Gateway Instances Status

Array of gateway instances statuses		 array of AwsGatewayInstanceStatus Readonly

AwsGatewayUndeployConfig (schema)

Aws gateway undeployment configuration

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
account_id ID of the Aws account string Required
instance_id ID of the gateway instance string Required

AwsGatewaysListRequestParameters (schema)

These paramaters will be used to filter the list of Aws Gateways.
Multiple parameters can be given as input to 'AND' them.

Name Description Type Notes
account_id Account ID

Optional identifier for account based on which AWS gateways list can be
filtered.
string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_id Region ID

Optional identifier for region based on which AWS gateways list can be
filtered.
string
sort_ascending boolean
sort_by Field by which records are sorted string
vpc_id VPC ID

Optional identifier for vpc based on which AWS gateways list can be
filtered.
string

AwsGatewaysListResult (schema)

AWS Gateways List Result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Vpc list array of AwsGatewayDeployConfig
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AwsKeyPair (schema)

Aws Key Pair

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
name Name of the Aws Key Pair string Required

AwsKeyPairList (schema)

List of Aws Key Pairs

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Aws Key Pairs list array of AwsKeyPair
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AwsKeyPairListRequestParameters (schema)

These paramaters will be used to filter the list of subnets.
Multiple parameters can be given as input to 'AND' them.

Name Description Type Notes
account_id Identifier for account based on which list of key pairs will be obtained string Required
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_id Identifier for region based on which list of key pairs will be obtained string Required
sort_ascending boolean
sort_by Field by which records are sorted string

AwsPublicIpListResult (schema)

Aws Public IP List Result

Stores a list of Aws public IPs.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results AWS public IP

Array of Aws public IPs.
array of string Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AwsRegion (schema)

Aws Region Information

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
associated_account_ids Associated AWS Account IDs

Array of associated AWS account IDs.		 array of string
availability_zones Availability zones under this region array of AwsAvailabilityZoneInfo Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
gateway_stats Gateway statistics GatewayStats Readonly
has_managed_vpc Has a managed VPC? boolean Readonly
id Unique identifier of this resource string Sortable
instance_stats Instance statistics InstanceStats Readonly
resource_type Must be set to the value AwsRegion string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
vpc_stats VPC statistics VpcStats Readonly

AwsRegionsListRequestParameters (schema)

These paramaters will be used to filter the list of regions.
Multiple parameters can be given as input to 'AND' them.

Name Description Type Notes
account_id Identifier for account based on which regions are to be filtered string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_id Identifier for region based on which the list can be filtered or can be used to validate that hierarchy is correct string
sort_ascending boolean
sort_by Field by which records are sorted string

AwsRegionsListResult (schema)

AwsRegions list

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Aws Regions list result array of AwsRegion
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AwsResourcesListRequestParameters (schema)

Aws Resource List Request Parameters

A set of filter parameters to list Aws resources. Multiple parameters
can be given as input to 'AND' them.

Name Description Type Notes
account_id Account ID

Mandatory identifier for account based on which resources are
to be filtered.
string Required
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_id Region ID

Optional identifier for region based on which resources
are to be filtered.
string
sort_ascending boolean
sort_by Field by which records are sorted string

AwsSecurityGroup (schema)

AWS Security Group

Stores information about an AWS security group.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cloud_tags Cloud Tags

Array of tags associated to a cloud security group.
array of CloudTag Readonly
description Security Group Description

Description of AWS security group.		 string Readonly
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
inbound_rules Inbound Rules

Array of inbound rules of the AWS security group.		 array of AwsSecurityGroupRule Readonly
is_managed_by_nsx Is Managed By NSX

If the flag is true, the cloud security group is managed by NSX.
boolean Readonly
nsx_security_group NSX Security Group

Stores information about the NSX security group corresponding to the
AWS security group.
SecurityGroup Readonly
outbound_rules Outbound Rules

Array of outbound rules of the AWS security group.		 array of AwsSecurityGroupRule Readonly
region_id Region ID

ID of the cloud region.		 string Readonly
resource_type Must be set to the value AwsSecurityGroup string Required
security_group_id Security Group ID

ID of the cloud security group.		 string Readonly
security_group_name Security Group Name

Name of the cloud security group.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AwsSecurityGroupRule (schema)

AWS Security Group Rule

Stores information about an AWS security group rule.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
description Description of this resource string Maximum length: 1024
Sortable
destination Destination

Destination corresponding to the cloud security group rule.
string Readonly
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
port_range Port Range

Port range corresponding to the cloud security group rule.
string Readonly
protocol Protocol

Protocol corresponding to the cloud security group rule.
string Readonly
resource_type Must be set to the value AwsSecurityGroupRule string Required
source Source

Source corresponding to the cloud security group rule.
string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
type Type

Type of AWS security group rule.		 string Readonly

AwsSecurityGroupsListRequestParameters (schema)

Aws Security Groups List Request Parameters

A set of filter parameters to list Aws security groups. Multiple parameters
can be given as input to 'AND' them.

Name Description Type Notes
account_id Account ID

Mandatory identifier for account based on which resources are
to be filtered.
string Required
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_id Region ID

Optional identifier for region based on which resources
are to be filtered.
string
sort_ascending boolean
sort_by Field by which records are sorted string
vpc_id Region ID

Optional identifier for region based on which resources
are to be filtered.
string Required

AwsSecurityGroupsListResult (schema)

AWS Security Groups List Result

Stores a list of AWS security groups.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Results

Array of AWS security groups.		 array of AwsSecurityGroup
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AwsServiceEndpoint (schema)

AWS Service Endpoint

Stores information about any service endpoint which is provided by AWS. NSX
supported services are currently limited to Simple Storage Service (S3),
Relational Database Service (RDS), DynamoDB and Elastic Load Balancing.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cidrs CIDRs

Array of CIDRs associated to an AWS service.
array of string Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
nsx_security_groups NSX security groups array

Stores an array of NSX security groups associated to this cloud service
endpoint.
array of SecurityGroup Readonly
resource_type Must be set to the value AwsServiceEndpoint string Required
service_endpoint_id Service Endpoint ID

Cloud provided ID of the service endpoint.		 string Readonly
service_endpoint_type Service Endpoint Type

Cloud provided type of the service endpoint.		 string Readonly
service_name Service Name

Name of the cloud service the endpoint is associated with.		 string Readonly
service_type Service type

Stores the type of AWS service corresponding to this endpoint.
AWS_RDS - Amazon Relational Database Service
AWS_DYNAMODB - Amazon DynamoDB
AWS_S3 - Amazon Simple Storage Service
AWS_ELB - Amazon Elastic Load Balancer
string Readonly
Enum: AWS_RDS, AWS_DYNAMODB, AWS_S3, AWS_ELB
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AwsServiceEndpointsListResult (schema)

AWS Service Endpoints List Result

Stores a list of service endpoints which are provided by AWS with
information about each of them. NSX supported services are currently
limited to Simple Storage Service (S3), Relational Database Service (RDS),
DynamoDB and Elastic Load Balancing.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Results

Array of AWS service endpoints.		 array of AwsServiceEndpoint
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AwsSubnet (schema)

Aws subnet

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
availability_zone string
cidr IPV4 CIDR Block for the Vpc string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id ID of subnet string Required
resource_type Must be set to the value AwsSubnet string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
vpc_id ID of the vpc string Required

AwsSubnetListRequestParameters (schema)

These paramaters will be used to filter the list of subnets.
Multiple parameters can be given as input to 'AND' them.

Name Description Type Notes
account_id Identifier for account based on which subnets are to be filtered string Required
availability_zone_name Identifier for availability zone based on which subnets are to be filtered string Required
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_name Identifier for region based on which subnets are to be filtered

This field is DEPRECATED. region_name will be learnt from vpc_id
information.
string Deprecated
sort_ascending boolean
sort_by Field by which records are sorted string
vpc_id Identifier for vpc based on which subnets are to be filtered string Required

AwsSubnetListResult (schema)

Aws subnets list

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Aws subnets list result array of AwsSubnet Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AwsTransitVpcConfig (schema)

AWS Transit VPC Configuration

Stores the account IDs and VPC ID related to
the transit VPC.

Name Description Type Notes
account_id AWS account ID

AWS account ID of the transit VPC. This field is
deprecated. Field account_id can be learnt using vpc_id.
GET /csm/aws/vpcs/ API returns associated_account_ids.
Hence, this field is optional.
string Deprecated
vpc_id VPC ID

VPC ID of the transit VPC.		 string Required

AwsTransitVpcInfo (schema)

AWS Transit VPC Information

Stores the account ID and VPC ID related to the transit VPC. A transit VPC is a AWS VPC in which public cloud gateways are deployed and is managing the workload VMs present in other compute VPCs.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
associated_account_ids Array of Cloud Account IDs

Cloud account ID related to the virtual private cloud.
array of string Required
Readonly
virtual_private_cloud_id Virtual Private Cloud ID

Virtual private cloud ID of the corresponding cloud.
string Required
Readonly
virtual_private_cloud_name Virtual Private Cloud name

Virtual private cloud name of the corresponding cloud.
string Required
Readonly

AwsVirtualMachine (schema)

Aws Virtual Machine Information

Stores information about a AWS Virtual Machine

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
agent_status Agent Status

UP - NSX Agent is up and running
DOWN - NSX Agent is down
NO_AGENT - No NSX Agent installed on VM
UNKNOWN - NSX Agent status is unknown
string Readonly
Enum: UP, DOWN, NO_AGENT, UNKNOWN
agent_version Agent version details string Readonly
associated_account_ids Associated Cloud Account IDs

Array of associated cloud account IDs.		 array of string
availability_zone AWS Availability Zone

AWS availability zone in which virtual machine is residing		 string Readonly
cloud_tags Cloud tags for the virtual machine array of CloudTag Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
error_messages List of error messages

List of error messages identified. Returns only error messages
identified in the last 1 hour.
array of ComputeInstanceErrorMessage Readonly
gateway_ha_index Gateway HA Index

Index of HA that indicates whether gateway is primary or secondary.
If index is 0, then it is primary gateway. Else secondary gateway.
integer
gateway_status Gateway Status string Readonly
Enum: UP, DOWN, DEPLOYING, NOT_AVAILABLE, UNDEPLOYING
id Unique identifier of this resource string Sortable
is_gateway Flag to identify if this VM is a gateway node boolean Readonly
is_gateway_active Flag to identify if this VM is an active gateway node boolean Readonly
logical_switch_display_name Logical Switch display name string Readonly
logical_switch_id Logical Switch ID string Readonly
managed_by_nsx Indicate if vm is managed by NSX or not boolean Required
Readonly
nsx_ip IP address provided by NSX string Readonly
nsx_security_group_mapping NSX Security Group Mapping

Map of cloud security groups associated to the virtual machine and
corresponding NSX security groups.
array of SecurityGroupDetails Readonly
nsx_security_rule_errors NSX Security Rule Errors

Array of NSX security rule realization errors.		 array of NsxSecurityRuleErrorDetails Readonly
nsx_security_rule_errors_count NSX Security Rule Errors Count

Count of the NSX security rule realization errors.		 integer Readonly
os_details Operating system details string Readonly
os_type Operating system of the virtual machine string Readonly
power_state Power State

Indicates the power state of the virtual machine as returned by AWS.
string Readonly
Enum: PENDING, RUNNING, SHUTTING_DOWN, TERMINATED, STOPPING, STOPPED
private_ip Private IP address of the virtual machine string Readonly
public_ip Public IP address of the virtual machine string Readonly
quarantine_state Quarantine State

Indicates the quarantine state of the VM.
QUARANTINED - This state implies VM is moved to quarantine security
group because some threat has been detected.
NOT_QUARANTINED - This state implies no quarantine action has been
taken.
UNKNOWN - This state implies either quarantine policy is disabled or
quarantine information is not available.
OVERRIDDEN - This state implies VM is associated with vm_override_sg
which overrides any action based on threat detection.
WHITELISTED - This state implies that quarantine operation will not
be performed on the VM.
NOT_APPLICABLE - This state will be populated for agentless vm.
string Readonly
Enum: QUARANTINED, NOT_QUARANTINED, UNKNOWN, OVERRIDDEN, WHITELISTED, NOT_APPLICABLE
region AWS Region

AWS region in which virtual machine is residing		 string Readonly
resource_type Must be set to the value AwsVirtualMachine string Required
Enum: AwsVirtualMachine, AzureVirtualMachine
segment_display_name Segment display name

Segment display name on which this VM resides.
string Readonly
segment_id Segment ID

Segment ID on which this VM resides.
string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
threat_state Threat State

Indicates the threat state of the VM.
NORMAL - This state implies no threat has been detected and VM is
functioning as expected.
THREAT - This state implies quarantine enabling threat has been
detected.
INVALID - This state implies either VM is unmanaged or threat related
information is not available.
NOT_APPLICABLE - This state will be populated for agentless vm.
string Readonly
Enum: NORMAL, THREAT, INVALID, NOT_APPLICABLE
vm_config_status Status for user configurable properties VmConfigStatus Readonly
vm_extension_execution_status VM extension script execution status

UNKNOWN - This is the default state. Indicates no information available
regarding extension execution. This can potentially occur for
a VM when agent is installed out of band or if
cloud_agent_automated_install_enabled flag is enabled for the
VNET/VPC which already has managed VMs.
SUCCESSFUL - Indicates VM extension script execution was successful.
This does not necessarily mean agent installation was
successful.
FAILED - Indicates VM extension script execution failed.
string Readonly
vpc AWS VPC

AWS VPC ID in which virtual machine is residing		 string Readonly
vpc_name AWS VPC name

AWS VPC name in which virtual machine is residing		 string Readonly

AwsVpc (schema)

Vpc Information

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
agent_info Aws Agent Information

Array of agent install and download instructions for various OS types.		 array of AgentInfo Readonly
ami_id AMI ID

Amazon Machine Image is a special type of virtual appliance that is
used to create a virtual machine with the Amazon Elastic Compute
Cloud. It serves as the basic unit of deployment for services
delivered using Amazon EC2
string Readonly
associated_account_ids Associated AWS Account IDs

Array of associated AWS account IDs.		 array of string
associated_transit_vpc Associated AWS Transit VPC

Stores the VPC ID and associated account IDs of the transit VPC.
This property describes the associated transit VPC for a given
AWS compute VPC.
AwsTransitVpcInfo Readonly
cidr IPV4 CIDR Block for the Vpc

This field is DEPRECATED as AWS started supporting multiple CIDR
blocks per VPC. This field will return only the first CIDR block
from the response received from AWS. Please use cidr_blocks to
see the multiple CIDR blocks associated with the VPC.
string Deprecated
Readonly
cidr_blocks IPv4 CIDR Block

IPv4 CIDR Block of the virtual network.		 array of CidrBlock Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
gateway_info Gateway details for the Vpc AwsGatewayInfo Readonly
id Unique identifier of this resource string Sortable
instance_stats Managed, unmanaged and error instance counts for the Vpc InstanceStats Readonly
is_management_vpc Flag to identify if this is the management Vpc boolean Readonly
Default: "False"
managed_vpcs Array of NSX Managed Compute VPCs

Array of compute VPCs managed by a transit VPC. This property
describes array of managed compute VPC for a given transit VPC.
array of ManagedVpcInfo Readonly
op_status AWS VPC Operational Status

Operational status of the VPC.		 AwsVpcOpStatus Readonly
region_id Id of the AWS region string Readonly
resource_type Must be set to the value AwsVpc string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_zones Transport zones for the Vpc array of TransportZoneInfo Readonly
vpc_status AWS Compute VPC Status

Stores onboard and offboard states and corresponding error messages
and error code related to AWS compute VPC. The status for a transit
VPC should be obtained from gateway_info.
AwsComputeVpcStatus Readonly

AwsVpcConfig (schema)

AWS VPC Configuration

Stores the configuration such as default_quarantine_policy_enabled and cloud_fallback_security_group_id for related AWS VPC.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
cloud_fallback_security_group_id Id of Cloud Security Group

Id of security group where the VMs should be moved after last gateway
undeployed. This field is required only when
default_quarantine_policy_enabled field is set to false.
string
default_quarantine_policy_enabled Flag to Identify if Default Quarantine Policy is Enabled

Flag to convey if virtual machines belonging to the compute
virtual private cloud should be quarantined or not.
boolean Default: "False"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
managed_without_agents Managed Without NSX Agents

This flag determines if this compute virtual private cloud is managed
with or without NSX agents.
boolean Default: "False"
resource_type Must be set to the value AwsVpcConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AwsVpcListRequestParameters (schema)

These paramaters will be used to filter the list of Vpcs.
Multiple parameters can be given as input to 'AND' them.

Name Description Type Notes
account_id Identifier for account based on which vpcs are to be filtered string
associated_transit_vpc_id Transit VPC ID

Identifier for filtering all the compute VPCs which are NSX managed
by the given transit VPC.
string
cidr IPV4 CIDR Block for the Vpc string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
op_status AWS VPC Operational Status

Operational status of the VPC.		 AwsVpcOpStatus
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_id Identifier for region based on which vpcs are to be filtered string
sort_ascending boolean
sort_by Field by which records are sorted string
vpc_id Identifier for vpc based on which the list can be filtered or can be used to validate that hierarchy is correct string

AwsVpcListResult (schema)

Vpc list

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Vpc list array of AwsVpc
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AwsVpcOpStatus (schema)

Operational Status

Operational status of the AWS VPC. After
there are gateways deployed in a VPC, that VPC is called as transit
VPC and it's status will be set as NSX_MANAGED_BY_GATEWAY.
For all the compute VNets which are being managed by a transit VPC,
their status will be set as NSX_MANAGED_BY_TRANSIT_VPC.
NSX_GATEWAY_ERROR status means gateways are deployed in VPC, but no
gateway is UP and at least one gateway is DOWN. The remaining gateway
can be in NOT_AVAILABLE state. NSX_COMPUTE_ERROR
status will be shown in compute VPC when transit VPC is in
NSX_GATEWAY_ERROR state.
Status for all the rest of the VPCs will be NSX_UNMANAGED.
NSX_MANAGED is deprecated.

Name Description Type Notes
AwsVpcOpStatus Operational Status

Operational status of the AWS VPC. After
there are gateways deployed in a VPC, that VPC is called as transit
VPC and it's status will be set as NSX_MANAGED_BY_GATEWAY.
For all the compute VNets which are being managed by a transit VPC,
their status will be set as NSX_MANAGED_BY_TRANSIT_VPC.
NSX_GATEWAY_ERROR status means gateways are deployed in VPC, but no
gateway is UP and at least one gateway is DOWN. The remaining gateway
can be in NOT_AVAILABLE state. NSX_COMPUTE_ERROR
status will be shown in compute VPC when transit VPC is in
NSX_GATEWAY_ERROR state.
Status for all the rest of the VPCs will be NSX_UNMANAGED.
NSX_MANAGED is deprecated.
string Readonly
Enum: NSX_MANAGED_BY_GATEWAY, NSX_MANAGED_BY_TRANSIT_VPC, NSX_MANAGED, NSX_UNMANAGED, NSX_GATEWAY_ERROR, NSX_COMPUTE_ERROR

Axes (schema)

Axes of a graph

Represents X and Y axes of a graph. For a multi-graph, the same axes are shared by all the graphs.

Name Description Type Notes
x_label Label for X axis of a graph Label
y_label Label for Y axis of a graph Label

AzureAccount (schema)

Azure Account

Stores information about an Azure account

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
auth_method Azure account authorization method

This property conveys the authorization method to use. Appropriate
credentials/parameters will be expected based on this method selection.
string Readonly
Enum: CREDENTIALS
auth_users Authrized Users

List of authorized users.		 array of CloudUserInfo Readonly
cloud_type Cloud Type string Required
Enum: AWS, AZURE, GOOGLE
credentials Azure Credentials

Credentials of Azure Account.		 AzureCredentials Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
has_managed_vnet Has a managed virtual network?

This field is DEPRECATED. Please use vnet_stats to get the number of
managed virtual networks.
boolean Deprecated
Readonly
id Unique identifier of this resource string Sortable
instance_stats Instance statistics

Stores statistics of the number of managed, unmanaged and error virtual
machines.
InstanceStats Readonly
regions_count Azure Regions Count

Count of the Azure regions which have atleast one virtual network
created.
integer Readonly
resource_type Must be set to the value AzureAccount string
status Azure Account Status

Status of the Azure Account.		 AzureAccountStatus Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tenant_id Tenant ID

Tenant ID of the cloud account.		 string Readonly
vnet_stats Virtual Network Statistics

Stores statistics of the number of MANAGED and UNMANAGED virtual
networks.
VnetStats Readonly

AzureAccountStatus (schema)

Azure Account Status

Stores information about Azure account status.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
credentials_status Credentials Status

Status of the cloud account credentials synced at the auto interval.
string Readonly
Enum: VALID, INVALID
error_message Error encountered while syncing azure inventory

Error encountered while syncing azure inventory such as read timeout.		 string Readonly
inventory_sync_status Inventory Synchronization Status

Status of inventory synchronization process.		 string Readonly
Enum: SYNCED, IN_PROGRESS
inventory_sync_step Inventory sync step

Step of the inventory synchronization process.		 string Readonly
Enum: SYNCING_AZURE_REGIONS, SYNCING_AZURE_VNETS, SYNCING_VMS, SYNCING_NSX_DATA, SYNCING_AZURE_GATEWAYS, SYNCING_MANAGED_INSTANCES, NOT_APPLICABLE

AzureAccountsListResult (schema)

Azure Accounts List Result

Stores a list of Azure accounts.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Results

Array of Azure accounts.		 array of AzureAccount Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AzureComputeVNetConfig (schema)

Azure Compute VNet Configuration

Stores the parameters required for linking compute VNet
with the Transit VNet.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
account_id Azure Account ID

Azure account ID related to the compute VNet. This field is
deprecated. Field account_id can be learnt using vnet_id.
GET /csm/azure/vnets/ API returns associated_account_ids.
Hence, this field is optional.
string Deprecated
auto_agent_install_enabled Auto Agent Install Enabled

Flag to identify if NSX agent installation will be done
automatically or not. As of now this is supported for Azure Cloud only.
If the flag managed_without_agents is set to true, this property will
be ignored.
boolean Default: "False"
cloud_fallback_security_group_id Id of Cloud Security Group

Id of security group where the VMs should be moved after last gateway
undeployed. This field is required only when
default_quarantine_policy_enabled field is set to false.
string
configuration Azure Transit VNet Configuration

All the required informations regarding a transit VNet
will be absorbed as a part of this field.
AzureTransitVnetConfig Required
default_quarantine_policy_enabled Flag to Identify if Default Quarantine Policy is Enabled

Flag to convey if virtual machines belonging to the compute
virtual private cloud should be quarantined or not.
boolean Default: "False"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
managed_without_agents Managed Without NSX Agents

This flag determines if this compute virtual private cloud is managed
with or without NSX agents.
boolean Default: "False"
resource_type Must be set to the value AzureComputeVNetConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AzureComputeVNetListRequestParameters (schema)

These paramaters will be used to filter the list of compute VNets.
Multiple parameters can be given as input to 'AND' them.

Name Description Type Notes
account_id Azure Account ID

Identifier for account based on which compute VNets are to be filtered.
string
associated_transit_vnet_id Transit VNet ID

Identifier for filtering all the compute VNets which are NSX managed
by the given transit VNet.
string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
vnet_id VNet ID

Optional identifier for virtual network based on which compute virtual
networks list can be filtered. It consists of resourceGuid
of Azure VNet.
string

AzureComputeVNetListResult (schema)

Azure Compute VNet list

Stores a list of Azure compute virtual networks.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of Compute VNets

Array of Azure compute virtual networks.		 array of AzureComputeVNetConfig
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AzureComputeVnetStatus (schema)

VNet Status

Stores onboard and offboard status of Azure VNet. There are 4 states in
onboarding a VNet using transit VNet and the corresponding states in
sequence are VALIDATING_ENVIRONMENT, CREATING_SECURITY_GROUPS,
CONFIGURING_GATEWAY and ONBOARD_SUCCESSFUL. There are 3 states in
offboarding a VNet and the corresponding states in sequence are
UNCONFIGURING_GATEWAY, DELETING_SECURITY_GROUPS and OFFBOARD_SUCCESSFUL.
The state of failure in onboarding or offboarding is indicated
by ONBOARD_FAILED and OFFBOARD_FAILED.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
configuration AZURE VNet Config

Stores AZURE VNet configuration.
AzureVNetConfig
error_code Error Code

Error code related to virtual private cloud
Onboard/Offboard failure.
integer Readonly
error_message Error Message

Error message related to virtual private cloud
Onboard/Offboard failure.
string Readonly
offboard_step States of Virtual Private Cloud While OffBoard

Stores the different states of virtual private cloud while
offboarding from a transit virtual private cloud.
string Readonly
Enum: UNCONFIGURING_GATEWAY, DELETING_SECURITY_GROUPS, OFFBOARD_SUCCESSFUL, OFFBOARD_FAILED, NOT_APPLICABLE
onboard_step States of Virtual Private Cloud While Onboard

Stores the different states of virtual private cloud while
onboarding using a transit virtual private cloud.
string Readonly
Enum: VALIDATING_ENVIRONMENT, CREATING_SECURITY_GROUPS, CONFIGURING_GATEWAY, ONBOARD_SUCCESSFUL, ONBOARD_FAILED, NOT_APPLICABLE
status Virtual Private Cloud Status

Indicates the status of a virtual private cloud.
UP: virtual private cloud is NSX managed.
DOWN: virtual private cloud is NSX managed with errors.
ONBOARDING: virtual private cloud is in the process of
onboarding using a transit virtual private cloud.
OFFBOARDING: virtual private cloud is in the process of
offboarding from a transit virtual private cloud.
NOT_APPLICABLE: virtual private cloud is NSX unmanaged.
string Readonly
Enum: UP, DOWN, ONBOARDING, OFFBOARDING, NOT_APPLICABLE
virtual_private_cloud_name Virtual Private Cloud Name

Name of the transit virtual private cloud.
string Readonly

AzureCredentials (schema)

Azure Account Credentials

Stores information about Azure account credentials

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
client_id Azure Account Client ID

Client ID of the Azure account.		 string
gateway_role Azure role name for gateway

Default Azure Managed Service Identity role that will be set to the
Cloud Gateways deployed in the Azure account. Based on the permissions
in the role, the gateways will have access to resources in the Azure
account.
string
key Azure Account Key

Key of the Azure account. Used only to take input. Will never be
returned in any API response.
string
subscription_id Azure Account Subscription ID

Subscription ID of the Azure account.		 string
tenant_id Azure Account Tenant ID

Tenant ID of the Azure account.		 string

AzureGatewayConfig (schema)

Azure gateway configuration

Stores Azure gateway configuration like image_id, ssh_key and
gateway_ha_configuration.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
auto_agent_install_enabled Auto Agent Install Enabled

Flag to identify if NSX agent installation will be done automatically or not.
As of now this is supported for Azure Cloud only. If the flag
managed_without_agents is set to true, this property will be ignored.
boolean Default: "False"
cloud_fallback_security_group_id Id of cloud security group

Id of security group where the VMs should be moved after last gateway
undeployed.
string
default_quarantine_policy_enabled Flag to identify if default quarantine policy is enabled boolean Default: "False"
dns_settings DNS settings

Settings related to Cloud gateway DNS configuration. This determines
DNS configuration based on dns_mode.
DnsSettings
gateway_ha_configuration Azure Gateway HA configuration array of AzureGatewayHaConfig
image_id NSX PCG Image ID

The ID of the Public Cloud Gateway image in Azure
string
is_ha_enabled Flag to identify if HA is enabled boolean
managed_without_agents Managed Without NSX Agents

This flag determines if this virtual private cloud is managed with or
without NSX agents. This flag is applicable only for this network.
If this virtual private cloud is being managed without NSX agents,
quarantine state and threat state will be NOT_APPLICABLE for all the
virtual machines under it.
boolean Default: "False"
nsx_manager_connection NSX Manager connection

Determines if connection to NSX Manager is via public IP or private IP
string Enum: PUBLIC_IP, PRIVATE_IP
proxy_server_profile Id of the proxy server profile

Id of the proxy server profile, corresponding proxy settings
will be applied while deploying the gateway.
string
ssh_key SSH Key

This key will be associated to Public Cloud Gateway instance while
it is launched in Azure.
string
storage_account_name Azure Storage Account Name

Azure Storage Account where gateway image will be copied.
string
target_disk_size Target Disk Size

This is the target disk size of the PCG appliance in GB. Based on this
an additional disk is attached to the PCG appliance, if required.
The supported size is 191 GB and this property should only be modified
post upgrade for exisiting PCG appliances.
integer
vpn_service_enabled Flag to enable or disable inter-operation with services via VPN

Flag that will enable or disable inter-operation between NSX and
non-NSX services via VPN.
boolean Default: "True"

AzureGatewayDeployConfig (schema)

Azure gateway deployment configuration

Stores configuration for Azure gateway deployment request.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
account_id Azure Account ID

ID of the Azure account.		 string Required
configuration Azure Gateway Configuration

Configuration of Azure gateway.		 AzureGatewayConfig Required
vnet_id Azure Virtual Network ID

ID of the Azure Virtual Network. It consists of resourceGuid of Azure Vnet.		 string Required

AzureGatewayHaConfig (schema)

Azure subnet configuration to deploy gateways

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
downlink_subnet Downlink subnet string Required
gateway_ha_index Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway. integer Required
management_subnet Management subnet string Required
public_ip_settings Public IP settings

Stores settings related to Azure gateway Public IP configuration.
The public_ip will be attached for management interface of the gateway.
GatewayPublicIp
uplink_public_ip_settings Public IP settings for uplink interface

Stores settings related to Azure gateway Public IP configuration.
The public_ip will be attached to uplink interface of
the primary gateway, based on the value of ip_allocation_mode.
GatewayPublicIp
uplink_subnet Uplink subnet string Required

AzureGatewayInfo (schema)

Azure Gateway Information

Stores azure gateway information like configuration and status.

Name Description Type Notes
configuration Gateway Configuration

Configuration of Azure gateway.		 AzureGatewayConfig Readonly
csm_ip_address Cloud service manager IP address

Cloud service manager IP address used to communicate
with the Azure VNet gateways.
string Readonly
gateway_status Gateway Status

Array of gateway statuses.		 AzureGatewayStatus Readonly

AzureGatewayInstanceStatus (schema)

Azure gateway instance status

Stores information about Azure gateway instance status

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
azure_image_bytes_copied Bytes copied, while copying image

Displays number of bytes copied, while copying gateway image.		 integer Readonly
azure_image_copy_progress Progress Percentage for image copy

Displays progress percentage while copying gateway image.		 integer Readonly
azure_image_total_bytes Total bytes required to be copied, for copying image

Displays total number of bytes required to be copied, for copying gateway image.		 integer Readonly
configuration_operation_status Status of different gateway configuration operations

This property provides a consolidated status of supported gateway
configuration operations.
GatewayConfigOperationStatus Readonly
deployment_step Different states of gateway deployment string Readonly
Enum: VALIDATING_ENVIRONMENT, COPYING_IMAGE, CREATING_SECURITY_GROUPS, LAUNCHING_GATEWAY, CREATING_NETWORK_INTERFACES, ATTACHING_NETWORK_INTERFACES, ATTACHING_SECURITY_GROUPS, CONFIGURING_GATEWAY, CREATING_LOGICAL_NETWORK_CONSTRUCTS, DEPLOYMENT_SUCCESSFUL, DEPLOYMENT_FAILED, UNCONFIGURING_GATEWAY, RELEASING_EIPS, TERMINATING_GATEWAY, DELETING_SECURITY_GROUPS, DELETING_CLOUD_RESOURCES, UNDEPLOYMENT_SUCCESSFUL, UNDEPLOYMENT_FAILED, NOT_APPLICABLE
error_code Error code for gateway operation failure integer Readonly
error_message Error message for gateway operation failure string Readonly
gateway_ha_index Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway. integer
gateway_instance_id ID of the gateway instance string
gateway_lcp_connectivity_status Gateway to NSX Controller connectivity status

Status of connectivity between NSX controller and public cloud gateway.
string Readonly
Enum: UP, DOWN, DEGRADED, UNKNOWN
gateway_mpa_connectivity_status Gateway to NSX Manager connectivity status

Status of connectivity between NSX manager and public cloud gateway.
string Readonly
Enum: UP, DOWN, UNKNOWN
gateway_name Name of the gateway instance string
gateway_node_id NSX Node ID of the public cloud gateway string
gateway_status Gateway instance status string Readonly
Enum: UP, DOWN, DEPLOYING, NOT_AVAILABLE, UNDEPLOYING
gateway_tn_id NSX transport node id of the public cloud gateway string
is_gateway_active Flag to identify if this is an active gateway boolean Readonly
private_ip Private IP address of the virtual machine string Readonly
public_ip Public IP address of the virtual machine string Readonly
vpn_private_ip VPN Private IP address

Private IP address of the virtual machine for VPN		 string Readonly

AzureGatewayStatus (schema)

Azure Gateway Status

Stores Azure gateway status related information

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
gateway_cluster_id NSX gateway cluster ID

Cluster ID of NSX gateway		 string
gateway_instances_status Gateway Instances Status

Array of gateway instances statuses		 array of AzureGatewayInstanceStatus Readonly

AzureGatewayUndeployConfig (schema)

Azure gateway undeployment configuration

Stores configuration for Azure gateway undeployment request.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
account_id Azure Account ID

ID of the Azure account.		 string Required
instance_id Azure Instance ID

ID of the gateway instance.		 string Required

AzureGatewaysListRequestParameters (schema)

Azure Gateways List Request Parameters

A set of optional filter parameters to list Azure gateways. Multiple
parameters can be given as input to 'AND' them.

Name Description Type Notes
account_id Azure Account ID

Optional identifier for account based on which Azure gateways list can
be filtered.
string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_id Azure Region ID

Optional identifier for region based on which Azure Gateways list can
be filtered.
string
sort_ascending boolean
sort_by Field by which records are sorted string
vnet_id Azure Virtual Network ID

Optional identifier for virtual network based on which Azure Gateways
list can be filtered. It consists of resourceGuid of Azure Vnet.
string

AzureGatewaysListResult (schema)

Azure Gateways List Result

Stores a list of Azure gateways.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Results

Array of Azure gateways.		 array of AzureGatewayDeployConfig
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AzureIpAllocationConfig (schema)

Cloud IP allocation configuration

Azure cloud specific configuration parameters to create IP allocations for
a Pivotal Application Service / Pivotal Cloud Foundry foundation.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
cloud_account_id Cloud Account ID

ID of the Cloud Account in which the IPs are allocated.
string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_allocation_mode IP Allocation Mode

PUBLIC_IP: Allocate new public IP.
LINK_LOCAL_IP: Allocate new link local IP.
string Enum: PUBLIC_IP, LINK_LOCAL_IP
Default: "PUBLIC_IP"
ip_allocation_type IP allocation type

Based on the type, IP allocation will be done accordingly.
Legal values are PAS and NAT.
string Enum: PAS, NAT
Default: "PAS"
number_of_allocations Number of IP allocations required. integer Required
resource_type Must be set to the value AzureIpAllocationConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
vnet_id Vnet ID

ID of the Azure Vnet in which the IPs are allocated.
string Required

AzureIpAllocationMappings (schema)

Cloud IP allocation mappings

Stores information about Cloud IP mapping for a Pivotal Application Service
/ Pivotal Cloud Foundry foundation.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
cloud_account_id Cloud Account ID

ID of the Cloud Account in which the IPs are allocated.
string Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
error_code Error code for IP allocation failure integer Readonly
error_message Error message for IP allocation failure string Readonly
id Unique identifier of this resource string Sortable
ip_allocation_type IP allocation type

Based on the type, IP allocation will be done accordingly.
Legal values are PAS and NAT.
string Readonly
Enum: PAS, NAT
Default: "PAS"
ip_mappings IP mappings for a foundation. array of CloudIpAllocationMapping Readonly
ip_operation_status IP Allocation State

Indicates the state of the IP allocation or de-allocation.
ALLOCATION_IN_PROGRESS: IP allocation is in progress.
DELETION_IN_PROGRESS: IP de-allocation or deletion is in progress.
SUCCESSFUL: IP allocation is successful. Successful de-allocation can
be confirmed if the status API for this mapping returns a 404 error.
FAILED: IP allocation or de-allocation failed.
string Readonly
Enum: ALLOCATION_IN_PROGRESS, DELETION_IN_PROGRESS, SUCCESSFUL, FAILED
resource_type Must be set to the value AzureIpAllocationMappings string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
vnet_id Vnet ID

ID of the Azure Vnet in which the IPs are allocated.
string Readonly

AzureIpMappingsListRequestParameters (schema)

These paramaters will be used to filter the list of IP allocation mappings.
Multiple parameters can be given as input to 'AND' them.

Name Description Type Notes
cloud_account_id Cloud Account ID

ID of the Cloud Account in which the IPs are allocated.
string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
display_name Name of IP Mappings

Name of IP Mappings.
string
included_fields Comma separated list of fields that should be included in query result string
ip_allocation_type IP allocation type

Based on the type, IP allocation will be done accordingly.
Legal values are PAS and NAT.
string Enum: PAS, NAT
Default: "PAS"
mapping_id Mapping ID

ID of the mapping returned in IP allocation request.
string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
vnet_id Vnet ID

ID of the Azure Vnet in which the IPs are allocated.
string

AzureIpMappingsListResult (schema)

Cloud IP Mappings List Result

Stores a list of Cloud IP mappings.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Cloud IP mappings Results

Array of Cloud public/link local IP to secondary IP mappings.
array of AzureIpAllocationMappings
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AzurePublicIpListRequestParameters (schema)

Azure Public IP List Request Parameters

A set of filter parameters to list Azure Public IPs. Multiple parameters
can be given as input to 'AND' them.

Name Description Type Notes
account_id Account ID

Mandatory identifier for account based on which public IPs are
to be filtered.
string Required
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_id Region ID

Optional identifier for region based on which public IPs
are to be filtered.
string
sort_ascending boolean
sort_by Field by which records are sorted string

AzurePublicIpListResult (schema)

Azure Public IP List Result

Stores a list of Azure public IPs.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Azure Public IP

Array of Azure Public IPs.
array of string Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AzureRegion (schema)

Azure Region Information

Stores information about an Azure region.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
associated_account_ids Associated Azure Account IDs

Array of associated Azure account IDs.		 array of string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
gateway_stats Gateway Statistics

Stores statistics of the number of UP, DOWN and DEPLOYING gateways.
GatewayStats Readonly
has_managed_vnet Has a managed Virtual Network? boolean Readonly
id Unique identifier of this resource string Sortable
instance_stats Instance Statistics

Stores statistics of the number of MANAGED, UNMANAGED and ERROR instances.
InstanceStats Readonly
resource_type Must be set to the value AzureRegion string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
vnet_stats Virtual Network Statistics

Stores statistics of the number of MANAGED and UNMANAGED virtual networks.
VnetStats Readonly

AzureRegionsListRequestParameters (schema)

Azure Regions List Request Parameters

A set of optional filter parameters to list Azure regions. Multiple
parameters can be given as input to use 'AND' them.

Name Description Type Notes
account_id Azure Account ID

Optional identifier for account based on which regions list can be
filtered.
string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_id Azure Region ID

Optional identifier for region based on which the regions list can be
filtered.
string
sort_ascending boolean
sort_by Field by which records are sorted string

AzureRegionsListResult (schema)

Azure Regions List Result

A list of Azure regions.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Results

Array of Azure regions.		 array of AzureRegion
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AzureResourceGroup (schema)

Azure Resource Group

Stores Azure resource group information.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
resource_group_id Id of resource group

Id of resource group.
string
resource_group_name Name of resource group

Name of resource group.
string

AzureResourceGroupsListResult (schema)

Azure Resource Groups List Result

Stores a list of Azure resource groups.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Azure resource groups Results

Array of Azure resource groups.
array of AzureResourceGroup Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AzureResourcesListRequestParameters (schema)

Azure Resource List Request Parameters

A set of filter parameters to list Azure resources. Multiple parameters
can be given as input to 'AND' them.

Name Description Type Notes
account_id Account ID

Optional identifier for account based on which resources are
to be filtered.
string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
is_managed_by_nsx Is Managed By NSX

Filter parameter to obtain security groups which are managed by NSX.
boolean
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_id Region ID

Optional identifier for region based on which resources
are to be filtered.
string
resource_group_id Resource Group ID

Optional identifier for resource group id based on which resources
are to be filtered.
string
sort_ascending boolean
sort_by Field by which records are sorted string
vnet_id Virtual Network ID

Optional identifier for virtual network based on which resources
are to be filtered.
string

AzureSecurityGroup (schema)

Azure VNet Security Group

Stores information about an Azure VNet security group.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
associated_vnet_ids VNet IDs

Array of VNet IDs.		 array of string Readonly
cloud_tags Cloud Tags

Array of tags associated to a cloud security group.
array of CloudTag Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
inbound_rules Inbound Rules

Array of inbound rules of the Azure security group.		 array of AzureSecurityGroupRule Readonly
is_managed_by_nsx Is Managed By NSX

If the flag is true, the cloud security group is managed by NSX.
boolean Readonly
nsx_security_group_mapping NSX Security Group Mapping

Map of cloud application security groups associated to this Azure
network security group and corresponding NSX security groups.
array of SecurityGroupDetails Readonly
outbound_rules Outbound Rules

Array of outbound rules of the Azure security group.		 array of AzureSecurityGroupRule Readonly
region_id Region ID

ID of the cloud region.		 string Readonly
resource_group_name Resource Group Name

Name of the Azure resource group.		 string Readonly
resource_id Resource ID

Resource ID of Azure Network Security Group.		 string Readonly
resource_type Must be set to the value AzureSecurityGroup string Required
security_group_id Security Group ID

ID of the cloud security group.		 string Readonly
security_group_name Security Group Name

Name of the cloud security group.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AzureSecurityGroupRule (schema)

Azure Security Group Rule

Stores information about an Azure security group rule.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
action Action

Action configured for the Azure security group rule.		 string Readonly
Enum: ALLOW, DENY
description Description of this resource string Maximum length: 1024
Sortable
destination Destination

Destination corresponding to the cloud security group rule.
string Readonly
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
port_range Port Range

Port range corresponding to the cloud security group rule.
string Readonly
priority Priority

Priority of the Azure security group rule.		 integer Readonly
protocol Protocol

Protocol corresponding to the cloud security group rule.
string Readonly
resource_type Must be set to the value AzureSecurityGroupRule string Required
source Source

Source corresponding to the cloud security group rule.
string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AzureSecurityGroupsListResult (schema)

Azure Security Groups List Result

Stores a list of Azure security groups.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Results

Array of Azure security groups.		 array of AzureSecurityGroup
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AzureServiceEndpoint (schema)

Azure Service Endpoint

Stores endpoint information about any service which is provided by Azure. NSX
supported services are currently limited to Azure Storage, Azure SQL
Database, Azure Cosmos DB and Azure Load Balancer.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
nsx_security_groups NSX security groups array

Stores an array of NSX security groups associated to this cloud service
endpoint.
array of SecurityGroup Readonly
resource_type Must be set to the value AzureServiceEndpoint string Required
service_endpoint_id Service Endpoint ID

Cloud provided ID of the service endpoint.		 string Readonly
service_endpoint_type Service Endpoint Type

Cloud provided type of the service endpoint.		 string Readonly
service_name Service Name

Name of the cloud service the endpoint is associated with.		 string Readonly
service_type Service type

Stores the type of Azure service corresponding to this endpoint.
AZURE_COSMOSDB - Azure Cosmos DB
AZURE_SQL - Azure SQL Database
AZURE_STORAGE - Azure Storage
AZURE_LOAD_BALANCER - Azure Load Balancer
string Readonly
Enum: AZURE_COSMOSDB, AZURE_SQL, AZURE_STORAGE, AZURE_LOAD_BALANCER
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AzureServiceEndpointsListRequestParameters (schema)

These paramaters will be used to filter the list of Azure service endpoints.
Multiple parameters can be given as input to 'AND' them.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
service_endpoint_id Azure Service Endpoint ID

Optional ID of Azure service endpoint based on which the list of service endpoints
are to be filtered.
string
service_name Azure Service Name

Optional name of Azure service based on which the list of service endpoints are
to be filtered.
string
sort_ascending boolean
sort_by Field by which records are sorted string

AzureServiceEndpointsListResult (schema)

Azure Service Endpoints List Result

Stores a list of service endpoints which are provided by Azure with
information about each of them. NSX supported services are currently
limited to Azure Storage, Azure SQL Database, Azure Cosmos DB and Azure
Load Balancer.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Results

Array of Azure service endpoints.		 array of AzureServiceEndpoint
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AzureStorageAccount (schema)

Azure Storage Account

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
name Name of the Azure Storage Account string Required

AzureStorageAccountList (schema)

List of Azure Storage Accounts

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Azure Storage Accounts list array of AzureStorageAccount
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AzureStorageAccountsListRequestParameters (schema)

These paramaters will be used to filter the list of storage accounts.
Multiple parameters can be given as input to 'AND' them.

Name Description Type Notes
account_id Identifier for account based on which list of storage accounts will be obtained string Required
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_id Identifier for region based on which list of storage accounts will be obtained string Required
sort_ascending boolean
sort_by Field by which records are sorted string

AzureSubnet (schema)

Azure Subnet

Stores information about an Azure subnet.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
address_space Azure subnet address space string Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id ID of Subnet string Readonly
resource_type Must be set to the value AzureSubnet string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
vnet_id Azure Virtual Network ID

ID of the Azure Virtual Network.It consists of resourceGuid of Azure Vnet.		 string Readonly

AzureSubnetListRequestParameters (schema)

Azure Subnet List Request Parameters

A set of filter parameters to list Azure subnets. Multiple parameters can
be given as input to 'AND' them.

Name Description Type Notes
account_id Account ID

Mandatory identifier for account based on which subnets are to be filtered.
string Required
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_id Region ID

This field is DEPRECATED. region_id will be learnt from vnet_id
information.
string Deprecated
sort_ascending boolean
sort_by Field by which records are sorted string
vnet_id Virtual Network ID

Identifier for vnet based on which subnets are to be filtered. It consists of resourceGuid of Azure Vnet.
string Required

AzureSubnetListResult (schema)

Azure subnets List Result

Stores a list of Azure subnets.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Results

Array of Azure subnets.
array of AzureSubnet Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AzureTransitVnetConfig (schema)

Azure Transit VNet Configuration

Stores the account IDs and VNet ID related to
the transit VNet.

Name Description Type Notes
account_id Azure account ID

Azure account ID of the transit VNet. This field is
deprecated. Field account_id can be learnt using vnet_id.
GET /csm/azure/vnets/ API returns associated_account_ids.
Hence, this field is optional.
string Deprecated
vnet_id VNet ID

VNet ID of the transit VNet.		 string Required

AzureTransitVnetInfo (schema)

Azure Transit VNet Information

Stores the account ID and VNet ID related to the transit VNet. A transit VNet is a Azure VNet in which public cloud gateways are deployed and is managing the workload VMs present in other compute VNets.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
associated_account_ids Array of Cloud Account IDs

Cloud account ID related to the virtual private cloud.
array of string Required
Readonly
virtual_private_cloud_id Virtual Private Cloud ID

Virtual private cloud ID of the corresponding cloud.
string Required
Readonly
virtual_private_cloud_name Virtual Private Cloud name

Virtual private cloud name of the corresponding cloud.
string Required
Readonly

AzureVNetConfig (schema)

AZURE VNet Configuration

Stores the configuration such as default_quarantine_policy_enabled, cloud_fallback_security_group_id and auto_agent_install_enabled for correponding AZURE VNet.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
auto_agent_install_enabled Auto Agent Install Enabled

Flag to identify if NSX agent installation will be done
automatically or not. As of now this is supported for Azure Cloud only.
If the flag managed_without_agents is set to true, this property will
be ignored.
boolean Default: "False"
cloud_fallback_security_group_id Id of Cloud Security Group

Id of security group where the VMs should be moved after last gateway
undeployed. This field is required only when
default_quarantine_policy_enabled field is set to false.
string
default_quarantine_policy_enabled Flag to Identify if Default Quarantine Policy is Enabled

Flag to convey if virtual machines belonging to the compute
virtual private cloud should be quarantined or not.
boolean Default: "False"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
managed_without_agents Managed Without NSX Agents

This flag determines if this compute virtual private cloud is managed
with or without NSX agents.
boolean Default: "False"
resource_type Must be set to the value AzureVNetConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

AzureVirtualMachine (schema)

Azure Virtual Machine Information

Stores information about a Azure Virtual Machine

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
agent_status Agent Status

UP - NSX Agent is up and running
DOWN - NSX Agent is down
NO_AGENT - No NSX Agent installed on VM
UNKNOWN - NSX Agent status is unknown
string Readonly
Enum: UP, DOWN, NO_AGENT, UNKNOWN
agent_version Agent version details string Readonly
associated_account_ids Associated Cloud Account IDs

Array of associated cloud account IDs.		 array of string
cloud_network_security_group Cloud Network Security Group

Stores information about the cloud network security group associated to
the virtual machine.
SecurityGroup Readonly
cloud_tags Cloud tags for the virtual machine array of CloudTag Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
error_messages List of error messages

List of error messages identified. Returns only error messages
identified in the last 1 hour.
array of ComputeInstanceErrorMessage Readonly
gateway_ha_index Gateway HA Index

Index of HA that indicates whether gateway is primary or secondary.
If index is 0, then it is primary gateway. Else secondary gateway.
integer
gateway_status Gateway Status string Readonly
Enum: UP, DOWN, DEPLOYING, NOT_AVAILABLE, UNDEPLOYING
id Unique identifier of this resource string Sortable
is_gateway Flag to identify if this VM is a gateway node boolean Readonly
is_gateway_active Flag to identify if this VM is an active gateway node boolean Readonly
logical_switch_display_name Logical Switch display name string Readonly
logical_switch_id Logical Switch ID string Readonly
managed_by_nsx Indicate if vm is managed by NSX or not boolean Required
Readonly
nsx_ip IP address provided by NSX string Readonly
nsx_security_group_mapping NSX Security Group Mapping

Map of cloud security groups associated to the virtual machine and
corresponding NSX security groups.
array of SecurityGroupDetails Readonly
nsx_security_rule_errors NSX Security Rule Errors

Array of NSX security rule realization errors.		 array of NsxSecurityRuleErrorDetails Readonly
nsx_security_rule_errors_count NSX Security Rule Errors Count

Count of the NSX security rule realization errors.		 integer Readonly
os_details Operating system details string Readonly
os_type Operating system of the virtual machine string Readonly
power_state Power State

Indicates power state of the virtual machine as returned by Azure.
string Readonly
Enum: RUNNING, DEALLOCATING, DEALLOCATED, STARTING, STOPPED, STOPPING, UNKNOWN
private_ip Private IP address of the virtual machine string Readonly
public_ip Public IP address of the virtual machine string Readonly
quarantine_state Quarantine State

Indicates the quarantine state of the VM.
QUARANTINED - This state implies VM is moved to quarantine security
group because some threat has been detected.
NOT_QUARANTINED - This state implies no quarantine action has been
taken.
UNKNOWN - This state implies either quarantine policy is disabled or
quarantine information is not available.
OVERRIDDEN - This state implies VM is associated with vm_override_sg
which overrides any action based on threat detection.
WHITELISTED - This state implies that quarantine operation will not
be performed on the VM.
NOT_APPLICABLE - This state will be populated for agentless vm.
string Readonly
Enum: QUARANTINED, NOT_QUARANTINED, UNKNOWN, OVERRIDDEN, WHITELISTED, NOT_APPLICABLE
region Azure region

Azure region in which virtual machine is residing		 string Readonly
resource_group Resource Group

Resource Group of the Azure Virtual Machine.		 string Readonly
resource_id Azure Virtual Machine resource id

Resource Id of Azure Virtual Machine.		 string Readonly
resource_type Must be set to the value AzureVirtualMachine string Required
Enum: AwsVirtualMachine, AzureVirtualMachine
segment_display_name Segment display name

Segment display name on which this VM resides.
string Readonly
segment_id Segment ID

Segment ID on which this VM resides.
string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
threat_state Threat State

Indicates the threat state of the VM.
NORMAL - This state implies no threat has been detected and VM is
functioning as expected.
THREAT - This state implies quarantine enabling threat has been
detected.
INVALID - This state implies either VM is unmanaged or threat related
information is not available.
NOT_APPLICABLE - This state will be populated for agentless vm.
string Readonly
Enum: NORMAL, THREAT, INVALID, NOT_APPLICABLE
vm_config_status Status for user configurable properties VmConfigStatus Readonly
vm_extension_execution_status VM extension script execution status

UNKNOWN - This is the default state. Indicates no information available
regarding extension execution. This can potentially occur for
a VM when agent is installed out of band or if
cloud_agent_automated_install_enabled flag is enabled for the
VNET/VPC which already has managed VMs.
SUCCESSFUL - Indicates VM extension script execution was successful.
This does not necessarily mean agent installation was
successful.
FAILED - Indicates VM extension script execution failed.
string Readonly
vnet Azure virtual network

Azure virtual network ID in which virtual machine is residing
string Readonly
vnet_name Azure virtual network name

Azure virtual network name in which virtual machine is residing
string Readonly

AzureVnet (schema)

Azure VNet

Stores information about an Azure VNet (Virtual Network).

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
agent_info Azure Agent Information

Array of agent install and download instructions for various OS types.		 array of AgentInfo Readonly
associated_account_ids Associated Azure Account IDs

Array of associated Azure account IDs.		 array of string
associated_transit_vnet Associated Azure Transit VNet

Stores the VNet ID and associated account IDs of the transit VNet.
This property describes the associated transit VNet for a given
Azure compute VNet.
AzureTransitVnetInfo Readonly
cidr_blocks IPv4 CIDR Block

IPv4 CIDR Block of the virtual network.		 array of CidrBlock Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
gateway_info Gateway Info

Gateway information of the virtual network like configuration and status.
AzureGatewayInfo Readonly
id Unique identifier of this resource string Sortable
instance_stats Instance Statistics

Stores statistics of the number of MANAGED, MANAGED and ERROR instances.
InstanceStats Readonly
is_management_vnet Is Management VNet?

This flag indicates if this is a management virtual network.		 boolean Readonly
Default: "False"
managed_vnets Array of NSX Managed Compute VNets

Array of compute VNets managed by a transit VNet. This property
describes array of managed compute VNet for a given transit VNet.
array of ManagedVnetInfo Readonly
op_status Azure VNet Operational Status

Operational status of the virtual network.		 AzureVnetOpStatus Readonly
region_id Region ID

ID of the Azure region.		 string Readonly
resource_group Resource Group

Resource Group of the Azure VNet.		 string Readonly
resource_id Azure VNet resource id

Resource Id of Azure VNet.		 string Readonly
resource_type Must be set to the value AzureVnet string
storage_account_name Azure Storage Account Name

Azure Storage Account where gateway image will be copied.		 string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_zones Transport Zones

Array of transport zones in the virtual network.		 array of TransportZoneInfo Readonly
vnet_status Azure Compute VNet Status

Stores onboard and offboard states and corresponding error messages
and error code related to Azure compute VNet. The status for a transit
VNet should be obtained from gateway_info.
AzureComputeVnetStatus Readonly

AzureVnetListRequestParameters (schema)

Azure VNet List Request Parameters

A set of optional filter parameters to list Azure virtual networks.
Multiple parameters can be given as input to 'AND' them.

Name Description Type Notes
account_id Account ID

Optional identifier for account based on which virtual networks list
can be filtered.
string
associated_transit_vnet_id Transit VNet ID

Identifier for filtering all the compute VNets which are NSX managed
by the given transit VNet.
string
cidr IPv4 CIDR Block

Optional identifier for IPv4 CIDR Block based on which virtual networks
list can be filtered.
CidrBlock
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
op_status Azure VNet Operational Status

Operational status of the virtual network.		 AzureVnetOpStatus Readonly
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
region_id Region ID

Optional identifier for region based on which virtual networks list can
be filtered.
string
sort_ascending boolean
sort_by Field by which records are sorted string
vnet_id Virtual Network ID

Optional identifier for virtual network based on which virtual networks
list can be filtered. It consists of resourceGuid of Azure VNet.
string

AzureVnetListResult (schema)

Azure VNet List Result

Stores a list of Azure virtual networks.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Results

Array of Azure virtual networks.		 array of AzureVnet
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

AzureVnetOpStatus (schema)

Operational Status

Operational status of the azure virtual network. After
there are gateways deployed in a VNet, that VNet is called as transit
VNet and it's status will be set as NSX_MANAGED_BY_GATEWAY.
For all the compute VNets which are being managed by a transit VNet,
their status will be set as NSX_MANAGED_BY_TRANSIT_VNET.
NSX_GATEWAY_ERROR status means gateways are deployed in VNet, but no gateway
is UP and at least one gateway is DOWN, The remaining gateway can be in
NOT_AVAILABLE state. NSX_COMPUTE_ERROR status will be shown in compute VNet
when transit VNet is in NSX_GATEWAY_ERROR state.
Status for all the rest of the VNets will be NSX_UNMANAGED.
NSX_MANAGED is deprecated.

Name Description Type Notes
AzureVnetOpStatus Operational Status

Operational status of the azure virtual network. After
there are gateways deployed in a VNet, that VNet is called as transit
VNet and it's status will be set as NSX_MANAGED_BY_GATEWAY.
For all the compute VNets which are being managed by a transit VNet,
their status will be set as NSX_MANAGED_BY_TRANSIT_VNET.
NSX_GATEWAY_ERROR status means gateways are deployed in VNet, but no gateway
is UP and at least one gateway is DOWN, The remaining gateway can be in
NOT_AVAILABLE state. NSX_COMPUTE_ERROR status will be shown in compute VNet
when transit VNet is in NSX_GATEWAY_ERROR state.
Status for all the rest of the VNets will be NSX_UNMANAGED.
NSX_MANAGED is deprecated.
string Readonly
Enum: NSX_MANAGED_BY_GATEWAY, NSX_MANAGED_BY_TRANSIT_VNET, NSX_MANAGED, NSX_UNMANAGED, NSX_GATEWAY_ERROR, NSX_COMPUTE_ERROR

BFDDiagnosticCount (schema)

Name Description Type Notes
administratively_down_count Number of tunnels with administratively message

Number of tunnels with administratively down diagnostic message		 integer
concatenated_path_down_count Number of tunnels with concatenated message

Number of tunnels with concatenated path down diagnostic message		 integer
control_detection_time_expired_count Number of tunnels with expired message

Number of tunnels with control detection time expired diagnostic message		 integer
echo_function_failed_count Number of tunnels with failed message

Number of tunnels with echo function failed diagnostic message		 integer
forwarding_plane_reset_count Number of tunnels with reset message

Number of tunnels with forwarding plane reset diagnostic message		 integer
neighbor_signaled_session_down_count Number of tunnels neighbor signaled session down integer
no_diagnostic_count Number of tunnels with no diagnostic integer
path_down_count Number of tunnels with path down message

Number of tunnels with path down diagnostic message		 integer
reverse_concatenated_path_down_count Number of tunnels with reverse message

Number of tunnels with reverse concatenated path down diagnostic message		 integer

BFDProperties (schema)

BFD information

Name Description Type Notes
active True if tunnel is active in a gateway HA setup boolean Readonly
diagnostic Diagnostic message of a problem

A short message indicating what the BFD session thinks is wrong in case of a problem		 string Readonly
forwarding True if the BFD session believes this interface may be used to forward traffic boolean Readonly
remote_diagnostic Diagnostic message of a problem

A short message indicating what the remote interface's BFD session thinks is wrong in case of a problem		 string Readonly
remote_state State of the remote interface's BFD session string Readonly
Enum: UNKNOWN_STATE, ADMIN_DOWN, DOWN, INIT, UP
state State of the BFD session string Readonly
Enum: UNKNOWN_STATE, ADMIN_DOWN, DOWN, INIT, UP

BFDStatusCount (schema)

Name Description Type Notes
bfd_admin_down_count Number of tunnels in BFD admin down state int
bfd_down_count Number of tunnels in BFD down state int
bfd_init_count Number of tunnels in BFD init state int
bfd_up_count Number of tunnels in BFD up state int

BGPCommunityList (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
communities BGP community list

Array of BGP communities		 array of string Required
community_type BGP community type

BGP community type. It has two types as
NormalBGPCommunity BGP normal community which includes well-known
community name as well as community value in range from [1-4294967295]
or value in aa:nn format(aa/nn range from 1-65535).
LargeBGPCommunity BGP large community which includes community value
in aa:bb:nn format where aa, bb, nn are unsigned integers in the range
[1-4294967295].
string Enum: NormalBGPCommunity, LargeBGPCommunity
Default: "NormalBGPCommunity"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
logical_router_id Logical router id string Readonly
resource_type Must be set to the value BGPCommunityList string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

BGPCommunityListListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of bgp communities

Paginated list of bgp community lists		 array of BGPCommunityList
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

BackupConfiguration (schema)

Configuration for taking manual/automated backup

Name Description Type Notes
after_inventory_update_interval A number of seconds after a last backup, that needs to pass, before a topology change will trigger a generation of a new cluster/node backups. If parameter is not provided, then changes in a topology will not trigger a generation of cluster/node backups. integer Minimum: 300
Maximum: 86400
backup_enabled true if automated backup is enabled boolean Default: "False"
backup_schedule Set when backups should be taken - on a weekly schedule or at regular intervals. BackupSchedule
(Abstract type: pass one of the following concrete types)
IntervalBackupSchedule
WeeklyBackupSchedule
inventory_summary_interval The minimum number of seconds between each upload of the inventory summary to backup server. integer Minimum: 30
Maximum: 3600
Default: "240"
passphrase Passphrase used to encrypt backup files.

Passphrase used to encrypt backup files.
The passphrase specified must be at least 8 characters in length and must
contain at least one lowercase, one uppercase, one numeric character and one
special character (any other non-space character).
string Pattern: "^$|^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^a-zA-Z\d\s]).{8,}$"
remote_file_server The server to which backups will be sent. RemoteFileServer Required

BackupOperationHistory (schema)

Past backup operation details

Name Description Type Notes
cluster_backup_statuses Statuses of previous cluser backups array of BackupOperationStatus
inventory_backup_statuses Statuses of previous inventory backups array of BackupOperationStatus
node_backup_statuses Statuses of previous node backups array of BackupOperationStatus

BackupOperationStatus (schema)

Backup operation status

Name Description Type Notes
backup_id Unique identifier of a backup string Required
end_time Time when operation was ended EpochMsTimestamp
error_code Error code string Enum: BACKUP_NOT_RUN_ON_MASTER, BACKUP_SERVER_UNREACHABLE, BACKUP_AUTHENTICATION_FAILURE, BACKUP_PERMISSION_ERROR, BACKUP_TIMEOUT, BACKUP_BAD_FINGERPRINT, BACKUP_GENERIC_ERROR
error_message Error code details string
start_time Time when operation was started EpochMsTimestamp
success True if backup is successfully completed, else false boolean Required

BackupSchedule (schema)

Abstract base type for Weekly or Interval Backup Schedule

This is an abstract type. Concrete child types:
IntervalBackupSchedule
WeeklyBackupSchedule

Name Description Type Notes
resource_type Schedule type string Required
Enum: WeeklyBackupSchedule, IntervalBackupSchedule

BaseEndpoint (schema)

An endpoint to be used in redirection rule

Represents an endpoint which will be used as subject in rule.
It is a polymorphic type object which can be either of the types -
1. Virtual
2. Logical
We have 2 separate objects representing these 2 types.
VirtualEndPoint for Virtual type and ServiceInstanceEndpoint
for Logical.
This is an abstract type. Concrete child types:
ServiceInstanceEndpoint
VirtualEndpoint

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value BaseEndpoint string Required
Enum: VirtualEndpoint, ServiceInstanceEndpoint
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
target_ips IP addresses to redirect the traffic to

IPs where either inbound or outbound traffic is to be redirected.
array of IPInfo Required
Minimum items: 1
Maximum items: 1

BaseFirewallProfile (schema)

This is an abstract type. Concrete child types:
FirewallCpuMemThresholdsProfile
FirewallDnsProfile
FirewallFloodProtectionProfile
FirewallSessionTimerProfile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value BaseFirewallProfile string Required
Enum: FirewallSessionTimerProfile, FirewallCpuMemThresholdsProfile, FirewallFloodProtectionProfile, FirewallDnsProfile
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

BaseHostSwitchProfile (schema)

This is an abstract type. Concrete child types:
ExtraConfigHostSwitchProfile
LldpHostSwitchProfile
NiocProfile
UplinkHostSwitchProfile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
required_capabilities array of string Readonly
resource_type Must be set to the value BaseHostSwitchProfile HostSwitchProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

BaseNodeAggregateInfo (schema)

Name Description Type Notes
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
id Unique identifier of this resource string Readonly
node_interface_properties Array of Node interface statistic properties array of NodeInterfaceProperties Readonly
node_interface_statistics Array of Node network interface statistic properties array of NodeInterfaceStatisticsProperties Readonly
node_status ClusterNodeStatus Readonly
node_status_properties Time series of the node's system properties array of NodeStatusProperties

BasePolicyServiceInstance (schema)

Represents an instance of partner Service and its configuration

Represents an instance of partner Service and its configuration.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
deployment_mode Deployment Mode

Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode.		 string Enum: STAND_ALONE, ACTIVE_STANDBY
Default: "ACTIVE_STANDBY"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
partner_service_name Name of Partner Service

Unique name of Partner Service in the Marketplace		 string Required
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value BasePolicyServiceInstance string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_type Transport Type

Transport to be used while deploying Service-VM.		 string Enum: L2_BRIDGE, L3_ROUTED
Default: "L2_BRIDGE"

BaseRule (schema)

A rule represent base properties for ,dfw, forwarding, redirection rule

A rule indicates the action to be performed for various types of traffic flowing between workload groups.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
destination_groups Destination group paths

We need paths as duplicate names may exist for groups under different
domains.In order to specify all groups, use the constant "ANY". This
is case insensitive. If "ANY" is used, it should be the ONLY element
in the group array. Error will be thrown if ANY is used in conjunction
with other values.
array of string Maximum items: 128
destinations_excluded Negation of destination groups

If set to true, the rule gets applied on all the groups that are
NOT part of the destination groups. If false, the rule applies to the
destination groups
boolean Default: "False"
direction Direction

Define direction of traffic.
string Enum: IN, OUT, IN_OUT
Default: "IN_OUT"
disabled Flag to disable the rule

Flag to disable the rule. Default is enabled.		 boolean Default: "False"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_protocol IPv4 vs IPv6 packet type

Type of IP packet that should be matched while enforcing the rule.
The value is set to IPV4_IPV6 for Layer3 rule if not specified.
For Layer2/Ether rule the value must be null.
string Enum: IPV4, IPV6, IPV4_IPV6
logged Enable logging flag

Flag to enable packet logging. Default is disabled.		 boolean Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
notes Text for additional notes on changes

Text for additional notes on changes.		 string Maximum length: 2048
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
profiles Layer 7 service profiles

Holds the list of layer 7 service profile paths. These profiles accept
attributes and sub-attributes of various network services
(e.g. L4 AppId, encryption algorithm, domain name, etc) as key value
pairs.
array of string Maximum items: 128
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value BaseRule string
scope The list of policy paths where the rule is applied
LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied
on multiple LRs/LRPs.
array of string Maximum items: 128
sequence_number Sequence number of the this Rule

This field is used to resolve conflicts between multiple
Rules under Security or Gateway Policy for a Domain
int Minimum: 0
services Names of services

In order to specify all services, use the constant "ANY".
This is case insensitive. If "ANY" is used, it should
be the ONLY element in the services array. Error will be thrown
if ANY is used in conjunction with other values.
array of string Maximum items: 128
source_groups Source group paths

We need paths as duplicate names may exist for groups under different
domains. In order to specify all groups, use the constant "ANY". This
is case insensitive. If "ANY" is used, it should be the ONLY element
in the group array. Error will be thrown if ANY is used in conjunction
with other values.
array of string Maximum items: 128
sources_excluded Negation of source groups

If set to true, the rule gets applied on all the groups that are
NOT part of the source groups. If false, the rule applies to the
source groups
boolean Default: "False"
tag Tag applied on the rule

User level field which will be printed in CLI and packet logs.
string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

BaseRuleListResult (schema)

Paged Collection of Rules

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

BaseServiceInstance (schema)

Base Instance of a service

The deployment of a registered service. service instance is instantiation of service. This is an abstract type. Concrete child types:
ByodServiceInstance
ServiceInstance
VirtualServiceInstance

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
on_failure_policy On Failure Policy

Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to.		 string Enum: ALLOW, BLOCK
resource_type Must be set to the value BaseServiceInstance ServiceInstanceResourceType Required
service_id Service Id

The Service to which the service instance is associated.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_type Transport Type

Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection).		 string Required
Enum: L2_BRIDGE, L3_ROUTED, NSH, NA

BaseServiceProfile (schema)

Base Service Profile

Base Service Profile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value BaseServiceProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

BaseSwitchingProfile (schema)

This is an abstract type. Concrete child types:
IpDiscoverySwitchingProfile
MacManagementSwitchingProfile
PortMirroringSwitchingProfile
QosSwitchingProfile
SpoofGuardSwitchingProfile
SwitchSecuritySwitchingProfile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
required_capabilities array of string Readonly
resource_type Must be set to the value BaseSwitchingProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

BaseTier0Interface (schema)

Tier-0 interface configuration

Tier-0 interface configuration for external connectivity.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value BaseTier0Interface string
subnets IP address and subnet specification for interface

Specify IP address and network prefix for interface.
array of InterfaceSubnet Required
Minimum items: 1
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

BasicAuthenticationScheme (schema)

Name Description Type Notes
password Password to authenticate with string Required
scheme_name Authentication scheme name string Required
Enum: basic
username User name to authenticate with string Required
Pattern: "^.+$"

BatchParameter (schema)

Options that affect how batch operations are processed

Name Description Type Notes
atomic transactional atomicity for the batch of requests embedded in the batch list

use this flag if you want transactional atomicity		 boolean Default: "False"

BatchRequest (schema)

A set of operations to be performed in a single batch

Name Description Type Notes
continue_on_error Flag to decide if we will continue processing subsequent requests in case of current error for atomic = false. boolean Default: "True"
requests array of BatchRequestItem

BatchRequestItem (schema)

A single request within a batch of operations

Name Description Type Notes
body object
method method type(POST/PUT/DELETE/UPDATE)

http method type		 string Required
Enum: GET, POST, PUT, DELETE, PATCH
uri Internal uri of the call

relative uri (path and args), of the call including resource id (if this is a POST/DELETE), exclude hostname and port and prefix, exploded form of parameters		 string Required

BatchResponse (schema)

The reponse to a batch operation

Name Description Type Notes
has_errors errors indicator

Indicates if any of the APIs failed		 boolean
results Bulk list results array of BatchResponseItem Required
rolled_back indicates if all items were rolled back.

Optional flag indicating that all items were rolled back even if succeeded initially		 boolean

BatchResponseItem (schema)

A single respose in a list of batched responses

Name Description Type Notes
body object returned by api

object returned by api		 object
code object returned by api

http status code		 integer Required
headers object returned by api

The headers returned by the API call		 object

BfdConfig (schema)

BFD configuration for LogicalRouter

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
declare_dead_multiple Number of times a packet is missed before BFD declares the neighbor down. integer Minimum: 2
Maximum: 16
Default: "3"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Flag to enable BFD for this LogicalRouter boolean Default: "False"
id Unique identifier of this resource string Sortable
logical_router_id Logical router id string Readonly
receive_interval Receive interval for heartbeats

the time interval (in milliseconds) between heartbeat packets for BFD when receiving heartbeats.		 integer Minimum: 100
Maximum: 60000
Default: "1000"
resource_type Must be set to the value BfdConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transmit_interval Transmit interval for heartbeats

the time interval (in milliseconds) between heartbeat packets for BFD when sending heartbeats.		 integer Minimum: 100
Maximum: 60000
Default: "1000"

BfdConfigParameters (schema)

BFD configuration for the given Peer.

Name Description Type Notes
declare_dead_multiple Number of times a packet is missed before BFD declares the neighbor down. integer Minimum: 2
Maximum: 16
Default: "3"
receive_interval Receive interval for heartbeats

The time interval (in milliseconds) between heartbeat packets for BFD when receiving heartbeats.| For edge cluster type of bare metal, this value should be >= 300ms.| For edge cluster type of virtual machine or hybrid, this value should be >= 1000ms.		 integer Minimum: 300
Maximum: 60000
Default: "1000"
transmit_interval Transmit interval for heartbeats

The time interval (in milliseconds) between heartbeat packets for BFD when sending heartbeats.| For edge cluster type of bare metal, this value should be >= 300ms.| For edge cluster type of virtual machine or hybrid, this value should be >= 1000ms.		 integer Minimum: 300
Maximum: 60000
Default: "1000"

BfdHealthMonitoringProfile (schema)

Profile for BFD health monitoring

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Whether the heartbeat is enabled. A POST or PUT request with "enabled" false (with no probe intervals) will set (POST) or reset (PUT) the probe_interval to their default value. boolean Required
id Unique identifier of this resource string Sortable
latency_enabled Whether the latency is enabled.

The flag is to turn on/off latency. A POST or PUT request with "latency_enabled" true will enable NSX to send the networking latency data to thrid-party monitoring tools like vRNI.		 boolean
probe_interval The time interval (in millisec) between probe packets for tunnels between transport nodes. integer Minimum: 300
Default: "1000"
resource_type Must be set to the value BfdHealthMonitoringProfile string Required
Enum: BfdHealthMonitoringProfile
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

BgpAddressFamily (schema)

Name Description Type Notes
in_prefix_count Count of in prefixes

Count of in prefixes		 integer Readonly
out_prefix_count Count of out prefixes

Count of out prefixes		 integer Readonly
type BGP address family type

BGP address family type		 string Required
Readonly
Enum: IPV4_UNICAST, VPNV4_UNICAST, IPV6_UNICAST

BgpBfdConfig (schema)

BFD configuration for BGP peers

Name Description Type Notes
enabled Flag to enable BFD cofiguration

Flag to enable BFD cofiguration.		 boolean Default: "False"
interval Time interval between heartbeat packets in milliseconds

Time interval between heartbeat packets in milliseconds.
int Minimum: 300
Maximum: 60000
Default: "1000"
multiple Declare dead multiple

Declare dead multiple.
Number of times heartbeat packet is missed before BFD declares the
neighbor is down.
int Minimum: 2
Maximum: 16
Default: "3"

BgpConfig (schema)

BGP configuration for logical router

BGP configuration for Tier0 logical router. We create BGP configuration
while creation of Tier0 logical router.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
as_num 4 Byte ASN in ASPLAIN/ASDOT Format string
as_number Autonomous System Number

This is a deprecated property, Please use 'as_num' instead.		 integer Deprecated
Minimum: 1
Maximum: 4294967296
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
ecmp Flag to enable outbound ECMP

While creation of BGP config this flag will be set to
- true for Tier0 logical router with Active-Active high-availability
mode
- false for Tier0 logical router with Active-Standby high-availability
mode.
User can change this value while updating BGP config. If this property
is not specified in the payload, the default value will be considered
as true irrespective of the high-availability mode.
boolean Default: "True"
enabled Flag to enable this configuration

While creation of BGP config this flag will be set to
- true for Tier0 logical router with Active-Active high-availability
mode
- false for Tier0 logical router with Active-Standby high-availanility
mode.
User can change this value while updating the config. If this
property is not specified in the payload, the default value will be
considered as false irrespective of the high-availability mode.
boolean Default: "False"
graceful_restart Flag to enable graceful restart

Flag to enable graceful restart. This field is deprecated, kindly use
graceful_restart_config parameter for graceful restart configuration.
If both parameters are set and consistent with each other
[i.e. graceful_restart=false and graceful_restart_mode=HELPER_ONLY OR
graceful_restart=true and graceful_restart_mode=GR_AND_HELPER]
then this is allowed, but if inconsistent with each other then this
is not allowed and validation error will be thrown.
boolean Deprecated
graceful_restart_config BGP Graceful Restart configuration

Configuration parameters for BGP Graceful Restart functionality.
It has graceful_restart_mode and graceful_restart_timer parameters.
GracefulRestartConfig
id Unique identifier of this resource string Sortable
inter_sr_ibgp Inter SR IBGP configuration InterSRRoutingConfig
logical_router_id Logical router id string Readonly
multipath_relax Flag to enable BGP multipath relax option boolean Default: "True"
resource_type Must be set to the value BgpConfig string
route_aggregation List of routes to be aggregated array of BgpRouteAggregation Minimum items: 0
Maximum items: 1000
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

BgpGracefulRestartConfig (schema)

BGP Graceful Restart Configuration

Configuration field to hold BGP restart mode and timer.

Name Description Type Notes
mode BGP Graceful Restart Configuration Mode

If mode is DISABLE, then graceful restart and helper modes are disabled.
If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled.
If mode is HELPER_ONLY, then helper mode is enabled.
HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability
to preserve forwarding state during BGP restart.
GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart
to its peers.
string Enum: DISABLE, GR_AND_HELPER, HELPER_ONLY
Default: "HELPER_ONLY"
timer BGP Graceful Restart Timer

Configuration field to hold BGP restart timers.		 BgpGracefulRestartTimer

BgpGracefulRestartTimer (schema)

BGP Graceful Restart Timers

Configuration field to hold BGP restart timers

Name Description Type Notes
restart_timer BGP Graceful Restart Timer

Maximum time taken (in seconds) for a BGP session to be established after a restart.
This can be used to speed up routing convergence by its peer in case the BGP speaker
does not come back up after a restart. If the session is not re-established within this
timer, the receiving speaker will delete all the stale routes from that peer.
integer Minimum: 1
Maximum: 3600
Default: "180"
stale_route_timer BGP Stale Route Timer

Maximum time (in seconds) before stale routes are removed from the
RIB (Routing Information Base) when BGP restarts.
integer Minimum: 1
Maximum: 3600
Default: "600"

BgpNeighbor (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
address_families AddressFamily settings for the neighbor

User can enable the neighbor for the specific address families and also define filters per address family.
When the neighbor is created, it is default enabled for IPV4_UNICAST address family for backward compatibility reasons.
User can change that if required, by defining the address family configuration.
array of BgpNeighborAddressFamily
allow_as_in Flag to enable allowas_in option for BGP neighbor boolean Default: "False"
bfd_config BFD Configuration Parameters for the given peer.

By specifying these paramaters BFD config for this given peer can be overriden | (the globally configured values will not apply for this peer)		 BfdConfigParameters
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enable_bfd Enable BFD for this BGP Neighbor

Flag to enable BFD for this BGP Neighbor. Enable this if the neighbor supports BFD as this will lead to faster convergence.		 boolean Default: "False"
enabled Flag to enable this BGP Neighbor boolean Default: "True"
filter_in_ipprefixlist_id IPPrefix List to be used for IN direction filter for IPV4_UNICAST address family

This is a deprecated property, Please use 'address_family' instead.		 string Deprecated
filter_in_routemap_id RouteMap to be used for IN direction filter for IPV4_UNICAST address family

This is a deprecated property, Please use 'address_family' instead.		 string Deprecated
filter_out_ipprefixlist_id IPPrefixList to be used for OUT direction filter for IPV4_UNICAST address family

This is a deprecated property, Please use 'address_family' instead.		 string Deprecated
filter_out_routemap_id RouteMap to be used for OUT direction filter for IPV4_UNICAST address family

This is a deprecated property, Please use 'address_family' instead.		 string Deprecated
graceful_restart_mode Graceful Restart Mode

BGP Graceful Restart mode. If specified, then it will take precedence
over global Graceful Restart mode configured in logical router
BgpConfig otherwise BgpConfig level Graceful Restart mode will be
applicable for peer.
GracefulRestartMode
hold_down_timer Wait period (seconds) before declaring peer dead integer Minimum: 1
Maximum: 65535
Default: "180"
id Unique identifier of this resource string Sortable
keep_alive_timer Frequency (seconds) with which keep alive messages are sent to peers integer Minimum: 1
Maximum: 65535
Default: "60"
logical_router_id Logical router id string Readonly
maximum_hop_limit Maximum Number of hops allowed to reach BGP neighbor

This value is set on TTL(time to live) of BGP header.
When router receives the BGP packet, it decrements the TTL. The default
value of TTL is one when BPG request is initiated.So in the case of a
BGP peer multiple hops away and and value of TTL is one, then next
router in the path will decrement the TTL to 0, realize it cant forward
the packet and will drop it. If the hop count value to reach neighbor
is equal to or less than the maximum_hop_limit value then intermediate
router decrements the TTL count by one and forwards the request to
BGP neighour. If the hop count value is greater than the maximum_hop_limit
value then intermediate router discards the request when TTL becomes 0.
int Minimum: 1
Maximum: 255
Default: "1"
neighbor_address Neighbor IP Address IPAddress Required
password Password

User can create (POST) the neighbor with or without the password.
The view (GET) on the neighbor, would never reveal if the password is set or not.
The password can be set later using edit neighbor workFlow (PUT)
On the edit neighbor (PUT), if the user does not specify the password property, the
older value is retained. Maximum length of this field is 20 characters.
string Minimum length: 1
remote_as Autonomous System Number of the neighbor

This is a deprecated property, Please use 'remote_as_num' instead.		 integer Deprecated
Minimum: 1
Maximum: 4294967296
remote_as_num 4 Byte ASN of the neighbor in ASPLAIN/ASDOT Format string
resource_type Must be set to the value BgpNeighbor string
source_address Logical Router Uplink IP Address

Deprecated - do not provide a value for this field. Use source_addresses instead.		 IPAddress Deprecated
source_addresses Array of Logical Router Uplink IP Addresses

BGP neighborship will be formed from all these source addresses to this neighbour.		 array of IPAddress Maximum items: 8
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

BgpNeighborAddressFamily (schema)

Name Description Type Notes
enabled Enable this address family boolean Default: "True"
in_filter_ipprefixlist_id Id of the IPPrefix List to be used for IN direction filter string
in_filter_routemap_id Id of the RouteMap to be used for IN direction filter string
out_filter_ipprefixlist_id Id of the IPPrefixList to be used for OUT direction filter string
out_filter_routemap_id Id of the RouteMap to be used for OUT direction filter string
type Address family type AddressFamilyType Required

BgpNeighborConfig (schema)

BGP neighbor config

Contains information necessary to configure a BGP neighbor.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
allow_as_in Flag to enable allowas_in option for BGP neighbor boolean Default: "False"
bfd BFD configuration for failure detection

BFD configuration for failure detection.
BFD is enabled with default values when not configured.
BgpBfdConfig
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
graceful_restart_mode BGP Graceful Restart Configuration Mode

If mode is DISABLE, then graceful restart and helper modes are disabled.
If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled.
If mode is HELPER_ONLY, then helper mode is enabled.
HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability
to preserve forwarding state during BGP restart.
GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart
to its peers.
string Enum: DISABLE, GR_AND_HELPER, HELPER_ONLY
hold_down_time Wait time in seconds before declaring peer dead

Wait time in seconds before declaring peer dead.
int Minimum: 1
Maximum: 65535
Default: "180"
id Unique identifier of this resource string Sortable
in_route_filters Prefix-list or route map path for IN direction

Specify path of prefix-list or route map to filter routes for IN direction.
This property is deprecated, use route_filtering instead. Specifying different
values for both properties will result in error.
array of string Deprecated
Maximum items: 1
keep_alive_time Interval between keep alive messages sent to peer

Interval (in seconds) between keep alive messages sent to peer.
int Minimum: 1
Maximum: 65535
Default: "60"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
maximum_hop_limit Maximum number of hops allowed to reach BGP neighbor

Maximum number of hops allowed to reach BGP neighbor.
int Minimum: 1
Maximum: 255
Default: "1"
neighbor_address Neighbor IP Address IPAddress Required
out_route_filters Prefix-list or route map path for OUT direction

Specify path of prefix-list or route map to filter routes for OUT direction.
When not specified, a built-in prefix-list named 'prefixlist-out-default'
is automatically applied.
This property is deprecated, use route_filtering instead. Specifying different
values for both properties will result in error.
array of string Deprecated
Maximum items: 1
parent_path Path of its parent

Path of its parent		 string Readonly
password Password

Specify password for BGP neighbor authentication.
Empty string ("") clears existing password.
string Minimum length: 0
Maximum length: 20
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
remote_as_num 4 Byte ASN of the neighbor in ASPLAIN Format string Required
resource_type Must be set to the value BgpNeighborConfig string
route_filtering Enable address families and route filtering in each direction

Enable address families and route filtering in each direction.
array of BgpRouteFiltering Maximum items: 1
source_addresses Source IP Addresses for BGP peering

Source addresses should belong to Tier0 external or loopback interface
IP Addresses . BGP peering is formed from all these addresses.
This property is mandatory when maximum_hop_limit is greater than 1.
array of IPAddress Maximum items: 8
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

BgpNeighborConfigListRequestParameters (schema)

Routing Config list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

BgpNeighborConfigListResult (schema)

Paged collection of BGP Neighbor Configs

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results BGP neighbor configs list results array of BgpNeighborConfig Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

BgpNeighborListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of bgp neighbors array of BgpNeighbor Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

BgpNeighborRouteDetails (schema)

BGP neighbor route details

BGP neighbor learned/advertised route details.

Name Description Type Notes
logical_router_id Logical router id string Required
Readonly
neighbor_address Neighbor IP address

BGP neighbor peer IP address.		 IPAddress Required
Readonly
neighbor_id BGP neighbor id string Required
Readonly
per_transport_node_routes Route details per transport node

Array of BGP neighbor route details per transport node.
array of RoutesPerTransportNode Readonly

BgpNeighborRouteDetailsCsvRecord (schema)

BGP neighbor route details

BGP neighbor learned/advertised route details.

Name Description Type Notes
as_path AS path

BGP AS path attribute.		 string Readonly
local_pref Local preference

BGP Local Preference attribute.		 integer Readonly
logical_router_id Logical router id

Logical router id		 string Required
Readonly
med Multi Exit Discriminator

BGP Multi Exit Discriminator attribute.		 integer Readonly
neighbor_address Neighbor IP address

BGP neighbor peer IP address.		 IPAddress Required
Readonly
neighbor_id BGP neighbor id

BGP neighbor id		 string Required
Readonly
network CIDR network address

CIDR network address.		 IPCIDRBlock Required
Readonly
next_hop Next hop IP address

Next hop IP address.		 IPAddress Readonly
source_address BGP neighbor source address

BGP neighbor source address.		 IPAddress Readonly
transport_node_id Transport node id

Transport node id		 string Required
Readonly
weight Weight

BGP Weight attribute.		 integer Readonly

BgpNeighborRouteDetailsInCsvFormat (schema)

Name Description Type Notes
file_name File name

File name set by HTTP server if API returns CSV result as a file.		 string
results array of BgpNeighborRouteDetailsCsvRecord

BgpNeighborRoutes (schema)

BGP neighbor route details

BGP neighbor learned/advertised route details.

Name Description Type Notes
egde_node_routes Route details per transport node

Array of BGP neighbor route details per edge node.
array of RoutesPerTransportNode Readonly
enforcement_point_path Enforcement point policy path string Required
Readonly
neighbor_path BGP neighbor policy path string Required
Readonly

BgpNeighborRoutesListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of Bgp neighbor routes

Paged Collection of Bgp neighbor routes.		 array of BgpNeighborRoutes
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

BgpNeighborStatus (schema)

Name Description Type Notes
address_families Address families of BGP neighbor

Address families of BGP neighbor		 array of BgpAddressFamily Readonly
announced_capabilities BGP capabilities sent to BGP neighbor. array of string Readonly
connection_drop_count Count of connection drop integer Readonly
connection_state Current state of the BGP session. string Readonly
Enum: INVALID, IDLE, CONNECT, ACTIVE, OPEN_SENT, OPEN_CONFIRM, ESTABLISHED, UNKNOWN
established_connection_count Count of connections established integer Readonly
graceful_restart Graceful restart flag

Current state of graceful restart where
graceful_restart = true indicates graceful restart is enabled and
graceful_restart = false indicates graceful restart is disabled.
This is deprecated field, use graceful_restart_mode instead.
boolean Deprecated
Readonly
graceful_restart_mode Graceful restart mode

Current state of graceful restart of BGP neighbor. Possible
values are -
1. GR_AND_HELPER - Graceful restart with Helper
2. HELPER_ONLY - Helper only
3. DISABLE - Disabled
string Readonly
hold_time Time in ms to wait for HELLO from BGP peer. If a HELLO packet is not seen from BGP Peer withing hold_time then BGP neighbor will be marked as down. integer Readonly
keep_alive_interval Time in ms to wait for HELLO packet from BGP peer integer Readonly
local_port TCP port number of Local BGP connection integer Readonly
Minimum: 1
Maximum: 65535
lr_component_id Logical router component(Service Router/Distributed Router) id string Required
Readonly
messages_received Count of messages received from the neighbor integer Readonly
messages_sent Count of messages sent to the neighbor integer Readonly
negotiated_capability BGP capabilities negotiated with BGP neighbor. array of string Readonly
neighbor_address The IP of the BGP neighbor IPAddress Readonly
neighbor_router_id Router ID of the BGP neighbor. IPAddress Readonly
remote_as_number AS number of the BGP neighbor string Readonly
remote_port TCP port number of remote BGP Connection integer Readonly
Minimum: 1
Maximum: 65535
source_address The Ip address of logical port IPAddress Readonly
time_since_established Time(in milliseconds) since connection was established. integer Readonly
total_in_prefix_count Count of in prefixes

Sum of in prefixes counts across all address families.		 integer Readonly
total_out_prefix_count Count of out prefixes

Sum of out prefixes counts across all address families.		 integer Readonly
transport_node Transport node id and name ResourceReference Readonly

BgpNeighborsStatusListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
last_update_timestamp Timestamp indicating last update time of data

Timestamp when the data was last updated, unset if data source has never updated the data.		 EpochMsTimestamp Readonly
logical_router_id Logical router id string Required
Readonly
logical_router_name Name of the logical router string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Status of BGP neighbors of the logical router array of BgpNeighborStatus Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

BgpRouteAggregation (schema)

Name Description Type Notes
prefix cidr of the aggregate address IPCIDRBlock Required
summary_only Flag to send only summarized route boolean Default: "True"

BgpRouteFiltering (schema)

Enable address_families and route filtering in each direction

Name Description Type Notes
address_family Address family type

Address family type.
If not configured, this property automatically derived for IPv4 & IPv6
peer configuration.		 string Enum: IPV4, IPV6
enabled Enable address family

Flag to enable address family.		 boolean Default: "True"
in_route_filters Prefix-list or route map path for IN direction

Specify path of prefix-list or route map to filter routes for IN direction.
array of string Maximum items: 1
out_route_filters Prefix-list or route map path for OUT direction

Specify path of prefix-list or route map to filter routes for OUT direction.
When not specified, a built-in prefix-list named 'prefixlist-out-default'
is automatically applied.
array of string Maximum items: 1

BgpRoutesRequestParameters (schema)

BGP Routes request parameters

Name Description Type Notes
count Number of routes to retrieve

Number of routes to return in response.
Not used when routes are requested in CSV format.
int Minimum: 1
Default: "1000"
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
enforcement_point_path Enforcement point path

String Path of the enforcement point.
When not specified, routes from all enforcement-points are returned.
This property is required for retrieving routes in CSV format.
string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

BgpRoutingConfig (schema)

BGP routing config

Contains BGP routing configuration.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
ecmp Flag to enable ECMP

Flag to enable ECMP.
boolean Default: "True"
enabled Flag to enable BGP configuration

Flag to enable BGP configuration. Disabling will stop feature and
BGP peering.
boolean Default: "True"
graceful_restart Flag to enable graceful restart

Flag to enable graceful restart. This field is deprecated, please use
graceful_restart_config parameter for graceful restart configuration.
If both parameters are set and consistent with each other
(i.e. graceful_restart=false and graceful_restart_mode=HELPER_ONLY OR
graceful_restart=true and graceful_restart_mode=GR_AND_HELPER)
then this is allowed, but if inconsistent with each other then this
is not allowed and validation error will be thrown.
boolean Deprecated
graceful_restart_config BGP Graceful Restart Configuration

Configuration field to hold BGP Restart mode and timer.		 BgpGracefulRestartConfig
id Unique identifier of this resource string Sortable
inter_sr_ibgp Enable inter SR IBGP configuration

Flag to enable inter SR IBGP configuration.
When not specified, inter SR IBGP is automatically enabled if Tier-0
is created in ACTIVE_ACTIVE ha_mode.
boolean
local_as_num BGP AS number in ASPLAIN/ASDOT Format

Specify BGP AS number for Tier-0 to advertize to BGP peers.
AS number can be specified in ASPLAIN (e.g., "65546") or
ASDOT (e.g., "1.10") format. Empty string disables BGP feature.
string Required
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
multipath_relax Flag to enable BGP multipath relax option

Flag to enable BGP multipath relax option.		 boolean Default: "True"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value BgpRoutingConfig string
route_aggregations List of routes to be aggregated

List of routes to be aggregated.
array of RouteAggregationEntry Maximum items: 1000
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

BinaryPacketData (schema)

Name Description Type Notes
frame_size Requested total size of the (logical) packet in bytes

If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message. The frame will be zero padded to the requested size.		 integer Minimum: 60
Maximum: 1000
Default: "128"
payload RFC3548 compatible base64 encoded full payload

Up to 1000 bytes of payload may be supplied (with a base64-encoded length of 1336 bytes.) Additional bytes of traceflow metadata will be appended to the payload. The payload must contain all headers (Ethernet, IP, etc). Note that VLAN is not supported in the logical space. Hence, payload must not contain 802.1Q headers.		 string Maximum length: 1336
resource_type Must be set to the value BinaryPacketData string Required
Enum: BinaryPacketData, FieldsPacketData
Default: "FieldsPacketData"
routed A flag, when set true, indicates that the traceflow packet is of L3 routing. boolean
transport_type transport type of the traceflow packet string Enum: BROADCAST, UNICAST, MULTICAST, UNKNOWN
Default: "UNICAST"

BlackholeAction (schema)

Action to be taken on matching packets for NULL routes. For action is DISCARD, matching packets are dropped rather than forwarded.

Name Description Type Notes
BlackholeAction Action to be taken on matching packets for NULL routes. For action is DISCARD, matching packets are dropped rather than forwarded. string Enum: DISCARD

BpduFilter (schema)

BPDU filter configuration

Name Description Type Notes
enabled Indicates whether BPDU filter is enabled boolean Required
white_list Pre-defined list of allowed MAC addresses to be excluded from BPDU filtering array of string Minimum items: 0
Maximum items: 32

BridgeCluster (schema)

Bridge Cluster

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
bridge_nodes Nodes used in bridging array of BridgeClusterNode Maximum items: 2
cluster_profile_bindings Bridge cluster profile bindings array of ClusterProfileTypeIdEntry
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value BridgeCluster string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

BridgeClusterListResult (schema)

Bridge cluster queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results BridgeCluster Results array of BridgeCluster Required
Readonly
Minimum items: 0
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

BridgeClusterNode (schema)

Bridge transport node

Name Description Type Notes
ha_mac MAC address used for HA protocol MACAddress Readonly
transport_node_id UUID of the transport node string Required
Maximum length: 36

BridgeClusterStatus (schema)

Name Description Type Notes
cluster_id The id of the cluster string Required
Readonly
health The health status of the cluster string Required
Readonly
Enum: UP, DOWN, DEGRADED, UNKNOWN
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly

BridgeEndpoint (schema)

Bridge Endpoint

A bridge endpoint can be created on a bridge cluster or on an edge
cluster. Few of the properties of this class will not be used depending on
the type of bridge endpoint being created. When creating a bridge endpoint
on a bridge cluster, following propeties will be used: vlan,
bridge_cluster_id and ha_enable. Similarly, for creating a bridge endpoint
on an edge cluster following properties will be used: vlan,
bridge_endpoint_profile_id and vlan_transport_zone_id.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
bridge_cluster_id UUID of the bridge cluster for this bridge endpoint

This field will not be used if an edge cluster is being used for the
bridge endpoint
string Maximum length: 36
bridge_endpoint_profile_id Bridge endpoint profile used by the edge cluster

This field will not be used if a bridge cluster is being used for the
bridge endpoint
string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
ha_enable Controls the enabling of HA on the VLAN for this endpoint

This field will not be used if an edge cluster is being used for the
bridge endpoint
boolean Default: "True"
id Unique identifier of this resource string Sortable
resource_type Must be set to the value BridgeEndpoint string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
uplink_teaming_policy_name The name of the switching uplink teaming policy for the bridge endpoint

This name has to be one of the switching uplink teaming policy names listed inside the TransportZone. If this field is not specified, bridge will use the first pnic in host-switch config. This field will not be used if a bridge cluster is being used for the bridge endpoint		 string
vlan This property is used for VLAN specification of bridge endpoint.
It's mutually exclusive with 'vlan_trunk_spec', either 'vlan' or 'vlan_trunk_spec'
should be specified.
VlanID
vlan_transport_zone_id VLAN transport zone id by the edge cluster

This field will not be used if a bridge cluster is being used for the
bridge endpoint
string
vlan_trunk_spec VLAN trunk spec of edge bridge endpoint

This property is used for VLAN trunk specification of edge bridge endpoint.
It's mutually exclusive with 'vlan', either 'vlan' or 'vlan_trunk_spec'
should be specified.
VlanTrunkSpec

BridgeEndpointListResult (schema)

Bridge Endpoint queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results BridgeEndpoint Results array of BridgeEndpoint Required
Readonly
Minimum items: 0
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

BridgeEndpointProfile (schema)

Bridge Endpoint Profile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
edge_cluster_id UUID of the edge cluster for this bridge endpoint string Required
Maximum length: 36
edge_cluster_member_indexes Indexes of the member hosts of the edge bridge cluster

First index will be used as the preferred member		 array of int
failover_mode Failover mode for the edge bridge cluster

Faileover mode can be preemmptive or non-preemptive		 string Enum: PREEMPTIVE, NON_PREEMPTIVE
Default: "PREEMPTIVE"
high_availability_mode High availability mode for the edge bridge cluster

High avaialability mode can be active-active or active-standby		 string Enum: ACTIVE_STANDBY
Default: "ACTIVE_STANDBY"
id Unique identifier of this resource string Sortable
resource_type Must be set to the value BridgeEndpointProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

BridgeEndpointProfileListResult (schema)

Bridge Endpoint Profile queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results BridgeEndpointProfile Results array of BridgeEndpointProfile Required
Readonly
Minimum items: 0
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

BridgeEndpointProfileRequestParameters (schema)

Bridge Endpoint Profile request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
edge_cluster_id Edge Cluster Identifier string
failover_mode string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

BridgeEndpointRequestParameters (schema)

Bridge Endpoint request parameters

When querying for bridge endpoints on a bridge cluster, following
parameters can be used: bridge_cluster_id and logical_switch_id. When
querying for bridge endpoints on an edge cluster, following parameters
can be used: bridge_endpoint_profile_id, vlan_transport_zone_id and
logical_switch_id. When multiple parameters are provided they will be
anded together. if bridge_cluster_id is used along with
bridge_endpoint_profile_id or vlan_transport_zone_id an error will be
thrown.

Name Description Type Notes
bridge_cluster_id Bridge Cluster Identifier

If provided, only bridge endpoints associated with the given bridge
cluster will be returned.
string
bridge_endpoint_profile_id Bridge endpoint profile used by the edge cluster

If provided, only bridge endpoints associated with the given bridge
endpoint profile will be returned.
string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
logical_switch_id Logical Switch Identifier

If provided, only bridge endpoints associated with the given logical
switch will be returned.
string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
vlan_transport_zone_id VLAN transport zone id used by the edge cluster

If provided, only bridge endpoints associated with the given transport
zone will be returned.
string

BridgeEndpointStatistics (schema)

Name Description Type Notes
endpoint_id The id of the bridge endpoint string Required
Readonly
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
rx_bytes DataCounter Readonly
rx_packets DataCounter Readonly
tx_bytes DataCounter Readonly
tx_packets DataCounter Readonly

BridgeEndpointStatus (schema)

Name Description Type Notes
active_nodes The Ids of the transport nodes which actively serve the endpoint. array of string Readonly
endpoint_id The id of the bridge endpoint string Required
Readonly
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly

BridgeHighAvailabilityClusterProfile (schema)

Profile for BFD HA cluster setting

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
bfd_probe_interval the time interval (in millisec) between probe packets for heartbeat purpose integer Minimum: 300
Maximum: 60000
Default: "1000"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enable whether the heartbeat is enabled boolean Default: "True"
id Unique identifier of this resource string Sortable
resource_type Must be set to the value BridgeHighAvailabilityClusterProfile ClusterProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

BrokerProperties (schema)

Information about a management plane node this transport node is configured to communicate with

Name Description Type Notes
BrokerFqdn Fully qualified domain name of the message bus broker on the management plane node. string
BrokerIpAddress IP address or hostname of the message bus broker on the management plane node. HostnameOrIPv4Address Required
BrokerIsMaster Indicates whether this broker is the master. string
BrokerPort Port number of the message bus broker on the management plane node. string
BrokerSslCertThumbprint Certificate thumbprint of the message bus broker on the management plane node. string Required
BrokerVirtualHost Type of host running the broker. string

ByodPolicyServiceInstance (schema)

Represents instance of self wiring partner's service

Represents an instance of partner's service whose wiring will be done by partner itself.
As partner does all the wiring, we call it as Byod - Bring your own device.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
deployment_mode Deployment Mode

Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode.		 string Enum: STAND_ALONE, ACTIVE_STANDBY
Default: "ACTIVE_STANDBY"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
partner_service_name Name of Partner Service

Unique name of Partner Service in the Marketplace		 string Required
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value ByodPolicyServiceInstance string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_type Transport Type

Transport to be used while deploying Service-VM.		 string Enum: L2_BRIDGE, L3_ROUTED
Default: "L2_BRIDGE"

ByodPolicyServiceInstanceListResult (schema)

Collection of only Byod SI objects

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Byod Service instance list results array of ByodPolicyServiceInstance Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ByodServiceInstance (schema)

Custom Instance of a service

ByodServiceInstance is a custom instance to be used when NSX is not handling the lifecycles of appliance/s. User will manage their own appliance (BYOD) to connect with NSX.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
deployment_mode Deployment Mode

Deployment mode specifies where the partner appliance will be deployed in HA or non-HA i.e standalone mode.		 string Required
Enum: STAND_ALONE, ACTIVE_STANDBY
Default: "ACTIVE_STANDBY"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
on_failure_policy On Failure Policy

Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to.		 string Enum: ALLOW, BLOCK
resource_type Must be set to the value ByodServiceInstance ServiceInstanceResourceType Required
service_id Service Id

The Service to which the service instance is associated.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_type Transport Type

Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection).		 string Required
Enum: L2_BRIDGE, L3_ROUTED, NSH, NA

CCPUpgradeStatus (schema)

Status of CCP upgrade

Name Description Type Notes
can_skip Can the upgrade of the remaining units in this component be skipped boolean Readonly
component_type Component type for the upgrade status string Readonly
current_version_node_summary Mapping of current versions of nodes and counts of nodes at the respective versions. NodeSummaryList Readonly
details Details about the upgrade status string Readonly
node_count_at_target_version Count of nodes at target component vrin

Number of nodes of the type and at the component version		 int Readonly
percent_complete Indicator of upgrade progress in percentage number Required
Readonly
pre_upgrade_status Pre-upgrade status of the component-type UpgradeChecksExecutionStatus Readonly
status Upgrade status of component string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED
target_component_version Target component version string Readonly

CallbackAuthenticationScheme (schema)

CallbackAuthenticationScheme describes how notification requests should authenticate to the server.

Name Description Type Notes
certificate_id Valid certificate ID

Certificate ID with a valid certificate and private key, procured from trust-management API.		 string
password Password for authentication

Password to use if scheme_name is BASIC_AUTH.		 string
scheme_name Authentication scheme to use when making notification requests

Authentication scheme to use when making notification requests to the partner console. Specify one of BASIC_AUTH or CERTIFICATE.		 string Required
Enum: BASIC_AUTH, CERTIFICATE
username Username for authentication

Username to use if scheme_name is BASIC_AUTH.		 string

CapacityDashboardUsage (schema)

Name Description Type Notes
current_usage_count Current usage count of object type

Indicate the current usage count of object type.
integer Required
current_usage_percentage Current usage percentage

Current usage percentage for object type
number Required
display_name User friendly name for object type

Display name for NSX object type.
string Required
max_supported_count Maximum supported count for object type

This is the maximum supported count for object type in consideration.
integer Required
max_threshold_percentage Max threshold percentage for object type

This indicates the maximum threshold percentage for object type.
number Required
min_threshold_percentage Min threshold percentage for object type

This indicates the minimum threshold percentage for object type.
number Required
severity Severity calculated from percentage usage

Severity calculated from percentage usage
string Required
Enum: INFO, WARNING, CRITICAL, ERROR
usage_type Object type for which usage is fetched

Indicate the object type for which usage is calculated.
string Required
Enum: NUMBER_OF_LOGICAL_SWITCHES, NUMBER_OF_PREPARED_HOSTS, NUMBER_OF_SYSTEM_WIDE_VIFS, NUMBER_OF_NSGROUP, NUMBER_OF_VCENTER_CLUSTERS, NUMBER_OF_GI_PROTECTED_HOSTS, NUMBER_OF_GI_PROTECTED_VMS, NUMBER_OF_DFW_RULES, NUMBER_OF_DFW_SECTIONS, NUMBER_OF_L2_DFW_SECTIONS, NUMBER_OF_L3_DFW_SECTIONS, NUMBER_OF_L2_DFW_RULES, NUMBER_OF_L3_DFW_RULES, NUMBER_OF_L3_EDGE_SECTIONS, NUMBER_OF_L3_EDGE_RULES, NUMBER_OF_L3_BRIDGEPORT_SECTIONS, NUMBER_OF_L3_BRIDGEPORT_RULES, NUMBER_OF_IPSETS, NUMBER_OF_GROUPS_BASED_ON_IP_SETS, NUMBER_OF_LOGICAL_PORTS, NUMBER_OF_EDGE_CLUSTERS, NUMBER_OF_EDGE_NODES, NUMBER_OF_TIER0_ROUTERS, NUMBER_OF_TIER1_ROUTERS, NUMBER_OF_PREFIX_LIST, NUMBER_OF_NAT_RULES, NUMBER_OF_TIER1_WITH_NAT_RULE, NUMBER_OF_DHCP_SERVERS, NUMBER_OF_DHCP_IP_POOLS, NUMBER_OF_ACTIVE_DIRECTORY_GROUPS, NUMBER_OF_ACTIVE_DIRECTORY_DOMAINS, NUMBER_OF_FIREWALL_SECTIONS, NUMBER_OF_FIREWALL_RULES

CapacityThreshold (schema)

Name Description Type Notes
max_threshold_percentage Maximum threshold percentage

Set the maximum threshold percentage. Specify a value between 0 and
100. Usage percentage above this value is tagged as critical.
number Required
Minimum: 0
Maximum: 100
min_threshold_percentage Minimum threshold percentage

Set the minimum threshold percentage. Specify a value between 0 and
100. Usage percentage above this value is tagged as warning.
number Required
Minimum: 0
Maximum: 100
threshold_type Object type for which threshold is to be set

Indicate the object type for which threshold is to be set.
string Required
Enum: NUMBER_OF_LOGICAL_SWITCHES, NUMBER_OF_PREPARED_HOSTS, NUMBER_OF_SYSTEM_WIDE_VIFS, NUMBER_OF_NSGROUP, NUMBER_OF_VCENTER_CLUSTERS, NUMBER_OF_GI_PROTECTED_HOSTS, NUMBER_OF_GI_PROTECTED_VMS, NUMBER_OF_DFW_RULES, NUMBER_OF_DFW_SECTIONS, NUMBER_OF_IPSETS, NUMBER_OF_GROUPS_BASED_ON_IP_SETS, NUMBER_OF_LOGICAL_PORTS, NUMBER_OF_EDGE_CLUSTERS, NUMBER_OF_EDGE_NODES, NUMBER_OF_TIER0_ROUTERS, NUMBER_OF_TIER1_ROUTERS, NUMBER_OF_PREFIX_LIST, NUMBER_OF_NAT_RULES, NUMBER_OF_TIER1_WITH_NAT_RULE, NUMBER_OF_DHCP_SERVERS, NUMBER_OF_DHCP_IP_POOLS, NUMBER_OF_ACTIVE_DIRECTORY_GROUPS, NUMBER_OF_ACTIVE_DIRECTORY_DOMAINS, NUMBER_OF_FIREWALL_SECTIONS, NUMBER_OF_FIREWALL_RULES, GLOBAL_DEFAULT

CapacityThresholdList (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
capacity_thresholds List of capacity thresholds for NSX Objects array of CapacityThreshold Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value CapacityThresholdList string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CapacityUsage (schema)

usage of each capacity type ex. vm, cpu

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
capacity_type type of the capacity field string Readonly
usage_count count of number of items of capacity_type integer Readonly

CapacityUsageMetaInfo (schema)

Name Description Type Notes
last_updated_timestamp Timestamp at which capacity usage was last calculated EpochMsTimestamp Required
max_global_threshold_percentage Maximum global threshold percentage

Indicates the maximum global threshold percentage
number Required
min_global_threshold_percentage Minimum global threshold percentage

Indicates the minimum global threshold percentage
number Required

CapacityUsageRequestParameters (schema)

Parameter to force inline calculation.

Name Description Type Notes
category Category of attributes for which capacity details need to be fetched.
Supported categories are security, inventory, networking and system.
User can provide comma separated list of multiple categories.
string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
force Parameter to force inline calculation instead of retrieving
cached results.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

CapacityUsageResponse (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
capacity_usage List of capacity usage for NSX Objects array of CapacityDashboardUsage Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
meta_info Meta data for capacity usage statistics object Required
resource_type Must be set to the value CapacityUsageResponse string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CdpStatusType (schema)

Status types supported of the CrlDistributionPoint

Name Description Type Notes
CdpStatusType Status types supported of the CrlDistributionPoint string Enum: NOT_READY, FETCHING, READY, ERROR

Certificate (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
details list of X509Certificates array of X509Certificate Readonly
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
pem_encoded pem encoded certificate data string Required
resource_type Must be set to the value Certificate string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
used_by list of node IDs with services, that are using this certificate array of NodeIdServicesMap Readonly

CertificateId (schema)

Name Description Type Notes
certificate_id Certificate ID string Required
Readonly

CertificateKeyPair (schema)

Name Description Type Notes
certificate SecurityCertificate Required
rsa_private_key PEM encoded RSA private key

The private key must include the enclosing "-----BEGIN RSA PRIVATE KEY-----" and "-----END RSA PRIVATE KEY-----". An empty string is returned in read responses.		 string Required
Minimum length: 60

CertificateList (schema)

Certificate queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Certificate list array of Certificate Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ChildBgpNeighborConfig (schema)

Wrapper object for BgpNeighborConfig

Child wrapper object for BgpNeighborConfig, used in hierarchical API.

Name Description Type Notes
BgpNeighborConfig BgpNeighborConfig

Contains the actual BgpNeighborConfig object.
BgpNeighborConfig Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildBgpNeighborConfig string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildBgpRoutingConfig (schema)

Wrapper object for BgpRoutingConfig

Child wrapper object for BgpRoutingConfig, used in hierarchical API.

Name Description Type Notes
BgpRoutingConfig BgpRoutingConfig

Contains the actual BgpRoutingConfig object.
BgpRoutingConfig Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildBgpRoutingConfig string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildByodPolicyServiceInstance (schema)

Wrapper object for ByodPolicyServiceInstance

Child wrapper object for ByodPolicyServiceInstance used in hierarchical API.

Name Description Type Notes
ByodPolicyServiceInstance ByodPolicyServiceInstance

Contains actual ByodPolicyServiceInstance.
ByodPolicyServiceInstance Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildByodPolicyServiceInstance string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildCommunicationEntry (schema) (Deprecated)

Wrapper object for CommunicationEntry

Child wrapper object for CommunicationEntry, used in hierarchical API This type is deprecated. Use the type ChildRule instead.

Name Description Type Notes
CommunicationEntry CommunicationEntry

Contains the actual CommunicationEntry object.
CommunicationEntry Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildCommunicationEntry string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildCommunicationMap (schema) (Deprecated)

Wrapper object for CommunicationMap

Child wrapper object for CommunicationMap, used in hierarchical API This type is deprecated. Use the type ChildSecurityPolicy instead.

Name Description Type Notes
CommunicationMap CommunicationMap

Contains the actual CommunicationMap object.
CommunicationMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildCommunicationMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildCommunityList (schema)

Wrapper object for CommunityList

Child wrapper object for CommunityList, used in hierarchical API

Name Description Type Notes
CommunityList CommunityList

Contains the actual CommunityList object
CommunityList Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildCommunityList string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildComputeClusterIdfwConfiguration (schema)

Wrapper object for ComputeClusterIdfwConfiguration

Name Description Type Notes
ComputeClusterIdfwConfiguration ComputeClusterIdfwConfiguration

Contains the actual compute cluster idfw configuration object.
ComputeClusterIdfwConfiguration Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildComputeClusterIdfwConfiguration string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildConstraint (schema)

Wrapper object for Constraint

Child wrapper object for Constraint, used in hierarchical API

Name Description Type Notes
Constraint Constraint

Contains the actual Constraint object
Constraint Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildConstraint string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildDeploymentZone (schema) (Deprecated)

Wrapper object for DeploymentZone

Child wrapper object for DeploymentZone, used in hierarchical API

Name Description Type Notes
DeploymentZone DeploymentZone

Contains the actual DeploymentZone object
DeploymentZone Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildDeploymentZone string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildDfwFirewallConfiguration (schema) (Experimental)

Wrapper object for FirewallConfiguration

Name Description Type Notes
DfwFirewallConfiguration Dfw Firewall Configuration

Contains the actual dfw firewall configuration list object.
DfwFirewallConfiguration Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildDfwFirewallConfiguration string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildDhcpRelayConfig (schema)

Wrapper object for DhcpRelayConfig

Child wrapper object for DhcpRelayConfig, used in hierarchical API

Name Description Type Notes
DhcpRelayConfig DhcpRelayConfig

Contains the actual DhcpRelayConfig object
DhcpRelayConfig Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildDhcpRelayConfig string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildDhcpServerConfig (schema)

Wrapper object for DhcpServerConfig

Child wrapper object for DhcpServerConfig, used in hierarchical API

Name Description Type Notes
DhcpServerConfig DhcpServerConfig

Contains the actual DhcpServerConfig object
DhcpServerConfig Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildDhcpServerConfig string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildDnsSecurityProfile (schema)

Wrapper object for DnsSecurityProfile

Child wrapper object for DnsSecurityProfile, used in hierarchical API

Name Description Type Notes
DnsSecurityProfile DnsSecurityProfile

Contains the actual DnsSecurityProfile object
DnsSecurityProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildDnsSecurityProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildDnsSecurityProfileBindingMap (schema)

Wrapper object for DnsSecurityProfileBindingMap

Child wrapper obejct for DnsSecurityProfileBindingMap used in hierarchical API

Name Description Type Notes
DnsSecurityProfileBindingMap DnsSecurityProfileBindingMap

Contains the actual DnsSecurityProfileBindingMap object
DnsSecurityProfileBindingMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildDnsSecurityProfileBindingMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildDomain (schema)

Wrapper object for Domain

Child wrapper object for domain, used in hierarchical API.

Name Description Type Notes
Domain Domain

Contains the actual domain object.
Domain Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildDomain string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildDomainDeploymentMap (schema)

Wrapper object for DomainDeploymentMap

Child wrapper object for DomainDeploymentMap, used in hierarchical API

Name Description Type Notes
DomainDeploymentMap DomainDeploymentMap

Contains the actual DomainDeploymentMap object
DomainDeploymentMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildDomainDeploymentMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildEndpointPolicy (schema)

Wrapper object for Endpoint Policy

Child wrapper object for EndpointPolicy used in hierarchical API.

Name Description Type Notes
EndpointPolicy EndpointPolicy

Contains actual EndpointPolicy.
EndpointPolicy Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildEndpointPolicy string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildEndpointRule (schema)

Wrapper object for Endpoint Rule

Child wrapper object for EndpointRule used in hierarchical API.

Name Description Type Notes
EndpointRule EndpointRule

Contains actual EndpointRule.
EndpointRule Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildEndpointRule string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildEnforcementPoint (schema)

Wrapper object for EnforcementPoint

Child wrapper object for EnforcementPoint, used in hierarchical API

Name Description Type Notes
EnforcementPoint EnforcementPoint

Contains the actual Enforcement point object
EnforcementPoint Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildEnforcementPoint string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildFloodProtectionProfile (schema)

Wrapper object for FloodProtectionProfile

Child wrapper object for FloodProtectionProfile,
used in hierarchical API

Name Description Type Notes
FloodProtectionProfile FloodProtectionProfile

Contains the actual FloodProtectionProfile object
FloodProtectionProfile
(Abstract type: pass one of the following concrete types)
DistributedFloodProtectionProfile
GatewayFloodProtectionProfile		 Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildFloodProtectionProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildFloodProtectionProfileBindingMap (schema)

Wrapper object for FloodProtectionProfileBindingMap

Child wrapper object for FloodProtectionProfileBindingMap,
used in hierarchical API

Name Description Type Notes
FloodProtectionProfileBindingMap FloodProtectionProfileBindingMap

Contains the actual FloodProtectionProfileBindingMap object
FloodProtectionProfileBindingMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildFloodProtectionProfileBindingMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildForwardingPolicy (schema)

Wrapper object for children of type ForwardingPolicy

Child wrapper object for ForwardingPolicy used in Hierarchical API.

Name Description Type Notes
ForwardingPolicy ForwardingPolicy

Contains actual ForwardingPolicy.
ForwardingPolicy Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildForwardingPolicy string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildForwardingRule (schema)

Wrapper object for ForwardingRule

Child wrapper object for ForwardingRule used in Hierarchical API.

Name Description Type Notes
ForwardingRule ForwardingRule

Contains actual ForwardingRule.
ForwardingRule Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildForwardingRule string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildGatewayPolicy (schema)

Wrapper object for GatewayPolicy

Child wrapper object for GatewayPolicy, used in hierarchical API

Name Description Type Notes
GatewayPolicy GatewayPolicy

Contains the actual GatewayPolicy object
GatewayPolicy Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildGatewayPolicy string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildGlobalConfig (schema)

Wrapper object for GlobalConfig

Child wrapper object for GlobalConfig, used in hierarchical API

Name Description Type Notes
GlobalConfig GlobalConfig

Contains the actual GlobalConfig object.
GlobalConfig Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildGlobalConfig string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildGroup (schema)

Wrapper object for Group

Child wrapper object for group, used in hierarchical API.

Name Description Type Notes
Group Group

Contains the actual group objects.
Group Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildGroup string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildGroupMonitoringProfileBindingMap (schema)

Wrapper object for GroupMonitoringProfileBindingMap

Child wrapper object for GroupMonitoringProfileBindingMap, used in hierarchical API

Name Description Type Notes
GroupMonitoringProfileBindingMap GroupMonitoringProfileBindingMap

Contains the actual GroupMonitoringProfileBindingMap object
GroupMonitoringProfileBindingMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildGroupMonitoringProfileBindingMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIPDiscoveryProfile (schema)

Wrapper object for IPDiscoveryProfile

Child wrapper object for IPDiscoveryProfile, used in hierarchical API

Name Description Type Notes
IPDiscoveryProfile IPDiscoveryProfile

Contains the actual IPDiscoveryProfile object
IPDiscoveryProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIPDiscoveryProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIPFIXDFWCollectorProfile (schema)

Wrapper object for IPFIXDFWCollectorProfile

Child wrapper object for IPFIXDFWCollectorProfile, used in hierarchical API

Name Description Type Notes
IPFIXDFWCollectorProfile IPFIXDFWCollectorProfile

Contains the actual IPFIXDFWCollectorProfile object
IPFIXDFWCollectorProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIPFIXDFWCollectorProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIPFIXDFWProfile (schema)

Wrapper object for IPFIXDFWProfile

Child wrapper object for IPFIXDFWProfile, used in hierarchical API

Name Description Type Notes
IPFIXDFWProfile IPFIXDFWProfile

Contains the actual IPFIXDFWProfile object
IPFIXDFWProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIPFIXDFWProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIPFIXL2CollectorProfile (schema)

Wrapper object for IPFIXL2CollectorProfile

Child wrapper object for IPFIXL2CollectorProfile, used in hierarchical API

Name Description Type Notes
IPFIXL2CollectorProfile IPFIXL2CollectorProfile

Contains the actual IPFIXL2CollectorProfile object
IPFIXL2CollectorProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIPFIXL2CollectorProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIPFIXL2Profile (schema)

Wrapper object for IPFIXL2Profile

Child wrapper object for IPFIXL2Profile, used in hierarchical API

Name Description Type Notes
IPFIXL2Profile IPFIXL2Profile

Contains the actual IPFIXL2Profile object
IPFIXL2Profile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIPFIXL2Profile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIPSecVpnDpdProfile (schema)

Wrapper object for IPSecVpnDpdProfile

Child wrapper object for IPSecVpnDpdProfile, used in hierarchical API.

Name Description Type Notes
IPSecVpnDpdProfile IPSecVpnDpdProfile

Contains the actual IPSecVpnDpdProfile object.
IPSecVpnDpdProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIPSecVpnDpdProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIPSecVpnIkeProfile (schema)

Wrapper object for IPSecVpnIkeProfile

Child wrapper object for IPSecVpnIkeProfile, used in hierarchical API.

Name Description Type Notes
IPSecVpnIkeProfile IPSecVpnIkeProfile

Contains the actual IPSecVpnIkeProfile object.
IPSecVpnIkeProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIPSecVpnIkeProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIPSecVpnLocalEndpoint (schema)

Wrapper object for IPSecVpnLocalEndpoint

Child wrapper object for IPSecVpnLocalEndpoint, used in hierarchical API.

Name Description Type Notes
IPSecVpnLocalEndpoint IPSecVpnLocalEndpoint

Contains the actual IPSecVpnLocalEndpoint object.
IPSecVpnLocalEndpoint Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIPSecVpnLocalEndpoint string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIPSecVpnService (schema)

Wrapper object for IPSecVpnService

Child wrapper object for IPSecVpnService, used in hierarchical API.

Name Description Type Notes
IPSecVpnService IPSecVpnService

Contains the actual IPSecVpnService object.
IPSecVpnService Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIPSecVpnService string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIPSecVpnSession (schema)

Wrapper object for IPSecVpnSession

Child wrapper object for IPSecVpnSession, used in hierarchical API.

Name Description Type Notes
IPSecVpnSession IPSecVpnSession

Contains the actual IPSecVpnSession object.
IPSecVpnSession
(Abstract type: pass one of the following concrete types)
PolicyBasedIPSecVpnSession
RouteBasedIPSecVpnSession		 Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIPSecVpnSession string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIPSecVpnTunnelProfile (schema)

Wrapper object for IPSecVpnTunnelProfile

Child wrapper object for IPSecVpnTunnelProfile, used in hierarchical API.

Name Description Type Notes
IPSecVpnTunnelProfile IPSecVpnTunnelProfile

Contains the actual IPSecVpnTunnelProfile object
IPSecVpnTunnelProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIPSecVpnTunnelProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIpAddressAllocation (schema)

Wrapper object for IpAddressAllocation

Child wrapper object for IpAddressAllocation, used in hierarchical API

Name Description Type Notes
IpAddressAllocation IpAddressAllocation

Contains the actual IpAddressAllocation object
IpAddressAllocation Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIpAddressAllocation string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIpAddressBlock (schema)

Wrapper object for IpAddressBlock

Child wrapper object for IpAddressBlock, used in hierarchical API

Name Description Type Notes
IpAddressBlock IpAddressBlock

Contains the actual IpAddressBlock object
IpAddressBlock Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIpAddressBlock string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIpAddressPool (schema)

Wrapper object for IpAddressPool

Child wrapper object for IpAddressPool, used in hierarchical API

Name Description Type Notes
IpAddressPool IpAddressPool

Contains the actual IpAddressPool object
IpAddressPool Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIpAddressPool string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIpAddressPoolSubnet (schema)

Wrapper object for IpAddressPoolSubnet

Child wrapper object for IpAddressPoolSubnet, used in hierarchical API

Name Description Type Notes
IpAddressPoolSubnet IpAddressPoolSubnet

Contains the actual IpAddressPoolSubnet object
IpAddressPoolSubnet
(Abstract type: pass one of the following concrete types)
IpAddressPoolBlockSubnet
IpAddressPoolStaticSubnet		 Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIpAddressPoolSubnet string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIpv6DadProfile (schema)

Wrapper object for Ipv6DadProfile

Child wrapper object for Ipv6DadProfile, used in hierarchical API

Name Description Type Notes
Ipv6DadProfile Ipv6DadProfile

Contains the actual Ipv6DadProfile objects
Ipv6DadProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIpv6DadProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildIpv6NdraProfile (schema)

Wrapper object for Ipv6NdraProfile

Child wrapper object for Ipv6NdraProfile, used in hierarchical API

Name Description Type Notes
Ipv6NdraProfile Ipv6NdraProfile

Contains the actual Ipv6NdraProfile objects
Ipv6NdraProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildIpv6NdraProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildL2VPNService (schema)

Wrapper object for L2VPNService

Child wrapper object for L2VPNService, used in hierarchical API.

Name Description Type Notes
L2VPNService L2VPNService

Contains the actual L2VPNService object.
L2VPNService Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildL2VPNService string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildL2VPNSession (schema)

Wrapper object for L2VPNSession

Child wrapper object for L2VPNSession, used in hierarchical API.

Name Description Type Notes
L2VPNSession L2VPNSession

Contains the actual L2VPNSession object.
L2VPNSession Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildL2VPNSession string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildL2Vpn (schema) (Deprecated)

Wrapper object for L2Vpn

Child wrapper object for L2Vpn, used in hierarchical API.

Name Description Type Notes
L2Vpn L2Vpn

Contains the actual L2Vpn object.
L2Vpn Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildL2Vpn string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildL2VpnContext (schema) (Deprecated)

Wrapper object for L2VpnContext

Child wrapper object for L2VpnContext, used in hierarchical API.

Name Description Type Notes
L2VpnContext L2VpnContext

Contains the actual L2VpnContext object.
L2VpnContext Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildL2VpnContext string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildL3Vpn (schema) (Deprecated)

Wrapper object for L3Vpn

Child wrapper object for L3Vpn, used in hierarchical API.

Name Description Type Notes
L3Vpn L3Vpn

Contains the actual L3Vpn object.
L3Vpn Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildL3Vpn string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildL3VpnContext (schema) (Deprecated)

Wrapper object for L3VpnContext

Child wrapper object for L3VpnContext, used in hierarchical API.

Name Description Type Notes
L3VpnContext L3VpnContext

Contains the actual L3VpnContext object.
L3VpnContext Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildL3VpnContext string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildLBAppProfile (schema)

Wrapper object for LBAppProfile

Child wrapper for LBAppProfile, used in hierarchical API.

Name Description Type Notes
LBAppProfile LBAppProfile

Contains the actual LBAppProfile object.
LBAppProfile
(Abstract type: pass one of the following concrete types)
LBFastTcpProfile
LBFastUdpProfile
LBHttpProfile		 Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildLBAppProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildLBClientSslProfile (schema)

Wrapper object for LBClientSslProfile

Child wrapper for LBClientSslProfile, used in hierarchical API.

Name Description Type Notes
LBClientSslProfile LBClientSslProfile

Contains the actual LBClientSslProfile object.
LBClientSslProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildLBClientSslProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildLBMonitorProfile (schema)

Wrapper object for LBMonitorProfile

Child wrapper for LBMonitorProfile, used in hierarchical API.

Name Description Type Notes
LBMonitorProfile LBMonitorProfile

Contains the actual LBMonitorProfile object.
LBMonitorProfile
(Abstract type: pass one of the following concrete types)
LBActiveMonitor
LBHttpMonitorProfile
LBHttpsMonitorProfile
LBIcmpMonitorProfile
LBPassiveMonitorProfile
LBTcpMonitorProfile
LBUdpMonitorProfile		 Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildLBMonitorProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildLBPersistenceProfile (schema)

Wrapper object for LBPersistenceProfile

Child wrapper for LBPersistenceProfile, used in hierarchical API.

Name Description Type Notes
LBPersistenceProfile LBPersistenceProfile

Contains the actual LBPersistenceProfile object.
LBPersistenceProfile
(Abstract type: pass one of the following concrete types)
LBCookiePersistenceProfile
LBGenericPersistenceProfile
LBSourceIpPersistenceProfile		 Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildLBPersistenceProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildLBPool (schema)

Wrapper object for LBPool

Child wrapper for LBPool, used in hierarchical API.

Name Description Type Notes
LBPool LBPool

Contains the actual LBPool object.
LBPool Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildLBPool string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildLBServerSslProfile (schema)

Wrapper object for LBServerSslProfile

Child wrapper for LBServerSslProfile, used in hierarchical API.

Name Description Type Notes
LBServerSslProfile LBServerSslProfile

Contains the actual LBServerSslProfile object.
LBServerSslProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildLBServerSslProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildLBService (schema)

Wrapper object for LBService

Child wrapper for LBService, used in hierarchical API.

Name Description Type Notes
LBService LBService

Contains the actual LBService object.
LBService Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildLBService string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildLBVirtualServer (schema)

Wrapper object for LBVirtualServer

Child wrapper for LBVirtualServer, used in hierarchical API.

Name Description Type Notes
LBVirtualServer LBVirtualServer

Contains the actual LBVirtualServer object.
LBVirtualServer Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildLBVirtualServer string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildLocaleServices (schema)

Wrapper object for LocaleServices

Child wrapper object for LocaleServices, used in hierarchical API

Name Description Type Notes
LocaleServices LocaleServices

Contains the actual LocaleServices object
LocaleServices Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildLocaleServices string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildMacDiscoveryProfile (schema)

Wrapper object for MacDiscoveryProfile

Child wrapper object for MacDiscoveryProfile, used in hierarchical API

Name Description Type Notes
MacDiscoveryProfile MacDiscoveryProfile

Contains the actual MacDiscoveryProfile object
MacDiscoveryProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildMacDiscoveryProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyConfigResource (schema)

Represents the desired state object as child resource

Represents an object on the desired state This is an abstract type. Concrete child types:
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyConfigResource string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyContextProfile (schema)

Wrapper object for PolicyContextProfile

Child wrapper object for PolicyContextProfile, used in hierarchical API

Name Description Type Notes
PolicyContextProfile PolicyContextProfile

Contains the actual PolicyContextProfile objects
PolicyContextProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyContextProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyDnsForwarder (schema)

Wrapper object for PolicyDnsForwarder

Child wrapper object for PolicyDnsForwarder, used in hierarchical API

Name Description Type Notes
PolicyDnsForwarder PolicyDnsForwarder

Contains the actual PolicyDnsForwarder object
PolicyDnsForwarder Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyDnsForwarder string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyDnsForwarderZone (schema)

Wrapper object for PolicyDnsForwarderZone

Child wrapper object for PolicyDnsForwarderZone, used in hierarchical API

Name Description Type Notes
PolicyDnsForwarderZone PolicyDnsForwarderZone

Contains the actual PolicyDnsForwarderZone object
PolicyDnsForwarderZone Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyDnsForwarderZone string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyEdgeCluster (schema)

Wrapper object for PolicyEdgeCluster

Child wrapper object for PolicyEdgeCluster, used in hierarchical API

Name Description Type Notes
PolicyEdgeCluster PolicyEdgeCluster

Contains the actual PolicyEdgeCluster object
PolicyEdgeCluster Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyEdgeCluster string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyEdgeNode (schema)

Wrapper object for PolicyEdgeNode

Child wrapper object for PolicyEdgeNode, used in hierarchical API

Name Description Type Notes
PolicyEdgeNode PolicyEdgeNode

Contains the actual PolicyEdgeNode object
PolicyEdgeNode Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyEdgeNode string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyExcludeList (schema)

Wrapper object for PolicyExcludeList

Name Description Type Notes
PolicyExcludeList PolicyExcludeList

Contains the actual policy exclude list object.
PolicyExcludeList Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyExcludeList string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyFirewallFloodProtectionProfileBindingMap (schema)

Wrapper object for PolicyFirewallFloodProtectionProfileBindingMap

Child wrapper object for PolicyFirewallFloodProtectionProfileBindingMap,
used in hierarchical API

Name Description Type Notes
PolicyFirewallFloodProtectionProfileBindingMap PolicyFirewallFloodProtectionProfileBindingMap

Contains the actual PolicyFirewallFloodProtectionProfileBindingMap object
PolicyFirewallFloodProtectionProfileBindingMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyFirewallFloodProtectionProfileBindingMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyFirewallSessionTimerProfile (schema)

Wrapper object for PolicyFirewallSessionTimerProfile

Child wrapper object for PolicyFirewallSessionTimerProfile,
used in hierarchical API

Name Description Type Notes
PolicyFirewallSessionTimerProfile PolicyFirewallSessionTimerProfile

Contains the actual PolicyFirewallSessionTimerProfile object
PolicyFirewallSessionTimerProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyFirewallSessionTimerProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyFirewallSessionTimerProfileBindingMap (schema)

Wrapper object for PolicyFirewallSessionTimerProfileBindingMap

Child wrapper object for PolicyFirewallSessionTimerProfileBindingMap,
used in hierarchical API

Name Description Type Notes
PolicyFirewallSessionTimerProfileBindingMap PolicyFirewallSessionTimerProfileBindingMap

Contains the actual PolicyFirewallSessionTimerProfileBindingMap object
PolicyFirewallSessionTimerProfileBindingMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyFirewallSessionTimerProfileBindingMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyLabel (schema)

Wrapper object for PolicyLabel

Child wrapper object for PolicyLabel, used in hierarchical API

Name Description Type Notes
PolicyLabel PolicyLabel

Contains the actual PolicyLabel object
PolicyLabel Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyLabel string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyLbMonitorProfile (schema)

Wrapper object for PolicyLbMonitorProfile

Child wrapper for PolicyLbMonitorProfile, used in hierarchical API

Name Description Type Notes
PolicyLbMonitorProfile PolicyLbMonitorProfile

Contains the actual PolicyLbMonitorProfile object
PolicyLbMonitorProfile
(Abstract type: pass one of the following concrete types)
HttpPolicyLbMonitorProfile
HttpsPolicyLbMonitorProfile
IcmpPolicyLbMonitorProfile
TcpPolicyLbMonitorProfile
UdpPolicyLbMonitorProfile		 Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyLbMonitorProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyLbPersistenceProfile (schema)

Wrapper object for PolicyLbPersistenceProfile

Child wrapper for PolicyLbPersistenceProfile, used in hierarchical API

Name Description Type Notes
PolicyLbPersistenceProfile PolicyLbPersistenceProfile

Contains the actual PolicyLbPersistenceProfile object
PolicyLbPersistenceProfile
(Abstract type: pass one of the following concrete types)
CustomPolicyLbPersistenceProfile
L4PolicyLbPersistenceProfile
L7PolicyLbPersistenceProfile		 Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyLbPersistenceProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyLbPoolAccess (schema)

Wrapper object for PolicyLbPoolAccess

Child wrapper for PolicyLbPoolAccess, used in hierarchical API

Name Description Type Notes
PolicyLbPoolAccess PolicyLbPoolAccess

Contains the actual PolicyLbPoolAccess object
PolicyLbPoolAccess Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyLbPoolAccess string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyLbRule (schema)

Wrapper object for PolicyLbRule

Child wrapper for PolicyLbRule, used in hierarchical API

Name Description Type Notes
PolicyLbRule PolicyLbRule

Contains the actual PolicyLbRule object
PolicyLbRule Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyLbRule string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyLbVirtualServer (schema)

Wrapper object for PolicyLbVirtualServer

Child wrapper for PolicyLbVirtualServer, used in hierarchical API

Name Description Type Notes
PolicyLbVirtualServer PolicyLbVirtualServer

Contains the actual PolicyLbVirtualServer object
PolicyLbVirtualServer
(Abstract type: pass one of the following concrete types)
CustomPolicyLbVirtualServer
HttpPolicyLbVirtualServer
HttpsPolicyLbVirtualServer
TcpPolicyLbVirtualServer
UdpPolicyLbVirtualServer		 Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyLbVirtualServer string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyNat (schema)

Wrapper object for PolicyNat

Child wrapper object for PolicyNat, used in hierarchical API

Name Description Type Notes
PolicyNat PolicyNat

Contains the actual PolicyNAT object
PolicyNat Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyNat string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyNatRule (schema)

Wrapper object for PolicyNatRule

Child wrapper object for PolicyNatRule, used in hierarchical API

Name Description Type Notes
PolicyNatRule PolicyNatRule

Contains the actual PolicyNatRule object
PolicyNatRule Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyNatRule string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyServiceChain (schema)

Wrapper object for PolicyServiceChain

Child wrapper object for PolicyServiceInstance used in hierarchical API.

Name Description Type Notes
PolicyServiceChain PolicyServiceChain

Contains actual PolicyServiceChain.
PolicyServiceChain Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyServiceChain string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyServiceInstance (schema)

Wrapper object for PolicyServiceInstance

Child wrapper object for PolicyServiceInstance used in hierarchical API.

Name Description Type Notes
PolicyServiceInstance PolicyServiceInstance

Contains actual PolicyServiceInstance.
PolicyServiceInstance Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyServiceInstance string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyServiceProfile (schema)

Wrapper object for PolicyServiceProfile

Child wrapper object for PolicyServiceProfile used in hierarchical API.

Name Description Type Notes
PolicyServiceProfile PolicyServiceProfile

Contains actual PolicyServiceProfile.
PolicyServiceProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyServiceProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPolicyTransportZone (schema)

Wrapper object for PolicyTransportZone

Child wrapper object for PolicyTransportZone, used in hierarchical API

Name Description Type Notes
PolicyTransportZone PolicyTransportZone

Contains the actual PolicyTransportZone object
PolicyTransportZone Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPolicyTransportZone string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPortDiscoveryProfileBindingMap (schema)

Wrapper object for PortDiscoveryProfileBindingMap

Child wrapper object for PortDiscoveryProfileBindingMap, used in hierarchical API

Name Description Type Notes
PortDiscoveryProfileBindingMap PortDiscoveryProfileBindingMap

Contains the actual PortDiscoveryProfileBindingMap object
PortDiscoveryProfileBindingMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPortDiscoveryProfileBindingMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPortMirroringProfile (schema)

Wrapper object for PortMirroringProfile

Child wrapper object for PortMirroringProfile, used in hierarchical API

Name Description Type Notes
PortMirroringProfile PortMirroringProfile

Contains the actual PortMirroringProfile object
PortMirroringProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPortMirroringProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPortMonitoringProfileBindingMap (schema)

Wrapper object for PortMonitoringProfileBindingMap

Child wrapper object for PortMonitoringProfileBindingMap, used in hierarchical API

Name Description Type Notes
PortMonitoringProfileBindingMap PortMonitoringProfileBindingMap

Contains the actual PortMonitoringProfileBindingMap object
PortMonitoringProfileBindingMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPortMonitoringProfileBindingMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPortQoSProfileBindingMap (schema)

Wrapper object for PortQoSProfileBindingMap

Child wrapper object for PortQoSProfileBindingMap, used in hierarchical API

Name Description Type Notes
PortQoSProfileBindingMap PortQoSProfileBindingMap

Contains the actual PortQoSProfileBindingMap object
PortQoSProfileBindingMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPortQoSProfileBindingMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPortSecurityProfileBindingMap (schema)

Wrapper object for PortSecurityProfileBindingMap

Child wrapper object for PortSecurityProfileBindingMap, used in hierarchical API

Name Description Type Notes
PortSecurityProfileBindingMap PortSecurityProfileBindingMap

Contains the actual PortSecurityProfileBindingMap object
PortSecurityProfileBindingMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPortSecurityProfileBindingMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildPrefixList (schema)

Wrapper object for PrefixList

Child wrapper object for PrefixList, used in hierarchical API.

Name Description Type Notes
PrefixList PrefixList

Contains the actual PrefixList object.
PrefixList Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildPrefixList string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildQoSProfile (schema)

Wrapper object for QoSProfile

Child wrapper object for QoSProfile, used in hierarchical API

Name Description Type Notes
QoSProfile QoSProfile

Contains the actual QoSProfile object
QoSProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildQoSProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildReaction (schema)

Wrapper object for Reaction

Child wrapper object for Reaction used in hierarchical API.

Name Description Type Notes
Reaction Reaction

Contains the actual Reaction object.
Reaction Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildReaction string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildRedirectionPolicy (schema)

Wrapper object for RedirectionPolicy

Child wrapper object for RedirectionPolicy used in Hierarchical API.

Name Description Type Notes
RedirectionPolicy RedirectionPolicy

Contains actual RedirectionPolicy.
RedirectionPolicy Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildRedirectionPolicy string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildRedirectionRule (schema)

Wrapper object for RedirectionRule

Child wrapper object for ChildRedirectionRule used in Hierarchical API.

Name Description Type Notes
RedirectionRule RedirectionRule

Contains actual RedirectionRule.
RedirectionRule Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildRedirectionRule string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildResourceReference (schema)

Represents the reference to ChildPolicyConfigResource

Represents a reference to ChildPolicyConfigResource in the hierarchical API. resource_type, id and target_type are mandatory fields.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildResourceReference string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
target_type The target type of this reference string Required

ChildRule (schema)

Wrapper object for Rule

Child wrapper object for Rule, used in hierarchical API

Name Description Type Notes
Rule Rule

Contains the actual Rule object
Rule Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildRule string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildSecurityPolicy (schema)

Wrapper object for SecurityPolicy

Child wrapper object for SecurityPolicy, used in hierarchical API

Name Description Type Notes
SecurityPolicy SecurityPolicy

Contains the actual SecurityPolicy object
SecurityPolicy Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildSecurityPolicy string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildSegment (schema)

Wrapper object for Segment

Child wrapper object for Segment, used in hierarchical API.

Name Description Type Notes
Segment Segment

Contains the actual Segment object.
Segment Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildSegment string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildSegmentDiscoveryProfileBindingMap (schema)

Wrapper object for SegmentDiscoveryProfileBindingMap

Child wrapper object for SegmentDiscoveryProfileBindingMap, used in hierarchical API

Name Description Type Notes
SegmentDiscoveryProfileBindingMap SegmentDiscoveryProfileBindingMap

Contains the actual SegmentDiscoveryProfileBindingMap object
SegmentDiscoveryProfileBindingMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildSegmentDiscoveryProfileBindingMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildSegmentMonitoringProfileBindingMap (schema)

Wrapper object for SegmentMonitoringProfileBindingMap

Child wrapper object for SegmentMonitoringProfileBindingMap, used in hierarchical API

Name Description Type Notes
SegmentMonitoringProfileBindingMap SegmentMonitoringProfileBindingMap

Contains the actual SegmentMonitoringProfileBindingMap object
SegmentMonitoringProfileBindingMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildSegmentMonitoringProfileBindingMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildSegmentPort (schema)

Wrapper object for SegmentPort

Child wrapper object for SegmentPort, used in hierarchical API

Name Description Type Notes
SegmentPort SegmentPort

Contains the actual SegmentPort object
SegmentPort Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildSegmentPort string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildSegmentQoSProfileBindingMap (schema)

Wrapper object for SegmentQoSProfileBindingMap

Child wrapper object for SegmentQoSProfileBindingMap, used in hierarchical API

Name Description Type Notes
SegmentQoSProfileBindingMap SegmentQoSProfileBindingMap

Contains the actual SegmentQoSProfileBindingMap object
SegmentQoSProfileBindingMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildSegmentQoSProfileBindingMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildSegmentSecurityProfile (schema)

Wrapper object for SegmentSecurityProfile

Child wrapper object for SegmentSecurityProfile, used in hierarchical API

Name Description Type Notes
SegmentSecurityProfile SegmentSecurityProfile

Contains the actual SegmentSecurityProfile object
SegmentSecurityProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildSegmentSecurityProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildSegmentSecurityProfileBindingMap (schema)

Wrapper object for SegmentSecurityProfileBindingMap

Child wrapper object for SegmentSecurityProfileBindingMap, used in hierarchical API

Name Description Type Notes
SegmentSecurityProfileBindingMap SegmentSecurityProfileBindingMap

Contains the actual SegmentSecurityProfileBindingMap object
SegmentSecurityProfileBindingMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildSegmentSecurityProfileBindingMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildService (schema)

Wrapper object for Service

Child wrapper object for Service, used in hierarchical API.

Name Description Type Notes
Service Service

Contains the actual Service object.
Service Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildService string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildServiceEntry (schema)

Wrapper object for ServiceEntry

Child wrapper object for ServiceEntry, used in hierarchical API.

Name Description Type Notes
Service ServiceEntry

This is a deprecated property, Please use 'ServiceEntry' instead.
ServiceEntry
(Abstract type: pass one of the following concrete types)
ALGTypeServiceEntry
EtherTypeServiceEntry
ICMPTypeServiceEntry
IGMPTypeServiceEntry
IPProtocolServiceEntry
L4PortSetServiceEntry		 Deprecated
ServiceEntry ServiceEntry

Contains the actual ServiceEntry object.
ServiceEntry
(Abstract type: pass one of the following concrete types)
ALGTypeServiceEntry
EtherTypeServiceEntry
ICMPTypeServiceEntry
IGMPTypeServiceEntry
IPProtocolServiceEntry
L4PortSetServiceEntry		 Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildServiceEntry string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildServiceInstanceEndpoint (schema)

Wrapper object for ServiceInstanceEndpoint

Child wrapper object for ServiceInstanceEndpoint used in hierarchical API.

Name Description Type Notes
ServiceInstanceEndpoint ServiceInstanceEndpoint

Contains actual ServiceInstanceEndpoint.
ServiceInstanceEndpoint Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildServiceInstanceEndpoint string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildServiceInterface (schema)

Wrapper object for ServiceInterface

Child wrapper object for ServiceInterface, used in hierarchical API.

Name Description Type Notes
ServiceInterface ServiceInterface

Contains the actual ServiceInterface object.
ServiceInterface Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildServiceInterface string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildServiceReference (schema)

Wrapper object for ServiceReference

Child wrapper object for ServiceReference used in hierarchical API.

Name Description Type Notes
ServiceReference ServiceReference

Contains actual ServiceReference.
ServiceReference Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildServiceReference string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildServiceSegment (schema)

Wrapper object for SerivceSegment

Child wrapper object for ServiceSegment, used in hierarchical API

Name Description Type Notes
ServiceSegment ServiceSegments

Contains the actual ServiceSegment objects
ServiceSegment Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildServiceSegment string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildSessionTimerProfileBindingMap (schema)

Wrapper object for SessionTimerProfileBindingMap

Child wrapper object for SessionTimerProfileBindingMap,
used in hierarchical API

Name Description Type Notes
SessionTimerProfileBindingMap SessionTimerProfileBindingMap

Contains the actual SessionTimerProfileBindingMap object
SessionTimerProfileBindingMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildSessionTimerProfileBindingMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildSite (schema)

Wrapper object for Site

Child wrapper object for Site, used in hierarchical API

Name Description Type Notes
Site Site

Contains the actual Site object
Site Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildSite string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildSpoofGuardProfile (schema)

Wrapper object for SpoofGuardProfile

Child wrapper object for SpoofGuardProfile, used in hierarchical API

Name Description Type Notes
SpoofGuardProfile SpoofGuardProfile

Contains the actual SpoofGuardProfile object
SpoofGuardProfile Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildSpoofGuardProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildSslTrustObjectData (schema)

Wrapper object for SslTrustObjectData

Child wrapper for SslTrustObjectData, used in hierarchical API

Name Description Type Notes
SslTrustObjectData SslTrustObjectData

Contains the actual SslTrustObjectData object
SslTrustObjectData Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildSslTrustObjectData string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildStandaloneHostIdfwConfiguration (schema)

Wrapper object for StandaloneHostIdfwConfiguration

Name Description Type Notes
StandaloneHostIdfwConfiguration StandaloneHostIdfwConfiguration

Contains the actual standalone host idfw configuration object.
StandaloneHostIdfwConfiguration Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildStandaloneHostIdfwConfiguration string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildStaticARPConfig (schema)

Wrapper object for StaticARPConfig

Child wrapper object for StaticARPConfig, used in hierarchical API.

Name Description Type Notes
StaticARPConfig StaticARPConfig

Contains the actual StaticARPConfig object.
StaticARPConfig Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildStaticARPConfig string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildStaticRoutes (schema)

Wrapper object for StaticRoutes

Child wrapper object for StaticRoutes, used in hierarchical API.

Name Description Type Notes
StaticRoutes StaticRoutes

Contains the actual StaticRoutes object.
StaticRoutes Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildStaticRoutes string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildTier0 (schema)

Wrapper object for Tier-0

Child wrapper object for Tier-0, used in hierarchical API.

Name Description Type Notes
Tier0 Tier-0

Contains the actual Tier-0 object.
Tier0 Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildTier0 string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildTier0DeploymentMap (schema)

Wrapper object for Tier0DeploymentMap

Child wrapper object for Tier0DeploymentMap, used in hierarchical API

Name Description Type Notes
Tier0DeploymentMap Tier0DeploymentMap

Contains the actual Tier0DeploymentMap object
Tier0DeploymentMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildTier0DeploymentMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildTier0Interface (schema)

Wrapper object for Tier0Interface

Child wrapper object for Tier0Interface, used in hierarchical API.

Name Description Type Notes
Tier0Interface Tier0Interface

Contains the actual Tier0Interface object.
Tier0Interface Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildTier0Interface string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildTier0RouteMap (schema)

Wrapper object for Tier0RouteMap

Child wrapper object for Tier0RouteMap, used in hierarchical API

Name Description Type Notes
Tier0RouteMap Tier0RouteMap

Contains the actual Tier0RouteMap object
Tier0RouteMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildTier0RouteMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildTier1 (schema)

Wrapper object for Tier-1

Child wrapper object for Tier-1 , used in hierarchical API.

Name Description Type Notes
Tier1 Tier-1

Contains the actual Tier-1 object.
Tier1 Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildTier1 string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildTier1DeploymentMap (schema)

Wrapper object for Tier1DeploymentMap

Child wrapper object for Tier1DeploymentMap, used in hierarchical API.

Name Description Type Notes
Tier1DeploymentMap Tier1DeploymentMap

Contains the actual Tier1DeploymentMap object
Tier1DeploymentMap Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildTier1DeploymentMap string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildTier1Interface (schema)

Wrapper object for Tier1Interface

Child wrapper object for Tier1Interface, used in hierarchical API.

Name Description Type Notes
Tier1Interface Tier1Interface

Contains the actual Tier1Interface object.
Tier1Interface Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildTier1Interface string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildTlsCertificate (schema)

Wrapper object for TlsCertificate

Child wrapper for TlsCertificate, used in hierarchical API.

Name Description Type Notes
TlsCertificate TlsCertificate

Contains the actual TlsCertificate object.
TlsCertificate Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildTlsCertificate string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildTlsCrl (schema)

Wrapper object for TlsCrl

Child wrapper for TlsCrl, used in hierarchical API.

Name Description Type Notes
TlsCrl TlsCrl

Contains the actual TlsCrl object.		 TlsCrl Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildTlsCrl string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildTlsTrustData (schema)

Wrapper object for TlsTrustData

Child wrapper for TlsTrustData, used in hierarchical API.

Name Description Type Notes
TlsTrustData TlsTrustData

Contains the actual TlsTrustData object.
TlsTrustData Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildTlsTrustData string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ChildTypesRequestParameter (schema)

Filter to populate child types of the policyConfigResource

Specified child resource types will be populated in the response body

Name Description Type Notes
filter Filter string as java regex

Filter string, can contain multiple or single java regular expressions
separated by ';'.
- Sample query string to prevent loading services and deployment zones:
filter=Type-^(?!.*?(?:Service|DeploymentZone)).*$
- Sample query string to load every policy object under Infra:
filter=/
string

ChildVirtualEndpoint (schema)

Wrapper object for VirtualEndpoint

Child wrapper object for VirtualEndpoint used in hierarchical API.

Name Description Type Notes
VirtualEndpoint VirtualEndpoint

Contains reference to actual VirtualEndpoint.
VirtualEndpoint Required
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

If this field is set to true, delete operation is triggered on the
intent tree. This resource along with its all children in intent tree
will be deleted. This is a cascade delete and should only be used if
intent object along with its all children are to be deleted. This does
not support deletion of single non-leaf node within the tree and should
be used carefully.
boolean Default: "False"
resource_type Must be set to the value ChildVirtualEndpoint string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CidrBlock (schema)

IPv4 CIDR Block

Stores information about IPv4 CIDR block.

Name Description Type Notes
CidrBlock IPv4 CIDR Block

Stores information about IPv4 CIDR block.		 string

CipherSuite (schema)

TLS cipher suite

Name Description Type Notes
enabled Enable status for this cipher suite boolean Required
name Name of the TLS cipher suite string Required

ClasslessStaticRoute (schema)

DHCP classless static route option

DHCP classless static route option.

Name Description Type Notes
network Destination in CIDR

Destination network in CIDR format.		 IPElement Required
next_hop Router

IP address of next hop of the route.		 IPAddress Required

ClearPasswordActionParameters (schema)

Name Description Type Notes
action string Enum: clear_password

ClientAuthType (schema)

client authentication mode

Client authentication could be REQUIRED or IGNORE.
REQUIRED means that client is required to present its
certificate to the server for authentication. To be accepted, client
certificate must be signed by one of the trusted Certificate
Authorities (CAs), also referred to as root CAs, whose self signed
certificates are specified in the same client SSL profile binding.
IGNORE means that client certificate would be ignored.

Name Description Type Notes
ClientAuthType client authentication mode

Client authentication could be REQUIRED or IGNORE.
REQUIRED means that client is required to present its
certificate to the server for authentication. To be accepted, client
certificate must be signed by one of the trusted Certificate
Authorities (CAs), also referred to as root CAs, whose self signed
certificates are specified in the same client SSL profile binding.
IGNORE means that client certificate would be ignored.
string Enum: REQUIRED, IGNORE

ClientSslProfileBinding (schema)

Name Description Type Notes
certificate_chain_depth the maximum traversal depth of client certificate chain

authentication depth is used to set the verification depth in the client
certificates chain.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
client_auth client authentication mode ClientAuthType Default: "IGNORE"
client_auth_ca_ids CA identifier list to verify client certificate

If client auth type is REQUIRED, client certificate must be signed by
one of the trusted Certificate Authorities (CAs), also referred to as
root CAs, whose self signed certificates are specified.
array of string
client_auth_crl_ids CRL identifier list to verify client certificate

A Certificate Revocation List (CRL) can be specified in the client-side
SSL profile binding to disallow compromised client certificates.
array of string
default_certificate_id default service certificate identifier

A default certificate should be specified which will be used if the
server does not host multiple hostnames on the same IP address or if
the client does not support SNI extension.
string Required
sni_certificate_ids SNI certificate identifier list

Client-side SSL profile binding allows multiple certificates, for
different hostnames, to be bound to the same virtual server.
array of string
ssl_profile_id client SSL profile identifier

Client SSL profile defines reusable, application-independent client side
SSL properties.
string

ClientTypeCollectionConfiguration (schema)

HPM client data collection configuration

Name Description Type Notes
client_type Client Type

The client type for which this data collection frequency setting applies		 string Required
Enum: HYPERVISOR, EDGE, CONTROL_PLANE, CONTROL_PLANE_PLATFORM, MANAGEMENT_PLANE, MANAGEMENT_PLANE_PLATFORM
data_type_configurations Data type configurations

The set of data collection type configurations, one for each data collection type		 array of DataTypeCollectionConfiguration Required

CloudAccount (schema)

Cloud Account

Stores information about a cloud account like cloud type and insatnce
statistics.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
auth_users Authrized Users

List of authorized users.		 array of CloudUserInfo Readonly
cloud_type Cloud Type string Required
Enum: AWS, AZURE, GOOGLE
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
instance_stats Instance statistics

Stores statistics of the number of managed, unmanaged and error virtual
machines.
InstanceStats Readonly
resource_type Must be set to the value CloudAccount string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tenant_id Tenant ID

Tenant ID of the cloud account.		 string Readonly

CloudAccountStatus (schema)

Cloud Account status

Stores the status of cloud account like credentials validity status and
inventory synchronization status.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
credentials_status Credentials Status

Status of the cloud account credentials synced at the auto interval.
string Readonly
Enum: VALID, INVALID
inventory_sync_status Inventory Synchronization Status

Status of inventory synchronization process.		 string Readonly
Enum: SYNCED, IN_PROGRESS

CloudGatewayPrivateIpAddress (schema)

Private IP address of the gateway

Name Description Type Notes
gateway_ha_index Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway. integer Readonly
Minimum: 0
private_ip Secondary Private IP

The secondary Private IP allocated on the gateway's uplink interface.
string Readonly

CloudIpAllocationConfig (schema)

Cloud IP Allocation Configuration

Configuration parameters to create IP allocations that will be used for
containers. These containers will be deployed in an Aws Vpc or Azure Vnet.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
cloud_account_id Cloud Account ID

ID of the Cloud Account in which the IPs are allocated.
string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_allocation_mode IP Allocation Mode

PUBLIC_IP: Allocate new public IP.
LINK_LOCAL_IP: Allocate new link local IP.
string Enum: PUBLIC_IP, LINK_LOCAL_IP
Default: "PUBLIC_IP"
ip_allocation_type IP allocation type

Based on the type, IP allocation will be done accordingly.
Legal values are PAS and NAT.
string Enum: PAS, NAT
Default: "PAS"
number_of_allocations Number of IP allocations required. integer Required
resource_type Must be set to the value CloudIpAllocationConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CloudIpAllocationMapping (schema)

Cloud IP Allocation Mapping

Information about Cloud IP mapping and allocation state.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
allocated_ip Public/link local IP string Readonly
gateway_private_ips Secondary Private IP Addresses

List of secondary Private IPs allocated on the gateway's uplink interface.		 array of CloudGatewayPrivateIpAddress Readonly

CloudIpAllocationMappings (schema)

Cloud IP Allocation Mappings

Information about Cloud IP mappings.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
cloud_account_id Cloud Account ID

ID of the Cloud Account in which the IPs are allocated.
string Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
error_code Error code for IP allocation failure integer Readonly
error_message Error message for IP allocation failure string Readonly
id Unique identifier of this resource string Sortable
ip_allocation_type IP allocation type

Based on the type, IP allocation will be done accordingly.
Legal values are PAS and NAT.
string Readonly
Enum: PAS, NAT
Default: "PAS"
ip_mappings IP mappings for a foundation. array of CloudIpAllocationMapping Readonly
ip_operation_status IP Allocation State

Indicates the state of the IP allocation or de-allocation.
ALLOCATION_IN_PROGRESS: IP allocation is in progress.
DELETION_IN_PROGRESS: IP de-allocation or deletion is in progress.
SUCCESSFUL: IP allocation is successful. Successful de-allocation can
be confirmed if the status API for this mapping returns a 404 error.
FAILED: IP allocation or de-allocation failed.
string Readonly
Enum: ALLOCATION_IN_PROGRESS, DELETION_IN_PROGRESS, SUCCESSFUL, FAILED
resource_type Must be set to the value CloudIpAllocationMappings string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CloudSecurityGroup (schema)

Cloud Security Group

Stores information about a cloud security group.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cloud_tags Cloud Tags

Array of tags associated to a cloud security group.
array of CloudTag Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
is_managed_by_nsx Is Managed By NSX

If the flag is true, the cloud security group is managed by NSX.
boolean Readonly
region_id Region ID

ID of the cloud region.		 string Readonly
resource_type Must be set to the value CloudSecurityGroup string Required
security_group_id Security Group ID

ID of the cloud security group.		 string Readonly
security_group_name Security Group Name

Name of the cloud security group.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CloudSecurityGroupRule (schema)

Cloud Security Group Rule

Stores information about a cloud security group rule.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
description Description of this resource string Maximum length: 1024
Sortable
destination Destination

Destination corresponding to the cloud security group rule.
string Readonly
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
port_range Port Range

Port range corresponding to the cloud security group rule.
string Readonly
protocol Protocol

Protocol corresponding to the cloud security group rule.
string Readonly
resource_type Must be set to the value CloudSecurityGroupRule string Required
source Source

Source corresponding to the cloud security group rule.
string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CloudServiceEndpoint (schema)

Cloud Service Endpoint

Stores information about any service endpoint which is provided in the
cloud. Example services include the cloud provided equivalent service for
Storage, Database or Load Balancer.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
nsx_security_groups NSX security groups array

Stores an array of NSX security groups associated to this cloud service
endpoint.
array of SecurityGroup Readonly
resource_type Must be set to the value CloudServiceEndpoint string Required
service_endpoint_id Service Endpoint ID

Cloud provided ID of the service endpoint.		 string Readonly
service_endpoint_type Service Endpoint Type

Cloud provided type of the service endpoint.		 string Readonly
service_name Service Name

Name of the cloud service the endpoint is associated with.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CloudTag (schema)

Cloud Tag

Stores the key-value pair of cloud tag.

Name Description Type Notes
key Tag Key

Key of the cloud tag.		 string Readonly
value Tag Value

Value of the cloud tag.		 string Readonly

CloudTypeInfo (schema)

Cloud Type information

Name Description Type Notes
cloud_type Cloud Type

Name of the cloud vendor.		 string Readonly

CloudUserInfo (schema)

User information

Name Description Type Notes
display_name Display name of the user string Readonly
id ID of the user string Readonly

CloudVirtualMachine (schema)

Cloud Virtual Machine Information

Stores information about a Virtual Machine

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
agent_status Agent Status

UP - NSX Agent is up and running
DOWN - NSX Agent is down
NO_AGENT - No NSX Agent installed on VM
UNKNOWN - NSX Agent status is unknown
string Readonly
Enum: UP, DOWN, NO_AGENT, UNKNOWN
agent_version Agent version details string Readonly
associated_account_ids Associated Cloud Account IDs

Array of associated cloud account IDs.		 array of string
cloud_tags Cloud tags for the virtual machine array of CloudTag Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
error_messages List of error messages

List of error messages identified. Returns only error messages
identified in the last 1 hour.
array of ComputeInstanceErrorMessage Readonly
gateway_ha_index Gateway HA Index

Index of HA that indicates whether gateway is primary or secondary.
If index is 0, then it is primary gateway. Else secondary gateway.
integer
gateway_status Gateway Status string Readonly
Enum: UP, DOWN, DEPLOYING, NOT_AVAILABLE, UNDEPLOYING
id Unique identifier of this resource string Sortable
is_gateway Flag to identify if this VM is a gateway node boolean Readonly
is_gateway_active Flag to identify if this VM is an active gateway node boolean Readonly
logical_switch_display_name Logical Switch display name string Readonly
logical_switch_id Logical Switch ID string Readonly
managed_by_nsx Indicate if vm is managed by NSX or not boolean Required
Readonly
nsx_ip IP address provided by NSX string Readonly
nsx_security_group_mapping NSX Security Group Mapping

Map of cloud security groups associated to the virtual machine and
corresponding NSX security groups.
array of SecurityGroupDetails Readonly
nsx_security_rule_errors NSX Security Rule Errors

Array of NSX security rule realization errors.		 array of NsxSecurityRuleErrorDetails Readonly
nsx_security_rule_errors_count NSX Security Rule Errors Count

Count of the NSX security rule realization errors.		 integer Readonly
os_details Operating system details string Readonly
os_type Operating system of the virtual machine string Readonly
private_ip Private IP address of the virtual machine string Readonly
public_ip Public IP address of the virtual machine string Readonly
quarantine_state Quarantine State

Indicates the quarantine state of the VM.
QUARANTINED - This state implies VM is moved to quarantine security
group because some threat has been detected.
NOT_QUARANTINED - This state implies no quarantine action has been
taken.
UNKNOWN - This state implies either quarantine policy is disabled or
quarantine information is not available.
OVERRIDDEN - This state implies VM is associated with vm_override_sg
which overrides any action based on threat detection.
WHITELISTED - This state implies that quarantine operation will not
be performed on the VM.
NOT_APPLICABLE - This state will be populated for agentless vm.
string Readonly
Enum: QUARANTINED, NOT_QUARANTINED, UNKNOWN, OVERRIDDEN, WHITELISTED, NOT_APPLICABLE
resource_type Must be set to the value CloudVirtualMachine string Required
Enum: AwsVirtualMachine, AzureVirtualMachine
segment_display_name Segment display name

Segment display name on which this VM resides.
string Readonly
segment_id Segment ID

Segment ID on which this VM resides.
string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
threat_state Threat State

Indicates the threat state of the VM.
NORMAL - This state implies no threat has been detected and VM is
functioning as expected.
THREAT - This state implies quarantine enabling threat has been
detected.
INVALID - This state implies either VM is unmanaged or threat related
information is not available.
NOT_APPLICABLE - This state will be populated for agentless vm.
string Readonly
Enum: NORMAL, THREAT, INVALID, NOT_APPLICABLE
vm_config_status Status for user configurable properties VmConfigStatus Readonly
vm_extension_execution_status VM extension script execution status

UNKNOWN - This is the default state. Indicates no information available
regarding extension execution. This can potentially occur for
a VM when agent is installed out of band or if
cloud_agent_automated_install_enabled flag is enabled for the
VNET/VPC which already has managed VMs.
SUCCESSFUL - Indicates VM extension script execution was successful.
This does not necessarily mean agent installation was
successful.
FAILED - Indicates VM extension script execution failed.
string Readonly

CloudVirtualMachinesListRequestParameters (schema)

Cloud Virtual Machines List Request Parameters

A set of optional filter parameters to list cloud virtual machines

Name Description Type Notes
account_id Account ID

Optional identifier for account based on which virtual machines are to
be filtered
string
cloud_type Cloud Type

Optional identifier for cloud provider based on which Virtual Machines
are to be filtered
string Enum: AWS, AZURE
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
instance_id Instance ID

Optional identifier for virtual machine based on which the list can be
filtered
string
is_gateway Is the VM a gateway node?

Optional identifier based on which only gateway Virtual Machines can be
filtered
boolean
logical_switch_id Logical Switch ID

Optional identifier for logical switch based on which Aws Virtual
Machines are to be filtered
string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
public_ip Public IP address of the virtual machine

Optional identifier for public IP based on which Virtual Machines are
to be filtered
string
quarantine_state Quarantine State

Identifier for quarantine state based on which Virtual Machines are to
be filtered.
QUARANTINED - This state implies VM is moved to quarantine security
group because some threat has been detected.
NOT_QUARANTINED - This state implies no quarantine action has been
taken.
UNKNOWN - This state implies either quarantine policy is disabled or
quarantine information is not available.
OVERRIDDEN - This state implies VM is associated with vm_override_sg
which overrides any action based on threat detection.
string Readonly
Enum: QUARANTINED, NOT_QUARANTINED, UNKNOWN, OVERRIDDEN
region_id Region ID

Optional identifier for AWS or Azure region based on which Virtual
Machines are to be filtered
string
resource_type Resource Type

Optional identifier for listing virtual machines of a particular cloud
provider. Possible values are in the form of VirtualMachine prefixed by
cloud name. For example, AwsVirtualMachine or AzureVirtualMachine.
string Enum: AwsVirtualMachine, AzureVirtualMachine
segment_id Segment ID

Optional identifier for segment based on which Virtual Machines are to
be filtered.
string
sort_ascending boolean
sort_by Field by which records are sorted string
vnet_id Azure virtual network ID

Optional identifier for Azure virtual network based on which Azure
Virtual Machines are to be filtered. It consists of resourceGuid of Azure Vnet.
string
vpc_id AWS VPC ID

Optional identifier for AWS VPC based on which Virtual Machines are to
be filtered
string

CloudVirtualMachinesListResult (schema)

Cloud Virtual Machines List Result

Stores a list of cloud virtual machines

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Results

Array of cloud virtual machines		 array of CloudVirtualMachine
(Abstract type: pass one of the following concrete types)
AwsVirtualMachine
AzureVirtualMachine
CloudVirtualMachine
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ClusterBackupInfo (schema)

Cluster backup details

Name Description Type Notes
ip_address IP address or FQDN of the node from which the backup was taken string Required
Readonly
node_id ID of the node from which the backup was taken string Required
Readonly
timestamp timestamp of the cluster backup file EpochMsTimestamp Required
Readonly

ClusterBackupInfoListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of timestamps of backed-up cluster files array of ClusterBackupInfo Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ClusterCertificateId (schema)

Cluster Certificate ID

Name Description Type Notes
certificate_id Certificate ID string Required

ClusterConfig (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cluster_id Unique identifier of this cluster string Required
Readonly
control_cluster_changes_allowed True if control cluster nodes may be added or removed boolean
mgmt_cluster_changes_allowed True if management cluster nodes may be added or removed boolean
nodes Configuration of each node in cluster array of ClusterNodeInfo

ClusterConfiguration (schema)

Cluster configuration

The configuration of the NSX cluster. The cluster configuration consists of a list of cluster node attributes.

Name Description Type Notes
cluster_id UUID of the cluster string Readonly
config_version Cluster configuration version integer Readonly
nodes Nodes in the cluster configuration array of ClusterNode Readonly

ClusterGroupMemberStatus (schema)

Status of a group member

This type contains the attributes and status of a group member.

Name Description Type Notes
member_fqdn FQDN of the group member string Readonly
member_ip IP of the group member string Readonly
member_status Status of the group member string Readonly
Enum: UP, DOWN, UNKNOWN
member_uuid UUID of the group member string Readonly

ClusterGroupServiceLeader (schema)

Leader for a service of the group

Each cluster node entity provides multiple services. When working in a group, each service can elect a cluster node entity to be the leader of the service. Leader election helps in coordination of the service. The leader holds a renewable lease on the leadership for a fixed period of time. The lease version is incremented every time the leadership lease is renewed. This type contains the attributes of a leader.

Name Description Type Notes
leader_uuid Member UUID of the leader string Readonly
lease_version Number of times the lease has been renewed integer Readonly
service_name Name of the service string Readonly

ClusterGroupStatus (schema)

Status of a group

This type contains the attributes and status of a group.

Name Description Type Notes
group_id UUID of the group string Readonly
group_status Group status string Readonly
Enum: STABLE, DEGRADED, UNSTABLE, UNAVAILABLE
group_type Type of the group string Readonly
Enum: MANAGER, CONTROLLER, POLICY, HTTPS, DATASTORE, CLUSTER_BOOT_MANAGER
leaders Array of group leaders and their attributes array of ClusterGroupServiceLeader Readonly
members Array of group members and their statuses array of ClusterGroupMemberStatus Readonly

ClusterInitializationNodeInfo (schema)

The type provides the information of a non-running cluster node required for the initialization of a management cluster. The administrator needs to start this node for management cluster to initialize properly (or decommission it explicitly).

Name Description Type Notes
disk_store_id The (internal) disk-store ID of the member string Readonly
host_address The IP address (or domain name) of the cluster node string Readonly

ClusterNode (schema)

Cluster Node Properties

This type contains attributes of a cluster node that are relevant to the Cluster Boot Manager.

Name Description Type Notes
entities Entities on the node array of ClusterNodeEntity Required
node_uuid UUID of the node string Required
status Current clustering status of the node string Enum: JOINING, JOINED, REMOVING, REMOVED
Default: "REMOVED"

ClusterNodeConfig (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
appliance_mgmt_listen_addr The IP and port for the appliance management API service on this node string Readonly
controller_role ControllerClusterRoleConfig
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id Internal identifier provided by the node string Readonly
id Unique identifier of this resource string Sortable
manager_role ManagementClusterRoleConfig
resource_type Must be set to the value ClusterNodeConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ClusterNodeConfigListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Cluster node configuration results array of ClusterNodeConfig Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ClusterNodeEntity (schema)

Cluster Node Entity Properties

NSX Cluster is made up of multiple cluster nodes. Each node can perform multiple functions, commonly referred to as roles. Cluster node entities are processes running in a cluster node that assist in the performance of a role. Cluster Boot Manager is a daemon that securely bootstraps and configures the entities. This type contains attributes of a cluster node entity that are relevant to the Cluster Boot Manager.

Name Description Type Notes
certificate Public certificate of the entity in PEM format string Required
entity_type Type of the entity string Required
Enum: MANAGER, CONTROLLER, POLICY, HTTPS, CLUSTER_BOOT_MANAGER, DATASTORE
entity_uuid UUID of the entity string Required
fqdn Domain name the entity binds to string
ip_address IP address the entity binds to string
port Port the entity binds to integer Minimum: 0
Maximum: 65535
subnet_prefix_length Subnet mask prefix length of the entity binds to integer Minimum: 0
Maximum: 32

ClusterNodeInfo (schema)

Name Description Type Notes
certificates Certificate and thumbprint of all entities array of NodeCertificateInfo
display_name The display name of this node string
entities Service endpoint of all entities array of NodeEntityInfo
fqdn The fqdn of this node string
msg_clients Messaging client of all entities array of NodeMessagingClientInfo
node_uuid Unique identifier of this node string Required
Readonly
status Node clustering status string Required
Readonly
Enum: JOINING, JOINED, REMOVING, REMOVED

ClusterNodeRole (schema)

Cluster node role

Enumerates the roles that can be specified in VM auto-deployment.

Name Description Type Notes
ClusterNodeRole Cluster node role

Enumerates the roles that can be specified in VM auto-deployment.
string Enum: CONTROLLER, MANAGER

ClusterNodeStatus (schema)

Name Description Type Notes
control_cluster_status Clustering status for control plane functions on this node ControlClusterNodeStatus Readonly
mgmt_cluster_status Clustering status for management plane functions on this node ManagementClusterNodeStatus Readonly
system_status Node status properties NodeStatusProperties Readonly
version Software version running on node string Readonly

ClusterNodeVMDeletionParameters (schema)

Parameters for DeleteAutoDeployedClusterNodeVM

Parameters for deletion of a cluster node VM.

Name Description Type Notes
force_delete Delete by force

If true, the VM will be undeployed even if it cannot be removed
from its cluster.
boolean

ClusterNodeVMDeploymentConfig (schema)

Configuration for deploying cluster node VM

Contains info used to configure the VM on deployment

Name Description Type Notes
placement_type Type of deployment

Specifies the config for the platform through which to deploy the VM
string Required
Enum: VsphereClusterNodeVMDeploymentConfig

ClusterNodeVMDeploymentRequest (schema)

Info for an auto-deployment request

Contains the deployment information for a cluster node VM soon to be
deployed or already deployed by the Manager

Name Description Type Notes
deployment_config Deployment config for cluster node VM

Info needed to configure a cluster node VM at deployment for a
specific platform.
May require different parameters depending on the method used to deploy
the VM.
ClusterNodeVMDeploymentConfig
(Abstract type: pass one of the following concrete types)
ClusterNodeVMDeploymentConfig
VsphereClusterNodeVMDeploymentConfig		 Required
form_factor Form factor for cluster node VMs

Specifies the desired "size" of the VM
ClusterNodeVMFormFactor Default: "MEDIUM"
roles Cluster node roles of the VM

List of cluster node role (or roles) which the VM should take on.
They specify what type (or types) of cluster node which the new VM
should act as.
Currently both CONTROLLER and MANAGER must be provided, since this
permutation is the only one supported now.
array of ClusterNodeRole Required
user_settings User settings for the VM

Username and password settings for the cluster node VM.
Passwords must be at least 12 characters in length and contain at
least one lowercase, one uppercase, one numerical, and one special
character.
Note: These settings will be honored only during VM deployment.
Post-deployment, CLI must be used for changing the user settings and
changes to these parameters will not have any effect.
NodeUserSettings Required
vm_id ID of VM used to recognize it

ID of the VM maintained internally and used to recognize it.
Note: This is automatically generated and cannot be modified.
string Readonly

ClusterNodeVMDeploymentRequestList (schema)

ClusterNodeVMDeploymentRequest list

List of ClusterNodeVMDeploymentRequests

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Results

Array of existing ClusterNodeVMDeploymentRequests
array of ClusterNodeVMDeploymentRequest Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ClusterNodeVMDeploymentStatusReport (schema)

Report of a VM's deployment status

Contains up-to-date information relating to an auto-deployed VM, including
its status and (potentially) an error message.

Name Description Type Notes
failure_code Error code for failure

In case of auto-deployment-related failure, the code for the error will
be stored here.
integer
failure_message Error message for failure

In case of auto-deployment-related failure, an error message will be
stored here.
string
status Auto-deployed VM's deployment status

Status of the addition or deletion of an auto-deployed cluster node VM.
string Required
Enum: UNKNOWN_STATE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, WAITING_TO_REGISTER_VM, VM_REGISTRATION_FAILED, VM_WAITING_TO_CLUSTER, VM_WAITING_TO_COME_ONLINE, VM_ONLINE_FAILED, VM_CLUSTERING_IN_PROGRESS, VM_CLUSTERING_FAILED, VM_CLUSTERING_SUCCESSFUL, WAITING_TO_UNDEPLOY_VM, VM_DECLUSTER_IN_PROGRESS, VM_DECLUSTER_FAILED, VM_DECLUSTER_SUCCESSFUL, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL

ClusterNodeVMFormFactor (schema)

Supported VM form factor for cluster nodes

Specifies the desired "size" of the VM. Affects number of virtual CPUs
and/or memory size given to the new cluster node VM.

Name Description Type Notes
ClusterNodeVMFormFactor Supported VM form factor for cluster nodes

Specifies the desired "size" of the VM. Affects number of virtual CPUs
and/or memory size given to the new cluster node VM.
string Enum: SMALL, MEDIUM, LARGE

ClusterProfile (schema)

This is an abstract type. Concrete child types:
BridgeHighAvailabilityClusterProfile
EdgeHighAvailabilityProfile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value ClusterProfile ClusterProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ClusterProfileListParameters (schema)

ClusterProfile List Parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_system_owned Whether the list result contains system resources boolean Default: "True"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
resource_type Type of cluster profile ClusterProfileType
sort_ascending boolean
sort_by Field by which records are sorted string

ClusterProfileListResult (schema)

Cluster Profile queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Cluster Profile Results array of ClusterProfile
(Abstract type: pass one of the following concrete types)
BridgeHighAvailabilityClusterProfile
EdgeHighAvailabilityProfile		 Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ClusterProfileType (schema)

Supported cluster profiles.

Name Description Type Notes
ClusterProfileType Supported cluster profiles. string Enum: EdgeHighAvailabilityProfile, BridgeHighAvailabilityClusterProfile

ClusterProfileTypeIdEntry (schema)

Name Description Type Notes
profile_id key value string Required
resource_type ClusterProfileType

ClusterRestoreStatus (schema)

Cluster restore status

Name Description Type Notes
backup_timestamp Timestamp when backup was initiated in epoch millisecond EpochMsTimestamp Required
Readonly
endpoints The list of allowed endpoints, based on the current state of the restore process array of ResourceLink Required
Readonly
id Unique id for backup request string Required
Readonly
instructions Instructions for users to reconcile Restore operations array of InstructionInfo Readonly
restore_end_time Timestamp when restore was completed in epoch millisecond EpochMsTimestamp Readonly
restore_start_time Timestamp when restore was started in epoch millisecond EpochMsTimestamp Readonly
status GlobalRestoreStatus
step RestoreStep
total_steps Total number of steps in the entire restore process integer Required
Readonly

ClusterRoleConfig (schema)

Name Description Type Notes
type Type of this role configuration string Required
Readonly
Enum: ManagementClusterRoleConfig, ControllerClusterRoleConfig

ClusterStatus (schema)

Name Description Type Notes
cluster_id Unique identifier of this cluster string Readonly
control_cluster_status The current status of the control cluster ControllerClusterStatus Readonly
mgmt_cluster_status The current status of the management cluster ManagementClusterStatus Readonly

ClusterVirtualIpProperties (schema)

Cluster virtual IP properties

Name Description Type Notes
ip_address Virtual IP address, 0.0.0.0 if not configured string Required

ClusteringConfig (schema)

Configuration for VM's clustering

Configuration for automatically joining a cluster node to the
cluster after it is deployed. ClusteringConfig is required
if any of the deployment nodes has CONTROLLER role.

Name Description Type Notes
clustering_type Type for the clustering config

Specifies the type of clustering config to be used.
string Required
Enum: ControlClusteringConfig

ClusteringInfo (schema)

Clustering parameters for the controller cluster

Name Description Type Notes
join_to_existing_cluster True If the controller node should join an existing cluster

Property to indicate if the node must join an existing cluster.		 boolean Required
shared_secret Shared Secret of the cluster

Shared secret of the cluster.		 string Required

ClusteringStatus (schema)

Name Description Type Notes
ClusteringStatus string Enum: CONNECTED, DISCONNECTED, UNKNOWN

ClustersAggregateInfo (schema)

Name Description Type Notes
cluster_status Status of all the cluster groups AllClusterGroupStatus
controller_cluster Array of Controller Nodes array of ControllerNodeAggregateInfo Required
management_cluster Array of Management Nodes array of ManagementNodeAggregateInfo Required

ColumnItem (schema)

Grid Column

Represents a column of the Grid

Name Description Type Notes
column_identifier Identifier for this column

Identifies the column and used for fetching content upon an user click or drilldown. If column identifier is not provided, the column's data will not participate in searches and drilldowns.		 string
drilldown_id Id of drilldown widget

Id of drilldown widget, if any. Id should be a valid id of an existing widget.		 string Maximum length: 255
field Column Field

Field from which values of the column will be derived.		 string Required
Maximum length: 1024
hidden Hide the column

If set to true, hides the column		 boolean Default: "False"
label Column Label

Label of the column.		 Label Required
navigation Navigation to a specified UI page

Hyperlink of the specified UI page that provides details. If drilldown_id is provided, then navigation cannot be used.		 string Maximum length: 1024
render_configuration Render Configuration

Render configuration to be applied, if any.		 array of RenderConfiguration
sort_ascending Represents order of sorting the values

If true, the value of the column are sorted in ascending order. Otherwise, in descending order.		 boolean Default: "True"
sort_key Key for sorting on this column

Sorting on column is based on the sort_key. sort_key represents the field in the output data on which sort is requested.		 string Maximum length: 255
tooltip Multi-line tooltip

Multi-line text to be shown on tooltip while hovering over a cell in the grid.		 array of Tooltip
type Field data type

Data type of the field.		 string Required
Enum: String, Number, Date
Maximum length: 255
Default: "String"

CommunicationEntry (schema) (Deprecated)

A communication entry specifies the security policy between the workload groups

A communication entry indicates the action to be performed for various types of traffic flowing between workload groups. This type is deprecated. Use the type Rule instead.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
action Action

The action to be applied to all the services.
string Enum: ALLOW, DROP, REJECT
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
destination_groups Destination group paths

We need paths as duplicate names may exist for groups under different
domains.In order to specify all groups, use the constant "ANY". This
is case insensitive. If "ANY" is used, it should be the ONLY element
in the group array. Error will be thrown if ANY is used in conjunction
with other values.
array of string Maximum items: 128
direction Direction

Define direction of traffic.
string Enum: IN, OUT, IN_OUT
Default: "IN_OUT"
disabled Flag to disable the rule

Flag to disable the rule. Default is enabled.		 boolean Default: "False"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
logged Enable logging flag

Flag to enable packet logging. Default is disabled.		 boolean Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
notes Text for additional notes on changes

Text for additional notes on changes.		 string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value CommunicationEntry string
scope The list of policy paths where the communication entry is applied
Edge/LR/T0/T1/LRP/CGW/MGW/etc. Note that a given rule can be applied
on multiple LRs/LRPs.
array of string Maximum items: 128
sequence_number Sequence number of the this CommunicationEntry

This field is used to resolve conflicts between multiple
CommunicationEntries under CommunicationMap for a Domain
int
services Names of services

In order to specify all services, use the constant "ANY".
This is case insensitive. If "ANY" is used, it should
be the ONLY element in the services array. Error will be thrown
if ANY is used in conjunction with other values.
array of string Maximum items: 128
source_groups Source group paths

We need paths as duplicate names may exist for groups under different
domains. In order to specify all groups, use the constant "ANY". This
is case insensitive. If "ANY" is used, it should be the ONLY element
in the group array. Error will be thrown if ANY is used in conjunction
with other values.
array of string Maximum items: 128
tag Tag applied on the communication entry

User level field which will be printed in CLI and packet logs.
string Maximum length: 32
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CommunicationEntryInsertParameters (schema) (Deprecated)

Parameters to tell where communication entry needs to be placed

Parameters to let the admin specify a relative position of a communication
entry w.r.t to another one in the same communication map. If the
communication entry specified in the anchor_path belongs to another
communication map an error will be thrown
This type is deprecated. Use the type RuleInsertParameters instead.

Name Description Type Notes
anchor_path The communication map/communication entry path if operation is 'insert_after' or 'insert_before' string
operation Operation string Enum: insert_top, insert_bottom, insert_after, insert_before
Default: "insert_top"

CommunicationEntryListRequestParameters (schema) (Deprecated)

CommunicationEntry list request parameters

This type is deprecated. Use the type RuleListRequestParameters instead.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

CommunicationEntryListResult (schema) (Deprecated)

Paged Collection of CommunicationEntries

This type is deprecated. Use the type RuleListResult instead.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results CommunicationEntry list results array of CommunicationEntry Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

CommunicationInsertParameters (schema) (Deprecated)

Parameters to tell where communication map/communication entry
needs to be placed

Parameters to let the admin specify a relative position of a communication
map or communication entry w.r.t to another one.
This type is deprecated. Use the type RuleInsertParameters instead.

Name Description Type Notes
anchor_path The communication map/communication entry path if operation is 'insert_after' or 'insert_before' string
operation Operation string Enum: insert_top, insert_bottom, insert_after, insert_before
Default: "insert_top"

CommunicationMap (schema) (Deprecated)

Contains ordered list of CommunicationEntries

Ordered list of CommunicationEntries. This object is created by default
along with the Domain.
This type is deprecated. Use the type SecurityPolicy instead.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
category A way to classify a communication map, if needed.

- Distributed Firewall -
Policy framework for Distributed Firewall provides four pre-defined
categories for classifying a communication map. They are
"Emergency", "Infrastructure", "Environment" and "Application".
Amongst the layer 3 communication maps,there is a pre-determined
order in which the policy framework manages the priority of these
communication maps. Emergency category has the highest priority
followed by Infrastructure, Environment and then Application rules.
Administrator can choose to categorize a communication map into the
above categories or can choose to leave it empty. If empty it will
have the least precedence w.r.t the above four layer 3 categories.
string
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
communication_entries CommunicationEntries that are a part of this CommunicationMap array of CommunicationEntry
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
precedence Precedence to resolve conflicts across Domains

This field is used to resolve conflicts between communication maps
across domains. In order to change the precedence of a communication
map one can fire a POST request on the communication map entity with
a query parameter action=revise
The precedence field will reflect the value of the computed precedence
upon execution of the above mentioned POST request.
For scenarios where the administrator is using a template to update
several communication maps, the only way to set the precedence is to
explicitly specify the precedence number for each communication map.
int
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value CommunicationMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CommunicationMapInsertParameters (schema) (Deprecated)

Parameters to tell where communication map needs to be placed

Parameters to let the admin specify a relative position of a communication
map w.r.t to another one.
This type is deprecated. Use the type SecurityPolicyInsertParameters instead.

Name Description Type Notes
anchor_path The communication map/communication entry path if operation is 'insert_after' or 'insert_before' string
operation Operation string Enum: insert_top, insert_bottom, insert_after, insert_before
Default: "insert_top"

CommunicationMapListRequestParameters (schema) (Deprecated)

CommunicationMap list request parameters

This type is deprecated. Use the type SecurityPolicyListRequestParameters instead.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

CommunicationMapListResult (schema) (Deprecated)

Paged Collection of Communication map

This type is deprecated. Use the type SecurityPolicyListResult instead.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results CommunicationMap list results array of CommunicationMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

CommunityList (schema)

Community list for BGP routing configuration

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
communities List of BGP community entries

List of BGP community entries. Both standard and large communities
are supported. Standard community format: aa:nn where aa and nn must
be within the range [1 - 65536]. Large BGP Community format: aa:bb:nn
where aa (Global Administrator), bb (Local Data Part 1) and nn (Local
Data Part 2) must be within the range [1 - 4294967295]. In additon to
numbered communites (e.g. 3356:2040), predefined communities (NO_EXPORT,
NO_ADVERTISE, NO_EXPORT_SUBCONFED) are supported.
array of string Required
Minimum items: 1
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value CommunityList string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CommunityListListResult (schema)

Paged collection of CommunityLists

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results CommunityList results array of CommunityList Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

CommunityMatchCriteria (schema)

Match criteria based on a community list

Name Description Type Notes
criteria Match criteria based on community list path or a regular expression

Match criteria specified as a community list path or a regular
expression.
string Required
match_operator Match operator for community list entries

Match operator for community list entries. Not valid when a regular expression is specified for criteria.
string Enum: MATCH_ANY, MATCH_ALL, MATCH_EXACT, MATCH_COMMUNITY_REGEX, MATCH_LARGE_COMMUNITY_REGEX

CommunityMatchExpression (schema)

Community match expression

Name Description Type Notes
expression Array of community match operations array of CommunityMatchOperation Required
operator Operator

Operator for evaluating community match expressions.
AND logical AND operator
string Readonly
Enum: AND

CommunityMatchOperation (schema)

Community match operation

Name Description Type Notes
community_list_id Community list id

ID of BGP community list. This value is not required when
match_operator is MATCH_REGEX otherwise required.
string
match_operator Match operator

Match operator for communities from provided community list id.
MATCH_ANY will match any community
MATCH_ALL will match all communities
MATCH_EXACT will do exact match on community
MATCH_NONE [operator not supported] will not match any community
MATCH_REGEX will match normal communities by evaluating regular
expression
MATCH_LARGE_COMMUNITY_REGEX will match large communities by evaluating
regular expression
string Enum: MATCH_ANY, MATCH_ALL, MATCH_EXACT, MATCH_NONE, MATCH_REGEX, MATCH_LARGE_COMMUNITY_REGEX
Default: "MATCH_ANY"
regular_expression Regular expression

Regular expression to match BGP communities. If match_operator
is MATCH_REGEX then this value must be specified.
string

ComponentMigrationStatus (schema)

Name Description Type Notes
can_skip Can the migration of the remaining units in this component be skipped boolean Readonly
component_type Component type for the migration status string Readonly
details Details about the migration status string Readonly
percent_complete Indicator of migration progress in percentage number Required
Readonly
status Migration status of component string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSED

ComponentTargetVersion (schema)

Name Description Type Notes
component_type string Required
Readonly
target_version string Required
Readonly

ComponentTypeListRequestParameters (schema)

Name Description Type Notes
component_type Component type on which the action is performed or on which the results are filtered string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ComponentUpgradeChecksInfo (schema)

Meta-data of pre/post-upgrade checks for a component

Meta-data of pre/post-upgrade checks for a component

Name Description Type Notes
component_type Component type

Component type of the pre/post-upgrade checks		 string Required
post_upgrade_checks_info Collection of post-upgrade checks array of UpgradeCheckInfo
pre_upgrade_checks_info Collection of pre-upgrade checks array of UpgradeCheckInfo

ComponentUpgradeChecksInfoListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Collection of info of pre/post-upgrade checks for components array of ComponentUpgradeChecksInfo Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ComponentUpgradeStatus (schema)

Name Description Type Notes
can_skip Can the upgrade of the remaining units in this component be skipped boolean Readonly
component_type Component type for the upgrade status string Readonly
current_version_node_summary Mapping of current versions of nodes and counts of nodes at the respective versions. NodeSummaryList Readonly
details Details about the upgrade status string Readonly
node_count_at_target_version Count of nodes at target component vrin

Number of nodes of the type and at the component version		 int Readonly
percent_complete Indicator of upgrade progress in percentage number Required
Readonly
pre_upgrade_status Pre-upgrade status of the component-type UpgradeChecksExecutionStatus Readonly
status Upgrade status of component string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED
target_component_version Target component version string Readonly

ComputeClusterIdfwConfiguration (schema)

Compute cluster idfw configuration

Idfw configuration for enable/disable idfw on cluster level.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
cluster_idfw_enabled Idfw enabled flag

If set to true, idfw is enabled for this cluster		 boolean Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
member PolicyResourceReference

Contains actual policy resource reference object		 PolicyResourceReference Required
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value ComputeClusterIdfwConfiguration string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ComputeClusterIdfwConfigurationListRequestParameters (schema)

Compute cluster idfw configuration request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ComputeClusterIdfwConfigurationListResult (schema)

Paged collection of compute cluster idfw configuration

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Compute cluster wise identity firewall configuration list results array of ComputeClusterIdfwConfiguration Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ComputeCollection (schema)

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cm_local_id Local Id of the compute collection in the Compute Manager string Required
Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id External ID of the ComputeCollection in the source Compute manager, e.g. mo-ref in VC string Required
Readonly
origin_id Id of the compute manager from where this Compute Collection was discovered string Required
Readonly
origin_properties Key-Value map of additional specific properties of compute collection in the Compute Manager array of KeyValuePair Readonly
origin_type ComputeCollection type like VC_Cluster. Here the Compute Manager type prefix would help in differentiating similar named Compute Collection types from different Compute Managers string Required
Readonly
owner_id Id of the owner of compute collection in the Compute Manager string Readonly
resource_type Must be set to the value ComputeCollection string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ComputeCollectionAction (schema)

Compute collection action parameters

Name Description Type Notes
action Supported actions on compute-collection

For Compute collection, the supported actions are removeNSX.
string Enum: remove_nsx

ComputeCollectionFabricTemplate (schema)

Compute collection fabric template

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
auto_install_nsx Flag to enable/disable automatic install of NSX components

Indicates whether NSX components should be automcatically installed. When 'true' NSX components will be automatically installed on the new host added to compute collection.		 boolean Required
compute_collection_id Associated compute collection id string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value ComputeCollectionFabricTemplate string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ComputeCollectionFabricTemplateListParameters (schema)

Name Description Type Notes
compute_collection_id Compute collection id string

ComputeCollectionFabricTemplateListResult (schema)

List of compute collection fabric template

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of compute collection fabric template array of ComputeCollectionFabricTemplate Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ComputeCollectionListRequestParameters (schema)

Compute Collection list parameters

Name Description Type Notes
cm_local_id Local Id of the compute collection in the Compute Manager string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
discovered_node_id Id of the discovered node which belongs to this Compute Collection string
display_name Name of the ComputeCollection in source compute manager string
external_id External ID of the ComputeCollection in the source Compute manager, e.g. mo-ref in VC string
included_fields Comma separated list of fields that should be included in query result string
node_id Id of the fabric node created from a discovered node belonging to this Compute Collection string
origin_id Id of the compute manager from where this Compute Collection was discovered string
origin_type ComputeCollection type like VC_Cluster. Here the Compute Manager type prefix would help in differentiating similar named Compute Collection types from different Compute Managers string
owner_id Id of the owner of compute collection in the Compute Manager string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ComputeCollectionListResult (schema)

Compute Collection list result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Compute Collection list results array of ComputeCollection Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ComputeCollectionNetworkInterfacesListResult (schema)

ComputeCollection Interfaces List Result

List of network interfaces for all discovered nodes in compute collection

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Discovered node network interfaces

List of discovered node with network interfaces		 array of DiscoveredNodeNetworkInterfaces Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ComputeCollectionTransportNodeTemplate (schema) (Deprecated)

Compute collection transport node template

Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
compute_collection_ids Associated compute collection ids array of string Required
Minimum items: 1
Maximum items: 1
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
host_switch_spec Transport node host switch specification

Property 'host_switch_spec' can be used to create either standard host switch or preconfigured host switch.		 HostSwitchSpec
(Abstract type: pass one of the following concrete types)
PreconfiguredHostSwitchSpec
StandardHostSwitchSpec
id Unique identifier of this resource string Sortable
network_migration_spec_ids Id(s) of Network migration specifications to be linked to compute collections

Property 'network_migration_spec_ids' should only be used for compute collections which are clusters in VMware vCenter. Currently only HostProfileNetworkMigrationSpec type is supported. This specification will only apply to Stateless ESX hosts which are under this vCenter cluster.		 array of NetworkMigrationSpecTypeIdEntry Maximum items: 1
resource_type Must be set to the value ComputeCollectionTransportNodeTemplate string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_zone_endpoints Transport zone endpoints array of TransportZoneEndPoint

ComputeCollectionTransportNodeTemplateState (schema) (Deprecated)

Transport node state per compute collection

Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.

Name Description Type Notes
compute_collection_id Associated compute collection id string Readonly
template_states Transport node template states in compute collection array of TransportNodeTemplateState Readonly

ComputeCollectionTransportNodeTemplateStateList (schema) (Deprecated)

Transport node creation state list

Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results State list per compute collection array of ComputeCollectionTransportNodeTemplateState Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ComputeInstanceErrorMessage (schema)

Compute Instance Error Message

Stores an error ID and error message

Name Description Type Notes
detailed_message Error details

Error message string to indicate, if it is NSX or cloud operation generated error.		 string Required
Readonly
error_id An error ID contract obtained from PCM integer Required
Readonly

ComputeManager (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
credential Login credentials for the compute manager LoginCredential
(Abstract type: pass one of the following concrete types)
LoginCredential
UsernamePasswordLoginCredential
VerifiableAsymmetricLoginCredential
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
origin_properties Key-Value map of additional specific properties of compute manager array of KeyValuePair Readonly
origin_type Compute manager type like vCenter string Required
resource_type Must be set to the value ComputeManager string
server IP address or hostname of compute manager string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ComputeManagerListRequestParameters (schema)

Compute manager list parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
origin_type Compute manager type like vCenter string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
server IP address or hostname of compute manager string
sort_ascending boolean
sort_by Field by which records are sorted string

ComputeManagerListResult (schema)

List of compute managers

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of compute managers array of ComputeManager Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ComputeManagerStatus (schema)

Runtime status information of the compute manager

Name Description Type Notes
connection_errors Errors when connecting with compute manager array of ErrorInfo Readonly
connection_status Status of connection with the compute manager string Readonly
Enum: UP, DOWN, CONNECTING
connection_status_details Details about connection status string Readonly
last_sync_time Timestamp of the last successful update of Inventory, in epoch milliseconds. EpochMsTimestamp Readonly
registration_errors Errors when registering with compute manager array of ErrorInfo Readonly
registration_status Registration status of compute manager string Readonly
Enum: REGISTERED, UNREGISTERED, REGISTERING
version Version of the compute manager string Readonly

Condition (schema)

Represents the leaf level condition

Represents the leaf level condition.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
key Key string Required
Enum: Tag, Name, OSName, ComputerName
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
member_type Group member type string Required
Enum: IPSet, VirtualMachine, LogicalPort, LogicalSwitch, Segment, SegmentPort
operator operator string Required
Enum: EQUALS, CONTAINS, STARTSWITH, ENDSWITH, NOTEQUALS
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Condition string Required
Enum: Condition, ConjunctionOperator, NestedExpression, IPAddressExpression, MACAddressExpression, ExternalIDExpression, PathExpression, IdentityGroupExpression
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
value Value string Required
Minimum length: 1

ConditionalForwarderZone (schema)

Name Description Type Notes
domain_names Domain names of a forwarder zone

A forwarder domain name should be a valid FQDN. If reverse lookup is
needed for this zone, reverse lookup domain name like X.in-addr.arpa
can be defined. Here the X represents a subnet.
array of string Required
Minimum items: 1
Maximum items: 100
source_ip Source ip of the forwarder

The source ip used by the fowarder of the zone. If no source ip
specified, the ip address of listener of the DNS forwarder will
be used.
IPv4Address
upstream_servers Ips of upsteam DNS servers

Ip address of the upstream DNS servers the DNS forwarder accesses.
array of IPv4Address Required
Minimum items: 1
Maximum items: 3

ConditionalValueConstraintExpression (schema)

Represents the leaf level conditional value constraint.

Represents the leaf level expression to restrict the target attribute value
based on the set of existing values. Generally, used in combination with
RelatedAttributeConditionalExpression to constraint the values related to
another attribute on the same resource. This object is always used in
conjunction with some exression.
Example -
{
"condition" : {
"operator":"INCLUDES",
"rhs_value": ["/infra/domains/mgw/groups/VCENTER", "/infra/domains/mgw/groups/SRM", "/infra/domains/mgw/groups/NSX"],
"value_constraint": {
"resource_type": "ValueConstraintExpression",
"operator":"EXCLUDES",
"values":["/infra/domains/mgw/groups/VCENTER", "/infra/domains/mgw/groups/SRM", "/infra/domains/mgw/groups/NSX"]
}
}

Name Description Type Notes
operator Set operation to constraint values. string Required
Enum: INCLUDES, EXCLUDES, EQUALS
rhs_value Array of values to perform operation.

List of values.		 array of string Required
value_constraint Value Constraint

Values to apply the conditional constraint on target.
ValueConstraintExpression Required

ConfigState (schema)

Config State

Configuration State.

Name Description Type Notes
ConfigState Config State

Configuration State.		 string Enum: SUCCESS, IN_PROGRESS, ERROR, UNKNOWN, UNINITIALIZED

ConfigurationState (schema)

Describes status of configuration of an entity

Name Description Type Notes
details Array of configuration state of various sub systems array of ConfigurationStateElement Readonly
failure_code Error code integer Readonly
failure_message Error message in case of failure string Readonly
state Overall state of desired configuration

Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.		 string Required
Readonly
Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED

ConfigurationStateElement (schema)

Describes status of configuration of an entity

Name Description Type Notes
failure_code Error code integer Readonly
failure_message Error message in case of failure string Readonly
state State of configuration on this sub system string Required
Readonly
Enum: in_progress, success, failed, partial_success, VM_DEPLOYMENT_FAILED, VM_POWER_ON_FAILED, VM_POWER_OFF_FAILED, VM_UNDEPLOY_FAILED, EDGE_CONFIG_ERROR, REGISTRATION_FAILED, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_NETWORK_EDIT_PENDING, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED, NOT_AVAILABLE, pending, orphaned, unknown, error
sub_system_address URI of backing resource on sub system string Readonly
sub_system_id Identifier of backing resource on sub system string Readonly
sub_system_type Type of backing resource on sub system string Readonly

ConjunctionOperator (schema)

Represents the operators AND or OR

Represents the operators AND or OR.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
conjunction_operator Conjunction Operator Node string Required
Enum: OR, AND
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value ConjunctionOperator string Required
Enum: Condition, ConjunctionOperator, NestedExpression, IPAddressExpression, MACAddressExpression, ExternalIDExpression, PathExpression, IdentityGroupExpression
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ConnectivityAdvancedConfig (schema)

Advanced configuration for Policy connectivity

Name Description Type Notes
connectivity Connectivity configuration

Connectivity configuration to manually connect (ON) or disconnect (OFF)
a logical entity from network topology.
string Enum: ON, OFF
Default: "ON"

ConsolidatedRealizedStatus (schema)

Consolidated Realized Status for an Intent Object

Consolidated Realized Status of an intent object across enforcement points.

Name Description Type Notes
consolidated_status Consolidated Realized Status

Consolidated Realized Status across enforcement points.		 ConsolidatedStatus Readonly
consolidated_status_per_enforcement_point List of Consolidated Realized Status per Enforcement Point

List of Consolidated Realized Status per enforcement point.		 array of ConsolidatedStatusPerEnforcementPoint Readonly
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F.
string Required
Readonly

ConsolidatedStatus (schema)

Consolidated Status

Consolidated Status of an intent object. Status Consolidation of an intent happens at
multiple levels:
- Per Enforcement Point: calculation of the consolidated status is performed using all
realized entities that the intent objet maps to on a specific enforcement point.
- Across Enforcement Points: calculation of the consolidated status is performend
aggregating the consolidated status from each enforcement point.

Name Description Type Notes
consolidated_status Consolidated Realized Status

Consolidated Realized Status of an intent object.		 ConfigState Readonly

ConsolidatedStatusPerEnforcementPoint (schema)

Consolidated Realized Status Per Enforcement Point

Consolidated Realized Status Per Enforcement Point.

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
consolidated_status Consolidated Realized Status

Consolidated Realized Status of an Intent object per enforcement point.
ConsolidatedStatus Readonly
enforcement_point_id Enforcement Point Id

Enforcement Point Id.		 string Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly

ConstantFieldValue (schema)

Constant Field Value

Constant Field Value.

Name Description Type Notes
constant Constant Value

Constant Value that the field must be set to.
object
resource_type Must be set to the value ConstantFieldValue string Required
Enum: ConstantFieldValue

Constraint (schema)

Constraint definition.

Constraint object to constraint any attribute on a resource based on
specified expression.
Example- Restrict the allowed services in Edge Communication Entry to list of
services, if the destinationGroups contain vCenter.
{
"target":{
"target_resource_type":"CommunicationEntry",
"attribute":"services",
"path_prefix":"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries"
}
"constraint_expression":{
"related_attribute":{
"attribute":"destinationGroups"
}
"condition":{
"operator":"INCLUDES",
"rhs_value":{"vCenter"}
"value_constraint":{
"operator":"ALLOW",
"values":{"/ref/services/HTTPS", "/ref/services/HTTOP", ...}
}
}
}
}

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
constraint_expression Expression to constrain the target attribute value. ConstraintExpression
(Abstract type: pass one of the following concrete types)
EntityInstanceCountConstraintExpression
FieldSanityConstraintExpression
RelatedAttributeConditionalExpression
ValueConstraintExpression		 Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
message User friendly message to be shown to users upon violation. string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Constraint string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
target Target resource attribute details. ConstraintTarget Required

ConstraintExpression (schema)

Base class for constraint expression

All the types of the expression extend from this abstract class.
This is present for extensibility.
This is an abstract type. Concrete child types:
EntityInstanceCountConstraintExpression
FieldSanityConstraintExpression
RelatedAttributeConditionalExpression
ValueConstraintExpression

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value ConstraintExpression string Required
Enum: ValueConstraintExpression, RelatedAttributeConditionalExpression, EntityInstanceCountConstraintExpression, FieldSanityConstraintExpression
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ConstraintListResult (schema)

Paged Collection of Constraints

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Constraint list results array of Constraint Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ConstraintTarget (schema)

Resource attribute on which constraint should be applied.

Resource attribute on which constraint should be applied.
Example - sourceGroups attribute of Edge CommunicationEntry to be
restricted, is given as:
{
"target_resource_type":"CommunicationEntry",
"attribute":"sourceGroups",
"path_prefix":"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries"
}

Name Description Type Notes
attribute Attribute name of the target entity. string
path_prefix Path prefix of the entity to apply constraint. This is required to further disambiguiate if multiple policy entities share the same resource type. Example - Edge FW and DFW use the same resource type CommunicationMap, CommunicationEntry, Group, etc. string
target_resource_type Resource type of the target entity. string Required

ContainerApplication (schema)

Container application within a project

Container application within a project.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
container_cluster_id Identifier of the container cluster

Identifier of the container cluster this container application belongs to.		 string Readonly
container_project_id Identifier of the project

Identifier of the project which this container application belongs to.		 string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id External identifier of the container application

Identifier of the container application on container cluster
e.g. PCF app id, k8s service id.
string Required
origin_properties Origin properties

Array of additional specific properties of container application
in key-value format.
array of KeyValuePair
resource_type Must be set to the value ContainerApplication string Required
status Status of the container application

Status of the container application.		 string Enum: UNKNOWN, HEALTHY, UP, DOWN, DEGRADED
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ContainerApplicationInstance (schema)

Container Application Instance

Container application instance within a project.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cluster_node_id Cluster node id

Cluster node id where application instance is running.		 string
container_application_ids Identifiers of the container application

List of identifiers of the container application.		 array of string
container_cluster_id Identifier of the container cluster

Identifier of the container cluster this application instance belongs to.		 string Readonly
container_project_id Identifier of the project

Identifier of the container project which this container application instance
belongs to.
string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id External identifier of the container application instance

Identifier of the container application instance on container cluster.		 string Required
origin_properties Origin properties

Array of additional specific properties of container application instance
in key-value format.
array of KeyValuePair
resource_type Must be set to the value ContainerApplicationInstance string Required
status Status of the container application instance

Status of the container application instance.		 string Enum: UNKNOWN, HEALTHY, UP, DOWN, DEGRADED
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ContainerApplicationInstanceListRequestParameters (schema)

Container application instance list parameters

Request object, containing multiple properties, based on which the result will be filtered.
None or multiple properties can be passed as filter criteria. If multiple properties are passed
then result will be the intersection of the resultsets by applying each filter individually.

Name Description Type Notes
container_application_id Identifier of the container application

Identifier of the container application.		 string
container_cluster_id Identifier of the container cluster

Identifier of the container cluster.		 string
container_project_id Identifier of the container project

Identifier of the container project.		 string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ContainerApplicationInstanceListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of Container Applications array of ContainerApplicationInstance Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ContainerApplicationListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of Container Applications array of ContainerApplication Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ContainerCluster (schema)

Container cluster

Details of container cluster.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cluster_type Type of the container cluster

Type of the container cluster. In case of creating container cluster
first time, it is expected to pass the valid cluster-type.
In case of update, if there is no change in cluster-type, then this
field can be omitted in the request.
string Enum: PAS, PKS, Kubernetes, Openshift, WCP, Other
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id External identifier of the container cluster

External identifier of the container cluster.		 string
infrastructure Details of infrastructure for the container cluster

Details of underlying infrastructure that hosts the container cluster.
In case of creating container cluster first time, it is expected to
pass the valid infrastructure.
In case of update, if there is no change in cluster-type, then this
field can be omitted in the request.
ContainerInfrastructureInfo
origin_properties Origin properties

Array of additional specific properties of container cluster
in key-value format.
array of KeyValuePair
resource_type Must be set to the value ContainerCluster string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ContainerClusterFilterParameters (schema)

Container cluster filter parameter

Request object, containing multiple properties, based on which the result will be filtered.
None or multiple properties can be passed as filter criteria. If multiple properties are passed
then result will be the intersection of the resultsets by applying each filter individually.

Name Description Type Notes
container_cluster_id Identifier of the container cluster

Identifier of the container cluster.		 string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ContainerClusterListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of Container Clusters array of ContainerCluster Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ContainerClusterNode (schema)

Container cluster node

Details of container cluster node i.e. container host.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
container_cluster_id External identifier of the container cluster

External identifier of the container cluster.		 string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id External identifier of the container cluster node

External identifier of the container cluster node in K8S/PAS.
string Required
origin_properties Origin properties

Array of additional specific properties of container cluster node
in key-value format.
array of KeyValuePair
resource_type Must be set to the value ContainerClusterNode string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ContainerClusterNodeListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of container cluster nodes array of ContainerClusterNode Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ContainerClusterPropertiesFilterParameters (schema)

Container cluster filter parameter by cluster properties

Request object, containing multiple cluster properties, based on which the result will be filtered.
None or multiple properties can be passed as filter criteria. If multiple properties are passed
then result will be the intersection of the resultsets by applying each filter individually.

Name Description Type Notes
cluster_type Type of container cluster

This is the type of container cluster.		 string Enum: PAS, PKS, Kubernetes, Openshift, WCP, Other
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
infra_type Type of infrastructure

This is the type of container's infrastructure.		 string Enum: vSphere, AWS, Azure, VMC, KVM, Baremetal
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ContainerConfiguration (schema)

Container that holds widgets

Represents a container to group widgets that belong to a common category or have a common purpose.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
datasources Array of Datasource Instances with their relative urls

The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.		 array of Datasource Minimum items: 0
description Description of this resource string Maximum length: 1024
Sortable
display_name Widget Title

Title of the widget. If display_name is omitted, the widget will be shown without a title.		 string Maximum length: 255
drilldown_id Id of drilldown widget

Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.		 string Maximum length: 255
footer Footer
icons Icons

Icons to be applied at dashboard for widgets and UI elements.		 array of Icon
id Unique identifier of this resource string Sortable
is_drilldown Set as a drilldown widget

Set to true if this widget should be used as a drilldown.		 boolean Default: "False"
labels Labels

Labels for the container.		 array of Label Minimum items: 0
layout Layout of widgets inside container

Layout of widgets can be either vertical or horizontal. If layout is not specified a default horizontal layout is applied.		 Layout
legend Legend for the widget

Legend to be displayed. If legend is not needed, do not include it.		 Legend
navigation Navigation to a specified UI page

Hyperlink of the specified UI page that provides details.		 string Maximum length: 1024
resource_type Must be set to the value ContainerConfiguration string Required
Readonly
Enum: LabelValueConfiguration, DonutConfiguration, MultiWidgetConfiguration, ContainerConfiguration, StatsConfiguration, GridConfiguration, GraphConfiguration
Maximum length: 255
shared Visiblity of widgets to other users

Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.		 boolean Deprecated
span Number of widgets to be held in this container horizontally

Represents the horizontal span of the container.		 int Default: "2"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
weight Weightage or placement of the widget or container

Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.		 int Deprecated
widgets Widgets held by the container

If not specified, creates an empty container.		 array of WidgetItem Minimum items: 0

ContainerInfrastructureInfo (schema)

Details of container infrastructure

Details of infrastructure hosting the container cluster
e.g. vSphere, AWS, VMC etc..

Name Description Type Notes
infra_type Type of the infrastructure

Type of the infrastructure.		 string Required
Enum: vSphere, AWS, Azure, VMC, KVM, Baremetal

ContainerIngressPolicy (schema)

Container Ingress Policy

Details of Container Ingress Policy.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
container_cluster_id Identifier of the container cluster

Identifier of the container cluster this ingress policy belongs to.		 string
container_project_id Identifier of the project

Identifier of the project which this container ingress belongs to.		 string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id External identifier of the container ingress policy

Identifier of the container ingress policy.		 string Required
origin_properties Origin properties

Array of additional specific properties of container ingress
in key-value format.
array of KeyValuePair
resource_type Must be set to the value ContainerIngressPolicy string Required
spec Container ingress policy specification

Container ingress policy specification.		 string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ContainerIngressPolicyListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of Container Ingress Policy specs array of ContainerIngressPolicy Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ContainerNetworkPolicy (schema)

Container Network Policy

Network policy applied to container.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
container_cluster_id Identifier of the container cluster

Identifier of the container cluster this network policy belongs to.		 string
container_project_id Identifier of the project

Identifier of the project which this network policy belongs to.		 string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id External identifier of the container network policy

Identifier of the container network policy.		 string Required
origin_properties Origin properties

Array of additional specific properties of container network policy
in key-value format.
array of KeyValuePair
policy_type Type

Type e.g. Network Policy, ASG.		 string Enum: NETWORK_POLICY, ASG
resource_type Must be set to the value ContainerNetworkPolicy string Required
spec Container network policy specification

Container network policy specification.		 string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ContainerNetworkPolicyListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of Container Network Policy specs array of ContainerNetworkPolicy Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ContainerObjectsListRequestParameters (schema)

Container objects list parameters

Request object, containing multiple properties, based on which the result will be filtered.
None or multiple properties can be passed as filter criteria. If multiple properties are passed
then result will be the intersection of the resultsets by applying each filter individually.

Name Description Type Notes
container_cluster_id Identifier of the container cluster

Identifier of the container cluster.		 string
container_project_id Identifier of the container project

Identifier of the container project.		 string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ContainerProject (schema)

Container project within a container cluster

Details of org/namespace within a container cluster.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
container_cluster_id Identifier of the container cluster

Identifier of the container cluster to which this project/namespace belongs.		 string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id External identifier of the container project

External identifier of the container project.		 string Required
origin_properties Origin properties

Array of additional specific properties of container project
in key-value format.
array of KeyValuePair
resource_type Must be set to the value ContainerProject string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ContainerProjectListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of projects array of ContainerProject Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ContentFilterValue (schema)

Support bundle content filter allowed values

Name Description Type Notes
ContentFilterValue Support bundle content filter allowed values string Enum: ALL, DEFAULT

ContinueMigrationRequestParameters (schema)

Name Description Type Notes
skip Skip to migration of next component. boolean Default: "False"

ContinueRequestParameters (schema)

Name Description Type Notes
component_type Component to upgrade.

Hints NSX to upgrade a specific component.		 string
skip Skip to upgrade of next component. boolean Default: "False"

ControlClusterNodeStatus (schema)

Name Description Type Notes
control_cluster_status Status of this node's connection to the control cluster ClusteringStatus Readonly
mgmt_connection_status Status of this node's management plane connection MgmtConnStatus Readonly

ControlClusteringConfig (schema)

Clustering config for joining control cluster

Config for joining cluster nodes VMs to a control cluster

Name Description Type Notes
clustering_type Must be set to the value ControlClusteringConfig string Required
Enum: ControlClusteringConfig
join_to_existing_cluster Flag to identify the type of clustering

Specifies whether or not the cluster node VM should try to join to
the existing control cluster or initialize a new one.
Only required in uncertainty case, i.e. when there are manually-
deployed controllers that are registered but not connected to the
cluster and no auto-deployed controllers are part of the cluster.
boolean
shared_secret Cluster's shared secret

Shared secret to be used when joining the cluster node VM to a control
cluster or for initializing a new cluster with the VM.
Must contain at least 4 unique characters and be at least 6 characters
long.
string Required

ControlConnStatus (schema)

Name Description Type Notes
control_node_ip IP address of the control Node. string Required
Readonly
failure_status Failure status of the control Node for e.g CONNECTION_REFUSED,INCOMPLETE_HOST_CERT. string Readonly
Enum: CONNECTION_REFUSED, INCOMPLETE_HOST_CERT, INCOMPLETE_CONTROLLER_CERT, CONTROLLER_REJECTED_HOST_CERT, HOST_REJECTED_CONTROLLER_CERT, KEEP_ALIVE_TIMEOUT, OTHER_SSL_ERROR, OTHER_ERROR
status Status of the control Node for e.g UP, DOWN. string Required
Readonly
Enum: UP, DOWN

ControllerClusterRoleConfig (schema)

Name Description Type Notes
control_cluster_listen_addr The IP and port for the control cluster service on this node ServiceEndpoint Readonly
control_plane_listen_addr The IP and port for the control plane service on this node ServiceEndpoint Readonly
host_msg_client_info MsgClientInfo
mpa_msg_client_info MsgClientInfo
type Type of this role configuration string Required
Readonly
Enum: ManagementClusterRoleConfig, ControllerClusterRoleConfig

ControllerClusterStatus (schema)

Name Description Type Notes
status The current status of the controller cluster string Readonly
Enum: NO_CONTROLLERS, UNSTABLE, DEGRADED, STABLE, UNKNOWN

ControllerNodeAggregateInfo (schema)

Name Description Type Notes
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
id Unique identifier of this resource string Readonly
node_interface_properties Array of Node interface statistic properties array of NodeInterfaceProperties Readonly
node_interface_statistics Array of Node network interface statistic properties array of NodeInterfaceStatisticsProperties Readonly
node_status ClusterNodeStatus Readonly
node_status_properties Time series of the node's system properties array of NodeStatusProperties
role_config ControllerClusterRoleConfig Readonly

ControllerProfilerProperties (schema)

Controller profiler properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
enabled True for enabling controller profiler,
False for disabling controller profiler.
boolean

CookiePersistenceModeType (schema)

cookie persistence mode

If the persistence cookie is found in the incoming request, value of the
cookie is used to identify the server that this request should be sent to.
If the cookie is not found, then the server selection algorithm is used to
select a new server to handle that request.
Three different modes of cookie persistence are supported: insert, prefix
and rewrite.
In cookie insert mode, a cookie is inserted by load balancer in the HTTP
response going from server to client.
In cookie prefix and rewrite modes, server controls the cookie and load
balancer only manipulates the value of the cookie. In prefix mode, server's
cookie value is prepended with the server IP and port and then sent to the
client. In rewrite mode, entire server's cookie value is replaced with the
server IP and port in the response before sending it to the client.

Name Description Type Notes
CookiePersistenceModeType cookie persistence mode

If the persistence cookie is found in the incoming request, value of the
cookie is used to identify the server that this request should be sent to.
If the cookie is not found, then the server selection algorithm is used to
select a new server to handle that request.
Three different modes of cookie persistence are supported: insert, prefix
and rewrite.
In cookie insert mode, a cookie is inserted by load balancer in the HTTP
response going from server to client.
In cookie prefix and rewrite modes, server controls the cookie and load
balancer only manipulates the value of the cookie. In prefix mode, server's
cookie value is prepended with the server IP and port and then sent to the
client. In rewrite mode, entire server's cookie value is replaced with the
server IP and port in the response before sending it to the client.
string Enum: INSERT, PREFIX, REWRITE

CookieTimeType (schema)

Snat translation type

Both session cookie and persistence cookie are supported,
Use LbSessionCookieTime for session cookie time setting,
Use LbPersistenceCookieTime for persistence cookie time setting

Name Description Type Notes
CookieTimeType Snat translation type

Both session cookie and persistence cookie are supported,
Use LbSessionCookieTime for session cookie time setting,
Use LbPersistenceCookieTime for persistence cookie time setting
string Enum: LbSessionCookieTime, LbPersistenceCookieTime

CopyFromRemoteFileProperties (schema)

Name Description Type Notes
port Server port integer Minimum: 1
Maximum: 65535
protocol Protocol to use to copy file Protocol
(Abstract type: pass one of the following concrete types)
HttpProtocol
HttpsProtocol
ScpProtocol
SftpProtocol		 Required
server Remote server hostname or IP address string Required
Pattern: "^[^/:]+$"
uri URI of file to copy string Required

CopyRemoteFileProperties (schema)

Name Description Type Notes
port Server port integer Minimum: 1
Maximum: 65535
server Remote server hostname or IP address string Required
Pattern: "^[^/:]+$"
uri URI of file to copy string Required

CopyToRemoteFileProperties (schema)

Name Description Type Notes
port Server port integer Minimum: 1
Maximum: 65535
protocol Protocol to use to copy file

Only scp and sftp may be used.		 Protocol
(Abstract type: pass one of the following concrete types)
HttpProtocol
HttpsProtocol
ScpProtocol
SftpProtocol		 Required
server Remote server hostname or IP address string Required
Pattern: "^[^/:]+$"
uri URI of file to copy string Required

CpuCoreConfigForEnhancedNetworkingStackSwitch (schema)

Enhanced Networking Stack CPU configuration

Non Uniform Memory Access (NUMA) nodes and Logical cpu cores (Lcores) per NUMA node configuration for Enhanced Networking Stack enabled HostSwitch.

Name Description Type Notes
num_lcores Number of Logical cpu cores (Lcores) to be placed on a specified NUMA node int Required
Minimum: 1
numa_node_index Unique index of the Non Uniform Memory Access (NUMA) node int Required
Minimum: 0

CreateRemoteDirectoryProperties (schema)

Name Description Type Notes
port Server port integer Minimum: 1
Maximum: 65535
protocol Protocol to use to copy file SftpProtocol Required
server Remote server hostname or IP address string Required
Pattern: "^[^/:]+$"
uri URI of file to copy string Required

Criterion (schema)

Event Criterion

Event Criterion is the logical evaluations by which the event may
be deemed fulfilled. All the evaluations must be met in order for
the criterion to be met (implicit AND).

Name Description Type Notes
evaluations Criterion Evaluations

Criterion Evaluations.
array of Evaluation
(Abstract type: pass one of the following concrete types)
SourceFieldEvaluation		 Required
Minimum items: 1

Crl (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
details details of the X509Crl object X509Crl Readonly
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
pem_encoded pem encoded crl data string Required
resource_type Must be set to the value Crl string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CrlDistributionPoint (schema)

Reference to a CRL Distribution Point where to fetch a CRL

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
cdp_uri CDP URI

CRL Distribution Point URI where to fetch the CRL.		 string Required
Readonly
Maximum length: 255
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
issuer Issuer

Issuer of the CRL, referring to the CA.		 string Required
Readonly
Maximum length: 255
resource_type Must be set to the value CrlDistributionPoint string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CrlDistributionPointList (schema)

CrlDistributionPoint query result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results CrlDistributionPoint list array of CrlDistributionPoint Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

CrlDistributionPointStatus (schema)

Reference to a CRL Distribution Point where to fetch a CRL

Name Description Type Notes
error_message Error Message

Error message when fetching the CRL failed.		 string Readonly
status Status

Status of the fetched CRL for this CrlDistributionPoint		 CdpStatusType Required
Readonly

CrlList (schema)

Crl queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results CRL list array of Crl Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

CrlObjectData (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
pem_encoded pem encoded crl data string Required
resource_type Must be set to the value CrlObjectData string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CrlPemRequestType (schema)

Request Type to get a CRL's PEM file.

Name Description Type Notes
cdp_uri CDP URI

CRL Distribution Point URI where to fetch the CRL.		 string Required
Readonly
Maximum length: 255

CryptoAlgorithm (schema)

Name Description Type Notes
key_size supported key sizes for the algorithm array of KeySize Required
Readonly
name crypto algorithm name string Required
Readonly

CsmStatus (schema)

Information about status of cloud service manager

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
display_name Name of the Csm instance string Readonly
id UUID of the Csm appliance

Identifier of the Csm appliance		 string Required
Readonly
ip_address IP address of Csm instance string Readonly
managed_by_vmware Mode of running of Csm instance

This property is used only if CSM is running in service mode		 boolean Readonly
supported_clouds Indication of clouds supported by CSM

This property provides the list of names of supported clouds by CSM.
array of CloudTypeInfo Required
Readonly
version Version of Csm string Required
Readonly

Csr (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
algorithm Cryptographic algorithm(asymmetric ) used by the public key for data encryption string Required
Enum: RSA, DSA
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
key_size size measured in bits of the public key used in a cryptographic algorithm integer Required
pem_encoded pem encoded certificate data string Readonly
resource_type Must be set to the value Csr string
subject the certificate owner's information (CN, O, OU, C, ST, L) Principal Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CsrList (schema)

Csr queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results CSR list array of Csr Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

CsvListResult (schema)

Base type for CSV result.

Name Description Type Notes
file_name File name

File name set by HTTP server if API returns CSV result as a file.		 string

CsvRecord (schema)

Base type for CSV records.

Name Description Type Notes
CsvRecord Base type for CSV records. object

CurrentBackupOperationStatus (schema)

Current backup operation status

Name Description Type Notes
backup_id Unique identifier of current backup string
current_step Current step of operation string Enum: BACKUP_CREATING_CLUSTER_BACKUP, BACKUP_CREATING_NODE_BACKUP
current_step_message Additional human-readable status information about current step string
end_time Time when operation is expected to end EpochMsTimestamp
operation_type Type of operation that is in progress. Returns none if no operation is in progress, in which case none of the other fields will be set. string Required
Enum: NONE, BACKUP
start_time Time when operation was started EpochMsTimestamp

CurrentRealizationStateBarrier (schema)

The current global barrier number of the realized state

Name Description Type Notes
current_barrier_number Gives the current global barrier number for NSX integer Required
Readonly

CustomPolicyLbPersistenceProfile (schema)

PolicyLbPersistenceProflie for Custom type PolicyLbVirtualServer

Some applications maintain state and require all relevant connections
to be sent to the same server as the application state is not
synchronized among servers. Persistence is enabled on a PolicyLbVirtualServer
by binding a persistence profile to it.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
persistence Persistence method used by PolicyLbVirtualServer(s)

This field indicates the persistence method used for the
PolicyLbVirtualServer.
- COOKIE persistence allows related client connections, identified by
the same cookie in HTTP requests [Refer to HTTP Cookie for details
on HTTP cookies], to be redirected to the same server. Load
balancer does not maintain any persistence table for cookie
persistence. Instead, it encodes the necessary information in the
HTTP cookie value sent to client and relies on the client to store
it and send it back in subsequent related HTTP requests. Hence
there is no limit on the number of cookie persistence entries that
can be supported.
- SOURCE_IP persistence ensures all connections from a client
(identified by IP address) are sent to the same backend server for a
specified period.
- This object is not required and without creation of this object the
virtual server persistence is disabled by default
string Required
Enum: COOKIE, SOURCE_IP
persistence_shared Persistence shared across PolicyLbVirtualServers

Persistence shared setting indicates that all PolicyLbVirtualServers
that consume this PolicyLbPersistenceProfile should share the same
persistence mechanism when enabled. Meaning, persistence entries of
a client accessing one virtual server will also affect the same
client's connections to a different virtual server. For example, say
there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to
the same Group g1 consisting of two servers (s11:80 and s12:80). By
default, each virtual server will have its own persistence table or
cookie. So, in the earlier example, there will be two tables
(vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client
connects to vip1:80 and later connects to vip1:8080, the second
connection may be sent to a different server than the first. When
persistence_shared is enabled, then the second connection will always
connect to the same server as the original connection. For COOKIE
persistence type, the same cookie will be shared by multiple virtual
servers. For SOURCE_IP persistenct type, the persistence table will
be shared across virtual servers.
boolean Default: "False"
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value CustomPolicyLbPersistenceProfile string Required
Enum: L4PolicyLbPersistenceProfile, L7PolicyLbPersistenceProfile, CustomPolicyLbPersistenceProfile
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

CustomPolicyLbVirtualServer (schema)

PolicyLbVirtualServer handling connections over HTTP or HTTPS

Virtual server acts as a facade to an application, receives all client
connections over a specified protocol and distributes them among the backend
servers. This custom type allows for more complex settings than the
simplified PolicyLbVirtualServer types. This object allows for complex
configurations for PolicyLbVirtualServers of all types. All HTTP
specific inputs will be rejected when combined with TPC or UDP protocols.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
access_log_enabled Access log enabled setting

If access log is enabled, all HTTP requests sent to an L7 virtual
server are logged to the access log file. Both successful requests
(backend server returns 2xx) and unsuccessful requests (backend
server returns 4xx or 5xx) are logged to access log, if enabled.
boolean Default: "False"
app_protocol Application protocol for receiving client connections

As the custom type allows for more complex settings than the simplified
PolicyLbVirtualServer types, also specify the desired protocol for
receiving all client connections.
string Required
Enum: TCP, UDP, HTTP, HTTPS
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
client_ssl_certificate_ids ssl certificates

Client-side SSL profile binding allows multiple
certificates, for different hostnames, to be bound to the same virtual
server. The setting is used when load balancer acts as an SSL server
and terminating the client SSL connection
array of string
client_ssl_settings Security profile setting

Security settings representing various security settings
when the VirtualServer acts as an SSL server
- BASE_SECURE_111317
- MODERATE_SECURE_111317
- HIGH_SECURE_111317
string Enum: BASE_SECURE_111317, MODERATE_SECURE_111317, HIGH_SECURE_111317
Default: "HIGH_SECURE_111317"
default_client_ssl_certificate_id ssl certificate

The setting is used when load balancer acts as an SSL
server and terminating the client SSL connection. A default
certificate should be specified which will be used if the server does
not host multiple hostnames on the same IP address or if the client
does not support SNI extension.
string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
insert_client_ip_header Relative path of this object

Backend web servers typically log each request they handle along with
the requesting client IP address. These logs are used for debugging,
analytics and other such purposes. If the deployment topology requires
enabling SNAT on the load balancer, then server will see the client as
the SNAT IP which defeats the purpose of logging. To work around this
issue, load balancer can be configured to insert XFF HTTP header with
the original client IP address. Backend servers can then be
configured to log the IP address in XFF header instead of the source
IP address of the connection. If XFF header is not present in the
incoming request, load balancer inserts a new XFF header with the
client IP address.
boolean Default: "False"
ip_address IP address of the PolicyLbVirtualServer

Configures the IP address of the PolicyLbVirtualServer where it
receives all client connections and distributes them among the
backend servers.
IPAddress Required
lb_persistence_profile Persistence Profile used by PolicyLbVirtualServer

Path to optional object that enables persistence on a virtual server
allowing related client connections to be sent to the same backend
server. Persistence is disabled by default.
string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
ports Virtual server port number(s) or port range(s)

Ports contains a list of at least one port or port range such as "80",
"1234-1236". Each port element in the list should be a single port or a
single port range.
array of PortElement Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value CustomPolicyLbVirtualServer string Required
Enum: TcpPolicyLbVirtualServer, UdpPolicyLbVirtualServer, HttpPolicyLbVirtualServer, HttpsPolicyLbVirtualServer, CustomPolicyLbVirtualServer
router_path Path to router type object for PolicyLbVirtualServer

Path to router type object that PolicyLbVirtualServer connects to.
The only supported router object is Network.
string Required
server_auth_ca_certificate_ids ssl certificate

To support client authentication (load balancer acting as
a client authenticating to the backend server),
server_ssl_certificate_id can be specified. When supplied, the
backend server certificate must be signed by one of the trusted
Certificate Authorities (CAs), also referred to as root CAs, whose
self signed certificates are specified. This setting is only applicable
for L7 protocols and will be rejected in combination with TCP or UDP.
array of string
server_ssl_settings Security profile setting

Indicates whether to enable server side SSL. Server side SSL will be
enabled when a specific security setting is selected. The selected
security setting or profile represents various configurations related
to SSL when the VirtualServer acts as a client connecting over SSL
to the backend server. This setting is only applicable for L7 protocols
and will be rejected in combination with TCP or UDP.
- BASE_SECURE_111317
- MODERATE_SECURE_111317
- HIGH_SECURE_111317
- DISABLED
string Enum: BASE_SECURE_111317, MODERATE_SECURE_111317, HIGH_SECURE_111317, DISABLED
Default: "DISABLED"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
traffic_source string

CvxConnectionInfo (schema)

Credential info to connect to cvx enforcement type

Name Description Type Notes
enforcement_point_address IP Address or hostname of the Enforcement point

Value of this property could be hostname or ip. eg. For NSX-T manager
running on default port the value can be "10.192.1.1", for NSX-T manager
running on custom port value can be "192.168.1.1:32789". For NSX-T
manager in VMC deployments value can have url prefix
eg. "192.168.1.1:5480/nsxapi"
string Required
password Password string Required
resource_type Must be set to the value CvxConnectionInfo string Required
Enum: NSXTConnectionInfo, NSXVConnectionInfo, CvxConnectionInfo
thumbprint Thumbprint of Enforcement Point

Thumbprint of EnforcementPoint. sha-256 hash represented in lower case hex.
string
username UserName string Required

DADMode (schema)

DAD Mode

Duplicate address detection modes.

Name Description Type Notes
DADMode DAD Mode

Duplicate address detection modes.
string Enum: LOOSE, STRICT

DADProfile (schema)

Duplicate address detection profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
dad_mode DAD Mode DADMode Default: "LOOSE"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ns_retries NS retries count

Number of Neighbor solicitation packets generated before completing the
Duplicate address detection process.
integer Minimum: 0
Maximum: 10
Default: "3"
resource_type Must be set to the value DADProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
wait_time Wait time

The time duration in seconds, to wait for Neighbor advertisement
after sending the Neighbor solicitation message.
integer Minimum: 0
Maximum: 60
Default: "1"

DADProfileListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of DADProfile array of DADProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DADStatus (schema)

DAD Status

Duplicate address detection status for IP address on port.

Name Description Type Notes
DADStatus DAD Status

Duplicate address detection status for IP address on port.
string Enum: DUPLICATED, TENTATIVE, ASSIGNED, NOT_APPLICABLE, UNKNOWN

DHGroup (schema)

Diffie-Hellman groups

Diffie-Hellman groups represent algorithm used to derive shared
keys between IPSec VPN initiator and responder over an
unsecured network.
GROUP2 uses 1024-bit Modular Exponentiation (MODP) group.
GROUP5 uses 1536-bit MODP group.
GROUP14 uses 2048-bit MODP group.
GROUP15 uses 3072-bit MODP group.
GROUP16 uses 4096-bit MODP group.
GROUP19 uses 256-bit random Elliptic Curve (ECP) group.
GROUP20 uses 384-bit random ECP group.
GROUP21 uses 521-bit random ECP group.

Name Description Type Notes
DHGroup Diffie-Hellman groups

Diffie-Hellman groups represent algorithm used to derive shared
keys between IPSec VPN initiator and responder over an
unsecured network.
GROUP2 uses 1024-bit Modular Exponentiation (MODP) group.
GROUP5 uses 1536-bit MODP group.
GROUP14 uses 2048-bit MODP group.
GROUP15 uses 3072-bit MODP group.
GROUP16 uses 4096-bit MODP group.
GROUP19 uses 256-bit random Elliptic Curve (ECP) group.
GROUP20 uses 384-bit random ECP group.
GROUP21 uses 521-bit random ECP group.
string Enum: GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21

DNSForwarderStatisticsPerEnforcementPoint (schema)

DNS forwarder statistics per enforcement point

DNS forwarder statistics per enforcement point.
This is an abstract type. Concrete child types:
NsxTDNSForwarderStatistics

Name Description Type Notes
enforcement_point_path Enforcement point path

Policy path referencing the enforcement point from where the statistics are fetched.
string Readonly
resource_type string Required
Enum: NsxTDNSForwarderStatistics

DNSForwarderStatusPerEnforcementPoint (schema)

DNS forwarder status per enforcement point

DNS forwarder status per enforcement point.
This is an abstract type. Concrete child types:
NsxTDNSForwarderStatus

Name Description Type Notes
enforcement_point_path Enforcement point path

Policy path referencing the enforcement point from where the status is fetched.
string Readonly
resource_type string Required
Enum: NsxTDNSForwarderStatus

DSAppliedToType (schema)

Resource type valid for use as AppliedTo filter in section API

Name Description Type Notes
DSAppliedToType Resource type valid for use as AppliedTo filter in section API string Enum: NSGroup, LogicalSwitch, LogicalRouter, LogicalPort

DSExcludeList (schema)

Exclusion List

List of entities excluded for enforcing a service or a feature.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
member_count Total Member Count

Total number of members present in Exclude List.		 integer Readonly
members Member list

List of members in Exclusion List		 array of ResourceReference Required
Maximum items: 1000
resource_type Must be set to the value DSExcludeList string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DSInsertParameters (schema)

Parameters to tell where rule/section need to be added. All the params take rule/section Id.

Name Description Type Notes
id Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'. string Maximum length: 64
operation Operation string Enum: insert_top, insert_bottom, insert_after, insert_before
Default: "insert_top"

DSListRequestParameters (schema)

Parameters to filter list of sections/rules.

Pagination and Filtering parameters to get only a subset of sections/rules.

Name Description Type Notes
applied_tos AppliedTo's referenced by this section or section's Distributed Service Rules .

Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
destinations Destinations referenced by this section's Distributed Service Rules .

The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
filter_type Filter type

Filter type defines matching criteria to qualify a rule in result. Type
'FILTER' will ensure all criterias (sources, destinations, services,
extended sources, context profiles, appliedtos) are matched. Type
'SEARCH' will match any of the given criteria.
string Enum: FILTER, SEARCH
Default: "FILTER"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
services NSService referenced by this section's Distributed Service Rules .

Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
sort_ascending boolean
sort_by Field by which records are sorted string
sources Sources referenced by this section's Distributed Service Rules .

The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string

DSRule (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_owner Owner of this resource OwnerResourceLink Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
action Action

Action enforced on the packets which matches the distributed service rule. Currently DS Layer supports below actions. ALLOW - Forward any packet when a rule with this action gets a match (Used by Firewall). DROP - Drop any packet when a rule with this action gets a match. Packets won't go further(Used by Firewall). REJECT - Terminate TCP connection by sending TCP reset for a packet when a rule with this action gets a match (Used by Firewall). REDIRECT - Redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DO_NOT_REDIRECT - Do not redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion).		 string Required
Enum: ALLOW, DROP, REJECT, REDIRECT, DO_NOT_REDIRECT
applied_tos AppliedTo List

List of object where rule will be enforced. The section level field overrides this one. Null will be treated as any.		 array of ResourceReference Maximum items: 128
description Description of this resource string Maximum length: 1024
Sortable
destinations Destination List

List of the destinations. Null will be treated as any.		 array of ResourceReference Maximum items: 128
destinations_excluded Negation of destination

Negation of the destination.		 boolean Default: "False"
direction Rule direction

Rule direction in case of stateless distributed service rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.		 string Enum: IN, OUT, IN_OUT
Default: "IN_OUT"
disabled Rule enable/disable flag

Flag to disable rule. Disabled will only be persisted but never provisioned/realized.		 boolean Default: "False"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Identifier of the resource string Readonly
ip_protocol IPv4 vs IPv6 packet type

Type of IP packet that should be matched while enforcing the rule.		 string Enum: IPV4, IPV6, IPV4_IPV6
Default: "IPV4_IPV6"
is_default Default rule

Flag to indicate whether rule is default.		 boolean Readonly
logged Enable logging flag

Flag to enable packet logging. Default is disabled.		 boolean Default: "False"
notes Notes

User notes specific to the rule.		 string Maximum length: 2048
priority Rule priority

Priority of the rule.		 integer Readonly
resource_type Must be set to the value DSRule string
rule_tag Tag

User level field which will be printed in CLI and packet logs.		 string Maximum length: 32
sources Source List

List of sources. Null will be treated as any.		 array of ResourceReference Maximum items: 128
sources_excluded Negation of source

Negation of the source.		 boolean Default: "False"

DSRuleState (schema)

Rule Realization State

Rule Realization State

Name Description Type Notes
details Array of configuration state of various sub systems array of ConfigurationStateElement Readonly
failure_code Error code integer Readonly
failure_message Error message in case of failure string Readonly
revision_desired Desired state revision number

This attribute represents revision number of rule's desired state.		 integer Readonly
state Overall state of desired configuration

Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.		 string Required
Readonly
Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED

DSSection (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
applied_tos AppliedTo List

List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.		 array of ResourceReference Maximum items: 128
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
is_default Default section flag

It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.		 boolean Readonly
resource_type Must be set to the value DSSection string
rule_count Rule count

Number of rules in this section.		 integer Readonly
section_type Section Type

Type of the rules which a section can contain. Only homogeneous sections are supported.		 string Required
Enum: LAYER2, LAYER3, L3REDIRECT
stateful Stateful nature of the distributed service rules in the section.

Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.		 boolean Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DSSectionListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DSSectionQueryParameters (schema)

Section query parameters

Name Description Type Notes
cascade Flag to cascade delete of this object to all it's child objects. boolean Default: "False"

DSSectionState (schema)

Section Realization State

Section Realization Status

Name Description Type Notes
details Array of configuration state of various sub systems array of ConfigurationStateElement Readonly
failure_code Error code integer Readonly
failure_message Error message in case of failure string Readonly
revision_desired Section's desired state revision number

This attribute represents revision number of section's desired state.		 integer Readonly
state Overall state of desired configuration

Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.		 string Required
Readonly
Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED

DSService (schema)

Name Description Type Notes
is_valid Target validity

Will be set to false if the referenced NSX resource has been deleted.		 boolean Readonly
service Distributed Service Network and Security Service element

Distributed Service API accepts raw protocol and ports as part of NS service element
in Distributed Service Rule that describes traffic corresponding to an NSService.
NSServiceElement
(Abstract type: pass one of the following concrete types)
ALGTypeNSService
EtherTypeNSService
ICMPTypeNSService
IGMPTypeNSService
IPProtocolNSService
L4PortSetNSService
target_display_name Target display name

Display name of the NSX resource.		 string Readonly
Maximum length: 255
target_id Target ID

Identifier of the NSX resource.		 string Maximum length: 64
target_type Target type

Type of the NSX resource.		 string Maximum length: 255

DailyTelemetrySchedule (schema)

Name Description Type Notes
frequency_type Must be set to the value DailyTelemetrySchedule string Required
hour_of_day Hour at which data will be collected

Hour at which data will be collected. Specify a value between 0 through 23.
integer Required
Minimum: 0
Maximum: 23
minutes Minute at which data will be collected

Minute at which data will be collected. Specify a value between 0 through 59.
integer Minimum: 0
Maximum: 59
Default: "0"

DataCounter (schema)

Name Description Type Notes
dropped The dropped packets or bytes integer
multicast_broadcast The multicast and broadcast packets or bytes integer
total The total packets or bytes integer Required

DataSourceParameters (schema)

Name Description Type Notes
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType

DataSourceType (schema)

Data source type.

Name Description Type Notes
DataSourceType Data source type. string Enum: realtime, cached

DataTypeCollectionConfiguration (schema)

Data type collection configuration

Name Description Type Notes
collection_frequency Data Collection Frequency In Seconds

The frequency in seconds at which data is collected		 integer Required
Minimum: 15
Maximum: 86400
data_type Data type

Defines the type of data being collected		 string Required
Enum: STATUS, STATISTICS

Datasource (schema)

Datasource Instance

An instance of a datasource configuration.

Name Description Type Notes
display_name Datasource instance's display name

Name of a datasource instance.		 string Required
Maximum length: 255
urls Array of relative urls and their aliases

Array of urls relative to the datasource configuration. For example, api/v1/fabric/nodes is a relative url of nsx-manager instance.		 array of UrlAlias Required

DatetimeUTC (schema)

Datetime string in UTC

Datetime string in UTC in the RFC3339 format 'yyyy-mm-ddThh:mm:ssZ'

Name Description Type Notes
DatetimeUTC Datetime string in UTC

Datetime string in UTC in the RFC3339 format 'yyyy-mm-ddThh:mm:ssZ'		 string

DeleteRequestParameters (schema)

Parameters that affect how delete operations are processed

Name Description Type Notes
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"

DeploymentConfig (schema)

Name Description Type Notes
placement_type string Required
Enum: VsphereDeploymentConfig

DeploymentTemplate (schema)

Service Deployment Template

Deployment Template holds the attributes specific to partner for which the service is created. These attributes are opaque to NSX.

Name Description Type Notes
attributes Deployment Template attributes

List of attributes specific to a partner for which the service is created. There attributes are passed on to the partner appliance and is opaque to the NSX Manager.		 array of Attribute Maximum items: 128
name name

Deployment Template name.		 string

DeploymentZone (schema) (Deprecated)

Deployment zone

Logical grouping of enforcement points.
This is a deprecated type. DeploymentZone has been renamed to Site.
Use Site.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enforcement_points Logical grouping of enforcement points array of EnforcementPoint
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value DeploymentZone string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DeploymentZoneListRequestParameters (schema) (Deprecated)

DeploymentZone list request parameters

DeploymentZone list request parameters.
This is a deprecated type. DeploymentZone has been renamed to Site.
Use SiteListRequestParameters.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

DeploymentZoneListResult (schema) (Deprecated)

Paged Collection of Deployment Zones

Paged Collection of Deployment Zones.
This is a deprecated type. DeploymentZone has been renamed to Site.
Use SiteListResult.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Deployment Zones array of DeploymentZone Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DestinationNsxApiEndpoint (schema)

Destination NSX manager details

Details about the destination NSX manager for the migration

Name Description Type Notes
destination_nsx_ip Destination NSX IP ddress or host name

IP address or host name of the destination NSX manager to which the config will be migrated.		 string Required
destination_nsx_password Password for destination NSX manager

Valid password for connecting to the destination NSX manager.		 string
destination_nsx_port Destination NSX manager port

Destination NSX manager port that will be used to apply details.		 int Default: "443"
destination_nsx_username Username for destination NSX manager

Valid username for connecting to the destination NSX manager.		 string

DetachClusterParameters (schema)

Name Description Type Notes
force string Enum: true, false
graceful-shutdown string Enum: true, false
Default: "false"
ignore-repository-ip-check string Enum: true, false
Default: "false"

DfwFirewallConfiguration (schema)

DFW Firewall related configurations

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
disable_auto_drafts Auto draft disable flag

To disable auto drafts, set it to true.
By default, auto drafts are enabled.
boolean Default: "False"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enable_firewall Firewall enable flag

If set to true, Firewall is enabled.
boolean Default: "True"
id Unique identifier of this resource string Sortable
idfw_enabled Identity firewall enable flag

If set to true, identity firewall is enabled.
boolean Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value DfwFirewallConfiguration string Required
Enum: DfwFirewallConfiguration
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DhGroup (schema)

Diffie-Hellman groups

Diffie-Hellman groups represent algorithm used to derive shared
keys between IPSec VPN initiator and responder over an
unsecured network.
GROUP2 uses 1048-bit Modular Exponentiation (MODP) group.
GROUP5 uses 1536-bit MODP group.
GROUP14 uses 2048-bit MODP group.
GROUP15 uses 3072-bit MODP group.
GROUP16 uses 4096-bit MODP group.
GROUP19 uses 256-bit Random Elliptic Curve (ECP) group.
GROUP20 uses 384-bit Random ECP group.
GROUP21 uses 521-bit Random ECP group.

Name Description Type Notes
DhGroup Diffie-Hellman groups

Diffie-Hellman groups represent algorithm used to derive shared
keys between IPSec VPN initiator and responder over an
unsecured network.
GROUP2 uses 1048-bit Modular Exponentiation (MODP) group.
GROUP5 uses 1536-bit MODP group.
GROUP14 uses 2048-bit MODP group.
GROUP15 uses 3072-bit MODP group.
GROUP16 uses 4096-bit MODP group.
GROUP19 uses 256-bit Random Elliptic Curve (ECP) group.
GROUP20 uses 384-bit Random ECP group.
GROUP21 uses 521-bit Random ECP group.
string Enum: GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21

DhcpDeleteLeaseRequestParameters (schema)

Name Description Type Notes
ip IPAddress Required
mac MACAddress Required

DhcpFilter (schema)

DHCP filtering configuration

Name Description Type Notes
client_block_enabled Indicates whether DHCP client blocking is enabled boolean Required
server_block_enabled Indicates whether DHCP server blocking is enabled boolean Required
v6_client_block_enabled Indiactes whether DHCP v6 client blocking is enabled boolean Default: "False"
v6_server_block_enabled Indiactes whether DHCP V6 server blocking is enabled boolean Default: "False"

DhcpHeader (schema)

Name Description Type Notes
op_code Message op code / message type

This is used to specify the general type of message. A client sending request to a server uses an op code of BOOTREQUEST, while a server replying uses an op code of BOOTREPLY.		 string Enum: BOOTREQUEST, BOOTREPLY
Default: "BOOTREQUEST"

DhcpIpPool (schema)

DHCP ip-pool

DHCP ip-pool to define dynamic ip allocation ranges.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
allocation_ranges Ip-ranges

Ip-ranges to define dynamic ip allocation ranges.		 array of IpPoolRange Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
error_threshold Error threshold, valid [80-100], default 100

Error threshold. Alert will be raised if the pool usage reaches the
given threshold.
integer Minimum: 80
Maximum: 100
Default: "100"
gateway_ip Gateway ip

Gateway ip address of the allocation.		 IPAddress
id Unique identifier of this resource string Sortable
lease_time Lease time

Lease time, in seconds, [60-(2^32-1)]. Default is 86400.		 integer Minimum: 60
Maximum: 4294967295
Default: "86400"
options DHCP options

If an option is defined at server level and not configred at
ip-pool/static-binding level, the option will be inherited to
ip-pool/static-binding. If both define a same-code option, the
option defined at ip-pool/static-binding level take precedence
over that defined at server level.
DhcpOptions
resource_type Must be set to the value DhcpIpPool string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
warning_threshold Warning threshold, valid [50-80], default 80

Warning threshold. Alert will be raised if the pool usage reaches the
given threshold.
integer Minimum: 50
Maximum: 80
Default: "80"

DhcpIpPoolListResult (schema)

A list of DHCP ip pools

A paginated list of DHCP ip pools.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of DHCP ip pools

A paginated list of DHCP ip pools.		 array of DhcpIpPool Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DhcpIpPoolUsage (schema)

Name Description Type Notes
allocated_number allocated number. COULD BE INACCURATE, REFERENCE ONLY. integer Required
allocated_percentage allocated percentage. COULD BE INACCURATE, REFERENCE ONLY. integer Required
dhcp_ip_pool_id uuid of dhcp ip pool string Required
pool_size pool size integer Required

DhcpLeasePerIP (schema)

Name Description Type Notes
expire_time expire time of the lease string
ip_address ip address of client string Required
lease_time lease time of the ip address, in seconds string
mac_address mac address of client string Required
start_time start time of lease string Required
subnet subnet of client network string

DhcpLeaseRequestParameters (schema)

Name Description Type Notes
address can be an ip address, or an ip range, or a mac address string
pool_id The uuid of dhcp ip pool string
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType

DhcpLeases (schema)

Name Description Type Notes
dhcp_server_id dhcp server uuid string
leases The lease info list of the server array of DhcpLeasePerIP Minimum items: 0
Maximum items: 65535
timestamp timestamp of the lease info EpochMsTimestamp

DhcpOption121 (schema)

DHCP option 121

DHCP option 121 to define classless static route.

Name Description Type Notes
static_routes DHCP classless static routes

Classless static route of DHCP option 121.		 array of ClasslessStaticRoute Required
Minimum items: 1
Maximum items: 27

DhcpOptions (schema)

DHCP options

Define DHCP options of the DHCP service.

Name Description Type Notes
option121 Option 121

DHCP option 121 to define classless static routes.		 DhcpOption121
others Generic DHCP options other than option 121

To define DHCP options other than option 121 in generic format.		 array of GenericDhcpOption Minimum items: 0
Maximum items: 255

DhcpProfile (schema)

DHCP profile to specify edge cluster and members

DHCP profile to specify edge cluster and members on which the dhcp server
will run. A DhcpProfile can be referenced by different logical DHCP servers.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
edge_cluster_id Edge cluster uuid

Edge cluster uuid on which the referencing logical DHCP server runs.
string Required
edge_cluster_member_indexes Edge node indexes

The Edge nodes on which the DHCP servers run. If none is provided, the
NSX will auto-select two edge-nodes from the given edge cluster. If only
one edge node is provided, the DHCP servers will run without HA support.
array of integer Minimum items: 0
Maximum items: 2
enable_standby_relocation Flag to enable standby DHCP server relocation

Flag to enable the auto-relocation of standby DHCP Service in case
of edge node failure. Only tier 1 and auto placed DHCP servers are
considered for the relocation.
boolean Default: "False"
id Unique identifier of this resource string Sortable
resource_type Must be set to the value DhcpProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DhcpProfileListResult (schema)

A list of DHCP profiles

A paginated list of DHCP profiles.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of DHCP profiles

A paginated list of logical DHCP profiles.		 array of DhcpProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DhcpRelayConfig (schema)

DHCP relay configuration

DHCP relay configuration

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value DhcpRelayConfig string
server_addresses DHCP relay addresses

DHCP server IP addresses for DHCP relay configuration.
Both IPv4 and IPv6 addresses are supported.
array of IPAddress Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DhcpRelayConfigListResult (schema)

Paged collection of DhcpRelayConfigs

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results DhcpRelayConfig results array of DhcpRelayConfig Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DhcpRelayProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value DhcpRelayProfile string
server_addresses array of IPAddress Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DhcpRelayProfileListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Dhcp relay profile list results array of DhcpRelayProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DhcpRelayService (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
dhcp_relay_profile_id dhcp relay profile referenced by the dhcp relay service string Required
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value DhcpRelayService string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DhcpRelayServiceListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Dhcp relay service list results array of DhcpRelayService Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DhcpServerConfig (schema)

DHCP server configuration

DHCP server configuration

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
edge_cluster_path Edge cluster path

Edge cluster path. Auto assigned if only one edge cluster is configured
on enforcement-point.
string
id Unique identifier of this resource string Sortable
lease_time IP address lease time in seconds

IP address lease time in seconds.
integer Minimum: 60
Maximum: 4294967295
Default: "86400"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value DhcpServerConfig string
server_address DHCP server address in CIDR format

DHCP server address in CIDR format. Prefix length should be less than
or equal to 30. DHCP server is deployed as DHCP relay service.
IPv6 is not supported.
string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DhcpServerConfigListResult (schema)

Paged collection of DhcpServerConfigs

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results DhcpServerConfig results array of DhcpServerConfig Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DhcpServerStatus (schema)

Name Description Type Notes
active_node uuid of active transport node string Required
error_message Error message, if available string
service_status UP means the dhcp service is working fine on both active transport-node
and stand-by transport-node (if have), hence fail-over can work at this
time if there is failure happens on one of the transport-node;
DOWN means the dhcp service is down on both active transport-node and
stand-by node (if have), hence the dhcp-service will not repsonse any
dhcp request;
Error means error happens on transport-node(s) or no status is reported from
transport-node(s). The dhcp service may be working (or not working);
NO_STANDBY means dhcp service is working in one of the transport node while
not in the other transport-node (if have). Hence if the dhcp service in
the working transport-node is down, fail-over will not happen and the
dhcp service will go down.
string Required
Enum: UP, DOWN, ERROR, NO_STANDBY
stand_by_node uuid of stand_by transport node. null if non-HA mode string

DhcpStaticBinding (schema)

DHCP static binding

DHCP static binding to define a static ip allocation.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
gateway_ip Gateway ip

Gateway ip address of the allocation.		 IPAddress
host_name Host name

The host name to be assigned to the host.		 string
id Unique identifier of this resource string Sortable
ip_address Ip addres

The ip address to be assigned to the host.		 IPAddress Required
lease_time Lease time

Lease time, in seconds, [60-(2^32-1)]. Default is 86400.		 integer Minimum: 60
Maximum: 4294967295
Default: "86400"
mac_address MAC address

The MAC address of the host.		 MACAddress Required
options DHCP options

If an option is defined at server level and not configred at
ip-pool/static-binding level, the option will be inherited to
ip-pool/static-binding. If both define a same-code option, the
option defined at ip-pool/static-binding level take precedence
over that defined at server level.
DhcpOptions
resource_type Must be set to the value DhcpStaticBinding string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DhcpStaticBindingListResult (schema)

A list of DHCP static bindings

A paginated list of DHCP static bindings.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of DHCP static bindings

A paginated list of DHCP static bindings.		 array of DhcpStaticBinding Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DhcpStatistics (schema)

Name Description Type Notes
acks The total number of DHCP ACK packets integer Required
declines The total number of DHCP DECLINE packets integer Required
dhcp_server_id dhcp server uuid string Required
discovers The total number of DHCP DISCOVER packets integer Required
errors The total number of DHCP errors integer Required
informs The total number of DHCP INFORM packets integer Required
ip_pool_stats The DHCP ip pool usage statistics array of DhcpIpPoolUsage
nacks The total number of DHCP NACK packets integer Required
offers The total number of DHCP OFFER packets integer Required
releases The total number of DHCP RELEASE packets integer Required
requests The total number of DHCP REQUEST packets integer Required
timestamp timestamp of the statistics EpochMsTimestamp Required

Dhcpv6Header (schema)

Name Description Type Notes
msg_type DHCP message type

This is used to specify the DHCP v6 message. To request the assignment of one or more IPv6 addresses, a client first locates a DHCP server and then requests the assignment of addresses and other configuration information from the server. The client sends a Solicit message to the All_DHCP_Relay_Agents_and_Servers address to find available DHCP servers. Any server that can meet the client's requirements responds with an Advertise message. The client then chooses one of the servers and sends a Request message to the server asking for confirmed assignment of addresses and other configuration information. The server responds with a Reply message that contains the confirmed addresses and configuration. SOLICIT - A client sends a Solicit message to locate servers. ADVERTISE - A server sends and Advertise message to indicate that it is available. REQUEST - A client sends a Request message to request configuration parameters. REPLY - A server sends a Reply message containing assigned addresses and configuration parameters.		 string Enum: SOLICIT, ADVERTISE, REQUEST, REPLY
Default: "SOLICIT"

DirectionType (schema)

port mirroring direction

Name Description Type Notes
DirectionType port mirroring direction string Enum: INGRESS, EGRESS, BIDIRECTIONAL
Default: "BIDIRECTIONAL"

DirectoryAdDomain (schema)

Active Directory Domain

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
base_distinguished_name Directory domain base distinguished name

Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.		 string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ldap_servers LDAP server of directory domain

Directory domain LDAP servers' information including host, name, port, protocol and so on.		 array of DirectoryLdapServer Required
Maximum items: 50
name Directory domain name

Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.		 string Required
netbios_name Directory domain NETBIOS name

NetBIOS names can contain all alphanumeric characters except for the certain disallowed characters. Names can contain a period, but names cannot start with a period. NetBIOS is similar to DNS in that it can serve as a directory service, but more limited as it has no provisions for a name hierarchy and names are limited to 15 characters. The netbios name is case insensitive and is stored in upper case regardless of input case.		 string Required
resource_type Must be set to the value DirectoryAdDomain string Required
sync_settings Directory domain sync settings

Each domain sync settings can be changed using this object. It is not required since there are default values used if there is no specification for this object.		 DirectoryDomainSyncSettings
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DirectoryAdGroup (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
distinguished_name Directory group distinguished name string Required
domain_id Domain id

Domain ID this directory group belongs to.		 string Required
domain_name Directory domain distinguished name

Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.		 string Required
domain_sync_node_id Domain synchronization root node id

Domain sync node under which this directory group is located. We currently sync only from Root node and hence this attribute doesn't have a specific value set.		 string
id Unique identifier of this resource string Sortable
object_guid Active directory group object guid

GUID is a 128-bit value that is unique not only in the enterprise but also across the world. GUIDs are assigned to every object created by Active Directory, not just User and Group objects.		 string Required
resource_type Must be set to the value DirectoryAdGroup string Required
secure_id Active directory group secure id

A security identifier (SID) is a unique value of variable length used to identify a trustee. A SID consists of the following components - The revision level of the SID structure; A 48-bit identifier authority value that identifies the authority that issued the SID; A variable number of subauthority or relative identifier (RID) values that uniquely identify the trustee relative to the authority that issued the SID.		 string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DirectoryDomain (schema)

Directory Domain

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ldap_servers LDAP server of directory domain

Directory domain LDAP servers' information including host, name, port, protocol and so on.		 array of DirectoryLdapServer Required
Maximum items: 50
name Directory domain name

Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.		 string Required
resource_type Must be set to the value DirectoryDomain string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DirectoryDomainListResults (schema)

List of Directory Domain

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of Directory Domains array of DirectoryDomain
(Abstract type: pass one of the following concrete types)
DirectoryAdDomain
DirectoryDomain		 Required
Maximum items: 500
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DirectoryDomainSyncRequest (schema)

Directory domain synchronization request

Name Description Type Notes
action Sync type requested

Sync type could be either FULL sync or DELTA sync. The full sync fetches all the objects under the configured sync nodes while delta sync will get the changed objects from previous sync time.		 string Required
Enum: FULL_SYNC, DELTA_SYNC, STOP_SYNC
delay Request to execute the sync with some delay in seconds

The delay can be added to execute the sync action in the future.		 integer Minimum: 0
Default: "0"

DirectoryDomainSyncSettings (schema)

Domain synchronization settings

Name Description Type Notes
delta_sync_interval Delta synchronization inverval in minutes

Directory domain delta synchronization interval time between two delta sync in minutes.		 integer Minimum: 5
Maximum: 720
Default: "180"
full_sync_cron_expr Full synchronization cron expression

Directory domain full synchronization schedule using cron expression. For example, cron expression "0 0 12 ? * SUN *" means full sync is scheduled every Sunday midnight. If this object is null, it means there is no background cron job running for full sync.		 string

DirectoryDomainSyncStats (schema)

Directory domain synchronization statistics

Name Description Type Notes
avg_delta_sync_time Average time spent for all historical delta sync

All the historical delta sync are counted in calculating the average delta sync time in milliseconds.		 integer Readonly
avg_full_sync_time Average time spent for all historical full sync

All the historical full sync are counted in calculating the average full sync time in milliseconds.		 integer Readonly
current_state Current state of directory domain sync context

Current running state of the directory domain in synchronization life cycle. It could be one of the following three states.		 string Required
Readonly
Enum: IDLE, FULL_SYNC, DELTA_SYNC
current_state_begin_time Current state elapsed time

Since what time the current state has begun. The time is expressed in millisecond epoch time.		 EpochMsTimestamp Required
Readonly
num_delta_sync Total number of successful delta sync

number of successful historical delta sync initiated either by system or by API request.		 integer Readonly
num_full_sync Total number of successful full sync

number of successful historical full sync initiated either by system or by API request.		 integer Readonly
prev_sync_end_time Previous sync ended time

Directory domain previous sync ending time expressed in millisecond epoch time.		 EpochMsTimestamp Required
Readonly
prev_sync_error Previous sync error

Directory domain previous sync status error if last status was failure.		 string Readonly
prev_sync_status Previous sync status

Directory domain previous sync status. It could be one of the following two states.		 string Required
Readonly
Enum: SUCCESS, FAILURE, UNKNOWN
prev_sync_type Previous sync type

Directory domain previous sync type. It could be one of the following three states. Right after the directory domain is configured, this field is set to IDLE.		 string Required
Readonly
Enum: IDLE, FULL_SYNC, DELTA_SYNC

DirectoryDomanDeleteRequestParameters (schema)

Directory domain delete request parameters

Name Description Type Notes
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"

DirectoryGroup (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
distinguished_name Directory group distinguished name string Required
domain_id Domain id

Domain ID this directory group belongs to.		 string Required
domain_name Directory domain distinguished name

Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.		 string Required
domain_sync_node_id Domain synchronization root node id

Domain sync node under which this directory group is located. We currently sync only from Root node and hence this attribute doesn't have a specific value set.		 string
id Unique identifier of this resource string Sortable
resource_type Must be set to the value DirectoryGroup string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DirectoryGroupListResults (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Directory group list array of DirectoryGroup
(Abstract type: pass one of the following concrete types)
DirectoryAdGroup
DirectoryGroup		 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DirectoryGroupMember (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
group_distinguished_name Group distinguished name

Directory group distinguished name this group member belongs to.		 string Required
group_id Group idnetifier

Directory group id this group member belongs to		 string Required
id Unique identifier of this resource string Sortable
member_group_distinguished_name Member group distinguished name

Directory group name this group member owns		 string Required
member_group_id Member group idnetifier

Directory group id this group member owns		 string Required
nested Nesting flag

Whether this member group is a directory member of the parent group speicified by group_id or a nested member group which parent group is also member group of the parent group speicified by group_id.		 boolean Required
resource_type Must be set to the value DirectoryGroupMember string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DirectoryGroupMemberListResults (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Directory group member list array of DirectoryGroupMember Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DirectoryLdapServer (schema)

LDAP server of directory domain

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
domain_name Directory domain name

Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.		 string
host LDAP server host name

Directory LDAP server DNS host name or ip address which is reachable by NSX manager to be connected and do object synchronization.		 string Required
id Unique identifier of this resource string Sortable
password LDAP server password

Directory LDAP server connection password.		 string
port LDAP server TCP/UDP port

Directory LDAP server connection TCP/UDP port.		 integer Default: "389"
protocol LDAP server protocol

Directory LDAP server connection protocol which is either LDAP or LDAPS.		 string Enum: LDAP, LDAPS
Default: "LDAP"
resource_type Must be set to the value DirectoryLdapServer string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
thumbprint LDAP server certificate thumbprint using SHA-256 algorithm

Directory LDAP server certificate thumbprint used in secure LDAPS connection.		 string
username LDAP server username

Directory LDAP server connection user name.		 string

DirectoryLdapServerListResults (schema)

List of directory domain LDAP servers

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of directory domain LDAP servers array of DirectoryLdapServer Required
Maximum items: 50
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DirectoryLdapServerStatus (schema)

Status LDAP server of directory domain

Name Description Type Notes
error_id Error ID of the directory LDAP server status

Error ID of the directory LDAP server status maintained by the NSX directory service.		 integer
error_message Error message of the directory LDAP server status

Error message of the directory LDAP server status maintained by the NSX directory service.		 string

DirectoryLdapServerTestParameters (schema)

Parameters for performing LDAP server test

Name Description Type Notes
action LDAP server test requested

Type of LDAP server test to perform.		 string Required
Enum: CONNECTIVITY

DirectorySearchFilterValue (schema)

Searching domain entities using a matching filter value

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
filter_value Name search filter value

Search filter value is a substring match pattern only which the target entity contains. It is case insentive and doesn't allow wildcard.		 string Required
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

DiscoveredNode (schema)

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
certificate Certificate of the discovered node string
cm_local_id Local Id of the discovered node in the Compute Manager string Required
Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id External id of the discovered node, ex. a mo-ref from VC string Required
Readonly
hardware_id Hardware Id of the discovered node

Hardware Id is generated using system hardware info. It is used to retrieve fabric node of the esx.		 string Readonly
ip_addresses IP Addresses of the the discovered node. array of IPAddress Required
Readonly
node_type Discovered Node type like Host string Required
Readonly
origin_id Id of the compute manager from where this node was discovered string Required
Readonly
origin_properties Key-Value map of additional specific properties of discovered node in the Compute Manager array of KeyValuePair Readonly
os_type OS type of the discovered node string Readonly
os_version OS version of the discovered node string Readonly
parent_compute_collection External id of the compute collection to which this node belongs string Readonly
resource_type Must be set to the value DiscoveredNode string Required
stateless Specifies whether host is stateless

The stateless property describes whether host persists its state across reboot or not. If state persists, value is set as false otherwise true.		 boolean Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DiscoveredNodeInterfaceProperties (schema)

Discovered node network interface properties

Network interface properties of discovered node

Name Description Type Notes
connected_switch Connected switch

Switch name which is connected to nic, switch can be opaque, proxyHostSwitch or virtual		 string
interface_id Interface ID

Id of the network interface		 string
physical_address Interface MAC address

Mac address of the interface		 MACAddress

DiscoveredNodeListRequestParameters (schema)

Discovered Node list parameters

Name Description Type Notes
cm_local_id Local Id of the discovered node in the Compute Manager string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
display_name Display name of discovered node string
external_id External id of the discovered node, ex. a mo-ref from VC string
has_parent Discovered node has a parent compute collection or is a standalone host string Enum: true, false
included_fields Comma separated list of fields that should be included in query result string
ip_address IP address of the discovered node string
node_id Id of the fabric node created from the discovered node string
node_type Discovered Node type like HostNode string
origin_id Id of the compute manager from where this node was discovered string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
parent_compute_collection External id of the compute collection to which this node belongs string
sort_ascending boolean
sort_by Field by which records are sorted string

DiscoveredNodeListResult (schema)

Discovered Node list result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Discovered Node list results array of DiscoveredNode Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DiscoveredNodeNetworkInterfaces (schema)

Discovered node network interfaces

All the network interfaces of the discovered node

Name Description Type Notes
discovered_node_id Discovered node Id

Id of the discovered node		 string Required
network_interfaces Discovered Node interfaces

Network interfaces of the node		 array of DiscoveredNodeInterfaceProperties

DiscoveredResource (schema)

Base class for resources that are discovered and automatically updated

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
resource_type The type of this resource. string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DiscoveryProfileBindingMap (schema)

Base Discovery Profile Binding Map

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value DiscoveryProfileBindingMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DistributedFloodProtectionProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enable_rst_spoofing Flag to indicate rst spoofing is enabled

If set to true, rst spoofing will be enabled. Flag is used only for distributed firewall profiles.		 boolean Default: "False"
enable_syncache Flag to indicate syncache is enabled

If set to true, sync cache will be enabled. Flag is used only for distributed firewall profiles.		 boolean Default: "False"
icmp_active_flow_limit Active ICMP connections limit

If this field is empty, firewall will not set a limit to active ICMP connections.		 integer Minimum: 1
Maximum: 1000000
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
other_active_conn_limit Timeout after first TN

If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections.		 integer Minimum: 1
Maximum: 1000000
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value DistributedFloodProtectionProfile FloodProtectionProfileResourceType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_half_open_conn_limit Active half open TCP connections limit

If this field is empty, firewall will not set a limit to half open TCP connections.		 integer Minimum: 1
Maximum: 1000000
udp_active_flow_limit Active UDP connections limit

If this field is empty, firewall will not set a limit to active UDP connections.		 integer Minimum: 1
Maximum: 1000000

DnsAnswer (schema)

Answer of dns nslookup

The response for DNS nslookup.

Name Description Type Notes
answers The answers of the query.

The answers of the query.
array of DnsQueryAnswer Minimum items: 1
Maximum items: 256
authoritative_answers Authoritative answers

Authotitative answers of the query.
This is a deprecated property, please use 'answers' instead.
array of DnsQueryAnswer Deprecated
Minimum items: 1
Maximum items: 256
dns_server DNS server information

Dns server ip address and port, format is "ip address#port".
string Required
edge_node_id Edge node id

ID of the edge node that performed the query.
string Required
non_authoritative_answers Non authoritative answers

Non-authotitative answers of the query.
This is a deprecated property, please use 'answers' instead.
array of DnsQueryAnswer Deprecated
Minimum items: 1
Maximum items: 256
raw_answer Raw message returned from the DNS forwarder

It can be NXDOMAIN or error message which is not consisted of
authoritative_answer or non_authoritative_answer.
string
source_ip The source ip used in this lookup

The source ip used in this lookup.
IPv4Address Required

DnsFailedQueries (schema)

The array of failed DNS queries for active and standby transport node

The array of the failed DNS queries with entry count and timestamp
on active and standby transport node.

Name Description Type Notes
per_node_failed_queries The array of failed DNS queries on active and standby transport node

The array of failed DNS queries on active and standby transport node.
If there is no standby node, the failed queries on standby node will
not be present.
array of PerNodeDnsFailedQueries Readonly
timestamp Timestamp of the request

Timestamp of the request, in YYYY-MM-DD HH:MM:SS.zzz format.
string Required
Readonly

DnsFailedQuery (schema)

The failed DNS query

The summary of the failed DNS query. The query result represents a full
query chain from client VM to dns forwarder, and upstream server if no
forwarder cache was hit.

Name Description Type Notes
address The adddress be queried

The address be queried, can be a FQDN or an ip address.		 string
client_ip The client host ip address from which the query was issued

The client host ip address from which the query was issued.
string
error_message The error message of the failed query

The detailed error message of the failed query, if any.		 string
error_type The type of the failure

The type of the query failure, e.g. NXDOMAIN, etc.		 string
forwarder_ip The DNS forwarder ip address to which the query was first received

The DNS forwarder ip address to which the query was first received.
string
record_type The record type be queried

The record type be queried, e.g. A, CNAME, SOA, etc.		 string
source_ip The source ip address for forwarding query

The source ip address that is used to forward a query to an upstream
server.
string
time_spent Time spent in the query, if applicable

The time the query took before it got a failed answer, in ms.		 integer
timestamp Timestamp of the request

Timestamp of the request, in YYYY-MM-DD HH:MM:SS.zzz format.		 string Required
upstream_server_ip The ip address to which the query was forwarded

The upstream server ip address to which the query was forwarded. If the
query could not be serviced from the DNS forwarder cache, this property
will contain the IP address of the DNS server that serviced the request.
If the request was serviced from the cache, this property will be absent.
string

DnsFailedQueryRequestParameters (schema)

The request parameters to get failed DNS queries

To specify how many failed DNS queries will be returned.

Name Description Type Notes
count The count of the failed DNS queries

How many failed DNS queries should be returned.		 integer Minimum: 1
Maximum: 1000
Default: "100"

DnsForwarder (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
cache_size Cache size in KB

One DNS answer cache entry will consume ~120 bytes. Hence 1 KB cache
size can cache ~8 DNS answer entries, and the default 1024 KB cache
size can hold ~8k DNS answer entries.
int Minimum: 1
Maximum: 16777216
Default: "1024"
conditional_forwarders Conditional zone forwarders

The conditional zone forwarders. During matching a zone forwarder,
the DNS forwarder will use the conditional fowarder with the longest
domain name that matches the query.
array of ConditionalForwarderZone Maximum items: 5
default_forwarder Default zone forwarder

The default zone forwarder that catches all other domain names except
those matched by conditional forwarder zone.
ForwarderZone Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Flag to enable/disable the forwarder boolean Default: "True"
id Unique identifier of this resource string Sortable
listener_ip Listener ip address

The ip address the DNS forwarder listens on. It can be an ip address
already owned by the logical-router uplink port or router-link, or a
loopback port ip address. But it can not be a downlink port address.
User needs to ensure the address is reachable via router or NAT from
both client VMs and upstream servers. User will need to create Firewall
rules if needed to allow such traffic on a Tier-1 or Tier-0.
IPv4Address Required
log_level Log level of the DNS forwarder string Enum: DEBUG, INFO, WARNING, ERROR, FATAL
Default: "INFO"
logical_router_id Logical router id

Specify the LogicalRouter where the DnsForwarder runs. The HA mode
of the hosting LogicalRouter must be Active/Standby.
string Required
resource_type Must be set to the value DnsForwarder string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DnsForwarderListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of DNS forwarders array of DnsForwarder Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DnsForwarderStatistics (schema)

Statistics counters of the DNS forwarder

The current statistics counters of the DNS forwarder including cache usages
and query numbers per forwarders.

Name Description Type Notes
conditional_forwarder_statistics The statistics of conditional forwarders array of PerForwarderStatistics Readonly
Minimum items: 0
Maximum items: 5
configured_cache_size The configured cache size, in kb integer Readonly
default_forwarder_statistics The statistics of default forwarder PerForwarderStatistics Readonly
error_message Error message, if available string Readonly
queries_answered_locally The totocal number of queries answered from local cache integer Readonly
queries_forwarded The total number of forwarded dns queries integer Readonly
timestamp Time stamp of the current statistics, in ms EpochMsTimestamp Readonly
total_queries The total number of received dns queries integer Readonly
used_cache_statistics The statistics of used cache array of PerNodeUsedCacheStatistics Readonly
Minimum items: 0
Maximum items: 2

DnsForwarderStatus (schema)

The current runtime status of DNS forwarder

The current runtime status of the DNS forwarder including the hosting
transport nodes and forwarder service status.

Name Description Type Notes
active_node Uuid of active transport node string Readonly
extra_message Extra message, if available string Readonly
standby_node Uuid of stand_by transport node. null if non-HA mode string Readonly
status UP means the DNS forwarder is working correctly on the active transport
node and the stand-by transport node (if present). Failover will occur
if either node goes down.
DOWN means the DNS forwarder is down on both active transport node and
standby node (if present). The DNS forwarder does not function in this
situation.
Error means there is some error on one or both transport node, or no
status was reported from one or both transport nodes. The dns forwarder
may be working (or not working).
NO_BACKUP means dns forwarder is working in only one transport node,
either because it is down on the standby node, or no standby is configured.
An forwarder outage will occur if the active node goes down.
string Readonly
Enum: UP, DOWN, ERROR, NO_BACKUP
timestamp Time stamp of the current status, in ms EpochMsTimestamp Readonly

DnsHeader (schema)

Name Description Type Notes
address Domain name/IP to query/response

This is used to define what is being asked or responded.		 string
address_type This is used to specify the type of the address. V4 - The address provided is an IPv4 domain name/IP address, the Type in query or response will be A V6 - The address provided is an IPv6 domain name/IP address, the Type in query or response will be AAAA string Enum: V4, V6
Default: "V4"
message_type Specifies the message type whether it is a query or a response. string Enum: QUERY, RESPONSE
Default: "QUERY"

DnsQueryAnswer (schema)

Answer of nslookup

Name Description Type Notes
address Matched ip address

Can be resolved ip address.
string
name Matched name

Matched name of the given address.
string
raw_string Unparsed answer string

Unparsed answer string from raw_answer.
string

DnsSecurityProfile (schema)

DNS security profile

Used to configure DNS security profile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value DnsSecurityProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
ttl Time to live for DNS cache entry

Time to live for DNS cache entry in seconds. Valid TTL values are between 3600
to 864000. However, this field accepts values between 0 through 864000. We define
TTL type based on the value of TTL as follows:
TTL 0 - cached entry never expires.
TTL 1 to 3599 - invalid input and error is thrown
TTL 3600 to 864000 - ttl is set to user input
TTL field not set by user - TTL type is 'AUTO' and ttl value is set from DNS response packet.

User defined TTL value is used only when it is betweeen 3600 to 864000.
integer Minimum: 0
Maximum: 864000
Default: "86400"

DnsSecurityProfileBindingMap (schema)

Binding Map for DNS Security Profile

This entity will be used to establish association between DNS security profile and
Group. With this entity, user can specify intent for applying DNS security profile
profile to particular Group.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
profile_path Profile Path

PolicyPath of associated Profile		 string Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value DnsSecurityProfileBindingMap string
sequence_number Sequence number DNS Security Profile Binding Map

Sequence number used to resolve conflicts betweeen two profiles applied on
the same group. Lower sequence number takes higher precedence. Two binding
maps applied to the same profile must have the same sequence number.
User defined sequence numbers range from 1 through 100,000.
System defined sequence numbers range from 100,001 through 200,000.
integer Minimum: 1
Maximum: 100000
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DnsSecurityProfileBindingMapListRequestParameters (schema)

DNS Security Profile Binding Map List Request Parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

DnsSecurityProfileBindingMapListResult (schema)

Paged collection of DNS Security Profile Binding Map

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results DNS Security Profile Binding Map List Results array of DnsSecurityProfileBindingMap
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DnsSecurityProfileListResult (schema)

Paged Collection of DnsSecurityProfile

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results DnsSecurityProfile list results array of DnsSecurityProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DnsSettings (schema)

DNS settings

Stores Azure gateway DNS settings like dns_mode and dns_list.

Name Description Type Notes
dns_list List of nameserver(s)

The is a list of nameserver ipv4 addresses that will be used by the
public cloud gateway. DNS will use these nameserver(s) if the
cloud_dns_mode is set to PRECONFIGURED.
array of string
dns_mode DNS mode

DHCP: Obtain nameserver(s) from DHCP.
PRECONFIGURED: User supplies list of nameserver(s).
CLOUD: Use cloud provider DNS.
string Enum: DHCP, PRECONFIGURED, CLOUD
Default: "DHCP"

DnsTtlConfig (schema)

DNS TTL config

Firewall to use TTL config to manage firewall cache to expire snooped FQDN entries from DNS response.

Name Description Type Notes
dns_ttl_type TTL type.

TTL type to decide how to manage ttl.		 string Required
Enum: USE_TTL, AUTO, NEVER_EXPIRE
ttl DNS server TTL

The number of seconds that snooped DNS responses are retained in the cache. Used only when dns_ttl_type is USE_TTL.		 integer Minimum: 3600
Maximum: 864000
Default: "86400"

Domain (schema)

Domain

Domain.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Domain string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DomainDeploymentMap (schema)

Domain deployment map

Binding of domains to the enforcement point.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enforcement_point_path Absolute path of enforcement point

Path of enforcement point on which domain will be deployed		 string Required
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value DomainDeploymentMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

DomainDeploymentMapListRequestParameters (schema)

DomainDeploymentMap list request parameters

DomainDeploymentMap list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

DomainDeploymentMapListResult (schema)

Paged Collection of Domain Deployment map

Paged Collection of Domain Deployment map

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Domain Deployment Map array of DomainDeploymentMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DomainListRequestParameters (schema)

Domain list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

DomainListResult (schema)

Paged Collection of Domains

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Domain list results array of Domain Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

DonutConfiguration (schema)

Donut Configuration

Represents configuration of a Donut

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
datasources Array of Datasource Instances with their relative urls

The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.		 array of Datasource Minimum items: 0
description Description of this resource string Maximum length: 1024
Sortable
display_count Show or hide the count of entities

If true, displays the count of entities in the donut		 boolean Default: "True"
display_name Widget Title

Title of the widget. If display_name is omitted, the widget will be shown without a title.		 string Maximum length: 255
drilldown_id Id of drilldown widget

Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.		 string Maximum length: 255
footer Footer
icons Icons

Icons to be applied at dashboard for widgets and UI elements.		 array of Icon
id Unique identifier of this resource string Sortable
is_drilldown Set as a drilldown widget

Set to true if this widget should be used as a drilldown.		 boolean Default: "False"
label Label of the Donut Configuration

Displayed at the middle of the donut, by default. It labels the entities of donut.		 Label
legend Legend for the widget

Legend to be displayed. If legend is not needed, do not include it.		 Legend
navigation Navigation to a specified UI page

Hyperlink of the specified UI page that provides details.		 string Maximum length: 1024
resource_type Must be set to the value DonutConfiguration string Required
Readonly
Enum: LabelValueConfiguration, DonutConfiguration, MultiWidgetConfiguration, ContainerConfiguration, StatsConfiguration, GridConfiguration, GraphConfiguration
Maximum length: 255
sections Sections array of DonutSection Required
Minimum items: 1
shared Visiblity of widgets to other users

Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.		 boolean Deprecated
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
weight Weightage or placement of the widget or container

Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.		 int Deprecated

DonutPart (schema)

Portion of a donut or stats chart

Represents an entity or portion to be plotted on a donut or stats chart.

Name Description Type Notes
drilldown_id Id of drilldown widget

Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.		 string
field Value of the portion or entity of donut or stats chart

A numerical value that represents the portion or entity of the donut or stats chart.		 string Required
Maximum length: 1024
label Label of the portion or entity of donut or stats chart

If a section 'template' holds this donut or stats part, then the label is auto-generated from the fetched field values after applying the template.		 Label
navigation Navigation to a specified UI page

Hyperlink of the specified UI page that provides details. If drilldown_id is provided, then navigation cannot be used.		 string
render_configuration Render Configuration

Additional rendering or conditional evaluation of the field values to be performed, if any.		 array of RenderConfiguration Minimum items: 0
tooltip Multi-line tooltip

Multi-line text to be shown on tooltip while hovering over the portion.		 array of Tooltip Minimum items: 0

DonutSection (schema)

Section of a donut or stats chart

Represents high level logical grouping of portions or segments of a donut / stats chart.

Name Description Type Notes
parts Parts of a donut / stats chart

Array of portions or parts of the donut or stats chart.		 array of DonutPart Required
Minimum items: 1
row_list_field Field from which parts of the donut or stats chart are formed

Field of the root of the api result set for forming parts.		 string Maximum length: 1024
template Template, if any, for automatically forming the donut or stats parts

If true, the section will be appled as template for forming parts. Only one part will be formed from each element of 'row_list_field'.		 boolean Default: "False"

Dscp (schema)

One of Quality-of-Service or Encapsulated-Remote-Switched-Port-Analyzer

Dscp value is ignored in case of 'TRUSTED' DscpMode.

Name Description Type Notes
mode DscpMode
priority Internal Forwarding Priority int Minimum: 0
Maximum: 63
Default: "0"

DscpMode (schema)

Trust settings

Name Description Type Notes
DscpMode Trust settings string Enum: TRUSTED, UNTRUSTED
Default: "TRUSTED"

DscpTrustMode (schema)

Trust settings

When you select the Trusted mode the inner header DSCP value is applied
to the outer IP header for IP/IPv6 traffic. For non IP/IPv6 traffic,
the outer IP header takes the default value.Untrusted mode is supported
on overlay-based and VLAN-based logical port.

Name Description Type Notes
DscpTrustMode Trust settings

When you select the Trusted mode the inner header DSCP value is applied
to the outer IP header for IP/IPv6 traffic. For non IP/IPv6 traffic,
the outer IP header takes the default value.Untrusted mode is supported
on overlay-based and VLAN-based logical port.
string Enum: TRUSTED, UNTRUSTED
Default: "TRUSTED"

DuplicateAddressBindingEntry (schema)

Duplicate address binding information

Name Description Type Notes
binding Combination of IP-MAC-VLAN binding PacketAddressClassifier
binding_timestamp Timestamp of binding

Timestamp at which the binding was discovered via snooping or manually
specified by the user
EpochMsTimestamp
conflicting_port ID of logical port with the same address binding

Provides the ID of the port on which the same address bidning exists
string
source Address binding source

Source from which the address binding entry was obtained		 AddressBindingSource Default: "UNKNOWN"

DuplicateIPDetection (schema)

Duplicate IP detection and control

Name Description Type Notes
duplicate_ip_detection_enabled Indicates whether duplicate IP detection should be enabled boolean Default: "False"

DuplicateIPDetectionOptions (schema)

Controls duplicate IP detection options

Contains dupliacte IP detection related discovery options.

Name Description Type Notes
duplicate_ip_detection_enabled Duplicate IP detection

Indicates whether duplicate IP detection should be enabled		 boolean Default: "False"

EPActionForDnsForwarderRequestParameters (schema)

Name Description Type Notes
action An action to be performed for DNS forwarder on EP

The valid DNS forwarder actions to be performed on EP are,
- clear_cache:
Clear the current cache of the dns forwarder from
specified enforcement point.
string Required
Enum: clear_cache
enforcement_point_path An enforcement point path, on which the action is to be performed

An enforcement point path, on which the action is to be performed.
If not specified, default enforcement point path,
/infra/sites/default/enforcement-points/default will be considered.
string Default: "/infra/sites/default/enforcement-points/default"

EULAAcceptance (schema)

EULA acceptance status

Indicate the status of End User License Agreement acceptance

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
acceptance End User License Agreement acceptance status

Acceptance status of End User License Agreement		 boolean Required

EULAContent (schema)

EULA content

End User License Agreement content

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
content End User License Agreement content

Content of End User License Agreement		 string Required

EULAOutputFormatRequestParameters (schema)

Indicate output format of End User License Agreement content

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
value_format End User License Agreement content output format string

EdgeCluster (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
allocation_rules Allocation rules for auto placement

Set of allocation rules and respected action for auto placement of
logical router, DHCP and MDProxy on edge cluster members.
array of AllocationRule
cluster_profile_bindings Edge cluster profile bindings array of ClusterProfileTypeIdEntry
deployment_type Edge cluster deployment type

This field is a readonly field which shows the deployment_type of members.
It returns UNKNOWN if there are no members, and returns VIRTUAL_MACHINE|
PHYSICAL_MACHINE if all edge members are VIRTUAL_MACHINE|PHYSICAL_MACHINE.
It returns HYBRID if the cluster contains edge members of both types
VIRTUAL_MACHINE and PHYSICAL_MACHINE.
EdgeDeploymentType Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
member_node_type Node type of the cluster members

Edge cluster is homogenous collection of transport nodes.
Hence all transport nodes of the cluster must be of same type.
This readonly field shows the type of transport nodes.
EdgeClusterNodeType Readonly
members Edge cluster members

EdgeCluster only supports homogeneous members.
These member should be backed by either EdgeNode or PublicCloudGatewayNode.
TransportNode type of these nodes should be the same.
DeploymentType (VIRTUAL_MACHINE|PHYSICAL_MACHINE) of these EdgeNodes is
recommended to be the same. EdgeCluster supports members of different
deployment types.
array of EdgeClusterMember
resource_type Must be set to the value EdgeCluster string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

EdgeClusterAllocationStatus (schema)

Allocationd details of edge cluster

Allocation details of cluster and its members. Contains information of the
edge nodes present in cluster, active and standby services of each node,
utilization details of configured sub-pools. These allocation details can
be monitored by customers to trigger migration of certain service contexts
to different edge nodes, to balance the utilization of edge node resources.

Name Description Type Notes
display_name Display name of the edge cluster string Readonly
id Unique identifier of edge cluster

System allotted UUID of edge cluster.		 string Readonly
member_count Count of edge nodes present in the cluster

Represents the number of edge nodes in the cluster.		 int Readonly
members Allocation Status of edge nodes

Allocation details of edge nodes present in the cluster.		 array of EdgeMemberAllocationStatus Readonly

EdgeClusterListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Edge cluster list results array of EdgeCluster Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

EdgeClusterMember (schema)

Name Description Type Notes
description description of edge cluster member

description of edge cluster member		 string
display_name display name of edge cluster member

display name of edge cluster member		 string
member_index System generated index for cluster member

System generated index for cluster member		 int Readonly
transport_node_id UUID of edge transport node

Identifier of the transport node backed by an Edge node		 string Required

EdgeClusterMemberAllocationPool (schema)

This is an abstract type. Concrete child types:
LoadBalancerAllocationPool

Name Description Type Notes
allocation_pool_type AllocationPoolType Required

EdgeClusterMemberAllocationProfile (schema)

Name Description Type Notes
allocation_pool Edge Cluster Member Allocation Pool for logical router

Logical router allocation can be tracked for specific services and
services may have their own hard limits and allocation sizes. For
example load balancer pool should be specified if load balancer
service will be attached to logical router.
EdgeClusterMemberAllocationPool
(Abstract type: pass one of the following concrete types)
LoadBalancerAllocationPool
enable_standby_relocation Flag to enable standby service router relocation

Flag to enable the auto-relocation of standby service router running
on edge cluster and node associated with the logical router. Only
dynamically allocated tier1 logical routers are considered for the
relocation.
boolean Default: "False"

EdgeClusterMemberStatus (schema)

Name Description Type Notes
status Status of an edge node string Required
Enum: UP, DOWN, ADMIN_DOWN, PARTIALLY_DISCONNECTED, UNKNOWN
transport_node UUID of edge transport node

Transport node backed by an Edge node.		 ResourceReference Required

EdgeClusterMemberTransportNode (schema)

Name Description Type Notes
member_index System generated index for cluster member

System generated index for cluster member		 int Required
transport_node_id UUID of edge transport node

Identifier of the transport node backed by an Edge node		 string Required

EdgeClusterNodeType (schema)

Supported edge cluster node type.

Name Description Type Notes
EdgeClusterNodeType Supported edge cluster node type. string Enum: EDGE_NODE, PUBLIC_CLOUD_GATEWAY_NODE, UNKNOWN

EdgeClusterState (schema)

Name Description Type Notes
details Array of configuration state of various sub systems array of ConfigurationStateElement Readonly
failure_code Error code integer Readonly
failure_message Error message in case of failure string Readonly
state Overall state of desired configuration

Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.		 string Required
Readonly
Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED

EdgeClusterStatus (schema)

Name Description Type Notes
edge_cluster_id Edge cluster id

Id of the edge cluster whose status is being reported		 string Required
edge_cluster_status Status of an edge node string Required
Enum: UP, DOWN, DEGRADED, UNKNOWN
last_update_timestamp Last updated timestamp

Timestamp when the cluster status was last updated		 EpochMsTimestamp Required
Readonly
member_status Per Edge Node Status array of EdgeClusterMemberStatus Readonly

EdgeDeploymentType (schema)

Supported edge deployment type.

Name Description Type Notes
EdgeDeploymentType Supported edge deployment type. string Enum: VIRTUAL_MACHINE, PHYSICAL_MACHINE, UNKNOWN

EdgeFormFactor (schema)

Supported edge form factor.

Name Description Type Notes
EdgeFormFactor Supported edge form factor. string Enum: SMALL, MEDIUM, LARGE

EdgeHighAvailabilityProfile (schema)

Profile for BFD HA cluster setting

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
bfd_allowed_hops BFD allowed hops integer Minimum: 1
Maximum: 255
Default: "255"
bfd_declare_dead_multiple Number of times a packet is missed before BFD declares the neighbor down. integer Minimum: 2
Maximum: 16
Default: "3"
bfd_probe_interval the time interval (in millisec) between probe packets for heartbeat purpose integer Minimum: 300
Maximum: 60000
Default: "1000"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value EdgeHighAvailabilityProfile ClusterProfileType Required
standby_relocation_config Standby service contexts relocation setting StandbyRelocationConfig
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

EdgeMemberAllocationStatus (schema)

Name Description Type Notes
allocated_services Services allocated on edge node

List of services allocated on the edge node.		 array of AllocatedService Readonly
allocation_pools Pool Allocation details

Allocation details of pools defined on the edge node.		 array of AllocationPool Readonly
member_index System generated index for cluster member

System generated index for transport node backed by edge node.
int Readonly
node_display_name Identifier to use when displaying cluster member in logs or GUI

Display name of edge cluster member. Defaults to ID if not set.
string Readonly
node_id Unique identifier of edge node

System allotted UUID of edge node.		 string Readonly

EdgeNode (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
allocation_list Allocation list

List of logical router ids to which this edge node is allocated.		 array of string Readonly
deployment_config Config for automatic deployment of edge node virtual machine.

When this configuration is specified, edge fabric node of deployment_type VIRTUAL_MACHINE
will be deployed and registered with MP.
EdgeNodeDeploymentConfig
deployment_type EdgeDeploymentType Readonly
description Description of this resource string Maximum length: 1024
Sortable
discovered_ip_addresses Discovered IP Addresses of the fabric node, version 4 or 6 array of IPAddress Readonly
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id ID of the Node maintained on the Node and used to recognize the Node string
fqdn Fully qualified domain name of the fabric node string Readonly
id Unique identifier of this resource string Sortable
ip_addresses IP Addresses of the Node, version 4 or 6

IP Addresses of the Node, version 4 or 6. This property is mandatory for all nodes except for
automatic deployment of edge virtual machine node. For automatic deployment, the ip address from
management_port_subnets property will be considered.
array of IPAddress
node_settings Current configuration on edge node.

Reports the current configuration of the SSH, DHS, NTP and host name
on this edge node. The deployment_config property is used during
deployment and this counterpart property shows current values.
EdgeNodeSettings
resource_type Must be set to the value EdgeNode string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

EdgeNodeDeploymentConfig (schema)

Name Description Type Notes
form_factor EdgeFormFactor Default: "MEDIUM"
node_user_settings Node user settings

Username and password settings for the node.
Note - these settings will be honored only during node deployment.
Post deployment, CLI must be used for changing the user settings, changes to these parameters will not have any effect.
NodeUserSettings Required
vm_deployment_config DeploymentConfig
(Abstract type: pass one of the following concrete types)
DeploymentConfig
VsphereDeploymentConfig		 Required

EdgeNodeSettings (schema)

The settings are used during deployment and consequent update of an edge,
unless indicated otherwise. The settings are preferred over the deprecated
settings in VsphereDeploymentConfig.
The settings reflect the current configuraton on an edge node.
If the settings lag with actual state on the edge,
these may be refreshed at NSX Manager using API POST api/v1/transport-nodes
/<transport-node-id>?action=refresh_node_configuration&resource_type=
EdgeNode

Name Description Type Notes
allow_ssh_root_login Allow root SSH logins.

Allowing root SSH logins is not recommended for security reasons.
Edit of this property is not supported when updating transport node.
Use the CLI to change this property.
boolean Default: "False"
dns_servers DNS servers.

List of DNS servers.
array of IPAddress
enable_ssh Enable SSH.

Enabling SSH service is not recommended for security reasons.
boolean Default: "False"
hostname Host name or FQDN for edge node. string Pattern: "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*?$"
ntp_servers NTP servers.

List of NTP servers.
array of HostnameOrIPv4Address
search_domains Search domain names.

List of domain names that are used to complete unqualified host names.
array of string

EdgeUpgradeStatus (schema)

Status of edge upgrade

Name Description Type Notes
can_skip Can the upgrade of the remaining units in this component be skipped boolean Readonly
component_type Component type for the upgrade status string Readonly
current_version_node_summary Mapping of current versions of nodes and counts of nodes at the respective versions. NodeSummaryList Readonly
details Details about the upgrade status string Readonly
node_count_at_target_version Count of nodes at target component vrin

Number of nodes of the type and at the component version		 int Readonly
percent_complete Indicator of upgrade progress in percentage number Required
Readonly
pre_upgrade_status Pre-upgrade status of the component-type UpgradeChecksExecutionStatus Readonly
status Upgrade status of component string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED
target_component_version Target component version string Readonly

EffectiveIPAddressMemberListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of effective ip addresses for the given NSGroup array of IPElement Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

EffectiveMemberResourceListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of resources which are the effective members of an NSGroup. array of ResourceReference Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

EffectiveMemberTypeListResult (schema)

Name Description Type Notes
result_count Count of the member types in the results array integer Required
Readonly
results Collection of member types for the given NSGroup array of NSGroupValidResourceType Required

EffectiveProfileListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of profiles which are applied to an Entity array of NSXProfileReference Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

EffectiveProfileRequestParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
resource_id The resource for which the effective profiles are to be fetched string Required
resource_type Type of the resource for which effective profiles are to be fetched EffectiveProfileResourceType Required
sort_ascending boolean
sort_by Field by which records are sorted string

EffectiveProfileResourceType (schema)

Valid Resource type in effective profiles API

This enum defines the valid Resource types to be used
in effective profiles API

Name Description Type Notes
EffectiveProfileResourceType Valid Resource type in effective profiles API

This enum defines the valid Resource types to be used
in effective profiles API
string Enum: NSGroup, LogicalPort, VirtualMachine, TransportNode, LogicalRouter

EgressRateLimiter (schema)

A shaper that specifies egress rate properties in Mb/s

Name Description Type Notes
average_bandwidth Average bandwidth in Mb/s int Minimum: 0
Default: "0"
burst_size Burst size in bytes int Minimum: 0
Default: "0"
enabled boolean Required
peak_bandwidth Peak bandwidth in Mb/s int Minimum: 0
Default: "0"
resource_type Must be set to the value EgressRateLimiter string Required
Enum: IngressRateLimiter, IngressBroadcastRateLimiter, EgressRateLimiter
Default: "IngressRateLimiter"

EgressRateShaper (schema)

A shaper that specifies egress rate properties in Mb/s

Name Description Type Notes
average_bandwidth_mbps Average bandwidth in Mb/s int Minimum: 0
Default: "0"
burst_size_bytes Burst size in bytes int Minimum: 0
Default: "0"
enabled boolean Required
peak_bandwidth_mbps Peak bandwidth in Mb/s int Minimum: 0
Default: "0"
resource_type Must be set to the value EgressRateShaper string Required
Enum: IngressRateShaper, IngressBroadcastRateShaper, EgressRateShaper
Default: "IngressRateShaper"

EmbeddedResource (schema)

Base class for resources that are embedded in other resources

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_owner Owner of this resource OwnerResourceLink Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Identifier of the resource string Readonly
resource_type The type of this resource. string

EncapsulationType (schema)

Encapsulation type for L3PortMirrorSession

You can choose the encapsulation type of the mirroring, now we support
GRE, ERSPAN II and ERSPAN III.

Name Description Type Notes
EncapsulationType Encapsulation type for L3PortMirrorSession

You can choose the encapsulation type of the mirroring, now we support
GRE, ERSPAN II and ERSPAN III.
string Enum: GRE, ERSPAN_TWO, ERSPAN_THREE

Endpoint (schema)

Tunnel endpoint configuration

An Endpoint object is part of HostSwitch configuration in TransportNode

Name Description Type Notes
default_gateway Gateway IP IPAddress Readonly
device_name Name of the virtual tunnel endpoint string Readonly
ip IP Address of this virtual tunnel endpoint

Depending upon the EndpointIpConfig used in HostSwitch, IP could be allocated either from DHCP (default) or from Static IP Pool.		 IPAddress Readonly
label Unique label for this Endpoint int Readonly
mac MAC address MACAddress Readonly
subnet_mask Subnet mask IPAddress Readonly

EndpointPolicy (schema)

Contains ordered list of Endpoint Rules

Ordered list of Endpoint Rules ordered by sequence number of the entries.
The maximum number of policies is 25.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
endpoint_rules Endpoint Rules that are a part of this EndpointPolicy array of EndpointRule
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value EndpointPolicy string
sequence_number Precedence to resolve conflicts across Domains

This field is used to resolve conflicts between maps
across domains.
int Minimum: 0
Maximum: 499
Default: "0"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

EndpointPolicyListRequestParameters (schema)

EndpointPolicy list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

EndpointPolicyListResult (schema)

Paged Collection of Groups

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Guest Introspection Map list results array of EndpointPolicy Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

EndpointRule (schema)

Endpoint Rule for guest introspection.

Endpoint Rule comes from user configuration. User configures Endpoint Rule to specify what services are applied on the groups.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
groups group paths

We need paths as duplicate names may exist for groups under different
domains. In order to specify all groups, use the constant "ANY". This
is case insensitive. If "ANY" is used, it should be the ONLY element
in the group array. Error will be thrown if ANY is used in conjunction
with other values.
array of string Required
Maximum items: 50
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value EndpointRule string
sequence_number Sequence number of this Entry

This field is used to resolve conflicts between multiple
entries under EndpointPolicy. It will be system default value when not specified
by user.
int Minimum: 0
Maximum: 499
Default: "0"
service_profiles Names of service profiles

The policy paths of service profiles are listed here. It pecifies what
services are applied on the group. Currently only one is allowed.
array of string Required
Maximum items: 1
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

EndpointRuleListRequestParameters (schema)

Endpoint Rule list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

EndpointRuleListResult (schema)

Paged Collection of Endpoint Rules

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Endpoint Rule list results array of EndpointRule Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

EnforcementPoint (schema)

Represents endpoint where policy will be applied

Represents endpoint where policy will be applied

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
auto_enforce Flag to auto enforce the policy objects.

The flag, which suggests whether the policy objects will be enforced
automatically on this enforcement point or not. Default value is true,
means policy objects will automatically enforced on the Enforcement
point and if it is false, in that case user can use the usual means
for realization. i.e deployment maps.
boolean Default: "True"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
connection_info Enforcement point connection info EnforcementPointConnectionInfo
(Abstract type: pass one of the following concrete types)
CvxConnectionInfo
NSXTConnectionInfo
NSXVConnectionInfo		 Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value EnforcementPoint string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
version Version of the Enforcement point string Readonly

EnforcementPointConnectionInfo (schema)

Enforcement point connection info

Contains information required to connect to enforcement point This is an abstract type. Concrete child types:
CvxConnectionInfo
NSXTConnectionInfo
NSXVConnectionInfo

Name Description Type Notes
enforcement_point_address IP Address or hostname of the Enforcement point

Value of this property could be hostname or ip. eg. For NSX-T manager
running on default port the value can be "10.192.1.1", for NSX-T manager
running on custom port value can be "192.168.1.1:32789". For NSX-T
manager in VMC deployments value can have url prefix
eg. "192.168.1.1:5480/nsxapi"
string Required
resource_type string Required
Enum: NSXTConnectionInfo, NSXVConnectionInfo, CvxConnectionInfo

EnforcementPointListRequestParameters (schema)

EnforcementPoint list request parameters

EnforcementPoint list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

EnforcementPointListResult (schema)

Paged Collection of EnforcementPoints

Paged collection of enforcement points

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results EnforcementPoint list results array of EnforcementPoint Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

EntityInstanceCountConstraintExpression (schema)

Represents the leaf level constraint to restrict the number instances of type.

Represents the leaf level constraint to restrict the number instances of an entity
type can be created. This is useful in restricting number of CGWs or MGWs or
Providers that can created in a system.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
count Instance count.

Instance count.		 integer Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
operator Operations supported '<' and '<='. string Required
resource_type Must be set to the value EntityInstanceCountConstraintExpression string Required
Enum: ValueConstraintExpression, RelatedAttributeConditionalExpression, EntityInstanceCountConstraintExpression, FieldSanityConstraintExpression
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

EpochMsTimestamp (schema)

Timestamp in milliseconds since epoch

Name Description Type Notes
EpochMsTimestamp Timestamp in milliseconds since epoch integer

ErrorInfo (schema)

Error information

Name Description Type Notes
error_message Error message string Required
Readonly
timestamp Timestamp when the error occurred EpochMsTimestamp Required
Readonly

ErrorResolverInfo (schema)

Metadata related to a given error_id

Name Description Type Notes
error_id The error id for which metadata information is needed integer Required
resolver_present Indicates whether there is a resolver associated with the error or not boolean Required
user_metadata User supplied metadata that might be required by the resolver ErrorResolverUserMetadata

ErrorResolverInfoList (schema)

Collection of all registered ErrorResolverInfo

Name Description Type Notes
results ErrorResolverInfo list array of ErrorResolverInfo Required

ErrorResolverMetadata (schema)

Error along with its metadata

Name Description Type Notes
entity_id The entity/node UUID where the error has occurred. string Required
error_id The error id as reported by the entity where the error occurred. integer Required
system_metadata This can come from some external system like syslog collector ErrorResolverSystemMetadata
user_metadata User supplied metadata that might be required by the resolver ErrorResolverUserMetadata

ErrorResolverMetadataList (schema)

List of errors with their metadata

Name Description Type Notes
errors List of errors with their corresponding metadata. array of ErrorResolverMetadata Required

ErrorResolverSystemMetadata (schema)

Metadata fetched from an external system like Syslog or LogInsight.

Name Description Type Notes
value The value fetched from another system string

ErrorResolverUserInputData (schema)

Corresponds to one property entered by the user

Name Description Type Notes
data_type The datatype of the given property. Useful for data validation string Required
Enum: TEXT, NUMBER, PASSWORD
property_name Name of the property supplied by the user string Required
property_value The value associated with the above property string

ErrorResolverUserMetadata (schema)

User supplied metadata needed for resolving errors

Name Description Type Notes
user_input_list List of user supplied input data. array of ErrorResolverUserInputData

EsxGlobalOpaqueConfig (schema)

ESX global opaque configuration

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
opaque_config A list of global opaque configuration for ESX hosts. array of KeyValuePair Required
resource_type Must be set to the value EsxGlobalOpaqueConfig GlobalConfigType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

EtherTypeNSService (schema)

An NSService element that represents an ethertype protocol

Name Description Type Notes
ether_type Type of the encapsulated protocol integer Required
resource_type Must be set to the value EtherTypeNSService string Required
Enum: EtherTypeNSService, IPProtocolNSService, IGMPTypeNSService, ICMPTypeNSService, ALGTypeNSService, L4PortSetNSService

EtherTypeServiceEntry (schema)

A ServiceEntry that represents an ethertype protocol

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
ether_type Type of the encapsulated protocol integer Required
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value EtherTypeServiceEntry string Required
Enum: IPProtocolServiceEntry, IGMPTypeServiceEntry, ICMPTypeServiceEntry, ALGTypeServiceEntry, L4PortSetServiceEntry, EtherTypeServiceEntry
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

EthernetHeader (schema)

Name Description Type Notes
dst_mac Destination MAC address of the Ethernet header

The destination MAC address of form:
"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$". For example: 00:00:00:00:00:00.
string
eth_type The value of the type field to be put into the Ethernet header

This field defaults to IPv4.		 integer Minimum: 1
Maximum: 65535
Default: "2048"
src_mac Source MAC address of the Ethernet header

The source MAC address of form:
"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$". For example: 00:00:00:00:00:00.
string

Evaluation (schema)

Criterion Evaluation

Criterion Evaluation is the basic logical condition to evaluate
whether the event could be potentially met.
This is an abstract type. Concrete child types:
SourceFieldEvaluation

Name Description Type Notes
resource_type Resource Type

Criterion Evaluation resource type.
string Required
Enum: SourceFieldEvaluation

Event (schema)

Reaction Event

The Event is the criterion or criteria applied to the source and,
when met, prompt Policy to run the action.
All Reaction Events are constructed with reference to
the object, the "source", that is logically deemed to be the
object upon which the Event in question initially occurred upon.
Some example events include:
- New object was created.
- Change in realization state.
- Specific API is called.

Name Description Type Notes
criteria Event Criteria

Criteria applied to the source and, if satisfied, would trigger the
action. Criteria is composed of criterions. In order for the Criteria
to be met, only one of the criterion must be fulfilled (implicit OR).
array of Criterion
source Event Source

Source that is logically deemed to be the "object" upon which the Event
in question initially occurred upon.
Source
(Abstract type: pass one of the following concrete types)
ApiRequestBody
ResourceOperation		 Required

ExcludeList (schema)

Exclusion List

List of entities where Distributed Firewall will not be enforced. Exclusion List can contain NSGroup(s) or LogicalPort(s) or LogicalSwitch(es) to exclude Distributed Firewall enforcement.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
member_count Total Member Count

Total number of members present in Exclude List.		 integer Readonly
members Member list

List of members in Exclusion List		 array of ResourceReference Required
Maximum items: 1000
resource_type Must be set to the value ExcludeList string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ExcludeListRequestParams (schema)

Parameters for filtering the exclude list

Name Description Type Notes
deep_check Check all parents

Deep check all parents of requested object_id if any of them is in exclude list. If found, makes requested entity as excluded.		 boolean Default: "False"
object_id identifier of the object string Required
Maximum length: 64
object_type Type of the object

Used if requested for deep_check. Type allows ability to find its association and parent entities.		 ExcludeMemberType

ExcludeMemberType (schema)

Object type of an entity

Enum of supported excluded member types.

Name Description Type Notes
ExcludeMemberType Object type of an entity

Enum of supported excluded member types.		 string Readonly
Enum: NSGroup, LogicalPort, LogicalSwitch

Expression (schema)

Base class for each node of the expression

All the nodes of the expression extend from this abstract class. This
is present for extensibility.
This is an abstract type. Concrete child types:
Condition
ConjunctionOperator
ExternalIDExpression
IPAddressExpression
IdentityGroupExpression
MACAddressExpression
NestedExpression
PathExpression

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Expression string Required
Enum: Condition, ConjunctionOperator, NestedExpression, IPAddressExpression, MACAddressExpression, ExternalIDExpression, PathExpression, IdentityGroupExpression
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ExternalIDExpression (schema)

External ID expression node

Represents external ID expressions in the form of an array, to support addition of objects like virtual interfaces and virtual machines to a group.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_ids Array of external IDs for the specified member type

This array can consist of one or more external IDs for the specified member type.		 array of string Required
Minimum items: 1
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
member_type External ID member type string Required
Enum: VirtualMachine, VirtualNetworkInterface
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value ExternalIDExpression string Required
Enum: Condition, ConjunctionOperator, NestedExpression, IPAddressExpression, MACAddressExpression, ExternalIDExpression, PathExpression, IdentityGroupExpression
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ExtraConfig (schema)

Vendor specific configuration on logical switch or logical port

Extra config is intended for supporting vendor specific configuration on the
data path, it can be set as key value string pairs on either logical switch
or logical port.
If it was set on logical switch, it will be inherited automatically by logical
ports in it. Also logical port setting will override logical switch setting
if specific key was dual set on both logical switch and logical port.

Name Description Type Notes
config_pair Key value pair in string for the configuration KeyValuePair Required

ExtraConfigHostSwitchProfile (schema)

Profile for extra configs in host switch

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
extra_configs list of extra configs array of ExtraConfig
id Unique identifier of this resource string Sortable
required_capabilities array of string Readonly
resource_type Must be set to the value ExtraConfigHostSwitchProfile HostSwitchProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

FIPSGlobalConfig (schema)

Global configuration

Global configuration

Name Description Type Notes
lb_fips_enabled A flag to turn on or turn off the FIPS compliance of load balancer feature.

When this flag is set to true FIPS mode will be set on ssl encryptions of load balancer feature.		 boolean Default: "False"

FailedNodeSupportBundleResult (schema)

Name Description Type Notes
error_code Error code string Required
Readonly
error_message Error message string Required
Readonly
node_display_name Display name of node string Required
Readonly
node_id UUID of node string Required
Readonly

FailureDomain (schema)

Failure Domain for edge transport node

Failure Domain is engineered to be isolated from failures in other failure
domains, and to provide inexpensive, low-latency network connectivity to
other failure domains in the same region. We support failure domain only on
edge transport node. Like you can consider one rack as one failure domain
and place active-standby contexts like logical router, DHCP and MDProxy in
two different failure domains (racks). So failure of a single rack (FD) does
not impact any services and other rack (FD) will continue to handle traffic.
Initially system creates one default failure domain. For any edge transport
node, if failure domains is not given, it will be mapped to default system
generated failure domain. You can't update preferred_active_edge_services
flag for system generated default failure domain. It will be unset which
means that failure domain can be used for both active and standby allocation.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
preferred_active_edge_services Set preference for failure domain

Set preference for edge transport node failure domain which will be
considered while doing auto placement of logical router, DHCP and
MDProxy on edge node.
true: For preemptive failover mode, active edge cluster member
allocation preferes this failure domain.
false: For preemptive failover mode, standby edge cluster member
allocation preferes this failure domain.
Default will be unset. It means no explicit preference.
boolean
resource_type Must be set to the value FailureDomain string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

FailureDomainListResult (schema)

Failure Domain queries result

It will have list of failure domains which also includes system generated
failure domain.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Failure Domain Results

Array of all failure domains including system generated default
failure domain
array of FailureDomain Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

FeaturePermission (schema)

Feature Permission

Name Description Type Notes
feature Feature Name string Required
Readonly
permission Permission string Required
Readonly
Enum: crud, read, execute, none

FeaturePermissionRequestParameters (schema)

RBAC Objects qualifier

Name Description Type Notes
feature_name Feature name string Required
object_path Exact object Policy path string Required

FeatureStackCollectionConfiguration (schema)

HPM feature stack data collection frequency configuration

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
client_type_collection_configurations Client type collection configurations

The set of client type data collection configurations		 array of ClientTypeCollectionConfiguration
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
feature_stack_name Feature stack name

The name of the feature stack		 string Required
id Unique identifier of this resource string Sortable
resource_type Must be set to the value FeatureStackCollectionConfiguration string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

FeatureStackCollectionConfigurationList (schema)

Feature stack collection configuration list result

Name Description Type Notes
results Feature stack configurations

The complete set of feature stack data collection configurations		 array of FeatureStackCollectionConfiguration Readonly

FeatureUsage (schema)

feature usage result item

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
capacity_usage Capacity Usage List array of CapacityUsage Required
Readonly
feature name of the feature string Readonly

FeatureUsageCsvRecord (schema)

Name Description Type Notes
ccu_usage_count count of number of concurrent users integer Readonly
core_usage_count Number of CPU cores used by this feature integer Readonly
cpu_usage_count count of number of cpu sockets used by this feature integer Readonly
feature name of the feature string Readonly
vcpu_usage_count count of number of vcpus of public cloud VMs integer Readonly
vm_usage_count count of number of vms used by this feature integer Readonly

FeatureUsageList (schema)

list of feature usage items

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
feature_usage_info Feature Usage List array of FeatureUsage Required
Readonly

FeatureUsageListInCsvFormat (schema)

Name Description Type Notes
file_name File name

File name set by HTTP server if API returns CSV result as a file.		 string
last_update_timestamp Timestamp when the data was last updated; unset if data source has
never updated the data.
EpochMsTimestamp Readonly
results array of FeatureUsageCsvRecord

FeedbackListRequestParameters (schema)

Name Description Type Notes
category Category on which feedback request should be filtered string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
hash Hash based on which feedback request should be filtered string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
state Filter based on current state of the feedback request string Enum: ALL, RESOLVED, UNRESOLVED
Default: "ALL"
sub_category Sub category based on which feedback request should be filtered string

FieldSanityConstraintExpression (schema)

Represents the field value sanity constraint

Represents the field value constraint to constrain specified field
value based on defined sanity checks.
Example - For DNS.upstream_servers, all the IP addresses must either be
public or private.
{
"target": {
"target_resource_type": "DnsForwarderZone",
"attribute": "upstreamServers",
"path_prefix": "/infra/dns-forwarder-zones/"
},
"constraint_expression": {
"resource_type": "FieldSanityConstraintExpression",
"operator": "OR",
"checks": ["ALL_PUBLIC_IPS", "ALL_PRIVATE_IPS"]
}
}

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
checks Array of sanity checks to be performed on field value

List of sanity checks.		 array of string Required
Enum: ALL_PUBLIC_IPS, ALL_PRIVATE_IPS
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
operator A conditional operator string Required
Enum: OR, AND
resource_type Must be set to the value FieldSanityConstraintExpression string Required
Enum: ValueConstraintExpression, RelatedAttributeConditionalExpression, EntityInstanceCountConstraintExpression, FieldSanityConstraintExpression
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

FieldSetting (schema)

FieldSetting

Field Setting.

Name Description Type Notes
field_pointer Field Pointer

Field Pointer.		 string Required
value Value

Value that the field must be set to.		 FieldSettingValue
(Abstract type: pass one of the following concrete types)
ConstantFieldValue		 Required

FieldSettingValue (schema)

Field Setting Value

Field Setting Value.
This is an abstract type. Concrete child types:
ConstantFieldValue

Name Description Type Notes
resource_type Resource Type

Field Setting Value resource type.
string Required
Enum: ConstantFieldValue

FieldsPacketData (schema)

Name Description Type Notes
arp_header The ARP header ArpHeader
eth_header The ethernet header EthernetHeader
frame_size Requested total size of the (logical) packet in bytes

If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message. The frame will be zero padded to the requested size.		 integer Minimum: 60
Maximum: 1000
Default: "128"
ip_header The IPv4 header Ipv4Header
ipv6_header The IPv6 header Ipv6Header
payload RFC3548 compatible base64-encoded payload

Up to 1000 bytes of payload may be supplied (with a base64-encoded length of 1336 bytes.) Additional bytes of traceflow metadata will be appended to the payload. The payload contains any data the user wants to put after the transport header.		 string Maximum length: 1336
resource_type Must be set to the value FieldsPacketData string Required
Enum: BinaryPacketData, FieldsPacketData
Default: "FieldsPacketData"
routed A flag, when set true, indicates that the traceflow packet is of L3 routing. boolean
transport_header The transport header

This field contains a protocol that is above IP. It is not restricted to the 'transport' defined by the OSI model (e.g., ICMP is supported).		 TransportProtocolHeader
transport_type transport type of the traceflow packet string Enum: BROADCAST, UNICAST, MULTICAST, UNKNOWN
Default: "UNICAST"

FileProperties (schema)

File properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
created_epoch_ms File creation time in epoch milliseconds integer Required
modified_epoch_ms File modification time in epoch milliseconds integer Required
name File name string Required
Pattern: "^[^/]+$"
size Size of the file in bytes integer Required

FilePropertiesListResult (schema)

File properties query results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results File property results array of FileProperties Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

FileThumbprint (schema)

File thumbprint

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
name File name string Required
Pattern: "^[^/]+$"
sha1 File's SHA1 thumbprint string Required
sha256 File's SHA256 thumbprint string Required

FileTransferAuthenticationScheme (schema)

Remote server authentication details

Name Description Type Notes
password Password to authenticate with string
scheme_name Authentication scheme name string Required
Enum: PASSWORD
username User name to authenticate with string Required
Pattern: "^([a-zA-Z][a-zA-Z0-9-.]*[a-zA-Z]\\\){0,1}\w[\w.-]+$"

FileTransferProtocol (schema)

Protocol to transfer backup file to remote server

Name Description Type Notes
authentication_scheme Scheme to authenticate if required FileTransferAuthenticationScheme Required
protocol_name Protocol name string Required
Enum: sftp
Default: "sftp"
ssh_fingerprint SSH fingerprint of server

The expected SSH fingerprint of the server. If the server's fingerprint
does not match this fingerprint, the connection will be terminated.

Only ECDSA fingerprints hashed with SHA256 are supported. To obtain the
host's ssh fingerprint, you should connect via some method other than
SSH to obtain this information. You can use one of these commands to
view the key's fingerprint:
1. ssh-keygen -l -E sha256 -f ssh_host_ecdsa_key.pub
2. awk '{print $2}' ssh_host_ecdsa_key.pub | base64 -d | sha256sum -b |
sed 's/ .*$//' | xxd -r -p | base64 | sed 's/.//44g' |
awk '{print "SHA256:"$1}'
string Required
Pattern: "^SHA256:.*$"

Filter (schema)

Name Description Type Notes
name The name of the filter. string Required
value The value of the filter. string Required

FipsGlobalConfig (schema)

NSX global configs for FIPS compliance settings

Policy api will overwrite the fipsGlobalConfig set using MP api. Always use https:///policy/api/v1/infra/global-config to update fips configuration.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
lb_fips_enabled A flag to turn on or turn off the FIPS compliance of load balancer feature.

When this flag is set to true FIPS mode will be set on ssl encryptions of load balancer feature.		 boolean Default: "False"
resource_type Must be set to the value FipsGlobalConfig GlobalConfigType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

FireWallServiceAssociationListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Firewall rule list result

Firewall rule list result with pagination support.		 array of FirewallRule Required
Readonly
service_type Must be set to the value FireWallServiceAssociationListResult string Required
Enum: FireWallServiceAssociationListResult, IpfixServiceAssociationListResult
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

FirewallCategory (schema)

Firewall Category

Statistic category for the type of rules in a section, like Layer2 Distributed Firewall, Layer3 DFW.

Name Description Type Notes
FirewallCategory Firewall Category

Statistic category for the type of rules in a section, like Layer2 Distributed Firewall, Layer3 DFW.		 string Readonly
Enum: L2DFW, L3DFW, L3BRIDGEPORTFW, L3LOGICALROUTERFW

FirewallConfiguration (schema)

Firewall related configurations

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
disable_auto_drafts Auto draft disable flag

To disable auto drafts, set it to true.
By default, auto drafts are enabled.
boolean Default: "False"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enable_firewall Firewall enable flag

If set to true, Firewall is enabled.
boolean Default: "True"
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value FirewallConfiguration string Required
Enum: DfwFirewallConfiguration
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

FirewallContextType (schema)

Firewall Context Type

Types of firewall contexts.

Name Description Type Notes
FirewallContextType Firewall Context Type

Types of firewall contexts.		 string Enum: transport_nodes, logical_routers

FirewallCpuMemThresholdsProfile (schema)

Firewall CPU and memory threshold profile

A profile holding CPU and memory threshold configuration.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
cpu_threshold_percentage CPU utilization threshold percentage

CPU utilization threshold percentage to monitor and report for distributed firewall.		 integer Required
Minimum: 10
Maximum: 100
Default: "90"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
mem_threshold_percentage Heap memory threshold utilization percentage

Heap memory threshold percentage to monitor and report for distributed firewall.		 integer Required
Minimum: 10
Maximum: 100
Default: "90"
resource_type Must be set to the value FirewallCpuMemThresholdsProfile string Required
Enum: FirewallSessionTimerProfile, FirewallCpuMemThresholdsProfile, FirewallFloodProtectionProfile, FirewallDnsProfile
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

FirewallDnsProfile (schema)

Firewall DNS profile

A profile holding DNS configuration which allows firewall to use DNS response packets and manage firewall cache. e.g. TTL used to expire snooped entries from cache.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
dns_ttl_config DNS TTL config

Firewall to use TTL config to manage firewall cache to expire snooped FQDN entries from DNS response.		 DnsTtlConfig
id Unique identifier of this resource string Sortable
resource_type Must be set to the value FirewallDnsProfile string Required
Enum: FirewallSessionTimerProfile, FirewallCpuMemThresholdsProfile, FirewallFloodProtectionProfile, FirewallDnsProfile
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

FirewallFloodProtectionProfile (schema)

Firewall flood protection profile

A profile holding protection configuration for SYN flood, UDP flood, ICMP flood and other flood attack.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enable_rst_spoofing Flag to indicate RST spoofing is enabled or not

The flag to indicate RST spoofing is enabled or not. This option does not apply to EDGE components. This can be enabled only if syncache is enabled.		 boolean Default: "False"
enable_syncache Flag to indicate syncache is enabled or not

The flag to indicate syncache is enabled or not. This option does not apply to EDGE components.		 boolean Default: "False"
icmp_active_flow_limit Maximum limit of active icmp connections

The maximum limit of active icmp connections. If this property is omitted, or set to null, then there is no limit on active icmp connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (10,000) on the specific components.		 integer Minimum: 1
Maximum: 1000000
id Unique identifier of this resource string Sortable
other_active_conn_limit Maximum limit of other active connections besides udp, icmp and tcp half open connections

The maximum limit of other active connections besides udp, icmp and half open tcp connections. If this property is omitted, or set to null, then there is no limit on other active connections besides udp, icmp and tcp half open connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (10,000) on the specific components.		 integer Minimum: 1
Maximum: 1000000
resource_type Must be set to the value FirewallFloodProtectionProfile string Required
Enum: FirewallSessionTimerProfile, FirewallCpuMemThresholdsProfile, FirewallFloodProtectionProfile, FirewallDnsProfile
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_half_open_conn_limit Maximum limit of half open tcp connections

The maximum limit of tcp half open connections. If this property is omitted, or set to null, then there is no limit on active tcp half open connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (1,000,000) on the specific components.		 integer Minimum: 1
Maximum: 1000000
udp_active_flow_limit Maximum limit of active udp connections

The maximum limit of active udp connections. If this property is omitted, or set to null, then there is no limit on active udp connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (100,000) on the specific component.		 integer Minimum: 1
Maximum: 1000000

FirewallGlobalConfig (schema)

NSX global configs for Distributed Firewall

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
global_addrset_mode_enabled A flag to indicate if global address set is enabled in DFW

When this flag is set to true, global address set is enabled in Distributed Firewall.		 boolean Default: "True"
global_fastpath_mode_enabled A flag to indicate if fast path searching is enabled in DFW

When this flag is set to true, fast path searching is enabled in Distributed Firewall.		 boolean Default: "True"
id Unique identifier of this resource string Sortable
resource_type Must be set to the value FirewallGlobalConfig GlobalConfigType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

FirewallInsertParameters (schema)

Parameters to tell where rule/section need to be added. All the params take rule/section Id.

Name Description Type Notes
id Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'. string Maximum length: 64
operation Operation string Enum: insert_top, insert_bottom, insert_after, insert_before
Default: "insert_top"

FirewallListRequestParameters (schema)

Parameters to filter list of sections/rules.

Pagination and Filtering parameters to get only a subset of sections/rules.

Name Description Type Notes
applied_tos AppliedTo's referenced by this section or section's Distributed Service Rules .

Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
context_profiles Limits results to sections having rules with specific Context Profiles.

The context profile value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.		 string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
deep_search Toggle to search with direct or indirect references.

This parameter allows firewall API to search and filter results when references in appliedtos are either directly used in rule/section or indirectly in another container which is used in rule/section. Currently param support is only for LogicalPort. Ignores search_invalid_references to reduce heavy check.		 boolean Default: "False"
destinations Destinations referenced by this section's Distributed Service Rules .

The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
extended_sources Limits results to sections having rules with specific Extended Sources.

The extended source value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.		 string
filter_type Filter type

Filter type defines matching criteria to qualify a rule in result. Type
'FILTER' will ensure all criterias (sources, destinations, services,
extended sources, context profiles, appliedtos) are matched. Type
'SEARCH' will match any of the given criteria.
string Enum: FILTER, SEARCH
Default: "FILTER"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
search_invalid_references Return invalid references in results.

Used in conjunction with filter_type to find invalid i.e. non nonexistent references in given criteria (sources, destinations, extended sources, services, context profiles, applied_tos).		 boolean Default: "False"
services NSService referenced by this section's Distributed Service Rules .

Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
sort_ascending boolean
sort_by Field by which records are sorted string
sources Sources referenced by this section's Distributed Service Rules .

The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string

FirewallProfileListParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
resource_type Profile resource type

Profile resource type		 string Required
sort_ascending boolean
sort_by Field by which records are sorted string

FirewallProfileListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of the firewall profiles

List of firewall profiles.		 array of BaseFirewallProfile
(Abstract type: pass one of the following concrete types)
FirewallCpuMemThresholdsProfile
FirewallDnsProfile
FirewallFloodProtectionProfile
FirewallSessionTimerProfile		 Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

FirewallRule (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_owner Owner of this resource OwnerResourceLink Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
action Action

Action enforced on the packets which matches the distributed service rule. Currently DS Layer supports below actions. ALLOW - Forward any packet when a rule with this action gets a match (Used by Firewall). DROP - Drop any packet when a rule with this action gets a match. Packets won't go further(Used by Firewall). REJECT - Terminate TCP connection by sending TCP reset for a packet when a rule with this action gets a match (Used by Firewall). REDIRECT - Redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DO_NOT_REDIRECT - Do not redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion).		 string Required
Enum: ALLOW, DROP, REJECT, REDIRECT, DO_NOT_REDIRECT
applied_tos AppliedTo List

List of object where rule will be enforced. The section level field overrides this one. Null will be treated as any.		 array of ResourceReference Maximum items: 128
context_profiles Context Profiles

NS Profile object which accepts attributes and sub-attributes of various network services (ex. L7 AppId, domain name, encryption algorithm) as key value pairs.		 array of ResourceReference Maximum items: 128
description Description of this resource string Maximum length: 1024
Sortable
destinations Destination List

List of the destinations. Null will be treated as any.		 array of ResourceReference Maximum items: 128
destinations_excluded Negation of destination

Negation of the destination.		 boolean Default: "False"
direction Rule direction

Rule direction in case of stateless distributed service rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.		 string Enum: IN, OUT, IN_OUT
Default: "IN_OUT"
disabled Rule enable/disable flag

Flag to disable rule. Disabled will only be persisted but never provisioned/realized.		 boolean Default: "False"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
extended_sources Extended Sources

List of NSGroups that have end point attributes like AD Groups(SID), process name, process hash etc. For Flash release, only NSGroups containing AD Groups are supported.		 array of ResourceReference Maximum items: 128
id Identifier of the resource string Readonly
ip_protocol IPv4 vs IPv6 packet type

Type of IP packet that should be matched while enforcing the rule.		 string Enum: IPV4, IPV6, IPV4_IPV6
Default: "IPV4_IPV6"
is_default Default rule

Flag to indicate whether rule is default.		 boolean Readonly
logged Enable logging flag

Flag to enable packet logging. Default is disabled.		 boolean Default: "False"
notes Notes

User notes specific to the rule.		 string Maximum length: 2048
priority Rule priority

Priority of the rule.		 integer Readonly
resource_type Must be set to the value FirewallRule string
rule_tag Tag

User level field which will be printed in CLI and packet logs.		 string Maximum length: 32
section_id Section Id

Section Id of the section to which this rule belongs to.		 string Readonly
services Service List

List of the services. Null will be treated as any.		 array of FirewallService Maximum items: 128
sources Source List

List of sources. Null will be treated as any.		 array of ResourceReference Maximum items: 128
sources_excluded Negation of source

Negation of the source.		 boolean Default: "False"

FirewallRuleList (schema)

Name Description Type Notes
rules List of the firewall rules

List of firewall rules in the section. Only homogenous rules are supported.		 array of FirewallRule Required
Maximum items: 1000

FirewallRuleListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Firewall rule list result

Firewall rule list result with pagination support.		 array of FirewallRule Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

FirewallSection (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
applied_tos AppliedTo List

List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.		 array of ResourceReference Maximum items: 128
autoplumbed Tells if a section is auto-plumbed or not

This flag indicates whether it is an auto-plumbed section that is associated to a LogicalRouter. Auto-plumbed sections are system owned and cannot be updated via the API.		 boolean Readonly
Default: "False"
comments Section lock/unlock comments

Comments for section lock/unlock.		 string Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enforced_on Firewall Section Enforcement type

This attribute represents enforcement point of firewall section. For example, firewall section enforced on logical port with attachment type bridge endpoint will have 'BRIDGEENDPOINT' value, firewall section enforced on logical router will have 'LOGICALROUTER' value and rest have 'VIF' value.		 string Readonly
id Unique identifier of this resource string Sortable
is_default Default section flag

It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.		 boolean Readonly
lock_modified_by Lock modified by user

ID of the user who last modified the lock for the section.		 string Readonly
lock_modified_time Section locked/unlocked time

Section locked/unlocked time in epoch milliseconds.		 EpochMsTimestamp Readonly
locked Section Locked

Section is locked/unlocked.		 boolean Readonly
Default: "False"
priority Section priority

Priority of current section with respect to other sections. In case the field is empty, the list section api should be used to get section priority.		 integer Readonly
resource_type Must be set to the value FirewallSection string
rule_count Rule count

Number of rules in this section.		 integer Readonly
section_type Section Type

Type of the rules which a section can contain. Only homogeneous sections are supported.		 string Required
Enum: LAYER2, LAYER3, L3REDIRECT
stateful Stateful nature of the distributed service rules in the section.

Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.		 boolean Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_strict TCP Strict

If TCP strict is enabled on a section and a packet matches rule in it, the following check will be performed. If the packet does not belong to an existing session, the kernel will check to see if the SYN flag of the packet is set. If it is not, then it will drop the packet.		 boolean Default: "False"

FirewallSectionFilterParameters (schema)

Parameters to filter section from list of sections

Pagination and Filtering parameters to get only a subset of sections.

Name Description Type Notes
applied_tos AppliedTo's referenced by this section or section's Distributed Service Rules .

Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
context_profiles Limits results to sections having rules with specific Context Profiles.

The context profile value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.		 string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
deep_search Toggle to search with direct or indirect references.

This parameter allows firewall API to search and filter results when references in appliedtos are either directly used in rule/section or indirectly in another container which is used in rule/section. Currently param support is only for LogicalPort. Ignores search_invalid_references to reduce heavy check.		 boolean Default: "False"
destinations Destinations referenced by this section's Distributed Service Rules .

The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
enforced_on Limit result to sections having a specific kind of enforcement point

Used to filter out results based on enforcement point of the section. If this parameter is BRIDGEENDPOINT, then return firewall sections enfored on logical port with attachment type bridgeendpoint. For LOGICALROUTER, then firewall sections enforced on Logical Router are returned. For VIF, other firewall sections are returned. Other values are not supported.		 AttachmentTypeQueryString
exclude_applied_to_type Limit result to sections not having a specific AppliedTo type

Used to filter out sections not having a specified AppliedTo target type. This parameter cannot be used along with include_applied_to_type parameter. Section filter only takes a single value for this param.		 DSAppliedToType
extended_sources Limits results to sections having rules with specific Extended Sources.

The extended source value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.		 string
filter_type Filter type

Filter type defines matching criteria to qualify a rule in result. Type
'FILTER' will ensure all criterias (sources, destinations, services,
extended sources, context profiles, appliedtos) are matched. Type
'SEARCH' will match any of the given criteria.
string Enum: FILTER, SEARCH
Default: "FILTER"
include_applied_to_type Limit result to sections having a specific AppliedTo type

Used to filter out results based on target type of a section's AppliedTo. Only sections with matching target type in its applied to will be returned. This parameter cannot be used along with exclude_applied_to_type parameter.Section filter only takes a single value for this param.		 DSAppliedToType
included_fields Comma separated list of fields that should be included in query result string
locked Limit results to sections which are locked/unlocked

Used to filter out locked or unlocked sections.		 boolean
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
search_invalid_references Return invalid references in results.

Used in conjunction with filter_type to find invalid i.e. non nonexistent references in given criteria (sources, destinations, extended sources, services, context profiles, applied_tos).		 boolean Default: "False"
search_scope Limit result to sections of a specific enforcement point

This parameter can be used to limit the search scope to certain firewalls. It can be the value of an appliedTo of a bridge port firewall or an edge firewal. Results will include sections only from that bridge port firewall or edge firewall. For example, if the identifier of a bridge port is given, the search result will only contain the sections of that bridge port firewall. If the identifier of logical router is given, the search result will only contain the sections of that edge firewall.		 string
services NSService referenced by this section's Distributed Service Rules .

Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
sort_ascending boolean
sort_by Field by which records are sorted string
sources Sources referenced by this section's Distributed Service Rules .

The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
type Section Type

Section Type with values layer2 or layer3		 string Enum: LAYER2, LAYER3
Default: "LAYER3"

FirewallSectionListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Section list

List of the firewall sections. The list has to be homogenous.		 array of FirewallSection Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

FirewallSectionLock (schema)

Name Description Type Notes
comments Comments

Comments for section lock/unlock.		 string Required
Minimum length: 4
Maximum length: 4096
section_revision Section revision

Revision of the section.		 integer Required

FirewallSectionRuleList (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
applied_tos AppliedTo List

List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.		 array of ResourceReference Maximum items: 128
autoplumbed Tells if a section is auto-plumbed or not

This flag indicates whether it is an auto-plumbed section that is associated to a LogicalRouter. Auto-plumbed sections are system owned and cannot be updated via the API.		 boolean Readonly
Default: "False"
comments Section lock/unlock comments

Comments for section lock/unlock.		 string Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enforced_on Firewall Section Enforcement type

This attribute represents enforcement point of firewall section. For example, firewall section enforced on logical port with attachment type bridge endpoint will have 'BRIDGEENDPOINT' value, firewall section enforced on logical router will have 'LOGICALROUTER' value and rest have 'VIF' value.		 string Readonly
id Unique identifier of this resource string Sortable
is_default Default section flag

It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.		 boolean Readonly
lock_modified_by Lock modified by user

ID of the user who last modified the lock for the section.		 string Readonly
lock_modified_time Section locked/unlocked time

Section locked/unlocked time in epoch milliseconds.		 EpochMsTimestamp Readonly
locked Section Locked

Section is locked/unlocked.		 boolean Readonly
Default: "False"
priority Section priority

Priority of current section with respect to other sections. In case the field is empty, the list section api should be used to get section priority.		 integer Readonly
resource_type Must be set to the value FirewallSectionRuleList string
rule_count Rule count

Number of rules in this section.		 integer Readonly
rules List of the firewall rules

List of firewall rules in the section. Only homogenous rules are supported.		 array of FirewallRule Required
Maximum items: 1000
section_type Section Type

Type of the rules which a section can contain. Only homogeneous sections are supported.		 string Required
Enum: LAYER2, LAYER3, L3REDIRECT
stateful Stateful nature of the distributed service rules in the section.

Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.		 boolean Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_strict TCP Strict

If TCP strict is enabled on a section and a packet matches rule in it, the following check will be performed. If the packet does not belong to an existing session, the kernel will check to see if the SYN flag of the packet is set. If it is not, then it will drop the packet.		 boolean Default: "False"

FirewallSectionState (schema)

Name Description Type Notes
details Array of configuration state of various sub systems array of ConfigurationStateElement Readonly
failure_code Error code integer Readonly
failure_message Error message in case of failure string Readonly
pending_change_list List of pending changes

Pending changes to be realized.		 array of PendingChange Required
Maximum items: 100
revision_desired Section's desired state revision number

This attribute represents revision number of section's desired state.		 integer Readonly
state Overall state of desired configuration

Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.		 string Required
Readonly
Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED

FirewallSectionsSummary (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
rule_count Rule count

Total number of rules in the section.		 integer Readonly
section_count Section count

Total number of sections for the section type.		 integer Readonly
section_type Section Type

Type of rules which a section can contain.		 FirewallCategory Readonly

FirewallSectionsSummaryList (schema)

Name Description Type Notes
last_compute_time Timestamp of the last computation, in epoch milliseconds. EpochMsTimestamp Readonly
sections_summary List of the firewall sections summary

List of firewall sections summary.		 array of FirewallSectionsSummary Readonly

FirewallService (schema)

Name Description Type Notes
is_valid Target validity

Will be set to false if the referenced NSX resource has been deleted.		 boolean Readonly
service Distributed Service Network and Security Service element

Distributed Service API accepts raw protocol and ports as part of NS service element
in Distributed Service Rule that describes traffic corresponding to an NSService.
NSServiceElement
(Abstract type: pass one of the following concrete types)
ALGTypeNSService
EtherTypeNSService
ICMPTypeNSService
IGMPTypeNSService
IPProtocolNSService
L4PortSetNSService
target_display_name Target display name

Display name of the NSX resource.		 string Readonly
Maximum length: 255
target_id Target ID

Identifier of the NSX resource.		 string Maximum length: 64
target_type Target type

Type of the NSX resource.		 string Maximum length: 255

FirewallSessionTimerProfile (schema)

Firewall Session timeout profile

A profile holding TCP, UDP and ICMP session timeout configuration.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
icmp_error_reply Timeout after ICMP error

The timeout value for the connection after an ICMP error came back in response to an ICMP packet.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "10"
icmp_first_packet First packet connection timeout

The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new ICMP flow.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "20"
id Unique identifier of this resource string Sortable
resource_type Must be set to the value FirewallSessionTimerProfile string Required
Enum: FirewallSessionTimerProfile, FirewallCpuMemThresholdsProfile, FirewallFloodProtectionProfile, FirewallDnsProfile
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_closed Timeout after RST

The timeout value of connection in seconds after one endpoint sends an RST.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "20"
tcp_closing Timeout after first TN

The timeout value of connection in seconds after the first FIN has been sent.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "120"
tcp_established Connection timeout

The timeout value of connection in seconds once the connection has become fully established.		 integer Required
Minimum: 120
Maximum: 4320000
Default: "43200"
tcp_finwait Timeout after FINs exchanged

The timeout value of connection in seconds after both FINs have been exchanged and connection is closed.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "45"
tcp_first_packet Connection timout after first packet

The timeout value of connection in seconds after the first packet has been sent.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "120"
tcp_opening Connection timout after second packet

The timeout value of connection in seconds after a second packet has been transferred.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "30"
udp_first_packet Connection timout after first packet

The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new UDP flow.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "60"
udp_multiple Timeout after hosts sent packet

The timeout value of connection in seconds if both hosts have sent packets.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "60"
udp_single Connection timeout for destination

The timeout value of connection in seconds if the source host sends more than one packet but the destination host has never sent one back.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "30"

FirewallStats (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
byte_count Bytes count

Aggregated number of bytes processed by the rule.		 integer Readonly
hit_count Hits count

Aggregated number of hits received by the rule.		 integer Readonly
max_popularity_index The maximum popularity index

Maximum value of popularity index of all firewall rules of the type. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.		 integer Readonly
max_session_count Maximum sessions count

Maximum value of sessions count of all firewall rules of the type. This is aggregated statistic which are computed with lower frequency compared to generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.		 integer Readonly
packet_count Packets count

Aggregated number of packets processed by the rule.		 integer Readonly
popularity_index The index of the popularity of firewall rule

This is calculated by sessions count divided by age of the rule.		 integer Readonly
rule_id Firewall rule Id

Rule Identifier of the Firewall rule. This is a globally unique number.		 string Readonly
session_count Sessions count

Aggregated number of sessions processed by the rule.		 integer Readonly
total_session_count Total sessions count

Aggregated number of sessions processed by the all firewall rules. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.		 integer Readonly

FirewallStatsList (schema)

Name Description Type Notes
result_count Firewall rules stats count

Total count for firewall rule statistics in results set		 integer Required
Readonly
results Firewall rules stats

List of rule statistics		 array of FirewallStats Readonly
Maximum items: 1000
section_id Firewall section ID

Corresponding firewall section identifier for list of rule statistics		 string Required
Readonly

FirewallStatus (schema)

Firewall Status Response

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
context Firewall Context Type

Types of firewall contexts.		 FirewallContextType Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
global_status Firewall Status Type

Firewall status for a fabric entity or in global context where firewall is supported.		 FirewallStatusType Required
id Unique identifier of this resource string Sortable
resource_type Must be set to the value FirewallStatus string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
target_statuses List of target resource status

List of firewall status on various target logical resources. This will override the global status of corresponding firewall context (e.g it will override the gloabal status of logical_routers).		 array of TargetResourceStatus

FirewallStatusListResult (schema)

Firewall Statuses

List of firewall statuses for a context or all context

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results array of FirewallStatus Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

FirewallStatusType (schema)

Firewall Status Type

Types of firewall statuses representing state of DFW for a context type (e.g. transport_nodes).

Name Description Type Notes
FirewallStatusType Firewall Status Type

Types of firewall statuses representing state of DFW for a context type (e.g. transport_nodes).		 string Enum: DISABLED, ENABLED

FloodProtectionProfile (schema)

Flood Protection profile

A profile holding TCP, UDP and ICMP and other protcol connection limits. This is an abstract type. Concrete child types:
DistributedFloodProtectionProfile
GatewayFloodProtectionProfile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
icmp_active_flow_limit Active ICMP connections limit

If this field is empty, firewall will not set a limit to active ICMP connections.		 integer Minimum: 1
Maximum: 1000000
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
other_active_conn_limit Timeout after first TN

If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections.		 integer Minimum: 1
Maximum: 1000000
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value FloodProtectionProfile FloodProtectionProfileResourceType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_half_open_conn_limit Active half open TCP connections limit

If this field is empty, firewall will not set a limit to half open TCP connections.		 integer Minimum: 1
Maximum: 1000000
udp_active_flow_limit Active UDP connections limit

If this field is empty, firewall will not set a limit to active UDP connections.		 integer Minimum: 1
Maximum: 1000000

FloodProtectionProfileBindingListResult (schema)

Paged Collection of flood protection profile binding maps

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Flood protection profile binding maps list results array of FloodProtectionProfileBindingMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

FloodProtectionProfileBindingMap (schema)

Policy Flood Protection Profile binding map

This entity will be used to establish association between Flood Protection
profile and Logical Routers.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
profile_path Profile Path

PolicyPath of associated Profile		 string Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value FloodProtectionProfileBindingMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

FloodProtectionProfileListRequestParameters (schema)

Flood Protection profile list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

FloodProtectionProfileListResult (schema)

Paged Collection of flood protection profiles

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Flood protection profile list results array of FloodProtectionProfile
(Abstract type: pass one of the following concrete types)
DistributedFloodProtectionProfile
GatewayFloodProtectionProfile		 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

FloodProtectionProfileResourceType (schema)

Resource types of flood protection profiles

GatewayFloodProtectionProfile is used for all Tier0 and Tier1 gateways.
DistributedFloodProtectionProfile is used for all Transport Nodes.

Name Description Type Notes
FloodProtectionProfileResourceType Resource types of flood protection profiles

GatewayFloodProtectionProfile is used for all Tier0 and Tier1 gateways.
DistributedFloodProtectionProfile is used for all Transport Nodes.
string Enum: GatewayFloodProtectionProfile, DistributedFloodProtectionProfile

Footer (schema)

Widget Footer

Footer of a widget that provides additional information or allows an action such as clickable url for navigation. An example usage of footer is provided under 'example_request' section of 'CreateWidgetConfiguration' API.

Name Description Type Notes
actions Footer Actions

Action to be performed at the footer of a widget. An action at the footer can be simple text description or a hyperlink to a UI page. Action allows a clickable url for navigation. An example usage of footer action is provided under 'example_request' section of 'CreateWidgetConfiguration' API.		 array of FooterAction Minimum items: 0
condition Expression for evaluating condition

If the condition is met then the footer will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.		 string Maximum length: 1024

FooterAction (schema)

Widget Footer Action

Action specified at the footer of a widget to provide additional information or to provide a clickable url for navigation. An example usage of footer action is provided under the 'example_request' section of 'CreateWidgetConfiguration' API.

Name Description Type Notes
dock_to_container_footer Dock the footer at container

If true, the footer will appear in the underlying container that holds the widget.		 boolean Default: "True"
label Label for action

Label to be displayed against the footer action.		 Label Required
url Clickable hyperlink, if any

Hyperlink to the UI page that provides details of action.		 string Maximum length: 1024

ForceRevisionCheckRequestParameter (schema)

Parameter to enforce revision check before updating objects

Forces revision check before updating

Name Description Type Notes
enforce_revision_check Force revision check

If this is set to true, each child object in the request needs to have
_revision property set correctly. System will honor the revision
numbers while updating the resources.
boolean Default: "False"

ForwarderZone (schema)

Name Description Type Notes
source_ip Source ip of the forwarder

The source ip used by the fowarder of the zone. If no source ip
specified, the ip address of listener of the DNS forwarder will
be used.
IPv4Address
upstream_servers Ips of upsteam DNS servers

Ip address of the upstream DNS servers the DNS forwarder accesses.
array of IPv4Address Required
Minimum items: 1
Maximum items: 3

ForwardingPolicy (schema)

Forwarding Policy

Contains ordered list of forwarding rules that determine when to
forward traffic to / from the underlay for accessing cloud native services.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
category A way to classify a security policy, if needed.

- Distributed Firewall -
Policy framework provides five pre-defined categories for classifying
a security policy. They are "Ethernet","Emergency", "Infrastructure"
"Environment" and "Application". There is a pre-determined order in
which the policy framework manages the priority of these security
policies. Ethernet category is for supporting layer 2 firewall rules.
The other four categories are applicable for layer 3 rules. Amongst
them, the Emergency category has the highest priority followed by
Infrastructure, Environment and then Application rules. Administrator
can choose to categorize a security policy into the above categories
or can choose to leave it empty. If empty it will have the least
precedence w.r.t the above four categories.
- Edge Firewall -
Policy Framework for Edge Firewall provides six pre-defined categories
"Emergency", "SystemRules", "SharedPreRules", "LocalGatewayRules",
"AutoServiceRules" and "Default", in order of priority of rules.
All categories are allowed for Gatetway Policies that belong
to 'default' Domain. However, for user created domains, category is
restricted to "SharedPreRules" or "LocalGatewayRules" only. Also, the
users can add/modify/delete rules from only the "SharedPreRules" and
"LocalGatewayRules" categories. If user doesn't specify the category
then defaulted to "Rules". System generated category is used by NSX
created rules, for example BFD rules. Autoplumbed category used by
NSX verticals to autoplumb data path rules. Finally, "Default" category
is the placeholder default rules with lowest in the order of priority.
string
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
comments SecurityPolicy lock/unlock comments

Comments for security policy lock/unlock.		 string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
lock_modified_by User who locked the security policy

ID of the user who last modified the lock for the secruity policy.
string Readonly
lock_modified_time SecuirtyPolicy locked/unlocked time

SecurityPolicy locked/unlocked time in epoch milliseconds.		 EpochMsTimestamp Readonly
locked Lock a security policy

Indicates whether a security policy should be locked. If the
security policy is locked by a user, then no other user would
be able to modify this security policy. Once the user releases
the lock, other users can update this security policy.
boolean Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value ForwardingPolicy string
rules Rules that are a part of this ForwardingPolicy array of ForwardingRule
scope The list of group paths where the rules in this policy will get
applied. This scope will take precedence over rule level scope.
Supported only for security policies.
array of string Maximum items: 128
sequence_number Sequence number to resolve conflicts across Domains

This field is used to resolve conflicts between security policies
across domains. In order to change the sequence number of a policy
one can fire a POST request on the policy entity with
a query parameter action=revise
The sequence number field will reflect the value of the computed
sequence number upon execution of the above mentioned POST request.
For scenarios where the administrator is using a template to update
several security policies, the only way to set the sequence number is
to explicitly specify the sequence number for each security policy.
int Minimum: 0
stateful Stateful nature of the entries within this security policy.

Stateful or Stateless nature of security policy is enforced on all
rules in this security policy. When it is stateful, the state of
the network connects are tracked and a stateful packet inspection is
performed.
Layer3 security policies can be stateful or stateless. By default, they are stateful.
Layer2 security policies can only be stateless.
boolean
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_strict Enforce strict tcp handshake before allowing data packets

Ensures that a 3 way TCP handshake is done before the data packets
are sent.
tcp_strict=true is supported only for stateful security policies.
boolean

ForwardingPolicyListResult (schema)

Paged Collection of ForwardingPolicy objects

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results ForwardingPolicy list results array of ForwardingPolicy Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ForwardingRule (schema)

Forwarding rule

Forwarding rule that determine how to forward traffic from a VM.
Traffic from VM can either be routed via Overlay or Underlay when VM is on hybrid port.
Additionally NAT can be performed for VM or container on overlay to route traffic to/from underlay
ROUTE_TO_UNDERLAY - Access a service on underlay space from a VM connected to hybrid port. Eg access to AWS S3 on AWS underlay
ROUTE_TO_OVERLAY - Access a service on overlay space from a VM connected to hybrid port.
ROUTE_FROM_UNDERLAY - Access a service hosted on a VM (that is connected to hybrid port) from underlay space. Eg access from AWS ELB to VM
ROUTE_FROM_OVERLAY - Access a service hosted on a VM (that is connected to hybrid port) from overlay space
NAT_FROM_UNDERLAY - Access a service on overlay VM/container from underlay space using DNAT from underlay IP to overlay IP
NAT_TO_UNDERLAY - Access an underlay service from a VM/container on overlay space using SNAT from overlay IP to underlay IP

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
action Action

The action to be applied to all the services
string Enum: ROUTE_TO_UNDERLAY, ROUTE_TO_OVERLAY, ROUTE_FROM_UNDERLAY, ROUTE_FROM_OVERLAY, NAT_FROM_UNDERLAY, NAT_TO_UNDERLAY
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
destination_groups Destination group paths

We need paths as duplicate names may exist for groups under different
domains.In order to specify all groups, use the constant "ANY". This
is case insensitive. If "ANY" is used, it should be the ONLY element
in the group array. Error will be thrown if ANY is used in conjunction
with other values.
array of string Maximum items: 128
destinations_excluded Negation of destination groups

If set to true, the rule gets applied on all the groups that are
NOT part of the destination groups. If false, the rule applies to the
destination groups
boolean Default: "False"
direction Direction

Define direction of traffic.
string Enum: IN, OUT, IN_OUT
Default: "IN_OUT"
disabled Flag to disable the rule

Flag to disable the rule. Default is enabled.		 boolean Default: "False"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_protocol IPv4 vs IPv6 packet type

Type of IP packet that should be matched while enforcing the rule.
The value is set to IPV4_IPV6 for Layer3 rule if not specified.
For Layer2/Ether rule the value must be null.
string Enum: IPV4, IPV6, IPV4_IPV6
logged Enable logging flag

Flag to enable packet logging. Default is disabled.		 boolean Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
notes Text for additional notes on changes

Text for additional notes on changes.		 string Maximum length: 2048
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
profiles Layer 7 service profiles

Holds the list of layer 7 service profile paths. These profiles accept
attributes and sub-attributes of various network services
(e.g. L4 AppId, encryption algorithm, domain name, etc) as key value
pairs.
array of string Maximum items: 128
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value ForwardingRule string
scope The list of policy paths where the rule is applied
LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied
on multiple LRs/LRPs.
array of string Maximum items: 128
sequence_number Sequence number of the this Rule

This field is used to resolve conflicts between multiple
Rules under Security or Gateway Policy for a Domain
int Minimum: 0
services Names of services

In order to specify all services, use the constant "ANY".
This is case insensitive. If "ANY" is used, it should
be the ONLY element in the services array. Error will be thrown
if ANY is used in conjunction with other values.
array of string Maximum items: 128
source_groups Source group paths

We need paths as duplicate names may exist for groups under different
domains. In order to specify all groups, use the constant "ANY". This
is case insensitive. If "ANY" is used, it should be the ONLY element
in the group array. Error will be thrown if ANY is used in conjunction
with other values.
array of string Maximum items: 128
sources_excluded Negation of source groups

If set to true, the rule gets applied on all the groups that are
NOT part of the source groups. If false, the rule applies to the
source groups
boolean Default: "False"
tag Tag applied on the rule

User level field which will be printed in CLI and packet logs.
string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ForwardingRuleListRequestParameters (schema)

ForwardingRule list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ForwardingRuleListResult (schema)

Paged Collection of ForwardingRules

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Rule list results array of ForwardingRule Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

GatewayConfig (schema)

Gateway configuration

Stores gateway configuration like nsx_manager_connection,
default_quarantine_policy_enabled and is_ha_enabled.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cloud_fallback_security_group_id Id of cloud security group

Id of security group where the VMs should be moved after last gateway
undeployed.
string
default_quarantine_policy_enabled Flag to identify if default quarantine policy is enabled boolean Default: "False"
dns_settings DNS settings

Settings related to Cloud gateway DNS configuration. This determines
DNS configuration based on dns_mode.
DnsSettings
is_ha_enabled Flag to identify if HA is enabled boolean
managed_without_agents Managed Without NSX Agents

This flag determines if this virtual private cloud is managed with or
without NSX agents. This flag is applicable only for this network.
If this virtual private cloud is being managed without NSX agents,
quarantine state and threat state will be NOT_APPLICABLE for all the
virtual machines under it.
boolean Default: "False"
nsx_manager_connection NSX Manager connection

Determines if connection to NSX Manager is via public IP or private IP
string Enum: PUBLIC_IP, PRIVATE_IP
proxy_server_profile Id of the proxy server profile

Id of the proxy server profile, corresponding proxy settings
will be applied while deploying the gateway.
string
target_disk_size Target Disk Size

This is the target disk size of the PCG appliance in GB. Based on this
an additional disk is attached to the PCG appliance, if required.
The supported size is 191 GB and this property should only be modified
post upgrade for exisiting PCG appliances.
integer
vpn_service_enabled Flag to enable or disable inter-operation with services via VPN

Flag that will enable or disable inter-operation between NSX and
non-NSX services via VPN.
boolean Default: "True"

GatewayConfigOperationStatus (schema)

Name Description Type Notes
attaching_disks_status Status of attaching disks gateway configuration operation

This property provides the status of attaching disks gateway
configuration operation.
string Readonly
Enum: IN_PROGRESS, SUCCESSFUL, FAILED
error_code Error code for gateway configuration operation failure

Error code for gateway configuration operation failure.
integer Readonly
error_message Error message for gateway configuration operation failure

Error message for gateway configuration operation failure.
string Readonly

GatewayFloodProtectionProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
icmp_active_flow_limit Active ICMP connections limit

If this field is empty, firewall will not set a limit to active ICMP connections.		 integer Minimum: 1
Maximum: 1000000
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
other_active_conn_limit Timeout after first TN

If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections.		 integer Minimum: 1
Maximum: 1000000
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value GatewayFloodProtectionProfile FloodProtectionProfileResourceType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_half_open_conn_limit Active half open TCP connections limit

If this field is empty, firewall will not set a limit to half open TCP connections.		 integer Minimum: 1
Maximum: 1000000
udp_active_flow_limit Active UDP connections limit

If this field is empty, firewall will not set a limit to active UDP connections.		 integer Minimum: 1
Maximum: 1000000

GatewayInstanceStatus (schema)

Gateway instance status

Stores information about gateway instance status

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
configuration_operation_status Status of different gateway configuration operations

This property provides a consolidated status of supported gateway
configuration operations.
GatewayConfigOperationStatus Readonly
deployment_step Different states of gateway deployment string Readonly
Enum: VALIDATING_ENVIRONMENT, COPYING_IMAGE, CREATING_SECURITY_GROUPS, LAUNCHING_GATEWAY, CREATING_NETWORK_INTERFACES, ATTACHING_NETWORK_INTERFACES, ATTACHING_SECURITY_GROUPS, CONFIGURING_GATEWAY, CREATING_LOGICAL_NETWORK_CONSTRUCTS, DEPLOYMENT_SUCCESSFUL, DEPLOYMENT_FAILED, UNCONFIGURING_GATEWAY, RELEASING_EIPS, TERMINATING_GATEWAY, DELETING_SECURITY_GROUPS, DELETING_CLOUD_RESOURCES, UNDEPLOYMENT_SUCCESSFUL, UNDEPLOYMENT_FAILED, NOT_APPLICABLE
error_code Error code for gateway operation failure integer Readonly
error_message Error message for gateway operation failure string Readonly
gateway_ha_index Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway. integer
gateway_instance_id ID of the gateway instance string
gateway_lcp_connectivity_status Gateway to NSX Controller connectivity status

Status of connectivity between NSX controller and public cloud gateway.
string Readonly
Enum: UP, DOWN, DEGRADED, UNKNOWN
gateway_mpa_connectivity_status Gateway to NSX Manager connectivity status

Status of connectivity between NSX manager and public cloud gateway.
string Readonly
Enum: UP, DOWN, UNKNOWN
gateway_name Name of the gateway instance string
gateway_node_id NSX Node ID of the public cloud gateway string
gateway_status Gateway instance status string Readonly
Enum: UP, DOWN, DEPLOYING, NOT_AVAILABLE, UNDEPLOYING
gateway_tn_id NSX transport node id of the public cloud gateway string
is_gateway_active Flag to identify if this is an active gateway boolean Readonly
private_ip Private IP address of the virtual machine string Readonly
public_ip Public IP address of the virtual machine string Readonly
vpn_private_ip VPN Private IP address

Private IP address of the virtual machine for VPN		 string Readonly

GatewayPolicy (schema)

Contains ordered list of Rules for GatewayPolicy

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
category A way to classify a security policy, if needed.

- Distributed Firewall -
Policy framework provides five pre-defined categories for classifying
a security policy. They are "Ethernet","Emergency", "Infrastructure"
"Environment" and "Application". There is a pre-determined order in
which the policy framework manages the priority of these security
policies. Ethernet category is for supporting layer 2 firewall rules.
The other four categories are applicable for layer 3 rules. Amongst
them, the Emergency category has the highest priority followed by
Infrastructure, Environment and then Application rules. Administrator
can choose to categorize a security policy into the above categories
or can choose to leave it empty. If empty it will have the least
precedence w.r.t the above four categories.
- Edge Firewall -
Policy Framework for Edge Firewall provides six pre-defined categories
"Emergency", "SystemRules", "SharedPreRules", "LocalGatewayRules",
"AutoServiceRules" and "Default", in order of priority of rules.
All categories are allowed for Gatetway Policies that belong
to 'default' Domain. However, for user created domains, category is
restricted to "SharedPreRules" or "LocalGatewayRules" only. Also, the
users can add/modify/delete rules from only the "SharedPreRules" and
"LocalGatewayRules" categories. If user doesn't specify the category
then defaulted to "Rules". System generated category is used by NSX
created rules, for example BFD rules. Autoplumbed category used by
NSX verticals to autoplumb data path rules. Finally, "Default" category
is the placeholder default rules with lowest in the order of priority.
string
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
comments SecurityPolicy lock/unlock comments

Comments for security policy lock/unlock.		 string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
lock_modified_by User who locked the security policy

ID of the user who last modified the lock for the secruity policy.
string Readonly
lock_modified_time SecuirtyPolicy locked/unlocked time

SecurityPolicy locked/unlocked time in epoch milliseconds.		 EpochMsTimestamp Readonly
locked Lock a security policy

Indicates whether a security policy should be locked. If the
security policy is locked by a user, then no other user would
be able to modify this security policy. Once the user releases
the lock, other users can update this security policy.
boolean Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value GatewayPolicy string
rules Rules that are a part of this SecurityPolicy array of Rule
scope The list of group paths where the rules in this policy will get
applied. This scope will take precedence over rule level scope.
Supported only for security policies.
array of string Maximum items: 128
sequence_number Sequence number to resolve conflicts across Domains

This field is used to resolve conflicts between security policies
across domains. In order to change the sequence number of a policy
one can fire a POST request on the policy entity with
a query parameter action=revise
The sequence number field will reflect the value of the computed
sequence number upon execution of the above mentioned POST request.
For scenarios where the administrator is using a template to update
several security policies, the only way to set the sequence number is
to explicitly specify the sequence number for each security policy.
int Minimum: 0
stateful Stateful nature of the entries within this security policy.

Stateful or Stateless nature of security policy is enforced on all
rules in this security policy. When it is stateful, the state of
the network connects are tracked and a stateful packet inspection is
performed.
Layer3 security policies can be stateful or stateless. By default, they are stateful.
Layer2 security policies can only be stateless.
boolean
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_strict Enforce strict tcp handshake before allowing data packets

Ensures that a 3 way TCP handshake is done before the data packets
are sent.
tcp_strict=true is supported only for stateful security policies.
boolean

GatewayPolicyListResult (schema)

Paged Collection of gateway policies

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results GatewayPolicy list results array of GatewayPolicy Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

GatewayPublicIp (schema)

Gateway Public IP Information

Stores gateway public IP settings like ip_allocation_mode and ip_address.

Name Description Type Notes
ip_allocation_mode IP Allocation Mode

ALLOCATE_NEW: Allocate new public IP.
USE_EXISTING: Use cloud provider public IP.
DONT_ALLOCATE: Don't allocate any public IP.
string Enum: ALLOCATE_NEW, USE_EXISTING, DONT_ALLOCATE
Default: "ALLOCATE_NEW"
public_ip Public IP Address

Stores IP address from the Azure public IP service.
The IP address will be used ip_allocation_mode is set to USE_EXISTING.
string

GatewayStats (schema)

Gateway statistics

Name Description Type Notes
deploying Gateways with status DEPLOYING

The number of gateways with status DEPLOYING.		 integer Readonly
down Gateways with status DOWN

The number of gateways with status DOWN.		 integer Readonly
up Gateways with status UP

The number of gateways with status UP.		 integer Readonly

GenericDhcpOption (schema)

Generic DHCP option

Define DHCP options other than option 121.

Name Description Type Notes
code DHCP option code, [0-255]

Code of the dhcp option.		 integer Required
Minimum: 0
Maximum: 255
values DHCP option value

Value of the option.		 array of string Required
Minimum items: 1
Maximum items: 10

GenericPolicyRealizedResource (schema)

Generic realized entity

Represents realized entity

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
entity_type Type of realized entity string Readonly
extended_attributes Collection of type specific properties array of AttributeVal Readonly
id Unique identifier of this resource string Sortable
intent_paths Collection of intent paths array of string Readonly
intent_reference Desire state paths of this object array of string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value GenericPolicyRealizedResource string
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

GenericPolicyRealizedResourceListRequestParameters (schema)

GenericPolicyRealizedResource list request parameters

GenericPolicyRealizedResource list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

GenericPolicyRealizedResourceListResult (schema)

GenericPolicyRealizedResource list result

GenericPolicyRealizedResource list result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of GenericPolicyRealizedResources

List of realized resources		 array of GenericPolicyRealizedResource
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

GetCertParameter (schema)

Name Description Type Notes
details whether to expand the pem data and show all its details boolean Default: "False"

GiServiceProfile (schema)

GI sepcific Service Profile

GI Specific service profile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value GiServiceProfile string Required
service_id Service Id

The service to which the service profile belongs.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
vendor_template_id Vendor template Id

ID of the vendor template, created by partner while registering the service.		 string Required
vendor_template_key Vendor template key

Different VMs in data center can have Different protection levels as specified by administrator in the policy. The identifier for the policy with which the partner appliance identifies this policy. This identifier will be passed to the partner appliance at runtime to specify which protection level is applicable for the VM being protected.		 string Readonly

GlobalCollectionConfiguration (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
aggregated_data_collection_frequency Aggregated Data Collection Frequency In Seconds

The frequency in seconds at which data, which is subject to the aggregation function, is collected.		 integer Required
Minimum: 60
Maximum: 86400
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
is_data_collection_enabled Is data collection enabled

Indicates whether data collection required by the aggregation service is enabled. If false, no aggregation service data will be collected. Changing this property will not affect the existing data collection frequency settings.		 boolean Required
modified_feature_stack_collection_configurations Modified feature stack collection configurations

The list of the locally modified feature stack data collection frequency settings. If all feature stack data collection configurations are set to their default values, this list will be empty.		 FeatureStackCollectionConfigurationList Readonly
resource_type Must be set to the value GlobalCollectionConfiguration string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

GlobalConfig (schema)

Global configuration

Global configuration

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fips FIPS enabled config

Contains the FIPSGlobalConfig object.
FIPSGlobalConfig
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
mtu MTU size

Maximum transmission unit (MTU) specifies the size of the largest
packet that a network protocol can transmit.
int Minimum: 1280
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value GlobalConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

GlobalConfigType (schema)

Valid Global configuration types

Name Description Type Notes
GlobalConfigType Valid Global configuration types string Enum: SwitchingGlobalConfig, RoutingGlobalConfig, OperationCollectorGlobalConfig, FirewallGlobalConfig, EsxGlobalOpaqueConfig, SecurityGlobalConfig, FipsGlobalConfig

GlobalConfigs (schema)

Abstract base type for Global configurations of different types

The GlobalConfigs is the base class for global configurations for
different types in a NSX domain.
This is an abstract type. Concrete child types:
EsxGlobalOpaqueConfig
FipsGlobalConfig
FirewallGlobalConfig
OperationCollectorGlobalConfig
RoutingGlobalConfig
SecurityGlobalConfig
SwitchingGlobalConfig

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value GlobalConfigs GlobalConfigType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

GlobalConfigsListResult (schema)

Global configurations query result

A list of global configurations grouped by their types

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Domain specific global configuration. array of GlobalConfigs
(Abstract type: pass one of the following concrete types)
EsxGlobalOpaqueConfig
FipsGlobalConfig
FirewallGlobalConfig
OperationCollectorGlobalConfig
RoutingGlobalConfig
SecurityGlobalConfig
SwitchingGlobalConfig
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

GlobalRestoreStatus (schema)

Overall restore process status

Name Description Type Notes
description A description of the restore status string Required
Readonly
value Global rolled-up restore status value string Required
Readonly
Enum: INITIAL, SUCCESS, FAILED, RUNNING, SUSPENDED_BY_USER, SUSPENDED_FOR_USER_ACTION, SUSPENDED, ABORTED

GracefulRestartConfig (schema)

BGP Graceful Restart Configuration

BGP Graceful Restart configuration parameters

Name Description Type Notes
graceful_restart_mode Graceful Restart Mode

BGP Graceful Restart mode		 GracefulRestartMode Default: "HELPER_ONLY"
graceful_restart_timer Graceful Restart Timer

Graceful Restart timers configuration		 GracefulRestartTimer

GracefulRestartMode (schema)

BGP Graceful Restart modes.
DISABLE Disables Graceful Restart capability.
HELPER_ONLY Enables as Helper only in Graceful Restart mechanism.
GR_AND_HELPER Enables Graceful Restart capability along with HELPER mode.

Name Description Type Notes
GracefulRestartMode BGP Graceful Restart modes.
DISABLE Disables Graceful Restart capability.
HELPER_ONLY Enables as Helper only in Graceful Restart mechanism.
GR_AND_HELPER Enables Graceful Restart capability along with HELPER mode.
string Enum: DISABLE, HELPER_ONLY, GR_AND_HELPER

GracefulRestartTimer (schema)

BGP Graceful Restart Timer

BGP Graceful Restart timers configuration

Name Description Type Notes
restart_timer Restart Timer

Maximum time BGP speaker will take for the BGP session to be
re-established after a restart. Ranges from 1 sec to 3600 sec.
This can be used to speed up routing convergence by its peer in
case that the BGP speaker does not come back after a restart.
If the session does not get re-established within the "Restart Time"
that the Restarting Speaker advertised previously, the Receiving
Speaker will delete all the stale routes from that peer.
integer Minimum: 1
Maximum: 3600
Default: "180"
stale_timer Stale Timer

Maximum time before stale routes are removed from the RIB when the
local BGP process restarts. Ranges from 1 sec to 3600 sec.
integer Minimum: 1
Maximum: 3600
Default: "600"

GraphConfiguration (schema)

Graph Configuration

Represents configuration of a graph widget

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
axes Axes of a graph Axes
datasources Array of Datasource Instances with their relative urls

The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.		 array of Datasource Minimum items: 0
description Description of this resource string Maximum length: 1024
Sortable
display_name Widget Title

Title of the widget. If display_name is omitted, the widget will be shown without a title.		 string Maximum length: 255
display_x_value Show or hide the value of a point on X axis

If true, value of a point is shown as label on X axis. If false, value of point is not shown as label on X axis. false can be useful in situations where there are too many points and showing the X value as label can clutter the X axis.		 boolean Default: "False"
drilldown_id Id of drilldown widget

Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.		 string Maximum length: 255
footer Footer
graphs Graphs array of GraphDefinition Required
Minimum items: 1
icons Icons

Icons to be applied at dashboard for widgets and UI elements.		 array of Icon
id Unique identifier of this resource string Sortable
is_drilldown Set as a drilldown widget

Set to true if this widget should be used as a drilldown.		 boolean Default: "False"
legend Legend for the widget

Legend to be displayed. If legend is not needed, do not include it.		 Legend
navigation Navigation to a specified UI page

Hyperlink of the specified UI page that provides details.		 string
resource_type Must be set to the value GraphConfiguration string Required
Readonly
Enum: LabelValueConfiguration, DonutConfiguration, MultiWidgetConfiguration, ContainerConfiguration, StatsConfiguration, GridConfiguration, GraphConfiguration
Maximum length: 255
shared Visiblity of widgets to other users

Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.		 boolean Deprecated
sub_type Subtype of a graph

Describes the the type of graph. LINE_GRAPH shows a line graph chart BAR_GRAPH shows a simple bar graph chart STACKED_BAR_GRAPH shows a stacked bar graph chart		 string Enum: LINE_GRAPH, BAR_GRAPH, STACKED_BAR_GRAPH
Default: "BAR_GRAPH"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
weight Weightage or placement of the widget or container

Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.		 int Deprecated

GraphDefinition (schema)

Definition of a graph

Defines a graph

Name Description Type Notes
label Label of a graph

Describes the graph. It labels the entities of graph. If the label is not provided then it is not shown for a graph. For example, for a single graph, the title of widget can describe the graph and a label may not be necessary to be shown.		 Label
point_definition Definition for points of a graph

Defines the points of a graph.		 PointDefinition Required
render_configuration Render Configuration

Additional rendering or conditional evaluation of the field values to be performed, if any.		 array of RenderConfiguration Minimum items: 0

GridConfiguration (schema)

Grid Configuration

Represents configuration of a Grid or Table widget.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
columns Columns

Array of columns of a Grid widget		 array of ColumnItem Required
datasources Array of Datasource Instances with their relative urls

The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.		 array of Datasource Minimum items: 0
description Description of this resource string Maximum length: 1024
Sortable
display_name Widget Title

Title of the widget. If display_name is omitted, the widget will be shown without a title.		 string Maximum length: 255
drilldown_id Id of drilldown widget

Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.		 string Maximum length: 255
footer Footer
icons Icons

Icons to be applied at dashboard for widgets and UI elements.		 array of Icon
id Unique identifier of this resource string Sortable
is_drilldown Set as a drilldown widget

Set to true if this widget should be used as a drilldown.		 boolean Default: "False"
legend Legend for the widget

Legend to be displayed. If legend is not needed, do not include it.		 Legend
page_size Page Size

Number of records per page. page_size will be effective only when the urls provided in the datasource support paging.		 int Default: "30"
resource_type Must be set to the value GridConfiguration string Required
Readonly
Enum: LabelValueConfiguration, DonutConfiguration, MultiWidgetConfiguration, ContainerConfiguration, StatsConfiguration, GridConfiguration, GraphConfiguration
Maximum length: 255
row_list_fields List of fields from which rows are formed

Rows of grid or table are formed from the list of objects returned by a row list field.		 array of RowListField Required
Minimum items: 1
shared Visiblity of widgets to other users

Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.		 boolean Deprecated
span Horizontal width of grid widget

Represents the horizontal span of the Grid.		 int Default: "2"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
weight Weightage or placement of the widget or container

Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.		 int Deprecated

Group (schema)

Group

Group.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
expression Expression

The expression list must follow below criteria:
1. A non-empty expression list, must be of odd size. In a list, with
indices starting from 0, all non-conjunction expressions must be at
even indices, separated by a conjunction expression at odd
indices.
2. The total of ConditionExpression and NestedExpression in a list
should not exceed 5.
3. The total of IPAddressExpression, MACAddressExpression, external
IDs in an ExternalIDExpression and paths in a PathExpression must not exceed
500.
4. Each expression must be a valid Expression. See the definition of
the Expression type for more information.
array of Expression
(Abstract type: pass one of the following concrete types)
Condition
ConjunctionOperator
ExternalIDExpression
IPAddressExpression
IdentityGroupExpression
MACAddressExpression
NestedExpression
PathExpression
extended_expression Extended Expression

Extended Expression allows additional higher level context to be
specified for grouping criteria. (e.g. user AD group)
This field allow users to specified user context as the source of a
firewall rule for IDFW feature.
Current version only support a single IdentityGroupExpression. In the
future, this might expand to support other conjunction and non-conjunction
expression.

The extended expression list must follow below criteria:
1. Contains a single IdentityGroupExpression. No conjunction expression is
supported.
2. No other non-conjunction expression is supported, except for
IdentityGroupExpression.
3. Each expression must be a valid Expression. See the definition of
the Expression type for more information.
4. Extended expression are implicitly AND with expression.
5. No nesting can be supported if this value is used.
6. If a Group is using extended expression, this group must be the only
member in the source field of an communication map.
array of Expression
(Abstract type: pass one of the following concrete types)
Condition
ConjunctionOperator
ExternalIDExpression
IPAddressExpression
IdentityGroupExpression
MACAddressExpression
NestedExpression
PathExpression		 Maximum items: 1
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Group string
state Realization state of this group string Enum: IN_PROGRESS, SUCCESS, FAILURE
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

GroupDeleteRequestParameters (schema) (Deprecated)

Group delete request parameters

Name Description Type Notes
fail_if_subtree_exists Do not delete if the group subtree has any entities

Check if the group sub-tree has any entities. These primarily include the
binding maps that point to various profiles. If this flag is passed as true,
the group delete fails if any binding maps exist in the group sub-tree.
By default, this flag is false, which means that the group is deleted
along with the group sub-tree.
boolean Default: "False"
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"

GroupInfo (schema)

GroupInfo

GroupInfo contains information about a particular Group used in Redirection Rules. It also contains information about policy path, if the group is created from Policy.

Name Description Type Notes
group Group

Group Data.		 ResourceReference Readonly
group_policy_path Policy path of Group

Policy path of a particular Group.		 string Readonly

GroupListRequestParameters (schema)

Group list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

GroupListResult (schema)

Paged Collection of Groups

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Group list results array of Group Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

GroupMemberTagsList (schema)

Group tags list for a particular member type

Collection of tags used in a policy group for a particular member type

Name Description Type Notes
member_type Member type for which we will list the tags string Required
tags List of tags for the member type array of string Required

GroupMonitoringProfileBindingMap (schema)

Group Monitoring Profile binding map

This entity will be used to establish association between monitoring
profile and Group. Using this entity, you can specify intent for applying
monitoring profile to particular Group. Group with membership criteria vm
only supported as source group. Port mirroring is only supported on group
with five vms.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ipfix_dfw_profile_path IPFIX DFW Profile Path

PolicyPath of associated IPFIX DFW Profile		 string
ipfix_l2_profile_path IPFIX L2 Profile Path

PolicyPath of associated IPFIX L2 Profile		 string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
port_mirroring_profile_path Port Mirroring Profile Path

PolicyPath of associated Port Mirroring Profile		 string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value GroupMonitoringProfileBindingMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

GroupMonitoringProfileBindingMapListRequestParameters (schema)

Group Monitoring Profile Binding Map list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

GroupMonitoringProfileBindingMapListResult (schema)

Paged collection of Group Monitoring Profile Binding Maps

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Group Monitoring Profile Binding Map list results array of GroupMonitoringProfileBindingMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

GroupStatusListRequestParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
has_errors Flag to indicate whether to return only upgrade units with errors boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

GroupTagsList (schema)

Group tags list listed per member type

Collection of tags used in a policy group listed per member type

Name Description Type Notes
results Collection of tags used in a policy group listed per member type array of GroupMemberTagsList Required

GroupedMigrationFeedbackRequest (schema)

Grouped Feedback detail required for Migration

Detailed feedback requests from the migration tool where user input is required.

Name Description Type Notes
accepted_actions Acceptable actions for this feedback request

List of acceptable actions for this feedback request.		 array of string Readonly
accepted_value_type Data type of the items listed in acceptable values

Data type of the items listed in acceptable values list.		 string Required
Readonly
accepted_values Acceptable values for this feedback request

List of acceptable values for this feedback request.		 array of string
hash Identifier for a feedback request type

Identify a feedback request type across objects. This can be used to group together objects with similar feedback request and resolve them in one go.		 string Readonly
message Content of feedback request

Detailed feedback request with options.		 string Required
Readonly
multi_value Indicates if multiple values can be selected as response

Indicates if multiple values can be selected as response from the list of acceptable value.		 boolean Required
Readonly
objects Collection of feedback requests of a given type array of SummaryMigrationFeedbackRequest Required
resolved Indicates if all feedback requests in this group are resolved

Indicates if a valid response already exist for all feedback requests in this group.		 boolean Readonly
sub_vertical Functional sub-area for the feedback query

Functional sub-area that this query falls into.		 string Required
Readonly
suggested_action Suggested action for this feedback request

The suggested action to resolve this feedback request.		 string Required
Readonly
suggested_value Suggested value for this feedback request

The suggested value to resolve this feedback request.		 string Required
Readonly
vertical Functional area for the feedback query

Functional area that this query falls into.		 string Required
Readonly

GroupedMigrationFeedbackRequestListResult (schema)

groups of feedback required for Migration

Groups of detailed feedback requests from the migration tool where user input is required.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of groups of feedback requests array of GroupedMigrationFeedbackRequest Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

GuestInfo (schema)

Guest virtual machine details

Guest virtual machine details include OS name and computer name of guest VM.

Name Description Type Notes
computer_name Computer name

Computer name of guest virtual machine, which is set inside guest OS.
Currently this is supported for guests on ESXi that have VMware Tools installed.
string Readonly
os_name OS name

OS name of guest virtual machine. Currently this is supported for guests
on ESXi that have VMware Tools installed.
string Readonly

HaVipConfig (schema)

Name Description Type Notes
enabled Flag to enable this ha vip config. boolean Default: "True"
ha_vip_subnets Floating IP address subnets

Array of IP address subnets which will be used as floating IP addresses. | Note - this configuration is applicable only for Active-Standby LogicalRouter. | For Active-Active LogicalRouter this configuration will be rejected.		 array of VIPSubnet Required
Minimum items: 1
Maximum items: 2
redundant_uplink_port_ids Identifiers of uplink ports for providing redundancy

Identifiers of logical router uplink ports which are to be paired to provide | redundancy. Floating IP will be owned by one of these uplink ports (depending upon | which node is Active).		 array of string Required
Minimum items: 2
Maximum items: 2

HealthCheckResult (schema)

Health Check Result

Result of health check .

Name Description Type Notes
results_per_transport_node Health Check Results Per Transport Node

List of health check results on specific transport node
array of HealthCheckResultPerTransportNode Readonly
vlan_mtu_status VlanMtuHealthCheckResultStatus Readonly

HealthCheckResultOnHostSwitch (schema)

Health Check Result On Host Switch

Health check result on specific host switch of specific transport node.

Name Description Type Notes
host_switch_name Host Switch Name

Name of the host switch.		 string Readonly
results_per_uplink Health Check Results Per uplink

List of health check results per uplink on current host switch of specific
transport node.
array of HealthCheckResultPerUplink Readonly

HealthCheckResultPerTransportNode (schema)

Health Check Result Per Transport Node

Health check result on specific transport node

Name Description Type Notes
result_on_host_switch HealthCheckResultOnHostSwitch Readonly
transport_node_id Transport Node ID

ID of the Transport Node.		 string Readonly

HealthCheckResultPerUplink (schema)

Health Check Result Per Uplink

Health check result for specific uplink.

Name Description Type Notes
mtu_disallowed MTU Disallowed

List of VLAN ID ranges which are allowed by VLAN settings but may be
disallowed by MTU settings.
array of HealthCheckVlanRange Readonly
uplink_name Uplink Name

Name of the uplink.		 string Readonly
vlan_and_mtu_allowed VLAN and MTU Allowed

List of VLAN ID ranges which are allowed by VLAN and MTU settings.
array of HealthCheckVlanRange Readonly
vlan_disallowed VLAN Disallowed

List of VLAN ID ranges which may be disallowed by VLAN settings.
array of HealthCheckVlanRange Readonly

HealthCheckSpecVlans (schema)

VLAN Range Specification

HealthCheckSpecVlan is used for specifying VLAN ID ranges for healthcheck.

Name Description Type Notes
vlan_ranges VLAN ID ranges array of HealthCheckVlanRange Required
Minimum items: 1

HealthCheckVlanRange (schema)

VLAN ID range

Name Description Type Notes
end VlanID Required
start VlanID Required

HeatMapTransportNodesAggregateStatus (schema)

Name Description Type Notes
degraded_count Number of transport nodes that are degraded int
down_count Number of transport nodes that are down int
unknown_count Number of transport nodes with unknown status int
up_count Number of transport nodes that are up int

HeatMapTransportZoneStatus (schema)

Name Description Type Notes
degraded_count Number of transport nodes that are degraded int
down_count Number of transport nodes that are down int
unknown_count Number of transport nodes with unknown status int
up_count Number of transport nodes that are up int

HostInfraTrafficType (schema)

Enumerate all types of traffic

The traffic_name specifies the infrastructure traffic type and it
must be one of the following system-defined types:
FAULT_TOLERANCE is traffic for failover and recovery.
HBR is traffic for Host based replication.
ISCSI is traffic for Internet Small Computer System Interface.
MANAGEMENT is traffic for host management.
NFS is traffic related to file transfer in network file system.
VDP is traffic for vSphere data protection.
VIRTUAL_MACHINE is traffic generated by virtual machines.
VMOTION is traffic for computing resource migration.
VSAN is traffic generated by virtual storage area network.
The dynamic_res_pool_name provides a name for the resource pool.
It can be any arbitrary string.
Either traffic_name or dynamic_res_pool_name must be set.
If both are specified or omitted, an error will be returned.

Name Description Type Notes
dynamic_res_pool_name Dynamic resource pool traffic name string
traffic_name Traffic types string Enum: FAULT_TOLERANCE, HBR, ISCSI, MANAGEMENT, NFS, VDP, VIRTUAL_MACHINE, VMOTION, VSAN

HostNode (schema)

Host node

Host node

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
discovered_ip_addresses Discovered IP Addresses of the fabric node, version 4 or 6 array of IPAddress Readonly
discovered_node_id Discovered node id

Id of discovered node which was converted to create this node		 string Readonly
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id ID of the Node maintained on the Node and used to recognize the Node string
fqdn Fully qualified domain name of the fabric node string Readonly
host_credential Host login credentials

Login credentials for the host. It is mandatory to provide
credentials while adding host to MP to create transport node.
HostNodeLoginCredential
id Unique identifier of this resource string Sortable
ip_addresses IP Addresses of the Node, version 4 or 6

IP Addresses of the Node, version 4 or 6. This property is mandatory for all nodes except for
automatic deployment of edge virtual machine node. For automatic deployment, the ip address from
management_port_subnets property will be considered.
array of IPAddress
maintenance_mode_state Maintenance mode state

Indicates host node's maintenance mode state. The state is ENTERING
when a task to put the host in maintenance-mode is in progress.
string Readonly
Enum: OFF, ENTERING, ON
managed_by_server Id of vCenter server managing the HostNode

The id of the vCenter server managing the ESXi type HostNode		 string Readonly
os_type Hypervisor OS type

Hypervisor type, for example ESXi or RHEL KVM		 string Required
Enum: ESXI, RHELKVM, RHELSERVER, RHELCONTAINER, UBUNTUKVM, UBUNTUSERVER, HYPERV, CENTOSKVM, CENTOSSERVER, CENTOSCONTAINER, SLESKVM, SLESSERVER
os_version Hypervisor OS version

Version of the hypervisor operating system		 string
resource_type Must be set to the value HostNode string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

HostNodeDeleteParameters (schema)

Name Description Type Notes
unprepare_host Delete a host and uninstall NSX components boolean Default: "True"

HostNodeLoginCredential (schema)

The credentials to login into the host node

Name Description Type Notes
password The authentication password of the host node string
thumbprint ESXi thumbprint or SSH key fingerprint of the host node

For ESXi hosts, the thumbprint of the ESXi management service.
For KVM hosts, the SSH key fingerprint.
If thumbprint is not provided then connection to host may not
be established and API call will fail.
string
username The username of the account on the host node string

HostNodeStatus (schema)

Host Node Status

Name Description Type Notes
config_status Configuration status of host node

Gives details of state of desired configuration. This property is available only if Tranport Node exists for the host. Following are the supported values pending - Transport Node configuration status is pending in_progress - Transport Node configuration status is in progress success - Transport Node configuration status is successful failed - Transport Node configuration status is failed partial_success - Transport Node configuration status is partial success orphaned - Transport Node configuration status is orphaned unknown - Transport Node configuration status is unknown error - Error occured during Transport Node configuration		 string Readonly
Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error
deployment_status Deployment progress status of host node

This specifies the current nsx install status for host node. Following are the supported values INSTALL_IN_PROGRESS - NSX installation is in progress on the host INSTALL_FAILED - NSX installation failed on the host INSTALL_SUCCESSFUL - NSX installation successful on the host UNINSTALL_IN_PROGRESS - NSX uninstallation in progress on the host UNINSTALL_FAILED - NSX uninstallation failed on the host UNINSTALL_SUCCESSFUL - NSX uninstallation successful on the host UNINSTALL_SCHEDULED - NSX uninstallation is scheduled on the host UPGRADE_IN_PROGRESS - NSX upgrade is in progress on the host UPGRADE_FAILED - NSX upgrade failed on the host DEPLOYMENT_QUEUED - Deployment is queued on the DEPLOYMENT_IN_PROGRESS - Deployment is in progress DEPLOYMENT_FAILED - Deployment is failed DEPLOYMENT_SUCCESSFUL - Deployment is successful UNDEPLOYMENT_QUEUED - Undeployment is queued UNDEPLOYMENT_IN_PROGRESS - Undeployment is in progress UNDEPLOYMENT_FAILED - Undeployment failed UNDEPLOYMENT_SUCCESSFUL - Undeployment is successful UPGRADE_QUEUED - Upgrade is queued HOST_DISCONNECTED - Host is disconnected POWERED_OFF - Host is powered off		 string Readonly
Enum: INSTALL_IN_PROGRESS, INSTALL_FAILED, INSTALL_SUCCESSFUL, UNINSTALL_IN_PROGRESS, UNINSTALL_FAILED, UNINSTALL_SUCCESSFUL, UNINSTALL_SCHEDULED, UPGRADE_IN_PROGRESS, UPGRADE_FAILED, DEPLOYMENT_QUEUED, DEPLOYMENT_IN_PROGRESS, DEPLOYMENT_FAILED, DEPLOYMENT_SUCCESSFUL, UNDEPLOYMENT_QUEUED, UNDEPLOYMENT_IN_PROGRESS, UNDEPLOYMENT_FAILED, UNDEPLOYMENT_SUCCESSFUL, UPGRADE_QUEUED, HOST_DISCONNECTED, POWERED_OFF
node_id Unique Id of the host node string Readonly

HostNodeStatusListResult (schema)

HostNodeStatus queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results HostNodeStatus Results array of HostNodeStatus Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

HostProfileNetworkMigrationSpec (schema) (Deprecated)

Specification for network migrations related with Host Profiles.

This specification should be used to define which VMK adapters need to be
migrated to NSX logical switches from VC network switches. Migrations specified
here should match with those from associated Host Profiles from VC.
Mismatch will result in migration failures.
This specification only supports migration vmkernal adapters to NSX logical switches.
Note- transport node templates APIs are deprecated and user is
recommended to use transport node profiles APIs instead.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
network_mappings List of VMkernal adapters to logical switch mappings.

Based on provided mappings, VMkernal adapters will be migrated to mentioned
logical switch. Without mappings specification doesn't make any sense, hence
minium one mapping should be specified. Assuming some sane value of 10 maximum
migrations which will be supported by any single specification.
array of VmkToLogicalSwitchMapping Minimum items: 1
Maximum items: 10
resource_type Must be set to the value HostProfileNetworkMigrationSpec NetworkMigrationSpecType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

HostSwitch (schema)

Host Switch specification

Name Description Type Notes
host_switch_name HostSwitch name. This name will be used to reference this HostSwitch.

If this name is unset or empty then the default host switch name will be used. The name must be unique among all host switches specified in a given Transport Node; unset name, empty name and the default host switch name are considered the same in terms of uniqueness.		 string Default: "nsxDefaultHostSwitch"
host_switch_profile_ids Id's of HostSwitch profiles to be associated with this HostSwitch.

HostSwitch profiles bound to this HostSwitch. If a profile ID is not provided for any HostSwitchProfileType that is supported by the Transport Node, the corresponding default profile will be bound to the HostSwitch.		 array of HostSwitchProfileTypeIdEntry
pnics Physical NICs connected to the host switch array of Pnic
static_ip_pool_id ID of already configured Static IP Pool.

ID of configured Static IP Pool. If specified allocate IP for Endpoints from Pool. Else assume IP will be assigned for Endpoints from DHCP. This field is deprecated, use ip_assignment_spec field instead.		 string Deprecated

HostSwitchProfileListParameters (schema)

HostSwitchProfile List Parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
hostswitch_profile_type Type of host switch profile HostSwitchProfileType
include_system_owned Whether the list result contains system resources boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
uplink_teaming_policy_name The host switch profile's uplink teaming policy name

If populated, only UplinkHostSwitchProfiles with the specified uplink teaming policy name are returned. Otherwise, any HostSwitchProfile can be returned.		 string

HostSwitchProfileType (schema)

Supported HostSwitch profiles.

Name Description Type Notes
HostSwitchProfileType Supported HostSwitch profiles. string Enum: UplinkHostSwitchProfile, LldpHostSwitchProfile, NiocProfile, ExtraConfigHostSwitchProfile

HostSwitchProfileTypeIdEntry (schema)

Name Description Type Notes
key HostSwitchProfileType
value key value string Required

HostSwitchProfilesListResult (schema)

HostSwitch Profile queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results HostSwitch Profile Results array of BaseHostSwitchProfile
(Abstract type: pass one of the following concrete types)
ExtraConfigHostSwitchProfile
LldpHostSwitchProfile
NiocProfile
UplinkHostSwitchProfile		 Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

HostSwitchSpec (schema)

Abstract base type for transport node host switch specification

The HostSwitchSpec is the base class for standard and preconfigured
host switch specifications.
This is an abstract type. Concrete child types:
PreconfiguredHostSwitchSpec
StandardHostSwitchSpec

Name Description Type Notes
resource_type string Required
Enum: StandardHostSwitchSpec, PreconfiguredHostSwitchSpec

HostSwitchState (schema)

Host Switch State

Name Description Type Notes
endpoints List of virtual tunnel endpoints which are configured on this switch array of Endpoint Readonly
host_switch_id External ID of the HostSwitch string Readonly
host_switch_name HostSwitch name. This name will be used to reference this HostSwitch.

The name must be unique among all host switches specified in a given Transport Node.		 string Readonly
transport_zone_ids List of Ids of TransportZones this HostSwitch belongs to array of string Readonly

HostUpgradeStatus (schema)

Status of host upgrade

Name Description Type Notes
can_skip Can the upgrade of the remaining units in this component be skipped boolean Readonly
component_type Component type for the upgrade status string Readonly
current_version_node_summary Mapping of current versions of nodes and counts of nodes at the respective versions. NodeSummaryList Readonly
details Details about the upgrade status string Readonly
node_count_at_target_version Count of nodes at target component vrin

Number of nodes of the type and at the component version		 int Readonly
percent_complete Indicator of upgrade progress in percentage number Required
Readonly
pre_upgrade_status Pre-upgrade status of the component-type UpgradeChecksExecutionStatus Readonly
status Upgrade status of component string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED
target_component_version Target component version string Readonly

HostedEntityInfo (schema)

Name Description Type Notes
entity_type Type of entity

The type of entity hosted could be MP, CCP, VMC App etc.		 string Required
Readonly
entity_uuid Unique identifier of entity string Required
Readonly

HostnameOrIPv4Address (schema)

Hostname or IPv4 address

Name Description Type Notes
HostnameOrIPv4Address Hostname or IPv4 address string

HostnameOrIPv4AddressOrEmptyString (schema)

Hostname or IPv4 address

Name Description Type Notes
HostnameOrIPv4AddressOrEmptyString Hostname or IPv4 address string Maximum length: 255
Pattern: "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\.?$|^$"

HttpPolicyLbMonitorProfile (schema)

PolicyLbMonitorProfile for active health checks over HTTP

Active healthchecks are disabled by default and can be enabled for a
server pool by binding a health monitor to the Group through the PolicyLbRule
object. This represents active health monitoring over HTTP.
Active healthchecks are initiated periodically, at a configurable
interval, to each member of the Group. Only if a healthcheck fails
consecutively for a specified number of times (fall_count) to a member will
the member status be marked DOWN. Once a member is DOWN, a specified
number of consecutive successful healthchecks (rise_count) will bring the
member back to UP state. After a healthcheck is initiated, if it does not
complete within a certain period, then also the healthcheck is considered
to be unsuccessful.
Completing a healthcheck within timeout means establishing a connection
(TCP or SSL), if applicable, sending the request and receiving the
response, all within the configured timeout.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count Monitor fall count for active healthchecks

Only if a healthcheck fails consecutively for a specified number of
times, given with fall_count, to a member will the member status be
marked DOWN.
integer Default: "3"
id Unique identifier of this resource string Sortable
interval Monitor interval in seconds for active healthchecks

Active healthchecks are initiated periodically, at a configurable
interval (in seconds), to each member of the Group.
integer Default: "5"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
monitor_port Monitor port for active healthchecks

Typically, monitors perform healthchecks to Group members using the
member IP address and pool_port.
However, in some cases, customers prefer to run healthchecks against a
different port than the pool member port which handles actual
application traffic. In such cases, the port to run healthchecks
against can be specified in the monitor_port value.
int Minimum: 0
Maximum: 65535
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value HttpPolicyLbMonitorProfile string Required
Enum: TcpPolicyLbMonitorProfile, UdpPolicyLbMonitorProfile, IcmpPolicyLbMonitorProfile, HttpPolicyLbMonitorProfile, HttpsPolicyLbMonitorProfile
rise_count Monitor rise count for active healthchecks

Once a member is DOWN, a specified number of consecutive successful
healthchecks specified by rise_count will bring the member back to UP
state.
integer Default: "3"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Monitor timeout in seconds for active healthchecks

Timeout specified in seconds. After a healthcheck is initiated, if it
does not complete within a certain period, then also the healthcheck
is considered to be unsuccessful. Completing a healthcheck within
timeout means establishing a connection (TCP or SSL), if applicable,
sending the request and receiving the response, all within the
configured timeout.
integer Default: "15"
url Customized HTTP request url for active health checks

For HTTP active healthchecks, the HTTP request url sent can be
customized and can include query parameters.
string Default: "/"

HttpPolicyLbVirtualServer (schema)

PolicyLbVirtualServer handling connections over HTTP

Virtual server acts as a facade to an application, receives
all client connections over HTTP
and distributes them among the backend servers.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
access_log_enabled Access log enabled setting

If access log is enabled, all HTTP requests sent to an L7 virtual
server are logged to the access log file. Both successful requests
(backend server returns 2xx) and unsuccessful requests (backend
server returns 4xx or 5xx) are logged to access log, if enabled.
boolean Default: "False"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
insert_client_ip_header Relative path of this object

Backend web servers typically log each request they handle along with
the requesting client IP address. These logs are used for debugging,
analytics and other such purposes. If the deployment topology requires
enabling SNAT on the load balancer, then server will see the client as
the SNAT IP which defeats the purpose of logging. To work around this
issue, load balancer can be configured to insert XFF HTTP header with
the original client IP address. Backend servers can then be
configured to log the IP address in XFF header instead of the source
IP address of the connection. If XFF header is not present in the
incoming request, load balancer inserts a new XFF header with the
client IP address.
boolean Default: "False"
ip_address IP address of the PolicyLbVirtualServer

Configures the IP address of the PolicyLbVirtualServer where it
receives all client connections and distributes them among the
backend servers.
IPAddress Required
lb_persistence_profile Persistence Profile used by PolicyLbVirtualServer

Path to optional object that enables persistence on a virtual server
allowing related client connections to be sent to the same backend
server. Persistence is disabled by default.
string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
ports Virtual server port number(s) or port range(s)

Ports contains a list of at least one port or port range such as "80",
"1234-1236". Each port element in the list should be a single port or a
single port range.
array of PortElement Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value HttpPolicyLbVirtualServer string Required
Enum: TcpPolicyLbVirtualServer, UdpPolicyLbVirtualServer, HttpPolicyLbVirtualServer, HttpsPolicyLbVirtualServer, CustomPolicyLbVirtualServer
router_path Path to router type object for PolicyLbVirtualServer

Path to router type object that PolicyLbVirtualServer connects to.
The only supported router object is Network.
string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
traffic_source string

HttpProtocol (schema)

Name Description Type Notes
authentication_scheme Scheme to authenticate if required BasicAuthenticationScheme
name Must be set to the value HttpProtocol string Required
Enum: http, https, scp, sftp

HttpRequestMethodType (schema)

http monitor method

Name Description Type Notes
HttpRequestMethodType http monitor method string Enum: GET, OPTIONS, POST, HEAD, PUT

HttpRequestVersionType (schema)

http request version

Name Description Type Notes
HttpRequestVersionType http request version string Enum: HTTP_VERSION_1_0, HTTP_VERSION_1_1, HTTP_VERSION_2_0

HttpServiceProperties (schema)

HTTP Service properties

Name Description Type Notes
certificate Certificate Required
Readonly
cipher_suites Cipher suites used to secure contents of connection array of CipherSuite Minimum items: 1
client_api_concurrency_limit Client API rate limit in calls

The maximum number of concurrent API requests that will be serviced for a given authenticated client. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0.		 integer Minimum: 0
Default: "40"
client_api_rate_limit Client API rate limit in calls per second

The maximum number of API requests that will be serviced per second for a given authenticated client. If more API requests are received than can be serviced, a 429 Too Many Requests HTTP response will be returned. To disable API rate limiting, set this value to 0.		 integer Minimum: 0
Default: "100"
connection_timeout NSX connection timeout, set to 0 to configure no timeout integer Minimum: 0
Maximum: 2147483647
global_api_concurrency_limit Global API rate limit in calls

The maximum number of concurrent API requests that will be serviced. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0.		 integer Minimum: 0
Default: "100"
protocol_versions TLS protocol versions array of ProtocolVersion Minimum items: 1
redirect_host Host name or IP address to use for redirect location headers, or empty string to derive from current request HostnameOrIPv4AddressOrEmptyString Default: ""
session_timeout NSX session inactivity timeout, set to 0 to configure no timeout integer Minimum: 0
Maximum: 2147483647

HttpsPolicyLbMonitorProfile (schema)

PolicyLbMonitorProfile for active health checks over HTTPS

Active healthchecks are disabled by default and can be enabled for a
server pool by binding a health monitor to the Group through the PolicyLbRule
object. This represents active health monitoring over HTTPS. Active
healthchecks are initiated periodically, at a configurable interval, to
each member of the Group. Only if a healthcheck fails consecutively for a
specified number of times (fall_count) to a member will the member status
be marked DOWN. Once a member is DOWN, a specified number of consecutive
successful healthchecks (rise_count) will bring the member back to UP
state. After a healthcheck is initiated, if it does not complete within a
certain period, then also the healthcheck is considered to be
unsuccessful. Completing a healthcheck within timeout means establishing
a connection (TCP or SSL), if applicable, sending the request and
receiving the response, all within the configured timeout.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count Monitor fall count for active healthchecks

Only if a healthcheck fails consecutively for a specified number of
times, given with fall_count, to a member will the member status be
marked DOWN.
integer Default: "3"
id Unique identifier of this resource string Sortable
interval Monitor interval in seconds for active healthchecks

Active healthchecks are initiated periodically, at a configurable
interval (in seconds), to each member of the Group.
integer Default: "5"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
monitor_port Monitor port for active healthchecks

Typically, monitors perform healthchecks to Group members using the
member IP address and pool_port.
However, in some cases, customers prefer to run healthchecks against a
different port than the pool member port which handles actual
application traffic. In such cases, the port to run healthchecks
against can be specified in the monitor_port value.
int Minimum: 0
Maximum: 65535
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value HttpsPolicyLbMonitorProfile string Required
Enum: TcpPolicyLbMonitorProfile, UdpPolicyLbMonitorProfile, IcmpPolicyLbMonitorProfile, HttpPolicyLbMonitorProfile, HttpsPolicyLbMonitorProfile
rise_count Monitor rise count for active healthchecks

Once a member is DOWN, a specified number of consecutive successful
healthchecks specified by rise_count will bring the member back to UP
state.
integer Default: "3"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Monitor timeout in seconds for active healthchecks

Timeout specified in seconds. After a healthcheck is initiated, if it
does not complete within a certain period, then also the healthcheck
is considered to be unsuccessful. Completing a healthcheck within
timeout means establishing a connection (TCP or SSL), if applicable,
sending the request and receiving the response, all within the
configured timeout.
integer Default: "15"
url Customized HTTP request url for active health checks

For HTTP active healthchecks, the HTTP request url sent can be
customized and can include query parameters.
string Default: "/"

HttpsPolicyLbVirtualServer (schema)

PolicyLbVirtualServer handling connections over HTTPS

Virtual server acts as a facade to an application, receives all client
connections over HTTPS and distributes them among the backend servers.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
access_log_enabled Access log enabled setting

If access log is enabled, all HTTP requests sent to an L7 virtual
server are logged to the access log file. Both successful requests
(backend server returns 2xx) and unsuccessful requests (backend
server returns 4xx or 5xx) are logged to access log, if enabled.
boolean Default: "False"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
client_ssl_certificate_ids ssl certificates

Client-side SSL profile binding allows multiple
certificates, for different hostnames, to be bound to the same virtual
server. The setting is used when load balancer acts as an SSL server
and terminating the client SSL connection
array of string
client_ssl_settings Security profile setting

Security settings representing various security settings
when the VirtualServer acts as an SSL server
- BASE_SECURE_111317
- MODERATE_SECURE_111317
- HIGH_SECURE_111317
string Enum: BASE_SECURE_111317, MODERATE_SECURE_111317, HIGH_SECURE_111317
Default: "HIGH_SECURE_111317"
default_client_ssl_certificate_id ssl certificate

The setting is used when load balancer acts as an SSL
server and terminating the client SSL connection. A default
certificate should be specified which will be used if the server does
not host multiple hostnames on the same IP address or if the client
does not support SNI extension.
string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
insert_client_ip_header Relative path of this object

Backend web servers typically log each request they handle along with
the requesting client IP address. These logs are used for debugging,
analytics and other such purposes. If the deployment topology requires
enabling SNAT on the load balancer, then server will see the client as
the SNAT IP which defeats the purpose of logging. To work around this
issue, load balancer can be configured to insert XFF HTTP header with
the original client IP address. Backend servers can then be
configured to log the IP address in XFF header instead of the source
IP address of the connection. If XFF header is not present in the
incoming request, load balancer inserts a new XFF header with the
client IP address.
boolean Default: "False"
ip_address IP address of the PolicyLbVirtualServer

Configures the IP address of the PolicyLbVirtualServer where it
receives all client connections and distributes them among the
backend servers.
IPAddress Required
lb_persistence_profile Persistence Profile used by PolicyLbVirtualServer

Path to optional object that enables persistence on a virtual server
allowing related client connections to be sent to the same backend
server. Persistence is disabled by default.
string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
ports Virtual server port number(s) or port range(s)

Ports contains a list of at least one port or port range such as "80",
"1234-1236". Each port element in the list should be a single port or a
single port range.
array of PortElement Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value HttpsPolicyLbVirtualServer string Required
Enum: TcpPolicyLbVirtualServer, UdpPolicyLbVirtualServer, HttpPolicyLbVirtualServer, HttpsPolicyLbVirtualServer, CustomPolicyLbVirtualServer
router_path Path to router type object for PolicyLbVirtualServer

Path to router type object that PolicyLbVirtualServer connects to.
The only supported router object is Network.
string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
traffic_source string

HttpsProtocol (schema)

Name Description Type Notes
authentication_scheme Scheme to authenticate if required BasicAuthenticationScheme
name Must be set to the value HttpsProtocol string Required
Enum: http, https, scp, sftp
sha256_thumbprint SSL thumbprint of server string Required

ICMPTypeNSService (schema)

A NSService that represents IPv4 or IPv6 ICMP protocol

Name Description Type Notes
icmp_code ICMP message code integer
icmp_type ICMP message type integer
protocol ICMP protocol type string Required
Enum: ICMPv4, ICMPv6
resource_type Must be set to the value ICMPTypeNSService string Required
Enum: EtherTypeNSService, IPProtocolNSService, IGMPTypeNSService, ICMPTypeNSService, ALGTypeNSService, L4PortSetNSService

ICMPTypeServiceEntry (schema)

A ServiceEntry that represents IPv4 or IPv6 ICMP protocol

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
icmp_code ICMP message code integer Minimum: 0
Maximum: 255
icmp_type ICMP message type integer Minimum: 0
Maximum: 255
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
protocol string Required
Enum: ICMPv4, ICMPv6
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value ICMPTypeServiceEntry string Required
Enum: IPProtocolServiceEntry, IGMPTypeServiceEntry, ICMPTypeServiceEntry, ALGTypeServiceEntry, L4PortSetServiceEntry, EtherTypeServiceEntry
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IGMPTypeNSService (schema)

A NSService that represents IGMP protocol

Name Description Type Notes
resource_type Must be set to the value IGMPTypeNSService string Required
Enum: EtherTypeNSService, IPProtocolNSService, IGMPTypeNSService, ICMPTypeNSService, ALGTypeNSService, L4PortSetNSService

IGMPTypeServiceEntry (schema)

A ServiceEntry that represents IGMP protocol

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IGMPTypeServiceEntry string Required
Enum: IPProtocolServiceEntry, IGMPTypeServiceEntry, ICMPTypeServiceEntry, ALGTypeServiceEntry, L4PortSetServiceEntry, EtherTypeServiceEntry
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IKEDigestAlgorithm (schema)

Digest Algorithms used in IKE negotiations

The IKEDigestAlgorithms are used to verify message
integrity during IKE negotiation. SHA1 produces 160
bits hash and SHA2_XXX produces XXX bit hash.

Name Description Type Notes
IKEDigestAlgorithm Digest Algorithms used in IKE negotiations

The IKEDigestAlgorithms are used to verify message
integrity during IKE negotiation. SHA1 produces 160
bits hash and SHA2_XXX produces XXX bit hash.
string Enum: SHA1, SHA2_256, SHA2_384, SHA2_512

IKEEncryptionAlgorithm (schema)

Encryption algorithms used in IKE

IKEEncryption algorithms are used to ensure confidentiality of
the messages exchanged during IKE negotiations. AES stands for
Advanced Encryption Standards. AES_128 uses 128-bit keys whereas
AES_256 uses 256-bit keys for encryption and decryption.
AES_GCM stands for Advanced Encryption Standard(AES) in
Galois/Counter Mode(GCM) and is used to provide both
confidentiality and data origin authentication. AES_GCM composed
of two separate functions one for encryption(AES) and one for
authentication(GMAC). AES_GCM algorithms will be available with
IKE_V2 version only.
AES_GCM_128 uses 128-bit keys.
AES_GCM_192 uses 192-bit keys.
AES_GCM_256 uses 256-bit keys.

Name Description Type Notes
IKEEncryptionAlgorithm Encryption algorithms used in IKE

IKEEncryption algorithms are used to ensure confidentiality of
the messages exchanged during IKE negotiations. AES stands for
Advanced Encryption Standards. AES_128 uses 128-bit keys whereas
AES_256 uses 256-bit keys for encryption and decryption.
AES_GCM stands for Advanced Encryption Standard(AES) in
Galois/Counter Mode(GCM) and is used to provide both
confidentiality and data origin authentication. AES_GCM composed
of two separate functions one for encryption(AES) and one for
authentication(GMAC). AES_GCM algorithms will be available with
IKE_V2 version only.
AES_GCM_128 uses 128-bit keys.
AES_GCM_192 uses 192-bit keys.
AES_GCM_256 uses 256-bit keys.
string Enum: AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256

IPAddress (schema)

IPv4 or IPv6 address

Name Description Type Notes
IPAddress IPv4 or IPv6 address string

IPAddressElement (schema)

IP Address

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
ip_address IPElement Required

IPAddressElementListResult (schema)

Collection of IP address elements

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IP address element list array of IPAddressElement Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPAddressExpression (schema)

IP address expression node

Represents IP address expressions in the form of an array, to support addition of IP addresses in a group.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_addresses Array of IP addresses

This array can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed. Supported list of formats are, "192.168.1.1", "192.168.1.1-192.168.1.100", "192.168.0.0/24", "fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:318c/64".		 array of IPElement Required
Minimum items: 1
Maximum items: 4000
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPAddressExpression string Required
Enum: Condition, ConjunctionOperator, NestedExpression, IPAddressExpression, MACAddressExpression, ExternalIDExpression, PathExpression, IdentityGroupExpression
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPAddressPortPair (schema)

IP Address and Port information

IP Address and Port information

Name Description Type Notes
ip_address IPAddress for IPAddressPort combination

The IPAddress to be combined with Port for defining specific access
point.
IPAddress Required
port The port for IPAddressPort combination

The port to be combined with IPAddress for defining a specific access
point.
int Minimum: 0
Maximum: 65535

IPAddresses (schema)

Name Description Type Notes
ip_addresses IPs of the filter

The IP addresses in the form of IP Address, IP Range, CIDR, used as source IPs or destination IPs of filters.		 array of IPElement Minimum items: 1

IPCIDRBlock (schema)

IPv4 or IPv6 CIDR Block

Name Description Type Notes
IPCIDRBlock IPv4 or IPv6 CIDR Block string

IPDiscoveryProfile (schema)

IP Discovery Profile

Using this profile to configure different options of IP Discovery

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
arp_nd_binding_timeout ARP and ND cache timeout (in minutes)

This property controls the ARP and ND cache timeout period. It
is recommended that this property be greater than the ARP/ND
cache timeout on the VM.
int Minimum: 5
Maximum: 120
Default: "10"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
duplicate_ip_detection Duplicate IP Dection Options

Duplicate IP detection is used to determine if there is any IP conflict
with any other port on the same logical switch. If a conflict is detected,
then the IP is marked as a duplicate on the port where the IP was
discovered last. The duplicate IP will not be added to the realized
address binings for the port and hence will not be used in DFW rules or
other security configurations for the port.rt.
DuplicateIPDetectionOptions
id Unique identifier of this resource string Sortable
ip_v4_discovery_options IPv4 Discovery options

Indicates IPv4 Discovery options		 IPv4DiscoveryOptions
ip_v6_discovery_options IPv6 Discovery options

Indicates IPv6 Discovery options		 IPv6DiscoveryOptions
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPDiscoveryProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tofu_enabled Is TOFU enabled or not

Indicates whether "Trust on First Use(TOFU)" paradigm is enabled.		 boolean Default: "True"

IPDiscoveryProfileListRequestParameters (schema)

IP Discovery Profile request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IPDiscoveryProfileListResult (schema)

Paged collection of IP Discovery Profiles

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IP Discovery profile list results array of IPDiscoveryProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPElement (schema)

IP address, range, or subnet

IPElement can be a single IP address, IP address range or a Subnet. Its
type can be of IPv4 or IPv6. Supported list of formats are "192.168.1.1",
"192.168.1.1-192.168.1.100", "192.168.0.0/24",
"fe80::250:56ff:fe83:318c",
"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c",
"fe80::250:56ff:fe83:318c/64"

Name Description Type Notes
IPElement IP address, range, or subnet

IPElement can be a single IP address, IP address range or a Subnet. Its
type can be of IPv4 or IPv6. Supported list of formats are "192.168.1.1",
"192.168.1.1-192.168.1.100", "192.168.0.0/24",
"fe80::250:56ff:fe83:318c",
"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c",
"fe80::250:56ff:fe83:318c/64"
string

IPElementList (schema)

List of IP address, range, or subnet

IPElement can be a single IP address, IP address range or a Subnet. Its
type can be of IPv4 or IPv6. Supported list of formats are "192.168.1.1",
"192.168.1.1-192.168.1.100", "192.168.0.0/24",
"fe80::250:56ff:fe83:318c",
"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c",
"fe80::250:56ff:fe83:318c/64"

Name Description Type Notes
IPElementList List of IP address, range, or subnet

IPElement can be a single IP address, IP address range or a Subnet. Its
type can be of IPv4 or IPv6. Supported list of formats are "192.168.1.1",
"192.168.1.1-192.168.1.100", "192.168.0.0/24",
"fe80::250:56ff:fe83:318c",
"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c",
"fe80::250:56ff:fe83:318c/64"
string

IPFIXDFWCollector (schema)

IPFIX DFW Collector

IPFIX DFW data will be collected on collector
Host IP and Port address should be provided for collector.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
collector_ip_address IP address

IP address for the IPFIX DFW collector.
IP addresses such as 0.0.0.0, 127.0.0.1, 255.255.255.255 are invalid.
IPAddress Required
collector_port Port

Port for the IPFIX DFW collector.		 int Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPFIXDFWCollector string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPFIXDFWCollectorProfile (schema)

IPFIX DFW Collector Profile

IPFIX data for the NSX distributed firewall will be sent to the specified
IPFIX collectors.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ipfix_dfw_collectors IPFIX DFW Collectors.

It accepts Multiple Collectors.		 array of IPFIXDFWCollector Required
Minimum items: 1
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPFIXDFWCollectorProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPFIXDFWCollectorProfileListRequestParameters (schema)

IPFIX DFW Collector Profile request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IPFIXDFWCollectorProfileListResult (schema)

Paged Collection of IPFIX DFW Collector Profile

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPFIX DFW Collection Instances list results array of IPFIXDFWCollectorProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPFIXDFWProfile (schema)

IPFIX DFW Profile

IPFIX packets from source will be sent to IPFIX DFW collector.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
active_flow_export_timeout Active timeout (Minutes)

For long standing active flows, IPFIX records will be sent
per timeout period in minutes.
int Required
Minimum: 1
Maximum: 60
Default: "1"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ipfix_dfw_collector_profile_path IPFIX collector Paths

Policy path for IPFIX collector profiles. IPFIX data from
these logical segments will be sent to all specified IPFIX
collectors.
string Required
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
observation_domain_id Observation domain ID

An identifier that is unique to the exporting process
and used to meter the flows.
int Minimum: 0
Maximum: 65536
Default: "0"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
priority Config Priority

This priority field is used to resolve conflicts in Segment
Ports which are covered by more than one IPFIX profiles. The IPFIX
exporter will send records to Collectors in highest priority
profile (lowest number) only.
int Minimum: 0
Maximum: 32000
Default: "0"
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPFIXDFWProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPFIXDFWProfileListRequestParameters (schema)

IPFIX DFW Profile request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IPFIXDFWProfileListResult (schema)

Paged Collection of IPFIX DFW Profile

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPFIX DFW Profile list results array of IPFIXDFWProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPFIXL2Collector (schema)

IPFIX L2 Collector

IPFIX packets will be collected on collector.
IP and port address should be provided for collector.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
collector_ip_address IP address

IP address for the IPFIX L2 collector.
IP addresses such as 0.0.0.0, 127.0.0.1, 255.255.255.255 are invalid.
IPAddress Required
collector_port Port

Port number for the IPFIX L2 collector.		 int Minimum: 0
Maximum: 65535
Default: "4739"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPFIXL2Collector string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPFIXL2CollectorProfile (schema)

IPFIX L2 Collector Profile

IPFIX L2 data will be collected on collectors.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ipfix_l2_collectors It accepts Multiple Collector objects.

It accepts Multiple Collector objects.		 array of IPFIXL2Collector Required
Minimum items: 1
Maximum items: 4
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPFIXL2CollectorProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPFIXL2CollectorProfileListRequestParameters (schema)

IPFIX collector profile request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IPFIXL2CollectorProfileListResult (schema)

Paged list of IPFIX collector profiles.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPFIX collector Profile list results array of IPFIXL2CollectorProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPFIXL2Profile (schema)

IPFIX L2 Profile

IPFIX data from source logical segment, port, group will be forwarded to IPFIX
collector.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
active_timeout Active timeout

The time in seconds after a flow is expired even if
more packets matching this flow are received by the cache.
int Minimum: 60
Maximum: 3600
Default: "300"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
export_overlay_flow Export overlay Flow

This property controls whether overlay flow info is included in the
sample result.
boolean Default: "True"
id Unique identifier of this resource string Sortable
idle_timeout Idle timeout

The time in seconds after a flow is expired if
no more packets matching this flow are received by the cache.
int Minimum: 60
Maximum: 3600
Default: "300"
ipfix_collector_profile_path IPFIX collector Path

Policy path for IPFIX collector profile. User can specify only one IPFIX collector.
string Required
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
max_flows Max flows

The maximum number of flow entries in
each exporter flow cache.
integer Minimum: 0
Maximum: 4294967295
Default: "16384"
observation_domain_id Observation domain ID

An identifier that is unique to the exporting process and used to
meter the flows.
integer Minimum: 0
Maximum: 4294967295
Default: "0"
packet_sample_probability Packet sample probability

The probability in percentage that a packet is sampled,
in range 0-100. The probability is equal for every packet.
number Required
Minimum: 0
Maximum: 100
Default: "0.1"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
priority Config Priority

This priority field is used to resolve conflicts in Segment
Ports which are covered by more than one IPFIX profiles. The IPFIX
exporter will send records to Collectors in highest priority
profile (lowest number) only.
int Minimum: 0
Maximum: 32000
Default: "0"
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPFIXL2Profile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPFIXL2ProfileListRequestParameters (schema)

IPFIX L2 Profile request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IPFIXL2ProfileListResult (schema)

Paged Collection of IPFIX L2 Profile

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPFIX L2 Profile list results array of IPFIXL2Profile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPInfo (schema)

Name Description Type Notes
ip_addresses IPv4 Addresses array of IPv4Address Required
Minimum items: 1
Maximum items: 1
prefix_length Subnet Prefix Length integer Required
Minimum: 1
Maximum: 32

IPMemberAction (schema)

Name Description Type Notes
action Specifies addition or removal action string Required
Enum: add_ip, remove_ip

IPMirrorDestination (schema)

Name Description Type Notes
destination_ips List of destination IP addresses

The destination IPs of the mirror packet will be sent to.		 array of IPAddress Required
Minimum items: 1
Maximum items: 3
encapsulation_type IPMirrorDestination encapsulation type

You can choose GRE, ERSPAN II or ERSPAN III.		 EncapsulationType Required
Default: "GRE"
erspan_id ERSPAN session id

Used by physical switch for the mirror traffic forwarding.
Must be provided and only effective when encapsulation type is
ERSPAN type II or type III.
int Minimum: 0
Maximum: 1023
gre_key GRE encapsulation key

User-configurable 32-bit key only for GRE		 int
resource_type Must be set to the value IPMirrorDestination MirrorDestinationResourceType Required

IPPrefixList (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
logical_router_id Logical router id string Readonly
prefixes Ordered list of PrefixConfig array of PrefixConfig Required
Minimum items: 1
Maximum items: 1330000
resource_type Must be set to the value IPPrefixList string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPPrefixListListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of IPPrefixLists array of IPPrefixList Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPProtocolNSService (schema)

An NSService element that represents an IP protocol

Name Description Type Notes
protocol_number The IP protocol number integer Required
resource_type Must be set to the value IPProtocolNSService string Required
Enum: EtherTypeNSService, IPProtocolNSService, IGMPTypeNSService, ICMPTypeNSService, ALGTypeNSService, L4PortSetNSService

IPProtocolServiceEntry (schema)

A ServiceEntry that represents an IP protocol

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
protocol_number integer Required
Minimum: 0
Maximum: 255
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPProtocolServiceEntry string Required
Enum: IPProtocolServiceEntry, IGMPTypeServiceEntry, ICMPTypeServiceEntry, ALGTypeServiceEntry, L4PortSetServiceEntry, EtherTypeServiceEntry
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPSecDigestAlgorithm (schema)

Digest Algorithms used in IPSec tunnel establishment

The IPSecDigestAlgorithms are used to verify message
integrity during IPSec VPN tunnel establishment.
SHA1 produces 160 bits hash and SHA2_XXX produces
XXX bit hash.

Name Description Type Notes
IPSecDigestAlgorithm Digest Algorithms used in IPSec tunnel establishment

The IPSecDigestAlgorithms are used to verify message
integrity during IPSec VPN tunnel establishment.
SHA1 produces 160 bits hash and SHA2_XXX produces
XXX bit hash.
string Enum: SHA1, SHA2_256, SHA2_384, SHA2_512

IPSecEncryptionAlgorithm (schema)

Encryption algorithm used in IPSec tunnel

IPSecEncryptionAlgorithms are used to ensure confidentiality
of the messages exchanged during Tunnel negotiations. AES
stands for Advanced Encryption Standards. AES_128 uses 128-bit
keys whereas AES_256 uses 256-bit keys for encryption and
decryption. AES_GCM stands for Advanced Encryption Standard(AES)
in Galois/Counter Mode (GCM) and is used to provide both
confidentiality and data origin authentication.
NO_ENCRYPTION_AUTH_AES_GMAC_* enables authentication on input
data without encyption. Digest algorithm should be empty for this
option.

Name Description Type Notes
IPSecEncryptionAlgorithm Encryption algorithm used in IPSec tunnel

IPSecEncryptionAlgorithms are used to ensure confidentiality
of the messages exchanged during Tunnel negotiations. AES
stands for Advanced Encryption Standards. AES_128 uses 128-bit
keys whereas AES_256 uses 256-bit keys for encryption and
decryption. AES_GCM stands for Advanced Encryption Standard(AES)
in Galois/Counter Mode (GCM) and is used to provide both
confidentiality and data origin authentication.
NO_ENCRYPTION_AUTH_AES_GMAC_* enables authentication on input
data without encyption. Digest algorithm should be empty for this
option.
string Enum: AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256, NO_ENCRYPTION_AUTH_AES_GMAC_128, NO_ENCRYPTION_AUTH_AES_GMAC_192, NO_ENCRYPTION_AUTH_AES_GMAC_256, NO_ENCRYPTION

IPSecVPNDPDProfile (schema)

Dead peer detection (DPD) profile

Dead peer detection (DPD) is a method that allows detection of unreachable internet key excahnge (IKE) peers. Any changes affects all IPSec VPN sessions consuming this profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
dpd_probe_interval DPD probe interval in seconds

DPD probe interval defines a periodic interval for DPD probes.		 integer Minimum: 3
Maximum: 360
Default: "60"
enabled Enable dead peer detection (DPD)

If true, enable dead peer detection.		 boolean Default: "True"
id Unique identifier of this resource string Sortable
resource_type Must be set to the value IPSecVPNDPDProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPSecVPNDPDProfileListResult (schema)

List dead peer detection (DPD) profiles

List all the dead peer detection (DPD) profiles.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPSec DPD Profile list results array of IPSecVPNDPDProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPSecVPNIKEProfile (schema)

Internet key exchange (IKE) profile

IKE Profile is a reusable profile that captures IKE phase one negotiation parameters. Any changes affects all IPSec VPN sessions consuming this profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
dh_groups DH group

Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.		 array of DHGroup
digest_algorithms Algorithm for message hash

Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. Default is SHA2_256.		 array of IKEDigestAlgorithm
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
encryption_algorithms Encryption algorithm for IKE

Encryption algorithm is used during Internet Key Exchange(IKE) negotiation. Default is AES_128.		 array of IKEEncryptionAlgorithm
id Unique identifier of this resource string Sortable
ike_version IKE version

IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.		 string Enum: IKE_V1, IKE_V2, IKE_FLEX
Default: "IKE_V2"
resource_type Must be set to the value IPSecVPNIKEProfile string
sa_life_time Security association (SA) life time

Life time for security association. Default is 86400 seconds (1 day).		 integer Minimum: 21600
Maximum: 31536000
Default: "86400"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPSecVPNIKEProfileListResult (schema)

List IKE profiles

List all the IKE profiles.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IKE Profile list results array of IPSecVPNIKEProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPSecVPNIKEServiceSummary (schema)

IPSec VPN IKE service summary

Summarized view of all IPSec VPN sessions for a specified service.

Name Description Type Notes
aggregate_traffic_counters Traffic summary

Aggregate traffic statistics across all selected sessions.		 IPSecVPNTrafficCounters
display_name Display name

VPN service display name.		 string Readonly
ipsec_vpn_service_id Service identifier

UUID for a vpn service.		 string Readonly
last_update_timestamp Last updated timestamp

Timestamp when the data was last updated.		 EpochMsTimestamp Readonly
logical_router_id Logical router identifier

Logical router identifier associated with vpn service.		 string Readonly
session_summary Session summary

Session summary for number of total, established, failed and degraded IPSec VPN sessions.		 IPsecVPNIKESessionSummary Readonly
traffic_summary_per_session Traffic summary

Traffic summary per session.		 array of IPSecVPNSessionTrafficSummary

IPSecVPNIKESessionStatus (schema)

IKE session status

Status for IPSec VPN IKE session UP, DOWN, NEGOTIATING and fail reason if IKE session is down.

Name Description Type Notes
fail_reason Fail reason

Reason for failure.		 string Readonly
ike_session_state IKE session state

IKE session service status UP, DOWN and NEGOTIATING.		 string Readonly
Enum: UP, DOWN, NEGOTIATING

IPSecVPNIKETrafficStatistics (schema)

IPSec VPN IKE traffic statistics

Traffic statistics for IPSec VPN IKE session. Note - Not supported in this release.

Name Description Type Notes
bytes_in Bytes in

Number of bytes in.		 integer Readonly
bytes_out Bytes out

Number of bytes out.		 integer Readonly
fail_count Fail count

Fail count.		 integer Readonly
packets_in Packets in

Number of packets in.		 integer Readonly
packets_out Packets out

Number of packets out.		 integer Readonly

IPSecVPNLocalEndpoint (schema)

IPSec VPN Local Endpoint

Local endpoint represents a logical router on which tunnel needs to be terminated.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
certificate_id Certificate Id

Site certificate identifier.		 string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ipsec_vpn_service_id VPN Service id

VPN Service id.		 ResourceReference Required
local_address IPV4 Address for local endpoint

IPV4 Address for local endpoint.		 IPv4Address Required
local_id Local identifier

Local identifier.		 string
resource_type Must be set to the value IPSecVPNLocalEndpoint string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
trust_ca_ids Certificate authority (CA) identifiers

Certificate authority (CA) identifier list to verify peer certificates.		 array of string
trust_crl_ids Certificate revocation list (CRL) Identifiers

Certificate revocation list (CRL) identifier list of peer certificates.		 array of string

IPSecVPNLocalEndpointListParameters (schema)

List parameters for IPSec VPN local endpoints

Parameters to get the filtered list of IPSec VPN local endpoints. Both filter parameters can be provided as they are not mutually exclusive.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
ipsec_vpn_service_id Id of the IPSec VPN service

All the local endpoints configured with the specified VPN Service id will be included in the result.		 string
logical_router_id Id of logical router

All the local endpoints belonging to the specified logical router id will be included in the result.		 string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IPSecVPNLocalEndpointListResult (schema)

List local endpoints

List all the local endpoints.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPSec local endpoint list results array of IPSecVPNLocalEndpoint Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPSecVPNPeerEndpoint (schema)

IPSec VPN Peer Endpoint

IPSec VPN Peer Endpoint covers configuration to be applied locally to establish a session with remote endpoint on peer site.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
authentication_mode Authentication Mode

Authentication mode used for the peer authentication. For PSK (Pre Shared Key) authentication mode, 'psk' property is mandatory and for the CERTIFICATE authentication mode, 'peer_id' property is mandatory.		 string Enum: PSK, CERTIFICATE
Default: "PSK"
connection_initiation_mode Connection initiation mode

Connection initiation mode used by local
endpoint to establish ike connection with peer endpoint.
INITIATOR - In this mode local endpoint initiates tunnel
setup and will also respond to incoming tunnel setup requests
from peer gateway.
RESPOND_ONLY - In this mode, local endpoint shall only
respond to incoming tunnel setup requests. It shall not
initiate the tunnel setup.
ON_DEMAND - In this mode local endpoint will initiate tunnel
creation once first packet matching the policy rule is
received and will also respond to incoming initiation request.
string Enum: INITIATOR, RESPOND_ONLY, ON_DEMAND
Default: "INITIATOR"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
dpd_profile_id Dead peer detection (DPD) profile id

Dead peer detection (DPD) profile id. Default will be set according to system default policy.		 string
id Unique identifier of this resource string Sortable
ike_profile_id Internet key exchange (IKE) profile id

IKE profile id to be used. Default will be set according to system default policy.		 string
ipsec_tunnel_profile_id IPSec tunnel profile id

Tunnel profile id to be used. By default it will point to system default profile.		 string
peer_address IPV4 address of peer endpoint on remote site.

IPV4 address of peer endpoint on remote site.		 string Required
peer_id Peer id

Peer identifier.		 string Required
psk Pre-shared key

IPSec Pre-shared key. Maximum length of this field is 128 characters.		 string
resource_type Must be set to the value IPSecVPNPeerEndpoint string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPSecVPNPeerEndpointListResult (schema)

List peer endpoints

List all the peer endpoints.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPSec Peer endpoint list results array of IPSecVPNPeerEndpoint Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPSecVPNPolicyRule (schema)

IPSec VPN policy rules

For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy's match criteria.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_owner Owner of this resource OwnerResourceLink Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
action Action to be applied

PROTECT - Protect rules are defined per policy based
IPSec VPN session.
BYPASS - Bypass rules are defined per IPSec VPN
service and affects all policy based IPSec VPN sessions.
Bypass rules are prioritized over protect rules.
string Readonly
Enum: PROTECT, BYPASS
Default: "PROTECT"
description Description of this resource string Maximum length: 1024
Sortable
destinations Destination list

List of peer subnets.		 array of IPSecVPNPolicySubnet Maximum items: 128
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Enabled flag

A flag to enable/disable the policy rule.		 boolean Default: "True"
id Unique policy id

Unique policy id.		 string
logged Logging flag

A flag to enable/disable the logging for the policy rule.		 boolean Default: "False"
resource_type Must be set to the value IPSecVPNPolicyRule string
sources Source list

List of local subnets.		 array of IPSecVPNPolicySubnet Maximum items: 128

IPSecVPNPolicySubnet (schema)

Subnet for IPSec Policy based VPN

Used to specify the local/peer subnets in IPSec VPN Policy rule.

Name Description Type Notes
subnet Peer or local subnet

Subnet used in policy rule.		 IPv4CIDRBlock Required

IPSecVPNPolicyTrafficStatistics (schema)

IPSec VPN policy traffic statistics

IPSec VPN policy traffic statistics

Name Description Type Notes
aggregate_traffic_counters Traffic summary

Aggregate traffic statistics across all ipsec tunnels.		 IPSecVPNTrafficCounters Readonly
policy_id Policy Identifier

Policy Identifier.		 string Readonly
tunnel_port_id Tunnel port identifier

Tunnel port identifier.		 string Readonly
tunnel_statistics Tunnel statistics

Tunnel statistics.		 array of IPSecVPNTunnelTrafficStatistics Readonly

IPSecVPNService (schema)

IPSec VPN service

Create and manage IPSec VPN service for given logical router.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
bypass_rules Bypass Policy rules

Bypass policy rules are configured using VPN service.
Bypass rules always have higher priority over protect
rules and they affect all policy based vpn sessions associated
with the IPSec VPN service. Protect rules are defined per
policy based vpn session.
array of IPSecVPNPolicyRule
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Enable virtual private network (VPN) service

If true, enable VPN services for given logical router.		 boolean Default: "True"
id Unique identifier of this resource string Sortable
ike_log_level Internet key exchange (IKE) log level

Log level for internet key exchange (IKE).		 string Enum: DEBUG, INFO, WARN, ERROR, EMERGENCY
Default: "INFO"
logical_router_id Logical router id

Logical router id.		 string Required
resource_type Must be set to the value IPSecVPNService string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPSecVPNServiceListResult (schema)

List IPSec VPN services

List all the IPSec VPN services.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPSec VPN serivce list result array of IPSecVPNService Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPSecVPNSession (schema)

IPSec VPN session

VPN session defines connection between local and peer endpoint. Untill VPN session is defined configuration is not realized. This is an abstract type. Concrete child types:
PolicyBasedIPSecVPNSession
RouteBasedIPSecVPNSession

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Enable/Disable IPSec VPN session

Enable/Disable IPSec VPN session.		 boolean Default: "True"
id Unique identifier of this resource string Sortable
ipsec_vpn_service_id IPSec VPN service identifier

Identifier of VPN Service linked with local endpoint.		 string Readonly
local_endpoint_id Local endpoint identifier

Local endpoint identifier.		 string Required
peer_endpoint_id Peer endpoint identifier

Peer endpoint identifier.		 string Required
resource_type Must be set to the value IPSecVPNSession IPSecVPNSessionResourceType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_mss_clamping TcpMssClamping

IPSecVPNSessionListParameters (schema)

List parameters for IPSec VPN Sessions

Parameters to get filtered list of IPSec VPN Sessions. The filter parameters are not mutually exclusive and can be used together.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
ipsec_vpn_service_id Id of the IPSec VPN service

All the IPSec VPN sessions configured with the specified VPN Service id will be included in the result.		 string
logical_router_id Id of logical router

All the VPN sessions belonging to the specified logical router id will be included in the result.		 string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
session_type Type of the vpn session

All the IPSec VPN sessions of specified type will be included in the result.		 IPSecVPNSessionResourceType
sort_ascending boolean
sort_by Field by which records are sorted string

IPSecVPNSessionListResult (schema)

List IPSec VPN sessions

List all the IPSec VPN sessions.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPSec VPN sessions list result array of IPSecVPNSession
(Abstract type: pass one of the following concrete types)
PolicyBasedIPSecVPNSession
RouteBasedIPSecVPNSession		 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPSecVPNSessionResourceType (schema)

Resource types of IPsec VPN session

A Policy Based VPN requires to define protect rules that match
local and peer subnets. IPSec security associations is
negotiated for each pair of local and peer subnet.
A Route Based VPN is more flexible, more powerful and recommended over
policy based VPN. IP Tunnel port is created and all traffic routed via
tunnel port is protected. Routes can be configured statically
or can be learned through BGP. A route based VPN is must for establishing
redundant VPN session to remote site.

Name Description Type Notes
IPSecVPNSessionResourceType Resource types of IPsec VPN session

A Policy Based VPN requires to define protect rules that match
local and peer subnets. IPSec security associations is
negotiated for each pair of local and peer subnet.
A Route Based VPN is more flexible, more powerful and recommended over
policy based VPN. IP Tunnel port is created and all traffic routed via
tunnel port is protected. Routes can be configured statically
or can be learned through BGP. A route based VPN is must for establishing
redundant VPN session to remote site.
string Enum: PolicyBasedIPSecVPNSession, RouteBasedIPSecVPNSession

IPSecVPNSessionState (schema)

Name Description Type Notes
details Array of configuration state of various sub systems array of ConfigurationStateElement Readonly
failure_code Error code integer Readonly
failure_message Error message in case of failure string Readonly
state Overall state of desired configuration

Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.		 string Required
Readonly
Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED

IPSecVPNSessionStatistics (schema)

IPSec VPN session statistics

Session statistics gives aggregated statistics of all policies for all the tunnels.

Name Description Type Notes
aggregate_traffic_counters Traffic summary

Aggregate traffic statistics across all ipsec tunnels.		 IPSecVPNTrafficCounters Readonly
display_name Display name

Display name of vpn session.		 string Readonly
ike_status IKE status summary

Status for IPSec VPN IKE session UP/DOWN and fail reason if IKE session is down.		 IPSecVPNIKESessionStatus Readonly
ike_traffic_statistics IKE traffic statistics

Traffic statistics for IPSec VPN IKE session. Note - Not supported in this release.		 IPSecVPNIKETrafficStatistics Readonly
ipsec_vpn_session_id Session identifier

UUID of vpn session.		 string Readonly
last_update_timestamp Last updated timestamp

Timestamp when the data was last updated.		 EpochMsTimestamp Readonly
partial_stats Partial Statistics

Partial statistics if true specifies that the statistics are only from active node.		 boolean Readonly
policy_statistics IPSec policy statistics

Gives aggregate traffic statistics across all ipsec tunnels and individual tunnel statistics.		 array of IPSecVPNPolicyTrafficStatistics Readonly

IPSecVPNSessionStatus (schema)

IKE session traffic summary

IKE session traffic summary provides IKE session status and aggregate of traffic across all tunnel.

Name Description Type Notes
aggregate_traffic_counters Traffic summary

Aggregate traffic statistics across all ipsec tunnels.		 IPSecVPNTrafficCounters Readonly
display_name Display name

Display name of vpn session.		 string Readonly
failed_tunnels Failed tunnels

Number of failed tunnels.		 integer Readonly
ike_status IKE status

Status for IPSec VPN IKE session UP/DOWN and fail reason if IKE session is down.		 IPSecVPNIKESessionStatus Readonly
ipsec_vpn_session_id Session identifier

UUID of vpn session.		 string Readonly
last_update_timestamp Last updated timestamp

Timestamp when the data was last updated.		 EpochMsTimestamp Readonly
negotiated_tunnels Negotiated tunnels

Number of negotiated tunnels.		 integer Readonly
session_status Session status

Gives session status consolidated using IKE status and tunnel status. It can be UP, DOWN, DEGRADED. If IKE and all tunnels are UP status will be UP, if all down it will be DOWN, otherwise it will be DEGRADED.		 string Readonly
Enum: UP, DOWN, DEGRADED
total_tunnels Total tunnels

Total number of tunnels.		 integer Readonly

IPSecVPNSessionSummary (schema)

IPSec VPN session summary

Summarized view of all selected IPSec VPN sessions.

Name Description Type Notes
aggregate_traffic_counters Traffic summary

Aggregate traffic statistics across all selected sessions.		 IPSecVPNTrafficCounters
last_update_timestamp Last updated timestamp

Timestamp when the data was last updated.		 EpochMsTimestamp Readonly
session_summary Session summary

Session summary for number of total, established, failed and degraded IPSec VPN sessions.		 IPsecVPNIKESessionSummary Readonly
traffic_summary_per_session Traffic summary

Traffic summary per session.		 array of IPSecVPNSessionTrafficSummary

IPSecVPNSessionTrafficSummary (schema)

IPSec VPN session traffic summary

IPSec VPN session traffic summary.

Name Description Type Notes
ipsec_vpn_session VPN session

VPN Session.		 ResourceReference Readonly
traffic_counters Traffic stastics

Traffic stastics.		 IPSecVPNTrafficCounters Readonly

IPSecVPNTrafficCounters (schema)

IPSec VPN traffic counters

Traffic counters for IPSec VPN session.

Name Description Type Notes
bytes_in Bytes in

Total number of bytes recevied.		 integer Readonly
bytes_out Bytes out

Total number of bytes sent.		 integer Readonly
dropped_packets_in Dropped incoming packets

Total number of incoming packets dropped on inbound security association.		 integer Readonly
dropped_packets_out Dropped outgoing packets

Total number of outgoing packets dropped on outbound security association.		 integer Readonly
packets_in Packets in

Total number of packets received.		 integer Readonly
packets_out Packets out

Total number of packets sent.		 integer Readonly

IPSecVPNTransportStatus (schema)

VPN Session status

Provides IPSec VPN session status.

Name Description Type Notes
resource_type Must be set to the value IPSecVPNTransportStatus TransportTunnelResourceType Required
status IPSec vpn session status

VPN session status provides IKE session status and aggregate of traffic across all tunnel.		 IPSecVPNSessionStatus Readonly
tunnel_id Transport tunnel id

Transport tunnel id.		 ResourceReference Readonly

IPSecVPNTunnelProfile (schema)

IPSec VPN tunnel profile

IPSec VPN tunnel profile is a reusable profile that captures phase two negotiation parameters and tunnel properties. Any changes affects all IPSec VPN sessions consuming this profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
df_policy Policy for handling defragmentation bit

Defragmentation policy helps to handle defragmentation bit present in the inner packet. COPY copies the defragmentation bit from the inner IP packet into the outer packet. CLEAR ignores the defragmentation bit present in the inner packet.		 string Enum: COPY, CLEAR
Default: "COPY"
dh_groups DH group

Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.		 array of DHGroup
digest_algorithms Algorithm for message hash

Algorithm to be used for message digest. Default digest algorithm is implicitly covered by default encryption algorithm "AES_GCM_128".		 array of TunnelDigestAlgorithm
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enable_perfect_forward_secrecy Enable perfect forward secrecy

If true, perfect forward secrecy (PFS) is enabled.		 boolean Default: "True"
encapsulation_mode Encapsulation Mode

Encapsulation Mode to be used for encryption of packet. Tunnel mode protects internal routing information by encrypting IP header of original packet.		 string Readonly
Enum: TUNNEL_MODE
Default: "TUNNEL_MODE"
encryption_algorithms Encryption algorithm to use in tunnel establishement

Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.		 array of TunnelEncryptionAlgorithm
id Unique identifier of this resource string Sortable
resource_type Must be set to the value IPSecVPNTunnelProfile string
sa_life_time Security association (SA) life time

SA life time specifies the expiry time of security
association. Default is 3600 seconds.
integer Minimum: 900
Maximum: 31536000
Default: "3600"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transform_protocol Tunnel protocol

IPSec transform specifies IPSec security protocol.		 string Readonly
Enum: ESP
Default: "ESP"

IPSecVPNTunnelProfileListResult (schema)

List tunnel profiles

List all the tunnel profiles.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPSec Tunnel Profile list results array of IPSecVPNTunnelProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPSecVPNTunnelTrafficStatistics (schema)

IPSec VPN tunnel traffic statistics

IPSec VPN tunnel traffic statistics.

Name Description Type Notes
bytes_in Bytes in

Total number of incoming bytes on inbound Security association (SA).		 integer Readonly
bytes_out Bytes out

Total number of outgoing bytes on outbound Security association (SA).		 integer Readonly
decryption_failures Decryption failures

Total number of packets dropped due to decryption failures.		 integer Readonly
dropped_packets_in Dropped incoming packets

Total number of incoming packets dropped on inbound security association.		 integer Readonly
dropped_packets_out Dropped outgoing packets

Total number of outgoing packets dropped on outbound security association.		 integer Readonly
encryption_failures Encryption failures

Total number of packets dropped because of failure in encryption.		 integer Readonly
integrity_failures Integrity failures

Total number of packets dropped due to integrity failures.		 integer Readonly
local_subnet Local subnet

Local subnet to which a tunnel belongs.		 string Readonly
nomatching_policy_errors Nomatching Policy errors

Number of packets dropped because of no matching policy is available.		 integer Readonly
packets_in Packets in

Total number of incoming packets on inbound Security association (SA).		 integer Readonly
packets_out Packets out

Total number of outgoing packets on outbound Security association (SA).		 integer Readonly
packets_receive_other_error Packets receive other error

Total number of incoming packets dropped on inbound Security association (SA)(misc).		 integer Readonly
packets_sent_other_error Packets sent other error

Total number of packets dropped while sending for any reason.		 integer Readonly
peer_subnet Peer subnet

Peer subnet to which a tunnel belongs.		 string Readonly
replay_errors Replay errors

Total number of packets dropped due to replay check on that Security association (SA).		 integer Readonly
sa_mismatch_errors_in Security association (SA) mismatch errors on incoming packets

Totoal number of security association (SA) mismatch errors on incoming packets.		 integer Readonly
sa_mismatch_errors_out Security association (SA) mismatch errors on outgoing packets

Totoal number of security association (SA) mismatch errors on outgoing packets.		 integer Readonly
seq_number_overflow_error Sequence number overflow error

Total number of packets dropped while sending due to overflow in sequence number.		 integer Readonly
tunnel_down_reason Tunnel down reason

Gives the detailed reason about the tunnel when it is down. If tunnel is UP tunnel down reason will be empty.		 string Readonly
tunnel_status Tunnel Status

Specifies the status of tunnel. If all the SA (Security association) are negotiated then tunnels status will be UP. If negotiation fails for the SAs status will be DOWN, if SAs are in negotiating phase tunnels status will be NEGOTIATING.		 string Readonly
Enum: UP, DOWN, NEGOTIATING

IPSecVpnDpdProfile (schema)

Dead peer detection (DPD) profile

Dead peer detection (DPD) is a method that allows detection of unreachable internet key excahnge (IKE) peers. Any changes affects all IPSec VPN sessions consuming this profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
dpd_probe_interval DPD probe interval in seconds

DPD probe interval defines a periodic interval for DPD probes.		 integer Minimum: 3
Maximum: 360
Default: "60"
enabled Enable dead peer detection (DPD)

If true, enable dead peer detection.		 boolean Default: "True"
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPSecVpnDpdProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPSecVpnDpdProfileListRequestParameters (schema)

IPSecVpnDpdProfile list request parameters

Request parameters to get filtered list of IPSecVpnDpdProfile.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IPSecVpnDpdProfileListResult (schema)

Paged Collection of IPSecVpnDpdProfile

Paged Collection of IPSecVpnDpdProfile.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPSecVpnDpdProfile list results

IPSecVpnDpdProfile list results.		 array of IPSecVpnDpdProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPSecVpnIkeProfile (schema)

Internet key exchange (IKE) profile

IKE Profile is a reusable profile that captures IKE phase one negotiation parameters. Any changes affects all IPSec VPN sessions consuming this profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
dh_groups DH group

Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.		 array of DhGroup
digest_algorithms Algorithm for message hash

Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. Default is SHA2_256.		 array of IkeDigestAlgorithm
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
encryption_algorithms Encryption algorithm for IKE

Encryption algorithm is used during Internet Key Exchange(IKE) negotiation. Default is AES_128.		 array of IkeEncryptionAlgorithm
id Unique identifier of this resource string Sortable
ike_version IKE version

IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.		 string Enum: IKE_V1, IKE_V2, IKE_FLEX
Default: "IKE_V2"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPSecVpnIkeProfile string
sa_life_time Security association (SA) life time

Life time for security association. Default is 86400 seconds (1 day).		 integer Minimum: 21600
Maximum: 31536000
Default: "86400"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPSecVpnIkeProfileListRequestParameters (schema)

IPSecVpnIkeProfile list request parameters

Request parameters to get filtered list of IPSecVpnIkeProfile.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IPSecVpnIkeProfileListResult (schema)

Paged Collection of IPSecVpnIkeProfile

Paged Collection of IPSecVpnIkeProfile.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPSecVpnIkeProfile list results

IPSecVpnIkeProfile list results.		 array of IPSecVpnIkeProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPSecVpnIkeSessionStatus (schema)

Ike session status

Status for IPSec VPN Ike session UP, DOWN, NEGOTIATING and fail reason if Ike session
is down.

Name Description Type Notes
fail_reason Fail reason

Reason for failure.
string Readonly
ike_session_state Ike session state

Ike session service status UP, DOWN and NEGOTIATING.
string Readonly
Enum: UP, DOWN, NEGOTIATING

IPSecVpnIkeTrafficStatistics (schema)

IPSec VPN Ike traffic statistics

Traffic statistics for IPSec VPN Ike session.
Note - Not supported in this release.

Name Description Type Notes
bytes_in Bytes in

Number of bytes in.		 integer Readonly
bytes_out Bytes out

Number of bytes out.		 integer Readonly
fail_count Fail count

Fail count.		 integer Readonly
packets_in Packets in

Number of packets in.		 integer Readonly
packets_out Packets out

Number of packets out.		 integer Readonly

IPSecVpnLocalEndpoint (schema)

IPSec VPN Local Endpoint

Local endpoint represents a tier-0/tier-1 on which tunnel needs to be terminated.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
certificate_path Certificate path

Policy path referencing site certificate.		 string
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
local_address IPV4 Address of local endpoint

IPV4 Address of local endpoint.		 IPv4Address Required
local_id Local identifier

Local identifier.		 string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPSecVpnLocalEndpoint string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
trust_ca_paths Certificate authority (CA) paths

List of policy paths referencing certificate authority (CA) to verify peer certificates.		 array of string
trust_crl_paths Certificate revocation list (CRL) paths

List of policy paths referencing certificate revocation list (CRL) to peer certificates.		 array of string

IPSecVpnLocalEndpointListRequestParameters (schema)

IPSecVpnLocalEndpoint list request parameters

Request parameters to get filtered list of IPSecVpnLocalEndpoint.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IPSecVpnLocalEndpointListResult (schema)

Paged Collection of IPSecVpnLocalEndpoint

Paged Collection of IPSecVpnLocalEndpoint.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPSecVpnLocalEndpoint list results

IPSecVpnLocalEndpoint list results.		 array of IPSecVpnLocalEndpoint Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPSecVpnRule (schema)

IPSec VPN Rule

For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy’s match criteria.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
action Action to be applied

PROTECT - Protect rules are defined per policy based
IPSec VPN session.
BYPASS - Bypass rules are defined per IPSec VPN
service and affects all policy based IPSec VPN sessions.
Bypass rules are prioritized over protect rules.
string Readonly
Enum: PROTECT, BYPASS
Default: "PROTECT"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
destinations Destination list

List of peer subnets. Specifying no value is interpreted
as 0.0.0.0/0.
array of IPSecVpnSubnet Maximum items: 128
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Enabled flag

A flag to enable/disable the rule.		 boolean Default: "True"
id Unique identifier of this resource string Sortable
logged Logging flag

A flag to enable/disable the logging for the rule.		 boolean Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPSecVpnRule string
sequence_number Sequence number of the IPSecVpnRule

A sequence number is used to give a priority to an IPSecVpnRule.		 int Minimum: 0
sources Source list

List of local subnets. Specifying no value is interpreted
as 0.0.0.0/0.
array of IPSecVpnSubnet Maximum items: 128
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPSecVpnService (schema)

IPSec VPN service

Create and manage IPSec VPN service for given locale service.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
bypass_rules Bypass Policy rules

Bypass policy rules are configured using VPN service.
Bypass rules always have higher priority over protect
rules and they affect all policy based vpn sessions associated
with the IPSec VPN service. Protect rules are defined per
policy based vpn session.
array of IPSecVpnRule
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Enable virtual private network (VPN) service

If true, enable VPN services for given locale service.		 boolean Default: "True"
id Unique identifier of this resource string Sortable
ike_log_level Internet key exchange (IKE) log level

Log level for internet key exchange (IKE).		 string Enum: DEBUG, INFO, WARN, ERROR, EMERGENCY
Default: "INFO"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPSecVpnService string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPSecVpnServiceListRequestParameters (schema)

IPSecVpnService list request parameters

Request parameters to get filtered list of IPSecVpnService.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IPSecVpnServiceListResult (schema)

Paged Collection of IPSecVpnService

Paged Collection of IPSecVpnService.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPSecVpnService list results

IPSecVpnService list results.		 array of IPSecVpnService Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPSecVpnSession (schema)

IPSec VPN session

VPN session defines connection between local and peer endpoint. Until VPN session is defined configuration is not realized. This is an abstract type. Concrete child types:
PolicyBasedIPSecVpnSession
RouteBasedIPSecVpnSession

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
authentication_mode Authentication Mode

Peer authentication mode.
PSK - In this mode a secret key shared between local and
peer sites is to be used for authentication. The secret
key can be a string with a maximum length of 128 characters.
CERTIFICATE - In this mode a certificate defined at the
global level is to be used for authentication.
string Enum: PSK, CERTIFICATE
Default: "PSK"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
compliance_suite Compliance suite

Compliance suite.
string Enum: CNSA, SUITE_B_GCM_128, SUITE_B_GCM_256, PRIME, FOUNDATION, FIPS, NONE
connection_initiation_mode Connection initiation mode

Connection initiation mode used by local endpoint to
establish ike connection with peer site.
INITIATOR - In this mode local endpoint initiates
tunnel setup and will also respond to incoming tunnel
setup requests from peer gateway.
RESPOND_ONLY - In this mode, local endpoint shall only
respond to incoming tunnel setup requests. It shall not
initiate the tunnel setup.
ON_DEMAND - In this mode local endpoint will initiate
tunnel creation once first packet matching the policy
rule is received and will also respond to incoming
initiation request.
string Enum: INITIATOR, RESPOND_ONLY, ON_DEMAND
Default: "INITIATOR"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
dpd_profile_path Dead peer detection (DPD) profile path

Policy path referencing Dead Peer Detection (DPD) profile. Default is set to system default profile.		 string
enabled Enable/Disable IPSec VPN session

Enable/Disable IPSec VPN session.		 boolean Default: "True"
id Unique identifier of this resource string Sortable
ike_profile_path Internet key exchange (IKE) profile path

Policy path referencing IKE profile to be used. Default is set according to system default profile.		 string
local_endpoint_path Local endpoint path

Policy path referencing Local endpoint.		 string Required
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
peer_address IPV4 address of peer endpoint on remote site

Public IPV4 address of the remote device terminating the VPN connection.		 string Required
peer_id Peer id

Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer.		 string Required
psk Pre-shared key

IPSec Pre-shared key. Maximum length of this field is 128 characters.		 string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPSecVpnSession IPSecVpnSessionResourceType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_mss_clamping TCP MSS Clamping

TCP Maximum Segment Size Clamping Direction and Value.
TcpMaximumSegmentSizeClamping
tunnel_profile_path IPSec tunnel profile path

Policy path referencing Tunnel profile to be used. Default is set to system default profile.		 string

IPSecVpnSessionListRequestParameters (schema)

IPSecVpnSession list request parameters

Request parameters to get filtered list of IPSecVpnSession.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IPSecVpnSessionListResult (schema)

Paged Collection of IPSecVpnSession

Paged Collection of IPSecVpnSession.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPSecVpnSession list results

IPSecVpnSession list results.		 array of IPSecVpnSession
(Abstract type: pass one of the following concrete types)
PolicyBasedIPSecVpnSession
RouteBasedIPSecVpnSession		 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPSecVpnSessionResourceType (schema)

Resource types of IPsec VPN session

A Policy Based VPN requires to define protect rules that match
local and peer subnets. IPSec security associations is
negotiated for each pair of local and peer subnet.
A Route Based VPN is more flexible, more powerful and recommended over
policy based VPN. IP Tunnel port is created and all traffic routed via
tunnel port is protected. Routes can be configured statically
or can be learned through BGP. A route based VPN is must for establishing
redundant VPN session to remote site.

Name Description Type Notes
IPSecVpnSessionResourceType Resource types of IPsec VPN session

A Policy Based VPN requires to define protect rules that match
local and peer subnets. IPSec security associations is
negotiated for each pair of local and peer subnet.
A Route Based VPN is more flexible, more powerful and recommended over
policy based VPN. IP Tunnel port is created and all traffic routed via
tunnel port is protected. Routes can be configured statically
or can be learned through BGP. A route based VPN is must for establishing
redundant VPN session to remote site.
string Enum: PolicyBasedIPSecVpnSession, RouteBasedIPSecVpnSession

IPSecVpnSessionStatisticsNsxT (schema)

IPSec VPN session statistics

IPSec VPN session statistics represents statistics on an NSX-T type of enforcement
point. It gives aggregated statistics of all policies for all the tunnels.

Name Description Type Notes
aggregate_traffic_counters Traffic summary

Aggregate traffic statistics across all ipsec tunnels.
IPSecVpnTrafficCounters Readonly
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
ike_status Ike status summary

Status for IPSec VPN Ike session UP/DOWN and fail reason if Ike session is down.
IPSecVpnIkeSessionStatus Readonly
ike_traffic_statistics Ike traffic statistics

Traffic statistics for IPSec VPN Ike session.
IPSecVpnIkeTrafficStatistics Readonly
last_update_timestamp Last updated timestamp

Timestamp when the data was last updated.
EpochMsTimestamp Readonly
policy_statistics IPSec policy statistics

Gives aggregate traffic statistics across all ipsec tunnels and individual tunnel
statistics.
array of IpSecVpnPolicyTrafficStatistics Readonly
resource_type Must be set to the value IPSecVpnSessionStatisticsNsxT string Required
Enum: IPSecVpnSessionStatisticsNsxT

IPSecVpnSessionStatisticsPerEP (schema)

IPSec VPN Session Statistics Per Enforcement Point

IPSec VPN Session Statistics Per Enforcement Point.
This is an abstract type. Concrete child types:
IPSecVpnSessionStatisticsNsxT

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
resource_type string Required
Enum: IPSecVpnSessionStatisticsNsxT

IPSecVpnSessionStatusNsxT (schema)

IPSec VPN session traffic summary

IPSec VPN Session Status represents status on an NSX-T type of enforcement point.

Name Description Type Notes
aggregate_traffic_counters Traffic summary

Aggregate traffic statistics across all ipsec tunnels.		 IPSecVpnTrafficCounters Readonly
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
failed_tunnels Failed tunnels

Number of failed tunnels.		 integer Readonly
ike_status IKE status

Status for IPSec VPN IKE session UP/DOWN and fail reason if IKE session is down.
IPSecVpnIkeSessionStatus Readonly
last_update_timestamp Last updated timestamp

Timestamp when the data was last updated.		 EpochMsTimestamp Readonly
negotiated_tunnels Negotiated tunnels

Number of negotiated tunnels.		 integer Readonly
resource_type Must be set to the value IPSecVpnSessionStatusNsxT string Required
Enum: IPSecVpnSessionStatusNsxT
runtime_status Session Runtime Status

Gives session status consolidated using IKE status and tunnel status. It can
be UP, DOWN, DEGRADED. If IKE and all tunnels are UP status will be UP, if
all down it will be DOWN, otherwise it will be DEGRADED.
string Readonly
Enum: UP, DOWN, DEGRADED
total_tunnels Total tunnels

Total number of tunnels.		 integer Readonly

IPSecVpnSessionStatusPerEP (schema)

IPSec VPN Session Status Per Enforcement Point

IPSec VPN Session Status Per Enforcement Point.
This is an abstract type. Concrete child types:
IPSecVpnSessionStatusNsxT

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
resource_type string Required
Enum: IPSecVpnSessionStatusNsxT

IPSecVpnSubnet (schema)

Subnet for IPSec Policy based VPN

Used to specify the local/peer subnets in IPSec VPN rule.

Name Description Type Notes
subnet Peer or local subnet

Subnet used in policy rule.		 IPv4CIDRBlock Required

IPSecVpnTrafficCounters (schema)

IPSec VPN traffic counters

Traffic counters for IPSec VPN session.

Name Description Type Notes
bytes_in Bytes in

Total number of bytes recevied.		 integer Readonly
bytes_out Bytes out

Total number of bytes sent.		 integer Readonly
dropped_packets_in Dropped incoming packets

Total number of incoming packets dropped on inbound security association.
integer Readonly
dropped_packets_out Dropped outgoing packets

Total number of outgoing packets dropped on outbound security association.
integer Readonly
packets_in Packets in

Total number of packets received.		 integer Readonly
packets_out Packets out

Total number of packets sent.		 integer Readonly

IPSecVpnTransportStatus (schema)

IPSec VPN Session status

Provides IPSec VPN session status.

Name Description Type Notes
resource_type Must be set to the value IPSecVpnTransportStatus string Required
Enum: IPSecVpnTransportStatus
session_status IPSec VPN Session status IPSecVpnSessionStatusNsxT Readonly
transport_tunnel_path Policy path referencing Transport Tunnel

Policy path referencing Transport Tunnel.		 string Readonly

IPSecVpnTunnelInterface (schema)

IP tunnel interface configuration

IP tunnel interface configuration.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_subnets IP Tunnel interface subnet

IP Tunnel interface (commonly referred as VTI) subnet.		 array of TunnelInterfaceIPSubnet Required
Minimum items: 1
Maximum items: 1
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPSecVpnTunnelInterface string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPSecVpnTunnelProfile (schema)

IPSec VPN tunnel profile

IPSec VPN tunnel profile is a reusable profile that captures phase two negotiation parameters and IPSec tunnel properties. Any changes affects all IPSec VPN sessions consuming this profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
df_policy Policy for handling defragmentation bit

Defragmentation policy helps to handle defragmentation bit present in the inner packet. COPY copies the defragmentation bit from the inner IP packet into the outer packet. CLEAR ignores the defragmentation bit present in the inner packet.		 string Enum: COPY, CLEAR
Default: "COPY"
dh_groups Dh group

Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.		 array of DhGroup
digest_algorithms Algorithm for message hash

Algorithm to be used for message digest. Default digest algorithm is implicitly covered by default encryption algorithm "AES_GCM_128".		 array of IPSecDigestAlgorithm
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enable_perfect_forward_secrecy Enable perfect forward secrecy

If true, perfect forward secrecy (PFS) is enabled.		 boolean Default: "True"
encryption_algorithms Encryption algorithm to use in IPSec tunnel establishement

Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.		 array of IPSecEncryptionAlgorithm
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IPSecVpnTunnelProfile string
sa_life_time Security association (SA) life time

SA life time specifies the expiry time of security association. Default is 3600 seconds.		 integer Minimum: 900
Maximum: 31536000
Default: "3600"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPSecVpnTunnelProfileListRequestParameters (schema)

IPSecVpnTunnelProfile list request parameters

Request parameters to get filtered list of IPSecVpnTunnelProfile.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IPSecVpnTunnelProfileListResult (schema)

Paged Collection of IPSecVpnTunnelProfile

Paged Collection of IPSecVpnTunnelProfile.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPSecVpnTunnelProfile list results

IPSecVpnTunnelProfile list results.		 array of IPSecVpnTunnelProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPSet (schema)

Set of one or more IP addresses

IPSet is used to group individual IP addresses, range of IP addresses or subnets.
An IPSet is a homogeneous group of IP addresses, either of type IPv4 or of type
IPv6. IPSets can be used as source or destination in firewall rules. These can
also be used as members of NSGroups.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_addresses IP addresses array of IPElement Maximum items: 4000
resource_type Must be set to the value IPSet string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IPSetDeleteRequestParameters (schema)

IPSet delete request parameters

Name Description Type Notes
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"

IPSetListRequestParameters (schema)

IPSet list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IPSetListResult (schema)

Paged collection of IPSets

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPSet list results array of IPSet Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IPSubnet (schema)

Name Description Type Notes
ip_addresses IP Addresses

All IP addresses, some of which may be automatically
configured. When updating this field, the payload may
contain only the IP addresses that should be changed,
or may contain the IP addresses to change as well as
the automatically assigned addresses.
Currently, only one updatable address and one
system-maintained address are supported.
Currently, the system-maintained address supported is
Extended Unique Identifier(EUI)-64 address.
EUI-64 address is generated by the system only when user
configured ip-subnet has prefix length less than
or equal to 64.
array of IPAddress Required
Minimum items: 1
Maximum items: 2
prefix_length Subnet Prefix Length integer Required
Minimum: 1
Maximum: 128

IPsecVPNIKESessionSummary (schema)

IPSec VPN session status summary

IPSec VPN session status summary, gives total, failed, degraded and established IPSec VPN sessions.

Name Description Type Notes
degraded_sessions Degraded sessions

Number of degraded sessions.		 integer Readonly
established_sessions Established sessions

Number of established sessions.		 integer Readonly
failed_sessions Failed sessions

Number of failed sessions.		 integer Readonly
total_sessions Total sessions

Total sessions configured.		 integer Readonly

IPv4Address (schema)

IPv4 address

Name Description Type Notes
IPv4Address IPv4 address string

IPv4AddressProperties (schema)

IPv4 address properties

Name Description Type Notes
ip_address Interface IPv4 address string Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$"
netmask Interface netmask string Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$"

IPv4CIDRBlock (schema)

IPv4 CIDR Block

Name Description Type Notes
IPv4CIDRBlock IPv4 CIDR Block string

IPv4DhcpServer (schema)

DHCP server to support IPv4 DHCP service

DHCP server to support IPv4 DHCP service. Properties defined at DHCP server
level can be overridden by ip-pool or static-binding level properties.

Name Description Type Notes
dhcp_server_ip DHCP server ip in CIDR format

DHCP server ip in CIDR format.		 IPv4CIDRBlock Required
dns_nameservers DNS ips

Primary and secondary DNS server address to assign host. They can be
overridden by ip-pool or static-binding level property.
array of IPv4Address Minimum items: 0
Maximum items: 2
domain_name Domain name

Host name or prefix to be assigned to host. It can be overridden by
ip-pool or static-binding level property.
string
gateway_ip Gateway ip

Gateway ip to be assigned to host. It can be overridden by ip-pool or
static-binding level property.
IPv4Address
monitor_ippool_usage Enable/disable monitoring DHCP ip-pool usage

Enable or disable monitoring of DHCP ip-pools usage. When enabled, system events are
generated when pool usage exceeds the configured thresholds.
System events can be viewed in REST API /api/v2/hpm/alarms
boolean Default: "False"
options DHCP options

Defines the default options for all ip-pools and static-bindings of this server.
These options will be ignored if options are defined for ip-pools or static-bindings.
DhcpOptions

IPv4DiscoveryOptions (schema)

IPv4 discovery options

Contains IPv4 related discovery options.

Name Description Type Notes
arp_snooping_config ARP snooping configuration

Indicates ARP snooping options		 ArpSnoopingConfig
dhcp_snooping_enabled Is DHCP snooping enabled or not

Indicates whether DHCP snooping is enabled		 boolean Default: "True"
vmtools_enabled Is VM tools enabled or not

Indicates whether fetching IP using vm-tools is enabled.
This option is only supported on ESX where vm-tools is installed.
boolean Default: "True"

IPv6Address (schema)

IPv6 address

Name Description Type Notes
IPv6Address IPv6 address string

IPv6CIDRBlock (schema)

IPv6 CIDR Block

Name Description Type Notes
IPv6CIDRBlock IPv6 CIDR Block string

IPv6DADStatus (schema)

IPv6 DAD status

Name Description Type Notes
ip_address IP address

IP address on the port for which DAD status is reported.
IPAddress Readonly
status DAD Status

DAD status for IP address on the port.
DADStatus Readonly
transport_node Transport node

Array of transport node id on which DAD status is reported for
given IP address.
array of ResourceReference Readonly

IPv6DiscoveryOptions (schema)

IPv6 discovery options

Contains IPv6 related discovery options.

Name Description Type Notes
dhcp_snooping_v6_enabled Is DHCP snoping v6 enabled or not

Enable this method will snoop the DHCPv6 message transaction
which a VM makes with a DHCPv6 server. From the transaction, we
learn the IPv6 addresses assigned by the DHCPv6 server to this VM
along with its lease time.
boolean Default: "False"
nd_snooping_config ND snooping configuration

Indicates ND snooping options		 NdSnoopingConfig
vmtools_v6_enabled Enable this method will learn the IPv6 addresses which are
configured on interfaces of a VM with the help of the VMTools software.
boolean Default: "False"

IPv6Profiles (schema)

Name Description Type Notes
dad_profile_id DAD profile identifier

Identifier of Duplicate Address Detection profile.
DAD profile has various configurations related to duplicate
address detection. If no profile is associated manually to the router,
then the system defined default DAD profile will be automatically
applied.
string
ndra_profile_id NDRA profile identifier

Identifier of Neighbor Discovery Router Advertisement profile.
NDRA profile has various configurations required for router
advertisement. If no profile is associated manually to the router,
then the system defined default NDRA profile will be automatically
applied.
string

IPv6Status (schema)

IPv6 status

Name Description Type Notes
dad_statuses IPv6 DAD status

Array of DAD status which contains DAD information for IP addresses
on the interface.
array of IPv6DADStatus Readonly
interface_id Policy path or realization ID of interface

Policy path or realization ID of interface for which IPv6 DAD
status is returned.
string

IcmpEchoRequestHeader (schema)

Name Description Type Notes
id ICMP id integer Minimum: 0
Maximum: 65535
Default: "0"
sequence ICMP sequence number integer Minimum: 0
Maximum: 65535
Default: "0"

IcmpPolicyLbMonitorProfile (schema)

PolicyLbMonitorProfile for active health checks over ICMP

Active healthchecks are disabled by default and can be enabled for a
server pool by binding a health monitor to the Group through the PolicyLbRule
object. This represents active health monitoring over ICMP.
Active healthchecks are initiated periodically, at a configurable
interval, to each member of the Group. Only if a healthcheck fails
consecutively for a specified number of times (fall_count) to a member will
the member status be marked DOWN. Once a member is DOWN, a specified
number of consecutive successful healt hchecks (rise_count) will bring the
member back to UP state. After a healthcheck is initiated, if it does not
complete within a certain period, then also the healthcheck is considered
to be unsuccessful. Completing a healthcheck within timeout means establishing
a connection (TCP or SSL), if applicable, sending the request and
receiving the response, all within the configured timeout.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count Monitor fall count for active healthchecks

Only if a healthcheck fails consecutively for a specified number of
times, given with fall_count, to a member will the member status be
marked DOWN.
integer Default: "3"
id Unique identifier of this resource string Sortable
interval Monitor interval in seconds for active healthchecks

Active healthchecks are initiated periodically, at a configurable
interval (in seconds), to each member of the Group.
integer Default: "5"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
monitor_port Monitor port for active healthchecks

Typically, monitors perform healthchecks to Group members using the
member IP address and pool_port.
However, in some cases, customers prefer to run healthchecks against a
different port than the pool member port which handles actual
application traffic. In such cases, the port to run healthchecks
against can be specified in the monitor_port value.
int Minimum: 0
Maximum: 65535
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IcmpPolicyLbMonitorProfile string Required
Enum: TcpPolicyLbMonitorProfile, UdpPolicyLbMonitorProfile, IcmpPolicyLbMonitorProfile, HttpPolicyLbMonitorProfile, HttpsPolicyLbMonitorProfile
rise_count Monitor rise count for active healthchecks

Once a member is DOWN, a specified number of consecutive successful
healthchecks specified by rise_count will bring the member back to UP
state.
integer Default: "3"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Monitor timeout in seconds for active healthchecks

Timeout specified in seconds. After a healthcheck is initiated, if it
does not complete within a certain period, then also the healthcheck
is considered to be unsuccessful. Completing a healthcheck within
timeout means establishing a connection (TCP or SSL), if applicable,
sending the request and receiving the response, all within the
configured timeout.
integer Default: "15"

Icon (schema)

Icon

Icon to be applied at dashboard for widgets and UI elements.

Name Description Type Notes
placement Position at which to display icon, if any

If specified as PRE, the icon appears before the UI element. If set as POST, the icon appears after the UI element.		 string Enum: PRE, POST
Default: "PRE"
tooltip Multi-line tooltip

Multi-line text to be shown on tooltip while hovering over the icon.		 array of Tooltip
type Type of icon

Icon will be rendered based on its type. For example, if ERROR is chosen, then icon representing error will be rendered.		 string Enum: ERROR, WARNING, INFO, INPROGRESS, SUCCESS, DETAIL, NOT_AVAILABLE, SECURITY, NETWORKING, LOAD_BALANCER, VPN, DOMAIN, GROUP, DISTRIBUTED_FIREWALL, NETWORKING_TIER0, NETWORKING_TIER1, SEGMENT, SYSTEM, SYSTEM_FABRIC, SYSTEM_BACKUPRESTORE, INVENTORY_GROUPS, SECURITY_DFW

IdentityGroupExpression (schema)

IdentityGroup expression node

Represents a list of identity group (Ad group SID) expressions.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
identity_groups Array of identity group

This array consists of set of identity group object. All members within this array are implicitly OR'ed together.		 array of IdentityGroupInfo Required
Minimum items: 1
Maximum items: 500
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IdentityGroupExpression string Required
Enum: Condition, ConjunctionOperator, NestedExpression, IPAddressExpression, MACAddressExpression, ExternalIDExpression, PathExpression, IdentityGroupExpression
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IdentityGroupInfo (schema)

Identity (Directory) group

Name Description Type Notes
distinguished_name LDAP distinguished name

Each LDAP object is uniquely identified by its distinguished name (DN).
A DN is a sequence of relative distinguished names (RDN) connected by commas.
e.g. CN=Larry Cole,CN=admin,DC=corp,DC=acme,DC=com.
A valid fully qualified distinguished name should be provided to include specific groups else
the create / update realization of the Group containing an invalid/ partial DN will fail.
This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.
string Required
domain_base_distinguished_name Identity (Directory) domain base distinguished name

This is the base distinguished name for the domain where this particular group
resides. (e.g. dc=example,dc=com)
Each active directory domain has a domain naming context
(NC), which contains domain-specific data. The root of
this naming context is represented by a domain's
distinguished name (DN) and is typically referred to as
the NC head.
string Required
sid Identity (Directory) Group SID (security identifier)

A security identifier (SID) is a unique value of variable length
used to identify a trustee. A SID consists of the following components:
The revision level of the SID structure;
A 48-bit identifier authority value that identifies the
authority that issued the SID;
A variable number of subauthority or relative identifier
(RID) values that uniquely identify the trustee relative
to the authority that issued the SID.
This field is only populated for Microsoft Active Directory identity store.
string

IdfwComputeCollectionCondition (schema)

IDFW Compute collection status.

Status of the Identity Firewall enabled Compute collection.

Name Description Type Notes
status IDFW enabled Compute collection status. string Required
Enum: UNKNOWN, UP, DOWN, DFW_DISABLED, IDFW_DISABLED
status_detail Compute collection status.

Status of the Compute collection.		 string

IdfwComputeCollectionListResult (schema)

List of IDFW enabled compute collections connected to VC

List of compute collection ids and status connected to VC.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of IDFW ComputeCollection.

Array of IDFW compute collection Ids and status connected to VC.		 array of IdfwComputeCollectionStatus Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IdfwComputeCollectionStatus (schema)

IDFW compute collection ID and status.

compute collection ID and status connected to VC.

Name Description Type Notes
compute_collection_id IDFW compute collection ID.

IDFW compute collection ID connected to VC.		 string Required
compute_collection_status Compute collection status.

IDFW enabled compute collection status.		 array of IdfwComputeCollectionCondition

IdfwDirGroupUserSessionMapping (schema)

Identity Firewall NSGorup to user mapping to link DirGroup to user session data

Identity Firewall NSGorup to user mapping to link DirGroup to user session data.

Name Description Type Notes
dir_group_id Directory Group ID

Directory Group ID.		 string Required
Readonly
user_id User ID

User ID.		 string Required
Readonly

IdfwEnabledComputeCollection (schema)

Identity Firewall enabled compute collection

Compute collection enabled for Identity Firewall where login events will be
collected.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
compute_collection_id Compute collection ID

Compute collection ID.		 string Required
compute_collection_name Compute collection name

Compute collection name.		 string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Enabled/disabled

Compute collection enabled status (true=Enabled / false=Disabled).		 boolean Required
id Unique identifier of this resource string Sortable
resource_type Must be set to the value IdfwEnabledComputeCollection string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IdfwEnabledComputeCollectionListResult (schema)

Identity Firewall enabled compute collection list

List of compute collections enabled for IDFW where login events will be
collected.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of IDFW Enabled Compute Collections

Array of IDFW Enabled Compute Collections.		 array of IdfwEnabledComputeCollection Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IdfwMasterSwitchSetting (schema)

Identity Firewall master switch setting

Identity Firewall master switch setting. This setting enables or disables
Identity Firewall feature across the system. It affects compute collections,
hypervisor and virtual machines. This operation is expensive and also has big
impact and implication on system perforamce.

Name Description Type Notes
idfw_master_switch_enabled IDFW master switch

IDFW master switch (true=Enabled / false=Disabled).		 boolean Required

IdfwNsgroupVmDetailListResult (schema)

Identity Firewall user login/session data for a single NSGroup

Identity Firewall user login/session data for a single NSGroup.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
ns_group_id NSGroup ID string Required
Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of user login/session data for a single VM array of IdfwVmDetail Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IdfwStandaloneHostsSwitchSetting (schema)

Identity Firewall standalone hosts switch setting

Identity Firewall standalone hosts switch setting. This setting enables or
disables Identity Firewall feature on all standalone hosts.

Name Description Type Notes
standalone_hosts_enabled IDFW standalone hosts switch

IDFW standalone hosts switch (true=Enabled / false=Disabled).		 boolean Required

IdfwSystemStats (schema)

Identity Firewall statistics data

Identity Firewall statistics data.

Name Description Type Notes
num_concurrent_users Number of concurrent logged on users (across VDI & RDSH)

Number of concurrent logged on users (across VDI & RDSH). Multiple
logins by the same user is counted as 1.
int Required
num_user_sessions Number of active user sessions/logins

Number of active user sessions/logins in IDFW enabled compute collections
(including both UP and DOWN hosts). N sessions/logins by the same user
is counted as n.
int Required

IdfwTransportNodeCondition (schema)

IDFW transport node status.

Status of the Identity Firewall Compute Collection's transport node.

Name Description Type Notes
status IDFW TransportNode status.

Transport node status for IDFW compute collection.		 string Required
Enum: UNKNOWN, UP, DOWN, NOT_PREPARED, IDFW_COMPONENT_NOT_INSTALLED, DFW_DISABLED, IDFW_DISABLED
status_detail IDFW transport node condition.

IDFW Compute collection's transport node condition.		 string

IdfwTransportNodeStatus (schema)

IDFW transport node ID and status.

ID and status of the Identity Firewall enabled Compute collection's
transport node.

Name Description Type Notes
transport_node_id IDFW TransportNode ID.

TransportNode ID of the Identity Firewall enabled Compute
collection's transport node.
string Required
transport_node_status IDFW TransportNode status.

Status of the IDFW transport node.		 array of IdfwTransportNodeCondition Required

IdfwTransportNodeStatusListResult (schema)

IDFW enabled Compute collection transport node and status list.

Status of the Identity Firewall enabled Compute collection
transport nodes.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IDFW enabled Compute collection transport node list.

List of transport node ids and status for idfw enabled
Compute collection.
array of IdfwTransportNodeStatus Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IdfwUserSessionData (schema)

Identity Firewall user session data on client machine

Identity Firewall user session data on a client machine (typically a VM).
Multiple entries for the same user can be returned if the user logins to
multiple sessions on the same VM.

Name Description Type Notes
domain_name AD Domain

AD Domain of user.		 string Required
id User session data Identifier

Identifier of user session data.		 string Readonly
login_time Login time

Login time.		 EpochMsTimestamp Required
logout_time Logout time if applicable

Logout time if applicable. An active user session has no logout time.
Non-active user session is stored (up to last 5 most recent entries) per
VM and per user.
EpochMsTimestamp
user_id AD user ID (may not exist)

AD user ID (may not exist).		 string Readonly
user_name AD user name

AD user name.		 string Required
user_session_id User session ID

User session ID. This also indicates whether this is VDI / RDSH.		 int Required
vm_ext_id Virtual machine external ID or BIOS UUID

Virtual machine (external ID or BIOS UUID) where login/logout events occurred.		 string Required
Readonly

IdfwUserSessionDataAndMappings (schema)

Identity Firewall user session data list and Directory Group to user mappings

Identity Firewall user session data list and Directory Group to user mappings.

Name Description Type Notes
active_user_sessions Active user session data list array of IdfwUserSessionData Required
archived_user_sessions Archived user session data list array of IdfwUserSessionData Required
dir_group_to_user_session_data_mappings Directory Group to user session data mappings array of IdfwDirGroupUserSessionMapping Required

IdfwUserStats (schema)

Identity Firewall user login/session data for a single user

Identity Firewall user login/session data for a single user.

Name Description Type Notes
active_sessions List of active (still logged in) user login/sessions data (no limit) array of IdfwUserSessionData Required
archived_sessions List of archived (previously logged in) user login/session data

Optional list of up to 5 most recent archived (previously logged in) user
login/session data.
array of IdfwUserSessionData
user_id AD user Identifier (String ID) string Required
Readonly

IdfwVirtualMachineCondition (schema)

IDFW VM Status.

Status of the Identity Firewall compute collection's VM.

Name Description Type Notes
status VM IDFW Status. string Required
Enum: UNKNOWN, UP, DOWN, VM_TOOLS_NOT_INSTALLED, IDFW_NOT_SUPPORTED, DFW_DISABLED, IDFW_DISABLED
status_detail IDFW VM condition.

IDFW compute collection's VM condition.		 string

IdfwVirtualMachineStatus (schema)

IDFW VM ID and status.

ID and status of the VM on Identity Firewall compute collection.

Name Description Type Notes
vm_id IDFW Virtual Machine ID.

VM ID of the VM on Identity Firewall compute collection.
string Required
vm_status IDFW VM status.

Status of the Identity Firewall compute collection's Virtual Machine.
array of IdfwVirtualMachineCondition Required

IdfwVirtualMachineStatusListResult (schema)

IDFW VM ID and status.

VM ID and status of the Identity Firewall Compute collection.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IDFW Virtual machine list.

List of VM's on Identity Firewall Compute collection.		 array of IdfwVirtualMachineStatus Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IdfwVmDetail (schema)

Identity Firewall user login/session data for a single VM

Identity Firewall user login/session data for a single VM

Name Description Type Notes
last_login_user_session Last logged in user and time (if exists)

Record of the last logged in user session (if exists).		 ResourceReference
user_sessions List of user session data

List of user session data.		 array of IdfwUserSessionData Required
vm_ext_id Virtual machine external ID or BIOS UUID

Virtual machine (external ID or BIOS UUID) where login/logout event occurred.		 string Required
vm_ip_addresses Client VM IP addresses

List of client machine IP addresses.		 array of string

IdfwVmStats (schema)

Identity Firewall user login/session data for a single VM

Identity Firewall user login/session data for a single VM.

Name Description Type Notes
active_sessions List of active (still logged in) user login/sessions data (no limit) array of IdfwUserSessionData Required
archived_sessions Optional list of archived (previously logged in) user login/session data (maximum 5)

Optional list of up to 5 most recent archived (previously logged in) user login/session data.		 array of IdfwUserSessionData
vm_ext_id Virtual machine external ID or BIOS UUID

Virtual machine (external ID or BIOS UUID) where login/logout event occurred.		 string Required

IkeDigestAlgorithm (schema)

Digest Algorithms used in IKE negotiations

The IkeDigestAlgorithms are used to verify message
integrity during Ike negotiation. SHA1 produces 160
bits hash and SHA2_XXX produces XXX bit hash.

Name Description Type Notes
IkeDigestAlgorithm Digest Algorithms used in IKE negotiations

The IkeDigestAlgorithms are used to verify message
integrity during Ike negotiation. SHA1 produces 160
bits hash and SHA2_XXX produces XXX bit hash.
string Enum: SHA1, SHA2_256, SHA2_384, SHA2_512

IkeEncryptionAlgorithm (schema)

Encryption algorithms used in IKE

IKEEncryption algorithms are used to ensure confidentiality of
the messages exchanged during IKE negotiations. AES stands for
Advanced Encryption Standards. AES_128 uses 128-bit keys whereas
AES_256 uses 256-bit keys for encryption and decryption.
AES_GCM stands for Advanced Encryption Standard(AES) in
Galois/Counter Mode(GCM) and is used to provide both
confidentiality and data origin authentication. AES_GCM composed
of two separate functions one for encryption(AES) and one for
authentication(GMAC). AES_GCM algorithms will be available with
IKE_V2 version only.
AES_GCM_128 uses 128-bit keys.
AES_GCM_192 uses 192-bit keys.
AES_GCM_256 uses 256-bit keys.

Name Description Type Notes
IkeEncryptionAlgorithm Encryption algorithms used in IKE

IKEEncryption algorithms are used to ensure confidentiality of
the messages exchanged during IKE negotiations. AES stands for
Advanced Encryption Standards. AES_128 uses 128-bit keys whereas
AES_256 uses 256-bit keys for encryption and decryption.
AES_GCM stands for Advanced Encryption Standard(AES) in
Galois/Counter Mode(GCM) and is used to provide both
confidentiality and data origin authentication. AES_GCM composed
of two separate functions one for encryption(AES) and one for
authentication(GMAC). AES_GCM algorithms will be available with
IKE_V2 version only.
AES_GCM_128 uses 128-bit keys.
AES_GCM_192 uses 192-bit keys.
AES_GCM_256 uses 256-bit keys.
string Enum: AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256

IncludedFieldsParameters (schema)

A list of fields to include in query results

Name Description Type Notes
included_fields Comma separated list of fields that should be included in query result string

Infra (schema)

Infra

Infra space related policy.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
connectivity_strategy Connectivity strategy used by this tenant

This field indicates the default connectivity policy for the infra
or tenant space
WHITELIST - Adds a default drop rule. Administrator can then use "allow"
rules (aka whitelist) to allow traffic between groups
BLACKLIST - Adds a default allow rule. Admin can then use "drop" rules
(aka blacklist) to block traffic between groups
WHITELIST_ENABLE_LOGGING - Whitelising with logging enabled
BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled
NONE - No default rules are added.
string Enum: WHITELIST, BLACKLIST, WHITELIST_ENABLE_LOGGING, BLACKLIST_ENABLE_LOGGING, NONE
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
domains Domains for infra

This field is used while creating or updating the infra space.
array of Domain
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Infra string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IngressBroadcastRateLimiter (schema)

A shaper that specifies ingress rate properties in kb/s

Name Description Type Notes
average_bandwidth Average bandwidth in kb/s int Minimum: 0
Default: "0"
burst_size Burst size in bytes int Minimum: 0
Default: "0"
enabled boolean Required
peak_bandwidth Peak bandwidth in kb/s int Minimum: 0
Default: "0"
resource_type Must be set to the value IngressBroadcastRateLimiter string Required
Enum: IngressRateLimiter, IngressBroadcastRateLimiter, EgressRateLimiter
Default: "IngressRateLimiter"

IngressBroadcastRateShaper (schema)

A shaper that specifies ingress rate properties in kb/s

Name Description Type Notes
average_bandwidth_kbps Average bandwidth in kb/s int Minimum: 0
Default: "0"
burst_size_bytes Burst size in bytes int Minimum: 0
Default: "0"
enabled boolean Required
peak_bandwidth_kbps Peak bandwidth in kb/s int Minimum: 0
Default: "0"
resource_type Must be set to the value IngressBroadcastRateShaper string Required
Enum: IngressRateShaper, IngressBroadcastRateShaper, EgressRateShaper
Default: "IngressRateShaper"

IngressRateLimiter (schema)

A shaper that specifies ingress rate properties in Mb/s

Name Description Type Notes
average_bandwidth Average bandwidth in Mb/s

You can use the average bandwidth to reduce network congestion.		 int Minimum: 0
Default: "0"
burst_size Burst size in bytes

The burst duration is set in the burst size setting.		 int Minimum: 0
Default: "0"
enabled boolean Required
peak_bandwidth Peak bandwidth in Mb/s

The peak bandwidth rate is used to support burst traffic.		 int Minimum: 0
Default: "0"
resource_type Must be set to the value IngressRateLimiter string Required
Enum: IngressRateLimiter, IngressBroadcastRateLimiter, EgressRateLimiter
Default: "IngressRateLimiter"

IngressRateShaper (schema)

A shaper that specifies ingress rate properties in Mb/s

Name Description Type Notes
average_bandwidth_mbps Average bandwidth in Mb/s int Minimum: 0
Default: "0"
burst_size_bytes Burst size in bytes int Minimum: 0
Default: "0"
enabled boolean Required
peak_bandwidth_mbps Peak bandwidth in Mb/s int Minimum: 0
Default: "0"
resource_type Must be set to the value IngressRateShaper string Required
Enum: IngressRateShaper, IngressBroadcastRateShaper, EgressRateShaper
Default: "IngressRateShaper"

InitiateClusterRestoreRequest (schema)

Name Description Type Notes
ip_address IP address or FQDN of the node from which the backup was taken string Readonly
node_id Unique id of the backed-up configuration from which the appliance will be restored string Required
Readonly
timestamp Timestamp of the backed-up configuration from which the appliance will be restored EpochMsTimestamp Required
Readonly

Injection (schema)

Injection

Injection holding a key and a corresponding value.

Name Description Type Notes
key Key

Injection key.		 string Required
value Value

Injection value.		 InjectionValue
(Abstract type: pass one of the following concrete types)
UnaryOperationBasedInjectionValue		 Required

InjectionValue (schema)

Injection Value

Injection Value.
This is an abstract type. Concrete child types:
UnaryOperationBasedInjectionValue

Name Description Type Notes
resource_type Resource Type

Injection Value resource type.
string Required
Enum: UnaryOperationBasedInjectionValue

InstallUpgradeServiceProperties (schema)

install-upgrade service properties

Name Description Type Notes
enabled True if service enabled; otherwise, false boolean Required
enabled_on IP of manager on which install-upgrade is enabled string Readonly

InstalledAppsParameters (schema)

Name Description Type Notes
app_profile_id string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
vm_id string

InstanceDeploymentConfig (schema)

Instance Deployment Config

The Instance Deployment Config contains settings that is applied during install time.

Name Description Type Notes
compute_id compute id

Resource Pool or Compute Id.		 string Required
context_id Context Id

Context Id or VCenter Id.		 string Required
host_id Host id

The service VM will be deployed on the specified host in the
specified server within the cluster if host_id is specified.
Note: You must ensure that storage and specified networks are
accessible by this host.
string
storage_id storage id

Storage Id.		 string Required
vm_nic_infos List of VM NIC information

List of NIC information for VMs		 array of VmNicInfo Required
Minimum items: 1
Maximum items: 2

InstanceEndpoint (schema)

EndPoint of an Instance

An InstanceEndpoint belongs to one ServiceInstance and represents a redirection target for a Rule. For Example - It can be an L3 Destination. Service Attachments is required for a InstanceEndpoint of type LOGICAL, and deployed_to if its a VIRTUAL InstanceEndpoint.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
endpoint_type Instance Endpoint Type

LOGICAL - It must be created with a ServiceAttachment and identifies a destination connected to the Service Port of the ServiceAttachment, through the ServiceAttachment's Logical Switch. VIRTUAL - It represents a L3 destination the router can route to but does not provide any further information about its location in the network. Virtual InstanceEndpoints are used for redirection targets that are not connected to Service Ports, such as the next-hop routers on the Edge uplinks.		 string Enum: LOGICAL, VIRTUAL
Default: "LOGICAL"
id Unique identifier of this resource string Sortable
link_ids Link Id list

Link Ids are mandatory for VIRTUAL Instance Endpoint. Even though VIRTUAL, the Instance Endpoint should be connected/accessible through an NSX object. The link id is this NSX object id. Example - For North-South Service Insertion, this is the LogicalRouter Id through which the targetIp/L3 destination accessible.		 array of ResourceReference Minimum items: 1
Maximum items: 1
resource_type Must be set to the value InstanceEndpoint string
service_attachments Service Attachment list

Id(s) of the Service Attachment where this enndpoint is connected to. Service Attachment is mandatory for LOGICAL Instance Endpoint.		 array of ResourceReference Minimum items: 1
Maximum items: 1
service_instance_id Service instance Id

The Service instancee with which the instance endpoint is associated.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
target_ips Target IPs

Target IPs on an interface of the Service Instance.		 array of IPInfo Required
Minimum items: 1
Maximum items: 1

InstanceEndpointListResult (schema)

Instance Endpoint List

List of instance endpoints.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Instance End Point list

List of instance endpoints.		 array of InstanceEndpoint Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

InstanceRuntime (schema)

Runtime of a Service-Instance.

A Service Runtime is the runtime entity associated with ever Service-VM deployed.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
deployment_status Instance Runtime deployment status

Service-Instance Runtime deployment status of the Service-VM. It shows the latest status during the process of deployment, redeploy, upgrade, and un-deployment of VM.		 string Readonly
Enum: DEPLOYMENT_IN_PROGRESS, DEPLOYMENT_FAILED, DEPLOYMENT_SUCCESSFUL, UPGRADE_IN_PROGRESS, UPGRADE_FAILED, UNDEPLOYMENT_IN_PROGRESS, UNDEPLOYMENT_FAILED, UNDEPLOYMENT_SUCCESSFUL, UNKNOWN
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
error_message Error Message

Error message for the Service Instance Runtime if any.		 string Readonly
id Unique identifier of this resource string Sortable
maintenance_mode Instance Runtime maintenance mode

The maintenance mode indicates whether the corresponding service VM
is in maintenance mode. The service VM will not be used to service
new requests if it is in maintenance mode.
string Readonly
Enum: OFF, ENTERING, ON, EXITING
resource_type Must be set to the value InstanceRuntime string
runtime_health_status_by_partner Instance runtime health status set by partner

Service-Instance runtime health status set by partner to indicate
whether the service is running properly or not.
string Readonly
Enum: HEALTHY, STOPPED, NOT_RESPONDING
runtime_status Instance Runtime Status

Service-Instance Runtime status of the deployed Service-VM.		 string Readonly
Enum: IN_SERVICE, OUT_OF_SERVICE, NEEDS_ATTENTION, NOT_AVAILABLE
service_instance_id Service instance id

Id of an instantiation of a registered service.		 string Readonly
service_vm_id Service VM id

Service-VM/SVM id of deployed virtual-machine.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
unhealthy_reason Reason for service status when unhealthy

Reason provided by partner for the service being unhealthy. This could be due
to various reasons such as connectivity lost as an example.
string Readonly
vm_nic_info VM NIC info VmNicInfo Readonly

InstanceRuntimeListResult (schema)

InstanceRuntime list result

Result of List of InstanceRuntimes

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Results

Array of existing InstanceRuntimes in database
array of InstanceRuntime Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

InstanceRuntimeStatistic (schema)

Instance runtime statistic

Statistics for data NICs on an instance runtime

Name Description Type Notes
interface_statistics List of statistics for all NICs

List of statistics for all data NICs on a runtime.		 array of RuntimeInterfaceStatistics Readonly
primary_runtime_stats Specifies whether statistics are for primary

Specifies whether statistics are for primary runtime.
boolean Readonly
runtime_id Id of the instance runtime

Id of the instance runtime		 string Readonly
runtime_name Name of the instance runtime

Name of the instance runtime		 string Readonly

InstanceStats (schema)

Instance statistics

Stores statistics of the instances like MANAGED and UNMANAGED instances.

Name Description Type Notes
error Error Instances

The number of instances with status ERROR.		 integer Readonly
managed Managed Instances

The number of instances with status MANAGED.		 integer Readonly
powered_off Powered Off Instances

The number of instances with status POWERED OFF.		 integer Readonly
total Total number of instances

The total number of instances.		 integer Readonly
unmanaged Unmanaged Instances

The number of instances with status UNMANAGED.		 integer Readonly
vcpus Virtual CPUs

The number of virtual CPUs.		 integer Readonly

InstructionInfo (schema)

Details of the instructions displayed during restore process

Name Description Type Notes
actions Actions list

A list of actions that are to be applied to resources		 array of string Required
Readonly
fields Displayable fields

A list of fields that are displayable to users in a table		 array of string Required
Readonly
id UUID of the instruction string Required
Readonly
name Instruction name string Required
Readonly

IntelligenceBrokerEndpointInfo (schema)

NSX-Intelligence broker endpoint

An endpoint to connect to NSX-Intelligence broker.
Either FQDN or IP address can be used in the endpoint info.

Name Description Type Notes
address Broker address

The IP address or the full qualified domain name of broker.
string Required
port Broker port number

The port number where the broker is listening to.
integer Required
Minimum: 1
Maximum: 65535

IntelligenceClusterNodeVMDeletionParameters (schema)

Parameters for DeleteAutoDeployedIntelligenceClusterNodeVM

Parameters for deletion of a NSX-Intelligence cluster node VM.

Name Description Type Notes
force_delete Delete by force

If true, the VM will be undeployed even if it cannot be removed
from its cluster.
boolean

IntelligenceClusterNodeVMDeploymentConfig (schema)

Configuration for deploying NSX-Intelligence cluster node VM

Contains info used to configure the VM on deployment

Name Description Type Notes
placement_type Type of deployment

Specifies the config for the platform through which to deploy the VM
string Required
Enum: IntelligenceVsphereClusterNodeVMDeploymentConfig

IntelligenceClusterNodeVMDeploymentRequest (schema)

Info for NSX-Intelligence node deployment request

Contains the deployment information for a NSX-Intelligence node VM.

Name Description Type Notes
deployment_config Deployment config for NSX-Intelligence cluster node VM

Info needed to configure a NSX-Intelligence cluster node VM at deployment for a
specific platform.
IntelligenceClusterNodeVMDeploymentConfig
(Abstract type: pass one of the following concrete types)
IntelligenceClusterNodeVMDeploymentConfig
IntelligenceVsphereClusterNodeVMDeploymentConfig		 Required
form_factor Form factor for NSX-Intelligence VMs

Specifies the desired "size" of the VM
IntelligenceClusterNodeVMFormFactor Default: "SMALL"
user_settings User settings for the VM

Username and password settings for the NSX-Intelligence node VM.
Passwords must be at least 12 characters in length and contain at
least one lowercase, one uppercase, one numerical, and one special
character.
Note: These settings will be honored only during VM deployment.
Post-deployment, CLI must be used for changing the user settings and
changes to these parameters will not have any effect.
NodeUserSettings Required
vm_id ID of VM used to recognize it

ID of the VM maintained internally.
Note: This is automatically generated and cannot be modified.
string Readonly

IntelligenceClusterNodeVMDeploymentRequestList (schema)

IntelligenceClusterNodeVMDeploymentRequest list

List of IntelligenceClusterNodeVMDeploymentRequests

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Results

Array of existing IntelligenceClusterNodeVMDeploymentRequests
array of IntelligenceClusterNodeVMDeploymentRequest Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IntelligenceClusterNodeVMDeploymentStatusReport (schema)

Report of a VM's deployment status

Contains up-to-date information relating to an auto-deployed VM, including
its status and (potentially) an error message.

Name Description Type Notes
failure_code Error code for failure

In case of auto-deployment-related failure, the code for the error will
be stored here.
integer
failure_message Error message for failure

In case of auto-deployment-related failure, an error message will be
stored here.
string
status Auto-deployed VM's deployment status

Status of the addition or deletion of an auto-deployed NSX-Intelligence cluster node VM.
string Required
Enum: NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, VM_POWER_ON_SUCCESSFUL, VM_REGISTRATION_FAILED, VM_WAITING_TO_COME_ONLINE, VM_ONLINE_FAILED, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, WAITING_TO_UNDEPLOY_VM, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, UNKNOWN_STATE

IntelligenceClusterNodeVMFormFactor (schema)

Supported VM form factor for NSX-Intelligence cluster nodes

Specifies the desired "size" of the VM. Affects number of virtual CPUs
and/or memory size given to the new cluster node VM.

Name Description Type Notes
IntelligenceClusterNodeVMFormFactor Supported VM form factor for NSX-Intelligence cluster nodes

Specifies the desired "size" of the VM. Affects number of virtual CPUs
and/or memory size given to the new cluster node VM.
string Enum: SMALL, LARGE

IntelligenceFlowPrivateIpPrefixInfo (schema)

NSX-Intelligence flow private IP prefix

An IP prefix to mark the private network that NSX-Intelligence
network flow is collected from.

Name Description Type Notes
address IP address

The prefix of IP address that marks the range of private network.
IPAddress Required
address_type IP address type

The type of IP address.
string Required
Enum: IPV4, IPV6
prefix_length IP prefix length

The length of IP address prefix that marks the range of private network.
integer Required
Minimum: 1
Maximum: 128

IntelligenceHostConfigurationInfo (schema)

NSX-Intelligence host configuration

NSX-Intelligence configuration that can be applied to host nodes.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
broker_bootstrap_servers List of NSX-Intelligence broker endpoints

List of NSX-Intelligence broker endpoints that host nodes contact initially.
array of IntelligenceBrokerEndpointInfo
broker_certificate Broker certificate

A broker certificate to verify the identity of brokers.
string
broker_truststore Broker truststore

A truststore to establish the trust between NSX and NSX-Intelligence brokers.
string
context_data_collection_interval VM guest context data collection interval

Interval in minute of reporting VM guest context data to NSX-Intelligence.
integer Maximum: 1440
context_process_hashes List of hashes of processes to collect context data

List of hashes of processes to collect context data.
Empty implies all processes.
array of string
context_process_names List of processes to collect context data

List of processes to collect context data.
Empty implies all processes.
array of string
context_user_sids List of windows user sid to collect context data

List of windows user sid to collect context data.
Empty implies all users.
array of string
context_user_uids List of linux user uid to collect context data

List of linux user uid to collect context data.
Empty implies all users.
array of string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enable_data_collection Enable data collection

Enable NSX-Intelligence data collection in host nodes.
boolean
flow_data_collection_interval Network flow data collection interval

Interval in minute of reporting network flow data to NSX-Intelligence.
integer Minimum: 1
Maximum: 1440
id Unique identifier of this resource string Sortable
max_active_flow_count Maximum active network flow

Maximum active network flow to collect in collection interval.
integer Minimum: 1
Maximum: 5000000
max_inactive_flow_count Maximum inactive network flow

Maximum inactive network flow to collect in collection interval.
integer Minimum: 1
Maximum: 5000000
private_ip_prefix List of private IP prefix

List of private IP prefix that NSX-Intelligence network flow
is collected from.
array of IntelligenceFlowPrivateIpPrefixInfo
resource_type Must be set to the value IntelligenceHostConfigurationInfo string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IntelligenceVsphereClusterNodeVMDeploymentConfig (schema)

Deployment config on the Vsphere platform

The Vsphere deployment configuration determines where to deploy the
NSX-Intelligence cluster node VM through a vCenter server. It contains settings that are
applied during install time.
If using DHCP, the following fields must be left unset - dns_servers,
management_port_subnets, and default_gateway_addresses

Name Description Type Notes
allow_ssh_root_login Allow root SSH logins.

If true, the root user will be allowed to log into the VM.
Allowing root SSH logins is not recommended for security reasons.
boolean Default: "False"
compute_id Cluster identifier or resourcepool identifier

The NSX-Intelligence cluster node VM will be deployed on the specified cluster or
resourcepool for specified VC server.
string Required
default_gateway_addresses Default gateway for the VM

The default gateway for the VM to be deployed must be specified if all
the other VMs it communicates with are not in the same subnet.
Do not specify this field and management_port_subnets to use DHCP.
Note: only single IPv4 default gateway address is supported and it
must belong to management network.
IMPORTANT: VMs deployed using DHCP are currently not supported,
so this parameter should be specified.
array of IPAddress Minimum items: 1
Maximum items: 1
display_name NSX-Intelligence VM display name

Desired display name for NSX-Intelligence VM to be deployed
string
dns_servers DNS servers.

List of DNS servers.
If DHCP is used, the default DNS servers associated with
the DHCP server will be used instead.
Required if using static IP.
array of IPv4Address Minimum items: 1
enable_ssh Enable SSH.

If true, the SSH service will automatically be started on the VM.
Enabling SSH service is not recommended for security reasons.
boolean Default: "False"
host_id Host identifier

The NSX-Intelligence cluster node VM will be deployed on the specified host in the
specified VC server within the cluster if host_id is specified.
Note: User must ensure that storage and specified networks are
accessible by this host.
string
hostname Host name or FQDN for the VM

Desired host name/FQDN for the VM to be deployed
string Required
Pattern: "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*?$"
management_network_id Portgroup identifier for management network connectivity

Distributed portgroup identifier to which the management vnic of
NSX-Intelligence cluster node VM will be connected.
string Required
management_port_subnets Port subnets for management port

IP Address and subnet configuration for the management port.
Do not specify this field and default_gateway_addresses to use DHCP.
Note: only one IPv4 address is supported for the management port.
IMPORTANT: VMs deployed using DHCP are currently not supported,
so this parameter should be specified.
array of IPSubnet Minimum items: 1
Maximum items: 1
ntp_servers NTP servers.

List of NTP servers.
To use hostnames, a DNS server must be defined. If not using DHCP,
a DNS server should be specified under dns_servers.
array of HostnameOrIPv4Address
ovf_url URL of the ovf file to deploy

The NSX-Intelligence cluster node VM OVF URL to download and install the OVF file.
string Required
placement_type Must be set to the value IntelligenceVsphereClusterNodeVMDeploymentConfig string Required
Enum: IntelligenceVsphereClusterNodeVMDeploymentConfig
storage_id Storage/datastore identifier

The NSX-Intelligence cluster node VM will be deployed on the specified datastore in
the specified VC server. User must ensure that storage is accessible
by the specified cluster/host.
string Required
vc_id Vsphere compute identifier for identifying VC server

The VC-specific identifiers will be resolved on this VC, so all other
identifiers specified in the config must belong to this vCenter server.
string Required

IntentEnforcementPointListRequestParams (schema)

List request parameters containing intent path and enforcement point path

List request parameters containing intent path and enforcement point path

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
enforcement_point_path String Path of the enforcement point

The path of the enforcement point from which the list of groups needs
to be fetched. Forward slashes must be escaped using %2F. If no enforcement
point path is specified, the default enforcement point is considered
string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
intent_path String path of the intent object string Required
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IntentPathRequestParameter (schema)

Parameter to filter realized entities by intent path

Intent path for which state/realized entities would be fetched.

Name Description Type Notes
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F
string Required

IntentRuntimeRequestParameters (schema)

Request Parameters for Intent Runtime Information

Request parameters that represents a an intent path.

Name Description Type Notes
intent_path Policy Path of the intent object

Policy Path referencing an intent object.
string Required

IntentStatusRequestParameters (schema)

Request Parameters for Intent Status Information

Request parameters that represents a binding between an intent path and whether the
enforcement point specific status shall be retrieved from the enforcement point or
not. A request can be parameterized with this pair and will be evaluated as follows:
- : the request is evaluated on all enforcement points for the given
intent with no enforced statuses' details returned.
- : the request is evaluated on all
enforcement points for the given intent with enforced statuses' details returned.

Name Description Type Notes
include_enforced_status Include Enforced Status Flag

Flag conveying whether to include detailed view of the enforcement point specific
status or not.
boolean Default: "False"
intent_path Policy Path of the intent object

Policy Path referencing an intent object.
string Required

InterSRRoutingConfig (schema)

Inter SR IBGP configuration

Name Description Type Notes
enabled Flag to enable inter SR IBGP

While creation of BGP config this flag will be set to
- true for Tier0 logical router with Active-Active high-availability
mode
- false for Tier0 logical router with Active-Standby high-availanility
mode.
User can change this value while updating inter-sr config.
boolean Default: "True"

InterfaceNeighborProperties (schema)

Interface neighbor properties

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ifindex Interface index integer Required
Readonly
mac Interface MAC address string Required
Readonly
Pattern: "^[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}$"
name Interface Name string Required
Readonly
neighbors Neighbor properties array of NeighborProperties Readonly
resource_type Must be set to the value InterfaceNeighborProperties string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

InterfaceNeighborPropertyListResult (schema)

Interface neighbor property query results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Interface neighbor property results array of InterfaceNeighborProperties
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

InterfaceSubnet (schema)

Subnet specification for interface connectivity

Name Description Type Notes
ip_addresses IP addresses assigned to interface array of IPAddress Required
prefix_len Subnet prefix length int Required
Minimum: 1
Maximum: 128

IntervalBackupSchedule (schema)

Schedule to specify the interval time at which automated backups need to be taken

Name Description Type Notes
resource_type Must be set to the value IntervalBackupSchedule string Required
Enum: WeeklyBackupSchedule, IntervalBackupSchedule
seconds_between_backups Time interval in seconds between two consecutive automated backups integer Minimum: 300
Maximum: 86400
Default: "3600"

InventoryConfig (schema)

Name Description Type Notes
compute_managers_soft_limit Soft limit on number of compute managers

Soft limit on number of compute managers, which can be added, beyond which,
addition of compute managers will result in warning getting logged
int Required

IpAddressAllocation (schema)

Parameters for IP allocation

Allocation parameters for the IP address (e.g. specific IP address) can be specified. Tags, display_name and description attributes are not supported in this release.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
allocation_ip Address that is allocated from pool IPAddress Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IpAddressAllocation string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpAddressAllocationListResult (schema)

List of IP address allocations

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of IpAddressAllocations array of IpAddressAllocation
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IpAddressBlock (schema)

IP address space represented by network address and prefix

A block of IP addresses defined by a start address and a mask/prefix (network CIDR). An IP block is typically large & allocated to a tenant for automated consumption. An IP block is always a contiguous address space, for example 192.0.0.1/8. An IP block can be further subdivided into subnets called IP block subnets. These IP block subnets can be added to IP pools and used for IP allocation.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
cidr A contiguous IP address space represented by network address and prefix length

Represents a network address and the prefix length which will be associated with a layer-2 broadcast domain. Support only IPv4 CIDR.		 string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IpAddressBlock string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpAddressBlockListResult (schema)

Paged collection of IpAddressBlocks

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IpAddressBlock list results array of IpAddressBlock Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IpAddressInfo (schema)

Ipaddress information of the fabric node.

Name Description Type Notes
ip_addresses IP Addresses of the the virtual network interface, as discovered in the source. array of IPAddress Required
Readonly
source Source of the ipaddress information. string Required
Readonly
Enum: VM_TOOLS

IpAddressPool (schema)

A collection of IP subnets

IpAddressPool is a collection of subnets. The subnets can either be derived from an IpBlock or specified by the user. User can request for IP addresses to be allocated from a pool. When an IP is requested from a pool, the IP that is returned can come from any subnet that belongs to the pool.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IpAddressPool string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpAddressPoolBlockSubnet (schema)

IpAddressPoolSubnet dynamically carved out of a IpAddressBlock

This type of subnet allows user to dynamically carve a subnet out of a preconfigured IpAddressBlock. The user must specify the size of the subnet and the IpAddressBlock from which the subnet is to be derived. If the required amount of IP adress space is available in the specified IpAddressBlock, the system automatically configures subnet range.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
auto_assign_gateway Indicate whether default gateway is to be reserved from the range

If this property is set to true, the first IP in the range will be reserved for gateway.		 boolean Default: "True"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_block_path The path of the IpAddressBlock from which the subnet is to be created. string Required
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IpAddressPoolBlockSubnet IpAddressPoolSubnetType Required
size Represents the size or number of IP addresses in the subnet

The size parameter is required for subnet creation. It must be specified during creation but cannot be changed later.		 integer Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpAddressPoolListResult (schema)

Paged collection of IpAddressPools

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IpAddressPool list results array of IpAddressPool Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IpAddressPoolStaticSubnet (schema)

IpAddressPoolSubnet statically configured by a user

This type of subnet is statically configured by the user. The user provides the range details and the gateway for the subnet.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
allocation_ranges A collection of IPv4 or IPv6 IP Pool Ranges. array of IpPoolRange Required
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
cidr Subnet representation is a network address and prefix length string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
dns_nameservers The collection of upto 3 DNS servers for the subnet. array of IPAddress Maximum items: 3
dns_suffix The DNS suffix for the DNS server. string
gateway_ip The default gateway address on a layer-3 router. IPAddress
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IpAddressPoolStaticSubnet IpAddressPoolSubnetType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpAddressPoolSubnet (schema)

Abstract class for IpSubnet in a IpAddressPool

IpAddressPoolSubnet can either be carved out of a PolicyBlock or statically specified by the user. In the first case where the subnet is carved out of a IpAddressBlock, the user must specify the ID of the block from which this subnet is to be derived. This block must be pre-created. The subnet range is auto populated by the system. In the second case, the user configures the subnet range directly. No IpAddressBlock is required. This is an abstract type. Concrete child types:
IpAddressPoolBlockSubnet
IpAddressPoolStaticSubnet

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value IpAddressPoolSubnet IpAddressPoolSubnetType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpAddressPoolSubnetListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IP Pool subnet list results array of IpAddressPoolSubnet
(Abstract type: pass one of the following concrete types)
IpAddressPoolBlockSubnet
IpAddressPoolStaticSubnet		 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IpAddressPoolSubnetType (schema)

Type of IpAddressPoolSubnet

IpAddressPoolSubnet can either be carved out of a PolicyBlock or statically specified. A subnet to be carved out of a IpAddressBlock is of type IpAddressPoolBlockSubnet A subnet statically specified by the user is of type IpAddressPoolStaticSubnet

Name Description Type Notes
IpAddressPoolSubnetType Type of IpAddressPoolSubnet

IpAddressPoolSubnet can either be carved out of a PolicyBlock or statically specified. A subnet to be carved out of a IpAddressBlock is of type IpAddressPoolBlockSubnet A subnet statically specified by the user is of type IpAddressPoolStaticSubnet		 string Enum: IpAddressPoolBlockSubnet, IpAddressPoolStaticSubnet

IpAllocationBase (schema)

Base type of ip-allocation

Base type of ip-allocation extended by ip pool and static binding.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
gateway_ip Gateway ip

Gateway ip address of the allocation.		 IPAddress
id Unique identifier of this resource string Sortable
lease_time Lease time

Lease time, in seconds, [60-(2^32-1)]. Default is 86400.		 integer Minimum: 60
Maximum: 4294967295
Default: "86400"
options DHCP options

If an option is defined at server level and not configred at
ip-pool/static-binding level, the option will be inherited to
ip-pool/static-binding. If both define a same-code option, the
option defined at ip-pool/static-binding level take precedence
over that defined at server level.
DhcpOptions
resource_type Must be set to the value IpAllocationBase string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpAssignmentSpec (schema)

Abstract base type for specification of IPs to be used with host switch virtual tunnel endpoints

This is an abstract type. Concrete child types:
AssignedByDhcp
StaticIpListSpec
StaticIpMacListSpec
StaticIpPoolSpec

Name Description Type Notes
resource_type string Required
Enum: StaticIpPoolSpec, StaticIpListSpec, AssignedByDhcp, StaticIpMacListSpec

IpBlock (schema)

A block of IPv4 addresses defined by a start address and a mask/prefix (network CIDR). An IP block is typically large & allocated to a tenant for automated consumption. An IP block is always a contiguous address space, for example 192.0.0.1/8. An IP block can be further subdivided into subnets called IP block subnets. These IP block subnets can later be added to IP pools and used for IP allocation. An IP pool is typically a collection of subnets that are often not a contiguous address space. Clients are allocated IP addresses only from IP pools. Sample Structure Diagram IpBlock_VMware 192.0.0.1/8 ======================================================================= / ___________________________________________/________ / IpBlockSubnet_Finance ( IpBlockSubnet_Eng1 IpBlockSubnet_Eng2 / ) / 192.168.0.1/16 ( 192.170.1.1/16 192.180.1.1/24 / ) IpPool_Eng / (___________________________________________/________) / / =======================================================================

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
cidr Represents network address and the prefix length which will be associated with a layer-2 broadcast domain string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value IpBlock string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpBlockListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IP block list results array of IpBlock Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IpBlockSubnet (schema)

A set of IPv4 addresses defined by a start address and a mask/prefix which will typically be associated with a layer-2 broadcast domain.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
allocation_ranges A collection of IPv4 IP ranges used for IP allocation. array of IpPoolRange Readonly
block_id Block id for which the subnet is created. string Required
cidr Represents network address and the prefix length which will be associated with a layer-2 broadcast domain string Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value IpBlockSubnet string
size Represents the size or number of ip addresses in the subnet integer Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpBlockSubnetListRequestParameters (schema)

Name Description Type Notes
block_id string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IpBlockSubnetListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IP block subnet list results array of IpBlockSubnet Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IpDiscoverySwitchingProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
arp_bindings_limit Number of IP addresses to be snooped via ARP snooping

Indicates the number of arp snooped IP addresses to be remembered per LogicalPort. Decreasing this value, will retain the latest bindings from the existing list of address bindings. Increasing this value will retain existing bindings and also learn any new address bindings discovered on the port until the new limit is reached. This limit only applies to IPv4 addresses and is independent of the nd_bindings_limit used for IPv6 snooping.		 int Minimum: 1
Maximum: 256
Default: "1"
arp_nd_binding_timeout ARP and ND cache timeout (in minutes)

This property controls the ARP and ND cache timeout period.It
is recommended that this property be greater than the ARP/ND
cache timeout on the VM.
int Minimum: 5
Maximum: 120
Default: "10"
arp_snooping_enabled Indicates whether ARP snooping is enabled boolean Default: "True"
description Description of this resource string Maximum length: 1024
Sortable
dhcp_snooping_enabled Indicates whether DHCP snooping is enabled boolean Default: "True"
dhcpv6_snooping_enabled Indicates if stateful DHCPv6 snooping is enabled

This option is the IPv6 equivalent of DHCP snooping.		 boolean Default: "False"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
duplicate_ip_detection Controls whether duplicate IP detection should be enabled

Duplicate IP detection is used to determine if there is any IP conflict
with any other port on the same logical switch. If a conflict is detected,
then the IP is marked as a duplicate on the port where the IP was
discovered last. The duplicate IP will not be added to the realized
address binings for the port and hence will not be used in DFW rules or
other security configurations for the port.
DuplicateIPDetection
id Unique identifier of this resource string Sortable
nd_bindings_limit Number of IP addresses to be snooped via neighbor-discovery(ND) snooping

Indicates the number of neighbor-discovery snooped IP addresses to be remembered per LogicalPort. Decreasing this value, will retain the latest bindings from the existing list of address bindings. Increasing this value will retain existing bindings and also learn any new address bindings discovered on the port until the new limit is reached. This limit only applies to IPv6 addresses and is independent of the arp_bindings_limit used for IPv4 snooping.		 int Minimum: 2
Maximum: 15
Default: "3"
nd_snooping_enabled Indicates if neighbor discovery snooping is enabled

This option is the IPv6 equivalent of ARP snooping.		 boolean Default: "False"
required_capabilities array of string Readonly
resource_type Must be set to the value IpDiscoverySwitchingProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
trust_on_first_use_enabled Controls whether trust-on-first-use should be enabled

ARP snooping being inherently susceptible to ARP spoofing,
uses a turst-on-fisrt-use (TOFU) paradigm where only the first IP address
discovered via ARP snooping is trusted. The remaining are ignored.
In order to allow for more flexibility, we allow the user to
configure how many ARP snooped address bindings should be trusted
for the lifetime of the logical port. This is controlled by the
arp_bindings_limit property in the IP Discovery profile. We refer
to this extension of TOFU as N-TOFU.
However, if TOFU is disabled, then N ARP snooped IP addresses will
be trusted until they are timed out, where N is configured by
arp_bindings_limit.
boolean Default: "True"
vm_tools_enabled Indicates whether fetching IP using vm-tools is enabled

This option is only supported on ESX where vm-tools is installed.		 boolean Default: "True"
vm_tools_v6_enabled Indicates whether fetching IPv6 addresses using vm-tools is enabled

This option is only supported on ESX where vm-tools is installed.		 boolean Default: "False"

IpMacPair (schema)

IP and MAC pair.

Name Description Type Notes
ip IP address IPAddress Required
mac MAC address MACAddress

IpMappingsListRequestParameters (schema)

These paramaters will be used to filter the list of IP allocation mappings.
Multiple parameters can be given as input to 'AND' them.

Name Description Type Notes
cloud_account_id Cloud Account ID

ID of the Cloud Account in which the IPs are allocated.
string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
display_name Name of IP Mappings

Name of IP Mappings.
string
included_fields Comma separated list of fields that should be included in query result string
ip_allocation_type IP allocation type

Based on the type, IP allocation will be done accordingly.
Legal values are PAS and NAT.
string Enum: PAS, NAT
Default: "PAS"
mapping_id Mapping ID

ID of the mapping returned in IP allocation request.
string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IpPool (schema)

A collection of one or more IPv4 or IPv6 subnets or ranges that are often not a contiguous address space. Clients are allocated IPs from an IP pool. Often used when a client that consumes addresses exhausts an initial subnet or range and needs to be expanded but the adjoining address space is not available as it has been allocated to a different client.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
pool_usage Pool usage statistics PoolUsage Readonly
resource_type Must be set to the value IpPool string
subnets The collection of one or more subnet objects in a pool

Subnets can be IPv4 or IPv6 and they should not overlap. The maximum number will not exceed 5 subnets.		 array of IpPoolSubnet Maximum items: 5
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpPoolDeleteRequestParameters (schema)

IpPool delete request parameters

Name Description Type Notes
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"

IpPoolListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IP pool list results array of IpPool Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IpPoolRange (schema)

A set of IPv4 or IPv6 addresses defined by a start and end address.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
end The end IP Address of the IP Range. IPAddress Required
start The start IP Address of the IP Range. IPAddress Required

IpPoolSubnet (schema)

A set of IPv4 or IPv6 addresses defined by a network CIDR.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
allocation_ranges A collection of IPv4 or IPv6 IP Pool Ranges. array of IpPoolRange Required
cidr Represents network address and the prefix length which will be associated with a layer-2 broadcast domain string Required
dns_nameservers The collection of upto 3 DNS servers for the subnet. array of IPAddress Maximum items: 3
dns_suffix The DNS suffix for the DNS server. string
gateway_ip The default gateway address on a layer-3 router. IPAddress

IpSecVpnPolicyTrafficStatistics (schema)

IPSec VPN policy traffic statistics

IPSec VPN policy traffic statistics

Name Description Type Notes
aggregate_traffic_counters Traffic summary

Aggregate traffic statistics across all IPSec tunnels.		 IPSecVpnTrafficCounters Readonly
rule_path IPSec VPN Rule path

Policy path referencing the IPSec VPN Rule.		 string Readonly
tunnel_interface_path IPSec VPN Tunnel Interface path

Policy path referencing the IPSec VPN Tunnel Interface.		 string Readonly
tunnel_statistics Tunnel statistics

Tunnel statistics.		 array of IpSecVpnTunnelTrafficStatistics Readonly

IpSecVpnTunnelTrafficStatistics (schema)

IPSec VPN tunnel traffic statistics

IPSec VPN tunnel traffic statistics.

Name Description Type Notes
bytes_in Bytes in

Total number of incoming bytes on inbound Security association.
integer Readonly
bytes_out Bytes out

Total number of outgoing bytes on outbound Security association.
integer Readonly
decryption_failures Decryption failures

Total number of packets dropped due to decryption failures.
integer Readonly
dropped_packets_in Dropped incoming packets

Total number of incoming packets dropped on inbound security association.
integer Readonly
dropped_packets_out Dropped outgoing packets

Total number of outgoing packets dropped on outbound security association.
integer Readonly
encryption_failures Encryption failures

Total number of packets dropped because of failure in encryption.
integer Readonly
integrity_failures Integrity failures

Total number of packets dropped due to integrity failures.
integer Readonly
local_subnet Local subnet

Tunnel local subnet in IPv4 CIDR Block format.
string Readonly
nomatching_policy_errors Nomatching Policy errors

Number of packets dropped because of no matching policy is available.
integer Readonly
packets_in Packets in

Total number of incoming packets on inbound Security association.
integer Readonly
packets_out Packets out

Total number of outgoing packets on outbound Security association.
integer Readonly
packets_received_other_error Packets received other error

Total number of incoming packets dropped on inbound Security association.
integer Readonly
packets_sent_other_error Packets sent other error

Total number of packets dropped while sending for any reason.
integer Readonly
peer_subnet Peer subnet

Tunnel peer subnet in IPv4 CIDR Block format.
string Readonly
replay_errors Replay errors

Total number of packets dropped due to replay check on that Security association.
integer Readonly
sa_mismatch_errors_in Security association mismatch errors on incoming packets.

Totoal number of security association mismatch errors on incoming packets.
integer Readonly
sa_mismatch_errors_out Security association mismatch errors on outgoing packets

Totoal number of security association mismatch errors on outgoing packets.
integer Readonly
seq_number_overflow_error Sequence number overflow error

Total number of packets dropped while sending due to overflow in sequence number.
integer Readonly
tunnel_down_reason Tunnel down reason

Gives the detailed reason about the tunnel when it is down. If tunnel
is UP tunnel down reason will be empty.
string Readonly
tunnel_status Tunnel Status

Specifies the status of tunnel, if it is UP/DOWN.
string Readonly
Enum: UP, DOWN

IpfixCollector (schema)

Name Description Type Notes
collector_ip_address IP address for the IPFIX collector IPAddress Required
collector_port Port for the IPFIX collector int Minimum: 0
Maximum: 65535
Default: "4739"

IpfixCollectorConfig (schema)

This managed entity contains a set of IPFIX collectors.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
collectors IPFIX Collectors array of IpfixCollector Required
Minimum items: 1
Maximum items: 4
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value IpfixCollectorConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpfixCollectorConfigListResult (schema)

List of IPFIX Collector Configs

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPFIX Collector Config array of IpfixCollectorConfig Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IpfixCollectorUpmProfile (schema)

IPFIX Collector Profile

The configuration for Internet protocol flow information export (IPFIX)
collector. It should be referenced in other IPFIX profile as a collecor
config. The IPFIX exporter will send records to these collectors.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
collectors IPFIX Collector Set array of IpfixCollector Required
Minimum items: 1
Maximum items: 4
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value IpfixCollectorUpmProfile IpfixCollectorUpmProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpfixCollectorUpmProfileListParameters (schema)

IPFIX Collector Profile List Parameters

Query parameters for IPFIX collector profile list

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
profile_types IPFIX Collector Profile Type List

An English comma-separated list of profile types. Enumerated value in
IpfixCollectorUpmProfileType can be listed here as a filter param.
string
sort_ascending boolean
sort_by Field by which records are sorted string

IpfixCollectorUpmProfileListResult (schema)

List of IPFIX Collector Profiles

IPFIX collector profile list result for query with profile list parameters

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPFIX Collector Profile List array of IpfixCollectorUpmProfile Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IpfixCollectorUpmProfileType (schema)

IPFIX Collector Profile Types

All IPFIX collector profile types.

Name Description Type Notes
IpfixCollectorUpmProfileType IPFIX Collector Profile Types

All IPFIX collector profile types.		 string Enum: IpfixCollectorUpmProfile

IpfixConfig (schema)

IPFIX Config base representation

This is an abstract type. Concrete child types:
IpfixDfwConfig
IpfixSwitchConfig

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
applied_tos AppliedTo List

List of objects where the IPFIX Config will be enabled.		 array of ResourceReference Maximum items: 128
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value IpfixConfig IpfixConfigType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpfixConfigListParameters (schema)

IPFIX Config List Parameters

Name Description Type Notes
applied_to Applied To

An applied to UUID working as listing condition		 string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
ipfix_config_type Type of IPFIX Config IpfixConfigType
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

IpfixConfigListResult (schema)

List of IPFIX Config

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPFIX Config array of IpfixConfig
(Abstract type: pass one of the following concrete types)
IpfixDfwConfig
IpfixSwitchConfig		 Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IpfixConfigType (schema)

Supported IPFIX Config Types.

Name Description Type Notes
IpfixConfigType Supported IPFIX Config Types. string Enum: IpfixSwitchConfig, IpfixDfwConfig

IpfixDfwConfig (schema)

IPFIX Config for the DFW Module

It defines IPFIX DFW Configuration.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
active_flow_export_timeout Active flow export timeout (minutes)

For long standing active flows, IPFIX records will be sent per timeout period
integer Minimum: 1
Maximum: 60
Default: "1"
applied_tos AppliedTo List

List of objects where the IPFIX Config will be enabled.		 array of ResourceReference Maximum items: 128
collector UUID of IPFIX DFW Collector Config

Each IPFIX DFW config can have its own collector config.
string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
observation_domain_id Observation domain ID

An identifier that is unique to the exporting process and used to
meter the Flows.
integer Required
Minimum: 0
Maximum: 4294967295
priority Config Priority

This priority field is used to resolve conflicts in Logical Ports
which are covered by more than one IPFIX profiles. The IPFIX
exporter will send records to Collectors in highest priority
profile (lowest number) only.
integer Required
Minimum: 0
Maximum: 65536
Default: "0"
resource_type Must be set to the value IpfixDfwConfig IpfixConfigType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
template_parameters Template Parameters

An object that indicates whether each corresponding template parameter
is required or not.
IpfixDfwTemplateParameters

IpfixDfwTemplateParameters (schema)

IPFIX DFW Template Parameters

This entity represents the flow parameters which are exported.

Name Description Type Notes
destination_address The destination IP address of a monitored network flow.
boolean Readonly
Default: "True"
destination_transport_port The destination transport port of a monitored network flow.
boolean Readonly
Default: "True"
firewall_event Five valid values are allowed: 1. Flow Created. 2. Flow Deleted.
3. Flow Denied. 4. Flow Alert (not used in DropKick implementation).
5. Flow Update.
boolean Readonly
Default: "True"
flow_direction Two valid values are allowed: 1. 0x00: igress flow to VM. 2. 0x01:
egress flow from VM.
boolean Readonly
Default: "True"
flow_end The absolute timestamp (seconds) of the last packet of this flow.
boolean Readonly
Default: "True"
flow_start The absolute timestamp (seconds) of the first packet of this flow.
boolean Readonly
Default: "True"
icmp_code Code of the IPv4 ICMP message.
boolean Readonly
Default: "True"
octet_delta_count The number of octets since the previous report (if any) in incoming
packets for this flow at the observation point. The number of octets
include IP header(s) and payload.
boolean Readonly
Default: "True"
packet_delta_count The number of incoming packets since the previous report (if any)
for this flow at the observation point.
boolean Readonly
Default: "True"
protocol_identifier The value of the protocol number in the IP packet header.
boolean Readonly
Default: "True"
rule_id Firewall rule Id - enterprise specific Information Element that uniquely identifies
firewall rule.
boolean Readonly
Default: "True"
source_address The source IP address of a monitored network flow.
boolean Readonly
Default: "True"
source_icmp_type Type of the IPv4 ICMP message.
boolean Readonly
Default: "True"
source_transport_port The source transport port of a monitored network flow.
boolean Readonly
Default: "True"
vif_uuid VIF UUID - enterprise specific Information Element that uniquely identifies VIF.
boolean Readonly
Default: "True"

IpfixObsPointConfig (schema) (Deprecated)

Logical IPFIX observation point

IpfixObsPointConfig (i.e. global switch IPFIX config) is deprecated. Please
use IpfixSwitchUpmProfile & IpfixCollectorUpmProfile instead. With them,
switch IPFIX profile can be applied to specific entities, such as logical
switch, logical port and so on.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
active_timeout Active timeout

The time in seconds after a Flow is expired even if more packets
matching this Flow are received by the cache.
int Minimum: 60
Maximum: 3600
Default: "300"
collectors List of IPFIX collectors array of IpfixCollector
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Enabled status of IPFIX export boolean Required
id Unique identifier of this resource string Sortable
idle_timeout Idle timeout

The time in seconds after a Flow is expired if no more packets matching
this Flow are received by the cache.
int Minimum: 60
Maximum: 3600
Default: "300"
max_flows Max flows

The maximum number of flow entries in each exporter flow cache.
integer Minimum: 0
Maximum: 4294967295
Default: "16384"
observation_domain_id Observation domain ID

An identifier that is unique to the exporting process and used to
meter the Flows.
integer Minimum: 0
Maximum: 4294967295
Default: "0"
packet_sample_probability Packet sample probability

The probability in percentage that a packet is sampled. The value should be
in range (0,100] and can only have three decimal places at most. The probability
is equal for every packet.
number Minimum: 0
Maximum: 100
Default: "0.1"
resource_type Must be set to the value IpfixObsPointConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpfixObsPointsListResult (schema) (Deprecated)

List of logical IPFIX observation points

This is deprecated. Please use UpmProfileListResult instead.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPFIX observation points array of IpfixObsPointConfig
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IpfixServiceAssociationListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IpfixConfig list result

Ipfix config list result with pagination support.		 array of IpfixConfig
(Abstract type: pass one of the following concrete types)
IpfixDfwConfig
IpfixSwitchConfig		 Required
Readonly
service_type Must be set to the value IpfixServiceAssociationListResult string Required
Enum: FireWallServiceAssociationListResult, IpfixServiceAssociationListResult
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IpfixSwitchConfig (schema) (Deprecated)

IPFIX Config for the Switching Module

This is deprecated. Please use IpfixSwitchUpmProfile instead which can
specify its own collectors and observation ID.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
active_timeout Active timeout

The time in seconds after a Flow is expired even if more packets
matching this Flow are received by the cache.
int Minimum: 60
Maximum: 3600
Default: "300"
applied_tos AppliedTo List

List of objects where the IPFIX Config will be enabled.		 array of ResourceReference Maximum items: 128
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
idle_timeout Idle timeout

The time in seconds after a Flow is expired if no more packets matching
this Flow are received by the cache.
int Minimum: 60
Maximum: 3600
Default: "300"
max_flows Max flows

The maximum number of flow entries in each exporter flow cache.
integer Minimum: 0
Maximum: 4294967295
Default: "16384"
packet_sample_probability Packet sample probability

The probability in percentage that a packet is sampled. The value should be
in range (0,100] and can only have three decimal places at most. The probability
is equal for every packet.
number Minimum: 0
Maximum: 100
Default: "0.1"
resource_type Must be set to the value IpfixSwitchConfig IpfixConfigType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpfixSwitchUpmProfile (schema)

Switching IPFIX Profile

The configuration for Internet protocol flow information export (IPFIX) and
would be enabled on the switching module to collect flow information.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
active_timeout Active Timeout

The time in seconds after a flow is expired even if more packets
matching this Flow are received by the cache.
int Minimum: 60
Maximum: 3600
Default: "300"
applied_tos Entitys Applied with Profile

Entities where the IPFIX profile will be enabled on. Maximum
entity count of all types is 128.
AppliedTos
collector_profile UUID of IPFIX Collector Profile

Each IPFIX switching profile can have its own collector profile.
string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
export_overlay_flow Export Overlay Flow

It controls whether sample result includes overlay flow info.
boolean Default: "True"
id Unique identifier of this resource string Sortable
idle_timeout Idle Timeout

The time in seconds after a flow is expired if no more packets matching
this flow are received by the cache.
int Minimum: 60
Maximum: 3600
Default: "300"
max_flows Max Flows

The maximum number of flow entries in each exporter flow cache.
integer Minimum: 0
Maximum: 4294967295
Default: "16384"
observation_domain_id Observation Domain ID

An identifier that is unique to the exporting process and used to
meter the Flows.
integer Required
Minimum: 0
Maximum: 4294967295
packet_sample_probability Packet Sample Probability

The probability in percentage that a packet is sampled. The value should be
in range (0,100] and can only have three decimal places at most. The probability
is equal for every packet.
number Minimum: 0
Maximum: 100
Default: "0.1"
priority Profile Priority

This priority field is used to resolve conflicts in logical ports/switch
which inherit multiple switch IPFIX profiles from NSGroups.

Override rule is : for multiple profiles inherited from NSGroups, the
one with highest priority (lowest number) overrides others; the profile
directly applied to logical switch overrides profiles inherited from
NSGroup; the profile directly applied to logical port overides profiles
inherited from logical switch and/or nsgroup;

The IPFIX exporter will send records to collectors of final effective
profile only.
int Required
Minimum: 0
Maximum: 65536
resource_type Must be set to the value IpfixSwitchUpmProfile IpfixUpmProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpfixUpmProfile (schema)

Base IPFIX Profile

Parent profile of all IPFIX profiles. This is an abstract type. Concrete child types:
IpfixSwitchUpmProfile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value IpfixUpmProfile IpfixUpmProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

IpfixUpmProfileListParameters (schema)

IPFIX Profile List Parameters

Query parameters for IPFIX profile list

Name Description Type Notes
applied_to_entity_id ID of Entity Applied with Profile

The entity ID works as a filter param. Entity ID and entity type should
be both provided or not at a query.
string
applied_to_entity_type Type of Entity Applied with Profile

The entity type works as a filter param. Enumerated value in
UpmEntityType could be used here. Entity ID and entity type should be
both provided or not at a query.
UpmEntityType
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
profile_types IPFIX Profile Type List

An English comma-separated list of profile types. Enumerated value in
IpfixUpmProfileType could be listed here as a filter param.
string
sort_ascending boolean
sort_by Field by which records are sorted string

IpfixUpmProfileListResult (schema)

List of IPFIX Profiles

IPFIX profile list result for query with list parameters

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results IPFIX Profile List array of IpfixUpmProfile
(Abstract type: pass one of the following concrete types)
IpfixSwitchUpmProfile		 Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

IpfixUpmProfileType (schema)

IPFIX Profile Types

All IPFIX profile types.

Name Description Type Notes
IpfixUpmProfileType IPFIX Profile Types

All IPFIX profile types.		 string Enum: IpfixSwitchUpmProfile

Ipv4Header (schema)

Name Description Type Notes
dst_ip The destination ip address. IPv4Address
flags IP flags integer Minimum: 0
Maximum: 8
Default: "0"
protocol IP protocol - defaults to ICMP integer Minimum: 0
Maximum: 255
Default: "1"
src_ip The source ip address. IPv4Address
src_subnet_prefix_len source subnet prefix length.

This is used together with src_ip to calculate dst_ip for broadcast when dst_ip is not given; not used in all other cases.		 integer Minimum: 1
Maximum: 32
ttl Time to live (ttl) integer Minimum: 0
Maximum: 255
Default: "64"

Ipv6DadProfile (schema)

Duplicate address detection profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
dad_mode DAD Mode DADMode Default: "LOOSE"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
ns_retries NS retries count

Number of Neighbor solicitation packets generated before completing the
Duplicate address detection process.
integer Minimum: 0
Maximum: 10
Default: "3"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Ipv6DadProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
wait_time Wait time

The time duration in seconds, to wait for Neighbor advertisement
after sending the Neighbor solicitation message.
integer Minimum: 0
Maximum: 60
Default: "1"

Ipv6DadProfileListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of Ipv6DadProfile array of Ipv6DadProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

Ipv6Header (schema)

Name Description Type Notes
dst_ip The destination ip address. IPv6Address
hop_limit hop limit

Decremented by 1 by each node that forwards the packets. The packet is discarded if Hop Limit is decremented to zero.		 integer Minimum: 0
Maximum: 255
Default: "64"
next_header Identifies the type of header immediately following the IPv6 header. integer Minimum: 0
Maximum: 255
Default: "58"
src_ip The source ip address. IPv6Address

Ipv6NdraProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
dns_config DNS Configurations RaDNSConfig
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
ra_config RA Configuration RAConfig Required
ra_mode RA Mode RAMode Required
Default: "SLAAC_DNS_THROUGH_RA"
reachable_timer Reachable timer

Neighbour reachable time duration in milliseconds.
A value of 0 means unspecified.
integer Minimum: 0
Maximum: 3600000
Default: "0"
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Ipv6NdraProfile string
retransmit_interval Retransmission interval

The time, in milliseconds, between retransmitted neighbour
solicitation messages. A value of 0 means unspecified.
integer Minimum: 0
Maximum: 4294967295
Default: "1000"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

Ipv6NdraProfileListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of Ipv6NdraProfile array of Ipv6NdraProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

JoinClusterParameters (schema)

Parameters needed for this node to join the NSX cluster

To join a new node to the NSX cluster, issue a JoinCluster API on the new node. The JoinCluster API takes this object as a parameter. Provide the ID of the NSX cluster you want the new node to join and the IP address of one of the nodes already in that cluster. The Cluster Boot Manager running on the new node will then add the new node to the NSX cluster by making a AttachClusterNode REST API call on the node that is already part of the cluster. In order to make a REST API call to the node in the cluster, the Cluster Boot Manager will need username and password of a priviledged user on the node in the cluster. In place of a username and password, Cluster Boot Manager could also use a OAuth token provided. The Cluster Boot Manager needs either the username and password or the OAuth token to make the REST call but not both.

Name Description Type Notes
certficate_sha256_thumbprint SHA256 Thumbprint of the API certificate of the cluster node string Required
cluster_id UUID of the cluster to join string Required
ip_address IP address of a node already part of the cluster to join string Required
password Password of the user on the cluster node string
port API port on the cluster node integer Minimum: 1
Maximum: 65535
Default: "443"
token Limited time OAuth token instead of the username/password string
username Username on the cluster node string

KeySize (schema)

Crypto key size

Name Description Type Notes
KeySize Crypto key size integer

KeyValue (schema)

Name Description Type Notes
key key name string Required
value key value string Required

KeyValuePair (schema)

An arbitrary key-value pair

Name Description Type Notes
key Key string Required
Maximum length: 255
value Value string Required
Maximum length: 255

KnownHostParameter (schema)

Name Description Type Notes
host Known host hostname or IP address HostnameOrIPv4Address Required
port Known host port integer Minimum: 1
Maximum: 65535
Default: "22"

L2Extension (schema)

Segment specific L2 VPN configuration

Name Description Type Notes
l2vpn_path Policy path of associated L2 VPN session

This property has been deprecated. Please use the property l2vpn_paths
for setting the paths of associated L2 VPN session. This property will
continue to work as expected to provide backwards compatibility.
However, when both l2vpn_path and l2vpn_paths properties
are specified, only l2vpn_paths is used.
string Deprecated
l2vpn_paths Policy paths of associated L2 VPN sessions

Policy paths corresponding to the associated L2 VPN sessions
array of string
tunnel_id Tunnel ID int Minimum: 1
Maximum: 4093

L2L3RuntimeRequestParameters (schema)

L2 L3 connectivity runtime status request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
edge_path Policy path of edge node

Policy path of edge node. Edge should be member of enforcement point.
string
enforcement_point_path String Path of the enforcement point

Enforcement point path.		 string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

L2VPNPerLSTrafficStatistics (schema)

Traffic statistics per logical switch

Traffic statistics for a logical switch.

Name Description Type Notes
bum_bytes_in Broadcast, Unknown unicast and Multicast (BUM) bytes in

Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) bytes.		 integer Readonly
bum_bytes_out Broadcast, Unknown unicast and Multicast (BUM) bytes out

Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) bytes.		 integer Readonly
bum_packets_in Broadcast, Unknown unicast and Multicast (BUM) packets in

Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) packets.		 integer Readonly
bum_packets_out Broadcast, Unknown unicast and Multicast (BUM) packets out

Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) packets.		 integer Readonly
bytes_in Bytes in

Total number of incoming bytes.		 integer Readonly
bytes_out Bytes out

Total number of outgoing bytes.		 integer Readonly
logical_switch Logical switch

Logical switch		 ResourceReference Readonly
packets_in Packets in

Total number of incoming packets.		 integer Readonly
packets_out Packets out

Total number of outgoing packets.		 integer Readonly
packets_receive_error Packets recieved error

Total number of incoming packets dropped.		 integer Readonly
packets_sent_error Packets sent error

Total number of packets dropped while sending for any reason.		 integer Readonly

L2VPNService (schema)

L2VPN Service

L2VPN Service defines if service running as server or client. It also
defines all the common properties for the multiple L2VPN Sessions
associated with this service.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enable_hub Enable spoke to spoke (client) forwarding via hub (server)

This property applies only in SERVER mode. If set to true,
traffic from any client will be replicated to all other clients.
If set to false, traffic received from clients is only replicated
to the local VPN endpoint.
boolean Default: "False"
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
mode L2VPN Service Mode

Specify an L2VPN service mode as SERVER or CLIENT.		 string Enum: SERVER, CLIENT
Default: "SERVER"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value L2VPNService string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

L2VPNServiceListRequestParameters (schema)

L2VPNService list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

L2VPNServiceListResult (schema)

Paged Collection of L2VPNServices

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results L2VPNService list results array of L2VPNService Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

L2VPNSession (schema)

L2VPN Session

Defines the tunnel local and peer addresses along with multiple
tansport tunnels for redundancy. L2VPNSession belongs to only one
L2VPNService.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Enable L2VPN session

Enable to extend all the associated segments.		 boolean Default: "True"
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value L2VPNSession string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_tunnels List of transport tunnels

List of transport tunnels for redundancy.		 array of string Required
Minimum items: 1
Maximum items: 1
tunnel_encapsulation Tunnel encapsulation config

Tunnel encapsulation config. This property only applies in CLIENT
mode. It is auto-populated from the L2VPNSessionData.
L2VPNTunnelEncapsulation Readonly

L2VPNSessionData (schema)

L2VPN Session Data

L2VPN Session Data represents meta data necessary to create
the L2VPN Session. It is represented by an array of peer code
for each tunnel.

Name Description Type Notes
description Description of L2VPN Session string Maximum length: 1024
display_name Identifier to use when displaying L2VPN Session

Defaults to id if not set.		 string Maximum length: 255
enabled Enable L2VPN session

Enable to extend all the associated segments.		 boolean Default: "True"
transport_tunnels List of L2VPN Transport Tunnel Data

List of L2VPN transport tunnel data.		 array of L2VPNSessionTransportTunnelData Minimum items: 1
Maximum items: 1

L2VPNSessionListRequestParameters (schema)

L2VPNSession list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

L2VPNSessionListResult (schema)

Paged Collection of L2VPNSession

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results L2VPNSession list results array of L2VPNSession Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

L2VPNSessionPeerConfigNsxT (schema)

Peer code to configure the other side of the tunnel

L2VPNSessionPeerCodes represents an array of peer code for each
tunnel. The peer code is necessary to configure the remote end
of the tunnel. Currently only stand-along/unmanaged edge is
supported on the remote end of the tunnel.

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
peer_codes List of peer codes

List of peer codes per transport tunnel.		 array of L2VPNSessionTransportTunnelPeerCode Readonly
Minimum items: 1
Maximum items: 1
resource_type Must be set to the value L2VPNSessionPeerConfigNsxT string Required
Enum: L2VPNSessionPeerConfigNsxT

L2VPNSessionPeerConfigPerEP (schema)

Peer config per Enforcement Point

Peer config per Enforcement Point to configure the other
side of the tunnel.
This is an abstract type. Concrete child types:
L2VPNSessionPeerConfigNsxT

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
resource_type string Required
Enum: L2VPNSessionPeerConfigNsxT

L2VPNSessionRemoteMacs (schema)

Remote MAC addresses list

Remote MAC addresses for all logical switches for a L2VPN session.

Name Description Type Notes
display_name Display name

L2VPN display name.		 string Readonly
remote_mac_addresses Remote MAC addresses for all logical switches

List MAC addresses for all logical switch for a particular L2VPN session.		 array of L2VPNSessionRemoteMacsForLS Readonly
session_id Session identifier

L2VPN session identifier.		 string Readonly

L2VPNSessionRemoteMacsForLS (schema)

Remote MAC addresses for logical switch

Remote MAC addresses for logical switch.

Name Description Type Notes
logical_switch Logical switch

Logical switch.		 ResourceReference Readonly
remote_mac_addresses Mac addresses

Mac addresses.		 array of string Readonly

L2VPNSessionStatistics (schema)

L2VPN session statistics

Session statistics gives VPN session status and traffic statistics per logical switch.

Name Description Type Notes
display_name Display name

L2VPN display name.		 string Readonly
partial_stats Partial Statistics

Partial statistics is set to true if onle active node responds while standby does not. In case of both nodes responded statistics will be summed and partial stats will be false. If cluster has only active node, partial statistics will always be false.		 boolean Readonly
session_id L2VPN session id

Session identifier for L2VPN.		 string Readonly
tap_traffic_counters Tunnel port traffic counters

Tunnel port traffic counters.		 array of L2VPNTapTrafficStatistics Readonly
traffic_statistics_per_logical_switch Traffic statistics per logical switch

Traffic statistics per logical switch.		 array of L2VPNPerLSTrafficStatistics Readonly

L2VPNSessionStatisticsNsxT (schema)

L2VPN session statistics

L2VPN session statistics gives session status and traffic statistics per segment.

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
resource_type Must be set to the value L2VPNSessionStatisticsNsxT string Required
Enum: L2VPNSessionStatisticsNsxT
tap_traffic_counters Tunnel port traffic counters

Tunnel port traffic counters.		 array of L2VPNTapStatistics Readonly
traffic_statistics_per_segment Traffic statistics per segment

Traffic statistics per segment.		 array of L2VPNTrafficStatisticsPerSegment Readonly

L2VPNSessionStatisticsPerEP (schema)

L2VPN Session Statistics Per Enforcement Point

L2VPN Session Statistics Per Enforcement Point.
This is an abstract type. Concrete child types:
L2VPNSessionStatisticsNsxT

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
resource_type string Required
Enum: L2VPNSessionStatisticsNsxT

L2VPNSessionStatus (schema)

L2VPN Session Status

L2VPN session status.

Name Description Type Notes
display_name Display name

L2VPN display name.		 string Readonly
session_id Session identifier

L2VPN session identifier.		 string Readonly
status L2 VPN session status

L2 VPN session status, specifies UP/DOWN.		 string Readonly
Enum: UP, DOWN
transport_tunnels Transport tunnels status

Transport tunnels status.		 array of L2VPNTransportTunnelStatus
(Abstract type: pass one of the following concrete types)
IPSecVPNTransportStatus		 Readonly

L2VPNSessionStatusNsxT (schema)

L2VPN session status summary

L2VPN Session Status represents status on an NSX-T type of enforcement point.

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
resource_type Must be set to the value L2VPNSessionStatusNsxT string Required
Enum: L2VPNSessionStatusNsxT
runtime_status L2 VPN session status

L2 VPN session status, specifies UP/DOWN.		 string Readonly
Enum: UP, DOWN
transport_tunnels Transport tunnels status

Transport tunnels status.		 array of L2VPNSessionTransportTunnelStatus
(Abstract type: pass one of the following concrete types)
IPSecVpnTransportStatus		 Readonly

L2VPNSessionStatusPerEP (schema)

L2VPN Session Status Per Enforcement Point

L2VPN Session Status Per Enforcement Point.
This is an abstract type. Concrete child types:
L2VPNSessionStatusNsxT

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
resource_type string Required
Enum: L2VPNSessionStatusNsxT

L2VPNSessionSummary (schema)

L2VPN session status summary

List summary of L2VPN sessions.

Name Description Type Notes
established_l2vpn_sessions Established L2VPN sessions

Number of established L2VPN sessions. L2VPN session is established when all the tunnels are up.		 integer Readonly
failed_l2vpn_sessions Failed L2VPN sessions

Number of failed L2VPN sessions. L2VPN session is failed when all the tunnels are down.		 integer Readonly
total_l2vpn_sessions Total L2VPN sessions

Total L2VPN sessions configured.		 integer Readonly

L2VPNSessionTransportTunnelData (schema)

L2VPN Session Transport Tunnel Data

L2VPN Session Transport Tunnel Data uses a peer code which has all the
information to create the transport tunnel.

Name Description Type Notes
local_address IPv4 Address of local endpoint

IPv4 Address of local endpoint.		 IPv4Address Required
peer_address IPv4 Address of Peer endpoint

IPv4 Address of Peer endpoint on remote site.		 IPv4Address Required
peer_code Peer code for the transport tunnel

Peer code represents a base64 encoded string which has
all the configuration for tunnel. E.g local/peer ips and
protocol, encryption algorithm, etc. Peer code also contains
PSK; be careful when sharing or storing it.
string

L2VPNSessionTransportTunnelPeerCode (schema)

L2VPN Transport Tunnel Peer Code

L2VPN transport tunnel peer code.

Name Description Type Notes
peer_code Peer code for the transport tunnel

Peer code represents a base64 encoded string which has
all the configuration for tunnel. E.g local/peer ips and
protocol, encryption algorithm, etc. Peer code also contains
PSK; be careful when sharing or storing it.
string Readonly
transport_tunnel_path Policy Path referencing the transport tunnel. string Readonly

L2VPNSessionTransportTunnelStatus (schema)

Transport tunnel status

Transport tunnel status. This is an abstract type. Concrete child types:
IPSecVpnTransportStatus

Name Description Type Notes
resource_type string Required
Enum: IPSecVpnTransportStatus
transport_tunnel_path Policy path referencing Transport Tunnel

Policy path referencing Transport Tunnel.		 string Readonly

L2VPNTapStatistics (schema)

L2VPN TAP (Terminal access point) traffic statistics

TAP (Terminal access point) traffic statistics for L2VPN.

Name Description Type Notes
bytes_in Bytes in

Total number of incoming bytes.
integer Readonly
bytes_out Bytes out

Total number of outgoing bytes.
integer Readonly
packets_in Packets in

Total number of incoming packets.
integer Readonly
packets_out Packets out

Total number of outgoing packets.
integer Readonly
packets_receive_error packets recieved error

Total number of incoming packets dropped.
integer Readonly
packets_sent_error Packets sent error

Total number of packets dropped while sending for any reason.
integer Readonly

L2VPNTapTrafficStatistics (schema)

L2VPN TAP (Terminal access point) traffic statistics

TAP (Terminal access point) traffic statistics for L2VPN.

Name Description Type Notes
bytes_in Bytes in

Total number of incoming bytes.		 integer Readonly
bytes_out Bytes out

Total number of outgoing bytes.		 integer Readonly
packets_in Packets in

Total number of incoming packets.		 integer Readonly
packets_out Packets out

Total number of outgoing packets.		 integer Readonly
packets_receive_error packets recieved error

Total number of incoming packets dropped.		 integer Readonly
packets_sent_error Packets sent error

Total number of packets dropped while sending for any reason.		 integer Readonly

L2VPNTrafficStatisticsPerSegment (schema)

Traffic statistics per segment

Traffic statistics for a segment.

Name Description Type Notes
bum_bytes_in Broadcast, Unknown unicast and Multicast (BUM) bytes in

Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) bytes.
integer Readonly
bum_bytes_out Broadcast, Unknown unicast and Multicast (BUM) bytes out

Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) bytes.
integer Readonly
bum_packets_in Broadcast, Unknown unicast and Multicast (BUM) packets in

Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) packets.
integer Readonly
bum_packets_out Broadcast, Unknown unicast and Multicast (BUM) packets out

Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) packets.
integer Readonly
bytes_in Bytes in

Total number of incoming bytes.
integer Readonly
bytes_out Bytes out

Total number of outgoing bytes.
integer Readonly
packets_in Packets in

Total number of incoming packets.
integer Readonly
packets_out Packets out

Total number of outgoing packets.
integer Readonly
packets_receive_error Packets received error

Total number of incoming packets dropped.
integer Readonly
packets_sent_error Packets sent error

Total number of packets dropped while sending for any reason.
integer Readonly
segment_path Segment Path

Policy path referencing the segment on which stats are gathered.
string Readonly

L2VPNTransportTunnelStatus (schema)

Transport tunnel status

Transport tunnel status. This is an abstract type. Concrete child types:
IPSecVPNTransportStatus

Name Description Type Notes
resource_type TransportTunnelResourceType Required
tunnel_id Transport tunnel id

Transport tunnel id.		 ResourceReference Readonly

L2VPNTunnelEncapsulation (schema)

L2VPN Tunnel Encapsulation

L2VPN tunnel encapsulation config.

Name Description Type Notes
local_endpoint_address IP Address of the tunnel port

IP Address of the local tunnel port. This property only applies in
CLIENT mode.
IPv4Address Readonly
peer_endpoint_address IP Address of the peer tunnel port

IP Address of the peer tunnel port. This property only applies in
CLIENT mode.
IPv4Address Readonly
protocol Encapsulation protocol

Encapsulation protocol used by the tunnel.		 string Readonly
Enum: GRE
Default: "GRE"

L2Vpn (schema) (Deprecated)

L2 Virtual Private Network Configuration

Contains information necessary to configure L2Vpn.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Enable L2Vpn

Enable to extend all the associated segments.
boolean Default: "True"
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value L2Vpn string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_tunnels List of paths referencing transport tunnels

List of paths referencing transport tunnels.
array of string Required
Minimum items: 1
Maximum items: 1

L2VpnAttachmentContext (schema)

Name Description Type Notes
allocate_addresses A flag to indicate whether to allocate addresses from allocation pools bound to the parent logical switch. string Enum: IpPool, MacPool, Both, None
resource_type Must be set to the value L2VpnAttachmentContext string Required
tunnel_id Tunnel Id to uniquely identify the extension. int Required
Minimum: 1
Maximum: 4093

L2VpnContext (schema) (Deprecated)

L2Vpn Context

L2Vpn Context provides meta-data information about the parent Tier-0.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enable_hub Enable to act as hub

If enabled, the tier-0 acts as a Hub and replicates traffic received from
peer to all other peers. If disabled, the tier-0 acts as a Spoke and
replicates only the local.
boolean Default: "False"
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value L2VpnContext string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

L2VpnService (schema)

L2VPN Service

Defines if service running as server or client Also defines all the common properties for the multiple L2VpnSessions associated with this service.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enable_full_mesh Enable full mesh topology

Full mesh topology auto disables traffic replication between connected
peers. However, this property is deprecated. Please refer enable_hub
property instead to control client to client forwarding via the server.
The value of enable_full_mesh will not be used anymore. If enable_hub
is not provided explicitly, the default value of it will be used.
boolean Deprecated
Default: "False"
enable_hub Enable client to client forwarding via server

This property only applies in SERVER mode. If set to true,
traffic from any client will be replicated to all other clients.
If set to false, traffic received from clients is only replicated
to the local VPN endpoint.
boolean Default: "False"
id Unique identifier of this resource string Sortable
logical_router_id Logical router id

Logical router id		 string Required
logical_tap_ip_pool IP Pool for Logical Taps

IP Pool to allocate local and peer endpoint IPs for L2VpnSession logical Tap.		 array of IPv4CIDRBlock
mode L2VPN Service Mode

Specify an L2VPN service mode as SERVER or CLIENT. L2VPN service
in SERVER mode requires user to configure L2VPN session explicitly.
L2VPN service in CLIENT mode can use peercode generated from SERVER
to configure L2VPN session.
string Enum: SERVER, CLIENT
Default: "SERVER"
resource_type Must be set to the value L2VpnService string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

L2VpnServiceListResult (schema)

List all L2VPN services

Paginated list all the L2VPN services.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results L2VPN serivce list result array of L2VpnService Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

L2VpnSession (schema)

L2VPN Session

Defines the tunnel local and peer addresses along with the multiple tansport tunnels for redundancy. L2VpnSession belongs on to only one L2VpnService.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Enable L2VPN session

Enable to extend all the associated logical switches.		 boolean Default: "True"
id Unique identifier of this resource string Sortable
l2vpn_service_id L2VPN service id

L2VPN service id		 string Required
resource_type Must be set to the value L2VpnSession string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_tunnels List of transport tunnels

List of transport tunnels for redundancy.		 array of ResourceReference Required
Minimum items: 1
Maximum items: 1
tunnel_encapsulation Tunnel encapsulation config

Tunnel encapsulation config. For hub, this property should not be provided as it will be auto-generated. For spoke, this property must be provided.		 L2VpnTunnelEncapsulation

L2VpnSessionListParameters (schema)

L2VPNSession list parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
l2vpn_service_id Id of the L2Vpn Service

If provided, only sessions associated with the given L2Vpn service will be returned		 string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

L2VpnSessionListResult (schema)

List all L2VPN sessions

Paginated list all the L2VPN sessions

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results L2VPN sessions list result array of L2VpnSession Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

L2VpnSessionPeerCodes (schema)

Peer code to configure the other side of the tunnel

Get the peer_code for each tunnel to paste on the remote end of the tunnel. Currently only stand-along/unmanaged edge is supported on the remote end of the tunnel.

Name Description Type Notes
peer_codes List of peer codes

List of peer codes per transport tunnel.		 array of L2VpnTunnelPeerCode Required
Minimum items: 1
Maximum items: 1

L2VpnTunnelEncapsulation (schema)

L2VPN tunnel encapsulation config

L2VPN tunnel encapsulation config

Name Description Type Notes
local_endpoint_ip IP Address of the tunnel port

IP Address of the tunnel port. For hub, the IP is allocated from L2VpnService logical_tap_ip_pool. All sessions on same L2VpnService get the same local_endpoint_ip. For spoke, the IP must be provided.		 IPv4Address
peer_endpoint_ip IP Address of the peer tunnel port

IP Address of the peer tunnel port. For hub, the IP is allocated from L2VpnService logical_tap_ip_pool. For spoke, the IP must be provided.		 IPv4Address
protocol Encapsulation protocol

Encapsulation protocol used by the tunnel		 string Enum: GRE
Default: "GRE"

L2VpnTunnelPeerCode (schema)

L2Vpn tunnel peer code

L2Vpn tunnel peer code

Name Description Type Notes
peer_code Peer code for the tunnel

Copy this code to paste on the remote end of the tunnel. This is a base64 encoded string which has all the configuration for tunnel. E.g tap device local/peer ips and protocol, encryption algorithm, etc. The peer code also contains a pre-shared key; be careful when sharing or storing it.		 string Required
transport_tunnel Transport tunnel ResourceReference Required

L3Vpn (schema) (Deprecated)

L3 Virtual Private Network Configuration

Contains information necessary to configure IPSec VPN.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
dh_groups DH group

Diffie-Hellman group to be used if PFS is enabled. Default group is GROUP14.
array of PolicyDHGroup Maximum items: 1
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enable_perfect_forward_secrecy Enable perfect forward secrecy

If true, perfect forward secrecy (PFS) is enabled.
boolean Default: "True"
enabled Enable L3Vpn

Flag to enable L3Vpn. Default is enabled.
boolean Default: "True"
id Unique identifier of this resource string Sortable
ike_digest_algorithms Digest Algorithm for IKE

Algorithm to be used for message digest during Internet Key Exchange(IKE)
negotiation. Default is SHA2_256.
array of PolicyIKEDigestAlgorithm Maximum items: 1
ike_encryption_algorithms Encryption algorithm for IKE

Algorithm to be used during Internet Key Exchange(IKE) negotiation.
Default is AES_128.
array of PolicyIKEEncryptionAlgorithm Maximum items: 1
ike_version IKE version

IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds
to both IKE-V1 and IKE-V2.
PolicyIKEVersion Default: "IKE_V2"
l3vpn_session L3Vpn Session L3VpnSession
(Abstract type: pass one of the following concrete types)
PolicyBasedL3VpnSession
RouteBasedL3VpnSession		 Required
local_address IPv4 address of local gateway IPv4Address Required
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
passphrases List of IPSec pre-shared keys

List of IPSec pre-shared keys used for IPSec authentication. If not
specified, the older passphrase values are retained if there are any.
array of string Maximum items: 1
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
remote_private_address Identifier of the remote site

This field is used to resolve conflicts in case of a remote site being
behind NAT as remote public ip address is not enough. If it is not the
case the remote public address should be provided here. If not provided,
the value of this field is set to remote_public_address.
string
remote_public_address Public IPv4 address of remote gateway IPv4Address Required
resource_type Must be set to the value L3Vpn string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tunnel_digest_algorithms Digest Algorithm for Tunnel Establishment

Algorithm to be used for message digest during tunnel establishment.
Default algorithm is empty.
array of PolicyTunnelDigestAlgorithm Maximum items: 1
tunnel_encryption_algorithms Encryption algorithm for Tunnel Establishement

Encryption algorithm to encrypt/decrypt the messages exchanged between
IPSec VPN initiator and responder during tunnel negotiation. Default is
AES_GCM_128.
array of PolicyTunnelEncryptionAlgorithm Maximum items: 1

L3VpnContext (schema) (Deprecated)

L3Vpn Context

L3Vpn Context provides the configuration context that different L3Vpns can consume.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
available_local_addresses IPv4 addresses of the local gateway

Local gateway IPv4 addresses available for configuration of each L3Vpn.
array of PolicyIPAddressInfo
bypass_rules List of Bypass L3VpnRules

Bypass L3Vpn rules that will be shared across L3Vpns. Only Bypass action is
supported on these L3Vpn rules.
array of L3VpnRule
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Enable L3 Virtual Private Network (VPN) service

If true, enable L3Vpn Service for given tier-0. Enabling/disabling this
service affects all L3Vpns under the given tier-0.
boolean Default: "True"
id Unique identifier of this resource string Sortable
ike_log_level Internet key exchange (IKE) log level

Log level for internet key exchange (IKE).
string Enum: DEBUG, INFO, WARN, ERROR, EMERGENCY
Default: "INFO"
label Policy path referencing Label

Policy path referencing Label. A label is used as a mechanism to group
route-based L3Vpns in order to apply edge firewall rules on members' VTIs.
string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value L3VpnContext string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

L3VpnRule (schema) (Deprecated)

L3Vpn Rule

For policy-based L3Vpn sessions, a rule specifies as its action the vpn tunnel to be used
for transit traffic that meets the rule's match criteria.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
action Action to apply to the traffic transiting through the L3Vpn

Action to exchange data with or without protection.
PROTECT - Allows to exchange data with ipsec protection. Protect rules are defined per
L3Vpn.
BYPASS - Allows to exchange data without ipsec protection. Bypass rules are defined per
L3VpnContext and affects all policy based L3Vpns. Bypass rules are prioritized over
protect rules.
string Enum: PROTECT, BYPASS
Default: "PROTECT"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
destinations List of remote subnets

List of remote subnets used in policy-based L3Vpn.
array of L3VpnSubnet Required
Minimum items: 1
Maximum items: 128
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value L3VpnRule string
sequence_number Sequence number of the L3VpnRule

This field is used to resolve conflicts between multiple L3VpnRules associated with a
single L3Vpn or L3VpnContext.
int
sources List of local subnets

List of local subnets used in policy-based L3Vpn.
array of L3VpnSubnet Required
Minimum items: 1
Maximum items: 128
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

L3VpnSession (schema) (Deprecated)

L3Vpn Session

Contains information about L3Vpn session.
This is an abstract type. Concrete child types:
PolicyBasedL3VpnSession
RouteBasedL3VpnSession

Name Description Type Notes
resource_type L3VpnSessionResourceType Required

L3VpnSessionResourceType (schema) (Deprecated)

Resource type of L3Vpn Session

- A Policy Based L3Vpn is a configuration in which protect rules to match local
and remote subnet needs to be defined. Tunnel is established for each pair of
local and remote subnet defined in protect rules.
- A Route Based L3Vpn is more flexible, more powerful and recommended over policy
based. IP Tunnel subnet is created and all traffic routed through tunnel subnet
(commonly known as VTI) is sent over tunnel. Routes can be learned through BGP.
A route based L3Vpn is required when using redundant L3Vpn.

Name Description Type Notes
L3VpnSessionResourceType Resource type of L3Vpn Session

- A Policy Based L3Vpn is a configuration in which protect rules to match local
and remote subnet needs to be defined. Tunnel is established for each pair of
local and remote subnet defined in protect rules.
- A Route Based L3Vpn is more flexible, more powerful and recommended over policy
based. IP Tunnel subnet is created and all traffic routed through tunnel subnet
(commonly known as VTI) is sent over tunnel. Routes can be learned through BGP.
A route based L3Vpn is required when using redundant L3Vpn.
string Deprecated
Enum: PolicyBasedL3VpnSession, RouteBasedL3VpnSession

L3VpnSubnet (schema) (Deprecated)

Subnet used in L3Vpn Rule

Used to specify subnets in L3Vpn rule.

Name Description Type Notes
subnet Subnet

Subnet used in L3Vpn Rule.
IPv4CIDRBlock Required

L4PolicyLbPersistenceProfile (schema)

PolicyLbPersistenceProflie for L4 type PolicyLbVirtualServer

Some applications maintain state and require all relevant connections
to be sent to the same server as the application state is not
synchronized among servers. Persistence is enabled on a
PolicyLbVirtualServer by binding a persistence profile to it.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
persistence Persistence method used by PolicyLbVirtualServer(s)

This field indicates the persistence method used for the
PolicyLbVirtualServer.
- SOURCE_IP persistence ensures all connections from a client
(identified by IP address) are sent to the same backend server for a
specified period.
- This object is not required and persistence is disabled by
default
string Enum: SOURCE_IP
Default: "SOURCE_IP"
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value L4PolicyLbPersistenceProfile string Required
Enum: L4PolicyLbPersistenceProfile, L7PolicyLbPersistenceProfile, CustomPolicyLbPersistenceProfile
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

L4PortSetNSService (schema)

An NSService element that represents TCP or UDP protocol

L4PortSet can be specified in comma separated notation of parts. Parts of a
L4PortSet includes single integer or range of port in hyphen notation.
Example of a PortSet: "22, 33-70, 44".

Name Description Type Notes
destination_ports Destination ports array of PortElement Maximum items: 15
l4_protocol string Required
Enum: TCP, UDP
resource_type Must be set to the value L4PortSetNSService string Required
Enum: EtherTypeNSService, IPProtocolNSService, IGMPTypeNSService, ICMPTypeNSService, ALGTypeNSService, L4PortSetNSService
source_ports Source ports array of PortElement Maximum items: 15

L4PortSetServiceEntry (schema)

An ServiceEntry that represents TCP or UDP protocol

L4PortSet can be specified in comma separated notation of parts. Parts of a
L4PortSet includes single integer or range of port in hyphen notation.
Example of a PortSet: "22, 33-70, 44".

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
destination_ports array of PortElement Maximum items: 15
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
l4_protocol string Required
Enum: TCP, UDP
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value L4PortSetServiceEntry string Required
Enum: IPProtocolServiceEntry, IGMPTypeServiceEntry, ICMPTypeServiceEntry, ALGTypeServiceEntry, L4PortSetServiceEntry, EtherTypeServiceEntry
source_ports array of PortElement Maximum items: 15
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

L7PolicyLbPersistenceProfile (schema)

PolicyLbPersistenceProflie for L7 type PolicyLbVirtualServer

Some applications maintain state and require all relevant connections
to be sent to the same server as the application state is not
synchronized among servers. Persistence is enabled on a
PolicyLbVirtualServer
by binding a persistence profile to it.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
persistence Persistence method used by PolicyLbVirtualServer(s)

This field indicates the persistence method used for the
PolicyLbVirtualServer.
- COOKIE persistence allows related client connections, identified by
the same cookie in HTTP requests [Refer to HTTP Cookie for details
on HTTP cookies], to be redirected to the same server. Load
balancer does not maintain any persistence table for cookie
persistence. Instead, it encodes the necessary information in the
HTTP cookie value sent to client and relies on the client to store
it and send it back in subsequent related HTTP requests. Hence
there is no limit on the number of cookie persistence entries that
can be supported.
- This object is not required and persistence is disabled by default
string Enum: COOKIE
Default: "COOKIE"
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value L7PolicyLbPersistenceProfile string Required
Enum: L4PolicyLbPersistenceProfile, L7PolicyLbPersistenceProfile, CustomPolicyLbPersistenceProfile
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LBActiveMonitor (schema)

Base class for each type of active LBMonitorProfile

All the active types of LBMonitorProfile extend from this abstract class.
This is present for extensibility.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count Monitor fall count for active healthchecks

Only if a healthcheck fails consecutively for a specified number of
times, given with fall_count, to a member will the member status be
marked DOWN.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
id Unique identifier of this resource string Sortable
interval Monitor interval in seconds for active healthchecks

Active healthchecks are initiated periodically, at a configurable
interval (in seconds), to each member of the Group.
integer Minimum: 1
Maximum: 2147483647
Default: "5"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
monitor_port Monitor port for active healthchecks

Typically, monitors perform healthchecks to Group members using the
member IP address and pool_port.
However, in some cases, customers prefer to run healthchecks against a
different port than the pool member port which handles actual
application traffic. In such cases, the port to run healthchecks
against can be specified in the monitor_port value.
For ICMP monitor, monitor_port is not required.
int Minimum: 0
Maximum: 65535
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBActiveMonitor LBMonitorProfileType Required
rise_count Monitor rise count for active healthchecks

Once a member is DOWN, a specified number of consecutive successful
healthchecks specified by rise_count will bring the member back to UP
state.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Monitor timeout in seconds for active healthchecks

Timeout specified in seconds. After a healthcheck is initiated, if it
does not complete within a certain period, then also the healthcheck
is considered to be unsuccessful. Completing a healthcheck within
timeout means establishing a connection (TCP or SSL), if applicable,
sending the request and receiving the response, all within the
configured timeout.
integer Minimum: 1
Maximum: 2147483647
Default: "15"

LBAppProfile (schema)

App profile

App profile. This is an abstract type. Concrete child types:
LBFastTcpProfile
LBFastUdpProfile
LBHttpProfile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBAppProfile LBApplicationProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LBAppProfileListResult (schema)

Paged Collection of LBAppProfile

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results LBAppProfile list results array of LBAppProfile
(Abstract type: pass one of the following concrete types)
LBFastTcpProfile
LBFastUdpProfile
LBHttpProfile		 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LBApplicationProfileType (schema)

Application profile type

An application profile can be bound to a virtual server
to specify the application protocol characteristics. It is used to
influence how load balancing is performed. Currently, three types of
application profiles are supported: LBFastTCPProfile,
LBFastUDPProfile and LBHttpProfile.
LBFastTCPProfile or LBFastUDPProfile is typically
used when the application is using a custom protocol or a standard protocol
not supported by the load balancer. It is also used in cases where the user
only wants L4 load balancing mainly because L4 load balancing has much
higher performance and scalability, and/or supports connection mirroring.
LBHttpProfile is used for both HTTP and HTTPS applications.
Though application rules, if bound to the virtual server, can be used
to accomplish the same goal, LBHttpProfile is intended to
simplify enabling certain common use cases.

Name Description Type Notes
LBApplicationProfileType Application profile type

An application profile can be bound to a virtual server
to specify the application protocol characteristics. It is used to
influence how load balancing is performed. Currently, three types of
application profiles are supported: LBFastTCPProfile,
LBFastUDPProfile and LBHttpProfile.
LBFastTCPProfile or LBFastUDPProfile is typically
used when the application is using a custom protocol or a standard protocol
not supported by the load balancer. It is also used in cases where the user
only wants L4 load balancing mainly because L4 load balancing has much
higher performance and scalability, and/or supports connection mirroring.
LBHttpProfile is used for both HTTP and HTTPS applications.
Though application rules, if bound to the virtual server, can be used
to accomplish the same goal, LBHttpProfile is intended to
simplify enabling certain common use cases.
string Enum: LBHttpProfile, LBFastTcpProfile, LBFastUdpProfile

LBClientCertificateIssuerDnCondition (schema)

Match condition for client certficate issuer DN

Match condition for client certficate issuer DN.

Name Description Type Notes
case_sensitive A case sensitive flag for issuer DN comparing

If true, case is significant when comparing issuer DN value.
boolean Default: "True"
issuer_dn Value of issuer DN

Value of issuer DN.		 string Required
match_type Match type of issuer DN

Match type of issuer DN.		 LbRuleMatchType Default: "REGEX"

LBClientCertificateSubjectDnCondition (schema)

Match condition for client certficate subject DN

Match condition for client certficate subject DN.

Name Description Type Notes
case_sensitive A case sensitive flag for subject DN comparing

If true, case is significant when comparing subject DN value.
boolean Default: "True"
match_type Match type of subject DN

Match type of subject DN.		 LbRuleMatchType Default: "REGEX"
subject_dn Value of subject DN

Value of subject DN.		 string Required

LBClientSslProfile (schema)

Client SSL profile

Client SSL profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
cipher_group_label Label of cipher group

It is a label of cipher group which is mostly consumed by GUI.
SslCipherGroup
ciphers Supported SSL cipher list to client side

Supported SSL cipher list to client side.		 array of SslCipher
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
is_fips FIPS compliance of ciphers and protocols

This flag is set to true when all the ciphers and protocols are FIPS
compliant. It is set to false when one of the ciphers or protocols are
not FIPS compliant..
boolean Readonly
is_secure Secure/Insecure SSL profile flag

This flag is set to true when all the ciphers and protocols are secure.
It is set to false when one of the ciphers or protocols is insecure.
boolean Readonly
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
prefer_server_ciphers Prefer server ciphers flag

During SSL handshake as part of the SSL client Hello client sends an
ordered list of ciphers that it can support (or prefers) and typically
server selects the first one from the top of that list it can also
support. For Perfect Forward Secrecy(PFS), server could override the
client's preference.
boolean Default: "True"
protocols Supported SSL protocol list to client side

SSL versions TLS1.1 and TLS1.2 are supported and enabled by default.
SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
array of SslProtocol
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBClientSslProfile string
session_cache_enabled Session cache enable/disable flag

SSL session caching allows SSL client and server to reuse previously
negotiated security parameters avoiding the expensive public key
operation during handshake.
boolean Default: "True"
session_cache_timeout SSL session cache timeout value

Session cache timeout specifies how long the SSL session parameters
are held on to and can be reused.
integer Minimum: 1
Maximum: 86400
Default: "300"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LBClientSslProfileBinding (schema)

Client SSL profile binding

Client SSL profile binding.

Name Description Type Notes
certificate_chain_depth The maximum traversal depth of client certificate chain

Authentication depth is used to set the verification depth in the client
certificates chain.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
client_auth Client authentication mode

Client authentication mode.		 ClientAuthType Default: "IGNORE"
client_auth_ca_paths CA path list to verify client certificate

If client auth type is REQUIRED, client certificate must be signed by
one of the trusted Certificate Authorities (CAs), also referred to as
root CAs, whose self signed certificates are specified.
array of string
client_auth_crl_paths CRL path list to verify client certificate

A Certificate Revocation List (CRL) can be specified in the client-side
SSL profile binding to disallow compromised client certificates.
array of string
default_certificate_path Default service certificate identifier

A default certificate should be specified which will be used if the
server does not host multiple hostnames on the same IP address or if
the client does not support SNI extension.
string Required
sni_certificate_paths SNI certificate path list

Client-side SSL profile binding allows multiple certificates, for
different hostnames, to be bound to the same virtual server.
array of string
ssl_profile_path Client SSL profile path

Client SSL profile defines reusable, application-independent client side
SSL properties.
string

LBClientSslProfileListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of load balancer client SSL profiles array of LBClientSslProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LBCookiePersistenceProfile (schema)

LBPersistenceProflie using Cookies for L7 LBVirtualServer

Some applications maintain state and require all relevant connections
to be sent to the same server as the application state is not
synchronized among servers. Persistence is enabled on a
LBVirtualServer by binding a persistence profile to it.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
cookie_domain Cookie domain

HTTP cookie domain could be configured, only available for insert mode.
string
cookie_fallback Cookie persistence fallback

If fallback is true, once the cookie points to a server that is down
(i.e. admin state DISABLED or healthcheck state is DOWN), then a new
server is selected by default to handle that request.
If fallback is false, it will cause the request to be rejected if
cookie points to a server.
boolean Default: "True"
cookie_garble Cookie persistence garble

If garble is set to true, cookie value (server IP and port) would be
encrypted.
If garble is set to false, cookie value would be plain text.
boolean Default: "True"
cookie_mode Cookie persistence mode

Cookie persistence mode.		 CookiePersistenceModeType Default: "INSERT"
cookie_name Cookie name

Cookie name.		 string Default: "NSXLB"
cookie_path Cookie path

HTTP cookie path could be set, only available for insert mode.
string
cookie_time Cookie time setting

Both session cookie and persistence cookie are supported, if not
specified, it's a session cookie. It expires when the browser is
closed.
LBCookieTime
(Abstract type: pass one of the following concrete types)
LBPersistenceCookieTime
LBSessionCookieTime
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
persistence_shared Persistence shared across LBVirtualServers

Persistence shared setting indicates that all LBVirtualServers
that consume this LBPersistenceProfile should share the same
persistence mechanism when enabled. Meaning, persistence entries of
a client accessing one virtual server will also affect the same
client's connections to a different virtual server. For example, say
there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to
the same Group g1 consisting of two servers (s11:80 and s12:80). By
default, each virtual server will have its own persistence table or
cookie. So, in the earlier example, there will be two tables
(vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client
connects to vip1:80 and later connects to vip1:8080, the second
connection may be sent to a different server than the first. When
persistence_shared is enabled, then the second connection will always
connect to the same server as the original connection. For COOKIE
persistence type, the same cookie will be shared by multiple virtual
servers. For SOURCE_IP persistence type, the persistence table will
be shared across virtual servers. For GENERIC persistence type, the
persistence table will be shared across virtual servers which consume
the same persistence profile in LBRule actions.
boolean Default: "False"
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBCookiePersistenceProfile string Required
Enum: LBSourceIpPersistenceProfile, LBCookiePersistenceProfile, LBGenericPersistenceProfile
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LBCookieTime (schema)

Cookie time

Cookie time. This is an abstract type. Concrete child types:
LBPersistenceCookieTime
LBSessionCookieTime

Name Description Type Notes
type LBCookieTimeType Required

LBCookieTimeType (schema)

CookieTime type

Both session cookie and persistence cookie are supported,
Use LbSessionCookieTime for session cookie time setting,
Use LbPersistenceCookieTime for persistence cookie time setting

Name Description Type Notes
LBCookieTimeType CookieTime type

Both session cookie and persistence cookie are supported,
Use LbSessionCookieTime for session cookie time setting,
Use LbPersistenceCookieTime for persistence cookie time setting
string Enum: LBSessionCookieTime, LBPersistenceCookieTime

LBEdgeNodeUsage (schema)

The load balancer usage for an edge node

The capacity contains basic information and load balancer entity usages
and capacity for the given edge node.

Name Description Type Notes
current_large_load_balancer_count The current large load balancer count

The count of large load balancer services configured on the node.
integer Readonly
current_load_balancer_credits Current load balancer credits

The current load balancer credits means the current credits used on the
node. For example, configuring a medium load balancer on a node
consumes 10 credits. If there are 2 medium instances configured on a
node, the current credit number is 2 * 10 = 20.
integer Readonly
current_medium_load_balancer_count The current medium load balancer count

The count of medium load balancer services configured on the node.
integer Readonly
current_pool_count The current pool count.

The count of pools configured on the node.
integer Readonly
current_pool_member_count The current pool member count

The count of pool members configured on the node.
integer Readonly
current_small_load_balancer_count The current small load balancer count

The count of small load balancer services configured on the node.
integer Readonly
current_virtual_server_count The current virtual server count

The count of virtual servers configured on the node.
integer Readonly
edge_cluster_path The path of edge cluster

The path of edge cluster which contains the edge node.
string Readonly
form_factor The form factor of the given edge node

The form factor of the given edge node.
string Readonly
Enum: SMALL_VIRTUAL_MACHINE, MEDIUM_VIRTUAL_MACHINE, LARGE_VIRTUAL_MACHINE, PHYSICAL_MACHINE
load_balancer_credit_capacity Load balancer credit capacity

The load balancer credit capacity means the maximum credits which can
be used for load balancer configuration for the given edge node.
integer Readonly
node_path The node path for load balancer node usage

The property identifies the node path for load balancer node usage.
For example, node_path=/infra/sites/default/enforcement-points/default
/edge-clusters/85175e0b-4d74-461d-83e1-f3b785adef9c/edge-nodes
/86e077c0-449f-11e9-87c8-02004eb37029.
string Required
pool_member_capacity The pool member capacity

Pool member capacity means maximum number of pool members which can
be configured on the given edge node.
integer Readonly
remaining_large_load_balancer_count The remaining large load balancer count

The remaining count of large load balancer services which can be
configured on the given edge node.
integer Readonly
remaining_medium_load_balancer_count The remaining medium load balancer count

The remaining count of medium load balancer services which can be
configured on the given edge node.
integer Readonly
remaining_small_load_balancer_count The remaining small load balancer count

The remaining count of small load balancer services which can be
configured on the given edge node.
integer Readonly
resource_type Must be set to the value LBEdgeNodeUsage string Required
severity LB usage severity

The severity calculation is based on current credit usage percentage
of load balancer for one node.
LBUsageSeverity Readonly
usage_percentage Usage percentage

The usage percentage of one edge node for load balancer.
number Readonly

LBFastTcpProfile (schema)

Fast TCP profile

Fast TCP profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
close_timeout TCP connection idle timeout in seconds

It is used to specify how long a closing TCP connection (both FINs
received or a RST is received) should be kept for this application
before cleaning up the connection.
integer Minimum: 1
Maximum: 60
Default: "8"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
ha_flow_mirroring_enabled Flow mirroring enabled flag

If flow mirroring is enabled, all the flows to the bounded virtual
server are mirrored to the standby node.
boolean Default: "False"
id Unique identifier of this resource string Sortable
idle_timeout TCP connection idle timeout in seconds

It is used to configure how long an idle TCP connection in ESTABLISHED
state should be kept for this application before cleaning up.
integer Minimum: 1
Maximum: 2147483647
Default: "1800"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBFastTcpProfile LBApplicationProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LBFastUdpProfile (schema)

Fast UDP profile

Fast UDP profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
flow_mirroring_enabled Flow mirroring enabled flag

If flow mirroring is enabled, all the flows to the bounded virtual
server are mirrored to the standby node.
boolean Default: "False"
id Unique identifier of this resource string Sortable
idle_timeout UDP idle timeout in seconds

Though UDP is a connectionless protocol, for the purposes of load
balancing, all UDP packets with the same flow signature (source and
destination IP/ports and IP protocol) received within the idle timeout
period are considered to belong to the same connection and are sent to
the same backend server. If no packets are received for idle timeout
period, the connection (association between flow signature and the
selected server) is cleaned up.
integer Minimum: 1
Maximum: 2147483647
Default: "300"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBFastUdpProfile LBApplicationProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LBGenericPersistenceProfile (schema)

LB generic persistence profile

Some applications maintain state and require all relevant connections
to be sent to the same server as the application state is not
synchronized among servers. Persistence is enabled on a
LBVirtualServer by binding a persistence profile to it.
LBGenericPersistenceProfile cannot be attached to virtual server directly,
it can be specified in LB rule actions. In HTTP forwarding phase,
the profile can be specified in LBVariablePersistenceOnAction. In HTTP
response rewriting phase, the profile can be specified in
LBVariablePersistenceLearnAction.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
ha_persistence_mirroring_enabled Mirroring enabled flag

The mirroring enabled flag is to synchronize persistence entries.
Persistence entries are not synchronized to the HA peer by default.
boolean Default: "False"
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
persistence_shared Persistence shared across LBVirtualServers

Persistence shared setting indicates that all LBVirtualServers
that consume this LBPersistenceProfile should share the same
persistence mechanism when enabled. Meaning, persistence entries of
a client accessing one virtual server will also affect the same
client's connections to a different virtual server. For example, say
there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to
the same Group g1 consisting of two servers (s11:80 and s12:80). By
default, each virtual server will have its own persistence table or
cookie. So, in the earlier example, there will be two tables
(vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client
connects to vip1:80 and later connects to vip1:8080, the second
connection may be sent to a different server than the first. When
persistence_shared is enabled, then the second connection will always
connect to the same server as the original connection. For COOKIE
persistence type, the same cookie will be shared by multiple virtual
servers. For SOURCE_IP persistence type, the persistence table will
be shared across virtual servers. For GENERIC persistence type, the
persistence table will be shared across virtual servers which consume
the same persistence profile in LBRule actions.
boolean Default: "False"
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBGenericPersistenceProfile string Required
Enum: LBSourceIpPersistenceProfile, LBCookiePersistenceProfile, LBGenericPersistenceProfile
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Persistence entry expiration time in seconds

When all connections complete (reference count reaches 0), persistence
entry timer is started with the expiration time.
integer Minimum: 1
Maximum: 2147483647
Default: "300"

LBHttpMonitorProfile (schema)

LBMonitorProfile for active health checks over HTTP

Active healthchecks are disabled by default and can be enabled for a
server pool by binding a health monitor to the Group through the LBRule
object. This represents active health monitoring over HTTP.
Active healthchecks are initiated periodically, at a configurable
interval, to each member of the Group. Only if a healthcheck fails
consecutively for a specified number of times (fall_count) to a member will
the member status be marked DOWN. Once a member is DOWN, a specified
number of consecutive successful healthchecks (rise_count) will bring the
member back to UP state. After a healthcheck is initiated, if it does not
complete within a certain period, then also the healthcheck is considered
to be unsuccessful.
Completing a healthcheck within timeout means establishing a connection
(TCP or SSL), if applicable, sending the request and receiving the
response, all within the configured timeout.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count Monitor fall count for active healthchecks

Only if a healthcheck fails consecutively for a specified number of
times, given with fall_count, to a member will the member status be
marked DOWN.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
id Unique identifier of this resource string Sortable
interval Monitor interval in seconds for active healthchecks

Active healthchecks are initiated periodically, at a configurable
interval (in seconds), to each member of the Group.
integer Minimum: 1
Maximum: 2147483647
Default: "5"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
monitor_port Monitor port for active healthchecks

Typically, monitors perform healthchecks to Group members using the
member IP address and pool_port.
However, in some cases, customers prefer to run healthchecks against a
different port than the pool member port which handles actual
application traffic. In such cases, the port to run healthchecks
against can be specified in the monitor_port value.
For ICMP monitor, monitor_port is not required.
int Minimum: 0
Maximum: 65535
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
request_body HTTP health check request body

String to send as part of HTTP health check request body. Valid only
for certain HTTP methods like POST.
string
request_headers Array of HTTP request headers

Array of HTTP request headers.		 array of LbHttpRequestHeader
request_method The health check method for HTTP monitor type

The health check method for HTTP monitor type.		 HttpRequestMethodType Default: "GET"
request_url Customized HTTP request url for active health checks

For HTTP active healthchecks, the HTTP request url sent can be
customized and can include query parameters.
string Default: "/"
request_version HTTP request version

HTTP request version.		 HttpRequestVersionType Default: "HTTP_VERSION_1_1"
resource_type Must be set to the value LBHttpMonitorProfile LBMonitorProfileType Required
response_body Response body to match

If HTTP response body match string (regular expressions not supported)
is specified (using LBHttpMonitor.response_body) then the
healthcheck HTTP response body is matched against the specified string
and server is considered healthy only if there is a match.
If the response body string is not specified, HTTP healthcheck is
considered successful if the HTTP response status code is 2xx, but it
can be configured to accept other status codes as successful.
string
response_status_codes Array of single HTTP response status codes

The HTTP response status code should be a valid HTTP status code.
array of int Maximum items: 64
rise_count Monitor rise count for active healthchecks

Once a member is DOWN, a specified number of consecutive successful
healthchecks specified by rise_count will bring the member back to UP
state.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Monitor timeout in seconds for active healthchecks

Timeout specified in seconds. After a healthcheck is initiated, if it
does not complete within a certain period, then also the healthcheck
is considered to be unsuccessful. Completing a healthcheck within
timeout means establishing a connection (TCP or SSL), if applicable,
sending the request and receiving the response, all within the
configured timeout.
integer Minimum: 1
Maximum: 2147483647
Default: "15"

LBHttpProfile (schema)

Http profile

Http profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
http_redirect_to Http redirect static URL

If a website is temporarily down or has moved, incoming requests
for that virtual server can be temporarily redirected to a URL.
string
http_redirect_to_https Flag to indicate whether enable HTTP-HTTPS redirect

Certain secure applications may want to force communication over SSL,
but instead of rejecting non-SSL connections, they may choose to
redirect the client automatically to use SSL.
boolean Default: "False"
id Unique identifier of this resource string Sortable
idle_timeout HTTP application idle timeout in seconds

It is used to specify the HTTP application idle timeout, it means that
how long the load balancer will keep the connection idle to wait for
the client to send the next keep-alive request. It is not a TCP socket
setting.
integer Minimum: 1
Maximum: 5400
Default: "15"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
ntlm NTLM support flag

NTLM is an authentication protocol that can be used over HTTP. If the
flag is set to true, LB will use NTLM challenge/response methodology.
boolean Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
request_body_size Maximum size of the buffer used to store HTTP request body

If it is not specified, it means that request body size is unlimited.
integer Minimum: 1
Maximum: 2147483647
request_header_size Maximum size of the buffer used to store HTTP request headers

A request with header larger than request_header_size will be processed
as best effort whereas a request with header below this specified size
is guaranteed to be processed.
integer Minimum: 1
Maximum: 65536
Default: "1024"
resource_type Must be set to the value LBHttpProfile LBApplicationProfileType Required
response_header_size Maximum size of the buffer used to store HTTP response headers

A response with header larger than response_header_size will be dropped.
integer Minimum: 1
Maximum: 65536
Default: "4096"
response_timeout Maximum server idle time in seconds

If server doesn’t send any packet within this time, the connection is closed.
integer Minimum: 1
Maximum: 2147483647
Default: "60"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
x_forwarded_for Insert or replace x_forwarded_for

Insert or replace x_forwarded_for.		 LBXForwardedForType

LBHttpRedirectAction (schema)

Action to redirect HTTP request messages

This action is used to redirect HTTP request messages to a new URL. The
reply_status value specified in this action is used as the status code of
HTTP response message which is sent back to client (Normally a browser).
The HTTP status code for redirection is 3xx, for example, 301, 302, 303,
307, etc. The redirect_url is the new URL that the HTTP request message is
redirected to. Normally browser will send another HTTP request to the new
URL after receiving a redirection response message.
Captured variables and built-in variables can be used in redirect_url field.
For example, to redirect all HTTP requests to HTTPS requests for a virtual
server. We create an LBRule without any conditions, add an
LBHttpRedirectAction to the rule. Set the
redirect_url field of the LBHttpRedirectAction to:
https://$_host$_request_uri
And set redirect_status to "302", which means found. This rule will
redirect all HTTP requests to HTTPS server port on the same host.

Name Description Type Notes
redirect_status HTTP response status code

HTTP response status code.		 string Required
redirect_url The URL that the HTTP request is redirected to

The URL that the HTTP request is redirected to.		 string Required
type Must be set to the value LBHttpRedirectAction LBRuleActionType Required

LBHttpRejectAction (schema)

Action to reject HTTP request messages

This action is used to reject HTTP request messages. The specified
reply_status value is used as the status code for the corresponding HTTP
response message which is sent back to client (Normally a browser)
indicating the reason it was rejected. Reference official HTTP status code
list for your specific HTTP version to set the reply_status properly.
LBHttpRejectAction does not support variables.

Name Description Type Notes
reply_message Response message

Response message.		 string
reply_status HTTP response status code

HTTP response status code.		 string Required
type Must be set to the value LBHttpRejectAction LBRuleActionType Required

LBHttpRequestBodyCondition (schema)

Condition to match content of HTTP request message body

This condition is used to match the message body of an HTTP request.
Typically, only HTTP POST, PATCH, or PUT requests have request body.
The match_type field defines how body_value field is used to match the body
of HTTP requests.

Name Description Type Notes
body_value HTTP request body string Required
case_sensitive A case sensitive flag for HTTP body comparing

If true, case is significant when comparing HTTP body value.
boolean Default: "True"
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
match_type Match type of HTTP body LbRuleMatchType Default: "REGEX"
type Must be set to the value LBHttpRequestBodyCondition LBRuleConditionType Required

LBHttpRequestCookieCondition (schema)

Condition to match HTTP request cookie

This condition is used to match HTTP request messages by cookie which is a
specific type of HTTP header. The match_type and case_sensitive define how
to compare cookie value.

Name Description Type Notes
case_sensitive A case sensitive flag for cookie value comparing

If true, case is significant when comparing cookie value.
boolean Default: "True"
cookie_name Name of cookie

Cookie name.		 string Required
cookie_value Value of cookie

Cookie value.		 string Required
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
match_type Match type of cookie value

Match type of cookie value.		 LbRuleMatchType Default: "REGEX"
type Must be set to the value LBHttpRequestCookieCondition LBRuleConditionType Required

LBHttpRequestHeaderCondition (schema)

Condition to match HTTP request header

This condition is used to match HTTP request messages by HTTP header
fields. HTTP header fields are components of the header section of HTTP
request and response messages. They define the operating parameters of an
HTTP transaction. For example, Cookie, Authorization, User-Agent, etc. One
condition can be used to match one header field, to match multiple header
fields, multiple conditions must be specified.
The match_type field defines how header_value field is used to match HTTP
requests. The header_name field does not support match types.

Name Description Type Notes
case_sensitive A case sensitive flag for HTTP header value comparing

If true, case is significant when comparing HTTP header value.
boolean Default: "True"
header_name Name of HTTP header string Default: "Host"
header_value Value of HTTP header string Required
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
match_type Match type of HTTP header value LbRuleMatchType Default: "REGEX"
type Must be set to the value LBHttpRequestHeaderCondition LBRuleConditionType Required

LBHttpRequestHeaderDeleteAction (schema)

Action to delete HTTP request header fields

This action is used to delete header fields of HTTP request messages at
HTTP_REQUEST_REWRITE phase. One action can be used to delete all headers
with same header name. To delete headers with different header names,
multiple actions must be defined.

Name Description Type Notes
header_name Name of a header field of HTTP request message

Name of a header field of HTTP request message.		 string Required
type Must be set to the value LBHttpRequestHeaderDeleteAction LBRuleActionType Required

LBHttpRequestHeaderRewriteAction (schema)

Action to rewrite header fields of HTTP request messages

This action is used to rewrite header fields of matched HTTP request
messages to specified new values. One action can be used to rewrite one
header field. To rewrite multiple header fields, multiple actions must be
defined.
Captured variables and built-in variables can be used in the header_value
field, header_name field does not support variables.

Name Description Type Notes
header_name Name of HTTP request header

Name of HTTP request header.		 string Required
header_value Value of HTTP request header

Value of HTTP request header.		 string Required
type Must be set to the value LBHttpRequestHeaderRewriteAction LBRuleActionType Required

LBHttpRequestMethodCondition (schema)

Condition to match method of HTTP request messages

This condition is used to match method of HTTP requests. If the method of an
HTTP request is same as the method specified in this condition, the HTTP
request match this condition. For example, if the method field is set to
GET in this condition, any HTTP request with GET method matches the
condition.

Name Description Type Notes
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
method Type of HTTP request method HttpRequestMethodType Required
type Must be set to the value LBHttpRequestMethodCondition LBRuleConditionType Required

LBHttpRequestUriArgumentsCondition (schema)

Condition to match URI arguments of HTTP requests

This condition is used to match URI arguments aka query string of Http
request messages, for example, in URI http://exaple.com?foo=1&bar=2, the
"foo=1&bar=2" is the query string containing URI arguments. In an URI
scheme, query string is indicated by the first question mark ("?")
character and terminated by a number sign ("#") character or by the end of
the URI.
The uri_arguments field can be specified as a regular expression(Set
match_type to REGEX). For example, "foo=(?<x>\d+)". It matches HTTP
requests whose URI arguments containing "foo", the value of foo contains
only digits. And the value of foo is captured as $x which can be used in
LBRuleAction fields which support variables.

Name Description Type Notes
case_sensitive A case sensitive flag for URI arguments comparing

If true, case is significant when comparing URI arguments.
boolean Default: "True"
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
match_type Match type of URI arguments LbRuleMatchType Default: "REGEX"
type Must be set to the value LBHttpRequestUriArgumentsCondition LBRuleConditionType Required
uri_arguments URI arguments

URI arguments, aka query string of URI.
string Required

LBHttpRequestUriCondition (schema)

Condition to match URIs of HTTP request messages

This condition is used to match URIs(Uniform Resource Identifier) of HTTP
request messages. The URI field can be specified as a regular expression.
If an HTTP request message is requesting an URI which matches specified
regular expression, it matches the condition.
The syntax of whole URI looks like this:
scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment]
This condition matches only the path part of entire URI.
When match_type field is specified as REGEX, the uri field is used as a
regular expression to match URI path of HTTP requests. For example, to
match any URI that has "/image/" or "/images/", uri field can be specified
as: "/image[s]?/".
Named capturing groups can be used in the uri field to capture substrings
of matched URIs and store them in variables for use in LBRuleAction. For
example, specify uri field as:
"/news/(?<year>\d+)/(?<month>\d+)/(?<article>.*)"
If the URI path is /articles/news/2017/06/xyz.html, then substring "2017"
is captured in variable year, "06" is captured in variable month, and
"xyz.html" is captured in variable article. These variables can then
be used in an LBRuleAction field which supports variables, such as uri
field of LBHttpRequestUriRewriteAction. For example, set the uri field
of LBHttpRequestUriRewriteAction as:
"/articles/news/$year-$month-$article"
Then the URI path /articles/news/2017/06/xyz.html is rewritten to:
"/articles/news/2017-06-xyz.html"

Name Description Type Notes
case_sensitive A case sensitive flag for URI comparing

If true, case is significant when comparing URI.
boolean Default: "True"
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
match_type Match type of URI LbRuleMatchType Default: "REGEX"
type Must be set to the value LBHttpRequestUriCondition LBRuleConditionType Required
uri A string used to identify resource string Required

LBHttpRequestUriRewriteAction (schema)

Action to rewrite HTTP request URIs.

This action is used to rewrite URIs in matched HTTP request messages.
Specify the uri and uri_arguments fields in this condition to rewrite the
matched HTTP request message's URI and URI arguments to the new values.
Full URI scheme of HTTP messages have following syntax:
scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment]
The uri field of this action is used to rewrite the /path part in above
scheme. And the uri_arguments field is used to rewrite the query part.
Captured variables and built-in variables can be used in the uri and
uri_arguments fields.
Check the example in LBRuleAction to see how to use variables in this
action.

Name Description Type Notes
type Must be set to the value LBHttpRequestUriRewriteAction LBRuleActionType Required
uri URI of HTTP request

URI of HTTP request.		 string Required
uri_arguments URI arguments

Query string of URI, typically contains key value pairs, for example:
foo1=bar1&foo2=bar2.
string

LBHttpRequestVersionCondition (schema)

Condition to match HTTP protocol version of HTTP requests

This condition is used to match the HTTP protocol version of the HTTP
request messages.

Name Description Type Notes
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
type Must be set to the value LBHttpRequestVersionCondition LBRuleConditionType Required
version HTTP version HttpRequestVersionType Required

LBHttpResponseHeaderCondition (schema)

Condition to match a header field of HTTP response

This condition is used to match HTTP response messages from backend servers
by HTTP header fields. HTTP header fields are components of the header
section of HTTP request and response messages. They define the operating
parameters of an HTTP transaction. For example, Cookie, Authorization,
User-Agent, etc. One condition can be used to match one header field, to
match multiple header fields, multiple conditions must be specified.
The match_type field defines how header_value field is used to match HTTP
responses. The header_name field does not support match types.

Name Description Type Notes
case_sensitive A case sensitive flag for HTTP header value comparing

If true, case is significant when comparing HTTP header value.
boolean Default: "True"
header_name Name of HTTP header field string Required
header_value Value of HTTP header field string Required
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
match_type Match type of HTTP header value LbRuleMatchType Default: "REGEX"
type Must be set to the value LBHttpResponseHeaderCondition LBRuleConditionType Required

LBHttpResponseHeaderDeleteAction (schema)

Action to delete HTTP response header fields

This action is used to delete header fields of HTTP response messages at
HTTP_RESPONSE_REWRITE phase. One action can be used to delete allgi headers
with same header name. To delete headers with different header names,
multiple actions must be defined.

Name Description Type Notes
header_name Name of a header field of HTTP response message

Name of a header field of HTTP response message.		 string Required
type Must be set to the value LBHttpResponseHeaderDeleteAction LBRuleActionType Required

LBHttpResponseHeaderRewriteAction (schema)

Action to rewrite HTTP response header fields

This action is used to rewrite header fields of HTTP response messages to
specified new values at HTTP_RESPONSE_REWRITE phase. One action can be used
to rewrite one header field. To rewrite multiple header fields, multiple
actions must be defined.
Captured variables and built-in variables can be used in the header_value
field, header_name field does not support variables.

Name Description Type Notes
header_name Name of a header field of HTTP request message

Name of a header field of HTTP request message.		 string Required
header_value Value of header field

Value of header field		 string Required
type Must be set to the value LBHttpResponseHeaderRewriteAction LBRuleActionType Required

LBHttpSslCondition (schema)

Condition to match SSL handshake and SSL connection

This condition is used to match SSL handshake and SSL connection at
all phases.If multiple properties are configured, the rule is considered
a match when all the configured properties are matched.

Name Description Type Notes
client_certificate_issuer_dn The issuer DN match condition of the client certificate

The issuer DN match condition of the client certificate for an
established SSL connection.
LBClientCertificateIssuerDnCondition
client_certificate_subject_dn The subject DN match condition of the client certificate

The subject DN match condition of the client certificate for an
established SSL connection.
LBClientCertificateSubjectDnCondition
client_supported_ssl_ciphers Cipher list which supported by client

Cipher list which supported by client.		 array of SslCipher
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
session_reused The type of SSL session reused

The type of SSL session reused.		 LbSslSessionReusedType Default: "IGNORE"
type Must be set to the value LBHttpSslCondition LBRuleConditionType Required
used_protocol Protocol of an established SSL connection

Protocol of an established SSL connection.		 SslProtocol
used_ssl_cipher Cipher used for an established SSL connection

Cipher used for an established SSL connection.		 SslCipher

LBHttpsMonitorProfile (schema)

LBMonitorProfile for active health checks over HTTPS

Active healthchecks are disabled by default and can be enabled for a
server pool by binding a health monitor to the Group through the LBRule
object. This represents active health monitoring over HTTPS. Active
healthchecks are initiated periodically, at a configurable interval, to
each member of the Group. Only if a healthcheck fails consecutively for a
specified number of times (fall_count) to a member will the member status
be marked DOWN. Once a member is DOWN, a specified number of consecutive
successful healthchecks (rise_count) will bring the member back to UP
state. After a healthcheck is initiated, if it does not complete within a
certain period, then also the healthcheck is considered to be
unsuccessful. Completing a healthcheck within timeout means establishing
a connection (TCP or SSL), if applicable, sending the request and
receiving the response, all within the configured timeout.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count Monitor fall count for active healthchecks

Only if a healthcheck fails consecutively for a specified number of
times, given with fall_count, to a member will the member status be
marked DOWN.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
id Unique identifier of this resource string Sortable
interval Monitor interval in seconds for active healthchecks

Active healthchecks are initiated periodically, at a configurable
interval (in seconds), to each member of the Group.
integer Minimum: 1
Maximum: 2147483647
Default: "5"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
monitor_port Monitor port for active healthchecks

Typically, monitors perform healthchecks to Group members using the
member IP address and pool_port.
However, in some cases, customers prefer to run healthchecks against a
different port than the pool member port which handles actual
application traffic. In such cases, the port to run healthchecks
against can be specified in the monitor_port value.
For ICMP monitor, monitor_port is not required.
int Minimum: 0
Maximum: 65535
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
request_body HTTP health check request body

String to send as part of HTTP health check request body. Valid only
for certain HTTP methods like POST.
string
request_headers Array of HTTP request headers

Array of HTTP request headers.		 array of LbHttpRequestHeader
request_method The health check method for HTTP monitor type

The health check method for HTTP monitor type.		 HttpRequestMethodType Default: "GET"
request_url Customized HTTPS request url for active health checks

For HTTPS active healthchecks, the HTTPS request url sent can be
customized and can include query parameters.
string Default: "/"
request_version HTTP request version

HTTP request version.		 HttpRequestVersionType Default: "HTTP_VERSION_1_1"
resource_type Must be set to the value LBHttpsMonitorProfile LBMonitorProfileType Required
response_body Response body to match

If HTTP response body match string (regular expressions not supported)
is specified (using LBHttpMonitor.response_body) then the
healthcheck HTTP response body is matched against the specified string
and server is considered healthy only if there is a match.
If the response body string is not specified, HTTP healthcheck is
considered successful if the HTTP response status code is 2xx, but it
can be configured to accept other status codes as successful.
string
response_status_codes Array of single HTTP response status codes

The HTTP response status code should be a valid HTTP status code.
array of int Maximum items: 64
rise_count Monitor rise count for active healthchecks

Once a member is DOWN, a specified number of consecutive successful
healthchecks specified by rise_count will bring the member back to UP
state.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
server_ssl_profile_binding Pool side SSL binding setting

The setting is used when the monitor acts as an SSL client and
establishing a connection to the backend server.
LBServerSslProfileBinding
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Monitor timeout in seconds for active healthchecks

Timeout specified in seconds. After a healthcheck is initiated, if it
does not complete within a certain period, then also the healthcheck
is considered to be unsuccessful. Completing a healthcheck within
timeout means establishing a connection (TCP or SSL), if applicable,
sending the request and receiving the response, all within the
configured timeout.
integer Minimum: 1
Maximum: 2147483647
Default: "15"

LBIcmpMonitorProfile (schema)

LBMonitorProfile for active health checks over ICMP

Active healthchecks are disabled by default and can be enabled for a
server pool by binding a health monitor to the Group through the LBRule
object. This represents active health monitoring over ICMP.
Active healthchecks are initiated periodically, at a configurable
interval, to each member of the Group. Only if a healthcheck fails
consecutively for a specified number of times (fall_count) to a member will
the member status be marked DOWN. Once a member is DOWN, a specified
number of consecutive successful healt hchecks (rise_count) will bring the
member back to UP state. After a healthcheck is initiated, if it does not
complete within a certain period, then also the healthcheck is considered
to be unsuccessful. Completing a healthcheck within timeout means establishing
a connection (TCP or SSL), if applicable, sending the request and
receiving the response, all within the configured timeout.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
data_length The data size (in byte) of the ICMP healthcheck packet integer Minimum: 0
Maximum: 65507
Default: "56"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count Monitor fall count for active healthchecks

Only if a healthcheck fails consecutively for a specified number of
times, given with fall_count, to a member will the member status be
marked DOWN.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
id Unique identifier of this resource string Sortable
interval Monitor interval in seconds for active healthchecks

Active healthchecks are initiated periodically, at a configurable
interval (in seconds), to each member of the Group.
integer Minimum: 1
Maximum: 2147483647
Default: "5"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
monitor_port Monitor port for active healthchecks

Typically, monitors perform healthchecks to Group members using the
member IP address and pool_port.
However, in some cases, customers prefer to run healthchecks against a
different port than the pool member port which handles actual
application traffic. In such cases, the port to run healthchecks
against can be specified in the monitor_port value.
For ICMP monitor, monitor_port is not required.
int Minimum: 0
Maximum: 65535
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBIcmpMonitorProfile LBMonitorProfileType Required
rise_count Monitor rise count for active healthchecks

Once a member is DOWN, a specified number of consecutive successful
healthchecks specified by rise_count will bring the member back to UP
state.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Monitor timeout in seconds for active healthchecks

Timeout specified in seconds. After a healthcheck is initiated, if it
does not complete within a certain period, then also the healthcheck
is considered to be unsuccessful. Completing a healthcheck within
timeout means establishing a connection (TCP or SSL), if applicable,
sending the request and receiving the response, all within the
configured timeout.
integer Minimum: 1
Maximum: 2147483647
Default: "15"

LBIpHeaderCondition (schema)

Condition to match IP header fields

This condition is used to match IP header fields of HTTP messages.
Currently, only the source IP address is supported. IP addresses can be
expressed as a single IP address like 10.1.1.1, or a range of IP addresses
like 10.1.1.101-10.1.1.160. Both IPv4 and IPv6 addresses are supported.

Name Description Type Notes
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
source_address Source IP address of HTTP message IPElement Required
type Must be set to the value LBIpHeaderCondition LBRuleConditionType Required

LBMonitorProfile (schema)

This is an abstract type. Concrete child types:
LBActiveMonitor
LBHttpMonitorProfile
LBHttpsMonitorProfile
LBIcmpMonitorProfile
LBPassiveMonitorProfile
LBTcpMonitorProfile
LBUdpMonitorProfile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBMonitorProfile LBMonitorProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LBMonitorProfileListResult (schema)

Paged Collection of LBMonitorProfiles

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results LBMonitorProfile list results array of LBMonitorProfile
(Abstract type: pass one of the following concrete types)
LBActiveMonitor
LBHttpMonitorProfile
LBHttpsMonitorProfile
LBIcmpMonitorProfile
LBPassiveMonitorProfile
LBTcpMonitorProfile
LBUdpMonitorProfile		 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LBMonitorProfileType (schema)

Monitor type

There are two types of healthchecks: active and passive.
Passive healthchecks depend on failures in actual client traffic (e.g. RST
from server in response to a client connection) to detect that the server
or the application is down.
In case of active healthchecks, load balancer itself initiates new
connections (or sends ICMP ping) to the servers periodically to check their
health, completely independent of any data traffic.
Currently, active health monitors are supported for HTTP, HTTPS, TCP, UDP
and ICMP protocols.

Name Description Type Notes
LBMonitorProfileType Monitor type

There are two types of healthchecks: active and passive.
Passive healthchecks depend on failures in actual client traffic (e.g. RST
from server in response to a client connection) to detect that the server
or the application is down.
In case of active healthchecks, load balancer itself initiates new
connections (or sends ICMP ping) to the servers periodically to check their
health, completely independent of any data traffic.
Currently, active health monitors are supported for HTTP, HTTPS, TCP, UDP
and ICMP protocols.
string Enum: LBTcpMonitorProfile, LBUdpMonitorProfile, LBIcmpMonitorProfile, LBHttpMonitorProfile, LBHttpsMonitorProfile, LBPassiveMonitorProfile

LBNodeCountPerSeverity (schema)

The node count for specific severity

The node count for specific load balancer usage severity.

Name Description Type Notes
node_count Node count for specific serverity

Node count for specific serverity.
integer Readonly
severity LB usage severity

The severity calculation is based on current credit usage percentage
of load balancer for one node.
LBUsageSeverity Readonly

LBNodeUsage (schema)

Node usage for load balancer

Node usage for load balancer contains basic information and LB entity
usages and capacity for the given node. Only edge node is supported.
This is an abstract type. Concrete child types:
LBEdgeNodeUsage

Name Description Type Notes
node_path The node path for load balancer node usage

The property identifies the node path for load balancer node usage.
For example, node_path=/infra/sites/default/enforcement-points/default
/edge-clusters/85175e0b-4d74-461d-83e1-f3b785adef9c/edge-nodes
/86e077c0-449f-11e9-87c8-02004eb37029.
string Required
resource_type Type of load balancer node usage

The property identifies the load balancer node usage type.
string Required

LBNodeUsageRequestParameters (schema)

Name Description Type Notes
node_path The node path for load balancer node usage

The property identifies the node path for load balancer node usage.
For example, ?node_path=/infra/sites/default/enforcement-points/default
/edge-clusters/85175e0b-4d74-461d-83e1-f3b785adef9c/edge-nodes
/86e077c0-449f-11e9-87c8-02004eb37029.
string Required

LBNodeUsageSummary (schema)

LB node usage summary for all nodes

The load balancer node usage summary for all nodes from specific
enforcement point. Only edge node is supported. The summary contains all
edge nodes which are configured in edge clusters.

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
current_load_balancer_credits Current load balancer credits

Current load balancer credits in use for all nodes.
For example, configuring a medium load balancer on a node consumes
10 credits. If there are 2 medium instances configured, the current
load balancer credit number is 2 * 10 = 20.
integer Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
load_balancer_credit_capacity Load balancer credit capacity

The load balancer credit capacity means the maximum credits which can
be used for load balancer service configuration for all nodes.
integer Readonly
node_counts Array of node count for each severity

The property identifies array of node count for each severity.
array of LBNodeCountPerSeverity Readonly
node_usages LB node usages

The property identifies all LB node usages. By default, it is not
included in response. It exists when parameter ?include_usages=true.
array of LBNodeUsage
(Abstract type: pass one of the following concrete types)
LBEdgeNodeUsage		 Readonly
severity LB usage severity

The severity calculation is based on overall credit usage percentage
of load balancer for all nodes.
LBUsageSeverity Readonly
usage_percentage Usage percentage

The overall credit usage percentage of all nodes for load balancer.
number Readonly

LBNodeUsageSummaryRequestParameters (schema)

Load balancer node usage summary request parameters

Name Description Type Notes
enforcement_point_path enforcement point path

Specify enforcement point path.
string
include_usages Whether to include usages

Specify whether to include usages in response.
boolean

LBPassiveMonitorProfile (schema)

Base class for each type of active LBMonitorProfile

The passive type of LBMonitorProfile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
max_fails Number of consecutive connection failures

When the consecutive failures reach this value, then the member is
considered temporarily unavailable for a configurable period
integer Minimum: 1
Maximum: 2147483647
Default: "5"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBPassiveMonitorProfile LBMonitorProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Timeout in seconds before it is selected again for a new connection

After this timeout period, the member is tried again for a new
connection to see if it is available.
integer Minimum: 1
Maximum: 2147483647
Default: "5"

LBPersistenceCookieTime (schema)

Persistence cookie time

Persistence cookie time.

Name Description Type Notes
cookie_max_idle Persistence cookie max idle time in seconds

HTTP cookie max-age to expire cookie, only available for insert mode.
integer Required
Minimum: 1
Maximum: 2147483647
type Must be set to the value LBPersistenceCookieTime LBCookieTimeType Required

LBPersistenceProfile (schema)

Contains the information related to load balancer persistence options

Some applications maintain state and require all relevant connections
to be sent to the same server as the application state is not
synchronized among servers. Persistence is enabled on a
LBVirtualServer by binding a persistence profile to it.
LBGenericPersistenceProfile cannot be attached to LBVirtualServer
directly, it can be specified in LBVariablePersistenceOnAction or
LBVariablePersistenceLearnAction in LBRule. If a user attaches a
LBGenericPersistenceProfile directly to a virtual server, the operation
is rejected.
This is an abstract type. Concrete child types:
LBCookiePersistenceProfile
LBGenericPersistenceProfile
LBSourceIpPersistenceProfile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
persistence_shared Persistence shared across LBVirtualServers

Persistence shared setting indicates that all LBVirtualServers
that consume this LBPersistenceProfile should share the same
persistence mechanism when enabled. Meaning, persistence entries of
a client accessing one virtual server will also affect the same
client's connections to a different virtual server. For example, say
there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to
the same Group g1 consisting of two servers (s11:80 and s12:80). By
default, each virtual server will have its own persistence table or
cookie. So, in the earlier example, there will be two tables
(vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client
connects to vip1:80 and later connects to vip1:8080, the second
connection may be sent to a different server than the first. When
persistence_shared is enabled, then the second connection will always
connect to the same server as the original connection. For COOKIE
persistence type, the same cookie will be shared by multiple virtual
servers. For SOURCE_IP persistence type, the persistence table will
be shared across virtual servers. For GENERIC persistence type, the
persistence table will be shared across virtual servers which consume
the same persistence profile in LBRule actions.
boolean Default: "False"
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBPersistenceProfile string Required
Enum: LBSourceIpPersistenceProfile, LBCookiePersistenceProfile, LBGenericPersistenceProfile
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LBPersistenceProfileListResult (schema)

Paged Collection of LBPersistenceProfiles

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results LBPersistenceProfile list results array of LBPersistenceProfile
(Abstract type: pass one of the following concrete types)
LBCookiePersistenceProfile
LBGenericPersistenceProfile
LBSourceIpPersistenceProfile		 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LBPool (schema)

Defining access a Group from a LBVirtualServer and binding to LBMonitorProfile

Defining access of a Group from a LBVirtualServer and binding to
LBMonitorProfile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
active_monitor_paths Active monitor path list

In case of active healthchecks, load balancer itself initiates new
connections (or sends ICMP ping) to the servers periodically to check
their health, completely independent of any data traffic. Active
healthchecks are disabled by default and can be enabled for a server
pool by binding a health monitor to the pool. Currently, only one active
health monitor can be configured per server pool.
array of string Maximum items: 1
algorithm Load balancing algorithm

Load Balancing algorithm chooses a server for each new connection by going
through the list of servers in the pool. Currently, following load balancing
algorithms are supported with ROUND_ROBIN as the default.
ROUND_ROBIN means that a server is selected in a round-robin fashion. The
weight would be ignored even if it is configured.
WEIGHTED_ROUND_ROBIN means that a server is selected in a weighted
round-robin fashion. Default weight of 1 is used if weight is not configured.
LEAST_CONNECTION means that a server is selected when it has the least
number of connections. The weight would be ignored even if it is configured.
Slow start would be enabled by default.
WEIGHTED_LEAST_CONNECTION means that a server is selected in a weighted
least connection fashion. Default weight of 1 is used if weight is not
configured. Slow start would be enabled by default.
IP_HASH means that consistent hash is performed on the source IP address of
the incoming connection. This ensures that the same client IP address will
always reach the same server as long as no server goes down or up. It may
be used on the Internet to provide a best-effort stickiness to clients
which refuse session cookies.
string Enum: ROUND_ROBIN, WEIGHTED_ROUND_ROBIN, LEAST_CONNECTION, WEIGHTED_LEAST_CONNECTION, IP_HASH
Default: "ROUND_ROBIN"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
member_group Load balancer member setting with grouping object

Load balancer pool support grouping object as dynamic pool members.
When member group is defined, members setting should not be specified.
LBPoolMemberGroup
members Load balancer pool members

Server pool consists of one or more pool members. Each pool member
is identified, typically, by an IP address and a port.
array of LBPoolMember
min_active_members Minimum number of active pool members to consider pool as active

A pool is considered active if there are at least certain
minimum number of members.
integer Minimum: 1
Maximum: 2147483647
Default: "1"
parent_path Path of its parent

Path of its parent		 string Readonly
passive_monitor_path Passive monitor path

Passive healthchecks are disabled by default and can be enabled by
attaching a passive health monitor to a server pool.
Each time a client connection to a pool member fails, its failed count
is incremented. For pools bound to L7 virtual servers, a connection is
considered to be failed and failed count is incremented if any TCP
connection errors (e.g. TCP RST or failure to send data) or SSL
handshake failures occur. For pools bound to L4 virtual servers, if no
response is received to a TCP SYN sent to the pool member or if a TCP
RST is received in response to a TCP SYN, then the pool member is
considered to have failed and the failed count is incremented.
string
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBPool string
snat_translation Snat translation configuration

Depending on the topology, Source NAT (SNAT) may be required to ensure
traffic from the server destined to the client is received by the load
balancer. SNAT can be enabled per pool. If SNAT is not enabled for a
pool, then load balancer uses the client IP and port (spoofing) while
establishing connections to the servers. This is referred to as no-SNAT
or TRANSPARENT mode. By default Source NAT is enabled as LBSnatAutoMap.
LBSnatTranslation
(Abstract type: pass one of the following concrete types)
LBSnatAutoMap
LBSnatDisabled
LBSnatIpPool
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_multiplexing_enabled TCP multiplexing enable flag

TCP multiplexing allows the same TCP connection between load balancer
and the backend server to be used for sending multiple client requests
from different client TCP connections.
boolean Default: "False"
tcp_multiplexing_number Maximum number of TCP connections for multiplexing

The maximum number of TCP connections per pool that are idly kept alive
for sending future client requests.
integer Minimum: 0
Maximum: 2147483647
Default: "6"

LBPoolListResult (schema)

Paged Collection of LBPool

Paged Collection of LBPool.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results LBPool list results

LBPool list results.		 array of LBPool Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LBPoolMember (schema)

Pool member

Pool member.

Name Description Type Notes
admin_state Member admin state

Member admin state.		 PoolMemberAdminStateType Default: "ENABLED"
backup_member Determine whether the pool member is for backup usage

Backup servers are typically configured with a sorry page indicating to
the user that the application is currently unavailable. While the pool
is active (a specified minimum number of pool members are active)
BACKUP members are skipped during server selection. When the pool is
inactive, incoming connections are sent to only the BACKUP member(s).
boolean Default: "False"
display_name Pool member name

Pool member name.		 string
ip_address Pool member IP address

Pool member IP address.		 IPAddress Required
max_concurrent_connections Maximum concurrent connection number

To ensure members are not overloaded, connections to a member can be
capped by the load balancer. When a member reaches this limit, it is
skipped during server selection.
If it is not specified, it means that connections are unlimited.
integer Minimum: 1
Maximum: 2147483647
port Pool member port number

If port is specified, all connections will be sent to this port. Only
single port is supported.
If unset, the same port the client connected to will be used, it could
be overrode by default_pool_member_port setting in virtual server.
The port should not specified for port range case.
PortElement
weight Pool member weight

Pool member weight is used for WEIGHTED_ROUND_ROBIN balancing
algorithm. The weight value would be ignored in other algorithms.
integer Minimum: 1
Maximum: 256
Default: "1"

LBPoolMemberGroup (schema)

Pool member group

Pool member group.

Name Description Type Notes
customized_members List of customized pool member settings

The list is used to show the customized pool member settings. User can
only user pool member action API to update the admin state for a specific
IP address.
array of PoolMemberSetting
group_path Grouping object path

Load balancer pool support Group as dynamic pool members.
The IP list of the Group would be used as pool member IP setting.
string Required
ip_revision_filter Filter of ipv4 or ipv6 address of grouping object IP list

Ip revision filter is used to filter IPv4 or IPv6 addresses from the
grouping object.
If the filter is not specified, both IPv4 and IPv6 addresses would be
used as server IPs.
The link local and loopback addresses would be always filtered out.
string Enum: IPV4, IPV6, IPV4_IPV6
Default: "IPV4"
max_ip_list_size Maximum number of grouping object IP address list

The size is used to define the maximum number of grouping object IP
address list. These IP addresses would be used as pool members.
If the grouping object includes more than certain number of
IP addresses, the redundant parts would be ignored and those IP
addresses would not be treated as pool members.
If the size is not specified, one member is budgeted for this dynamic
pool so that the pool has at least one member even if some other
dynamic pools grow beyond the capacity of load balancer service. Other
members are picked according to available dynamic capacity. The unused
members would be set to DISABLED so that the load balancer system
itself is not overloaded during runtime.
integer Minimum: 0
Maximum: 2147483647
port Pool member port for all IP addresses of the grouping object

If port is specified, all connections will be sent to this port.
If unset, the same port the client connected to will be used, it could
be overridden by default_pool_member_ports setting in virtual server.
The port should not specified for multiple ports case.
int Minimum: 1
Maximum: 65535

LBPoolMemberStatistics (schema)

Name Description Type Notes
ip_address Pool member IP address

Pool member IP address.		 IPAddress Readonly
port Pool member port

The port is configured in pool member. For virtual server port range
case, pool member port must be null.
PortElement Readonly
statistics Pool member statistics counter

Pool member statistics counter.		 LBStatisticsCounter Readonly

LBPoolMemberStatus (schema)

Name Description Type Notes
failure_cause The healthcheck failure cause when status is DOWN

The healthcheck failure cause when status is DOWN.		 string Readonly
ip_address Pool member IP address

Pool member IP address.		 IPAddress Readonly
last_check_time Timestamp when the monitor status was last checked

Timestamp when the monitor status was last checked.		 EpochMsTimestamp Readonly
last_state_change_time Timestamp when the monitor status was last changed

Timestamp when the monitor status was last changed.		 EpochMsTimestamp Readonly
port Pool member port

The port is configured in pool member. For virtual server port range
case, pool member port must be null.
PortElement Readonly
status Pool member status

UP means that pool member is enabled and monitors have marked the pool
member as UP. If the pool member has no monitor configured, it would
be treated as UP.
DOWN means that pool member is enabled and monitors have marked the
pool member as DOWN.
DISABLED means that admin state of pool member is set to DISABLED.
GRACEFUL_DISABLED means that admin state of pool member is set to
GRACEFUL_DISABLED.
UNUSED means that the pool member is not used when the IP list size
of member group exceeds the maximum setting. The remaining IP addresses
would not be used as available backend servers, hence mark the status
as UNUSED.
string Readonly
Enum: UP, DOWN, DISABLED, GRACEFUL_DISABLED, UNUSED

LBPoolStatistics (schema)

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
last_update_timestamp Timestamp when the data was last updated

Timestamp when the data was last updated.		 EpochMsTimestamp Readonly
members Statistics of load balancer pool members

Statistics of load balancer pool members.		 array of LBPoolMemberStatistics Readonly
pool_path Load balancer pool object path

Load balancer pool object path.		 string Readonly
resource_type Must be set to the value LBPoolStatistics string Required
statistics Virtual server statistics counter

Virtual server statistics counter.		 LBStatisticsCounter Readonly

LBPoolStatisticsPerEP (schema)

LBPoolStatistics on specific Enforcement Point

This is an abstract type. Concrete child types:
LBPoolStatistics

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
resource_type string Required

LBPoolStatus (schema)

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
last_update_timestamp Timestamp when the data was last updated

Timestamp when the data was last updated.		 EpochMsTimestamp Readonly
members Status of load balancer pool members

Status of load balancer pool members.		 array of LBPoolMemberStatus Readonly
pool_path Load balancer pool object path

Load balancer pool object path.		 string Readonly
resource_type Must be set to the value LBPoolStatus string Required
status Virtual server status

UP means that all primary members are in UP status.
PARTIALLY_UP means that some(not all) primary members are in UP
status, the number of these active members is larger or equal to
certain number(min_active_members) which is defined in LBPool.
When there are no backup members which are in the UP status, the
number(min_active_members) would be ignored.
PRIMARY_DOWN means that less than certain(min_active_members) primary
members are in UP status but backup members are in UP status,
connections to this pool would be dispatched to backup members.
DOWN means that all primary and backup members are DOWN.
DETACHED means that the pool is not bound to any virtual server.
UNKOWN means that no status reported from transport-nodes. The
associated load balancer service may be working(or not working).
string Readonly
Enum: UP, PARTIALLY_UP, PRIMARY_DOWN, DOWN, DETACHED, UNKNOWN

LBPoolStatusPerEP (schema)

LBPoolStatus on specific Enforcement Point

This is an abstract type. Concrete child types:
LBPoolStatus

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
resource_type string Required

LBRule (schema)

Binding of a LBPool and Group to a LBVirtualServer

Binding of a LBPool and Group to a LBVirtualServer
used to route application traffic passing through load balancers.
LBRule uses match conditions to match application traffic passing
through a LBVirtualServer using HTTP or HTTPS. Can bind
multiple LBVirtualServers to a Group. Each LBRule
consists of two optional match conditions, each match contidion defines a
criterion for application traffic. If no match conditions are
specified, then the LBRule will always match and it is used
typically to define default rules. If more than one match condition is
specified, then matching strategy determines if all conditions should
match or any one condition should match for the LBRule to be
considered a match. A match indicates that the LBVirtualServer
should route the request to the Group (parent of LBRule).

Name Description Type Notes
actions Actions to be executed

A list of actions to be executed at specified phase when load balancer
rule matches. The actions are used to manipulate application traffic,
such as rewrite URI of HTTP messages, redirect HTTP messages, etc.
array of LBRuleAction
(Abstract type: pass one of the following concrete types)
LBHttpRedirectAction
LBHttpRejectAction
LBHttpRequestHeaderDeleteAction
LBHttpRequestHeaderRewriteAction
LBHttpRequestUriRewriteAction
LBHttpResponseHeaderDeleteAction
LBHttpResponseHeaderRewriteAction
LBSelectPoolAction
LBVariableAssignmentAction
LBVariablePersistenceLearnAction
LBVariablePersistenceOnAction		 Required
Maximum items: 60
display_name Display name for LBRule

A display name useful for identifying an LBRule.
string
match_conditions Conditions to match application traffic

A list of match conditions used to match application traffic. Multiple
match conditions can be specified in one load balancer rule, each match
condition defines a criterion to match application traffic.
If no match conditions are specified, then the load balancer rule will
always match and it is used typically to define default rules. If more
than one match condition is specified, then match strategy determines
if all conditions should match or any one condition should match for the
load balancer rule to considered a match.
array of LBRuleCondition
(Abstract type: pass one of the following concrete types)
LBHttpRequestBodyCondition
LBHttpRequestCookieCondition
LBHttpRequestHeaderCondition
LBHttpRequestMethodCondition
LBHttpRequestUriArgumentsCondition
LBHttpRequestUriCondition
LBHttpRequestVersionCondition
LBHttpResponseHeaderCondition
LBHttpSslCondition
LBIpHeaderCondition
LBTcpHeaderCondition
LBVariableCondition		 Maximum items: 60
match_strategy Match strategy for determining match of multiple conditions

If more than one match condition is specified, then
matching strategy determines if all conditions should match or any
one condition should match for the LB Rule to be considered a match.
- ALL indicates that both host_match and path_match must match for
this LBRule to be considered a match.
- ANY indicates that either host_match or patch match may match for
this LBRule to be considered a match.
string Enum: ALL, ANY
Default: "ANY"
phase Load balancer processing phase

Each load balancer rule is used at a specific phase of load balancer
processing. Currently three phases are supported, HTTP_REQUEST_REWRITE,
HTTP_FORWARDING and HTTP_RESPONSE_REWRITE.
When an HTTP request message is received by load balancer, all
HTTP_REQUEST_REWRITE rules, if present are executed in the order they
are applied to virtual server. And then if HTTP_FORWARDING rules
present, only first matching rule's action is executed, remaining rules
are not checked. HTTP_FORWARDING rules can have only one action. If the
request is forwarded to a backend server and the response goes back to
load balancer, all HTTP_RESPONSE_REWRITE rules, if present, are executed
in the order they are applied to the virtual server.
string Enum: HTTP_REQUEST_REWRITE, HTTP_FORWARDING, HTTP_RESPONSE_REWRITE
Default: "HTTP_FORWARDING"

LBRuleAction (schema)

Load balancer rule action

Load balancer rule actions are used to manipulate application traffic.
Currently load balancer rules can be used at three load balancer processing
phases. Each phase has its own supported type of actions.
Supported actions in HTTP_REQUST_REWRITE phase are:
LBHttpRequestUriRewriteAction
LBHttpRequestHeaderRewriteAction
LBHttpRequestHeaderDeleteAction
LBVariableAssignmentAction
Supported actions in HTTP_FORWARDING phase are:
LBHttpRejectAction
LBHttpRedirectAction
LBSelectPoolAction
LBVariablePersistenceOnAction
Supported action in HTTP_RESPONSE_REWRITE phase is:
LBHttpResponseHeaderRewriteAction
LBHttpResponseHeaderDeleteAction
LBVariablePersistenceLearnAction

If the match type of an LBRuleCondition field is specified as REGEX and
named capturing groups are used in the specified regular expression. The
groups can be used as variables in LBRuleAction fields.
For example, define a rule with LBHttpRequestUriCondition as match
condition and LBHttpRequestUriRewriteAction as action. Set match_type field
of LBHttpRequestUriCondition to REGEX, and set uri field to
"/news/(?<year>\d+)/(?<month>\d+)/(?<article>.*)".
Set uri field of LBHttpRequestUriRewriteAction to:
"/news/$year-$month/$article"
In uri field of LBHttpRequestUriCondition, the (?<year>\d+),
(?<month>\d+) and (?<article>.*) are named capturing groups,
they define variables named $year, $month and $article respectively. The
defined variables are used in LBHttpRequestUriRewriteAction.
For a matched HTTP request with URI "/news/2017/06/xyz.html", the substring
"2017" is captured in variable $year, "06" is captured in variable $month,
and "xyz.html" is captured in variable $article. The
LBHttpRequestUriRewriteAction will rewrite the URI to:
"/news/2017-06/xyz.html"
A set of built-in variables can be used in LBRuleAction as well. The name
of built-in variables start with underscore, the name of user defined
variables is not allowed to start with underscore.
Following are some of the built-in variables:
$_scheme: Reference the scheme part of matched HTTP messages, could be
"http" or "https".
$_host: Host of matched HTTP messages, for example "www.example.com".
$_server_port: Port part of URI, it is also the port of the server which
accepted a request. Default port is 80 for http and 443 for https.
$_uri: The URI path, for example "/products/sample.html".
$_request_uri: Full original request URI with arguments, for example,
"/products/sample.html?a=b&c=d".
$_args: URI arguments, for instance "a=b&c=d"
$_is_args: "?" if a request has URI arguments, or an empty string
otherwise.
For the full list of built-in variables, please reference the NSX-T
Administrator's Guide.
This is an abstract type. Concrete child types:
LBHttpRedirectAction
LBHttpRejectAction
LBHttpRequestHeaderDeleteAction
LBHttpRequestHeaderRewriteAction
LBHttpRequestUriRewriteAction
LBHttpResponseHeaderDeleteAction
LBHttpResponseHeaderRewriteAction
LBSelectPoolAction
LBVariableAssignmentAction
LBVariablePersistenceLearnAction
LBVariablePersistenceOnAction

Name Description Type Notes
type Type of load balancer rule action

The property identifies the load balancer rule action type.
LBRuleActionType Required

LBRuleActionType (schema)

Types of load balancer rule actions

Types of load balancer rule actions.

Name Description Type Notes
LBRuleActionType Types of load balancer rule actions

Types of load balancer rule actions.		 string Enum: LBSelectPoolAction, LBHttpRequestUriRewriteAction, LBHttpRequestHeaderRewriteAction, LBHttpRejectAction, LBHttpRedirectAction, LBHttpResponseHeaderRewriteAction, LBHttpRequestHeaderDeleteAction, LBHttpResponseHeaderDeleteAction, LBVariableAssignmentAction, LBVariablePersistenceOnAction, LBVariablePersistenceLearnAction

LBRuleCondition (schema)

Match condition of load balancer rule

Match conditions are used to match application traffic passing through
load balancers. Multiple match conditions can be specified in one load
balancer rule, each match condition defines a criterion for application
traffic.
If inverse field is set to true, the match result of the condition is
inverted.
If more than one match condition is specified, match strategy determines
if all conditions should match or any one condition should match for the
load balancer rule to be considered a match.
Currently only HTTP messages are supported by load balancer rules.
Each load balancer rule is used at a specific phase of load balancer
processing. Currently three phases are supported, HTTP_REQUEST_REWRITE,
HTTP_FORWARDING and HTTP_RESPONSE_REWRITE.
Each phase supports certain types of match conditions, supported match
conditions in HTTP_REQUEST_REWRITE phase are:
LBHttpRequestMethodCondition
LBHttpRequestUriCondition
LBHttpRequestUriArgumentsCondition
LBHttpRequestVersionCondition
LBHttpRequestHeaderCondition
LBHttpRequestCookieCondition
LBHttpRequestBodyCondition
LBTcpHeaderCondition
LBIpHeaderCondition
LBVariableCondition
LBHttpSslCondition
Supported match conditions in HTTP_FORWARDING phase are:
LBHttpRequestMethodCondition
LBHttpRequestUriCondition
LBHttpRequestUriArgumentsCondition
LBHttpRequestVersionCondition
LBHttpRequestHeaderCondition
LBHttpRequestCookieCondition
LBHttpRequestBodyCondition
LBTcpHeaderCondition
LBIpHeaderCondition
LBVariableCondition
LBHttpSslCondition
Supported match conditions in HTTP_RESPONSE_REWRITE phase are:
LBHttpResponseHeaderCondition
LBHttpRequestMethodCondition
LBHttpRequestUriCondition
LBHttpRequestUriArgumentsCondition
LBHttpRequestVersionCondition
LBHttpRequestHeaderCondition
LBHttpRequestCookieCondition
LBTcpHeaderCondition
LBIpHeaderCondition
LBVariableCondition
LBHttpSslCondition
This is an abstract type. Concrete child types:
LBHttpRequestBodyCondition
LBHttpRequestCookieCondition
LBHttpRequestHeaderCondition
LBHttpRequestMethodCondition
LBHttpRequestUriArgumentsCondition
LBHttpRequestUriCondition
LBHttpRequestVersionCondition
LBHttpResponseHeaderCondition
LBHttpSslCondition
LBIpHeaderCondition
LBTcpHeaderCondition
LBVariableCondition

Name Description Type Notes
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
type Type of load balancer rule condition LBRuleConditionType Required

LBRuleConditionType (schema)

Type of load balancer rule match condition

Type of load balancer rule match condition.

Name Description Type Notes
LBRuleConditionType Type of load balancer rule match condition

Type of load balancer rule match condition.		 string Enum: LBHttpRequestUriCondition, LBHttpRequestHeaderCondition, LBHttpRequestMethodCondition, LBHttpRequestUriArgumentsCondition, LBHttpRequestVersionCondition, LBHttpRequestCookieCondition, LBHttpRequestBodyCondition, LBHttpResponseHeaderCondition, LBTcpHeaderCondition, LBIpHeaderCondition, LBVariableCondition, LBHttpSslCondition

LBSelectPoolAction (schema)

Action to select a pool for HTTP request messages

This action is used to select a pool for matched HTTP request messages. The
pool is specified by path. The matched HTTP request messages are forwarded
to the specified pool.

Name Description Type Notes
pool_id Path of load balancer pool

Path of load balancer pool.		 string Required
type Must be set to the value LBSelectPoolAction LBRuleActionType Required

LBServerAuthType (schema)

server authentication mode

Server authentication could be AUTO_APPLY, REQUIRED or IGNORE, it is used to
specify if the server certificate presented to the load balancer during
handshake should be actually validated or not.
Validation is automatic by default when server_auth_ca_certificate_paths are
configured and IGNORED when they are not configured.
If validation is REQUIRED, then to be accepted, server certificate must be
signed by one of the trusted CAs whose self signed certificates are
specified in the same server-side SSL profile binding.

Name Description Type Notes
LBServerAuthType server authentication mode

Server authentication could be AUTO_APPLY, REQUIRED or IGNORE, it is used to
specify if the server certificate presented to the load balancer during
handshake should be actually validated or not.
Validation is automatic by default when server_auth_ca_certificate_paths are
configured and IGNORED when they are not configured.
If validation is REQUIRED, then to be accepted, server certificate must be
signed by one of the trusted CAs whose self signed certificates are
specified in the same server-side SSL profile binding.
string Enum: REQUIRED, IGNORE, AUTO_APPLY

LBServerSslProfile (schema)

Server SSL profile

Server SSL profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
cipher_group_label Label of cipher group

It is a label of cipher group which is mostly consumed by GUI.
SslCipherGroup
ciphers Supported SSL cipher list to client side

Supported SSL cipher list to client side.		 array of SslCipher
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
is_fips FIPS compliance of ciphers and protocols

This flag is set to true when all the ciphers and protocols are FIPS
compliant.
It is set to false when one of the ciphers or protocols are not
FIPS compliant.
boolean Readonly
is_secure Secure/Insecure SSL profile flag

This flag is set to true when all the ciphers and protocols are secure.
It is set to false when one of the ciphers or protocols is insecure.
boolean Readonly
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
protocols Supported SSL protocol list to client side

SSL versions TLS1.1 and TLS1.2 are supported and enabled by default.
SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
array of SslProtocol
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBServerSslProfile string
session_cache_enabled Session cache enable/disable falg

SSL session caching allows SSL client and server to reuse previously
negotiated security parameters avoiding the expensive public key
operation during handshake.
boolean Default: "True"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LBServerSslProfileBinding (schema)

Server SSL profile binding

Server SSL profile binding.

Name Description Type Notes
certificate_chain_depth The maximum traversal depth of server certificate chain

Authentication depth is used to set the verification depth in the server
certificates chain.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
client_certificate_path Client certificate path

To support client authentication (load balancer acting as a client
authenticating to the backend server), client certificate can be
specified in the server-side SSL profile binding
string
server_auth Server authentication mode

Server authentication mode.		 LBServerAuthType Default: "AUTO_APPLY"
server_auth_ca_paths CA path list to verify server certificate

If server auth type is REQUIRED, server certificate must be signed by
one of the trusted Certificate Authorities (CAs), also referred to as
root CAs, whose self signed certificates are specified.
array of string
server_auth_crl_paths CRL path list to verify server certificate

A Certificate Revocation List (CRL) can be specified in the server-side
SSL profile binding to disallow compromised server certificates.
array of string
ssl_profile_path Server SSL profile path

Server SSL profile defines reusable, application-independent server side
SSL properties.
string

LBServerSslProfileListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of load balancer server SSL profiles array of LBServerSslProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LBService (schema)

Loadbalancer Service

Loadbalancer Service.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
access_log_enabled Flag to enable access log boolean Deprecated
Default: "False"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
connectivity_path The connectivity target used to instantiate the LBService

LBS could be instantiated (or created) on the Tier-1, etc.
For now, only the Tier-1 object is supported.
string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Flag to enable the load balancer service

Flag to enable the load balancer service.		 boolean Default: "True"
error_log_level Error log level of load balancer service

Load balancer engine writes information about encountered issues of
different severity levels to the error log. This setting is used to
define the severity level of the error log.
LbLogLevel Default: "INFO"
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBService string
size Load balancer service size

Load balancer service size.		 LbServiceSize Default: "SMALL"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LBServiceCountPerSeverity (schema)

The service count for specific severity

The service count for specific load balancer usage severity.

Name Description Type Notes
service_count Service count for specific serverity

Service count for specific serverity.
integer Readonly
severity LB usage severity

The severity calculation is based on current usage percentage
for one load balancer service.
LBUsageSeverity Readonly

LBServiceListResult (schema)

Paged Collection of LBServices

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results LBService list results array of LBService Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LBServiceStatistics (schema)

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
last_update_timestamp Timestamp when the data was last updated

Timestamp when the data was last updated.		 EpochMsTimestamp Readonly
pools Statistics of load balancer pools

Statistics of load balancer pools		 array of LBPoolStatistics Readonly
resource_type Must be set to the value LBServiceStatistics string Required
service_path load balancer service identifier

load balancer service identifier.		 string Readonly
statistics Load balancer service statistics counter

Load balancer service statistics counter.		 LBServiceStatisticsCounter Readonly
virtual_servers Statistics of load balancer virtual servers

Statistics of load balancer virtual servers.		 array of LBVirtualServerStatistics Readonly

LBServiceStatisticsCounter (schema)

Name Description Type Notes
l4_current_session_rate average number of l4 current sessions per second

The average number of l4 current sessions per second, the number is
averaged over the last 5 one-second intervals.
number Readonly
l4_current_sessions Number of l4 current sessions

Number of l4 current sessions.		 integer Readonly
l4_max_sessions Number of l4 maximum sessions

L4 max sessions is used to show the peak L4 max session data since
load balancer starts to provide service.
integer Readonly
l4_total_sessions Number of l4 total sessions

Number of l4 total sessions.		 integer Readonly
l7_current_session_rate averabe number of l7 current requests per second

The average number of l7 current requests per second, the number is
averaged over the last 5 one-second intervals.
number Readonly
l7_current_sessions Number of l7 current sessions

Number of l7 current sessions.		 integer Readonly
l7_max_sessions Number of l7 maximum sessions

L7 max sessions is used to show the peak L7 max session data since
load balancer starts to provide service.
integer Readonly
l7_total_sessions Number of l7 total sessions

Number of l7 total sessions.		 integer Readonly

LBServiceStatisticsPerEP (schema)

LBServiceStatistics on specific Enforcement Point

This is an abstract type. Concrete child types:
LBServiceStatistics

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
resource_type string Required

LBServiceStatus (schema)

Name Description Type Notes
active_transport_nodes Ids of load balancer service related active transport nodes

Ids of load balancer service related active transport nodes.		 array of string Readonly
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
cpu_usage Cpu usage in percentage

Cpu usage in percentage.		 integer Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
error_message Error message, if available

Error message, if available.		 string Readonly
last_update_timestamp Timestamp when the data was last updated

Timestamp when the data was last updated.		 EpochMsTimestamp Readonly
memory_usage Memory usage in percentage

Memory usage in percentage.		 integer Readonly
pools status of load balancer pools

status of load balancer pools.		 array of LBPoolStatus Readonly
resource_type Must be set to the value LBServiceStatus string Required
service_path Load balancer service object path

Load balancer service object path.		 string Readonly
service_status Status of load balancer service

UP means the load balancer service is working fine on both
transport-nodes(if have);
DOWN means the load balancer service is down on both transport-nodes
(if have), hence the load balancer will not respond to any requests;
ERROR means error happens on transport-node(s) or no status is
reported from transport-node(s). The load balancer service may be
working (or not working);
NO_STANDBY means load balancer service is working in one of the
transport node while not in the other transport-node (if have). Hence
if the load balancer service in the working transport-node goes down,
the load balancer service will go down;
DETACHED means that the load balancer service has no attachment setting
and is not instantiated in any transport nodes;
DISABLED means that admin state of load balancer service is DISABLED;
UNKNOWN means that no status reported from transport-nodes.The load
balancer service may be working(or not working).
string Readonly
Enum: UP, DOWN, ERROR, NO_STANDBY, DETACHED, DISABLED, UNKNOWN
standby_transport_nodes Ids of load balancer service related standby transport nodes

Ids of load balancer service related standby transport nodes.		 array of string Readonly
virtual_servers status of load balancer virtual servers

status of load balancer virtual servers.		 array of LBVirtualServerStatus Readonly

LBServiceStatusPerEP (schema)

LBServiceStatus on specific Enforcement Point

This is an abstract type. Concrete child types:
LBServiceStatus

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
resource_type string Required

LBServiceUsage (schema)

The usage information of the load balancer service

Describes the capacity and current usage of virtual servers, pools and pool
members for the given load balancer service.

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
current_pool_count The current number of pools

The current number of pools which has been configured in the given load
balancer service.
integer Readonly
current_pool_member_count The current number of pool members

The current number of pool members which has been configured in the given
load balancer service.
integer Readonly
current_virtual_server_count The current number of virtual servers

The current number of virtual servers which has been configured in the
given load balancer service.
integer Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
last_update_timestamp Timestamp when the data was last updated.

Timestamp when the data was last updated.		 EpochMsTimestamp
pool_capacity The capacity of pools

Pool capacity means maximum number of pools which could be configured in
the given load balancer service.
integer Readonly
pool_member_capacity The capacity of pool members

Pool member capacity means maximum number of pool members which could be
configured in the given load balancer service.
integer Readonly
resource_type Must be set to the value LBServiceUsage string Required
service_path LBService object path

LBService object path.		 string Readonly
service_size The size of load balancer service

The size of load balancer service.		 LbServiceSize Readonly
severity LB usage severity

The severity calculation is based on the largest usage percentage from
virtual servers, pools and pool members for one load balancer service.
LBUsageSeverity Readonly
usage_percentage Usage percentage

The usage percentage is the largest usage percentage from virtual
servers, pools and pool members for the load balancer service.
number Readonly
virtual_server_capacity The capacity of virtual servers

Virtual server capacity means maximum number of virtual servers which
could be configured in the given load balancer service.
integer Readonly

LBServiceUsagePerEP (schema)

LBServiceUsage on specific Enforcement Point

This is an abstract type. Concrete child types:
LBServiceUsage

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
resource_type string Required

LBServiceUsageSummary (schema)

The usage summary for all load balancer services

Describes usage summary of virtual servers, pools and pool members for
all load balancer services.

Name Description Type Notes
current_pool_count The current pool count

The current count of pools configured for all load balancer services.
integer Readonly
current_pool_member_count The current pool member count

The current count of pool members configured for all load balancer
services.
integer Readonly
current_virtual_server_count The current virtual server count

The current count of virtual servers configured for all load balancer
services.
integer Readonly
pool_capacity The capacity of pools

Pool capacity means maximum number of pools which can be configured
for all load balancer services.
integer Readonly
pool_member_capacity The capacity of pool members

Pool capacity means maximum number of pool members which can be
configured for all load balancer services.
integer Readonly
pool_member_severity LB usage severity

The severity calculation is based on the overall usage percentage of
pool members for all load balancer services.
LBUsageSeverity Readonly
pool_member_usage_percentage Pool member usage percentage

Overall pool member usage percentage for all load balancer services.
number Readonly
pool_severity LB usage severity

The severity calculation is based on the overall usage percentage of
pools for all load balancer services.
LBUsageSeverity Readonly
pool_usage_percentage Pool usage percentage

Overall pool usage percentage for all load balancer services.
number Readonly
service_counts LB service count for each severity

The service count for each load balancer usage severity.
array of LBServiceCountPerSeverity Readonly
service_usages LB service usages

The property identifies all lb service usages. By default, it is not
included in response. It exists when parameter ?include_usages=true.
array of LBServiceUsage Readonly
virtual_server_capacity The capacity of virtual servers

Virtual server capacity means maximum number of virtual servers which
can be configured for all load balancer services.
integer Readonly
virtual_server_severity LB usage severity

The severity calculation is based on the overall usage percentage of
virtual servers for all load balancer services.
LBUsageSeverity Readonly
virtual_server_usage_percentage Virtual server usage percentage

Overall virtual server usage percentage for all load balancer services.
number Readonly

LBSessionCookieTime (schema)

Session cookie time

Session cookie time.

Name Description Type Notes
cookie_max_idle Session cookie max idle time in seconds

Instead of using HTTP Cookie max-age and relying on client to expire
the cookie, max idle time and/or max lifetime of the cookie can be used.
Max idle time, if configured, specifies the maximum interval the cookie
is valid for from the last time it was seen in a request.
It is available for insert mode.
integer Minimum: 1
Maximum: 2147483647
cookie_max_life Session cookie max lifetime in seconds

Max life time, if configured, specifies the maximum interval the cookie
is valid for from the first time the cookie was seen in a request.
It is available for insert mode.
integer Minimum: 1
Maximum: 2147483647
type Must be set to the value LBSessionCookieTime LBCookieTimeType Required

LBSnatAutoMap (schema)

Snat auto map

Snat auto map.

Name Description Type Notes
type Must be set to the value LBSnatAutoMap LBSnatTranslationType Required

LBSnatDisabled (schema)

Snat disabled

Snat disabled.

Name Description Type Notes
type Must be set to the value LBSnatDisabled LBSnatTranslationType Required

LBSnatIpElement (schema)

Snat Ip element

Snat Ip element.

Name Description Type Notes
ip_address Ip address or ip range

Ip address or ip range such as 1.1.1.1 or 1.1.1.101-1.1.1.160.		 IPElement Required
prefix_length Subnet prefix length

Subnet prefix length should be not specified if there is only one single
IP address or IP range.
integer

LBSnatIpPool (schema)

Snat Ip pool

Snat Ip pool.

Name Description Type Notes
ip_addresses List of Ip address or ip range

Currently, only one single IP address or IP range is supported.
If an IP range is specified, the range may contain no more than 64
IP addresses.
array of LBSnatIpElement Required
Maximum items: 1
type Must be set to the value LBSnatIpPool LBSnatTranslationType Required

LBSnatTranslation (schema)

Snat Translation

Snat Translation. This is an abstract type. Concrete child types:
LBSnatAutoMap
LBSnatDisabled
LBSnatIpPool

Name Description Type Notes
type Snat translation type

Snat translation type.		 LBSnatTranslationType Required

LBSnatTranslationType (schema)

Snat translation type

Load balancers may need to perform SNAT to ensure reverse traffic from
the server can be received and processed by them.
There are three modes:
LBSnatAutoMap uses the load balancer interface IP and an
ephemeral port as the source IP and port of the server side connection.
LBSnatIpPool allows user to specify one or more IP addresses
along with their subnet masks that should be used for SNAT while
connecting to any of the servers in the pool.
LBSnatDisabled disables Source NAT. This is referred to as no-SNAT
or TRANSPARENT mode.

Name Description Type Notes
LBSnatTranslationType Snat translation type

Load balancers may need to perform SNAT to ensure reverse traffic from
the server can be received and processed by them.
There are three modes:
LBSnatAutoMap uses the load balancer interface IP and an
ephemeral port as the source IP and port of the server side connection.
LBSnatIpPool allows user to specify one or more IP addresses
along with their subnet masks that should be used for SNAT while
connecting to any of the servers in the pool.
LBSnatDisabled disables Source NAT. This is referred to as no-SNAT
or TRANSPARENT mode.
string Enum: LBSnatAutoMap, LBSnatIpPool, LBSnatDisabled

LBSourceIpPersistenceProfile (schema)

LBPersistenceProflie using SourceIP

Some applications maintain state and require all relevant connections
to be sent to the same server as the application state is not
synchronized among servers. Persistence is enabled on a
LBVirtualServer by binding a persistence profile to it.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
ha_persistence_mirroring_enabled Mirroring enabled flag to synchronize persistence entries

Persistence entries are not synchronized to the HA peer by default.
boolean Default: "False"
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
persistence_shared Persistence shared across LBVirtualServers

Persistence shared setting indicates that all LBVirtualServers
that consume this LBPersistenceProfile should share the same
persistence mechanism when enabled. Meaning, persistence entries of
a client accessing one virtual server will also affect the same
client's connections to a different virtual server. For example, say
there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to
the same Group g1 consisting of two servers (s11:80 and s12:80). By
default, each virtual server will have its own persistence table or
cookie. So, in the earlier example, there will be two tables
(vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client
connects to vip1:80 and later connects to vip1:8080, the second
connection may be sent to a different server than the first. When
persistence_shared is enabled, then the second connection will always
connect to the same server as the original connection. For COOKIE
persistence type, the same cookie will be shared by multiple virtual
servers. For SOURCE_IP persistence type, the persistence table will
be shared across virtual servers. For GENERIC persistence type, the
persistence table will be shared across virtual servers which consume
the same persistence profile in LBRule actions.
boolean Default: "False"
purge Persistence purge setting

Persistence purge setting.		 SourceIpPersistencePurge Default: "FULL"
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBSourceIpPersistenceProfile string Required
Enum: LBSourceIpPersistenceProfile, LBCookiePersistenceProfile, LBGenericPersistenceProfile
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Persistence entry expiration time in seconds

When all connections complete (reference count reaches 0), persistence
entry timer is started with the expiration time.
integer Minimum: 1
Maximum: 2147483647
Default: "300"

LBSslProfile (schema)

Load balancer abstract SSL profile

Load balancer abstract SSL profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBSslProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LBStatisticsCounter (schema)

Name Description Type Notes
bytes_in Number of bytes in

Number of bytes in.		 integer Readonly
bytes_in_rate average number of inbound bytes per second

The average number of inbound bytes per second, the number is
averaged over the last 5 one-second intervals.
number Readonly
bytes_out Number of bytes out

Number of bytes out.		 integer Readonly
bytes_out_rate average number of outbound bytes per second

The average number of outbound bytes per second, the number is
averaged over the last 5 one-second intervals.
number Readonly
current_session_rate average number of current sessions per second

The average number of current sessions per second, the number is
averaged over the last 5 one-second intervals.
number Readonly
current_sessions Number of current sessions

Number of current sessions.		 integer Readonly
http_request_rate averabe number of http requests per second

The average number of http requests per second, the number is
averaged over the last 5 one-second intervals.
number Readonly
http_requests The total number of http requests.

The total number of http requests.		 integer Readonly
max_sessions Number of maximum sessions

Number of maximum sessions.		 integer Readonly
packets_in Number of packets in

Number of packets in.		 integer Readonly
packets_in_rate average number of inbound packets per second

The average number of inbound packets per second, the number is
averaged over the last 5 one-second intervals.
number Readonly
packets_out Number of packets out

Number of packets out.		 integer Readonly
packets_out_rate average number of outbound packets per second

The average number of outbound packets per second, the number is
averaged over the last 5 one-second intervals.
number Readonly
source_ip_persistence_entry_size Number of source IP persistence entries

Number of source IP persistence entries		 integer Readonly
total_sessions Number of total sessions

Number of total sessions.		 integer Readonly

LBTcpHeaderCondition (schema)

Condition to match TCP header fields

This condition is used to match TCP header fields of HTTP messages.
Currently, only the TCP source port is supported. Ports can be expressed as
a single port number like 80, or a port range like 1024-1030.

Name Description Type Notes
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
source_port TCP source port of HTTP message PortElement Required
type Must be set to the value LBTcpHeaderCondition LBRuleConditionType Required

LBTcpMonitorProfile (schema)

LBMonitorProfile for active health checks over TCP

Active healthchecks are disabled by default and can be enabled for a
server pool by binding a health monitor to the Group through the
LBRule object. This represents active health monitoring over TCP.
Active healthchecks are initiated periodically, at a configurable
interval, to each member of the Group. Only if a healthcheck fails
consecutively for a specified number of times (fall_count) to a member
will the member status be marked DOWN. Once a member is DOWN, a specified
number of consecutive successful healthchecks (rise_count) will bring
the member back to UP state. After a healthcheck is initiated, if it
does not complete within a certain period, then also
the healthcheck is considered to be unsuccessful. Completing a
healthcheck within timeout means establishing a connection (TCP or SSL),
if applicable, sending the request and receiving the response, all within
the configured timeout.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count Monitor fall count for active healthchecks

Only if a healthcheck fails consecutively for a specified number of
times, given with fall_count, to a member will the member status be
marked DOWN.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
id Unique identifier of this resource string Sortable
interval Monitor interval in seconds for active healthchecks

Active healthchecks are initiated periodically, at a configurable
interval (in seconds), to each member of the Group.
integer Minimum: 1
Maximum: 2147483647
Default: "5"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
monitor_port Monitor port for active healthchecks

Typically, monitors perform healthchecks to Group members using the
member IP address and pool_port.
However, in some cases, customers prefer to run healthchecks against a
different port than the pool member port which handles actual
application traffic. In such cases, the port to run healthchecks
against can be specified in the monitor_port value.
For ICMP monitor, monitor_port is not required.
int Minimum: 0
Maximum: 65535
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
receive Expected data received from server

Expected data, if specified, can be anywhere in the response and it has
to be a string, regular expressions are not supported.
string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBTcpMonitorProfile LBMonitorProfileType Required
rise_count Monitor rise count for active healthchecks

Once a member is DOWN, a specified number of consecutive successful
healthchecks specified by rise_count will bring the member back to UP
state.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
send Data to send

If both send and receive are not specified, then just a TCP connection
is established (3-way handshake) to validate server is healthy, no
data is sent.
string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Monitor timeout in seconds for active healthchecks

Timeout specified in seconds. After a healthcheck is initiated, if it
does not complete within a certain period, then also the healthcheck
is considered to be unsuccessful. Completing a healthcheck within
timeout means establishing a connection (TCP or SSL), if applicable,
sending the request and receiving the response, all within the
configured timeout.
integer Minimum: 1
Maximum: 2147483647
Default: "15"

LBUdpMonitorProfile (schema)

LBMonitorProfile for active health checks over UDP

Active healthchecks are disabled by default and can be enabled for a
server pool by binding a health monitor to the Group through the LBRule
object. This represents active health monitoring over UDP. Active
healthchecks are initiated periodically, at a configurable interval, to
each member of the Group. Only if a healthcheck fails consecutively for a
specified number of times (fall_count) to a member will the member status
be marked DOWN. Once a member is DOWN, a specified number of consecutive
successful healthchecks (rise_count) will bring the member back to UP
state. After a healthcheck is initiated, if it does not complete within a
certain period, then also the healthcheck is considered to be
unsuccessful. Completing a healthcheck within timeout means establishing
a connection (TCP or SSL), if applicable, sending the request and
receiving the response, all within the configured timeout.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count Monitor fall count for active healthchecks

Only if a healthcheck fails consecutively for a specified number of
times, given with fall_count, to a member will the member status be
marked DOWN.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
id Unique identifier of this resource string Sortable
interval Monitor interval in seconds for active healthchecks

Active healthchecks are initiated periodically, at a configurable
interval (in seconds), to each member of the Group.
integer Minimum: 1
Maximum: 2147483647
Default: "5"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
monitor_port Monitor port for active healthchecks

Typically, monitors perform healthchecks to Group members using the
member IP address and pool_port.
However, in some cases, customers prefer to run healthchecks against a
different port than the pool member port which handles actual
application traffic. In such cases, the port to run healthchecks
against can be specified in the monitor_port value.
For ICMP monitor, monitor_port is not required.
int Minimum: 0
Maximum: 65535
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
receive Expected data received from server

Expected data, can be anywhere in the response and it has to be a
string, regular expressions are not supported.
UDP healthcheck is considered failed if there is no server response
within the timeout period.
string Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBUdpMonitorProfile LBMonitorProfileType Required
rise_count Monitor rise count for active healthchecks

Once a member is DOWN, a specified number of consecutive successful
healthchecks specified by rise_count will bring the member back to UP
state.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
send Data to send

The data to be sent to the monitored server.
string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Monitor timeout in seconds for active healthchecks

Timeout specified in seconds. After a healthcheck is initiated, if it
does not complete within a certain period, then also the healthcheck
is considered to be unsuccessful. Completing a healthcheck within
timeout means establishing a connection (TCP or SSL), if applicable,
sending the request and receiving the response, all within the
configured timeout.
integer Minimum: 1
Maximum: 2147483647
Default: "15"

LBUsageSeverity (schema)

Load balancer usage severity

Severity is calculated from usage percentage:
GREEN means the current usage percentage is less than 60%.
ORANGE means the current usage percentage is less than 80% and larger than
or equal to 60%.
RED means the current usage percentage is larger than or equal to 80%.

Name Description Type Notes
LBUsageSeverity Load balancer usage severity

Severity is calculated from usage percentage:
GREEN means the current usage percentage is less than 60%.
ORANGE means the current usage percentage is less than 80% and larger than
or equal to 60%.
RED means the current usage percentage is larger than or equal to 80%.
string Enum: GREEN, ORANGE, RED

LBUsageSummaryRequestParameters (schema)

Load balancer usage summary request parameters

Name Description Type Notes
include_usages Whether to include usages

Specify whether to include usages in response.
boolean

LBVariableAssignmentAction (schema)

Action to create variable and assign value to it

This action is used to create a new variable and assign value to it.
One action can be used to create one variable. To create multiple
variables, multiple actions must be defined.
The variables can be used by LBVariableCondition, etc.

Name Description Type Notes
type Must be set to the value LBVariableAssignmentAction LBRuleActionType Required
variable_name Name of the variable to be assigned

Name of the variable to be assigned.		 string Required
variable_value Value of variable

Value of variable.		 string Required

LBVariableCondition (schema)

Condition to match IP header fields

This condition is used to match variable's name and value at all
phases. The variables could be captured from REGEX or assigned by
LBVariableAssignmentAction or system embedded variable. Varialbe_name
and variable_value should be matched at the same time.

Name Description Type Notes
case_sensitive A case sensitive flag for variable value comparing

If true, case is significant when comparing variable value.
boolean Default: "True"
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
match_type Match type of variable value LbRuleMatchType Default: "REGEX"
type Must be set to the value LBVariableCondition LBRuleConditionType Required
variable_name Name of the variable to be matched string Required
variable_value Value of variable to be matched string Required

LBVariablePersistenceLearnAction (schema)

Action to learn the variable value

This action is performed in HTTP response rewrite phase. It is used to
learn the value of variable from the HTTP response, and insert an entry
into the persistence table if the entry doesn't exist.

Name Description Type Notes
persistence_profile_path Path to LBPersistenceProfile

If the persistence profile path is not specified, a default
persistence table is created per virtual server. Currently, only
LBGenericPersistenceProfile is supported.
string
type Must be set to the value LBVariablePersistenceLearnAction LBRuleActionType Required
variable_hash_enabled Whether to enable a hash operation for variable value

The property is used to enable a hash operation for variable value
when composing the persistence key.
boolean Default: "False"
variable_name Variable name

The property is the name of variable to be learnt. It is used to
identify which variable's value is learnt from HTTP response.
The variable can be a built-in variable such as "_cookie_JSESSIONID",
a customized variable defined in LBVariableAssignmentAction or a
captured variable in regular expression such as "article".
For the full list of built-in variables, please reference the NSX-T
Administrator's Guide.
string Required

LBVariablePersistenceOnAction (schema)

Action to persist the variable value

This action is performed in HTTP forwarding phase. It is used to inspect
the variable of HTTP request, and look up the persistence entry with its
value and pool uuid as key.
If the persistence entry is found, the HTTP request is forwarded to the
recorded backend server according to the persistence entry.
If the persistence entry is not found, a new entry is created in the
table after backend server is selected.

Name Description Type Notes
persistence_profile_path Path to LBPersistenceProfile

If the persistence profile path is not specified, a default
persistence table is created per virtual server. Currently, only
LBGenericPersistenceProfile is supported.
string
type Must be set to the value LBVariablePersistenceOnAction LBRuleActionType Required
variable_hash_enabled Whether to enable a hash operation for variable value

The property is used to enable a hash operation for variable value
when composing the persistence key.
boolean Default: "False"
variable_name Variable name

The property is the name of variable to be used. It specifies which
variable's value of a HTTP Request will be used in the key of
persistence entry. The variable can be a built-in variable such
as "_cookie_JSESSIONID", a customized variable defined in
LBVariableAssignmentAction or a captured variable in regular expression
such as "article".
For the full list of built-in variables, please reference the NSX-T
Administrator's Guide.
string Required

LBVirtualServer (schema)

Base class for each type of LBVirtualServer

All the types of LBVirtualServer extend from this abstract class. This
is present for extensibility.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
access_log_enabled Access log enabled setting

If access log is enabled, all HTTP requests sent to an L7 virtual
server are logged to the access log file. Both successful requests
(backend server returns 2xx) and unsuccessful requests (backend
server returns 4xx or 5xx) are logged to access log, if enabled.
boolean Default: "False"
application_profile_path Application profile path

The application profile defines the application protocol characteristics.
It is used to influence how load balancing is performed. Currently,
LBFastTCPProfile, LBFastUDPProfile and
LBHttpProfile, etc are supported.
string Required
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
client_ssl_profile_binding Virtual server side SSL binding setting

The setting is used when load balancer acts as an SSL server and
terminating the client SSL connection
LBClientSslProfileBinding
default_pool_member_ports Default pool member ports when member port is not defined.

Default pool member ports when member port is not defined.
array of PortElement Maximum items: 14
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled whether the virtual server is enabled

Flag to enable the load balancer virtual server.		 boolean Default: "True"
id Unique identifier of this resource string Sortable
ip_address IP address of the LBVirtualServer

Configures the IP address of the LBVirtualServer where it
receives all client connections and distributes them among the
backend servers.
IPAddress Required
lb_persistence_profile_path Persistence Profile used by LBVirtualServer

Path to optional object that enables persistence on a virtual server
allowing related client connections to be sent to the same backend
server. Persistence is disabled by default.
string
lb_service_path Path to LBService object for LBVirtualServer

virtual servers can be associated to LBService(which is
similar to physical/virtual load balancer), LB virtual servers,
pools and other entities could be defined independently, the LBService
identifier list here would be used to maintain the relationship of
LBService and other LB entities.
string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
max_concurrent_connections Maximum concurrent connection number

To ensure one virtual server does not over consume resources,
affecting other applications hosted on the same LBS, connections
to a virtual server can be capped.
If it is not specified, it means that connections are unlimited.
integer Minimum: 1
Maximum: 2147483647
max_new_connection_rate Maximum new connection rate in connections per second

To ensure one virtual server does not over consume resources,
connections to a member can be rate limited.
If it is not specified, it means that connection rate is unlimited.
integer Minimum: 1
Maximum: 2147483647
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
pool_path Default server pool path

The server pool(LBPool) contains backend servers. Server pool
consists of one or more servers, also referred to as pool members, that
are similarly configured and are running the same application.
string
ports Virtual server port number(s) or port range(s)

Ports contains a list of at least one port or port range such as "80",
"1234-1236". Each port element in the list should be a single port or a
single port range.
array of PortElement Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LBVirtualServer string
rules List of load balancer rules

Load balancer rules allow customization of load balancing behavior using
match/action rules. Currently, load balancer rules are supported for
only layer 7 virtual servers with LBHttpProfile.
array of LBRule Maximum items: 512
server_ssl_profile_binding Pool side SSL binding setting

The setting is used when load balancer acts as an SSL client and
establishing a connection to the backend server.
LBServerSslProfileBinding
sorry_pool_path Sorry server pool path

When load balancer can not select a backend server to serve the
request in default pool or pool in rules, the request would be served
by sorry server pool.
string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LBVirtualServerListResult (schema)

Paged Collection of LBVirtualServers

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results LBVirtualServer list results array of LBVirtualServer Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LBVirtualServerStatistics (schema)

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
last_update_timestamp Timestamp when the data was last updated

Timestamp when the data was last updated.		 EpochMsTimestamp Readonly
resource_type Must be set to the value LBVirtualServerStatistics string Required
statistics Virtual server statistics counter

Virtual server statistics counter.		 LBStatisticsCounter Readonly
virtual_server_path load balancer virtual server object path

load balancer virtual server object path.		 string Readonly

LBVirtualServerStatisticsPerEP (schema)

LBVirtualServerStatistics on specific Enforcement Point

This is an abstract type. Concrete child types:
LBVirtualServerStatistics

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
resource_type string Required

LBVirtualServerStatus (schema)

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
last_update_timestamp Timestamp when the data was last updated.

Timestamp when the data was last updated.		 EpochMsTimestamp Readonly
resource_type Must be set to the value LBVirtualServerStatus string Required
status Virtual server status

UP means that all primary members in default pool are in UP status.
For L7 virtual server, if there is no default pool, the virtual server
would be treated as UP.
PARTIALLY_UP means that some(not all) primary members in default pool
are in UP status. The size of these active primary members should be
larger than or equal to the certain number(min_active_members) which is
defined in LBPool. When there are no backup members which are in the UP
status, the number(min_active_members) would be ignored.
PRIMARY_DOWN means that less than certain(min_active_members) primary
members in default pool are in UP status but backup members are in UP
status, the connections would be dispatched to backup members.
DOWN means that all primary and backup members are in DOWN status.
DETACHED means that the virtual server is not bound to any service.
DISABLED means that the admin state of the virtual server is disabled.
UNKOWN means that no status reported from transport-nodes. The
associated load balancer service may be working(or not working).
string Readonly
Enum: UP, PARTIALLY_UP, PRIMARY_DOWN, DOWN, DETACHED, DISABLED, UNKNOWN
virtual_server_path load balancer virtual server object path

load balancer virtual server object path.		 string Readonly

LBVirtualServerStatusPerEP (schema)

LBVirtualServerStatus on specific Enforcement Point

This is an abstract type. Concrete child types:
LBVirtualServerStatus

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly
resource_type string Required

LBXForwardedForType (schema)

X-forwarded-for type

X-forwarded-for type.

Name Description Type Notes
LBXForwardedForType X-forwarded-for type

X-forwarded-for type.		 string Enum: INSERT, REPLACE

Label (schema)

Label

Label that will be displayed for a UI element.

Name Description Type Notes
condition Expression for evaluating condition

If the condition is met then the label will be applied. Examples of expression syntax are provided under example_request section of CreateWidgetConfiguration API.		 string Maximum length: 1024
hover Show label only on hover

If true, displays the label only on hover		 boolean Default: "False"
icons Icons

Icons to be applied at dashboard for the label		 array of Icon Minimum items: 0
navigation Navigation to a specified UI page

Hyperlink of the specified UI page that provides details.		 string Maximum length: 1024
text Label text

Text to be displayed at the label.		 string Required
Maximum length: 255

LabelValueConfiguration (schema)

Label Value Dashboard Widget Configuration

Represents a Label-Value widget configuration

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
datasources Array of Datasource Instances with their relative urls

The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.		 array of Datasource Minimum items: 0
description Description of this resource string Maximum length: 1024
Sortable
display_name Widget Title

Title of the widget. If display_name is omitted, the widget will be shown without a title.		 string Maximum length: 255
drilldown_id Id of drilldown widget

Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.		 string Maximum length: 255
footer Footer
icons Icons

Icons to be applied at dashboard for widgets and UI elements.		 array of Icon
id Unique identifier of this resource string Sortable
is_drilldown Set as a drilldown widget

Set to true if this widget should be used as a drilldown.		 boolean Default: "False"
layout Layout of properties inside widget

Layout of properties can be vertical or grid. If layout is not specified a default vertical layout is applied.		 Layout
legend Legend for the widget

Legend to be displayed. If legend is not needed, do not include it.		 Legend
navigation Navigation to a specified UI page

Hyperlink of the specified UI page that provides details.		 string Maximum length: 1024
properties Rows

An array of label-value properties.		 array of PropertyItem Required
resource_type Must be set to the value LabelValueConfiguration string Required
Readonly
Enum: LabelValueConfiguration, DonutConfiguration, MultiWidgetConfiguration, ContainerConfiguration, StatsConfiguration, GridConfiguration, GraphConfiguration
Maximum length: 255
shared Visiblity of widgets to other users

Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.		 boolean Deprecated
sub_type Sub-type of the LabelValueConfiguration

A sub-type of LabelValueConfiguration. If sub-type is not specified the parent type is rendered. For VERTICALLY_ALIGNED sub_type, the value is placed below the label.		 string Enum: VERTICALLY_ALIGNED
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
weight Weightage or placement of the widget or container

Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.		 int Deprecated

Lag (schema)

LACP group

Name Description Type Notes
id unique id string Readonly
load_balance_algorithm LACP load balance Algorithm string Required
Enum: SRCMAC, DESTMAC, SRCDESTMAC, SRCDESTIPVLAN, SRCDESTMACIPPORT
mode LACP group mode string Required
Enum: ACTIVE, PASSIVE
name Lag name string Required
number_of_uplinks number of uplinks int Required
Minimum: 2
Maximum: 32
timeout_type LACP timeout type string Enum: SLOW, FAST
Default: "SLOW"
uplinks uplink names array of Uplink Readonly
Maximum items: 32

Layout (schema)

Layout of a container or widget

Represents layout of a container or widget

Name Description Type Notes
properties LayoutProperties
type Type of layout of a container or widget

Describes layout of a container or widget. Layout describes how individual widgets are placed inside the container. For example, if HORIZONTAL is chosen widgets are placed side by side inside the container. If VERTICAL is chosen then widgets are placed one below the other. If GRID is chosen then the container or widget display area is divided into a grid of m rows and n columns, as specified in the properties, and the widgets are placed inside the grid.		 string Enum: HORIZONTAL, VERTICAL, GRID
Default: "HORIZONTAL"

LayoutProperties (schema)

Layout properties of a container or widget

Properties of the layout of a container or widget

Name Description Type Notes
num_columns Number of columns of grid

Describes the number of columns of grid layout of a container or widget. This property is applicable for grid layout only.		 int
num_rows Number of rows of grid

Describes the number of rows of grid layout of a container or widget. This property is applicable for grid layout only.		 int

LbActiveMonitor (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count num of consecutive checks must fail before marking it down integer Minimum: 1
Maximum: 2147483647
Default: "3"
id Unique identifier of this resource string Sortable
interval the frequency at which the system issues the monitor check (in second) integer Minimum: 1
Maximum: 2147483647
Default: "5"
monitor_port port which is used for healthcheck

If the monitor port is specified, it would override pool member port
setting for healthcheck. A port range is not supported.
For ICMP monitor, monitor_port is not required.
PortElement
resource_type Must be set to the value LbActiveMonitor MonitorType Required
rise_count num of consecutive checks must pass before marking it up integer Minimum: 1
Maximum: 2147483647
Default: "3"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout the number of seconds the target has in which to respond to the monitor request integer Minimum: 1
Maximum: 2147483647
Default: "15"

LbAppProfile (schema)

This is an abstract type. Concrete child types:
LbFastTcpProfile
LbFastUdpProfile
LbHttpProfile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value LbAppProfile ApplicationProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LbAppProfileListRequestParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
type Load balancer application profile type

Specify this type parameter to retrieve a list of load balancer
application profiles of specified type.
ApplicationProfileType

LbAppProfileListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results paginated list of load balancer application profiles array of LbAppProfile
(Abstract type: pass one of the following concrete types)
LbFastTcpProfile
LbFastUdpProfile
LbHttpProfile		 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LbClientCertificateIssuerDnCondition (schema)

Match condition for client certficate issuer DN

Name Description Type Notes
case_sensitive A case sensitive flag for issuer DN comparing

If true, case is significant when comparing issuer DN value.
boolean Default: "True"
issuer_dn Value of issuer DN string Required
match_type Match type of issuer DN LbRuleMatchType Default: "REGEX"

LbClientCertificateSubjectDnCondition (schema)

Match condition for client certficate subject DN

Name Description Type Notes
case_sensitive A case sensitive flag for subject DN comparing

If true, case is significant when comparing subject DN value.
boolean Default: "True"
match_type Match type of subject DN LbRuleMatchType Default: "REGEX"
subject_dn Value of subject DN string Required

LbClientSslProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
cipher_group_label Label of cipher group

It is a label of cipher group which is mostly consumed by GUI.
SslCipherGroup
ciphers supported SSL cipher list to client side array of SslCipher
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
is_fips FIPS compliance of ciphers and protocols

This flag is set to true when all the ciphers and protocols are FIPS
compliant. It is set to false when one of the ciphers or protocols are
not FIPS compliant..
boolean Readonly
is_secure Secure/Insecure SSL profile flag

This flag is set to true when all the ciphers and protocols are secure.
It is set to false when one of the ciphers or protocols is insecure.
boolean Readonly
prefer_server_ciphers prefer server ciphers flag

During SSL handshake as part of the SSL client Hello client sends an
ordered list of ciphers that it can support (or prefers) and typically
server selects the first one from the top of that list it can also
support. For Perfect Forward Secrecy(PFS), server could override the
client's preference.
boolean Default: "True"
protocols supported SSL protocol list to client side

SSL versions TLS1.1 and TLS1.2 are supported and enabled by default.
SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
array of SslProtocol
resource_type Must be set to the value LbClientSslProfile string
session_cache_enabled session cache enable/disable flag

SSL session caching allows SSL client and server to reuse previously
negotiated security parameters avoiding the expensive public key
operation during handshake.
boolean Default: "True"
session_cache_timeout SSL session cache timeout value

Session cache timeout specifies how long the SSL session parameters
are held on to and can be reused.
integer Minimum: 1
Maximum: 86400
Default: "300"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LbClientSslProfileListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results paginated list of load balancer client SSL profiles array of LbClientSslProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LbCookiePersistenceProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
cookie_domain cookie domain

HTTP cookie domain could be configured, only available for insert mode.
string
cookie_fallback cookie persistence fallback

If fallback is true, once the cookie points to a server that is down
(i.e. admin state DISABLED or healthcheck state is DOWN), then a new
server is selected by default to handle that request.
If fallback is false, it will cause the request to be rejected if
cookie points to a server
boolean Default: "True"
cookie_garble cookie persistence garble

If garble is set to true, cookie value (server IP and port) would be
encrypted.
If garble is set to false, cookie value would be plain text.
boolean Default: "True"
cookie_mode cookie persistence mode CookiePersistenceModeType Default: "INSERT"
cookie_name cookie name string Required
cookie_path cookie path

HTTP cookie path could be set, only available for insert mode.
string
cookie_time cookie time setting

Both session cookie and persistence cookie are supported, if not
specified, it's a session cookie. It expires when the browser is
closed.
LbCookieTime
(Abstract type: pass one of the following concrete types)
LbPersistenceCookieTime
LbSessionCookieTime
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
persistence_shared Persistence shared flag

The persistence shared flag identifies whether the persistence table
is shared among virtual-servers referring this profile.
If persistence shared flag is not set in the cookie persistence profile
bound to a virtual server, it defaults to cookie persistence that is
private to each virtual server and is qualified by the pool. This is
accomplished by load balancer inserting a cookie with name in the
format <name>.<virtual_server_id>.<pool_id>.
If persistence shared flag is set in the cookie persistence profile, in
cookie insert mode, cookie persistence could be shared across multiple
virtual servers that are bound to the same pools. The cookie name would
be changed to <name>.<profile-id>.<pool-id>.
If persistence shared flag is not set in the sourceIp persistence
profile bound to a virtual server, each virtual server that the profile
is bound to maintains its own private persistence table.
If persistence shared flag is set in the sourceIp persistence profile,
all virtual servers the profile is bound to share the same persistence
table.
If persistence shared flag is not set in the generic persistence
profile, the persistence entries are matched and stored in the table
which is identified using both virtual server ID and profile ID.
If persistence shared flag is set in the generic persistence profile,
the persistence entries are matched and stored in the table which is
identified using profile ID. It means that virtual servers which
consume the same profile in the LbRule with this flag enabled are
sharing the same persistence table.
boolean Default: "False"
resource_type Must be set to the value LbCookiePersistenceProfile PersistenceProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LbCookieTime (schema)

This is an abstract type. Concrete child types:
LbPersistenceCookieTime
LbSessionCookieTime

Name Description Type Notes
type CookieTimeType Required

LbEdgeNodeUsage (schema)

The load balancer usage for an edge node

The capacity contains basic information and load balancer entity usages
and capacity for the given edge node.

Name Description Type Notes
current_credit_number Current credit number

The current credit number reflects the current usage on the node.
For example, configuring a medium load balancer on a node consumes
10 credits. If there are 2 medium instances configured on a node,
the current credit number is 2 * 10 = 20.
integer Readonly
current_large_load_balancer_services The current number of large load balancer services

The number of large load balancer services configured on the node.
integer Readonly
current_medium_load_balancer_services The current number of medium load balancer services

The number of medium load balancer services configured on the node.
integer Readonly
current_pool_members The current number of pool members

The number of pool members configured on the node.
integer Readonly
current_pools The current number of pools

The number of pools configured on the node.
integer Readonly
current_small_load_balancer_services The current number of small load balancer services

The number of small load balancer services configured on the node.
integer Readonly
current_virtual_servers The current number of virtual servers

The number of virtual servers configured on the node.
integer Readonly
edge_cluster_id The ID of edge cluster

The ID of edge cluster which contains the edge node.
string Readonly
form_factor The form factor of the given edge node

The form factor of the given edge node.
string Readonly
Enum: SMALL_VIRTUAL_MACHINE, MEDIUM_VIRTUAL_MACHINE, LARGE_VIRTUAL_MACHINE, PHYSICAL_MACHINE
node_id The UUID of the node for load balancer node usage

The property identifies the node UUID for load balancer node usage.
string Required
remaining_credit_number Remaining credit number

The remaining credit number is the remaining credits that can be used
for load balancer service configuration. For example, an edge node with
form factor LARGE_VIRTUAL_MACHINE has 40 credits, and a medium
load balancer instance costs 10 credits. If there are currently
3 medium instances configured, the remaining credit number is
40 - (3 * 10) = 10.
integer Readonly
remaining_large_load_balancer_services The remaining number of large load balancer services

The remaining number of large load balancer services which could be
configured on the given edge node.
integer Readonly
remaining_medium_load_balancer_services The remaining number of medium load balancer services

The remaining number of medium load balancer services which could be
configured on the given edge node.
integer Readonly
remaining_pool_members The remaining number of pool members

The remaining number of pool members which could be configured on the
given edge node.
integer Readonly
remaining_small_load_balancer_services The remaining number of small load balancer services

The remaining number of small load balancer services which could be
configured on the given edge node.
integer Readonly
severity LB usage severity

The severity calculation is based on current credit usage percentage
of load balancer for one node.
LbUsageSeverity Readonly
type Must be set to the value LbEdgeNodeUsage LbNodeUsageType Required
usage_percentage Usage percentage

The usage percentage of one edge node for the load balancer services.
number Readonly

LbFastTcpProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
close_timeout TCP connection idle timeout in seconds

It is used to specify how long a closing TCP connection (both FINs
received or a RST is received) should be kept for this application
before cleaning up the connection.
integer Minimum: 1
Maximum: 60
Default: "8"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
ha_flow_mirroring_enabled flow mirroring enabled flag

If flow mirroring is enabled, all the flows to the bounded virtual
server are mirrored to the standby node.
boolean Default: "False"
id Unique identifier of this resource string Sortable
idle_timeout TCP connection idle timeout in seconds

It is used to configure how long an idle TCP connection in ESTABLISHED
state should be kept for this application before cleaning up.
integer Minimum: 1
Maximum: 2147483647
Default: "1800"
resource_type Must be set to the value LbFastTcpProfile ApplicationProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LbFastUdpProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
flow_mirroring_enabled flow mirroring enabled flag

If flow mirroring is enabled, all the flows to the bounded virtual
server are mirrored to the standby node.
boolean Default: "False"
id Unique identifier of this resource string Sortable
idle_timeout UDP idle timeout in seconds

Though UDP is a connectionless protocol, for the purposes of load
balancing, all UDP packets with the same flow signature (source and
destination IP/ports and IP protocol) received within the idle timeout
period are considered to belong to the same connection and are sent to
the same backend server. If no packets are received for idle timeout
period, the connection (association between flow signature and the
selected server) is cleaned up.
integer Minimum: 1
Maximum: 2147483647
Default: "300"
resource_type Must be set to the value LbFastUdpProfile ApplicationProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LbGenericPersistenceProfile (schema)

LB generic persistence profile

The profile is used to define the persistence entry expiration time,
mirroring enabled flag to synchronize persistence entries, persistence
shared flag for the associated virtual servers. The profile cannot be
attached to virtual server directly, it can be only consumed by LB rule
action. In HTTP forwarding phase, LBVariablePersistenceOnAction can be
used to consume LbGenericPersistenceProfile. In HTTP response rewriting
phase, LBVariablePersistenceLearnAction is used instead.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
ha_persistence_mirroring_enabled Mirroring enabled flag

The mirroring enabled flag is to synchronize persistence entries.
Persistence entries are not synchronized to the HA peer by default.
boolean Default: "False"
id Unique identifier of this resource string Sortable
persistence_shared Persistence shared flag

The persistence shared flag identifies whether the persistence table
is shared among virtual-servers referring this profile.
If persistence shared flag is not set in the cookie persistence profile
bound to a virtual server, it defaults to cookie persistence that is
private to each virtual server and is qualified by the pool. This is
accomplished by load balancer inserting a cookie with name in the
format <name>.<virtual_server_id>.<pool_id>.
If persistence shared flag is set in the cookie persistence profile, in
cookie insert mode, cookie persistence could be shared across multiple
virtual servers that are bound to the same pools. The cookie name would
be changed to <name>.<profile-id>.<pool-id>.
If persistence shared flag is not set in the sourceIp persistence
profile bound to a virtual server, each virtual server that the profile
is bound to maintains its own private persistence table.
If persistence shared flag is set in the sourceIp persistence profile,
all virtual servers the profile is bound to share the same persistence
table.
If persistence shared flag is not set in the generic persistence
profile, the persistence entries are matched and stored in the table
which is identified using both virtual server ID and profile ID.
If persistence shared flag is set in the generic persistence profile,
the persistence entries are matched and stored in the table which is
identified using profile ID. It means that virtual servers which
consume the same profile in the LbRule with this flag enabled are
sharing the same persistence table.
boolean Default: "False"
resource_type Must be set to the value LbGenericPersistenceProfile PersistenceProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Persistence entry expiration time in seconds

When all connections complete (reference count reaches 0), persistence
entry timer is started with the expiration time.
integer Minimum: 1
Maximum: 2147483647
Default: "300"

LbHttpMonitor (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count num of consecutive checks must fail before marking it down integer Minimum: 1
Maximum: 2147483647
Default: "3"
id Unique identifier of this resource string Sortable
interval the frequency at which the system issues the monitor check (in second) integer Minimum: 1
Maximum: 2147483647
Default: "5"
monitor_port port which is used for healthcheck

If the monitor port is specified, it would override pool member port
setting for healthcheck. A port range is not supported.
For ICMP monitor, monitor_port is not required.
PortElement
request_body String to send as part of HTTP health check request body. Valid only for certain HTTP methods like POST. string
request_headers Array of HTTP request headers array of LbHttpRequestHeader
request_method the health check method for HTTP monitor type HttpRequestMethodType Default: "GET"
request_url URL used for HTTP monitor string
request_version HTTP request version HttpRequestVersionType Default: "HTTP_VERSION_1_1"
resource_type Must be set to the value LbHttpMonitor MonitorType Required
response_body response body to match

If HTTP response body match string (regular expressions not supported)
is specified (using LbHttpMonitor.response_body) then the
healthcheck HTTP response body is matched against the specified string
and server is considered healthy only if there is a match.
If the response body string is not specified, HTTP healthcheck is
considered successful if the HTTP response status code is 2xx, but it
can be configured to accept other status codes as successful.
string
response_status_codes Array of single HTTP response status codes

The HTTP response status code should be a valid HTTP status code.
array of int Maximum items: 64
rise_count num of consecutive checks must pass before marking it up integer Minimum: 1
Maximum: 2147483647
Default: "3"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout the number of seconds the target has in which to respond to the monitor request integer Minimum: 1
Maximum: 2147483647
Default: "15"

LbHttpProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
http_redirect_to http redirect static URL

If a website is temporarily down or has moved, incoming requests
for that virtual server can be temporarily redirected to a URL
string
http_redirect_to_https flag to indicate whether enable HTTP-HTTPS redirect

Certain secure applications may want to force communication over SSL,
but instead of rejecting non-SSL connections, they may choose to
redirect the client automatically to use SSL.
boolean Default: "False"
id Unique identifier of this resource string Sortable
idle_timeout HTTP application idle timeout in seconds

It is used to specify the HTTP application idle timeout, it means that
how long the load balancer will keep the connection idle to wait for
the client to send the next keep-alive request. It is not a TCP socket
setting.
integer Minimum: 1
Maximum: 2147483647
Default: "15"
ntlm NTLM support flag

NTLM is an authentication protocol that can be used over HTTP. If the
flag is set to true, LB will use NTLM challenge/response methodology.
boolean Default: "False"
request_body_size Maximum size of the buffer used to store HTTP request body

If it is not specified, it means that request body size is unlimited.
integer Minimum: 1
Maximum: 2147483647
request_header_size Maximum size of the buffer used to store HTTP request headers

A request with header larger than request_header_size will be processed
as best effort whereas a request with header below this specified size
is guaranteed to be processed.
integer Minimum: 1
Maximum: 65536
Default: "1024"
resource_type Must be set to the value LbHttpProfile ApplicationProfileType Required
response_header_size Maximum size of the buffer used to store HTTP response headers

A response with header larger than response_header_size will be dropped.
integer Minimum: 1
Maximum: 65536
Default: "4096"
response_timeout Maximum server idle time in seconds

If server doesn't send any packet within this time, the connection is closed.
integer Minimum: 1
Maximum: 2147483647
Default: "60"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
x_forwarded_for insert or replace x_forwarded_for XForwardedForType

LbHttpRedirectAction (schema)

Action to redirect HTTP request messages

This action is used to redirect HTTP request messages to a new URL. The
reply_status value specified in this action is used as the status code of
HTTP response message which is sent back to client (Normally a browser).
The HTTP status code for redirection is 3xx, for example, 301, 302, 303,
307, etc. The redirect_url is the new URL that the HTTP request message is
redirected to. Normally browser will send another HTTP request to the new
URL after receiving a redirection response message.
Captured variables and built-in variables can be used in redirect_url field.
For example, to redirect all HTTP requests to HTTPS requests for a virtual
server. We create an LbRule without any conditions, add an
LbHttpRedirectAction to the rule. Set the
redirect_url field of the LbHttpRedirectAction to:
https://$_host$_request_uri
And set redirect_status to "302", which means found. This rule will
redirect all HTTP requests to HTTPS server port on the same host.

Name Description Type Notes
redirect_status HTTP response status code string Required
redirect_url The URL that the HTTP request is redirected to string Required
type Must be set to the value LbHttpRedirectAction LbRuleActionType Required

LbHttpRejectAction (schema)

Action to reject HTTP request messages

This action is used to reject HTTP request messages. The specified
reply_status value is used as the status code for the corresponding HTTP
response message which is sent back to client (Normally a browser)
indicating the reason it was rejected. Reference official HTTP status code
list for your specific HTTP version to set the reply_status properly.
LbHttpRejectAction does not support variables.

Name Description Type Notes
reply_message Response message string
reply_status HTTP response status code string Required
type Must be set to the value LbHttpRejectAction LbRuleActionType Required

LbHttpRequestBodyCondition (schema)

Condition to match content of HTTP request message body

This condition is used to match the message body of an HTTP request.
Typically, only HTTP POST, PATCH, or PUT requests have request body.
The match_type field defines how body_value field is used to match the body
of HTTP requests.

Name Description Type Notes
body_value HTTP request body string Required
case_sensitive A case sensitive flag for HTTP body comparing

If true, case is significant when comparing HTTP body value.
boolean Default: "True"
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
match_type Match type of HTTP body LbRuleMatchType Default: "REGEX"
type Must be set to the value LbHttpRequestBodyCondition LbRuleConditionType Required

LbHttpRequestCookieCondition (schema)

Condition to match HTTP request cookie

This condition is used to match HTTP request messages by cookie which is a
specific type of HTTP header. The match_type and case_sensitive define how
to compare cookie value.

Name Description Type Notes
case_sensitive A case sensitive flag for cookie value comparing

If true, case is significant when comparing cookie value.
boolean Default: "True"
cookie_name Name of cookie string Required
cookie_value Value of cookie string Required
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
match_type Match type of cookie value LbRuleMatchType Default: "REGEX"
type Must be set to the value LbHttpRequestCookieCondition LbRuleConditionType Required

LbHttpRequestHeader (schema)

Name Description Type Notes
header_name Name of HTTP request header string Required
header_value Value of HTTP request header string Required

LbHttpRequestHeaderCondition (schema)

Condition to match HTTP request header

This condition is used to match HTTP request messages by HTTP header
fields. HTTP header fields are components of the header section of HTTP
request and response messages. They define the operating parameters of an
HTTP transaction. For example, Cookie, Authorization, User-Agent, etc. One
condition can be used to match one header field, to match multiple header
fields, multiple conditions must be specified.
The match_type field defines how header_value field is used to match HTTP
requests. The header_name field does not support match types.

Name Description Type Notes
case_sensitive A case sensitive flag for HTTP header value comparing

If true, case is significant when comparing HTTP header value.
boolean Default: "True"
header_name Name of HTTP header string Required
header_value Value of HTTP header string Required
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
match_type Match type of HTTP header value LbRuleMatchType Default: "REGEX"
type Must be set to the value LbHttpRequestHeaderCondition LbRuleConditionType Required

LbHttpRequestHeaderDeleteAction (schema)

Action to delete HTTP request header fields

This action is used to delete header fields of HTTP request messages at
HTTP_REQUEST_REWRITE phase. One action can be used to delete all headers
with same header name. To delete headers with different header names,
multiple actions must be defined.

Name Description Type Notes
header_name Name of a header field of HTTP request message string Required
type Must be set to the value LbHttpRequestHeaderDeleteAction LbRuleActionType Required

LbHttpRequestHeaderRewriteAction (schema)

Action to rewrite header fields of HTTP request messages.

This action is used to rewrite header fields of matched HTTP request
messages to specified new values. One action can be used to rewrite one
header field. To rewrite multiple header fields, multiple actions must be
defined.
Captured variables and built-in variables can be used in the header_value
field, header_name field does not support variables.

Name Description Type Notes
header_name Name of HTTP request header string Required
header_value Value of HTTP request header string Required
type Must be set to the value LbHttpRequestHeaderRewriteAction LbRuleActionType Required

LbHttpRequestMethodCondition (schema)

Condition to match method of HTTP request messages

This condition is used to match method of HTTP requests. If the method of an
HTTP request is same as the method specified in this condition, the HTTP
request match this condition. For example, if the method field is set to
GET in this condition, any HTTP request with GET method matches the
condition.

Name Description Type Notes
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
method Type of HTTP request method HttpRequestMethodType Required
type Must be set to the value LbHttpRequestMethodCondition LbRuleConditionType Required

LbHttpRequestUriArgumentsCondition (schema)

Condition to match URI arguments of HTTP requests

This condition is used to match URI arguments aka query string of Http
request messages, for example, in URI http://exaple.com?foo=1&bar=2, the
"foo=1&bar=2" is the query string containing URI arguments. In an URI
scheme, query string is indicated by the first question mark ("?")
character and terminated by a number sign ("#") character or by the end of
the URI.
The uri_arguments field can be specified as a regular expression(Set
match_type to REGEX). For example, "foo=(?<x>\d+)". It matches HTTP
requests whose URI arguments containing "foo", the value of foo contains
only digits. And the value of foo is captured as $x which can be used in
LbRuleAction fields which support variables.

Name Description Type Notes
case_sensitive A case sensitive flag for URI arguments comparing

If true, case is significant when comparing URI arguments.
boolean Default: "True"
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
match_type Match type of URI arguments LbRuleMatchType Default: "REGEX"
type Must be set to the value LbHttpRequestUriArgumentsCondition LbRuleConditionType Required
uri_arguments URI arguments

URI arguments, aka query string of URI.
string Required

LbHttpRequestUriCondition (schema)

Condition to match URIs of HTTP request messages

This condition is used to match URIs(Uniform Resource Identifier) of HTTP
request messages. The URI field can be specified as a regular expression.
If an HTTP request message is requesting an URI which matches specified
regular expression, it matches the condition.
The syntax of whole URI looks like this:
scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment]
This condition matches only the path part of entire URI.
When match_type field is specified as REGEX, the uri field is used as a
regular expression to match URI path of HTTP requests. For example, to
match any URI that has "/image/" or "/images/", uri field can be specified
as: "/image[s]?/".
Named capturing groups can be used in the uri field to capture substrings
of matched URIs and store them in variables for use in LbRuleAction. For
example, specify uri field as:
"/news/(?<year>\d+)/(?<month>\d+)/(?<article>.*)"
If the URI path is /articles/news/2017/06/xyz.html, then substring "2017"
is captured in variable year, "06" is captured in variable month, and
"xyz.html" is captured in variable article. These variables can then
be used in an LbRuleAction field which supports variables, such as uri
field of LbHttpRequestUriRewriteAction. For example, set the uri field
of LbHttpRequestUriRewriteAction as:
"/articles/news/$year-$month-$article"
Then the URI path /articles/news/2017/06/xyz.html is rewritten to:
"/articles/news/2017-06-xyz.html"

Name Description Type Notes
case_sensitive A case sensitive flag for URI comparing

If true, case is significant when comparing URI.
boolean Default: "True"
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
match_type Match type of URI LbRuleMatchType Default: "REGEX"
type Must be set to the value LbHttpRequestUriCondition LbRuleConditionType Required
uri A string used to identify resource string Required

LbHttpRequestUriRewriteAction (schema)

Action to rewrite HTTP request URIs.

This action is used to rewrite URIs in matched HTTP request messages.
Specify the uri and uri_arguments fields in this condition to rewrite the
matched HTTP request message's URI and URI arguments to the new values.
Full URI scheme of HTTP messages have following syntax:
scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment]
The uri field of this action is used to rewrite the /path part in above
scheme. And the uri_arguments field is used to rewrite the query part.
Captured variables and built-in variables can be used in the uri and
uri_arguments fields.
Check the example in LbRuleAction to see how to use variables in this
action.

Name Description Type Notes
type Must be set to the value LbHttpRequestUriRewriteAction LbRuleActionType Required
uri URI of HTTP request string Required
uri_arguments URI arguments

Query string of URI, typically contains key value pairs, for example:
foo1=bar1&foo2=bar2
string

LbHttpRequestVersionCondition (schema)

Condition to match HTTP protocol version of HTTP requests

This condition is used to match the HTTP protocol version of the HTTP
request messages.

Name Description Type Notes
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
type Must be set to the value LbHttpRequestVersionCondition LbRuleConditionType Required
version HTTP version HttpRequestVersionType Required

LbHttpResponseHeaderCondition (schema)

Condition to match a header field of HTTP response

This condition is used to match HTTP response messages from backend servers
by HTTP header fields. HTTP header fields are components of the header
section of HTTP request and response messages. They define the operating
parameters of an HTTP transaction. For example, Cookie, Authorization,
User-Agent, etc. One condition can be used to match one header field, to
match multiple header fields, multiple conditions must be specified.
The match_type field defines how header_value field is used to match HTTP
responses. The header_name field does not support match types.

Name Description Type Notes
case_sensitive A case sensitive flag for HTTP header value comparing

If true, case is significant when comparing HTTP header value.
boolean Default: "True"
header_name Name of HTTP header field string Required
header_value Value of HTTP header field string Required
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
match_type Match type of HTTP header value LbRuleMatchType Default: "REGEX"
type Must be set to the value LbHttpResponseHeaderCondition LbRuleConditionType Required

LbHttpResponseHeaderDeleteAction (schema)

Action to delete HTTP response header fields

This action is used to delete header fields of HTTP response messages at
HTTP_RESPONSE_REWRITE phase. One action can be used to delete allgi headers
with same header name. To delete headers with different header names,
multiple actions must be defined

Name Description Type Notes
header_name Name of a header field of HTTP response message string Required
type Must be set to the value LbHttpResponseHeaderDeleteAction LbRuleActionType Required

LbHttpResponseHeaderRewriteAction (schema)

Action to rewrite HTTP response header fields

This action is used to rewrite header fields of HTTP response messages to
specified new values at HTTP_RESPONSE_REWRITE phase. One action can be used
to rewrite one header field. To rewrite multiple header fields, multiple
actions must be defined.
Captured variables and built-in variables can be used in the header_value
field, header_name field does not support variables.

Name Description Type Notes
header_name Name of a header field of HTTP request message string Required
header_value Value of header field string Required
type Must be set to the value LbHttpResponseHeaderRewriteAction LbRuleActionType Required

LbHttpSslCondition (schema)

Condition to match SSL handshake and SSL connection

This condition is used to match SSL handshake and SSL connection at
all phases.If multiple properties are configured, the rule is considered
a match when all the configured properties are matched.

Name Description Type Notes
client_certificate_issuer_dn The issuer DN match condition of the client certificate

The issuer DN match condition of the client certificate for an
established SSL connection
LbClientCertificateIssuerDnCondition
client_certificate_subject_dn The subject DN match condition of the client certificate

The subject DN match condition of the client certificate for an
established SSL connection
LbClientCertificateSubjectDnCondition
client_supported_ssl_ciphers Cipher list which supported by client array of SslCipher
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
session_reused The type of SSL session reused LbSslSessionReusedType Default: "IGNORE"
type Must be set to the value LbHttpSslCondition LbRuleConditionType Required
used_protocol Protocol of an established SSL connection SslProtocol
used_ssl_cipher Cipher used for an established SSL connection SslCipher

LbHttpsMonitor (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
certificate_chain_depth the maximum traversal depth of server certificate chain

authentication depth is used to set the verification depth in the server
certificates chain.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
cipher_group_label Label of cipher group

It is a label of cipher group which is mostly consumed by GUI.
SslCipherGroup
ciphers supported SSL cipher list to servers array of SslCipher
client_certificate_id client certificate identifier

client certificate can be specified to support client authentication.
string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count num of consecutive checks must fail before marking it down integer Minimum: 1
Maximum: 2147483647
Default: "3"
id Unique identifier of this resource string Sortable
interval the frequency at which the system issues the monitor check (in second) integer Minimum: 1
Maximum: 2147483647
Default: "5"
is_fips FIPS compliance of ciphers and protocols

This flag is set to true when all the ciphers and protocols are FIPS
compliant. It is set to false when one of the ciphers or protocols are
not FIPS compliant..
boolean Readonly
is_secure Secure/Insecure monitor flag

This flag is set to true when all the ciphers and protocols are secure.
It is set to false when one of the ciphers or protocols is insecure.
boolean Readonly
monitor_port port which is used for healthcheck

If the monitor port is specified, it would override pool member port
setting for healthcheck. A port range is not supported.
For ICMP monitor, monitor_port is not required.
PortElement
protocols supported SSL protocol list to servers

SSL versions TLS1.1 and TLS1.2 are supported and enabled by default.
SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
array of SslProtocol
request_body String to send as part of HTTP health check request body. Valid only for certain HTTP methods like POST. string
request_headers Array of HTTP request headers array of LbHttpRequestHeader
request_method the health check method for HTTP monitor type HttpRequestMethodType Default: "GET"
request_url URL used for HTTP monitor string
request_version HTTP request version HttpRequestVersionType Default: "HTTP_VERSION_1_1"
resource_type Must be set to the value LbHttpsMonitor MonitorType Required
response_body response body to match

If HTTP response body match string (regular expressions not supported)
is specified (using LbHttpMonitor.response_body) then the
healthcheck HTTP response body is matched against the specified string
and server is considered healthy only if there is a match.
If the response body string is not specified, HTTP healthcheck is
considered successful if the HTTP response status code is 2xx, but it
can be configured to accept other status codes as successful.
string
response_status_codes Array of single HTTP response status codes

The HTTP response status code should be a valid HTTP status code.
array of int Maximum items: 64
rise_count num of consecutive checks must pass before marking it up integer Minimum: 1
Maximum: 2147483647
Default: "3"
server_auth server authentication mode ServerAuthType Default: "IGNORE"
server_auth_ca_ids CA identifier list to verify server certificate

If server auth type is REQUIRED, server certificate must be signed by
one of the trusted Certificate Authorities (CAs), also referred to as
root CAs, whose self signed certificates are specified.
array of string
server_auth_crl_ids CRL identifier list to verify server certificate

A Certificate Revocation List (CRL) can be specified in the server-side
SSL profile binding to disallow compromised server certificates.
array of string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout the number of seconds the target has in which to respond to the monitor request integer Minimum: 1
Maximum: 2147483647
Default: "15"

LbIcmpMonitor (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
data_length The data size(in byte) of the ICMP healthcheck packet integer Minimum: 0
Maximum: 65507
Default: "56"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count num of consecutive checks must fail before marking it down integer Minimum: 1
Maximum: 2147483647
Default: "3"
id Unique identifier of this resource string Sortable
interval the frequency at which the system issues the monitor check (in second) integer Minimum: 1
Maximum: 2147483647
Default: "5"
monitor_port port which is used for healthcheck

If the monitor port is specified, it would override pool member port
setting for healthcheck. A port range is not supported.
For ICMP monitor, monitor_port is not required.
PortElement
resource_type Must be set to the value LbIcmpMonitor MonitorType Required
rise_count num of consecutive checks must pass before marking it up integer Minimum: 1
Maximum: 2147483647
Default: "3"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout the number of seconds the target has in which to respond to the monitor request integer Minimum: 1
Maximum: 2147483647
Default: "15"

LbIpHeaderCondition (schema)

Condition to match IP header fields

This condition is used to match IP header fields of HTTP messages.
Currently, only the source IP address is supported. IP addresses can be
expressed as a single IP address like 10.1.1.1, or a range of IP addresses
like 10.1.1.101-10.1.1.160. Both IPv4 and IPv6 addresses are supported.

Name Description Type Notes
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
source_address Source IP address of HTTP message IPElement Required
type Must be set to the value LbIpHeaderCondition LbRuleConditionType Required

LbLogLevel (schema)

the log level of load balancer service

Name Description Type Notes
LbLogLevel the log level of load balancer service string Enum: DEBUG, INFO, WARNING, ERROR, CRITICAL, ALERT, EMERGENCY

LbMonitor (schema)

This is an abstract type. Concrete child types:
LbHttpMonitor
LbHttpsMonitor
LbIcmpMonitor
LbPassiveMonitor
LbTcpMonitor
LbUdpMonitor

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value LbMonitor MonitorType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LbMonitorListRequestParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
type Load balancer monitor type

Specify this type parameter to retrieve a list of load balancer
monitors of specified type.
MonitorQueryType

LbMonitorListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results paginated list of load balancer monitors array of LbMonitor
(Abstract type: pass one of the following concrete types)
LbHttpMonitor
LbHttpsMonitor
LbIcmpMonitor
LbPassiveMonitor
LbTcpMonitor
LbUdpMonitor		 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LbNodeCountPerSeverity (schema)

The node count for specific severity

The node count for specific load balancer usage severity.

Name Description Type Notes
node_count Node count for specific serverity

Node count for specific serverity.
integer Readonly
severity LB usage severity

The severity calculation is based on credit usage percentage of
load balancer for one node.
LbUsageSeverity Readonly

LbNodeUsage (schema)

Node usage for load balancer

Node usage for load balancer contains basic information and LB entity
usages and capacity for the given node.
This is an abstract type. Concrete child types:
LbEdgeNodeUsage

Name Description Type Notes
node_id The UUID of the node for load balancer node usage

The property identifies the node UUID for load balancer node usage.
string Required
type Type of load balancer node usage

The property identifies the load balancer node usage type.
LbNodeUsageType Required

LbNodeUsageSummary (schema)

Lb node usage summary for all nodes

The load balancer node usage summary for all nodes. Only EdgeNode is
supported. The summary calculation is based on all edge nodes
configured in edge clusters.

Name Description Type Notes
current_credit_number Current credit number

The current credit number reflects the overall credit usage for
all nodes.
integer Readonly
node_counts Array of node count for each severity

The property identifies array of node count for each severity (RED,
ORANGE and GREEN).
array of LbNodeCountPerSeverity Readonly
node_usages Array of lb node usages

The property contains lb node usages for each node.
array of LbNodeUsage
(Abstract type: pass one of the following concrete types)
LbEdgeNodeUsage		 Readonly
remaining_credit_number Remaining credit number

The remaining credit number is the overall remaining credits that can
be used for load balancer service configuration for all nodes.
integer Readonly
severity LB usage severity

The severity calculation is based on current credit usage percentage
of load balancer for all nodes.
LbUsageSeverity Readonly
usage_percentage Usage percentage

The overall usage percentage of all nodes for the load balancer
services.
number Readonly

LbNodeUsageSummaryRequestParameters (schema)

Load balancer node usage summary request parameters

Load balancer node usage summary request parameters.

Name Description Type Notes
include_usages Whether to include node usages

Specify whether to include node usages in response. By default,
it is false which means node usages are not included in
LbNodeUsageSummary response.
boolean

LbNodeUsageType (schema)

Node type for load balancer node usage

The node type for load balancer node usage.

Name Description Type Notes
LbNodeUsageType Node type for load balancer node usage

The node type for load balancer node usage.
string Enum: LbEdgeNodeUsage

LbPassiveMonitor (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
max_fails number of consecutive connection failures

When the consecutive failures reach this value, then the member is
considered temporarily unavailable for a configurable period
integer Minimum: 1
Maximum: 2147483647
Default: "5"
resource_type Must be set to the value LbPassiveMonitor MonitorType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout timeout in seconds before it is selected again for a new connection

After this timeout period, the member is tried again for a new
connection to see if it is available.
integer Minimum: 1
Maximum: 2147483647
Default: "5"

LbPersistenceCookieTime (schema)

Name Description Type Notes
cookie_max_idle persistence cookie max idle time in seconds

HTTP cookie max-age to expire cookie, only available for insert mode.
integer Required
Minimum: 1
Maximum: 2147483647
type Must be set to the value LbPersistenceCookieTime CookieTimeType Required

LbPersistenceProfile (schema)

LB persistence profile

LB persistence profile contains the information related to load balancer
persistence options.
Some applications maintain state and require all relevant connections
to be sent to the same server as the application state is not
synchronized among servers. Persistence can be enabled on a
LbVirtualServer by binding a persistence profile to it.
LbGenericPersistenceProfile cannot be attached to virtual server directly,
it can be only consumed by LB rule action. If a user attaches a generic
persistence profile directly to a virtual server, the operation is
rejected.
This is an abstract type. Concrete child types:
LbCookiePersistenceProfile
LbGenericPersistenceProfile
LbSourceIpPersistenceProfile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
persistence_shared Persistence shared flag

The persistence shared flag identifies whether the persistence table
is shared among virtual-servers referring this profile.
If persistence shared flag is not set in the cookie persistence profile
bound to a virtual server, it defaults to cookie persistence that is
private to each virtual server and is qualified by the pool. This is
accomplished by load balancer inserting a cookie with name in the
format <name>.<virtual_server_id>.<pool_id>.
If persistence shared flag is set in the cookie persistence profile, in
cookie insert mode, cookie persistence could be shared across multiple
virtual servers that are bound to the same pools. The cookie name would
be changed to <name>.<profile-id>.<pool-id>.
If persistence shared flag is not set in the sourceIp persistence
profile bound to a virtual server, each virtual server that the profile
is bound to maintains its own private persistence table.
If persistence shared flag is set in the sourceIp persistence profile,
all virtual servers the profile is bound to share the same persistence
table.
If persistence shared flag is not set in the generic persistence
profile, the persistence entries are matched and stored in the table
which is identified using both virtual server ID and profile ID.
If persistence shared flag is set in the generic persistence profile,
the persistence entries are matched and stored in the table which is
identified using profile ID. It means that virtual servers which
consume the same profile in the LbRule with this flag enabled are
sharing the same persistence table.
boolean Default: "False"
resource_type Must be set to the value LbPersistenceProfile PersistenceProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LbPersistenceProfileListRequestParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
type Load balancer persistence profile type

Specify this type parameter to retrieve a list of load balancer
persistence profiles of specified type.
PersistenceProfileType

LbPersistenceProfileListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results paginated list of load balancer persistence profiles array of LbPersistenceProfile
(Abstract type: pass one of the following concrete types)
LbCookiePersistenceProfile
LbGenericPersistenceProfile
LbSourceIpPersistenceProfile		 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LbPool (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
active_monitor_ids active monitor identifier list

In case of active healthchecks, load balancer itself initiates new
connections (or sends ICMP ping) to the servers periodically to check
their health, completely independent of any data traffic. Active
healthchecks are disabled by default and can be enabled for a server
pool by binding a health monitor to the pool. Currently, only one active
health monitor can be configured per server pool.
array of string
algorithm pool balancing algorithm for backend pool members

Load balancing algorithm, configurable per pool controls how the
incoming connections are distributed among the members.
PoolAlgorithm Default: "ROUND_ROBIN"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
member_group Load balancer member setting with grouping object

Load balancer pool support grouping object as dynamic pool members.
When member group is defined, members setting should not be specified.
PoolMemberGroup
members load balancer pool members

Server pool consists of one or more pool members. Each pool member
is identified, typically, by an IP address and a port.
array of PoolMember
min_active_members minimum number of active pool members to consider pool as active

A pool is considered active if there are at least certain
minimum number of members.
integer Minimum: 1
Maximum: 2147483647
Default: "1"
passive_monitor_id passive monitor identifier

Passive healthchecks are disabled by default and can be enabled by
attaching a passive health monitor to a server pool.
Each time a client connection to a pool member fails, its failed count
is incremented. For pools bound to L7 virtual servers, a connection is
considered to be failed and failed count is incremented if any TCP
connection errors (e.g. TCP RST or failure to send data) or SSL
handshake failures occur. For pools bound to L4 virtual servers, if no
response is received to a TCP SYN sent to the pool member or if a TCP
RST is received in response to a TCP SYN, then the pool member is
considered to have failed and the failed count is incremented.
string
resource_type Must be set to the value LbPool string
snat_translation snat translation configuration

Depending on the topology, Source NAT (SNAT) may be required to ensure
traffic from the server destined to the client is received by the load
balancer. SNAT can be enabled per pool. If SNAT is not enabled for a
pool, then load balancer uses the client IP and port (spoofing) while
establishing connections to the servers. This is referred to as no-SNAT
or TRANSPARENT mode.
LbSnatTranslation
(Abstract type: pass one of the following concrete types)
LbSnatAutoMap
LbSnatIpPool
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_multiplexing_enabled TCP multiplexing enable flag

TCP multiplexing allows the same TCP connection between load balancer
and the backend server to be used for sending multiple client requests
from different client TCP connections.
boolean Default: "False"
tcp_multiplexing_number maximum number of TCP connections for multiplexing

The maximum number of TCP connections per pool that are idly kept alive
for sending future client requests.
integer Minimum: 0
Maximum: 2147483647
Default: "6"

LbPoolListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results paginated list of pools array of LbPool Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LbPoolMemberStatistics (schema)

Name Description Type Notes
ip_address Pool member IP address IPAddress Required
port Pool member port

The port is configured in pool member. For virtual server port range
case, pool member port must be null.
PortElement
statistics Pool member statistics counter LbStatisticsCounter Required

LbPoolMemberStatus (schema)

Name Description Type Notes
failure_cause The healthcheck failure cause when status is DOWN string
ip_address Pool member IP address IPAddress Required
last_check_time EpochMsTimestamp
last_state_change_time EpochMsTimestamp
port Pool member port

The port is configured in pool member. For virtual server port range
case, pool member port must be null.
PortElement
status Pool member status

UP means that pool member is enabled and monitors have marked the pool
member as UP. If the pool member has no monitor configured, it would
be treated as UP.
DOWN means that pool member is enabled and monitors have marked the
pool member as DOWN.
DISABLED means that admin state of pool member is set to DISABLED.
GRACEFUL_DISABLED means that admin state of pool member is set to
GRACEFUL_DISABLED.
UNUSED means that the pool member is not used when the IP list size
of member group exceeds the maximum setting. The remaining IP addresses
would not be used as available backend servers, hence mark the status
as UNUSED.
string Required
Enum: UP, DOWN, DISABLED, GRACEFUL_DISABLED, UNUSED

LbPoolStatistics (schema)

Name Description Type Notes
last_update_timestamp Timestamp when the data was last updated EpochMsTimestamp
members Statistics of load balancer pool members array of LbPoolMemberStatistics
pool_id Load balancer pool identifier string Required
statistics Virtual server statistics counter LbStatisticsCounter Required

LbPoolStatisticsListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results paginated statistics list of pools array of LbPoolStatistics Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LbPoolStatus (schema)

Name Description Type Notes
last_update_timestamp Timestamp when the data was last updated EpochMsTimestamp
members Status of load balancer pool members array of LbPoolMemberStatus
pool_id Load balancer pool identifier string Required
status Virtual server status

UP means that all primary members are in UP status.
PARTIALLY_UP means that some(not all) primary members are in UP
status, the number of these active members is larger or equal to
certain number(min_active_members) which is defined in LbPool.
When there are no backup members which are in the UP status, the
number(min_active_members) would be ignored.
PRIMARY_DOWN means that less than certain(min_active_members) primary
members are in UP status but backup members are in UP status,
connections to this pool would be dispatched to backup members.
DOWN means that all primary and backup members are DOWN.
DETACHED means that the pool is not bound to any virtual server.
UNKNOWN means that the pool is not associated to any enabled virtual
servers, or no status reported from transport-nodes, the associated
load balancer service may be working(or not working).
string Enum: UP, PARTIALLY_UP, PRIMARY_DOWN, DOWN, DETACHED, UNKNOWN

LbPoolStatusListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results paginated status list of pools array of LbPoolStatus Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LbRule (schema)

Load balancer rules

Load balancer rules allow customization of load balancing behavior using
match/action rules. Currently, load balancer rules are supported for only
layer 7 virtual servers with application profile LbHttpProfile.
Each application rule consists of one or more match conditions and one or
more actions.
Load balancer rules could be used by different load balancer services.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
actions Actions to be executed

A list of actions to be executed at specified phase when load balancer
rule matches. The actions are used to manipulate application traffic,
such as rewrite URI of HTTP messages, redirect HTTP messages, etc.
array of LbRuleAction
(Abstract type: pass one of the following concrete types)
LbHttpRedirectAction
LbHttpRejectAction
LbHttpRequestHeaderDeleteAction
LbHttpRequestHeaderRewriteAction
LbHttpRequestUriRewriteAction
LbHttpResponseHeaderDeleteAction
LbHttpResponseHeaderRewriteAction
LbSelectPoolAction
LbVariableAssignmentAction
LbVariablePersistenceLearnAction
LbVariablePersistenceOnAction		 Required
Maximum items: 60
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
match_conditions Conditions to match application traffic

A list of match conditions used to match application traffic. Multiple
match conditions can be specified in one load balancer rule, each match
condition defines a criterion to match application traffic.
If no match conditions are specified, then the load balancer rule will
always match and it is used typically to define default rules. If more
than one match condition is specified, then match strategy determines
if all conditions should match or any one condition should match for the
load balancer rule to considered a match.
array of LbRuleCondition
(Abstract type: pass one of the following concrete types)
LbHttpRequestBodyCondition
LbHttpRequestCookieCondition
LbHttpRequestHeaderCondition
LbHttpRequestMethodCondition
LbHttpRequestUriArgumentsCondition
LbHttpRequestUriCondition
LbHttpRequestVersionCondition
LbHttpResponseHeaderCondition
LbHttpSslCondition
LbIpHeaderCondition
LbTcpHeaderCondition
LbVariableCondition		 Maximum items: 60
match_strategy Strategy to match multiple conditions

Strategy to define how load balancer rule is considered a match when
multiple match conditions are specified in one rule. If match_stragety
is set to ALL, then load balancer rule is considered a match only if all
the conditions match. If match_strategy is set to ANY, then load
balancer rule is considered a match if any one of the conditions match.
string Required
Enum: ALL, ANY
phase Load balancer processing phase

Each load balancer rule is used at a specific phase of load balancer
processing. Currently three phases are supported, HTTP_REQUEST_REWRITE,
HTTP_FORWARDING and HTTP_RESPONSE_REWRITE.
When an HTTP request message is received by load balancer, all
HTTP_REQUEST_REWRITE rules, if present are executed in the order they
are applied to virtual server. And then if HTTP_FORWARDING rules
present, only first matching rule's action is executed, remaining rules
are not checked. HTTP_FORWARDING rules can have only one action. If the
request is forwarded to a backend server and the response goes back to
load balancer, all HTTP_RESPONSE_REWRITE rules, if present, are executed
in the order they are applied to the virtual server.
string Required
Enum: HTTP_REQUEST_REWRITE, HTTP_FORWARDING, HTTP_RESPONSE_REWRITE
resource_type Must be set to the value LbRule string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LbRuleAction (schema)

Load balancer rule action

Load balancer rule actions are used to manipulate application traffic.
Currently load balancer rules can be used at three load balancer processing
phases. Each phase has its own supported type of actions.
Supported actions in HTTP_REQUST_REWRITE phase are:
LbHttpRequestUriRewriteAction
LbHttpRequestHeaderRewriteAction
LbHttpRequestHeaderDeleteAction
LbVariableAssignmentAction
Supported actions in HTTP_FORWARDING phase are:
LbHttpRejectAction
LbHttpRedirectAction
LbSelectPoolAction
LbVariablePersistenceOnAction
Supported action in HTTP_RESPONSE_REWRITE phase is:
LbHttpResponseHeaderRewriteAction
LbHttpResponseHeaderDeleteAction
LbVariablePersistenceLearnAction

If the match type of an LbRuleCondition field is specified as REGEX and
named capturing groups are used in the specified regular expression. The
groups can be used as variables in LbRuleAction fields.
For example, define a rule with LbHttpRequestUriCondition as match
condition and LbHttpRequestUriRewriteAction as action. Set match_type field
of LbHttpRequestUriCondition to REGEX, and set uri field to
"/news/(?<year>\d+)/(?<month>\d+)/(?<article>.*)".
Set uri field of LbHttpRequestUriRewriteAction to:
"/news/$year-$month/$article"
In uri field of LbHttpRequestUriCondition, the (?<year>\d+),
(?<month>\d+) and (?<article>.*) are named capturing groups,
they define variables named $year, $month and $article respectively. The
defined variables are used in LbHttpRequestUriRewriteAction.
For a matched HTTP request with URI "/news/2017/06/xyz.html", the substring
"2017" is captured in variable $year, "06" is captured in variable $month,
and "xyz.html" is captured in variable $article. The
LbHttpRequestUriRewriteAction will rewrite the URI to:
"/news/2017-06/xyz.html"
A set of built-in variables can be used in LbRuleAction as well. The name
of built-in variables start with underscore, the name of user defined
variables is not allowed to start with underscore.
Following are some of the built-in variables:
$_scheme: Reference the scheme part of matched HTTP messages, could be
"http" or "https".
$_host: Host of matched HTTP messages, for example "www.example.com".
$_server_port: Port part of URI, it is also the port of the server which
accepted a request. Default port is 80 for http and 443 for https.
$_uri: The URI path, for example "/products/sample.html".
$_request_uri: Full original request URI with arguments, for example,
"/products/sample.html?a=b&c=d".
$_args: URI arguments, for instance "a=b&c=d"
$_is_args: "?" if a request has URI arguments, or an empty string
otherwise.
For the full list of built-in variables, please reference the NSX-T
Administrator's Guide.
This is an abstract type. Concrete child types:
LbHttpRedirectAction
LbHttpRejectAction
LbHttpRequestHeaderDeleteAction
LbHttpRequestHeaderRewriteAction
LbHttpRequestUriRewriteAction
LbHttpResponseHeaderDeleteAction
LbHttpResponseHeaderRewriteAction
LbSelectPoolAction
LbVariableAssignmentAction
LbVariablePersistenceLearnAction
LbVariablePersistenceOnAction

Name Description Type Notes
type Type of load balancer rule action

The property identifies the load balancer rule action type.
LbRuleActionType Required

LbRuleActionType (schema)

Types of load balancer rule actions

LbRuleActionType is used to identify the action types used in load
balancer rules.

Name Description Type Notes
LbRuleActionType Types of load balancer rule actions

LbRuleActionType is used to identify the action types used in load
balancer rules.
string Enum: LbHttpRequestUriRewriteAction, LbHttpRequestHeaderRewriteAction, LbHttpRejectAction, LbHttpRedirectAction, LbSelectPoolAction, LbSelectServerAction, LbHttpResponseHeaderRewriteAction, LbHttpRequestHeaderDeleteAction, LbHttpResponseHeaderDeleteAction, LbVariableAssignmentAction, LbVariablePersistenceOnAction, LbVariablePersistenceLearnAction

LbRuleCondition (schema)

Match condition of load balancer rule

Match conditions are used to match application traffic passing through
load balancers. Multiple match conditions can be specified in one load
balancer rule, each match condition defines a criterion for application
traffic.
If inverse field is set to true, the match result of the condition is
inverted.
If more than one match condition is specified, match strategy determines
if all conditions should match or any one condition should match for the
load balancer rule to be considered a match.
Currently only HTTP messages are supported by load balancer rules.
Each load balancer rule is used at a specific phase of load balancer
processing. Currently three phases are supported, HTTP_REQUEST_REWRITE,
HTTP_FORWARDING and HTTP_RESPONSE_REWRITE.
Each phase supports certain types of match conditions, supported match
conditions in HTTP_REQUEST_REWRITE phase are:
LbHttpRequestMethodCondition
LbHttpRequestUriCondition
LbHttpRequestUriArgumentsCondition
LbHttpRequestVersionCondition
LbHttpRequestHeaderCondition
LbHttpRequestCookieCondition
LbHttpRequestBodyCondition
LbTcpHeaderCondition
LbIpHeaderCondition
LbVariableCondition
LbHttpSslCondition
Supported match conditions in HTTP_FORWARDING phase are:
LbHttpRequestMethodCondition
LbHttpRequestUriCondition
LbHttpRequestUriArgumentsCondition
LbHttpRequestVersionCondition
LbHttpRequestHeaderCondition
LbHttpRequestCookieCondition
LbHttpRequestBodyCondition
LbTcpHeaderCondition
LbIpHeaderCondition
LbVariableCondition
LbHttpSslCondition
Supported match condition in HTTP_RESPONSE_REWRITE phase is:
LbHttpResponseHeaderCondition
LbHttpRequestMethodCondition
LbHttpRequestUriCondition
LbHttpRequestUriArgumentsCondition
LbHttpRequestVersionCondition
LbHttpRequestHeaderCondition
LbHttpRequestCookieCondition
LbTcpHeaderCondition
LbIpHeaderCondition
LbVariableCondition
LbHttpSslCondition
This is an abstract type. Concrete child types:
LbHttpRequestBodyCondition
LbHttpRequestCookieCondition
LbHttpRequestHeaderCondition
LbHttpRequestMethodCondition
LbHttpRequestUriArgumentsCondition
LbHttpRequestUriCondition
LbHttpRequestVersionCondition
LbHttpResponseHeaderCondition
LbHttpSslCondition
LbIpHeaderCondition
LbTcpHeaderCondition
LbVariableCondition

Name Description Type Notes
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
type Type of load balancer rule condition LbRuleConditionType Required

LbRuleConditionType (schema)

Type of load balancer rule match condition

Name Description Type Notes
LbRuleConditionType Type of load balancer rule match condition string Enum: LbHttpRequestMethodCondition, LbHttpRequestUriCondition, LbHttpRequestUriArgumentsCondition, LbHttpRequestVersionCondition, LbHttpRequestHeaderCondition, LbHttpRequestCookieCondition, LbHttpRequestBodyCondition, LbHttpResponseHeaderCondition, LbTcpHeaderCondition, LbIpHeaderCondition, LbVariableCondition, LbHttpSslCondition

LbRuleListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results paginated list of LB rules array of LbRule Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LbRuleMatchType (schema)

Match type for LbRule conditions

LbRuleMatchType is used to determine how a specified string value is used
to match a specified LbRuleCondition field.
STARTS_WITH: If the LbRuleCondition field starts with specified string, the
condition matches. The fields with this match type are specified as
strings, not regular expressions.
ENDS_WITH: If the LbRuleCondition field ends with specified string, the
condition matches. The fields with this match type are specified as
strings, not regular expressions.
EQUALS: If the LbRuleCondition field is same as the specified string, the
condition matches. The fields with this match type are specified as
strings, not regular expressions.
CONTAINS: If the LbRuleCondition field contains the specified string, the
condition matches. The fields with this match type are specified as
strings, not regular expressions.
REGEX: If the LbRuleCondition field matches specified regular expression,
the condition matches. The regular expressions in load balancer rules use
the features common to both Java regular expressions and Perl Compatible
Regular Expressions (PCREs) with some restrictions. Reference
http://www.pcre.org for PCRE and the NSX-T Administrator's Guide for the
restrictions.
If named capturing groups are used in the regular expression, when a
match succeeds, the substrings of the subject string that match named
capturing groups are stored (captured) in variables with specific names
which can be used in the fields of LbRuleAction which support variables.
Named capturing group are defined in the format (?<name>subpattern),
such as (?<year>\d{4}).
For example, in the regular expression:
"/news/(?<year>\d+)/(?<month>\d+)/(?<article>.*)", for
subject string "/news/2017/06/xyz.html", the substring "2017" is captured
in variable year, "06" is captured in variable month, and "xyz.html" is
captured in variable article. These variables can be used in LbRuleAction
fields which support variables in form of $name, such as $year, $month,
$article.
Please note, when regular expressions are used in JSON(JavaScript Object
Notation) string, every backslash character (\) needs to be escaped by one
additional backslash character.

Name Description Type Notes
LbRuleMatchType Match type for LbRule conditions

LbRuleMatchType is used to determine how a specified string value is used
to match a specified LbRuleCondition field.
STARTS_WITH: If the LbRuleCondition field starts with specified string, the
condition matches. The fields with this match type are specified as
strings, not regular expressions.
ENDS_WITH: If the LbRuleCondition field ends with specified string, the
condition matches. The fields with this match type are specified as
strings, not regular expressions.
EQUALS: If the LbRuleCondition field is same as the specified string, the
condition matches. The fields with this match type are specified as
strings, not regular expressions.
CONTAINS: If the LbRuleCondition field contains the specified string, the
condition matches. The fields with this match type are specified as
strings, not regular expressions.
REGEX: If the LbRuleCondition field matches specified regular expression,
the condition matches. The regular expressions in load balancer rules use
the features common to both Java regular expressions and Perl Compatible
Regular Expressions (PCREs) with some restrictions. Reference
http://www.pcre.org for PCRE and the NSX-T Administrator's Guide for the
restrictions.
If named capturing groups are used in the regular expression, when a
match succeeds, the substrings of the subject string that match named
capturing groups are stored (captured) in variables with specific names
which can be used in the fields of LbRuleAction which support variables.
Named capturing group are defined in the format (?<name>subpattern),
such as (?<year>\d{4}).
For example, in the regular expression:
"/news/(?<year>\d+)/(?<month>\d+)/(?<article>.*)", for
subject string "/news/2017/06/xyz.html", the substring "2017" is captured
in variable year, "06" is captured in variable month, and "xyz.html" is
captured in variable article. These variables can be used in LbRuleAction
fields which support variables in form of $name, such as $year, $month,
$article.
Please note, when regular expressions are used in JSON(JavaScript Object
Notation) string, every backslash character (\) needs to be escaped by one
additional backslash character.
string Enum: STARTS_WITH, ENDS_WITH, EQUALS, CONTAINS, REGEX

LbSelectPoolAction (schema)

Action to select a pool for HTTP request messages

This action is used to select a pool for matched HTTP request messages. The
pool is specified by UUID. The matched HTTP request messages are forwarded
to the specified pool.

Name Description Type Notes
pool_id UUID of load balancer pool string Required
pool_name Display name of load balancer pool string Readonly
type Must be set to the value LbSelectPoolAction LbRuleActionType Required

LbServerSslProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
cipher_group_label Label of cipher group

It is a label of cipher group which is mostly consumed by GUI.
SslCipherGroup
ciphers supported SSL cipher list to client side array of SslCipher
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
is_fips FIPS compliance of ciphers and protocols

This flag is set to true when all the ciphers and protocols are FIPS
compliant.
It is set to false when one of the ciphers or protocols are not
FIPS compliant.
boolean Readonly
is_secure Secure/Insecure SSL profile flag

This flag is set to true when all the ciphers and protocols are secure.
It is set to false when one of the ciphers or protocols is insecure.
boolean Readonly
protocols supported SSL protocol list to client side

SSL versions TLS1.1 and TLS1.2 are supported and enabled by default.
SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
array of SslProtocol
resource_type Must be set to the value LbServerSslProfile string
session_cache_enabled session cache enable/disable falg

SSL session caching allows SSL client and server to reuse previously
negotiated security parameters avoiding the expensive public key
operation during handshake.
boolean Default: "True"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LbServerSslProfileListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results paginated list of load balancer server SSL profiles array of LbServerSslProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LbService (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
access_log_enabled whether access log is enabled boolean Deprecated
Default: "False"
attachment The target which is used to instantiate Lb service.

LBS could be instantiated (or created) on the Logical router, etc.
Typically, it could be applied to Tier1 LogicalRouter. It can be
attached to Tier0 LogicalRouter either in non-multi-tenant environments
or to provide load balancing for infrastructure services offered by
the provider.
If size is set to DLB for distribution, the attachment is optional.
The supported attachment is NSGroup consisting of VIFs of that load
balancer's clients.
If the attachment is not specified and size is DLB, the associated
load balancer settings are applied to all supported transport nodes.
ResourceReference
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled whether the load balancer service is enabled boolean Default: "True"
error_log_level Error log level of load balancer service

Load balancer engine writes information about encountered issues of
different severity levels to the error log. This setting is used to
define the severity level of the error log.
LbLogLevel Default: "INFO"
id Unique identifier of this resource string Sortable
resource_type Must be set to the value LbService string
size the size of load balancer service LbServiceSize Default: "SMALL"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
virtual_server_ids virtual server identifier list

virtual servers can be associated to LbService(which is
similar to physical/virtual load balancer), Lb virtual servers,
pools and other entities could be defined independently, the virtual
server identifier list here would be used to maintain the relationship of
LbService and other Lb entities.
array of string

LbServiceDebugInfo (schema)

The debug information of the load balancer service

The information for a given load balancer service could be used for
debugging and troubleshooting. It includes load balancer service,
associated virtual servers, associated pools, associated profiles such as
persistence, SSL, application, associated monitors and associated rules.

Name Description Type Notes
application_profiles Associated load balancer application profile settings

The application profiles are associated to virtual servers
array of LbAppProfile
(Abstract type: pass one of the following concrete types)
LbFastTcpProfile
LbFastUdpProfile
LbHttpProfile		 Readonly
client_ssl_profiles Associated load balancer client SSL profile settings

The client SSL profiles are associated to virtual servers
array of LbClientSslProfile Readonly
monitors Associated load balancer monitor configurations

The load balancer monitors are associated to pools.
array of LbMonitor
(Abstract type: pass one of the following concrete types)
LbHttpMonitor
LbHttpsMonitor
LbIcmpMonitor
LbPassiveMonitor
LbTcpMonitor
LbUdpMonitor		 Readonly
persistence_profiles Associated load balancer persistence profile settings

The persistence profiles are associated to virtual servers
array of LbPersistenceProfile
(Abstract type: pass one of the following concrete types)
LbCookiePersistenceProfile
LbGenericPersistenceProfile
LbSourceIpPersistenceProfile		 Readonly
pools Associated load balancer pool settings

The pools which are associated to the given load balancer service would
be included. The pools could be defined in virtual server default pool,
sorry pool or load balancer rule action.
array of LbPool Readonly
rules Associated load balancer rule settings

The load balancer rules are associated to virtual servers
array of LbRule Readonly
server_ssl_profiles Associated load balancer server SSL profile settings

The server SSL profiles are associated to virtual servers
array of LbServerSslProfile Readonly
service Load balancer service setting

Load balancer service setting for a given load balancer service
identifier.
LbService Readonly
tcp_profiles Associated load balancer TCP profile settings

The TCP profiles are associated to virtual servers
array of LbTcpProfile Readonly
virtual_servers Associated virtual server settings

The virtual servers which are associated to the given load balancer
service would be included.
array of LbVirtualServer Readonly

LbServiceListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results paginated list of load balancer services array of LbService Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LbServiceQueryRequestParameters (schema)

Load balancer service list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
logical_router_id Logical router identifier

When logical_router_id is specified, the list load balancer API will
return the load balancer services which are related to the given
logical router.
string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

LbServiceSize (schema)

the size of load balancer service

Both distributed and centralized load balancer service are supported.
For centralized load balancer service, to address varied customer
performance and scalability requirements, different sizes for load
balancer service are supported, LARGE, MEDIUM and SMALL, each with
its own set of resource and performance specifications.
For distributed load balancer service, the size is set to DLB.

Name Description Type Notes
LbServiceSize the size of load balancer service

Both distributed and centralized load balancer service are supported.
For centralized load balancer service, to address varied customer
performance and scalability requirements, different sizes for load
balancer service are supported, LARGE, MEDIUM and SMALL, each with
its own set of resource and performance specifications.
For distributed load balancer service, the size is set to DLB.
string Enum: SMALL, MEDIUM, LARGE, DLB

LbServiceStatistics (schema)

Name Description Type Notes
last_update_timestamp Timestamp when the data was last updated EpochMsTimestamp
pools Statistics of load balancer pools array of LbPoolStatistics
service_id load balancer service identifier string Required
statistics Load balancer service statistics counter LbServiceStatisticsCounter
virtual_servers Statistics of load balancer virtual servers array of LbVirtualServerStatistics

LbServiceStatisticsCounter (schema)

Name Description Type Notes
l4_current_session_rate The average number of l4 current sessions per second, the number is averaged over the last 5 one-second intervals. number
l4_current_sessions Number of l4 current sessions integer
l4_max_sessions Number of l4 maximum sessions

L4 max sessions is used to show the peak L4 max session data since
load balancer starts to provide service.
integer
l4_total_sessions Number of l4 total sessions integer
l7_current_session_rate The average number of l7 current requests per second, the number is averaged over the last 5 one-second intervals. number
l7_current_sessions Number of l7 current sessions integer
l7_max_sessions Number of l7 maximum sessions

L7 max sessions is used to show the peak L7 max session data since
load balancer starts to provide service.
integer
l7_total_sessions Number of l7 total sessions integer

LbServiceStatus (schema)

Name Description Type Notes
active_transport_nodes Ids of load balancer service related active transport nodes array of string
cpu_usage Cpu usage in percentage integer
error_message Error message, if available string
last_update_timestamp Timestamp when the data was last updated EpochMsTimestamp
memory_usage Memory usage in percentage integer
pools status of load balancer pools array of LbPoolStatus
service_id Load balancer service identifier string Required
service_status Status of load balancer service

UP means the load balancer service is working fine on both
transport-nodes(if have);
DOWN means the load balancer service is down on both transport-nodes
(if have), hence the load balancer will not respond to any requests;
ERROR means error happens on transport-node(s) or no status is
reported from transport-node(s). The load balancer service may be
working (or not working);
NO_STANDBY means load balancer service is working in one of the
transport node while not in the other transport-node (if have). Hence
if the load balancer service in the working transport-node goes down,
the load balancer service will go down;
DETACHED means that the load balancer service has no attachment setting
and is not instantiated in any transport nodes;
DISABLED means that admin state of load balancer service is DISABLED;
UNKNOWN means that no status reported from transport-nodes.The load
balancer service may be working(or not working).
string Enum: UP, DOWN, ERROR, NO_STANDBY, DETACHED, DISABLED, UNKNOWN
standby_transport_nodes Ids of load balancer service related standby transport nodes array of string
virtual_servers status of load balancer virtual servers array of LbVirtualServerStatus

LbServiceUsage (schema)

The usage information of the load balancer service

Describes the capacity and current usage of virtual servers, pools and pool
members for the given load balancer service.

Name Description Type Notes
current_pool_count The current number of pools

The current number of pools which has been configured in the given load
balancer service.
integer Readonly
current_pool_member_count The current number of pool members

The current number of pool members which has been configured in the
given load balancer service.
integer Readonly
current_virtual_server_count The current number of virtual servers

The current number of virtual servers which has been configured in the
given load balancer service.
integer Readonly
pool_capacity The capacity of pools

Pool capacity means maximum number of pools which could be configured
in the given load balancer service.
integer Readonly
pool_member_capacity The capacity of pool members

Pool member capacity means maximum number of pool members which could
be configured in the given load balancer service.
integer Readonly
service_id UUID of load balancer service string Readonly
service_size The size of load balancer service LbServiceSize Readonly
severity LB usage severity

The severity calculation is based on the largest usage percentage from
virtual servers, pools and pool members for one load balancer service.
LbUsageSeverity Readonly
usage_percentage Usage percentage

The usage percentage is the largest usage percentage from virtual
servers, pools and pool members for the load balancer service.
number Readonly
virtual_server_capacity The capacity of virtual servers

Virtual server capacity means maximum number of virtual servers which
could be configured in the given load balancer service.
integer Readonly

LbSessionCookieTime (schema)

Name Description Type Notes
cookie_max_idle session cookie max idle time in seconds

Instead of using HTTP Cookie max-age and relying on client to expire
the cookie, max idle time and/or max lifetime of the cookie can be used.
Max idle time, if configured, specifies the maximum interval the cookie
is valid for from the last time it was seen in a request.
It is available for insert mode.
integer Minimum: 1
Maximum: 2147483647
cookie_max_life session cookie max lifetime in seconds

Max life time, if configured, specifies the maximum interval the cookie
is valid for from the first time the cookie was seen in a request.
It is available for insert mode.
integer Minimum: 1
Maximum: 2147483647
type Must be set to the value LbSessionCookieTime CookieTimeType Required

LbSnatAutoMap (schema)

Name Description Type Notes
port_overload port overloading with same SNAT IP and port

Both SNAT automap and SNAT IP list modes support port overloading
which allows the same SNAT IP and port to be used for multiple
backend connections as long as the tuple (source IP, source port,
destination IP, destination port, IP protocol) after SNAT is
performed is unique.
The valid number is 1, 2, 4, 8, 16, 32.
This is a deprecated property. The port overload factor is fixed
to 32 in load balancer engine. If it is upgraded from an old version,
the value would be changed to 32 automatically.
integer Deprecated
Minimum: 1
Maximum: 32
Default: "32"
type Must be set to the value LbSnatAutoMap SnatTranslationType Required

LbSnatIpElement (schema)

Name Description Type Notes
ip_address Ip address or ip range such as 1.1.1.1 or 1.1.1.101-1.1.1.160 IPElement Required
prefix_length subnet prefix length

Subnet prefix length should be not specified if there is only one single
IP address or IP range.
integer

LbSnatIpPool (schema)

Name Description Type Notes
ip_addresses List of Ip address or ip range

If an IP range is specified, the range may contain no more than 64
IP addresses.
array of LbSnatIpElement Required
Maximum items: 64
port_overload port overloading with same SNAT IP and port

Both SNAT automap and SNAT IP list modes support port overloading
which allows the same SNAT IP and port to be used for multiple
backend connections as long as the tuple (source IP, source port,
destination IP, destination port, IP protocol) after SNAT is
performed is unique.
The valid number is 1, 2, 4, 8, 16, 32.
This is a deprecated property. The port overload factor is fixed
to 32 in load balancer engine. If it is upgraded from an old version,
the value would be changed to 32 automatically.
integer Deprecated
Minimum: 1
Maximum: 32
Default: "32"
type Must be set to the value LbSnatIpPool SnatTranslationType Required

LbSnatTranslation (schema)

This is an abstract type. Concrete child types:
LbSnatAutoMap
LbSnatIpPool

Name Description Type Notes
port_overload port overloading with same SNAT IP and port

Both SNAT automap and SNAT IP list modes support port overloading
which allows the same SNAT IP and port to be used for multiple
backend connections as long as the tuple (source IP, source port,
destination IP, destination port, IP protocol) after SNAT is
performed is unique.
The valid number is 1, 2, 4, 8, 16, 32.
This is a deprecated property. The port overload factor is fixed
to 32 in load balancer engine. If it is upgraded from an old version,
the value would be changed to 32 automatically.
integer Deprecated
Minimum: 1
Maximum: 32
Default: "32"
type SnatTranslationType Required

LbSourceIpPersistenceProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
ha_persistence_mirroring_enabled mirroring enabled flag to synchronize persistence entries

Persistence entries are not synchronized to the HA peer by default.
boolean Default: "False"
id Unique identifier of this resource string Sortable
persistence_shared Persistence shared flag

The persistence shared flag identifies whether the persistence table
is shared among virtual-servers referring this profile.
If persistence shared flag is not set in the cookie persistence profile
bound to a virtual server, it defaults to cookie persistence that is
private to each virtual server and is qualified by the pool. This is
accomplished by load balancer inserting a cookie with name in the
format <name>.<virtual_server_id>.<pool_id>.
If persistence shared flag is set in the cookie persistence profile, in
cookie insert mode, cookie persistence could be shared across multiple
virtual servers that are bound to the same pools. The cookie name would
be changed to <name>.<profile-id>.<pool-id>.
If persistence shared flag is not set in the sourceIp persistence
profile bound to a virtual server, each virtual server that the profile
is bound to maintains its own private persistence table.
If persistence shared flag is set in the sourceIp persistence profile,
all virtual servers the profile is bound to share the same persistence
table.
If persistence shared flag is not set in the generic persistence
profile, the persistence entries are matched and stored in the table
which is identified using both virtual server ID and profile ID.
If persistence shared flag is set in the generic persistence profile,
the persistence entries are matched and stored in the table which is
identified using profile ID. It means that virtual servers which
consume the same profile in the LbRule with this flag enabled are
sharing the same persistence table.
boolean Default: "False"
purge persistence purge setting SourceIpPersistencePurge Default: "FULL"
resource_type Must be set to the value LbSourceIpPersistenceProfile PersistenceProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout persistence entry expiration time in seconds

When all connections complete (reference count reaches 0), persistence
entry timer is started with the expiration time.
integer Minimum: 1
Maximum: 2147483647
Default: "300"

LbSslCipherAndProtocolListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
ciphers List of SSL ciphers array of LbSslCipherInfo Required
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
protocols List of SSL protocols array of LbSslProtocolInfo Required
result_count Count of results found (across all pages), set only on first page integer Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LbSslCipherInfo (schema)

SSL cipher

Name Description Type Notes
cipher SSL cipher SslCipher Required
cipher_group_labels Cipher group label list

Several cipher groups might contain the same cipher suite, each cipher
suite could have multiple cipher group labels.
array of SslCipherGroup
is_default Default SSL cipher flag boolean Required
is_secure Secure/insecure SSL cipher flag boolean Required

LbSslProfile (schema)

Load balancer abstract SSL profile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value LbSslProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LbSslProtocolInfo (schema)

SSL protocol

Name Description Type Notes
is_default Default SSL protocol flag boolean Required
is_secure Secure/insecure SSL protocol flag boolean Required
protocol SSL protocol SslProtocol Required

LbSslSessionReusedType (schema)

Type of SSL session reused

Name Description Type Notes
LbSslSessionReusedType Type of SSL session reused string Enum: IGNORE, REUSED, NEW

LbStatisticsCounter (schema)

Name Description Type Notes
bytes_in Number of bytes in integer Required
bytes_in_rate The average number of inbound bytes per second, the number is averaged over the last 5 one-second intervals. number
bytes_out Number of bytes out integer Required
bytes_out_rate The average number of outbound bytes per second, the number is averaged over the last 5 one-second intervals. number
current_session_rate The average number of current sessions per second, the number is averaged over the last 5 one-second intervals. number
current_sessions Number of current sessions integer Required
http_request_rate The average number of http requests per second, the number is averaged over the last 5 one-second intervals. number
http_requests The total number of http requests. integer
max_sessions Number of maximum sessions integer Required
packets_in Number of packets in integer
packets_in_rate The average number of inbound packets per second, the number is averaged over the last 5 one-second intervals. number
packets_out Number of packets out integer
packets_out_rate The average number of outbound packets per second, the number is averaged over the last 5 one-second intervals. number
source_ip_persistence_entry_size Number of source IP persistence entries integer
total_sessions Number of total sessions integer Required

LbTcpHeaderCondition (schema)

Condition to match TCP header fields

This condition is used to match TCP header fields of HTTP messages.
Currently, only the TCP source port is supported. Ports can be expressed as
a single port number like 80, or a port range like 1024-1030.

Name Description Type Notes
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
source_port TCP source port of HTTP message PortElement Required
type Must be set to the value LbTcpHeaderCondition LbRuleConditionType Required

LbTcpMonitor (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count num of consecutive checks must fail before marking it down integer Minimum: 1
Maximum: 2147483647
Default: "3"
id Unique identifier of this resource string Sortable
interval the frequency at which the system issues the monitor check (in second) integer Minimum: 1
Maximum: 2147483647
Default: "5"
monitor_port port which is used for healthcheck

If the monitor port is specified, it would override pool member port
setting for healthcheck. A port range is not supported.
For ICMP monitor, monitor_port is not required.
PortElement
receive expected data received from server

Expected data, if specified, can be anywhere in the response and it has to
be a string, regular expressions are not supported.
string
resource_type Must be set to the value LbTcpMonitor MonitorType Required
rise_count num of consecutive checks must pass before marking it up integer Minimum: 1
Maximum: 2147483647
Default: "3"
send data to send

If both send and receive are not specified, then just a TCP connection
is established (3-way handshake) to validate server is healthy, no
data is sent.
string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout the number of seconds the target has in which to respond to the monitor request integer Minimum: 1
Maximum: 2147483647
Default: "15"

LbTcpProfile (schema)

TCP profile allows customization of TCP stack behavior.

TCP profile allows customization of TCP stack behavior for each
application. As TCP connections are terminated (or initiated) on the load
balancer only for L7 virtual servers, TCP profiles are applicable only to
them. As the desired TCP characteristics (e.g. Rx/Tx buffers) may be
different for client (typically on WAN) and server (typically on LAN)
sides, two separate profiles can be bound to virtual server, one for
client-side (LbVirtualServer.client_tcp_profile_id) and another for
server-side (LbVirtualServer.server_tcp_profile_id).

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fin_wait2_timeout Sets how long TCP connections in FIN_WAIT2 state are kept.

If the field is not specified, the load balancer will use the default
setting per load balancer service flavor.
integer Minimum: 0
Maximum: 2147483647
id Unique identifier of this resource string Sortable
max_syn_retransmissions Sets the max number of times TCP SYN is retransmitted before failing an attempt to connect.

If the field is not specified, the load balancer will use the default
setting per load balancer service flavor.
integer Minimum: 1
Maximum: 127
nagle_algorithm_enabled Setting this option to enable or disable Nagle's algorithm. boolean Default: "True"
receive_window_size Sets max TCP receive buffer, specified in bytes.

If the field is not specified, the load balancer will use the default
setting per load balancer service flavor.
integer Minimum: 1024
Maximum: 2147483647
resource_type Must be set to the value LbTcpProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transmit_window_size Sets max TCP transmit buffer, specified in bytes.

If the field is not specified, the load balancer will use the default
setting per load balancer service flavor.
integer Minimum: 2048
Maximum: 2147483647

LbTcpProfileListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of load balancer TCP profiles array of LbTcpProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LbUdpMonitor (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count num of consecutive checks must fail before marking it down integer Minimum: 1
Maximum: 2147483647
Default: "3"
id Unique identifier of this resource string Sortable
interval the frequency at which the system issues the monitor check (in second) integer Minimum: 1
Maximum: 2147483647
Default: "5"
monitor_port port which is used for healthcheck

If the monitor port is specified, it would override pool member port
setting for healthcheck. A port range is not supported.
For ICMP monitor, monitor_port is not required.
PortElement
receive expected data received from server

Expected data, can be anywhere in the response and it has to be a
string, regular expressions are not supported.
UDP healthcheck is considered failed if there is no server response
within the timeout period.
string Required
resource_type Must be set to the value LbUdpMonitor MonitorType Required
rise_count num of consecutive checks must pass before marking it up integer Minimum: 1
Maximum: 2147483647
Default: "3"
send data to send

The data to be sent to the monitored server.
string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout the number of seconds the target has in which to respond to the monitor request integer Minimum: 1
Maximum: 2147483647
Default: "15"

LbUsageSeverity (schema)

Load balancer usage severity

Severity is calculated from usage percentage:
GREEN means the current usage percentage is less than 60%.
ORANGE means the current usage percentage is less than 80% and larger than
or equal to 60%.
RED means the current usage percentage is larger than or equal to 80%.

Name Description Type Notes
LbUsageSeverity Load balancer usage severity

Severity is calculated from usage percentage:
GREEN means the current usage percentage is less than 60%.
ORANGE means the current usage percentage is less than 80% and larger than
or equal to 60%.
RED means the current usage percentage is larger than or equal to 80%.
string Enum: GREEN, ORANGE, RED

LbVariableAssignmentAction (schema)

Action to create variable and assign value to it.

This action is used to create a new variable and assign value to it.
One action can be used to create one variable. To create multiple
variables, multiple actions must be defined.
The variables can be used by LbVariableCondition, etc.

Name Description Type Notes
type Must be set to the value LbVariableAssignmentAction LbRuleActionType Required
variable_name Name of the variable to be assigned string Required
variable_value Value of variable string Required

LbVariableCondition (schema)

Condition to match IP header fields

This condition is used to match variable's name and value at all
phases. The variables could be captured from REGEX or assigned by
LbVariableAssignmentAction or system embedded variable. Varialbe_name
and variable_value should be matched at the same time.

Name Description Type Notes
case_sensitive A case sensitive flag for variable value comparing

If true, case is significant when comparing variable value.
boolean Default: "True"
inverse A flag to indicate whether reverse the match result of this condition boolean Default: "False"
match_type Match type of variable value LbRuleMatchType Default: "REGEX"
type Must be set to the value LbVariableCondition LbRuleConditionType Required
variable_name Name of the variable to be matched string Required
variable_value Value of variable to be matched string Required

LbVariablePersistenceLearnAction (schema)

Action to learn the variable value

This action is performed in HTTP response rewrite phase. It is used to
learn the value of variable from the HTTP response, and insert an entry
into the persistence table if the entry doesn't exist.

Name Description Type Notes
persistence_profile_id UUID of LbPersistenceProfile

If the persistence profile UUID is not specified, a default
persistence table is created per virtual server. Currently, only
LbGenericPersistenceProfile is supported.
string
type Must be set to the value LbVariablePersistenceLearnAction LbRuleActionType Required
variable_hash_enabled Whether to enable a hash operation for variable value

The property is used to enable a hash operation for variable value
when composing the persistence key.
boolean Default: "False"
variable_name Variable name

The property is the name of variable to be learnt. It is used to
identify which variable's value is learnt from HTTP response.
The variable can be a system embedded variable such as
"_cookie_JSESSIONID", a customized variable defined in
LbVariableAssignmentAction or a captured variable in regular expression
such as "article".
string Required

LbVariablePersistenceOnAction (schema)

Action to persist the variable value

This action is performed in HTTP forwarding phase. It is used to inspect
the variable of HTTP request, and look up the persistence entry with its
value and pool uuid as key.
If the persistence entry is found, the HTTP request is forwarded to the
recorded backend server according to the persistence entry.
If the persistence entry is not found, a new entry is created in the
table after backend server is selected.

Name Description Type Notes
persistence_profile_id UUID of LbPersistenceProfile

If the persistence profile UUID is not specified, a default
persistence table is created per virtual server. Currently, only
LbGenericPersistenceProfile is supported.
string
type Must be set to the value LbVariablePersistenceOnAction LbRuleActionType Required
variable_hash_enabled Whether to enable a hash operation for variable value

The property is used to enable a hash operation for variable value
when composing the persistence key.
boolean Default: "False"
variable_name Variable name

The property is the name of variable to be used. It specifies which
variable's value of a HTTP Request will be used in the key of
persistence entry. The variable can be a system embedded variable such
as "_cookie_JSESSIONID", a customized variable defined in
LbVariableAssignmentAction or a captured variable in regular expression
such as "article".
string Required

LbVirtualServer (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
access_log_enabled Whether access log is enabled boolean Default: "False"
application_profile_id application profile identifier

The application profile defines the application protocol characteristics.
It is used to influence how load balancing is performed. Currently,
LbFastTCPProfile, LbFastUDPProfile and
LbHttpProfile, etc are supported.
string Required
client_ssl_profile_binding Virtual server side SSL binding setting

The setting is used when load balancer acts as an SSL server and
terminating the client SSL connection
ClientSslProfileBinding
client_tcp_profile_id Identifier of client side TCP profile

Only L7 virtual server could be configured with customized client
side TCP profile.
string
default_pool_member_port Default pool member port when member port is not defined.

This is a deprecated property, please use 'default_pool_member_ports'
instead.
If default_pool_member_port is configured and default_pool_member_ports
are not specified, both default_pool_member_port
and default_pool_member_ports in response payload would return the same
port value.
If both are specified, default_pool_member_ports setting would take
effect with higher priority.
PortElement Deprecated
default_pool_member_ports Default pool member ports when member port is not defined.

If default_pool_member_ports are configured, both
default_pool_member_port and default_pool_member_ports in the response
payload would include port settings, notice that the value of
default_pool_member_port is the first element of
default_pool_member_ports.
array of PortElement Maximum items: 14
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled whether the virtual server is enabled boolean Default: "True"
id Unique identifier of this resource string Sortable
ip_address virtual server IP address IPAddress Required
ip_protocol virtual server IP protocol

Assigned Internet Protocol in IP header, TCP, UDP are supported.
VirtualServerIpProtocol Default: "TCP"
max_concurrent_connections maximum concurrent connection number

To ensure one virtual server does not over consume resources,
affecting other applications hosted on the same LBS, connections
to a virtual server can be capped.
If it is not specified, it means that connections are unlimited.
integer Minimum: 1
Maximum: 2147483647
max_new_connection_rate maximum new connection rate in second

To ensure one virtual server does not over consume resources,
connections to a member can be rate limited.
If it is not specified, it means that connection rate is unlimited.
integer Minimum: 1
Maximum: 2147483647
persistence_profile_id persistence profile identifier

Persistence profile is used to allow related client connections to be
sent to the same backend server.
string
pool_id default server pool identifier

The server pool(LbPool) contains backend servers. Server pool
consists of one or more servers, also referred to as pool members, that
are similarly configured and are running the same application.
string
port Virtual server port number or port range

This is a deprecated property, please use 'ports' instead.
Port setting could be single port for both L7 mode and L4 mode.
For L4 mode, a single port range is also supported.
The port setting could be a single port or port range such as
"80", "1234-1236".
If port is configured and ports are not specified, both port and
ports in response payload would return the same port value.
If both port and ports are configured, ports setting would take effect
with higher priority.
PortElement Deprecated
ports Virtual server ports or port ranges

Port setting could be a single port for both L7 mode and L4 mode.
For L4 mode, multiple ports or port ranges are also supported such
as "80", "443", "1234-1236".
If ports is configured, both port and ports in the response payload
would include port settings, notice that the port field value is the
first element of ports.
array of PortElement Maximum items: 14
resource_type Must be set to the value LbVirtualServer string
rule_ids List of load balancer rule identifiers

Load balancer rules allow customization of load balancing behavior using
match/action rules. Currently, load balancer rules are supported for
only layer 7 virtual servers with LbHttpProfile.
array of string Maximum items: 512
server_ssl_profile_binding Pool side SSL binding setting

The setting is used when load balancer acts as an SSL client and
establishing a connection to the backend server.
ServerSslProfileBinding
server_tcp_profile_id Identifier of server side TCP profile

Only L7 virtual server could be configured with customized server
side TCP profile.
string
sorry_pool_id Identifier of sorry server pool

When load balancer can not select a backend server to serve the
request in default pool or pool in rules, the request would be served
by sorry server pool.
string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LbVirtualServerDeleteParameters (schema)

Name Description Type Notes
delete_associated_rules Delete associated rules

If this is set to true, the associated rules are also deleted when
virtual server is deleted if the rules are not used by other virtual
servers.
boolean Default: "False"

LbVirtualServerListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results paginated list of virtual servers array of LbVirtualServer Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LbVirtualServerStatistics (schema)

Name Description Type Notes
last_update_timestamp Timestamp when the data was last updated EpochMsTimestamp
statistics Virtual server statistics counter LbStatisticsCounter Required
virtual_server_id load balancer virtual server identifier string Required

LbVirtualServerStatisticsListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results paginated statistics list of virtual servers array of LbVirtualServerStatistics Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LbVirtualServerStatus (schema)

Name Description Type Notes
last_update_timestamp Timestamp when the data was last updated. EpochMsTimestamp
status Virtual server status

UP means that all primary members in default pool are in UP status.
For L7 virtual server, if there is no default pool, the virtual server
would be treated as UP.
PARTIALLY_UP means that some(not all) primary members in default pool
are in UP status. The size of these active primary members should be
larger than or equal to the certain number(min_active_members) which is
defined in LbPool. When there are no backup members which are in the UP
status, the number(min_active_members) would be ignored.
PRIMARY_DOWN means that less than certain(min_active_members) primary
members in default pool are in UP status but backup members are in UP
status, the connections would be dispatched to backup members.
DOWN means that all primary and backup members are in DOWN status.
DETACHED means that the virtual server is not bound to any service.
DISABLED means that the admin state of the virtual server is disabled.
UNKNOWN means that no status reported from transport-nodes. The
associated load balancer service may be working(or not working).
string Enum: UP, PARTIALLY_UP, PRIMARY_DOWN, DOWN, DETACHED, DISABLED, UNKNOWN
virtual_server_id load balancer virtual server identifier string Required

LbVirtualServerStatusListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results paginated status list of virtual servers array of LbVirtualServerStatus Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LbVirtualServerWithRule (schema)

Name Description Type Notes
rules Associated load balancer rules

It is used to add rules, update rules and bind rules to the virtual
server.
To add new rules, make sure that the rules have no identifier
specified, the new rules are automatically generated and associated to
the virtual server.
If the virtual server need to consume some existed rules without
change, those rules should not be specified in the list, otherwise,
the rules are updated.
For update_with_rules action, it supports rules delete and update.
To delete old rules, the rules should not be configured in new action,
the UUID of deleted rules should be removed from rule_ids.
To update rules, the rules should be specified with new change and
configured with identifier.
If there are some rules which are not modified, those rule should not
be specified in the rules list, the UUID list of rules should be
specified in rule_ids of LbVirtualServer.
array of LbRule
virtual_server Virtual server configuration

If rules need to be associated to the virtual server, please set rules
properties of LbVirtualServerWithRule with rule list configuration.
For the rules which are not modified but associated to the virtual
server, the rule UUID list should be specified in rule_ids property of
LbVirtualServer and the associated rules should not be specified in
rules of LbVirtualServerWithRule.
LbVirtualServer Required

Legend (schema)

Legend for the widget

Represents legend that describes the entities of the widget.

Name Description Type Notes
alignment Alignment of the legend

Describes the alignment of legend. Alignment of a legend denotes how individual items of the legend are aligned in a container. For example, if VERTICAL is chosen then the items of the legend will appear one below the other and if HORIZONTAL is chosen then the items will appear side by side.		 string Enum: HORIZONTAL, VERTICAL
Default: "VERTICAL"
display_count Show count of entities in the legend

If set to true, it will display the counts in legend. If set to false, counts of entities are not displayed in the legend.		 boolean Default: "True"
position Placement of legend

Describes the relative placement of legend. The legend of a widget can be placed either to the TOP or BOTTOM or LEFT or RIGHT relative to the widget. For example, if RIGHT is chosen then legend is placed to the right of the widget.		 string Enum: TOP, BOTTOM, LEFT, RIGHT, TOP_RIGHT
Default: "RIGHT"
type Type of the legend

Describes the render type for the legend. The legend for an entity describes the entity in the widget. The supported legend type is a circle against which the entity's details such as display_name are shown. The color of the circle denotes the color of the entity shown inside the widget.		 string Enum: CIRCLE
Default: "CIRCLE"

License (schema)

license properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
capacity_type license metric

License metrics specifying the capacity type of license key.
Types are:
- VM
- CPU
- USER(Concurrent User)
string Readonly
Enum: VM, CPU, USER
description license edition string Readonly
expiry date that license expires EpochMsTimestamp Readonly
features semicolon delimited feature list string Readonly
is_eval true for evalution license boolean Readonly
is_expired whether the license has expired boolean Readonly
is_mh multi-hypervisor support boolean Readonly
license_key license key string Required
Pattern: "^[A-Z0-9]{5}-[A-Z0-9]{5}-[A-Z0-9]{5}-[A-Z0-9]{5}-[A-Z0-9]{5}$"
product_name product name string Readonly
product_version product version string Readonly
quantity license capacity; 0 for unlimited integer Readonly

LicensesListResult (schema)

Licenses queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Licenses Results array of License Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ListByNodeIdParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType
transport_node_id TransportNode Id string

ListByOptionalNodeIdParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType
transport_node_id Transport node id string

ListByRequiredNodeIdParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType
transport_node_id TransportNode Id string Required

ListCertParameter (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
details whether to expand the pem data and show all its details boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
type Type of certificate to return

Provide this parameter to limit the list of returned certificates to those matching a particular usage.
Passing cluster_certificate will return the certificate used for the cluster wide API service.
string Enum: cluster_api_certificate

ListRequestParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ListResult (schema)

Base class for list results from collections

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ListResultQueryParameters (schema)

Parameters that affect how list results are processed

Name Description Type Notes
fields Fields to include in query results

Comma-separated field names to include in query result		 string

ListWithDataSourceParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType

LldpHostSwitchProfile (schema)

Host Switch for LLDP

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
required_capabilities array of string Readonly
resource_type Must be set to the value LldpHostSwitchProfile HostSwitchProfileType Required
send_enabled Enabled or disabled sending LLDP packets boolean Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LoadBalancerAllocationPool (schema)

Name Description Type Notes
allocation_pool_type Must be set to the value LoadBalancerAllocationPool AllocationPoolType Required
allocation_size Size of load balancer service

To address varied customer performance and scalability requirements,
different sizes for load balancer service are supported: SMALL, MEDIUM
and LARGE, each with its own set of resource and performance. Specify
size of load balancer service which you will bind to TIER1 router.
string Required
Enum: SMALL, MEDIUM, LARGE
Default: "SMALL"

LocaleServices (schema)

Locale-services configuration

Site specific configuration of Tier0 in multi-site scenario

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
edge_cluster_path Edge cluster path

Policy path to edge cluster. Auto-assigned on Tier0 if associated
enforcement-point has only one edge cluster.
string
ha_vip_configs Array of HA VIP Config.

This configuration can be defined only for Active-Standby Tier0 gateway to provide redundancy. For mulitple external interfaces, multiple HA VIP configs must be defined and each config will pair exactly two external interfaces. The VIP will move and will always be owned by the Active node. When this property is configured, configuration of dynamic-routing is not allowed.		 array of Tier0HaVipConfig
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
preferred_edge_paths Edge node path

Policy paths to edge nodes. Specified edge is used as preferred edge
cluster member when failover mode is set to PREEMPTIVE, not
applicable otherwise.
array of string Maximum items: 2
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value LocaleServices string
route_redistribution_types Enable redistribution of different types of routes on Tier-0

Enable redistribution of different types of routes on Tier-0.
This property is only valid for locale-service under Tier-0.
array of Tier0RouteRedistributionTypes
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LocaleServicesListResult (schema)

Paged collection of LocaleServices

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results LocaleServices results array of LocaleServices Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LoggingServiceProperties (schema)

Service properties

Name Description Type Notes
logging_level Service logging level string Required
Enum: OFF, FATAL, ERROR, WARN, INFO, DEBUG, TRACE
package_logging_level Package logging levels array of PackageLoggingLevels

LogicalConstructMigrationStats (schema)

Migration Statistics for Logical Constructs

Contains migration related information about logical constructs

Name Description Type Notes
source_count Number of objects of source type

Number of objects of source type.		 string Readonly
source_type Type of the vSphere object

Type of the vSphere object (e.g. dvportgroup).		 string Readonly
target_count Number of objects of target type

Number of objects of target type.		 string Readonly
target_type Type of the Policy object

Type of the Policy object corresponding to the source type (e.g. Segment).		 string Readonly
vertical Functional area for the vSphere object

Functional area that this vSphere object falls into		 string Readonly

LogicalConstructMigrationStatsListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged collection of migration stats for logical constructs array of LogicalConstructMigrationStats Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LogicalDhcpServer (schema)

Logical DHCP server

Definition of a logical DHCP server which can be attached a logical switch
via a logical port.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
attached_logical_port_id Id of attached logical port

The uuid of the attached logical port. Read only.		 string Readonly
description Description of this resource string Maximum length: 1024
Sortable
dhcp_profile_id DHCP profile uuid

The DHCP profile uuid the logical DHCP server references.		 string Required
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ipv4_dhcp_server DHCP server for ipv4 addresses

The DHCP server for ipv4 addresses allocation service.		 IPv4DhcpServer Required
resource_type Must be set to the value LogicalDhcpServer string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LogicalDhcpServerListResult (schema)

A list of logical DHCP servers

A paginated list of logical DHCP servers.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of DHCP servers

A paginated list of logical DHCP servers.		 array of LogicalDhcpServer Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LogicalPort (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
address_bindings Address bindings for logical port

Each address binding must contain both an IPElement and MAC address.
VLAN ID is optional. This binding configuration can be used by
features such as spoof-guard and overrides any discovered bindings.
Any non unique entries are deduplicated to generate a unique set
of address bindings and then stored. For IPv6 addresses, a subnet
address cannot have host bits set. A maximum of 128 unique address
bindings is allowed per port.
array of PacketAddressClassifier Minimum items: 0
Maximum items: 512
admin_state Represents Desired state of the logical port string Required
Enum: UP, DOWN
attachment Logical port attachment LogicalPortAttachment
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
extra_configs Extra configs on logical port

This property could be used for vendor specific configuration in key value
string pairs. Logical port setting will override logical switch setting if
the same key was set on both logical switch and logical port.
array of ExtraConfig
id Unique identifier of this resource string Sortable
ignore_address_bindings Address bindings to be ignored by IP Discovery module

IP Discovery module uses various mechanisms to discover address
bindings being used on each port. If a user would like to ignore
any specific discovered address bindings or prevent the discovery
of a particular set of discovered bindings, then those address
bindings can be provided here. Currently IP range in CIDR format
is not supported.
array of PacketAddressClassifier Minimum items: 0
Maximum items: 16
init_state Initial state of this logical ports

Set initial state when a new logical port is created. 'UNBLOCKED_VLAN'
means new port will be unblocked on traffic in creation, also VLAN will
be set with corresponding logical switch setting. This port setting
can only be configured at port creation (POST), and cannot be modified.
LogicalPortInitState
logical_switch_id Id of the Logical switch that this port belongs to. string Required
resource_type Must be set to the value LogicalPort string
switching_profile_ids array of SwitchingProfileTypeIdEntry
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LogicalPortAttachment (schema)

Logical port attachment

Name Description Type Notes
attachment_type Type of attachment for logical port

Indicates the type of logical port attachment. By default it is Virtual Machine interface (VIF)		 AttachmentType Default: "VIF"
context Attachment context

Extra context data for the attachment		 AttachmentContext
(Abstract type: pass one of the following concrete types)
L2VpnAttachmentContext
VifAttachmentContext
id Identifier of the interface attached to the logical port string Required

LogicalPortDeleteParameters (schema)

Name Description Type Notes
detach force delete even if attached or referenced by a group

If this is set to true, then logical port is deleted
regardless of whether it has attachments, or it is added to
any NSGroup.
boolean Default: "False"

LogicalPortInitState (schema)

Supported initial state of logical port

Name Description Type Notes
LogicalPortInitState Supported initial state of logical port string Enum: UNBLOCKED_VLAN

LogicalPortListParameters (schema)

Logical port list parameters

Name Description Type Notes
attachment_id Logical Port attachment Id string
attachment_type Type of attachment for logical port; NONE means no attachment. AttachmentTypeQueryString
bridge_cluster_id Bridge Cluster identifier string
container_ports_only Only container VIF logical ports will be returned if true boolean Default: "False"
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
diagnostic Flag to enable showing of transit logical port. boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
logical_switch_id Logical Switch identifier string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
parent_vif_id ID of the VIF of type PARENT

Get logical ports that have CHILD VIF attachment of given
PARENT VIF.
string
sort_ascending boolean
sort_by Field by which records are sorted string
switching_profile_id Network Profile identifier string
transport_node_id Transport node identifier

Get logical ports on the transport node; it can not be given
together with other parameters except container_ports_only and
attachment_type VIF.
string
transport_zone_id Transport zone identifier string

LogicalPortListResult (schema)

Logical port queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results LogicalPort Results array of LogicalPort Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LogicalPortListWithSourceParameters (schema)

Logical Port list with data source parameters

Name Description Type Notes
attachment_id Logical Port attachment Id string
attachment_type Type of attachment for logical port; NONE means no attachment. AttachmentTypeQueryString
bridge_cluster_id Bridge Cluster identifier string
container_ports_only Only container VIF logical ports will be returned if true boolean Default: "False"
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
diagnostic Flag to enable showing of transit logical port. boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
logical_switch_id Logical Switch identifier string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
parent_vif_id ID of the VIF of type PARENT

Get logical ports that have CHILD VIF attachment of given
PARENT VIF.
string
sort_ascending boolean
sort_by Field by which records are sorted string
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType
switching_profile_id Network Profile identifier string
transport_node_id Transport node identifier

Get logical ports on the transport node; it can not be given
together with other parameters except container_ports_only and
attachment_type VIF.
string
transport_zone_id Transport zone identifier string

LogicalPortMacAddressCsvListResult (schema)

Name Description Type Notes
file_name File name

File name set by HTTP server if API returns CSV result as a file.		 string
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
results array of LogicalPortMacTableCsvEntry

LogicalPortMacAddressListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
logical_port_id The id of the logical port string Required
Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results array of LogicalPortMacTableEntry
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly
transport_node_id Transport node identifier string Readonly

LogicalPortMacTableCsvEntry (schema)

Name Description Type Notes
mac_address The MAC address string Required
mac_type The type of the MAC address MacAddressType Required

LogicalPortMacTableEntry (schema)

Name Description Type Notes
mac_address The MAC address string Required
mac_type The type of the MAC address MacAddressType Required

LogicalPortMirrorDestination (schema)

Name Description Type Notes
port_ids Destination logical port identifier list. array of string Required
Minimum items: 1
Maximum items: 3
resource_type Must be set to the value LogicalPortMirrorDestination MirrorDestinationResourceType Required

LogicalPortMirrorSource (schema)

Name Description Type Notes
port_ids Source logical port identifier list array of string Required
Minimum items: 1
resource_type Must be set to the value LogicalPortMirrorSource MirrorSourceResourceType Required

LogicalPortOperationalStatus (schema)

Name Description Type Notes
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
logical_port_id The id of the logical port string Required
Readonly
status The Operational status of the logical port string Required
Enum: UP, DOWN, UNKNOWN

LogicalPortState (schema)

Realized state of the logical port.

Contians realized state of the logical port. For example, transport node
on which the port is located, discovered and realized address bindings of
the logical port.

Name Description Type Notes
discovered_bindings Logical port bindings discovered automatically

Contains the list of address bindings for a logical port that were
automatically dicovered using various snooping methods like ARP, DHCP
etc.
array of AddressBindingEntry
duplicate_bindings Duplicate logical port address bindings

If any address binding discovered on the port is also found on
other port on the same logical switch, then it is included in
the duplicate bindings list along with the ID of the port with
which it conflicts.
array of DuplicateAddressBindingEntry
id Id of the logical port string Required
realized_bindings Realized logical port bindings

List of logical port bindings that are realized. This list may be
populated from the discovered bindings or manual user specified bindings.
This binding configuration can be used by features such as firewall,
spoof-guard, traceflow etc.
array of AddressBindingEntry
transport_node_ids Identifiers of the transport node where the port is located array of string

LogicalPortStatistics (schema)

Name Description Type Notes
dropped_by_security_packets PacketsDroppedBySecurity Readonly
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
logical_port_id The id of the logical port string Required
Readonly
mac_learning MacLearningCounters Readonly
rx_bytes DataCounter Readonly
rx_packets DataCounter Readonly
tx_bytes DataCounter Readonly
tx_packets DataCounter Readonly

LogicalPortStatusSummary (schema)

Name Description Type Notes
filters The filters used to find the logical ports- TransportZone id, LogicalSwitch id or LogicalSwitchProfile id array of Filter
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
total_ports The total number of logical ports. integer Required
up_ports The number of logical ports whose Operational status is UP integer Required

LogicalRouter (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
advanced_config Logical Router Configuration

Contains config properties for tier0 routers		 LogicalRouterConfig
allocation_profile Edge Cluster Member Allocation Profile

Configurations options to auto allocate edge cluster members for
logical router. Auto allocation is supported only for TIER1 and pick
least utilized member post current assignment for next allocation.
EdgeClusterMemberAllocationProfile
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
edge_cluster_id Identifier of the edge cluster for this Logical Router

Used for tier0 routers		 string
edge_cluster_member_indices Member indices of the edge node on the cluster

For stateful services, the logical router should be associated with
edge cluster. For TIER 1 logical router, for manual placement of
service router within the cluster, edge cluster member indices needs
to be provided else same will be auto-allocated. You can provide
maximum two indices for HA ACTIVE_STANDBY. For TIER0 logical router
this property is no use and placement is derived from logical router
uplink or loopback port.
array of integer
failover_mode Failover mode for active-standby logical router instances.

Determines the behavior when a logical router instance restarts after
a failure. If set to PREEMPTIVE, the preferred node will take over,
even if it causes another failure. If set to NON_PREEMPTIVE, then the
instance that restarted will remain secondary.
This property must not be populated unless the high_availability_mode property
is set to ACTIVE_STANDBY.
If high_availability_mode property is set to ACTIVE_STANDBY and this property
is not specified then default will be NON_PREEMPTIVE.
string Enum: PREEMPTIVE, NON_PREEMPTIVE
firewall_sections LR Firewall Section References

List of Firewall sections related to Logical Router.		 array of ResourceReference Readonly
high_availability_mode High availability mode string Enum: ACTIVE_ACTIVE, ACTIVE_STANDBY
id Unique identifier of this resource string Sortable
ipv6_profiles IPv6 Profiles

IPv6Profiles captures IPv6 NDRA Profile and DAD Profile
id associated with the logical router.
IPv6Profiles
preferred_edge_cluster_member_index Preferred edge cluster member index

Preferred edge cluster member index which is required
for PREEMPTIVE failover mode. Used for Tier0 routers only.
integer Minimum: 0
resource_type Must be set to the value LogicalRouter string
router_type Type of Logical Router string Required
Enum: TIER0, TIER1
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LogicalRouterCentralizedServicePort (schema)

Port to connect VLAN based network or overlay logical switch

This port can be configured on both TIER0 and TIER1 logical router.
Port can be connected to VLAN or overlay logical switch.
Unlike downlink port it does not participate in distributed routing and
hosted on all edge cluster members associated with logical router.
Stateful services can be applied on this port.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enable_netx Port is exclusively used for N-S service insertion boolean Default: "False"
id Unique identifier of this resource string Sortable
linked_logical_switch_port_id Reference to the logical switch port to connect to ResourceReference
logical_router_id Identifier for logical router on which this port is created string Required
mtu Maximum transmission unit (MTU)

Maximum transmission unit specifies the size of the largest packet that
a network protocol can transmit. If not specified, the global logical
MTU set in the /api/v1/global-configs/RoutingGlobalConfig API will be
used.
integer Minimum: 64
ndra_profile_id Identifier for NDRA profile on the port

Identifier of Neighbor Discovery Router Advertisement profile
associated with port. When NDRA profile id is associated at
both the port level and logical router level, the profile id
specified at port level takes the precedence.
string
resource_type Must be set to the value LogicalRouterCentralizedServicePort LogicalRouterPortResourceType Required
service_bindings Service Bindings array of ServiceBinding
subnets Logical router port subnets array of IPSubnet Required
Minimum items: 1
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
urpf_mode Unicast Reverse Path Forwarding mode UrpfMode Default: "STRICT"

LogicalRouterConfig (schema)

Logical router config

Logical router configuration parameters.

Name Description Type Notes
external_transit_networks CIDR block defining Tier0 to Tier1 links

CIDR block defining addresses for Tier0 to Tier1 links.
If the value for this field is not provided, then it will be
considered as default IPv4 CIDR "100.64.0.0/16"
array of IPCIDRBlock
ha_vip_configs Array of HA VIP Config.

This configuration can be defined only for Active-Standby LogicalRouter to provide | redundancy. For mulitple uplink ports, multiple HaVipConfigs must be defined | and each config will pair exactly two uplink ports. The VIP will move and will | always be owned by the Active node. Note - when HaVipConfig[s] are defined, | configuring dynamic-routing is disallowed.		 array of HaVipConfig
internal_transit_network CIDR block defining SR to DR links

CIDR block defining service router to distributed router links.
If the value for this field is not provided, then it will be
considered as default IPv4 CIDR-
"169.254.0.0/28" for logical router with ACTIVE_STANDBY HA mode
"169.254.0.0/24" for logical router with ACTIVE_ACTIVE HA mode
IPv4CIDRBlock
transport_zone_id Transport Zone Identifier

Transport zone of the logical router. If specified then all downlink switches should belong to this transport zone and an error will be thrown if transport zone of the downlink switch doesn't match with this transport zone. All internal and external transit switches will be created in this transport zone.		 string

LogicalRouterDeleteRequestParameters (schema)

LogicalRouter delete request parameters

Name Description Type Notes
cascade_delete_linked_ports Flag to specify whether to delete related logical switch ports

When the flag is true, connected logical switch ports which are associated | with the logical router ports will be deleted. Additionally, for Tier1 LR, the associated | Tier 0 router link port will also be deleted. Note that this flag is active only when "force" | parameter is also set to true.		 boolean Default: "False"
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"

LogicalRouterDownLinkPort (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
linked_logical_switch_port_id Reference to the logical switch port to connect to ResourceReference
logical_router_id Identifier for logical router on which this port is created string Required
mac_address MAC address

MAC address		 string Readonly
ndra_profile_id Identifier for NDRA profile on the port

Identifier of Neighbor Discovery Router Advertisement profile
associated with port. When NDRA profile id is associated at
both the port level and logical router level, the profile id
specified at port level takes the precedence.
string
resource_type Must be set to the value LogicalRouterDownLinkPort LogicalRouterPortResourceType Required
service_bindings Service Bindings array of ServiceBinding
subnets Logical router port subnets array of IPSubnet Required
Minimum items: 1
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
urpf_mode Unicast Reverse Path Forwarding mode UrpfMode Default: "STRICT"

LogicalRouterFIBListRequestParameters (schema)

Logical Router FIB List Request Parameters

Filter parameters for filtering routes from FIB depending on
provided properties.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
network_prefix Network address filter parameter

CIDR network address to filter the the FIB table.		 IPCIDRBlock
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType
transport_node_id TransportNode Id string Required

LogicalRouterFIBRequestParameters (schema)

Logical Router FIB Request Parameters

Filter parameters for filtering routes from FIB depending on
provided properties.

Name Description Type Notes
network_prefix Network address filter parameter

CIDR network address to filter the the FIB table.		 IPCIDRBlock
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType
transport_node_id TransportNode Id string Required

LogicalRouterIPTunnelPort (schema)

Logical router IP tunnel port

Logical router IP tunnel port.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
admin_state Admin state of port

Admin state of port.		 string Readonly
Enum: UP, DOWN
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
logical_router_id Identifier for logical router on which this port is created string Required
resource_type Must be set to the value LogicalRouterIPTunnelPort LogicalRouterPortResourceType Required
service_bindings Service Bindings array of ServiceBinding
subnets Tunnel port subnets

Tunnel port subnets.		 array of IPSubnet Required
Readonly
Minimum items: 1
Maximum items: 1
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
vpn_session_id VPN session identifier

Associated VPN session identifier.		 string Readonly

LogicalRouterLinkPortOnTIER0 (schema)

Port to connect the LogicalRouterLinkPortOnTIER1 of TIER1 logical router to

This port can be configured only on a TIER0 LogicalRouter.
Create an empty port to generate an id.
Use this id in the linked_logical_router_port_id on
LogicalRouterLinkPortOnTIER1 on TIER1 logical router.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
linked_logical_router_port_id Identifier of connected LogicalRouterLinkPortOnTIER1

Identifier of connected LogicalRouterLinkPortOnTIER1 of TIER1 logical router		 string Readonly
logical_router_id Identifier for logical router on which this port is created string Required
mac_address MAC address

MAC address		 string Readonly
resource_type Must be set to the value LogicalRouterLinkPortOnTIER0 LogicalRouterPortResourceType Required
service_bindings Service Bindings array of ServiceBinding
subnets Logical router port subnets array of IPSubnet Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LogicalRouterLinkPortOnTIER1 (schema)

Port to connect the TIER1 logical router to TIER0 logical router

This port can be configured only on a TIER1 LogicalRouter.
Use the id of the LogicalRouterLinkPortOnTIER0 from TIER0 logical router to set
the linked_logical_router_port_id on the port on TIER1 logical router.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
edge_cluster_member_index Member index of the edge node on the cluster

Please use logical router API to pass edge cluster members indexes manually.
array of integer Deprecated
id Unique identifier of this resource string Sortable
linked_logical_router_port_id Reference of TIER0 port to connect the TIER1 to.

Reference of LogicalRouterLinkPortOnTIER0 of TIER0 logical router to connect this TIER1 logical router outwards.
ResourceReference
logical_router_id Identifier for logical router on which this port is created string Required
mac_address MAC address

MAC address		 string Readonly
resource_type Must be set to the value LogicalRouterLinkPortOnTIER1 LogicalRouterPortResourceType Required
service_bindings Service Bindings array of ServiceBinding
subnets Logical router port subnets array of IPSubnet Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LogicalRouterListParameters (schema)

Logical Router list parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
router_type Type of Logical Router string Enum: TIER0, TIER1
sort_ascending boolean
sort_by Field by which records are sorted string

LogicalRouterListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Logical router list results array of LogicalRouter Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LogicalRouterLoopbackPort (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
edge_cluster_member_index Member index of the edge node on the cluster array of integer Required
id Unique identifier of this resource string Sortable
logical_router_id Identifier for logical router on which this port is created string Required
resource_type Must be set to the value LogicalRouterLoopbackPort LogicalRouterPortResourceType Required
service_bindings Service Bindings array of ServiceBinding
subnets Loopback port subnets array of IPSubnet Required
Minimum items: 1
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LogicalRouterPort (schema)

This is an abstract type. Concrete child types:
LogicalRouterCentralizedServicePort
LogicalRouterDownLinkPort
LogicalRouterLinkPortOnTIER0
LogicalRouterLinkPortOnTIER1
LogicalRouterLoopbackPort
LogicalRouterUpLinkPort

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
logical_router_id Identifier for logical router on which this port is created string Required
resource_type Must be set to the value LogicalRouterPort LogicalRouterPortResourceType Required
service_bindings Service Bindings array of ServiceBinding
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

LogicalRouterPortArpCsvRecord (schema)

Name Description Type Notes
ip The IP address IPAddress Required
mac_address The MAC address string Required

LogicalRouterPortArpEntry (schema)

Name Description Type Notes
ip The IP address IPAddress Required
mac_address The MAC address string Required

LogicalRouterPortArpTable (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
logical_router_port_id The ID of the logical router port string Required
result_count Count of results found (across all pages), set only on first page integer Readonly
results array of LogicalRouterPortArpEntry
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LogicalRouterPortArpTableInCsvFormat (schema)

Name Description Type Notes
file_name File name

File name set by HTTP server if API returns CSV result as a file.		 string
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
results array of LogicalRouterPortArpCsvRecord

LogicalRouterPortCounters (schema)

Name Description Type Notes
dropped_packets The number of dropped packets integer
total_bytes The total number of bytes integer
total_packets The total number of packets integer

LogicalRouterPortDeleteRequestParameters (schema)

LogicalRouterPort delete request parameters

Name Description Type Notes
cascade_delete_linked_ports Flag to specify whether to delete related logical switch ports

When the flag is true, the logical switch port or T0 router link port | associated with this logical router port is also deleted. This flag works independent | of the "force" parameter sent in request.		 boolean Default: "False"
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"

LogicalRouterPortListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Logical router port list results array of LogicalRouterPort
(Abstract type: pass one of the following concrete types)
LogicalRouterCentralizedServicePort
LogicalRouterDownLinkPort
LogicalRouterLinkPortOnTIER0
LogicalRouterLinkPortOnTIER1
LogicalRouterLoopbackPort
LogicalRouterUpLinkPort		 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LogicalRouterPortResourceType (schema)

Resource types of logical router port

LogicalRouterUpLinkPort is allowed only on TIER0 logical router.
It is the north facing port of the logical router.
LogicalRouterLinkPortOnTIER0 is allowed only on TIER0 logical router.
This is the port where the LogicalRouterLinkPortOnTIER1 of TIER1 logical router connects to.
LogicalRouterLinkPortOnTIER1 is allowed only on TIER1 logical router.
This is the port using which the user connected to TIER1 logical router for upwards connectivity via TIER0 logical router.
Connect this port to the LogicalRouterLinkPortOnTIER0 of the TIER0 logical router.
LogicalRouterDownLinkPort is for the connected subnets on the logical router.
LogicalRouterLoopbackPort is a loopback port for logical router component
which is placed on chosen edge cluster member.
LogicalRouterIPTunnelPort is a IPSec VPN tunnel port created on
logical router when route based VPN session configured.
LogicalRouterCentralizedServicePort is allowed only on Active/Standby TIER0 and TIER1
logical router. Port can be connected to VLAN or overlay logical switch.
Unlike downlink port it does not participate in distributed routing and hosted
on all edge cluster members associated with logical router.
Stateful services can be applied on this port.

Name Description Type Notes
LogicalRouterPortResourceType Resource types of logical router port

LogicalRouterUpLinkPort is allowed only on TIER0 logical router.
It is the north facing port of the logical router.
LogicalRouterLinkPortOnTIER0 is allowed only on TIER0 logical router.
This is the port where the LogicalRouterLinkPortOnTIER1 of TIER1 logical router connects to.
LogicalRouterLinkPortOnTIER1 is allowed only on TIER1 logical router.
This is the port using which the user connected to TIER1 logical router for upwards connectivity via TIER0 logical router.
Connect this port to the LogicalRouterLinkPortOnTIER0 of the TIER0 logical router.
LogicalRouterDownLinkPort is for the connected subnets on the logical router.
LogicalRouterLoopbackPort is a loopback port for logical router component
which is placed on chosen edge cluster member.
LogicalRouterIPTunnelPort is a IPSec VPN tunnel port created on
logical router when route based VPN session configured.
LogicalRouterCentralizedServicePort is allowed only on Active/Standby TIER0 and TIER1
logical router. Port can be connected to VLAN or overlay logical switch.
Unlike downlink port it does not participate in distributed routing and hosted
on all edge cluster members associated with logical router.
Stateful services can be applied on this port.
string Enum: LogicalRouterUpLinkPort, LogicalRouterDownLinkPort, LogicalRouterLinkPortOnTIER0, LogicalRouterLinkPortOnTIER1, LogicalRouterLoopbackPort, LogicalRouterIPTunnelPort, LogicalRouterCentralizedServicePort

LogicalRouterPortState (schema)

Name Description Type Notes
details Array of configuration state of various sub systems array of ConfigurationStateElement Readonly
failure_code Error code integer Readonly
failure_message Error message in case of failure string Readonly
ipv6_dad_statuses DAD Status

Array of DAD status which contains DAD information for IP addresses
on the port.
array of IPv6DADStatus Readonly
state Overall state of desired configuration

Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.		 string Required
Readonly
Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED

LogicalRouterPortStatistics (schema)

Name Description Type Notes
logical_router_port_id The ID of the logical router port string Required
per_node_statistics Per Node Statistics array of LogicalRouterPortStatisticsPerNode Readonly

LogicalRouterPortStatisticsPerNode (schema)

Name Description Type Notes
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
rx LogicalRouterPortCounters Readonly
transport_node_id The ID of the TransportNode string Required
Readonly
tx LogicalRouterPortCounters Readonly

LogicalRouterPortStatisticsSummary (schema)

Name Description Type Notes
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
logical_router_port_id The ID of the logical router port string Required
rx LogicalRouterPortCounters Readonly
tx LogicalRouterPortCounters Readonly

LogicalRouterPortsListParameters (schema)

Logical Router Ports list parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
logical_router_id Logical Router identifier string
logical_switch_id Logical Switch identifier string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
resource_type Resource Type LogicalRouterPortResourceType
sort_ascending boolean
sort_by Field by which records are sorted string

LogicalRouterRIBListRequestParameters (schema)

Logical Router RIB List Request Parameters

Filter parameters for filtering routes from RIB depending
on provided properties

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
network_prefix Network address filter parameter

CIDR network address to filter the RIB table.		 IPCIDRBlock
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
route_source Route source filter parameter

To filter the RIB table based on the source from which route
is learned.
string Enum: BGP, STATIC, CONNECTED
sort_ascending boolean
sort_by Field by which records are sorted string
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType
transport_node_id TransportNode Id string Required

LogicalRouterRIBRequestParameters (schema)

Logical Router RIB Request Parameters

Filter parameters for filtering routes from RIB depending on
provided properties.

Name Description Type Notes
network_prefix Network address filter parameter

CIDR network address to filter the the RIB table		 IPCIDRBlock
route_source Route source filter parameter

To filter the RIB table based on the source from which route
is learned.
string Enum: BGP, STATIC, CONNECTED
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType
transport_node_id TransportNode Id string Required

LogicalRouterRouteCsvRecord (schema)

Name Description Type Notes
admin_distance The admin distance of the next hop integer
logical_router_port_id The id of the logical router port which is used as the next hop string
lr_component_id Logical router component(Service Router/Distributed Router) id string
lr_component_type Logical router component(Service Router/Distributed Router) type string
network CIDR network address IPCIDRBlock Required
next_hop The IP of the next hop IPAddress
route_type Route type (USER, CONNECTED, NSX_INTERNAL,..) string Required

LogicalRouterRouteEntry (schema)

Name Description Type Notes
admin_distance The admin distance of the next hop integer
logical_router_port_id The id of the logical router port which is used as the next hop string
lr_component_id Logical router component(Service Router/Distributed Router) id string
lr_component_type Logical router component(Service Router/Distributed Router) type string
network CIDR network address IPCIDRBlock Required
next_hop The IP address of the next hop IPAddress
route_type Route type (USER, CONNECTED, NSX_INTERNAL,..) string Required

LogicalRouterRouteTable (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
logical_router_id The id of the logical router string Required
logical_router_name Name of the logical router string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results array of LogicalRouterRouteEntry
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LogicalRouterRouteTableInCsvFormat (schema)

Name Description Type Notes
file_name File name

File name set by HTTP server if API returns CSV result as a file.		 string
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
results array of LogicalRouterRouteCsvRecord

LogicalRouterState (schema)

Name Description Type Notes
details Array of configuration state of various sub systems array of ConfigurationStateElement Readonly
failure_code Error code integer Readonly
failure_message Error message in case of failure string Readonly
state Overall state of desired configuration

Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.		 string Required
Readonly
Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED

LogicalRouterStatus (schema)

Name Description Type Notes
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
logical_router_id The id of the logical router string Required
per_node_status Per Node Status array of LogicalRouterStatusPerNode Readonly

LogicalRouterStatusPerNode (schema)

Name Description Type Notes
high_availability_status A service router's HA status on an edge node string Required
Enum: ACTIVE, STANDBY, DOWN, SYNC, UNKNOWN
service_router_id id of the service router where the router status is retrieved. string
transport_node_id id of the transport node where the router status is retrieved. string Required

LogicalRouterUpLinkPort (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
edge_cluster_member_index Member index of the edge node on the cluster array of integer Required
id Unique identifier of this resource string Sortable
linked_logical_switch_port_id Reference to the logical switch port to connect to ResourceReference
logical_router_id Identifier for logical router on which this port is created string Required
mac_address MAC address

MAC address		 string Readonly
mtu Maximum transmission unit (MTU)

Maximum transmission unit specifies the size of the largest packet that
a network protocol can transmit. If not specified, the global logical
MTU set in the /api/v1/global-configs/RoutingGlobalConfig API will be
used.
integer Minimum: 64
ndra_prefix_config Configuration to override the neighbor discovery router advertisement
prefix time parameters at the subnet level. Note that users are allowed
to override the prefix time only for IPv6 subnets which are configured
on the port.
array of NDRAPrefixConfig
ndra_profile_id Identifier for NDRA profile on the port

Identifier of Neighbor Discovery Router Advertisement profile
associated with port. When NDRA profile id is associated at
both the port level and logical router level, the profile id
specified at port level takes the precedence.
string
resource_type Must be set to the value LogicalRouterUpLinkPort LogicalRouterPortResourceType Required
service_bindings Service Bindings array of ServiceBinding
subnets Logical router port subnets array of IPSubnet Required
Minimum items: 1
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
urpf_mode Unicast Reverse Path Forwarding mode UrpfMode Default: "STRICT"

LogicalServiceRouterClusterState (schema)

Name Description Type Notes
details Array of configuration state of various sub systems array of ConfigurationStateElement Readonly
failure_code Error code integer Readonly
failure_message Error message in case of failure string Readonly
state Overall state of desired configuration

Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.		 string Required
Readonly
Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED

LogicalSwitch (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
address_bindings Address bindings for the Logical switch array of PacketAddressClassifier Minimum items: 0
Maximum items: 100
admin_state Represents Desired state of the Logical Switch string Required
Enum: UP, DOWN
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
extra_configs Extra configs on logical switch

This property could be used for vendor specific configuration in key value
string pairs, the setting in extra_configs will be automatically inheritted
by logical ports in the logical switch.
array of ExtraConfig
hybrid Flag to identify a hybrid logical switch

If this flag is set to true, then all the logical switch ports attached to
this logical switch will behave in a hybrid fashion. The hybrid logical switch port
indicates to NSX that the VM intends to operate in underlay mode,
but retains the ability to forward egress traffic to the NSX overlay network.
This flag can be enabled only for the logical switches in the overlay type transport zone which has
host switch mode as STANDARD and also has either CrossCloud or CloudScope tag scopes.
Only the NSX public cloud gateway (PCG) uses this flag, other host agents like ESX, KVM and Edge
will ignore it. This property cannot be modified once the logical switch is created.
boolean Default: "False"
id Unique identifier of this resource string Sortable
ip_pool_id Allocation ip pool associated with the Logical switch

IP pool id that associated with a LogicalSwitch.		 string
mac_pool_id Allocation mac pool associated with the Logical switch

Mac pool id that associated with a LogicalSwitch.		 string
replication_mode Replication mode of the Logical Switch string Enum: MTEP, SOURCE
resource_type Must be set to the value LogicalSwitch string
switch_type Type of LogicalSwitch.

This field indicates purpose of a LogicalSwitch. It is set by manager internally
or user can provide this field. If not set, DEFAULT type is assigned.
NSX components can use this field to create LogicalSwitch that provides component
specific functionality.
DEFAULT type LogicalSwitches are created for basic L2 connectivity by API users.
SERVICE_PLANE type LogicalSwitches are system created service plane LogicalSwitches for
Service Insertion service. User can not create SERVICE_PLANE type of LogicalSwitch.
DHCP_RELAY type LogicalSwitches are created by external user like Policy with special
permissions or by system and will be treated as internal LogicalSwitches. Such
LogicalSwitch will not be exposed to vSphere user.
string Enum: DEFAULT, SERVICE_PLANE, DHCP_RELAY
switching_profile_ids array of SwitchingProfileTypeIdEntry
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_zone_id Id of the TransportZone to which this LogicalSwitch is associated string Required
uplink_teaming_policy_name The name of the switching uplink teaming policy for the logical switch

This name has to be one of the switching uplink teaming policy names listed inside the logical switch's TransportZone. If this field is not specified, the logical switch will not have a teaming policy associated with it and the host switch's default teaming policy will be used.		 string
vlan VLAN Id of logical switch

This property is dedicated to VLAN based network, to set VLAN of logical
network. It is mutually exclusive with 'vlan_trunk_spec'.
VlanID
vlan_trunk_spec VLAN trunk spec of logical switch

This property is used for VLAN trunk specification of logical switch.
It's mutually exclusive with 'vlan'. Also it could be set to do guest VLAN
tagging in overlay network.
VlanTrunkSpec
vni VNI for this LogicalSwitch.

Only for OVERLAY network. A VNI will be auto-allocated from the
default VNI pool if not given; otherwise the given VNI has to be
inside the default pool and not used by any other LogicalSwitch.
int

LogicalSwitchDeleteParameters (schema)

Name Description Type Notes
cascade Delete a Logical Switch and all the logical ports in it, if none of the logical ports have any attachment. boolean Default: "False"
detach Force delete a logical switch

If this is set to true, then logical switch is deleted
regardless of whether or not it is added to NSGroup.
If cascade is set to true in the meantime, then logical
switch and all logical ports are deleted regardless of
whether any logical port in this switch has attachments.
boolean Default: "False"

LogicalSwitchInfo (schema)

Name Description Type Notes
instances_count Number of instances on this logical switch integer Readonly
is_default_logical_switch Flag to identify if this is the default logical switch boolean Readonly
logical_switch_display_name Name of the logical switch string Readonly
logical_switch_id ID of the logical switch string Readonly
nsx_switch_tag This tag is applied on cloud compute resource to be attached to this logical switch string Readonly

LogicalSwitchListParameters (schema)

Logical Switch list parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
diagnostic Flag to enable showing of transit logical switch. boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
switching_profile_id Switching Profile identifier string
transport_type Mode of transport supported in the transport zone for this logical switch TransportType
transport_zone_id Transport zone identifier string
uplink_teaming_policy_name The logical switch's uplink teaming policy name string
vlan Return VLAN logical switches whose "vlan" field matches this value VlanID
vni VNI of the OVERLAY LogicalSwitch(es) to return. int

LogicalSwitchListResult (schema)

Logical Switch queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Logical Switch Results array of LogicalSwitch Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LogicalSwitchListWithSourceParameters (schema)

Logical Switch list with data source parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
diagnostic Flag to enable showing of transit logical switch. boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType
switching_profile_id Switching Profile identifier string
transport_type Mode of transport supported in the transport zone for this logical switch TransportType
transport_zone_id Transport zone identifier string
uplink_teaming_policy_name The logical switch's uplink teaming policy name string
vlan Return VLAN logical switches whose "vlan" field matches this value VlanID
vni VNI of the OVERLAY LogicalSwitch(es) to return. int

LogicalSwitchMirrorSource (schema)

Name Description Type Notes
resource_type Must be set to the value LogicalSwitchMirrorSource MirrorSourceResourceType Required
switch_id Source logical switch identifier string Required

LogicalSwitchParameters (schema)

Logical switch parameters

Logical switch parameters.

Name Description Type Notes
logical_switch_id logical switch identifier

logical switch identifier		 string

LogicalSwitchState (schema)

Name Description Type Notes
details Array of configuration state of various sub systems array of ConfigurationStateElement Readonly
failure_code Error code integer Readonly
failure_message Error message in case of failure string Readonly
logical_switch_id Id of the logical switch string Readonly
state Overall state of desired configuration

Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.		 string Required
Readonly
Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED

LogicalSwitchStateListResult (schema)

Logical Switch state queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Logical Switch State Results array of LogicalSwitchState Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

LogicalSwitchStateParameters (schema)

Name Description Type Notes
status Realized state of logical switches string Enum: PENDING, IN_PROGRESS, PARTIAL_SUCCESS, SUCCESS

LogicalSwitchStatistics (schema)

Name Description Type Notes
dropped_by_security_packets PacketsDroppedBySecurity Readonly
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
logical_switch_id The id of the logical Switch string Required
Readonly
mac_learning MacLearningCounters Readonly
rx_bytes DataCounter Readonly
rx_packets DataCounter Readonly
tx_bytes DataCounter Readonly
tx_packets DataCounter Readonly

LogicalSwitchStatus (schema)

Name Description Type Notes
logical_switch_id Unique ID identifying the the Logical Switch string Readonly
num_logical_ports Count of Logical Ports belonging to this switch int Readonly

LogicalSwitchStatusSummary (schema)

Name Description Type Notes
filters The filters used to find the logical switches- TransportZone id, LogicalSwitchProfile id or TransportType array of Filter
fully_realized_switches The number of logical switches that are realized in all transport nodes. integer Required
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
total_switches The total number of logical switches. integer Required

LoginCredential (schema)

Base type for various login credential types

Name Description Type Notes
credential_type Login credential, for example username-password-thumbprint or certificate based, etc

Possible values are 'UsernamePasswordLoginCredential', 'VerifiableAsymmetricLoginCredential'.		 string Required

MACAddress (schema)

MAC Address

A MAC address. Must be 6 pairs of hexadecimal digits, upper or lower case,
separated by colons or dashes. Examples: 01:23:45:67:89:ab, 01-23-45-67-89-AB.

Name Description Type Notes
MACAddress MAC Address

A MAC address. Must be 6 pairs of hexadecimal digits, upper or lower case,
separated by colons or dashes. Examples: 01:23:45:67:89:ab, 01-23-45-67-89-AB.
string Pattern: "^(([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2}))|(([0-9A-Fa-f]{2}[-]){5}([0-9A-Fa-f]{2}))$"

MACAddressElement (schema)

MAC Address

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
mac_address MACAddress Required

MACAddressElementListResult (schema)

Collection of MAC address elements

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results MAC address element list array of MACAddressElement Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MACAddressExpression (schema)

MAC address expression node

Represents MAC address expressions in the form of an array, to support addition of MAC addresses in a group.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
mac_addresses Array of MAC addresses

This array can consist of one or more MAC addresses.		 array of MACAddress Required
Minimum items: 1
Maximum items: 4000
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value MACAddressExpression string Required
Enum: Condition, ConjunctionOperator, NestedExpression, IPAddressExpression, MACAddressExpression, ExternalIDExpression, PathExpression, IdentityGroupExpression
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

MACSet (schema)

Set of one or more MAC addresses

MACSet is used to group individual MAC addresses. MACSets can be used as
sources and destinations in layer2 firewall rules. These can also be used as
members of NSGroups.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
mac_addresses MAC addresses array of MACAddress Maximum items: 4000
resource_type Must be set to the value MACSet string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

MACSetDeleteRequestParameters (schema)

MACSet delete request parameters

Name Description Type Notes
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"

MACSetListRequestParameters (schema)

MACSet list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

MACSetListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged collection of MACSets array of MACSet Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MPAConfigProperties (schema)

Information about the management plane this node is communciating with

Name Description Type Notes
AccountName The account name to use when authenticating to the management plane's message bus. string or null
RmqBrokerCluster The list of messaging brokers this controller is configured with. array of BrokerProperties
RmqClientType The nodes client type. string or null
SharedSecret The shared secret to use when autnenticating to the management plane's message bus. Not returned in REST responses. string
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly

MacAddressCsvListResult (schema)

Name Description Type Notes
file_name File name

File name set by HTTP server if API returns CSV result as a file.		 string
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
results array of MacTableCsvRecord

MacAddressListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
logical_switch_id The id of the logical Switch string Required
Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results array of MacTableEntry
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly
transport_node_id Transport node identifier string Readonly

MacAddressType (schema)

The type of the MAC address

Name Description Type Notes
MacAddressType The type of the MAC address string Enum: STATIC, LEARNED

MacDiscoveryProfile (schema)

Mac Discovery Profile

Mac Discovery Profile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
mac_change_enabled Is rule enabled or not

Allowing source MAC address change		 boolean Default: "False"
mac_learning_aging_time Aging time in seconds for learned MAC address

Indicates how long learned MAC address remain.		 int Readonly
Default: "600"
mac_learning_enabled Is MAC learning enabled or not

Allowing source MAC address learning		 boolean Required
mac_limit Maximum number of arp bindings

The maximum number of MAC addresses that can be learned on this port		 int Minimum: 0
Maximum: 4096
Default: "4096"
mac_limit_policy Mac Limit Policy

The policy after MAC Limit is exceeded		 string Enum: ALLOW, DROP
Default: "ALLOW"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value MacDiscoveryProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
unknown_unicast_flooding_enabled Is unknown unicast flooding rule enabled or not

Allowing flooding for unlearned MAC for ingress traffic		 boolean Default: "True"

MacDiscoveryProfileListRequestParameters (schema)

Mac Discovery Profile request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

MacDiscoveryProfileListResult (schema)

Paged collection of Mac Discovery Profiles

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Mac Discovery profile list results array of MacDiscoveryProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MacLearningCounters (schema)

Name Description Type Notes
mac_not_learned_packets_allowed Number of dispatched packets with unknown source MAC address.

The number of packets with unknown source MAC address that are dispatched without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_ALLOW.		 integer
mac_not_learned_packets_dropped Number of dropped packets with unknown source MAC address.

The number of packets with unknown source MAC address that are dropped without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_DROP.		 integer
macs_learned Number of MACs learned integer

MacLearningSpec (schema)

MAC learning configuration

Name Description Type Notes
aging_time Aging time in sec for learned MAC address int Readonly
Default: "600"
enabled Allowing source MAC address learning boolean Required
limit The maximum number of MAC addresses that can be learned on this port int Minimum: 0
Maximum: 4096
Default: "4096"
limit_policy The policy after MAC Limit is exceeded string Enum: ALLOW, DROP
Default: "ALLOW"
unicast_flooding_allowed Allowing flooding for unlearned MAC for ingress traffic boolean Default: "True"

MacManagementSwitchingProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
mac_change_allowed Allowing source MAC address change boolean Default: "False"
mac_learning MAC learning configuration MacLearningSpec
required_capabilities array of string Readonly
resource_type Must be set to the value MacManagementSwitchingProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

MacPool (schema)

A collection of ranges of MAC addresses

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ranges Array of ranges for MAC addresses array of MacRange Required
resource_type Must be set to the value MacPool string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

MacPoolListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results MAC pool list results array of MacPool Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MacRange (schema)

A range of MAC addresses with a start and end value

Name Description Type Notes
end End value of MAC range

End value for MAC address range		 MACAddress Required
start Start value of MAC range

Start value for MAC address range		 MACAddress Required

MacTableCsvRecord (schema)

Name Description Type Notes
mac_address The MAC address string Required
vtep_ip The virtual tunnel endpoint IP address IPAddress
vtep_mac_address The virtual tunnel endpoint MAC address string

MacTableEntry (schema)

Name Description Type Notes
mac_address The MAC address string Required
vtep_ip The virtual tunnel endpoint IP address IPAddress
vtep_mac_address The virtual tunnel endpoint MAC address string

MaintenanceModeParameters (schema)

transport node maintenance mode setting parameters

Name Description Type Notes
action User could use this parameter to put transport node into maintenance mode or exit from maintenance mode. 'enter_maintenance_mode' will put Transport Node into maintenance mode if there is no VIFs attached. 'forced_enter_maintenance_mode' will put transport node into maintenance mode forcibly regardless of whether or not VIF attached. 'exit_maintenance_mode' will exit from maintenance mode. string Enum: enter_maintenance_mode, forced_enter_maintenance_mode, exit_maintenance_mode

MaintenanceModeState (schema)

maintenance mode state

Name Description Type Notes
MaintenanceModeState maintenance mode state string Readonly
Enum: ENTERING, ENABLED, EXITING, DISABLED

ManagedResource (schema)

Base type for resources that are managed by API clients

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type The type of this resource. string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ManagedVnetInfo (schema)

Azure Managed VNet Information

Stores the account ID and VNet ID of the corresponding managed VNet. A managed VNet is a Azure compute VNet, which is NSX managed by a transit VNet.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
associated_account_ids Array of Cloud Account IDs

Cloud account ID related to the virtual private cloud.
array of string Required
Readonly
virtual_private_cloud_id Virtual Private Cloud ID

Virtual private cloud ID of the corresponding cloud.
string Required
Readonly
virtual_private_cloud_name Virtual Private Cloud name

Virtual private cloud name of the corresponding cloud.
string Required
Readonly

ManagedVpcInfo (schema)

AWS Managed VPC Information

Stores the account ID and VPC ID of the corresponding managed VPC. A managed VPC is a AWS compute VPC, which is NSX managed by a transit VPC.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
associated_account_ids Array of Cloud Account IDs

Cloud account ID related to the virtual private cloud.
array of string Required
Readonly
virtual_private_cloud_id Virtual Private Cloud ID

Virtual private cloud ID of the corresponding cloud.
string Required
Readonly
virtual_private_cloud_name Virtual Private Cloud name

Virtual private cloud name of the corresponding cloud.
string Required
Readonly

ManagementClusterNodeStatus (schema)

Name Description Type Notes
mgmt_cluster_status Status of this node's connection to the management cluster ClusteringStatus Readonly

ManagementClusterRoleConfig (schema)

Name Description Type Notes
api_listen_addr The IP and port for the public API service on this node ServiceEndpoint Readonly
appliance_connection_info The IP, port and certificate for connecting to appliance. ServiceEndpoint Readonly
mgmt_cluster_listen_addr The IP and port for the management cluster service on this node ServiceEndpoint Readonly
mgmt_plane_listen_addr The IP and port for the management plane service on this node ServiceEndpoint Readonly
mpa_msg_client_info MsgClientInfo
type Type of this role configuration string Required
Readonly
Enum: ManagementClusterRoleConfig, ControllerClusterRoleConfig

ManagementClusterStatus (schema)

Name Description Type Notes
offline_nodes Current missing management plane nodes array of ManagementPlaneBaseNodeInfo Readonly
online_nodes Current alive management plane nodes array of ManagementPlaneBaseNodeInfo Readonly
required_members_for_initialization The details of the cluster nodes required for cluster initialization array of ClusterInitializationNodeInfo Readonly
status The current status of the management cluster string Readonly
Enum: INITIALIZING, UNSTABLE, DEGRADED, STABLE, UNKNOWN

ManagementConfig (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
publish_fqdns True if Management nodes publish their fqdns(instead of default IP addresses) across NSX for its reachability. boolean Required

ManagementNodeAggregateInfo (schema)

Name Description Type Notes
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
id Unique identifier of this resource string Readonly
node_interface_properties Array of Node interface statistic properties array of NodeInterfaceProperties Readonly
node_interface_statistics Array of Node network interface statistic properties array of NodeInterfaceStatisticsProperties Readonly
node_status ClusterNodeStatus Readonly
node_status_properties Time series of the node's system properties array of NodeStatusProperties
role_config ManagementClusterRoleConfig Readonly
transport_nodes_connected integer Readonly
Minimum: 0

ManagementPlaneBaseNodeInfo (schema)

The basic node info of management plane node

Name Description Type Notes
mgmt_cluster_listen_ip_address The IP address of MP node string Readonly
uuid Management plane node UUID string Readonly

ManagementPlaneBrokerProperties (schema)

Information about a management plane node this controller is configured to communicate with

Name Description Type Notes
host IP address or hostname of the message bus broker on the management plane node. HostnameOrIPv4Address Required
port Port number of the message bus broker on the management plane node. integer Minimum: 0
Maximum: 65535
Default: "5671"
thumbprint Certificate thumbprint of the message bus broker on the management plane node. string Required

ManagementPlaneProperties (schema)

Information about the management plane this controller is communciating with

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
account The account name to use when authenticating to the management plane's message bus. string or null
brokers The list of messaging brokers this controller is configured with. array of ManagementPlaneBrokerProperties
secret The shared secret to use when autnenticating to the management plane's message bus. Not returned in REST responses. string

MandatoryAccessControlProperties (schema)

Information about mandatory access control

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
enabled Enabled can be True/False boolean
status current status of Mandatory Access Control string Readonly
Enum: ENABLED, DISABLED, ENABLED_PENDING_REBOOT

ManualHealthCheck (schema)

Manual Health Check

Describes a manual check to evaluate the status of a transport zone.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
operation_status Operation Status

The operation status for health check
string Readonly
Enum: IN_PROGRESS, FINISHED
resource_type Must be set to the value ManualHealthCheck string
result HealthCheckResult Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_zone_id Transport Zone ID

The entity ID works as a filter param. Entity ID and entity type should
be both provided or not at a query.
string Required
vlans Specificied VLANs

VLANs specificied for manual health check
HealthCheckSpecVlans Required

ManualHealthCheckListResult (schema)

List of Manual Health Checks

Manual health check list result for query with list parameters.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Manual Health Check List array of ManualHealthCheck Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MemberAction (schema)

Name Description Type Notes
action Specifies addition or removal action string Required
Enum: ADD_MEMBERS, REMOVE_MEMBERS

MessagingClientInfo (schema)

Name Description Type Notes
account_name Account name in messaging client string
client_type Type of messaging client string Enum: MPA, HOST

MetadataProxy (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
attached_logical_port_id id of attached logical port string Readonly
crypto_protocols metadata proxy supported cryptographic protocols.

The cryptographic protocols listed here are supported by the metadata proxy.
The TLSv1.1 and TLSv1.2 are supported by default.
array of MetadataProxyCryptoProtocol
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
edge_cluster_id edge cluster uuid string Required
edge_cluster_member_indexes edge cluster member indexes

If none is provided, the NSX will auto-select two edge-nodes from the given edge cluster.
If user provides only one edge node, there will be no HA support.
array of integer Minimum items: 0
Maximum items: 2
enable_standby_relocation Flag to enable standby Metadata proxy server relocation

Flag to enable the auto-relocation of standby Metadata Proxy in
case of edge node failure. Only tier 1 and auto placed Metadata
Proxy are considered for the relocation.
boolean Default: "False"
id Unique identifier of this resource string Sortable
metadata_server_ca_ids uuids of CAs to verify metadata server certificate

The CAs referenced here must be uploaded to the truststore using the API
POST /api/v1/trust-management/certificates?action=import.
User needs to ensure a correct CA for this metedata server is used. The REST API can
not detect a wrong CA which was used to verify a different server. If the Metadata
Proxy reports an ERROR or NO_BACKUP status, user can check the metadata proxy log
at transport node for a possible CA issue.
array of string
metadata_server_url metadata server url

The URL in format scheme://host:port/path. Please note, the scheme supports only http
and https as of now, port supports range 3000 - 9000, inclusive.
string Required
resource_type Must be set to the value MetadataProxy string
secret secret to access metadata server string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

MetadataProxyCryptoProtocol (schema)

Metadata proxy supported cryptographic protocol

Name Description Type Notes
MetadataProxyCryptoProtocol Metadata proxy supported cryptographic protocol string Enum: TLS_V1, TLS_V1_1, TLS_V1_2

MetadataProxyListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results paginated list of metadata proxies array of MetadataProxy Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MetadataProxyStatistics (schema)

Name Description Type Notes
metadata_proxy_id metadata proxy uuid string Required
statistics metadata proxy statistics per logical switch array of MetadataProxyStatisticsPerLogicalSwitch
timestamp timestamp of the statistics EpochMsTimestamp Required

MetadataProxyStatisticsPerLogicalSwitch (schema)

Name Description Type Notes
error_responses_from_nova_server error responses from nova server integer Required
logical_switch_id uuid of attached logical switch string Required
requests_from_clients requests from clients integer Required
requests_to_nova_server requests to nova server integer Required
responses_to_clients responses to clients integer Required
succeeded_responses_from_nova_server succeeded responses from nova server integer Required

MetadataProxyStatisticsRequestParameters (schema)

Name Description Type Notes
logical_switch_id The uuid of logical switch string
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType

MetadataProxyStatus (schema)

Name Description Type Notes
error_message Error message, if available string
proxy_status UP means the metadata proxy is working fine on both transport-nodes(if have);
DOWN means the metadata proxy is is down on both transport-nodes(if have),
hence the metadata proxy will not repsonse any metadata request;
Error means error happens on transport-node(s) or no status is reported from
transport-node(s). The metadata proxy may be working (or not working);
NO_BACK means metadata proxy is working in one of the transport node while
not in the other transport-node (if have). Hence if the metadata proxy in
the working transport-node goes down, the metadata proxy will go down.
string Required
Enum: UP, DOWN, ERROR, NO_BACKUP
transport_nodes ids of transport nodes where this metadata proxy is running

Order of the transport nodes is insensitive because Metadata Proxy
is running in Active-Active mode among target transport nodes.
array of string Required

MgmtConnStatus (schema)

Name Description Type Notes
connectivity_status Indicates the controller node's MP channel connectivity status string Readonly
Enum: CONNECTED, DISCONNECTED, UNKNOWN

MigrationComponentTypeListRequestParameters (schema)

Name Description Type Notes
component_type Component type based on which migration unit groups to be filtered string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

MigrationFeedbackCategory (schema)

Category of feedback for Migration

Categorization of feedback requests from the migration tool where user input is required.

Name Description Type Notes
accepted_values Acceptable values for this feedback request

List of acceptable values for this feedback request.		 array of string Readonly
category Functional area for the feedback query

Functional area that this query falls into.		 string Required
Readonly
count Total number of feedback requests for this functional area

Total number of feedback requests for this functional area.		 int Required
Readonly
resolved Count of resolved feedback requests for this functional area

Total number of resolved feedback requests for this functional area.		 int Required
Readonly

MigrationFeedbackRequest (schema)

Feedback detail required for Migration

Detailed feedback requests from the migration tool where user input is required.

Name Description Type Notes
accepted_actions Acceptable actions for this feedback request

List of acceptable actions for this feedback request.		 array of string Readonly
accepted_value_type Data type of the items listed in acceptable values

Data type of the items listed in acceptable values list.		 string Required
Readonly
accepted_values Acceptable values for this feedback request

List of acceptable values for this feedback request.		 array of string
hash Identifier for a feedback request type

Identify a feedback request type across objects. This can be used to group together objects with similar feedback request and resolve them in one go.		 string Readonly
id UUID of the feedback request

Identifier of the feedback request.		 string Required
Readonly
message Content of feedback request

Detailed feedback request with options.		 string Required
Readonly
multi_value Indicates if multiple values can be selected as response

Indicates if multiple values can be selected as response from the list of acceptable value.		 boolean Required
Readonly
object_id UUID of the object

Identifier of the object for which feedback is requested.		 string Readonly
rejected Indicates if the previous feedback response was rejected

Indicates if previous response was invalid. Please provide a valid response.		 boolean Readonly
resolution Previous resolution details for this feedback request

If the feedback request was resolved earlier, provides details about the previous resolution.		 string Readonly
resolved Indicates if this feedback request has already been resolved

Indicates if a valid response already exist for this feedback request.		 boolean Readonly
sub_vertical Functional sub-area for the feedback query

Functional sub-area that this query falls into.		 string Required
Readonly
suggested_action Suggested action for this feedback request

The suggested action to resolve this feedback request.		 string Required
Readonly
suggested_value Suggested value for this feedback request

The suggested value to resolve this feedback request.		 string Required
Readonly
v_object_id Id of this object in the source NSX endpoint

Identifier for this object in the source NSX endpoint.		 string Required
Readonly
v_object_name Name of this object in the source NSX endpoint

Name of this object in the source NSX endpoint.		 string Required
Readonly
vertical Functional area for the feedback query

Functional area that this query falls into.		 string Required
Readonly

MigrationFeedbackRequestListResult (schema)

List of feedback required for Migration

List of detailed feedback requests from the migration tool where user input is required.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of feedback requests array of MigrationFeedbackRequest Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MigrationFeedbackResponse (schema)

Feedback details required for Migration

Detailed feedback requests from the migration tool where user input is required.

Name Description Type Notes
action Action selected for feedback request

Action selected in response to the feedback request.		 string Required
id UUID of the feedback request

Identifier of the feedback request.		 string Required
value User input for the feedback query

User input provided in response to the feedback request.		 string
values User input with multiple values for the feedback query

User input provided in the form of a list of values in response to the feedback request.		 array of string

MigrationFeedbackResponseList (schema)

List of feedback reponse for Migration

List of detailed feedback response for the migration tool.

Name Description Type Notes
response_list List of feedback responses

List of feedback responses.		 array of MigrationFeedbackResponse Required

MigrationFeedbackSummaryListResult (schema)

List of feedback categories for Migration

List of feedback categories and count of requests in each category.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of feedback categories array of MigrationFeedbackCategory Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MigrationGroupStatusListRequestParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
has_errors Flag to indicate whether to return only migration units with errors boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

MigrationNodeInfoListRequestParameters (schema)

Name Description Type Notes
component_type Component type based on which nodes will be filtered string
component_version Component version based on which nodes will be filtered string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

MigrationPlanResetRequest (schema)

Name Description Type Notes
component_type Component type string Required

MigrationPlanSettings (schema)

Name Description Type Notes
parallel Migration Method to specify whether the migration is to be performed serially or in parallel boolean Default: "True"
pause_after_each_group Flag to indicate whether to pause the migration after migration of each group is completed boolean Default: "False"
pause_on_error Flag to indicate whether to pause the migration plan execution when an error occurs boolean Default: "False"

MigrationSetupInfo (schema)

Details about source and destination NSX setup

Details about source and destination NSX setup to be migrated

Name Description Type Notes
destination_nsx Destination NSX API endpoint

IP address or hostname of the destination NSX API endpoint.		 DestinationNsxApiEndpoint
migration_mode Migration mode

Migration mode can be VMC_V2T, ONPREMISE_V2T, ONPREMISE_VSPHERE2T		 string Enum: VMC_V2T, ONPREMISE_V2T, ONPREMISE_VSPHERE2T
Default: "ONPREMISE_V2T"
source_nsx List of source NSX managers

List of source NSX manager endpoints.		 array of SourceNsxApiEndpoint

MigrationStatus (schema)

Name Description Type Notes
component_status List of component statuses array of ComponentMigrationStatus Required
Readonly
overall_migration_status Status of migration string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSED

MigrationStatusSummaryRequestParameters (schema)

Name Description Type Notes
component_type Component type based on which migration units to be filtered string

MigrationSummary (schema)

Name Description Type Notes
component_target_versions array of ComponentTargetVersion Readonly
migration_coordinator_version Current version of migration coordinator string Required
Readonly
migration_status Status of migration string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSED
system_version Current system version string Required
Readonly
target_version Target system version string Required
Readonly

MigrationSwitchInfo (schema)

Details about switch to be migrated

Details about switch to be migrated

Name Description Type Notes
id Switch id

Switch Identifier.		 string Required
Readonly
kind Kind of switch

Kind of switch, can be DVS, VSS.		 string Enum: DVS, VSS
Default: "DVS"
name Switch name

Name of the switch.		 string
pnic_count PNIC count

Number of PNICs associated with this switch.		 int Readonly
version Switch version

Version of the switch to be migrated.		 string Readonly

MigrationSwitchListResult (schema)

Details about all the DVS and VSS present on the VC

Details about all the DVS and VSS present on the VC

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of DVS/VSS present on the VC

A paginated list of DVS/VSS present on the VC.		 array of MigrationSwitchInfo
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MigrationUnit (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
current_version Current version of migration unit

This is component version e.g. if migration unit is of type HOST, then this is host version.		 string Readonly
display_name Name of the migration unit string
group Info of the group to which this migration unit belongs ResourceReference Readonly
id UUID of the migration unit

Identifier of the migration unit		 string Required
Readonly
metadata Metadata about migration unit array of KeyValuePair Readonly
type Migration unit type string
warnings List of warnings indicating issues with the migration unit that may result in migration failure array of string Readonly

MigrationUnitAggregateInfo (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
errors List of errors occurred during migration of this migration unit array of string Readonly
percent_complete Indicator of migration progress in percentage number Required
Readonly
status Status of migration unit string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSED
unit Migration unit info

Details of the migration unit		 MigrationUnit Required
Readonly

MigrationUnitAggregateInfoListRequestParameters (schema)

Name Description Type Notes
component_type Component type based on which migration units to be filtered string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
group_id Identifier of group based on which migration units to be filtered string
has_errors Flag to indicate whether to return only migration units with errors boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
metadata Metadata about migration unit to filter on string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
selection_status Flag to indicate whether to return only selected, only deselected or both type of migration units string Enum: SELECTED, DESELECTED, ALL
Default: "ALL"
sort_ascending boolean
sort_by Field by which records are sorted string

MigrationUnitAggregateInfoListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged collection of MigrationUnit AggregateInfo array of MigrationUnitAggregateInfo Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MigrationUnitGroup (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Flag to indicate whether migration of this group is enabled or not boolean Default: "True"
extended_configuration Extended configuration for the group array of KeyValuePair Maximum items: 100
id Unique identifier of this resource string Sortable
migration_unit_count Count of migration units in the group

Number of migration units in the group		 int Readonly
migration_units List of migration units in the group array of MigrationUnit Maximum items: 100
parallel Migration method to specify whether the migration is to be performed in parallel or serially boolean Default: "True"
resource_type Must be set to the value MigrationUnitGroup string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
type Component type string Required

MigrationUnitGroupAggregateInfo (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
failed_count Number of nodes in the migration unit group that failed migration int Readonly
group Migration unit group details MigrationUnitGroup Required
id Unique identifier of this resource string Sortable
percent_complete Indicator of migration progress in percentage number Required
Readonly
resource_type Must be set to the value MigrationUnitGroupAggregateInfo string
status Migration status of migration unit group string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSED
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

MigrationUnitGroupAggregateInfoListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged collection of migration status for migration unit groups array of MigrationUnitGroupAggregateInfo Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MigrationUnitGroupListRequestParameters (schema)

Name Description Type Notes
component_type Component type based on which migration unit groups to be filtered string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
summary Flag indicating whether to return summary boolean Default: "False"
sync Synchronize before returning migration unit groups

If true, synchronize with the management plane before returning migration unit groups		 boolean Default: "False"

MigrationUnitGroupListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of Migration unit groups array of MigrationUnitGroup Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MigrationUnitGroupStatus (schema)

Name Description Type Notes
failed_count Number of nodes in the migration unit group that failed migration int Readonly
group_id UUID of migration unit group

Identifier for migration unit group		 string Required
Readonly
group_name Migration unit group Name

Name of the migration unit group		 string Required
Readonly
migration_unit_count Number of migration units in the group int Required
Readonly
percent_complete Indicator of migration progress in percentage number Required
Readonly
status Migration status of migration unit group string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSED

MigrationUnitGroupStatusListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged collection of migration status for migration unit groups array of MigrationUnitGroupStatus Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MigrationUnitList (schema)

Name Description Type Notes
list Collection of Migration units array of MigrationUnit Required

MigrationUnitListRequestParameters (schema)

Name Description Type Notes
component_type Component type based on which migration units to be filtered string
current_version Current version of migration unit based on which migration units to be filtered string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
group_id UUID of group based on which migration units to be filtered string
has_warnings Flag to indicate whether to return only migration units with warnings boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
metadata Metadata about migration unit to filter on string
migration_unit_type Migration unit type based on which migration units to be filtered string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

MigrationUnitListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of Migration units array of MigrationUnit Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MigrationUnitStatus (schema)

Name Description Type Notes
display_name Name of migration unit string Required
Readonly
errors List of errors occurred during migration of this migration unit array of string Readonly
id UUID of migration unit

Identifier of migration unit		 string Required
Readonly
percent_complete Indicator of migration progress in percentage number Required
Readonly
status Status of migration unit string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSED

MigrationUnitStatusListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of migration units status array of MigrationUnitStatus Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MigrationUnitTypeStats (schema)

Name Description Type Notes
node_count Number of nodes int Required
Readonly
node_with_issues_count Number of nodes with issues that may cause migration failure int Readonly
type Type of migration unit string Required
Readonly
version Version of the migration unit string Required
Readonly

MigrationUnitTypeStatsList (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of migration unit type stats array of MigrationUnitTypeStats Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

MigrationUnitsStatsRequestParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
sync Synchronize before returning migration unit stats

If true, synchronize with the management plane before returning migration unit stats		 boolean Default: "False"

MirrorDestination (schema)

This is an abstract type. Concrete child types:
IPMirrorDestination
LogicalPortMirrorDestination
PnicMirrorDestination

Name Description Type Notes
resource_type MirrorDestinationResourceType Required

MirrorDestinationResourceType (schema)

Resource types of mirror destination

Name Description Type Notes
MirrorDestinationResourceType Resource types of mirror destination string Enum: LogicalPortMirrorDestination, PnicMirrorDestination, IPMirrorDestination

MirrorSource (schema)

This is an abstract type. Concrete child types:
LogicalPortMirrorSource
LogicalSwitchMirrorSource
PnicMirrorSource
VlanMirrorSource

Name Description Type Notes
resource_type MirrorSourceResourceType Required

MirrorSourceResourceType (schema)

Resource types of mirror source

Name Description Type Notes
MirrorSourceResourceType Resource types of mirror source string Enum: LogicalPortMirrorSource, PnicMirrorSource, VlanMirrorSource, LogicalSwitchMirrorSource

MonitorQueryType (schema)

monitor query type

MonitorQueryType is used to query load balancer monitors.
LbActiveMonitor represents active load balancer monitors.
While LbActiveMonitor is specified to query load balancer
monitors, it returns all active monitors, including LbHttpMonitor,
LbHttpMonitor, LbIcmpMonitor, LbTcpMonitor,
LbUdpMonitor.

Name Description Type Notes
MonitorQueryType monitor query type

MonitorQueryType is used to query load balancer monitors.
LbActiveMonitor represents active load balancer monitors.
While LbActiveMonitor is specified to query load balancer
monitors, it returns all active monitors, including LbHttpMonitor,
LbHttpMonitor, LbIcmpMonitor, LbTcpMonitor,
LbUdpMonitor.
string Enum: LbHttpMonitor, LbHttpsMonitor, LbIcmpMonitor, LbTcpMonitor, LbUdpMonitor, LbPassiveMonitor, LbActiveMonitor

MonitorType (schema)

monitor type

Load balancers monitor the health of backend servers to ensure traffic
is not black holed.
There are two types of healthchecks: active and passive.
Passive healthchecks depend on failures in actual client traffic (e.g. RST
from server in response to a client connection) to detect that the server
or the application is down.
In case of active healthchecks, load balancer itself initiates new
connections (or sends ICMP ping) to the servers periodically to check their
health, completely independent of any data traffic.
Currently, active health monitors are supported for HTTP, HTTPS, TCP, UDP
and ICMP protocols.

Name Description Type Notes
MonitorType monitor type

Load balancers monitor the health of backend servers to ensure traffic
is not black holed.
There are two types of healthchecks: active and passive.
Passive healthchecks depend on failures in actual client traffic (e.g. RST
from server in response to a client connection) to detect that the server
or the application is down.
In case of active healthchecks, load balancer itself initiates new
connections (or sends ICMP ping) to the servers periodically to check their
health, completely independent of any data traffic.
Currently, active health monitors are supported for HTTP, HTTPS, TCP, UDP
and ICMP protocols.
string Enum: LbHttpMonitor, LbHttpsMonitor, LbIcmpMonitor, LbTcpMonitor, LbUdpMonitor, LbPassiveMonitor

MonitoringProfileBindingMap (schema)

Base Monitoring Profile Binding Map

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value MonitoringProfileBindingMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

MonthlyTelemetrySchedule (schema)

Name Description Type Notes
day_of_month Day of month on which data will be collected

Day of month on which data will be collected. Specify a value between 1 through 31.
integer Required
Minimum: 1
Maximum: 31
frequency_type Must be set to the value MonthlyTelemetrySchedule string Required
hour_of_day Hour at which data will be collected

Hour at which data will be collected. Specify a value between 0 through 23.
integer Required
Minimum: 0
Maximum: 23
minutes Minute at which data will be collected

Minute at which data will be collected. Specify a value between 0 through 59.
integer Minimum: 0
Maximum: 59
Default: "0"

MsgClientInfo (schema)

Information about a messaging client

Name Description Type Notes
account_name Account name for the messaging client. Identifies the client on the management plane message bus. string
certificate Messaging client's certificate. Used to authenticate to the control plane messaging endpoint. string
shared_secret Messaging client's secret. Used to authenticate to the management plane messaging broker. string
software_version Software version of the node. string Readonly

MultiWidgetConfiguration (schema)

Multi-Widget

Combines two or more widgetconfigurations into a multi-widget

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
datasources Array of Datasource Instances with their relative urls

The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.		 array of Datasource Minimum items: 0
description Description of this resource string Maximum length: 1024
Sortable
display_name Widget Title

Title of the widget. If display_name is omitted, the widget will be shown without a title.		 string Maximum length: 255
drilldown_id Id of drilldown widget

Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.		 string Maximum length: 255
footer Footer
icons Icons

Icons to be applied at dashboard for widgets and UI elements.		 array of Icon
id Unique identifier of this resource string Sortable
is_drilldown Set as a drilldown widget

Set to true if this widget should be used as a drilldown.		 boolean Default: "False"
legend Legend for the widget

Legend to be displayed. If legend is not needed, do not include it.		 Legend
navigation Navigation to a specified UI page

Hyperlink of the specified UI page that provides details.		 string Maximum length: 1024
resource_type Must be set to the value MultiWidgetConfiguration string Required
Readonly
Enum: LabelValueConfiguration, DonutConfiguration, MultiWidgetConfiguration, ContainerConfiguration, StatsConfiguration, GridConfiguration, GraphConfiguration
Maximum length: 255
shared Visiblity of widgets to other users

Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.		 boolean Deprecated
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
weight Weightage or placement of the widget or container

Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.		 int Deprecated
widgets Widgets

Array of widgets that are part of the multi-widget.		 array of WidgetItem Required
Minimum items: 1
Maximum items: 2

NDRAPrefixConfig (schema)

Overrides the router advertisement attributes for the
IPv6 prefixes.

Name Description Type Notes
network_prefix Network prefix

Override the neighbor discovery prefix preferred time and
prefix valid time for the subnet on uplink port whose
network matches with the network address of CIDR specified
in network_prefix.
IPv6CIDRBlock Required
prefix_preferred_time Prefix preferred time

The time interval in seconds, in which the prefix is advertised
as preferred.
integer Minimum: 0
Maximum: 4294967295
prefix_valid_time Subnet Prefix Length

The time interval in seconds, in which the prefix is advertised
as valid.
integer Minimum: 0
Maximum: 4294967295

NDRAProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
dns_config DNS Configuration RaDNSConfig
id Unique identifier of this resource string Sortable
ra_config RA Configuration RAConfig Required
ra_mode RA Mode RAMode Required
Default: "SLAAC_DNS_THROUGH_RA"
reachable_timer Reachable timer

Neighbour reachable time duration in milliseconds.
A value of 0 means unspecified.
integer Minimum: 0
Maximum: 3600000
Default: "0"
resource_type Must be set to the value NDRAProfile string
retransmit_interval Retransmission interval

The time, in milliseconds, between retransmitted neighbour
solicitation messages.
integer Minimum: 0
Maximum: 4294967295
Default: "1000"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

NDRAProfileListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of NDRAProfile array of NDRAProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NSAttributes (schema)

NS Attributes data holder structure

Name Description Type Notes
attributes_data Data for attribute NSAttributesData Required
sub_attributes Reference to sub attributes for the attribute array of NSAttributesData

NSAttributesData (schema)

Attributes/sub-attributes data holder structure for NSProfile

Name Description Type Notes
datatype Data type of attribute/sub attribute key string Required
Enum: STRING
description Description for NSProfile attributes string
key Key for attribute/sub attribute

NSProfile attribute/sub attribute keys.
string Required
value value for attribute/sub attribute key

Multiple attribute/sub attribute values can be specified
as elements of array.
array of string Required
Minimum items: 1

NSGroup (schema)

Networking and Security Group

NSGroups are recursive groupings of different NSX elements (logical and physical), typically used in policy definitions.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
member_count Count of the members added to this NSGroup integer Readonly
members Members of NSGroup

Reference to the direct/static members of the NSGroup.
Can be ID based expressions only. VirtualMachine cannot
be added as a static member.
array of NSGroupSimpleExpression Maximum items: 500
membership_criteria The criteria for membership of this NSGroup

List of tag or name based expressions which define the dynamic membership criteria
for this NSGroup. An object must satisfy atleast one of these expressions
to qualify as a member of this group.
It is not recommended to use ID based expressions in this section.
ID based expression should be used in "members" section
array of NSGroupExpression
(Abstract type: pass one of the following concrete types)
NSGroupComplexExpression
NSGroupExpression
NSGroupSimpleExpression
NSGroupTagExpression		 Maximum items: 5
resource_type Must be set to the value NSGroup string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

NSGroupComplexExpression (schema)

Complex expressions to represent NSGroup membership

Name Description Type Notes
expressions List of simple and tag expressions

Represents expressions which are to be logically 'AND'ed.The array cannot contain
NSGroupComplexExpression.Only NSGroupTagExpression and NSGroupSimpleExpressions
are accepted.
array of NSGroupExpression
(Abstract type: pass one of the following concrete types)
NSGroupComplexExpression
NSGroupExpression
NSGroupSimpleExpression
NSGroupTagExpression		 Required
Minimum items: 2
Maximum items: 5
resource_type Must be set to the value NSGroupComplexExpression string Required
Enum: NSGroupSimpleExpression, NSGroupComplexExpression, NSGroupTagExpression

NSGroupDeleteRequestParameters (schema)

NSGroup delete request parameters

Name Description Type Notes
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"

NSGroupExpression (schema)

Policy expression for NSGroup membership

Name Description Type Notes
resource_type string Required
Enum: NSGroupSimpleExpression, NSGroupComplexExpression, NSGroupTagExpression

NSGroupExpressionList (schema)

List of NSGroupExpressions

Name Description Type Notes
members List of NSGroupExpressions to be passed to add and remove APIs array of NSGroupExpression
(Abstract type: pass one of the following concrete types)
NSGroupComplexExpression
NSGroupExpression
NSGroupSimpleExpression
NSGroupTagExpression		 Required
Maximum items: 500

NSGroupInfo (schema)

NSGroupInfo

NSGroupInfo contains information about a particular NSGroup used in a SI Rule. It also contains information about policy path used to create this NSGroup.

Name Description Type Notes
nsgroup NSGroup

NSGroup Data.		 ResourceReference Readonly
nsgroup_policy_path Policy Path of a Particular NSGroup

Relative Policy path of a particular NSGroup.		 string Required
Readonly

NSGroupListRequestParameters (schema)

NSGroup list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
member_types Specify member types to filter corresponding NSGroups

Specify valid member types in CSV format to filter NSGroups. Returns NSGroups
whose member types are same as or subset of specified member types
string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
populate_references Populate metadata of resource referenced by NSGroupExpressions

If set to true, the target_resource property of each
NSGroupExpresion will be populated from the associated resource
when the expression uniquely identifies a resource.
boolean Default: "False"
sort_ascending boolean
sort_by Field by which records are sorted string

NSGroupListResult (schema)

Paged Collection of NSGroups

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results NSGroup list results array of NSGroup Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NSGroupMetaInfo (schema)

Metadata about NSGroup

Contains the metadata of a NSGroup when the application discovery session
was started

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
no_of_vms Number of VMs discovered for this NSGroup when session was started integer
ns_group_id ID of the NS Group string Required

NSGroupMetaInfoListResult (schema)

NSGroupMetaInfo list

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results list of NSGroupMetaInfos array of NSGroupMetaInfo Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NSGroupRequestParameters (schema)

NSGroup request parameters

Name Description Type Notes
populate_references Populate metadata of resource referenced by NSGroupExpressions

If set to true, the target_resource property of each
NSGroupExpresion will be populated from the associated resource
when the expression uniquely identifies a resource.
boolean Default: "False"

NSGroupServiceAssociationListRequestParameters (schema)

NSGroup Service association list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
fetch_parentgroup_associations Fetch complete list of associated resources considering nesting

If set to true, will fetch direct as well as
indirect associated service entities for the given NSGroup.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
service_type string Required
Enum: firewall, ipfix
sort_ascending boolean
sort_by Field by which records are sorted string

NSGroupSimpleExpression (schema)

Simple expressions to represent NSGroup membership

Name Description Type Notes
op Operator of the expression string Required
Enum: EQUALS, CONTAINS, STARTSWITH, ENDSWITH, NOTEQUALS
resource_type Must be set to the value NSGroupSimpleExpression string Required
Enum: NSGroupSimpleExpression, NSGroupComplexExpression, NSGroupTagExpression
target_property Field of the resource on which this expression is evaluated string Required
target_resource Reference of the target

Reference of the target. Will be populated when
the property is a resource id, the op (operator) is EQUALS and
populate_references is set to be true.
ResourceReference Readonly
target_type Type of the resource on which this expression is evaluated NSGroupValidResourceType Required
value Value that satisfies this expression string Required

NSGroupTagExpression (schema)

TAG expressions to represent NSGroup membership

Includes both scope and tag attribute of Tag. The scope and tag expressions
are logically 'AND' with each other.
eg- tag.scope = "S1" AND tag.tag = 'T1'

Name Description Type Notes
resource_type Must be set to the value NSGroupTagExpression string Required
Enum: NSGroupSimpleExpression, NSGroupComplexExpression, NSGroupTagExpression
scope The tag.scope attribute of the object string Maximum length: 128
scope_op Operator of the scope expression eg- tag.scope = "S1". string Enum: EQUALS
Default: "EQUALS"
tag The tag.tag attribute of the object string Maximum length: 256
tag_op Operator of the tag expression eg- tag.tag = "Production"

Target_type VirtualMachine supports all specified operators for
tag expression while LogicalSwitch and LogicalPort supports only
EQUALS operator.
string Enum: EQUALS, CONTAINS, STARTSWITH, ENDSWITH
Default: "EQUALS"
target_type Type of the resource on which this expression is evaluated string Required
Enum: LogicalSwitch, LogicalPort, VirtualMachine, IPSet

NSGroupValidResourceType (schema)

Resource type valid for use in an NSGroupExpression

Name Description Type Notes
NSGroupValidResourceType Resource type valid for use in an NSGroupExpression string Enum: NSGroup, IPSet, MACSet, LogicalSwitch, LogicalPort, VirtualMachine, DirectoryGroup, VirtualNetworkInterface, TransportNode

NSProfile (schema)

Network Services Profile entity

An entity that encapsulates attributes and sub-attributes of various
network services (ex. L7 services,domain name,encryption algorithm)
The entity will be consumed in DFW rules and can be added in new
tuple called profile in DFW rules. This entity is design to be generic
and can be consumed at other places as well where attributes and
sub-attributes collection can be used. To get a list of supported
attributes and sub-attributes fire the following REST API
GET https://<nsx-mgr>/api/v1/ns-profiles/attributes

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
is_valid Flag indicating if NSProfile has supported app ids

If set to false, the NSProfile has some app ids which
are unsupported. Those were allowed to be added in
previous releases but in testing in later phases
found that those app ids could not be detected.
boolean Readonly
Default: "True"
nsprofile_attribute NSProfile attributes and sub-attributes object

Reference to the encapsulating object of attributes/sub-attributes for
NSProfile.
array of NSAttributes Required
resource_type Must be set to the value NSProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

NSProfileDeleteRequestParameters (schema)

NSProfile delete request parameters

Name Description Type Notes
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"

NSProfileListRequestParameters (schema)

NSProfile list request parameters.

Name Description Type Notes
attribute_type Fetch NSProfiles for the given attribute type

It fetches NSProfiles for the given attribute type.
Only one type of supported attribute type can be mentioned
in a single API call.API will return all NSProfiles that
have at least one attribute level key which matches given
attribute type. If not provided, all NSProfiles will be
returned.
string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

NSProfileListResult (schema)

List result of NSProfiles

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged collection of NSProfiles array of NSProfile Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NSService (schema)

A Networking and Security Service allows users to specify characteristics to use
for matching network traffic. For example the user can specify port and protocol
pair.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
default_service NSServices created in the system by default

The default NSServices are created in the system by default. These NSServices
can't be modified/deleted
boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
nsservice_element An NSService Element that describes traffic corresponding to this NSService NSServiceElement
(Abstract type: pass one of the following concrete types)
ALGTypeNSService
EtherTypeNSService
ICMPTypeNSService
IGMPTypeNSService
IPProtocolNSService
L4PortSetNSService		 Required
resource_type Must be set to the value NSService string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

NSServiceDeleteRequestParameters (schema)

NSService delete request parameters

Name Description Type Notes
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"

NSServiceElement (schema)

An NSService element that describes traffic corresponding to an NSService

This is an abstract type. Concrete child types:
ALGTypeNSService
EtherTypeNSService
ICMPTypeNSService
IGMPTypeNSService
IPProtocolNSService
L4PortSetNSService

Name Description Type Notes
resource_type The specific type of NSServiceElement string Required
Enum: EtherTypeNSService, IPProtocolNSService, IGMPTypeNSService, ICMPTypeNSService, ALGTypeNSService, L4PortSetNSService

NSServiceGroup (schema)

A Networking and Security Service Group that represents a group of NSServices

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
default_service NSServiceGroups created in the system by default

The default NSServiceGroups are created in the system by default. These
NSServiceGroups can't be modified/deleted
boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
members List of NSService resources that can be added as members
to an NSServiceGroup.
array of ResourceReference Required
Maximum items: 50
resource_type Must be set to the value NSServiceGroup string
service_type Type of the NSServiceGroup string Readonly
Enum: ETHER, NON_ETHER
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

NSServiceGroupDeleteRequestParameters (schema)

NSServiceGroup delete request parameters

Name Description Type Notes
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"

NSServiceGroupListRequestParameters (schema)

NSServiceGroup list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
default_service Fetch all default NSServiceGroups

If set to true, then it will display only default
NSServiceGroups. If set to false, then it will display all those
NSServiceGroups which are not default. If it is not provided,
then complete (default as well as non default) list of
NSServiceGroups will be displayed.
boolean
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

NSServiceGroupListResult (schema)

List result of NSServiceGroups

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged collection of NSServiceGroups array of NSServiceGroup Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NSServiceListRequestParameters (schema)

NSService list request parameters.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
default_service Fetch all default NSServices

If set to true, then it will display only default NSServices. If
set to false, then it will display all those NSServices which are not
default. If it is not provided, then complete (default
as well as non default) list of NSServices will be displayed.
boolean
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

NSServiceListResult (schema)

List result of NSservices

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged collection of NSServices array of NSService Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NSSupportedAttributeTypesResult (schema)

NSSupportedAttributes Types

Name Description Type Notes
attribute_types List of NSSupportedAttributes types array of string Readonly

NSSupportedAttributes (schema)

Supported attributes and sub-attributes for NSProfile

Name Description Type Notes
ns_attributes Collection of supported attributes and sub-attributes

The type represent pre-defined list of supported attributes
and sub-attributes that can be used while creating NSProfile
array of NSAttributes Required

NSSupportedAttributesListRequestParameters (schema)

NSAttributes list request parameters.

Name Description Type Notes
attribute_type Fetch attributes and sub-attributes for the given attribute type

It fetches attributes and subattributes for the given attribute type
supported in the system which can be used for NSProfile creation.
string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

NSSupportedAttributesListResult (schema)

NSSupportedAttributes for supported attributes and sub-attributes

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged collection of NSSupportedAttributes array of NSSupportedAttributes Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NSXProfileReference (schema)

Reference of single NSX profile which need to added in service config profiles

It is a reference to any NSX profile. It comprise of NSX profile type
eg. DFWCPUProfile, CentralConfigProfile etc. and id of profile i.e. target_id

Name Description Type Notes
is_valid Target validity

Will be set to false if the referenced NSX resource has been deleted.		 boolean Readonly
profile_type ProfileType Required
target_display_name Target display name

Display name of the NSX resource.		 string Readonly
Maximum length: 255
target_id Target ID

Identifier of the NSX resource.		 string Maximum length: 64
target_type Target type

Type of the NSX resource.		 string Maximum length: 255

NSXTConnectionInfo (schema)

Credential info to connect to NSXT enforcement type

Name Description Type Notes
edge_cluster_ids Edge Cluster IDs

Edge Cluster UUIDs on enforcement point. Edge cluster information is
required for creating logical L2, L3 constructs on enforcement point.
Max 1 edge cluster ID.
This is a deprecated property. The edge cluster id is now auto
populated from enforcement point and its value can be read using APIs
GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/edge-clusters and
GET /infra/sites/site-id/enforcement-points/enforcementpoint-1/edge-clusters/edge-cluster-id.
The value passed through this property will be ignored.
array of string Deprecated
Maximum items: 1
enforcement_point_address IP Address or hostname of the Enforcement point

Value of this property could be hostname or ip. eg. For NSX-T manager
running on default port the value can be "10.192.1.1", for NSX-T manager
running on custom port value can be "192.168.1.1:32789". For NSX-T
manager in VMC deployments value can have url prefix
eg. "192.168.1.1:5480/nsxapi"
string Required
password Password string
resource_type Must be set to the value NSXTConnectionInfo string Required
Enum: NSXTConnectionInfo, NSXVConnectionInfo, CvxConnectionInfo
thumbprint Thumbprint of Enforcement Point

Thumbprint of EnforcementPoint. sha-256 hash represented in lower case hex.
string
transport_zone_ids Transport Zone IDs

Transport Zone UUIDs on enforcement point. Transport zone information is
required for creating logical L2, L3 constructs on enforcement point.
Max 1 transport zone ID.
This is a deprecated property. The transport zone id is now auto
populated from enforcement point and its value can be read using APIs
GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/transport-zones and
GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/transport-zones/transport-zone-id.
The value passed through this property will be ignored.
array of string Deprecated
Maximum items: 1
username UserName string

NSXVConnectionInfo (schema)

Credential info to connect to NSXV enforcement type

Name Description Type Notes
enforcement_point_address IP Address or hostname of the Enforcement point

Value of this property could be hostname or ip. eg. For NSX-T manager
running on default port the value can be "10.192.1.1", for NSX-T manager
running on custom port value can be "192.168.1.1:32789". For NSX-T
manager in VMC deployments value can have url prefix
eg. "192.168.1.1:5480/nsxapi"
string Required
password Password string Required
resource_type Must be set to the value NSXVConnectionInfo string Required
Enum: NSXTConnectionInfo, NSXVConnectionInfo, CvxConnectionInfo
thumbprint Thumbprint of Enforcement Point

Thumbprint of EnforcementPoint. sha-256 hash represented in lower case hex.
string Required
username UserName string Required

NamedTeamingPolicy (schema)

Uplink Teaming Policy with a name that can be referenced by logical switches

Name Description Type Notes
active_list List of Uplinks used in active list array of Uplink Required
name The name of the uplink teaming policy

An uplink teaming policy of a given name defined in UplinkHostSwitchProfile. The names of all NamedTeamingPolicies in an UplinkHostSwitchProfile must be different, but a name can be shared by different UplinkHostSwitchProfiles. Different TransportNodes can use different NamedTeamingPolicies having the same name in different UplinkHostSwitchProfiles to realize an uplink teaming policy on a logical switch. An uplink teaming policy on a logical switch can be any policy defined by a user; it does not have to be a single type of FAILOVER or LOADBALANCE. It can be a combination of types, for instance, a user can define a policy with name "MyHybridTeamingPolicy" as "FAILOVER on all ESX TransportNodes and LOADBALANCE on all KVM TransportNodes". The name is the key of the teaming policy and can not be changed once assigned.		 string Required
policy Teaming policy string Required
Enum: FAILOVER_ORDER, LOADBALANCE_SRCID, LOADBALANCE_SRC_MAC
standby_list List of Uplinks used in standby list array of Uplink

NatActions (schema)

NAT action types

NAT action types. Please note, the NO_NAT was deprecated. Please use the
alternative NO_SNAT or NO_DNAT.

Name Description Type Notes
NatActions NAT action types

NAT action types. Please note, the NO_NAT was deprecated. Please use the
alternative NO_SNAT or NO_DNAT.
string Enum: SNAT, DNAT, NO_NAT, REFLEXIVE, NO_SNAT, NO_DNAT

NatCounters (schema)

Name Description Type Notes
active_sessions The number of active sessions integer Readonly
total_bytes The number of bytes integer Readonly
total_packets The number of packets integer Readonly

NatFirewallMatch (schema)

The rule how the firewall is applied to a traffic packet

The type indicates how the firewall is applied to a traffic packet.
MATCH_EXTERNAL_ADRESS indicates the firewall will be applied to external address of a NAT rule. For SNAT, the external address is the translated source address after NAT is done. For DNAT, the external address is the original destination address before NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the translated source address after NAT is done; To ingress traffic, the firewall will be applied to the original destination address before NAT is done.
MATCH_INTERNAL_ADDRESS indicates the firewall will be applied to internal address of a NAT rule. For SNAT, the internal address is the original source address before NAT is done. For DNAT, the internal address is the translated destination address after NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the original source address before NAT is done; To ingress traffic, the firewall will be applied to the translated destination address after NAT is done.
BYPASS indicates the firewall stage will be skipped.

Name Description Type Notes
NatFirewallMatch The rule how the firewall is applied to a traffic packet

The type indicates how the firewall is applied to a traffic packet.
MATCH_EXTERNAL_ADRESS indicates the firewall will be applied to external address of a NAT rule. For SNAT, the external address is the translated source address after NAT is done. For DNAT, the external address is the original destination address before NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the translated source address after NAT is done; To ingress traffic, the firewall will be applied to the original destination address before NAT is done.
MATCH_INTERNAL_ADDRESS indicates the firewall will be applied to internal address of a NAT rule. For SNAT, the internal address is the original source address before NAT is done. For DNAT, the internal address is the translated destination address after NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the original source address before NAT is done; To ingress traffic, the firewall will be applied to the translated destination address after NAT is done.
BYPASS indicates the firewall stage will be skipped.		 string Enum: MATCH_EXTERNAL_ADDRESS, MATCH_INTERNAL_ADDRESS, BYPASS

NatRule (schema)

The configuration entity to define a NAT rule

The configuration entity to define a NAT rule. It defines how an ip packet
is matched via source address or/and destination address or/and service(s),
how the address (and/or) port is translated, and how the related firewall
stage is involved or bypassed.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
action NAT rule action type

Valid actions: SNAT, DNAT, NO_SNAT, NO_DNAT, REFLEXIVE. All rules
in a logical router are either stateless or stateful. Mix is not
supported. SNAT and DNAT are stateful, can NOT be supported when
the logical router is running at active-active HA mode; REFLEXIVE
is stateless. NO_SNAT and NO_DNAT have no translated_fields, only
match fields are supported.
NatActions Required
applied_tos List of LogicalRouterPort resources as applied to

Holds the list of LogicalRouterPort Ids that a NAT rule can be applied to. The LogicalRouterPort used must belong to the same LogicalRouter for which the NAT Rule is created. As of now a NAT rule can only have a single LogicalRouterPort as applied_tos. When applied_tos is not set, the NAT rule is applied to all LogicalRouterPorts beloging to the LogicalRouter.		 array of ResourceReference Maximum items: 1
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled enable/disable the rule

Indicator to enable/disable the rule.
boolean Default: "True"
firewall_match The rule how the firewall is applied

Indicate how firewall is applied to a traffic packet. Firewall can be
bypassed, or be applied to external/internal address of NAT rule.

The firewall_match will take priority over nat_pass. If the firewall_match
is not provided, the nat_pass will be picked up.
NatFirewallMatch
id Unique identifier of this resource string Sortable
internal_rule_id Internal NAT rule uuid

Internal NAT rule uuid for debug used in Controller and backend.		 string Readonly
logging Enable/disable the logging of rule

Enable/disable the logging of rule.
boolean Default: "False"
logical_router_id Logical router id

The logical router id which the nat rule runs on.		 string Readonly
match_destination_network match destination network

IP Address | CIDR | (null implies Any)
string
match_service match service

A NSServiceElement that specifies the matching services of source
ports, destination ports, ip protocol version and number, sub protocol
version and number, ICMP type and code, etc.
The match_service can be one of IPProtocolNSService,L4PortSetNSService
or ICMPTypeNSService. REFLEXIVE NAT does not support match_service.
NSServiceElement
(Abstract type: pass one of the following concrete types)
ALGTypeNSService
EtherTypeNSService
ICMPTypeNSService
IGMPTypeNSService
IPProtocolNSService
L4PortSetNSService
match_source_network match source network

IP Address | CIDR | (null implies Any)
string
nat_pass enable/disable to bypass following firewall stage

Default is true. If the nat_pass is set to true, the following firewall
stage will be skipped. Please note, if action is NO_SNAT or NO_DNAT,
then nat_pass must be set to true or omitted.

Nat_pass was deprecated with an alternative firewall_match. Please stop
using nat_pass to specify whether firewall stage is skipped. if you want
to skip, please set firewall_match to BYPASS. If you do not want to skip,
please set the firewall_match to MATCH_EXTERNAL_ADDRESS or
MATCH_INTERNAL_ADDRESS.

Please note, the firewall_match will take priority over the nat_pass.
If both are provided, the nat_pass is ignored. If firewall_match is not
provided while the nat_pass is specified, the nat_pass will still be
picked up. In this case, if nat_pass is set to false, firewall rule will
be applied on internall address of a packet, i.e. MATCH_INTERNAL_ADDRESS.
boolean Deprecated
Default: "True"
resource_type Must be set to the value NatRule string
rule_priority NAT rule priority

Ascending, valid range [0-2147483647]. If multiple rules have the same
priority, evaluation sequence is undefined.
integer Default: "1024"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
translated_network IP Address | IP Range | CIDR

The translated address for the matched IP packet. For a SNAT, it can be
a single ip address, an ip range, or a CIDR block. For a DNAT and
a REFLEXIVE, it can be a single ip address or a CIDR block. Translated
network is not supported for NO_SNAT or NO_DNAT.
string
translated_ports port number or port range. DNAT only

The translated port(s) for the mtached IP packet. It can be a single
port or a port range. Please note, port translating is supported only
for DNAT.
string

NatRuleList (schema)

Name Description Type Notes
rules NAT rules list

Add new NatRules to the list in Bulk creation.
array of NatRule Required
Maximum items: 128

NatRuleListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results NAT rule list results array of NatRule Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NatStatisticsPerLogicalRouter (schema)

Name Description Type Notes
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
logical_router_id Id for the logical router string Required
Readonly
per_transport_node_statistics Detailed per node statistics array of NatStatisticsPerTransportNode Readonly
statistics_across_all_nodes Rolled-up statistics for all rules on the logical router across all the nodes NatCounters Required
Readonly

NatStatisticsPerRule (schema)

Name Description Type Notes
active_sessions The number of active sessions integer Readonly
id The id of the NAT rule. string Required
Readonly
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
logical_router_id The id of the logical router which owns the NAT rule. string Required
Readonly
total_bytes The number of bytes integer Readonly
total_packets The number of packets integer Readonly
warning_message The warning message about the NAT Rule statistics. string Readonly

NatStatisticsPerTransportNode (schema)

Name Description Type Notes
active_sessions The number of active sessions integer Readonly
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
total_bytes The number of bytes integer Readonly
total_packets The number of packets integer Readonly
transport_node_id Id for the transport node string Required
Readonly

NdSnoopingConfig (schema)

ND Snooping Configuration

Contains Neighbor Discovery Protocol (ND) snooping related configuration.

Name Description Type Notes
nd_snooping_enabled Is ND snooping enabled or not

Enable this method will snoop the NS (Neighbor Solicitation) and NA
(Neighbor Advertisement) messages in the ND (Neighbor Discovery Protocol)
family of messages which are transmitted by a VM. From the NS messages,
we will learn about the source which sent this NS message. From the
NA message, we will learn the resolved address in the message which
the VM is a recipient of. Addresses snooped by this method are
subject to TOFU (Trust on First Use) policies as enforced by the system.
boolean Default: "False"
nd_snooping_limit Maximum number of ND (Neighbor Discovery Protocol) bindings

Maximum number of ND (Neighbor Discovery Protocol) snooped IPv6 addresses
int Minimum: 2
Maximum: 15
Default: "3"

NdpHeader (schema)

Neighbor discovery protocol header

Name Description Type Notes
dst_ip The destination IP address

The IP address of the destination of the solicitation. It MUST NOT be a multicast address.		 IPv6Address
msg_type NDP message type

This field specifies the type of the Neighbor discover message being sent. NEIGHBOR_SOLICITATION - Neighbor Solicitation message to discover the link-layer address of an on-link IPv6 node or to confirm a previously determined link-layer address. NEIGHBOR_ADVERTISEMENT - Neighbor Advertisement message in response to a Neighbor Solicitation message.		 string Enum: NEIGHBOR_SOLICITATION, NEIGHBOR_ADVERTISEMENT
Default: "NEIGHBOR_SOLICITATION"

NeighborProperties (schema)

Neighbor properties

Name Description Type Notes
capabilities Capabilities string Readonly
enabled_capabilities Enabled capabilities string Readonly
ifindex Interface index integer Readonly
link_aggregation_capable Aggregation Capability boolean Readonly
link_aggregation_port_id Aggregation port id string Readonly
link_aggregation_status Aggregation Status

True if currently in aggregation		 boolean Readonly
mac Interface MAC address string Readonly
Pattern: "^[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}$"
mgmt_addr Management address string Readonly
name Interface name string Readonly
oid Object identifier string Readonly
port_desc Port description string Readonly
system_desc System description string Readonly
system_name System name string Readonly
system_port_number System port number integer Readonly

NestedExpression (schema)

NestedExpression

Nested expressions is a list of condition expressions that must follow the
below criteria:
0. Only allowed expressions in a NestedExpression are Condition and
ConjunctionOperator.
1. A non-empty expression list, must be of odd size. In a list, with
indices starting from 0, all condition expressions must be at even indices,
separated by the conjunction expressions AND at odd indices.
2. There may be at most 5 condition expressions inside a list.
3. NestedExpressions are homogeneous in nature, i.e, all expressions inside
a nested expression must have the same member type.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
expressions Expression

Expression.		 array of Expression
(Abstract type: pass one of the following concrete types)
Condition
ConjunctionOperator
ExternalIDExpression
IPAddressExpression
IdentityGroupExpression
MACAddressExpression
NestedExpression
PathExpression		 Required
Minimum items: 1
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value NestedExpression string Required
Enum: Condition, ConjunctionOperator, NestedExpression, IPAddressExpression, MACAddressExpression, ExternalIDExpression, PathExpression, IdentityGroupExpression
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

NetworkMigrationSpec (schema) (Deprecated)

Abstract base type for network migration specification

The NetworkMigrationSpec is the base class for any types of network migration
specifications to be handled by transport node.
Note- transport node templates APIs are deprecated and user is
recommended to use transport node profiles APIs instead.
This is an abstract type. Concrete child types:
HostProfileNetworkMigrationSpec

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value NetworkMigrationSpec NetworkMigrationSpecType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

NetworkMigrationSpecListParameters (schema) (Deprecated)

NetworkMigrationSpec List Parameters

Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_system_owned Whether the list result contains system resources boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
type Type of network migration specification. NetworkMigrationSpecType

NetworkMigrationSpecListResult (schema) (Deprecated)

Network migration specification template list result

Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Network migration specification template results array of NetworkMigrationSpec
(Abstract type: pass one of the following concrete types)
HostProfileNetworkMigrationSpec		 Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NetworkMigrationSpecType (schema) (Deprecated)

Supported network migration specification types.

Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.

Name Description Type Notes
NetworkMigrationSpecType Supported network migration specification types.

Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.		 string Deprecated
Enum: HostProfileNetworkMigrationSpec

NetworkMigrationSpecTypeIdEntry (schema) (Deprecated)

Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.

Name Description Type Notes
key the type of the NetworkMigrationSpec NetworkMigrationSpecType Readonly
value the id of the NetworkMigrationSpec string Required

NicInfo (schema)

NIC information

Information of a network interface present on the partner appliance that needs to be configured by the NSX Manager.

Name Description Type Notes
gateway_address Gateway address

Gateway address associated with the NIC metadata.		 string
ip_address IP address

IP address associated with the NIC metadata. Required only when assigning IP statically for a deployment that is for a single VM instance.		 string
ip_allocation_type IP allocation type

IP allocation type with values STATIC, DHCP, or NONE indicating that IP address is not required.		 string Enum: STATIC, DHCP, NONE
ip_pool_id Static IP Pool Id

If the nic should get IP using a static IP pool then IP pool id should be provided here.		 string
network_id Network Id

Network Id associated with the NIC metadata. It can be a moref, or a logical switch ID. If it is to be taken from 'Agent VM Settings', then it should be empty.		 string
nic_metadata NIC metadata

NIC metadata information.		 NicMetadata Required
Readonly
subnet_mask Subnet mask

Subnet mask associated with the NIC metadata.		 string

NicMetadata (schema)

NIC Metadata

Information on the Network interfaces present on the partner appliance that needs to be configured by the NSX Manager.

Name Description Type Notes
interface_index Interface Index

Network Interface index.		 integer Required
Minimum: 0
interface_label Interface label

Network Interface label.		 string Required
interface_type Interface type

Interface that needs to be configured on the partner appliance. Ex. MANAGEMENT, DATA1, DATA2, HA1, HA2, CONTROL.		 string Required
Enum: MANAGEMENT, DATA1, DATA2, HA1, HA2, CONTROL
transports Transport Type

Transport Type of the service, which is the mechanism of redirecting the traffic to the the partner appliance. Transport type is required if Service caters to any functionality other than EPP. Here, the transports array specifies the kinds of transport where this particular NIC is user configurable. If nothing is specified, and the "user_configurable" flag is true, then user configuration will be allowed for all transports. If any transport is/are specified, then it will be considered as user configurable for the specified transports only."		 array of string Enum: L2_BRIDGE, L3_ROUTED, NSH
Minimum items: 0
Maximum items: 3
user_configurable Required Configuration

Used to specify if the given interface needs configuration. Management nics will always need the configuration, for others it will be use case specific. For example, a DATA NIC may be user configurable if the appliance is deployed in certain mode, such as L3_ROUTED.		 boolean

NiocProfile (schema)

Profile for Nioc

This profile is created for Network I/O Control(NIOC).

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Enabled status of NIOC feature

The enabled property specifies the status of NIOC feature.
When enabled is set to true, NIOC feature is turned on and
the bandwidth allocations specified for the traffic resources
are enforced. When enabled is set to false, NIOC feature
is turned off and no bandwidth allocation is guaranteed.
By default, enabled will be set to true.
boolean Default: "True"
host_infra_traffic_res Resource allocation associated with NiocProfile

host_infra_traffic_res specifies bandwidth allocation for
various traffic resources.
array of ResourceAllocation
id Unique identifier of this resource string Sortable
required_capabilities array of string Readonly
resource_type Must be set to the value NiocProfile HostSwitchProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

NoRestRequestParameters (schema)

Parameter definition for requests that do not allow parameters.

Name Description Type Notes
NoRestRequestParameters Parameter definition for requests that do not allow parameters. object

Node (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
discovered_ip_addresses Discovered IP Addresses of the fabric node, version 4 or 6 array of IPAddress Readonly
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id ID of the Node maintained on the Node and used to recognize the Node string
fqdn Fully qualified domain name of the fabric node string Readonly
id Unique identifier of this resource string Sortable
ip_addresses IP Addresses of the Node, version 4 or 6

IP Addresses of the Node, version 4 or 6. This property is mandatory for all nodes except for
automatic deployment of edge virtual machine node. For automatic deployment, the ip address from
management_port_subnets property will be considered.
array of IPAddress
resource_type Must be set to the value Node string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

NodeActionParameters (schema) (Deprecated)

Fabric node action parameters

Fabric node action parameters

Name Description Type Notes
action Supported fabric node actions

For EdgeNode, the supported actions are enter_maintenance_mode, exit_maintenance_mode.
string Enum: enter_maintenance_mode, exit_maintenance_mode, get_maintenance_mode_state
evacuate_powered_off_vms Evacuate powered-off vms

Indicates whether to evacuate powered-off vms while entering maintenance
mode.
boolean Readonly
Default: "False"
vsan_mode Vsan decommission mode

Vsan decommission mode to be used while entering maintenance mode.
string Readonly
Enum: evacuate_all_data, ensure_object_accessibility, no_action
Default: "ensure_object_accessibility"

NodeAuthProviderVidmProperties (schema)

Node AAA provider vIDM properties

Name Description Type Notes
client_id vIDM client id string Required
client_secret vIDM client secret string
host_name Fully Qualified Domain Name(FQDN) of vIDM string Required
lb_enable Load Balancer enable flag boolean
node_host_name host name of the node redirected to

host name to use when creating the redirect URL for clients to follow after authenticating to vIDM		 string Required
thumbprint vIDM certificate thumbprint

Hexadecimal SHA256 hash of the vIDM server's X.509 certificate		 string Required
vidm_enable vIDM enable flag boolean

NodeAuthProviderVidmStatus (schema)

Node AAA provider vIDM status

Name Description Type Notes
runtime_state AAA provider vIDM status string Required
vidm_enable vIDM enable flag boolean Required

NodeCapabilitiesResult (schema)

List of capabilities of a fabric node

Name Description Type Notes
capabilities Node capability results array of NodeCapability Required

NodeCapability (schema)

Capability of a fabric node

Name Description Type Notes
description Description of this capability that can be displayed in UI string Required
Readonly
key String that identifies the base capability for all nodes string Required
Readonly
provider Provider of this capability for the node string Required
Readonly
value Value of this capability string Required
Readonly
version Version of the capability int Required
Readonly

NodeCertificateInfo (schema)

Name Description Type Notes
certificate Certificate content string
certificate_sha256_thumbprint SHA256 of certificate string
entity_type Entity type of this certificate NsxEntity

NodeEntityInfo (schema)

Name Description Type Notes
entity_type Entity type of this service endpoint NsxEntity
ip_address IP address of service provider string
port Port number of service provider integer Minimum: 0
Maximum: 65535

NodeFileSystemProperties (schema)

File system properties

Name Description Type Notes
file_system File system id string Readonly
mount File system mount string Readonly
total File system size in kilobytes integer Readonly
type File system type string Readonly
used Amount of file system used in kilobytes integer Readonly

NodeHttpServiceProperties (schema)

Node HTTP service properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
service_name Service name string Required
service_properties HTTP Service properties HttpServiceProperties

NodeIdServicesMap (schema)

Name Description Type Notes
node_id NodeId string Required
Maximum length: 255
service_types list of ServiceTypes array of ServiceType Required

NodeInfo (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
component_version Component version of the node string Required
Readonly
display_name Name of the node string Required
Readonly
id UUID of node

Identifier of the node		 string Required
Readonly
type Node type string Required
Readonly

NodeInfoListRequestParameters (schema)

Name Description Type Notes
component_type Component type based on which nodes will be filtered string
component_version Component version based on which nodes will be filtered string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

NodeInfoListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of Nodes array of NodeInfo Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NodeInstallUpgradeServiceProperties (schema)

Node install-upgrade service properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
service_name Service name string Required
service_properties install-upgrade Service properties InstallUpgradeServiceProperties

NodeInterfaceAlias (schema)

Node network interface alias

Name Description Type Notes
broadcast_address Interface broadcast address IPAddress Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$"
ip_address Interface IP address IPAddress Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$"
ip_configuration Interface configuration string Enum: dhcp, static, not configured
netmask Interface netmask string Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$"
physical_address Interface MAC address MACAddress

NodeInterfaceProperties (schema)

Node network interface properties

Name Description Type Notes
admin_status Interface administration status string Enum: UP, DOWN
backing_nsx_managed Indicates whether backing of VIRTUAL network interface is managed by NSX boolean
connected_switch Connected switch string
ens_capable Interface capability for Enhanced Networking Stack boolean
ens_enabled Indicates whether interface is enabled for Enhanced Networking Stack boolean
host_managed Indicates whether interface is managed by the host boolean
interface_alias IP Alias array of NodeInterfaceAlias
interface_id Interface ID string
interface_type Interface Type string Enum: PHYSICAL, VIRTUAL
link_status Interface administration status string Enum: UP, DOWN
lport_attachment_id LPort Attachment Id assigned to VIRTUAL network interface of a node string
mtu Interface MTU integer
source Source of status data DataSourceType

NodeInterfacePropertiesListResult (schema)

Node network interface properties list results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Node interface property results array of NodeInterfaceProperties Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NodeInterfaceStatisticsProperties (schema)

Node network interface statistic properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
interface_id Interface ID string
rx_bytes Number of bytes received integer
rx_dropped Number of packets dropped integer
rx_errors Number of receive errors integer
rx_frame Number of framing errors integer
rx_packets Number of packets received integer
source Source of status data. DataSourceType
tx_bytes Number of bytes transmitted integer
tx_carrier Number of carrier losses detected integer
tx_colls Number of collisions detected integer
tx_dropped Number of packets dropped integer
tx_errors Number of transmit errors integer
tx_packets Number of packets transmitted integer

NodeListRequestParameters (schema)

Node list parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
discovered_node_id Id of the discovered node which was converted to create this node string
display_name HostNode display name string
external_id HostNode external id string
hardware_id Hardware Id of the host

HardwareId of the host is used to get fabric node on reboot.		 string
hypervisor_os_type HostNode's Hypervisor type, for example ESXi, RHEL KVM or UBUNTU KVM. string Enum: ESXI, RHELKVM, UBUNTUKVM, HYPERV, RHELCONTAINER, CENTOSCONTAINER, RHELSERVER, UBUNTUSERVER, CENTOSSERVER, CENTOSKVM, SLESKVM, SLESSERVER
included_fields Comma separated list of fields that should be included in query result string
ip_address Management IP address of the node string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
resource_type Node type from 'HostNode', 'EdgeNode', 'PublicCloudGatewayNode' string Enum: HostNode, EdgeNode, PublicCloudGatewayNode
sort_ascending boolean
sort_by Field by which records are sorted string

NodeListResult (schema)

Node list result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Node list results array of Node
(Abstract type: pass one of the following concrete types)
EdgeNode
HostNode
Node
PublicCloudGatewayNode		 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NodeLogProperties (schema)

Node log properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
last_modified_time Last modified time expressed in milliseconds since epoch EpochMsTimestamp Readonly
log_name Name of log file string Readonly
log_size Size of log file in bytes integer Readonly

NodeLogPropertiesListResult (schema)

Node log property query results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Node log property results array of NodeLogProperties Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NodeMessagingClientInfo (schema)

Name Description Type Notes
clients A list of messaging clients owned by this entity array of MessagingClientInfo
entity_type Entity type of this messaging client NsxEntity

NodeMode (schema)

Stub for Nsx node modes

Possible values of a mode in a "/config/nsx_appliance_mode" file

Name Description Type Notes
mode_id Nsx node mode

Possible enum values in a "/config/nsx_appliance_mode" file		 string Required
Enum: ON_PREM, SERVICE, VMC, VMC_LOCAL

NodeNameServersProperties (schema)

Node network name servers properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
name_servers Name servers array of string Required
Maximum items: 3

NodeNetworkInterfaceProperties (schema)

Node network interface properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
admin_status Interface administration status string Readonly
Enum: up, down
bond_mode Bond mode string Enum: ACTIVE_BACKUP, 802_3AD, ROUND_ROBIN, BROADCAST, XOR, TLB, ALB
bond_primary Bond's primary device name in active-backup bond mode string
bond_slaves Bond's slave devices array of string
broadcast_address Interface broadcast address string Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$"
default_gateway Interface's default gateway string Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$"
interface_id Interface ID string Required
Readonly
ip_addresses Interface IP addresses array of IPv4AddressProperties Maximum items: 1
ip_configuration Interface configuration string Required
Enum: dhcp, static, not configured
is_kni Interface is a KNI boolean Readonly
link_status Interface administration status string Readonly
Enum: up, down
mtu Interface MTU integer
physical_address Interface MAC address string Readonly
Pattern: "^[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}$"
plane Interface plane string Enum: mgmt, debug, none
vlan VLAN Id integer Readonly
Minimum: 1
Maximum: 4094

NodeNetworkInterfacePropertiesListResult (schema)

Node network interface properties list results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Node network interface property results array of NodeNetworkInterfaceProperties Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NodeNetworkProperties (schema)

Network configuration properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly

NodeNtpServiceProperties (schema)

Node NTP service properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
service_name Service name string Required
service_properties NTP Service properties NtpServiceProperties

NodePolicyServiceProperties (schema)

Node service properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
service_name Service name string Required
service_properties Service properties LoggingServiceProperties

NodeProcessProperties (schema)

Node process properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cpu_time CPU time (user and system) consumed by process in milliseconds integer Readonly
mem_resident Resident set size of process in bytes integer Readonly
mem_used Virtual memory used by process in bytes integer Readonly
pid Process id integer Readonly
ppid Parent process id integer Readonly
process_name Process name string Readonly
start_time Process start time expressed in milliseconds since epoch EpochMsTimestamp Readonly
uptime Milliseconds since process started integer Readonly

NodeProcessPropertiesListResult (schema)

Node process property query results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Node process property results array of NodeProcessProperties Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NodeProperties (schema)

Node properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cli_timeout NSX CLI inactivity timeout, set to 0 to configure no timeout integer Minimum: 0
export_type Export restrictions in effect, if any string Readonly
Enum: RESTRICTED, UNRESTRICTED
fully_qualified_domain_name Fully qualified domain name string Readonly
hostname Host name or fully qualified domain name of node SystemHostname
kernel_version Kernel version string Readonly
motd Message of the day to display when users login to node using the NSX CLI string or null
node_version Node version string Readonly
product_version Product version string Readonly
system_datetime System date time in UTC DatetimeUTC
system_time Current time expressed in milliseconds since epoch EpochMsTimestamp Readonly
timezone Timezone string

NodeProtonServiceProperties (schema)

Node service properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
service_name Service name string Required
service_properties Service properties LoggingServiceProperties

NodeRouteProperties (schema)

Node network route properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
destination Destination covered by route string
from_address From address string Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$"
gateway Address of next hop string Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$"
interface_id Network interface id of route string
metric Metric value of route string
netmask Netmask of destination covered by route string Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$"
proto Routing protocol identifier of route string Enum: unspec, redirect, kernel, boot, static, gated, ra, mrt, zebra, bird, dnrouted, xorp, ntk, dhcp
Default: "boot"
route_id Unique identifier for the route string Readonly
route_type Route type string Required
Enum: default, static, blackhole, prohibit, throw, unreachable
scope Scope of destinations covered by route string
src Source address to prefer when sending to destinations of route string Pattern: "^[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}\.[\d]{1,3}$"

NodeRoutePropertiesListResult (schema)

Node network route properties list results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Node route property results array of NodeRouteProperties Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NodeSearchDomainsProperties (schema)

Node network search domains properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
search_domains Search domains array of string Required

NodeServiceProperties (schema)

Node service properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
service_name Service name string Required

NodeServicePropertiesListResult (schema)

Node service property query results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Node service property results array of NodeServiceProperties Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NodeServiceStatusProperties (schema)

Node service status properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
health Service health in addition to runtime_state string Readonly
monitor_pid Service monitor process id integer Readonly
monitor_runtime_state Service monitor runtime state string Readonly
Enum: running, stopped
pids Service process ids array of integer Readonly
runtime_state Service runtime state string Readonly
Enum: running, stopped

NodeSnmpServiceProperties (schema)

Node SNMP service properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
service_name Service name string Required
service_properties SNMP Service properties SnmpServiceProperties Required

NodeSnmpV3EngineID (schema)

SNMP V3 Engine Id

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
service_name Service name string Required
v3_engine_id SNMP v3 engine id string Required

NodeSshServiceProperties (schema)

Node SSH service properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
service_name Service name string Required
service_properties SSH Service properties SshServiceProperties

NodeStatus (schema)

Runtime status information of the fabric node.

Name Description Type Notes
external_id HostNode external id string
host_node_deployment_status Install/Uninstall status of deployment.

This enum specifies the current nsx install state for host node or
current deployment and ready state for edge node.
The ready status 'NODE_READY' indicates whether edge node is
ready to become a transport node.
The status 'EDGE_CONFIG_ERROR' indicates that edge hardware or underlying
host is not supported. After all fabric level operations are done for an
edge node, this value indicates transport node related configuration
issues and state as relevant.
string Readonly
Enum: NOT_PREPARED, INSTALL_IN_PROGRESS, INSTALL_FAILED, INSTALL_SUCCESSFUL, UNINSTALL_IN_PROGRESS, UNINSTALL_FAILED, UNINSTALL_SUCCESSFUL, UNINSTALL_SCHEDULED, UPGRADE_IN_PROGRESS, UPGRADE_FAILED, PENDING_UPGRADE, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, HOST_DISCONNECTED, POWERED_OFF, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_NETWORK_EDIT_PENDING, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED
inventory_sync_paused Is true if inventory sync is paused else false boolean Readonly
inventory_sync_reenable_time Inventory sync auto re-enable target time, in epoch milis EpochMsTimestamp Readonly
last_heartbeat_timestamp Timestamp of the last heartbeat status change, in epoch milliseconds. EpochMsTimestamp Readonly
last_sync_time Timestamp of the last successful update of Inventory, in epoch milliseconds. EpochMsTimestamp Readonly
lcp_connectivity_status Indicates the fabric node's LCP<->CCP channel connectivity status, UP, DOWN, DEGRADED, UNKNOWN. string Readonly
Enum: UP, DOWN, DEGRADED, UNKNOWN
Default: "UNKNOWN"
lcp_connectivity_status_details Details, if any, about the current LCP<->CCP channel connectivity status of the fabric node. array of ControlConnStatus Readonly
Default: "[]"
maintenance_mode Indicates the fabric node's status of maintenance mode, OFF, ENTERING, ON, EXITING. string Readonly
Enum: OFF, ENTERING, ON, EXITING
mpa_connectivity_status Indicates the fabric node's MP<->MPA channel connectivity status, UP, DOWN, UNKNOWN. string Readonly
Enum: UP, DOWN, UNKNOWN
mpa_connectivity_status_details Details, if any, about the current MP<->MPA channel connectivity status of the fabric node. string Readonly
software_version Software version of the fabric node. string Readonly
system_status Node status properties NodeStatusProperties Readonly

NodeStatusListResult (schema)

Node Status list result

Name Description Type Notes
results Node Status list results array of NodeStatus Required

NodeStatusProperties (schema)

Node status properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cpu_cores Number of CPU cores on the system integer Readonly
file_systems File systems configured on the system array of NodeFileSystemProperties Readonly
load_average One, five, and fifteen minute load averages for the system array of number Readonly
mem_cache Amount of RAM on the system that can be flushed out to disk, in kilobytes integer Readonly
mem_total Amount of RAM allocated to the system, in kilobytes integer Readonly
mem_used Amount of RAM in use on the system, in kilobytes integer Readonly
source Source of status data. DataSourceType Readonly
swap_total Amount of disk available for swap, in kilobytes integer Readonly
swap_used Amount of swap disk in use, in kilobytes integer Readonly
system_time Current time expressed in milliseconds since epoch EpochMsTimestamp Readonly
uptime Milliseconds since system start integer Readonly

NodeSummary (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
component_version Component version string Required
Readonly
node_count Count of nodes

Number of nodes of the type and at the component version		 int Required
Readonly
type Node type string Required
Readonly

NodeSummaryList (schema)

Name Description Type Notes
results List of Node Summary array of NodeSummary Required

NodeSyslogExporterProperties (schema)

Node syslog exporter properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
exporter_name Syslog exporter name string Required
facilities Facilities to export array of SyslogFacility
level Logging level to export string Required
Enum: EMERG, ALERT, CRIT, ERR, WARNING, NOTICE, INFO, DEBUG
msgids MSGIDs to export array of string
port Port to export to integer Minimum: 1
Maximum: 65535
Default: "514"
protocol Export protocol string Required
Enum: TCP, TLS, UDP, LI, LI-TLS
server IP address or hostname of server to export to HostnameOrIPv4Address Required
structured_data Structured data to export array of string
tls_ca_pem CA certificate PEM of TLS server to export to string
tls_cert_pem Certificate PEM of the rsyslog client string
tls_client_ca_pem CA certificate PEM of the rsyslog client string
tls_key_pem Private key PEM of the rsyslog client string

NodeSyslogExporterPropertiesListResult (schema)

Node syslog exporter list results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Node syslog exporter results array of NodeSyslogExporterProperties Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NodeTime (schema)

Node system time in UTC

Node system time in UTC

Name Description Type Notes
system_datetime Datetime string in UTC DatetimeUTC Required

NodeUserProperties (schema)

Node user properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
full_name Full name for the user string
last_password_change Number of days since password was last changed integer Readonly
Minimum: 0
Maximum: 2147483647
old_password Old password for the user (required on PUT if password specified) string
password Password for the user (optionally specified on PUT, unspecified on GET) string
password_change_frequency Number of days password is valid before it must be changed

Number of days password is valid before it must be changed. This can be set to 0 to indicate no password change is required or a positive integer up to 9999. By default local user passwords must be changed every 90 days.		 integer Minimum: 0
Maximum: 9999
status User status

Status of the user. This value can be ACTIVE indicating authentication attempts will be successful if the correct credentials are specified. The value can also be PASSWORD_EXPIRED indicating authentication attempts will fail because the user's password has expired and must be changed. Or, this value can be NOT_ACTIVATED indicating the user's password has not yet been set and must be set before the user can authenticate.		 string Readonly
Enum: ACTIVE, PASSWORD_EXPIRED, NOT_ACTIVATED
userid Numeric id for the user integer Readonly
Minimum: 0
Maximum: 2147483647
username User login name (must be "root" if userid is 0) string Minimum length: 1
Maximum length: 32
Pattern: "^[a-zA-Z][a-zA-Z0-9@-_.\-]*$"

NodeUserPropertiesListResult (schema)

Node users list results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of node users array of NodeUserProperties Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NodeUserSettings (schema)

Name Description Type Notes
audit_password Node audit user password

Password for the node audit user. For deployment,
this property is required. After deployment, this property is ignored, and
the node cli must be used to change the password.
The password specified must be at least 12 characters in length and must
contain at least one lowercase, one uppercase, one numeric character and
one special character (except quotes). Passwords based on dictionary words
and palindromes are invalid.
string Pattern: "^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[~`!@#$%^&*)(\-_\+\=}{\]\[|:;,?\.><])[A-Za-z\d~`!@#$%^&*)(\-_\+\=}{\]\[\|:;,?\.><]{12,}$"
audit_username CLI "audit" username

The default username is "audit". To configure username, you must provide
this property together with audit_password. Username must contain
ASCII characters only.
string Pattern: "^[\x00-\x7F]+$"
cli_password Node cli password

Password for the node cli user. For deployment,
this property is required. After deployment, this property is ignored, and
the node cli must be used to change the password.
The password specified must be at least 12 characters in length and must
contain at least one lowercase, one uppercase, one numeric character and
one special character (except quotes). Passwords based on dictionary words
and palindromes are invalid.
string Pattern: "^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[~`!@#$%^&*)(\-_\+\=}{\]\[|:;,?\.><])[A-Za-z\d~`!@#$%^&*)(\-_\+\=}{\]\[\|:;,?\.><]{12,}$"
cli_username CLI "admin" username

To configure username, you must provide this property together with
cli_password. Username must contain ASCII characters only.
string Pattern: "^[\x00-\x7F]+$"
Default: "admin"
root_password Node root user password

Password for the node root user. For deployment,
this property is required. After deployment, this property is ignored, and
the node cli must be used to change the password.
The password specified must be at least 12 characters in length and must
contain at least one lowercase, one uppercase, one numeric character and
one special character (except quotes). Passwords based on dictionary words
and palindromes are invalid.
string Pattern: "^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[~`!@#$%^&*)(\-_\+\=}{\]\[|:;,?\.><])[A-Za-z\d~`!@#$%^&*)(\-_\+\=}{\]\[\|:;,?\.><]{12,}$"

NodeVersion (schema)

Name Description Type Notes
node_version Node version string Readonly
product_version Product version string Readonly

NormalizationListRequestParameters (schema)

Normalization list request parameters.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
preferred_normalization_type Type to which the resource is to be normalized.

Type to which the resource needs to be normalized. Multiple types
can be passed by repeating the parameter. The order in which the
types are passed is honored and decides to which type the resource is
normalized. The resource is normalized to the first type in the list
to which it can be normalized.

For example, consider an NSGroup NS1 that has an LSwitch LS1. Assume
that NS1 is being normalized to a list of translated entities
[LSwitch, LPort]. As LSwitch is the first translated entity to which
NSGroup can be translated, the translation will return a list having
the LSwitch LS1.

Normalization is supported from NSGroup to NSGroup, LogicalSwitch,
LogicalPort, IPSets and MACSets.
NormalizationTargetType Required
resource_id Identifier of the resource on which normalization is to be performed string Required
resource_type Type of the resource for which normalization is to be performed NormalizationSourceType Required
sort_ascending boolean
sort_by Field by which records are sorted string

NormalizationSourceType (schema)

Resource type valid for use as source in normalization API.

Name Description Type Notes
NormalizationSourceType Resource type valid for use as source in normalization API. string Enum: NSGroup

NormalizationTargetType (schema)

Resource type valid for use as target in normalization API.

Name Description Type Notes
NormalizationTargetType Resource type valid for use as target in normalization API. string Enum: NSGroup, IPSet, MACSet, LogicalSwitch, LogicalPort, DirectoryGroup

NormalizedResourceListResult (schema)

Paged Collection of normalized resources

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Normalized resource list results array of ResourceReference Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

Notification (schema)

Name Description Type Notes
notification_id A string identifying feature_name.notification_name

A string identifying feature_name.notification_name to indicate a notification watcher is interested in receiving notifications for the URI identified by the feature_name.notification_name.		 string
uri_filters Optional list of URIs array of string

NotificationAuthenticationScheme (schema)

NotificationAuthenticationScheme describes how notification requests should authenticate to the server.

Name Description Type Notes
certificate_id Valid certificate ID

Certificate ID with a valid certificate and private key, procured from trust-management API.		 string
password Password for authentication

Password to use if scheme_name is BASIC_AUTH.		 string
scheme_name Authentication scheme to use when making notification requests

Authentication scheme to use when making notification requests to the partner/customer specified watcher. Specify one of BASIC_AUTH or CERTIFICATE.		 string Required
Enum: BASIC_AUTH, CERTIFICATE
username Username for authentication

Username to use if scheme_name is BASIC_AUTH.		 string

NotificationWatcher (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
authentication_scheme Scheme to authenticate requests sent to the server

A NotificationAuthenticationScheme that describes how notification requests should authenticate to the server.		 NotificationAuthenticationScheme Required
certificate_sha256_thumbprint SHA256 thumbprint of the HTTPS certificate

Contains the hex-encoded SHA256 thumbprint of the HTTPS certificate. It must be specified if use_https is set to true.		 string
description Description associated with this notification watcher

Optional description that can be associated with this NotificationWatcher.		 string
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Identifier to identify a notification watcher uniquely

System generated identifier to identify a notification watcher uniquely.
string Readonly
max_send_uri_count Optional maximum number of notification URIs batched in a single notification request

If the number of notification URIs accumulated in specified send_interval exceeds max_send_uri_count, then multiple notification requests (each with max_send_uri_count or less number of notification URIs) will be sent to this NotificationWatcher. The default value is 5000.		 integer Minimum: 1
Maximum: 5000
Default: "5000"
method Type of method notification requests should be made on the server

Type of method notification requests should be made on the specified server. The value must be set to POST.		 string Required
Enum: POST
port Integer port value to specify a non-standard HTTP or HTTPS port

Optional integer port value to specify a non-standard HTTP or HTTPS port.		 integer Minimum: 0
Maximum: 65535
resource_type Must be set to the value NotificationWatcher string
send_interval Optional time interval for which notification URIs will be accumulated

Optional time interval (in seconds) for which notification URIs will be accumulated. At the end of the time interval the accumulated notification URIs will be sent to this NotificationWatcher in the form of zero (nothing accumulated) or more notification requests as soon as possible. If it is not specified, the NotificationWatcher should expected to receive notifications at any time.		 integer Minimum: 30
send_timeout Optional time period within which response for a notification request should be received from this NotificationWatcher

Optional time duration (in seconds) to specify request timeout to notification watcher. If the send reaches the timeout, will try to send refresh_needed as true in the next time interval. The default value is 30 seconds.		 integer Minimum: 1
Default: "30"
server IP address or fully qualified domain name of watcher

IP address or fully qualified domain name of the partner/customer watcher.		 string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
uri URI notification requests should be made on the server

URI notification requests should be made on the specified server.		 string Required
use_https Flag to indicate if REST API server should use HTTPS

Optional field, when set to true indicates REST API server should use HTTPS.		 boolean Default: "False"

NotificationWatcherListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of notification watchers array of NotificationWatcher Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NotificationsList (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
notifications array of Notification
resource_type Must be set to the value NotificationsList string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

NsLookupParameters (schema)

The parameters of nslookup

The parameters for DNS nslookup.

Name Description Type Notes
address IP address or FQDN for nslookup

IP address or FQDN for this lookup
string
server_ip Target server used for this lookup

If absent, the underlying DNS forwarder will be used as the target
server. And the answer could be cached by the forwarder if it was not
cached yet. If provided, the query will go directly to the given server.
You will need to ensure this address represents a workable and reachale
DNS server. The answer will not be cached by the forwarder unless this
server_ip is exactly the same listener ip of the forwarder.
IPv4Address
source_ip Source ip used for this lookup

Source ip used for this lookup. If absent, the listener ip of the
underlying DNS forwarder will be used as the source ip. If provided, you
will need to ensure this source ip is valid and can be routed back to
the transport node via data plane
IPv4Address

NsxEntity (schema)

Name Description Type Notes
NsxEntity string Enum: HTTP, DATASTORE, MANAGER, POLICY, CONTROLLER

NsxManagerAccount (schema)

NSX Manager Account Structure

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fqdn Fully Qualified Domain Name string
id Unique identifier of this resource string Sortable
password Password of the NSX Manager Account string
private_ip Private IP Address of the NSX Manager Account string
public_ip Public IP Address of the NSX Manager Account string
resource_type Must be set to the value NsxManagerAccount string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tenant_id Tenant ID of the NSX Manager account string
thumbprint Thumb print of the NSX Manager Account string
token One time access token for Nsx Manager registration

This field can be used for using one time access token for Nsx Manager
registration.
string
username Username of the NSX Manager Account string Required

NsxManagerAccountsListResult (schema)

NSX Manager Accounts list

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results NSX Manager Accounts list array of NsxManagerAccount
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

NsxRole (schema)

Role

Name Description Type Notes
permissions Permissions

Please use the /user-info/permissions api to get the permission that the user has on each feature.		 array of string Deprecated
Enum: read-api, read-write-api, crud, read, execute, none
role Role name string Required
Enum: read_only_api_users, read_write_api_users, enterprise_admin, auditor, network_engineer, network_op, security_engineer, security_op, lb_admin, lb_auditor, cloud_service_admin, cloud_service_auditor, site_reliability_engineer, site_reliability_auditor, cloud_admin, cloud_auditor

NsxSecurityRuleErrorDetails (schema)

NSX Security Rule Error

Stores information about a NSX security rule error.

Name Description Type Notes
error_id Error ID

ID of the error.		 string Readonly
error_message Error Message

Detailed message about the error.		 string Readonly
rule_id Rule ID

ID of the NSX security rule.		 string Readonly

NsxTDNSForwarderStatistics (schema)

Statistics counters of the DNS forwarder

The current statistics counters of the DNS forwarder including cache usages
and query numbers per forwarders, on an NSX-T type of enforcement point.

Name Description Type Notes
cached_entries The total number of cached entries integer Readonly
conditional_forwarder_statistics The statistics of conditional forwarder zones array of NsxTDNSForwarderZoneStatistics Readonly
Minimum items: 0
Maximum items: 5
configured_cache_size The configured cache size, in kb integer Readonly
default_forwarder_statistics The statistics of default forwarder zone NsxTDNSForwarderZoneStatistics Readonly
enforcement_point_path Enforcement point path

Policy path referencing the enforcement point from where the statistics are fetched.
string Readonly
queries_answered_locally The total number of queries answered from local cache integer Readonly
queries_forwarded The total number of forwarded DNS queries integer Readonly
resource_type Must be set to the value NsxTDNSForwarderStatistics string Required
Enum: NsxTDNSForwarderStatistics
timestamp Time stamp of the current statistics, in ms EpochMsTimestamp Readonly
total_queries The total number of received DNS queries integer Readonly
used_cache_statistics The statistics of used cache array of NsxTPerNodeUsedCacheStatistics Readonly
Minimum items: 0
Maximum items: 2

NsxTDNSForwarderStatus (schema)

The current runtime status of DNS forwarder

The current runtime status of the DNS forwarder.

Name Description Type Notes
enforcement_point_path Enforcement point path

Policy path referencing the enforcement point from where the status is fetched.
string Readonly
extra_message Extra message, if available string Readonly
resource_type Must be set to the value NsxTDNSForwarderStatus string Required
Enum: NsxTDNSForwarderStatus
status UP means the DNS forwarder is working correctly on the active transport
node and the stand-by transport node (if present). Failover will occur
if either node goes down.
DOWN means the DNS forwarder is down on both active transport node and
standby node (if present). The DNS forwarder does not function in this
situation.
Error means there is some error on one or both transport node, or no
status was reported from one or both transport nodes. The DNS forwarder
may be working (or not working).
NO_BACKUP means DNS forwarder is working in only one transport node,
either because it is down on the standby node, or no standby is configured.
An forwarder outage will occur if the active node goes down.
string Readonly
Enum: UP, DOWN, ERROR, NO_BACKUP, UNKNOWN
timestamp Time stamp of the current status, in ms EpochMsTimestamp Readonly

NsxTDNSForwarderZoneStatistics (schema)

Statistics counters of the DNS forwarder zone

Statistics counters of the DNS forwarder zone.

Name Description Type Notes
domain_names Domain names configured for the forwarder

Domain names configured for the forwarder. Empty if this is the
default forwarder.
array of string Readonly
Minimum items: 0
Maximum items: 100
upstream_statistics Statistics per upstream server. array of NsxTUpstreamServerStatistics Readonly
Minimum items: 0
Maximum items: 3

NsxTDnsAnswer (schema)

Answer of dns nslookup

Name Description Type Notes
authoritative_answers Authoritative answers array of NsxTDnsQueryAnswer Minimum items: 1
Maximum items: 256
dns_server Dns server information

Dns server ip address and port, format is "ip address#port".
string Required
edge_node_id Edge node id

ID of the edge node that performed the query.
string Required
enforcement_point_path Enforcement point path

Policy path referencing the enforcement point from where the
DNS forwarder nslookup answer is fetched.
string Readonly
non_authoritative_answers Non authoritative answers array of NsxTDnsQueryAnswer Minimum items: 1
Maximum items: 256
raw_answer Raw message returned from the dns forwarder

It can be NXDOMAIN or error message which is not consisted of
authoritative_answer or non_authoritative_answer.
string
resource_type Must be set to the value NsxTDnsAnswer string Required
Enum: NsxTDnsAnswer

NsxTDnsQueryAnswer (schema)

Answer of nslookup

Name Description Type Notes
address Matched ip address

Resolved IP address matched with the nslookup address provided
as a request parameter.
string
name Matched name

Matched name of the given address.
string

NsxTPerNodeUsedCacheStatistics (schema)

Per node used cache query statistics counters

Query statistics counters of used cache from node

Name Description Type Notes
cached_entries The total number of cached entries integer Readonly
node_id UUID of active/standby transport node string Readonly
used_cache_size The memory size used in cache, in kb integer Readonly

NsxTUpstreamServerStatistics (schema)

Upstream server query statistics counters

Query statistics counters to an upstream server including successfully
forwarded queries and failed queries.

Name Description Type Notes
queries_failed Queries failed to forward. integer Readonly
queries_succeeded Queries forwarded successfully integer Readonly
upstream_server Upstream server ip IPAddress Readonly

NtpServiceProperties (schema)

NTP Service properties

Name Description Type Notes
servers NTP servers array of HostnameOrIPv4Address Required
start_on_boot Start NTP service when system boots boolean Default: "True"

Oauth2Credentials (schema)

Oauth2 Account Credentials

Name Description Type Notes
client_id Client ID

Client ID, that will be used for authentication in AWS environment,		 string Required
client_secret Client Secret

Client secret, that will be used for authentication in AWS environment. Can be some passphrase.		 string Required

ObjectRolePermissionGroup (schema)

RBAC Objects qualifier

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
inheritance_disabled Does children of this object inherit this rule boolean Default: "False"
operation Allowed operation string Enum: crud, read, execute, none
path_prefix Path prefix string Required
resource_type Must be set to the value ObjectRolePermissionGroup string
role_name Role name string Required
rule_disabled Is rule disabled or not boolean Default: "False"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ObjectRolePermissionGroupListRequestParameters (schema)

RBAC Objects qualifier

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
inheritance_disabled Does children of this object inherit this rule boolean Default: "False"
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
path_prefix Path prefix string
role_name Role name string
sort_ascending boolean
sort_by Field by which records are sorted string

ObjectRolePermissionGroupListResult (schema)

Paged collection of RBAC Objects

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results ObjectRolePermissionGroup list results array of ObjectRolePermissionGroup Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

OperationCollector (schema)

The operation collector is defined to receive stats from hosts. (eg. vRNI-collector collects all the system metrics)

Name Description Type Notes
collector_ip IP address for the operation collector

IP address for the operation collector.		 IPAddress Required
collector_port Port for the operation collector

Port for the operation collector.		 int Required
Minimum: 0
Maximum: 65535

OperationCollectorGlobalConfig (schema)

NSX global configs for operation collector

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
collectors Operation Collector Config

Operation Collector Config.		 array of OperationCollector
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value OperationCollectorGlobalConfig GlobalConfigType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

OrgInfo (schema)

Organization ID and role

Organization ID and role, predefined for a particular type of VMware support.

Name Description Type Notes
org_id Org ID

Organization ID, connected to a predefined role of a VMware support.		 string Required
org_role Org role

Predefined role of a VMware support.		 string Required

OwnerResourceLink (schema)

Link to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.

Name Description Type Notes
action Optional action string Readonly
href Link to resource string Required
Readonly
rel Link relation type

Custom relation type (follows RFC 5988 where appropriate definitions exist)		 string Required
Readonly

PBRInsertParameters (schema)

Parameters that indicate where rule/section need to be added All the params take rule/section Id

Name Description Type Notes
id Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'. string Maximum length: 64
operation Operation string Enum: insert_top, insert_bottom, insert_after, insert_before
Default: "insert_top"

PBRListRequestParameters (schema)

Parameters to filter list of sections/rules

Pagination and Filtering parameters to get only a subset of sections/rules.

Name Description Type Notes
applied_tos AppliedTo's referenced by this section or section's Distributed Service Rules .

Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
destinations Destinations referenced by this section's Distributed Service Rules .

The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
filter_type Filter type

Filter type defines matching criteria to qualify a rule in result. Type
'FILTER' will ensure all criterias (sources, destinations, services,
extended sources, context profiles, appliedtos) are matched. Type
'SEARCH' will match any of the given criteria.
string Enum: FILTER, SEARCH
Default: "FILTER"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
services NSService referenced by this section's Distributed Service Rules .

Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
sort_ascending boolean
sort_by Field by which records are sorted string
sources Sources referenced by this section's Distributed Service Rules .

The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string

PBRRule (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_owner Owner of this resource OwnerResourceLink Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
action Action

Action enforced on the packets which matches the PBR rule.		 string Required
Enum: ROUTE_TO_UNDERLAY_NAT, ROUTE_TO_OVERLAY_NAT, ROUTE_TO_UNDERLAY, ROUTE_TO_OVERLAY, ROUTE_FROM_OVERLAY, ROUTE_FROM_UNDERLAY
applied_tos AppliedTo List

List of object where rule will be enforced. field overrides this one. Null will be treated as any.		 array of ResourceReference Maximum items: 128
description Description of this resource string Maximum length: 1024
Sortable
destinations Destination List

List of the destinations. Null will be treated as any.		 array of ResourceReference Maximum items: 128
disabled Rule enable/disable flag

Flag to disable rule. Disabled will only be persisted but never provisioned/realized.		 boolean Default: "False"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Identifier of the resource string Readonly
logged Enable logging flag

Flag to enable packet logging. Default is disabled.		 boolean Default: "False"
notes Notes

User notes specific to the rule.		 string Maximum length: 2048
resource_type Must be set to the value PBRRule string
rule_tag Tag

User level field which will be printed in CLI and packet logs.		 string Maximum length: 32
services Service List

List of the services. Null will be treated as any.		 array of PBRService Maximum items: 128
sources Source List

List of sources. Null will be treated as any.		 array of ResourceReference Maximum items: 128

PBRRuleList (schema)

Name Description Type Notes
rules List of the PBR rules

List of PBR rules in the section.		 array of PBRRule Required
Maximum items: 1000

PBRRuleListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results PBR rule list result

PBR rule list result with pagination support.		 array of PBRRule Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PBRSection (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value PBRSection string
rule_count Rule count

Number of rules in this section.		 integer Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PBRSectionFilterParameters (schema)

Parameters to filter section from list of sections

Pagination and Filtering parameters to get only a subset of sections.

Name Description Type Notes
applied_tos AppliedTo's referenced by this section or section's Distributed Service Rules .

Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
destinations Destinations referenced by this section's Distributed Service Rules .

The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
exclude_applied_to_type Limit result to sections not having a specific AppliedTo type

Used to filter out sections not having a specified AppliedTo target type. This parameter cannot be used along with include_applied_to_type parameter. Section filter only takes a single value for this param.		 DSAppliedToType
filter_type Filter type

Filter type defines matching criteria to qualify a rule in result. Type
'FILTER' will ensure all criterias (sources, destinations, services,
extended sources, context profiles, appliedtos) are matched. Type
'SEARCH' will match any of the given criteria.
string Enum: FILTER, SEARCH
Default: "FILTER"
include_applied_to_type Limit result to sections having a specific AppliedTo type

Used to filter out results based on target type of a section's AppliedTo. Only sections with matching target type in its applied to will be returned. This parameter cannot be used along with exclude_applied_to_type parameter.Section filter only takes a single value for this param.		 DSAppliedToType
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
services NSService referenced by this section's Distributed Service Rules .

Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
sort_ascending boolean
sort_by Field by which records are sorted string
sources Sources referenced by this section's Distributed Service Rules .

The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string

PBRSectionListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Section list

List of the PBR sections.		 array of PBRSection Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PBRSectionQueryParameters (schema)

Section query parameters

Name Description Type Notes
cascade Flag to cascade delete of this object to all it's child objects. boolean Default: "False"

PBRSectionRuleList (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value PBRSectionRuleList string
rule_count Rule count

Number of rules in this section.		 integer Readonly
rules List of the PBR rules

List of PBR rules in the section.		 array of PBRRule Required
Maximum items: 1000
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PBRService (schema)

PBR Service element

Type to define services associated with every rule

Name Description Type Notes
is_valid Target validity

Will be set to false if the referenced NSX resource has been deleted.		 boolean Readonly
service Distributed Service Network and Security Service element

Distributed Service API accepts raw protocol and ports as part of NS service element
in Distributed Service Rule that describes traffic corresponding to an NSService.
NSServiceElement
(Abstract type: pass one of the following concrete types)
ALGTypeNSService
EtherTypeNSService
ICMPTypeNSService
IGMPTypeNSService
IPProtocolNSService
L4PortSetNSService
target_display_name Target display name

Display name of the NSX resource.		 string Readonly
Maximum length: 255
target_id Target ID

Identifier of the NSX resource.		 string Maximum length: 64
target_type Target type

Type of the NSX resource.		 string Maximum length: 255

PBRStats (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
byte_count Bytes count

Aggregated number of bytes processed by the rule.		 integer Readonly
packet_count Packets count

Aggregated number of packets processed by the rule.		 integer Readonly
rule_id PBR Rule ID

Rule Identifier of the PBR rule. This is a globally unique number.		 string Readonly

PBRStatsList (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results PBR rules stats

List of rule statistics.		 array of PBRStats Readonly
section_id PBR Section ID

PBR section identifier.		 string Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PackageLoggingLevels (schema)

Name Description Type Notes
logging_level Logging levels per package string Enum: OFF, FATAL, ERROR, WARN, INFO, DEBUG, TRACE
package_name Package name string

PacketAddressClassifier (schema)

Address classifications for a packet

A packet is classified to have an address binding, if its address
configuration matches with all user specified properties.

Name Description Type Notes
ip_address A single IP address or a subnet, e.g. x.x.x.x or x.x.x.x/y IPElement
mac_address A single MAC address MACAddress
vlan VlanID

PacketCaptureOption (schema)

Packet capture option

The option is used to filter data on given node.

Name Description Type Notes
name Packet capture option name

The avaiable option names in the enum can be used to filter the capture data.		 string Enum: ETHTYPE, MAC, SRCMAC, DSTMAC, VLAN, IP, SRCIP, DSTIP, IPPROTO, PORT, SRCPORT, DSTPORT, VNI, IPPROTO6, IP6, SRCIP6, DSTIP6
value Packet capture option value

Define the capture value according to the given capture option.		 string

PacketCaptureOptionList (schema)

List of packet capture options

List of packet capture options to filter data in capture process.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly
values Packet capture option collection

Packet capture option collection		 array of PacketCaptureOption

PacketCaptureRequest (schema)

Packet capture request information

This type is used to create packet request on give node. Need to specify related parameters according to the capture point.

Name Description Type Notes
capamount Packet capture amount

Define the packet capture amount size.		 int
capduration Packet capture duration time in seconds

Define the packet capture duration time. After the capture duration time, the capture process will stop working.		 int
capfilesize Packet capture file size limit

Define the packet capture file size limit.		 int
capmode Packet Capture streaming mode

Define the capture streaming mode. The STREAM mode will send the data to given stream address and port. And the STANDALONE mode will save the capture file in local folder.		 string Enum: STANDALONE, STREAM
cappoint Packet capture point

Define the point to capture data.		 string Required
Enum: VNIC, VMKNIC, VMNIC, VDRPORT, DVFILTER, LOGICALPORT, FCPORT, VIF
caprate Packet capture rate

Define the rate of packet capture process.		 int
capsnaplen Packet capture snapshot length

Limit the number of bytes captured from each packet.		 int
capsource Packet capture source type

This type is used to differenite the incoming request from CLI/UI.		 string Required
Enum: CLI, UI
capvalue Packet capture point value

Define the capture value of given capture point.		 string
direction Packet capture direction type

Define the capture direction. Support three types INPUT/OUTPUT/DUAL.		 string Enum: INPUT, OUTPUT, DUAL
filtertype Packet capture dvfilter stage type

Define the capture filter type. Support PRE/POST mode.		 string Enum: PRE, POST
node Packet capture node id

Define the transport node to capture data.		 string
node_ip Packet capture node ip

Define the transport node to capture data.		 IPAddress
options Packet capture options

Define the packet capture additional options to filter the capture data.		 PacketCaptureOptionList
streamaddress Packet capture Streaming address

Set the stream address to receive the capture packet.		 string
streamport Packet capture Streaming port

Set the stream port to receive the capture packet. The STREAM mode is based on GRE-in-UDP Encapsulation(RFC8086). Packets are sent to UDP port 4754.		 int

PacketCaptureSession (schema)

Packet capture response information

Packet capture session information.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
endtime End time in epoch millisecond

Timestamp when session was stopped in epoch millisecond.		 EpochMsTimestamp
errormsg Error messasge in capture

Error messasge in capture.		 string
filelocation Packet capture file location

Packet capture file location.		 string
filesize Packet capture file Size in bytes

Packet capture file Size in bytes.		 int
id Unique identifier of this resource string Sortable
request Packet capture request

Packet capture request information.		 PacketCaptureRequest Required
resource_type Must be set to the value PacketCaptureSession string
sessionid Packet capture session id

Packet capture session id.		 string Required
sessionname Packet capture session name

Packet capture session name.		 string
sessionstatus Packet capture session status

Packet capture session status.		 string Required
Enum: CREATED, STARTED, STOPPED, FINISHED, ERROR
starttime Start time in epoch millisecond

Timestamp when session was created in epoch millisecond.		 EpochMsTimestamp
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PacketCaptureSessionList (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Total capture session count integer Required
results Packet capture list for all sessoins array of PacketCaptureSession
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PacketData (schema)

This is an abstract type. Concrete child types:
BinaryPacketData
FieldsPacketData

Name Description Type Notes
frame_size Requested total size of the (logical) packet in bytes

If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message. The frame will be zero padded to the requested size.		 integer Minimum: 60
Maximum: 1000
Default: "128"
resource_type Packet configuration string Required
Enum: BinaryPacketData, FieldsPacketData
Default: "FieldsPacketData"
routed A flag, when set true, indicates that the traceflow packet is of L3 routing. boolean
transport_type transport type of the traceflow packet string Enum: BROADCAST, UNICAST, MULTICAST, UNKNOWN
Default: "UNICAST"

PacketTypeAndCounter (schema)

Name Description Type Notes
counter The number of packets. integer Required
packet_type The type of the packets string Required

PacketsDroppedBySecurity (schema)

Name Description Type Notes
bpdu_filter_dropped The number of packets dropped by "BPDU filter". integer
dhcp_client_dropped_ipv4 The number of IPv4 packets dropped by "DHCP client block". integer
dhcp_client_dropped_ipv6 The number of IPv6 packets dropped by "DHCP client block". integer
dhcp_server_dropped_ipv4 The number of IPv4 packets dropped by "DHCP server block". integer
dhcp_server_dropped_ipv6 The number of IPv6 packets dropped by "DHCP server block". integer
spoof_guard_dropped The packets dropped by "Spoof Guard"; supported packet types are IPv4, IPv6, ARP, ND, non-IP. array of PacketTypeAndCounter

PasswordAuthenticationScheme (schema)

Name Description Type Notes
password Password to authenticate with string Required
scheme_name Authentication scheme name string Required
Enum: password
username User name to authenticate with string Required
Pattern: "^.+$"

PatchResources (schema)

Patch Resources

Patch Resources is an action to create/patch resources in response to an event.

Name Description Type Notes
body Body

Patch body representing a Hierarchical Patch payload. The resources included in the body
are patched replacing the injections' keys with their actual values.
object Required
injections Injections

Injections holding keys (variables) and their corresponding values.		 array of Injection Minimum items: 1
resource_type Must be set to the value PatchResources string Required
Enum: PatchResources, SetFields

PathExpression (schema)

Path expression node

Represents policy path expressions in the form of an array, to support addition of objects like groups, segments and policy logical ports in a group.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
paths Array of policy paths

This array can consist of one or more policy paths. Only policy paths of groups, segments and policy logical ports are allowed.		 array of string Required
Minimum items: 1
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PathExpression string Required
Enum: Condition, ConjunctionOperator, NestedExpression, IPAddressExpression, MACAddressExpression, ExternalIDExpression, PathExpression, IdentityGroupExpression
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PathPermissionGroup (schema)

RBAC Objects qualifier

Name Description Type Notes
object_path Full Object Path string Required
operation Allowed operation string Required
Enum: crud, read, execute, none

PemFile (schema)

Name Description Type Notes
file file data multipart_file Required

PendingChange (schema)

Name Description Type Notes
request_id Request_id of the API change

Request identifier of the API which modified the entity.		 string

PerForwarderStatistics (schema)

Per-forwarder query statistics counters

Query statistics counters of a forwarder identified by domain names.

Name Description Type Notes
domain_names Domain names configured for the forwarder

Domain names configured for the forwarder. Empty if this is the
default forwarder.
array of string Readonly
Minimum items: 0
Maximum items: 100
upstream_statistics Statistics per upstream server. array of PerUpstreamServerStatistics Readonly
Minimum items: 0
Maximum items: 3

PerNodeDnsFailedQueries (schema)

The list of failed DNS queries per transport node

The list of the failed DNS queries with entry count and timestamp.
The entry count is for per active/standby transport node.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
node_id Uuid of active/standby transport node

The Uuid of active/standby transport node.		 string Required
Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of failed DNS queries

The list of failed DNS queries.		 array of DnsFailedQuery Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly
timestamp Timestamp of the request

Timestamp of the request, in YYYY-MM-DD HH:MM:SS.zzz format.		 string Required
Readonly

PerNodeUsedCacheStatistics (schema)

Per-node used cache query statistics counters

Query statistics counters of used cache from node

Name Description Type Notes
cached_entries The total number of cached entries integer Readonly
node_id Uuid of active/standby transport node string Readonly
used_cache_size The memory size used in cache, in kb integer Readonly

PerStepRestoreStatus (schema)

Restore step status

Name Description Type Notes
description A description of the restore status string Required
Readonly
value Per step restore status value string Required
Readonly
Enum: INITIAL, RUNNING, SUSPENDED_BY_USER, SUSPENDED_FOR_USER_ACTION, FAILED, SUCCESS

PerUpstreamServerStatistics (schema)

Per-upstream server query statistics counters

Query statistics counters to an upstream server including successfully
forwarded queries and failed queries.

Name Description Type Notes
queries_failed Queries failed to forward. integer Readonly
queries_succeeded Queries forwarded successfully integer Readonly
upstream_server Upstream server ip IPAddress Readonly

PersistenceProfileType (schema)

persistence profile type

Source-ip persistence ensures all connections from a client (identified by
IP address) are sent to the same backend server for a specified period.
Cookie persistence allows related client connections, identified by the
same cookie in HTTP requests, to be redirected to the same server.
Generic persistence profile cannot be attached to virtual servers directly.
It can only be consumed by load balancer rule actions:
LbVariablePersistenceOnAction and LbVariablePersistenceLearnAction.

Name Description Type Notes
PersistenceProfileType persistence profile type

Source-ip persistence ensures all connections from a client (identified by
IP address) are sent to the same backend server for a specified period.
Cookie persistence allows related client connections, identified by the
same cookie in HTTP requests, to be redirected to the same server.
Generic persistence profile cannot be attached to virtual servers directly.
It can only be consumed by load balancer rule actions:
LbVariablePersistenceOnAction and LbVariablePersistenceLearnAction.
string Enum: LbCookiePersistenceProfile, LbSourceIpPersistenceProfile, LbGenericPersistenceProfile

Pnic (schema)

Physical NIC specification

Name Description Type Notes
device_name device name or key string Required
uplink_name Uplink name for this Pnic. This name will be used to reference this Pnic in other configurations. string Required

PnicBondFilter (schema)

pNIC/bond status

pNIC/bond statuses

Name Description Type Notes
status pNic/bond status

Status of pNIC/bond		 string Enum: UNKNOWN, UP, DOWN, DEGRADED

PnicBondStatus (schema)

pNIC/bond status

pNIC/bond statuses

Name Description Type Notes
name pNIC/bond name

Name of the pNIC/bond		 string
status pNic/bond status

Status of pNIC/bond		 string Enum: UNKNOWN, UP, DOWN, DEGRADED
type Object type

type, whether the object is a pNIC or a bond		 string Enum: UNKNOWN_TYPE, PNIC, BOND

PnicBondStatusListResult (schema)

pNIC status list container

This object contains reference to list of pNIC/bond statuses

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of pNIC/bond statuses

List of pNIC statuses belonging to the transport node		 array of PnicBondStatus
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PnicMirrorDestination (schema)

Name Description Type Notes
dest_pnics Physical NIC device names to which to send the mirrored packets array of string Required
Minimum items: 1
Maximum items: 3
node_id Transport node to which to send the mirrored packets string Required
resource_type Must be set to the value PnicMirrorDestination MirrorDestinationResourceType Required

PnicMirrorSource (schema)

Name Description Type Notes
encapsulated Whether to filter encapsulated packet. boolean Required
Default: "False"
node_id Transport node identifier for the pnic located. string Required
resource_type Must be set to the value PnicMirrorSource MirrorSourceResourceType Required
source_pnics Source physical NIC device names array of string Required
Minimum items: 1

PointDefinition (schema)

Definition of a point of graph

Defines the point of a graph.

Name Description Type Notes
drilldown_id Id of drilldown widget

Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.		 string
field Expression for points of the graph

An expression that represents the points of the graph		 string Required
navigation Navigation to a specified UI page

Hyperlink of the specified UI page that provides details.		 string Maximum length: 1024
tooltip Multi-line tooltip

Multi-line text to be shown on tooltip while hovering over the point of a graph.		 array of Tooltip Minimum items: 0
x_value Variable chosen for X value of the point of the graph

Represents the variable for the X value of points that are plotted on the graph.		 string Required
y_value Variable chosen for Y value of the point of the graph

Represents the variable for the Y value of points that are plotted on the graph.		 string Required

Policy (schema)

Contains ordered list of Rules

Ordered list of Rules. This object is created by default along with the Domain.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
category A way to classify a security policy, if needed.

- Distributed Firewall -
Policy framework provides five pre-defined categories for classifying
a security policy. They are "Ethernet","Emergency", "Infrastructure"
"Environment" and "Application". There is a pre-determined order in
which the policy framework manages the priority of these security
policies. Ethernet category is for supporting layer 2 firewall rules.
The other four categories are applicable for layer 3 rules. Amongst
them, the Emergency category has the highest priority followed by
Infrastructure, Environment and then Application rules. Administrator
can choose to categorize a security policy into the above categories
or can choose to leave it empty. If empty it will have the least
precedence w.r.t the above four categories.
- Edge Firewall -
Policy Framework for Edge Firewall provides six pre-defined categories
"Emergency", "SystemRules", "SharedPreRules", "LocalGatewayRules",
"AutoServiceRules" and "Default", in order of priority of rules.
All categories are allowed for Gatetway Policies that belong
to 'default' Domain. However, for user created domains, category is
restricted to "SharedPreRules" or "LocalGatewayRules" only. Also, the
users can add/modify/delete rules from only the "SharedPreRules" and
"LocalGatewayRules" categories. If user doesn't specify the category
then defaulted to "Rules". System generated category is used by NSX
created rules, for example BFD rules. Autoplumbed category used by
NSX verticals to autoplumb data path rules. Finally, "Default" category
is the placeholder default rules with lowest in the order of priority.
string
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
comments SecurityPolicy lock/unlock comments

Comments for security policy lock/unlock.		 string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
lock_modified_by User who locked the security policy

ID of the user who last modified the lock for the secruity policy.
string Readonly
lock_modified_time SecuirtyPolicy locked/unlocked time

SecurityPolicy locked/unlocked time in epoch milliseconds.		 EpochMsTimestamp Readonly
locked Lock a security policy

Indicates whether a security policy should be locked. If the
security policy is locked by a user, then no other user would
be able to modify this security policy. Once the user releases
the lock, other users can update this security policy.
boolean Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Policy string
scope The list of group paths where the rules in this policy will get
applied. This scope will take precedence over rule level scope.
Supported only for security policies.
array of string Maximum items: 128
sequence_number Sequence number to resolve conflicts across Domains

This field is used to resolve conflicts between security policies
across domains. In order to change the sequence number of a policy
one can fire a POST request on the policy entity with
a query parameter action=revise
The sequence number field will reflect the value of the computed
sequence number upon execution of the above mentioned POST request.
For scenarios where the administrator is using a template to update
several security policies, the only way to set the sequence number is
to explicitly specify the sequence number for each security policy.
int Minimum: 0
stateful Stateful nature of the entries within this security policy.

Stateful or Stateless nature of security policy is enforced on all
rules in this security policy. When it is stateful, the state of
the network connects are tracked and a stateful packet inspection is
performed.
Layer3 security policies can be stateful or stateless. By default, they are stateful.
Layer2 security policies can only be stateless.
boolean
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_strict Enforce strict tcp handshake before allowing data packets

Ensures that a 3 way TCP handshake is done before the data packets
are sent.
tcp_strict=true is supported only for stateful security policies.
boolean

PolicyAlarmResource (schema)

Alarm base class of realized policy object

Alarm base class of realized policy object

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
error_details Detailed information about errors from an API call made to the enforcement point, if any. PolicyApiError
id Unique identifier of this resource string Sortable
message error message to describe the issue string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyAlarmResource string
source_reference path of the object on which alarm is created string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyAlarmResourceListRequestParameters (schema)

PolicyAlarmResource list request parameters

PolicyAlarmResource list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyAlarmResourceListResult (schema)

PolicyAlarmResource list result

PolicyAlarmResource list result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of PolicyAlarmResources

List of alarm resources		 array of PolicyAlarmResource
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyApiError (schema)

Detailed information about an API Error

Name Description Type Notes
details Further details about the error string
error_code A numeric error code integer
error_data Additional data about the error object
error_message A description of the error string
module_name The module name where the error occurred string
related_errors Other errors related to this error array of PolicyRelatedApiError

PolicyAttributes (schema)

Policy Attributes data holder

Name Description Type Notes
datatype Datatype for attribute string Required
Enum: STRING
description Description for attribute value string
isALGType Is the value ALG type

Describes whether the APP_ID value is ALG type or not.		 boolean
key Key for attribute string Required
Enum: APP_ID, DOMAIN_NAME
sub_attributes Reference to sub attributes for the attribute array of PolicySubAttributes
value Value for attribute key

Multiple attribute values can be specified as elements of array.
array of string Required
Minimum items: 1

PolicyBasedIPSecVPNSession (schema)

Policy based VPN session

A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Enable/Disable IPSec VPN session

Enable/Disable IPSec VPN session.		 boolean Default: "True"
id Unique identifier of this resource string Sortable
ipsec_vpn_service_id IPSec VPN service identifier

Identifier of VPN Service linked with local endpoint.		 string Readonly
local_endpoint_id Local endpoint identifier

Local endpoint identifier.		 string Required
peer_endpoint_id Peer endpoint identifier

Peer endpoint identifier.		 string Required
policy_rules Policy rules array of IPSecVPNPolicyRule Required
resource_type Must be set to the value PolicyBasedIPSecVPNSession IPSecVPNSessionResourceType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_mss_clamping TcpMssClamping

PolicyBasedIPSecVpnSession (schema)

Policy based VPN session

A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
authentication_mode Authentication Mode

Peer authentication mode.
PSK - In this mode a secret key shared between local and
peer sites is to be used for authentication. The secret
key can be a string with a maximum length of 128 characters.
CERTIFICATE - In this mode a certificate defined at the
global level is to be used for authentication.
string Enum: PSK, CERTIFICATE
Default: "PSK"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
compliance_suite Compliance suite

Compliance suite.
string Enum: CNSA, SUITE_B_GCM_128, SUITE_B_GCM_256, PRIME, FOUNDATION, FIPS, NONE
connection_initiation_mode Connection initiation mode

Connection initiation mode used by local endpoint to
establish ike connection with peer site.
INITIATOR - In this mode local endpoint initiates
tunnel setup and will also respond to incoming tunnel
setup requests from peer gateway.
RESPOND_ONLY - In this mode, local endpoint shall only
respond to incoming tunnel setup requests. It shall not
initiate the tunnel setup.
ON_DEMAND - In this mode local endpoint will initiate
tunnel creation once first packet matching the policy
rule is received and will also respond to incoming
initiation request.
string Enum: INITIATOR, RESPOND_ONLY, ON_DEMAND
Default: "INITIATOR"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
dpd_profile_path Dead peer detection (DPD) profile path

Policy path referencing Dead Peer Detection (DPD) profile. Default is set to system default profile.		 string
enabled Enable/Disable IPSec VPN session

Enable/Disable IPSec VPN session.		 boolean Default: "True"
id Unique identifier of this resource string Sortable
ike_profile_path Internet key exchange (IKE) profile path

Policy path referencing IKE profile to be used. Default is set according to system default profile.		 string
local_endpoint_path Local endpoint path

Policy path referencing Local endpoint.		 string Required
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
peer_address IPV4 address of peer endpoint on remote site

Public IPV4 address of the remote device terminating the VPN connection.		 string Required
peer_id Peer id

Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer.		 string Required
psk Pre-shared key

IPSec Pre-shared key. Maximum length of this field is 128 characters.		 string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyBasedIPSecVpnSession IPSecVpnSessionResourceType Required
rules Rules array of IPSecVpnRule Required
Minimum items: 1
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_mss_clamping TCP MSS Clamping

TCP Maximum Segment Size Clamping Direction and Value.
TcpMaximumSegmentSizeClamping
tunnel_profile_path IPSec tunnel profile path

Policy path referencing Tunnel profile to be used. Default is set to system default profile.		 string

PolicyBasedL3VpnSession (schema) (Deprecated)

Policy based L3Vpn Session

A Policy-based L3Vpn session is a configuration in which a specific vpn tunnel is
referenced in a policy whose action is set as tunnel.

Name Description Type Notes
resource_type Must be set to the value PolicyBasedL3VpnSession L3VpnSessionResourceType Required
rules L3Vpn Rules

L3Vpn rules that are specific to the L3Vpn. Only L3Vpn rules with PROTECT action
are supported.
array of L3VpnRule

PolicyComplianceStatus (schema)

Name Description Type Notes
last_updated_time Timestamp of last update EpochMsTimestamp Readonly
non_compliant_configs List of non compliant configuration and impacted services array of PolicyNonCompliantConfig Readonly

PolicyConfigResource (schema)

Represents an object on the desired state

Represents an object on the desired state.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyConfigResource string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyContextProfile (schema)

Policy Context Profile entity

An entity that encapsulates attributes and sub-attributes of various
network services (eg. L7 services, domain name, encryption algorithm)
The entity will be consumed in firewall rules and can be added in new
tuple called profile in firewall rules. To get a list of supported
attributes and sub-attributes fire the following REST API
GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
attributes Array of Policy Context Profile attributes

Property containing attributes/sub-attributes for Policy Context Profile.
array of PolicyAttributes Required
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyContextProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyContextProfileDeleteRequestParameters (schema)

Policy Context Profile delete request parameters

Name Description Type Notes
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"

PolicyContextProfileListRequestParameters (schema)

Policy Context Profile list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyContextProfileListResult (schema)

List result of PolicyContextProfiles

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged collection of PolicyContextProfiles array of PolicyContextProfile Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyDHGroup (schema) (Deprecated)

Diffie-Hellman groups

Diffie-Hellman groups represent algorithm used to derive shared keys between
IPSec VPN initiator and responder over an unsecured network.
GROUP2 uses 1024-bit Modular Exponentiation (MODP) group.
GROUP5 uses 1536-bit MODP group.
GROUP14 uses 2048-bit MODP group.
GROUP15 uses 3072-bit MODP group.
GROUP16 uses 4096-bit MODP group.

Name Description Type Notes
PolicyDHGroup Diffie-Hellman groups

Diffie-Hellman groups represent algorithm used to derive shared keys between
IPSec VPN initiator and responder over an unsecured network.
GROUP2 uses 1024-bit Modular Exponentiation (MODP) group.
GROUP5 uses 1536-bit MODP group.
GROUP14 uses 2048-bit MODP group.
GROUP15 uses 3072-bit MODP group.
GROUP16 uses 4096-bit MODP group.
string Deprecated
Enum: GROUP2, GROUP5, GROUP14, GROUP15, GROUP16

PolicyDnsAnswerPerEnforcementPoint (schema)

NSLookup answer per enforcement point

DNS forwarder nslookup answer per enforcement point.

Name Description Type Notes
enforcement_point_path Enforcement point path

Policy path referencing the enforcement point from where the
DNS forwarder nslookup answer is fetched.
string Readonly
resource_type Resource type

Resource type of the DNS forwarder nslookup answer.
string Required
Enum: NsxTDnsAnswer

PolicyDnsForwarder (schema)

DNS Forwarder

Used to configure DNS Forwarder

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
conditional_forwarder_zone_paths Path of conditional DNS zones

Max of 5 DNS servers can be configured		 array of string Maximum items: 5
default_forwarder_zone_path Path of the default DNS zone.

This is the zone to which DNS requests are forwarded by default
string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled DNS forwarder enabled flag

The flag, which suggests whether the DNS forwarder is enabled or
disabled. The default is True.
boolean Default: "True"
id Unique identifier of this resource string Sortable
listener_ip IP on which the DNS Forwarder listens.

This is the IP on which the DNS Forwarder listens.
IPv4Address Required
log_level Log level of the dns forwarder

Set log_level to DISABLED will stop dumping fowarder log.
string Enum: DEBUG, INFO, WARNING, ERROR, FATAL
Default: "INFO"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyDnsForwarder string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyDnsForwarderZone (schema)

DNS Forwarder Zone

Used to configure zones on DNS Forwarder

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
dns_domain_names List of domain names

List of domain names on which conditional forwarding is based. This
field is required if the DNS Zone is being used for a conditional
forwarder. This field will also be used for conditional reverse lookup.
Example 1, if for one of the zones, one of the entries in the fqdn is
example.com, all the DNS requests under the domain example.com will
be served by the corresponding upstream DNS server.
Example 2, if for one of the zones, one of the entries in the fqdn
list is "13.12.30.in-addr.arpa", reverse lookup for 30.12.13.0/24 will
go to the corresponding DNS server.
array of string
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyDnsForwarderZone string
source_ip Source IP used by DNS Forwarder zone

The source IP used by the DNS Forwarder zone.
IPv4Address
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
upstream_servers DNS servers to which the DNS request needs to be forwarded

Max of 3 DNS servers can be configured		 array of IPv4Address Required
Maximum items: 3

PolicyDnsForwarderZoneListRequestParameters (schema)

DNS Forwarder Zone list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyDnsForwarderZoneListResult (schema)

Paged Collection of DNS Forwarder Zones

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Dns Forwarder Zone list results array of PolicyDnsForwarderZone Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyDraft (schema)

Policy draft

A draft which stores the system generated as well as user intended changes
in a hierarchical body format.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
is_auto_draft Auto draft flag

Flag to indicate whether draft is auto created.
True indicates that the draft is an auto draft.
False indicates that the draft is a manual draft.
boolean Readonly
Default: "False"
lock_comments Policy draft lock/unlock comments

Comments for a policy draft lock/unlock.		 string
lock_modified_by User who locked a policy draft

ID of the user who last modified the lock for a policy draft.
string Readonly
lock_modified_time Policy draft locked/unlocked time

Policy draft locked/unlocked time in epoch milliseconds.		 EpochMsTimestamp Readonly
locked Lock a policy draft

Indicates whether a draft should be locked. If the draft is locked by
an user, then no other user would be able to modify or publish this
draft. Once the user releases the lock, other users can then modify
or publish this draft.
boolean Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
ref_draft_path Path of an existing draft for reference

When specified, a manual draft will be created w.r.t. the specified
draft. If not specified, manual draft will be created w.r.t. the
current published configuration.
For an auto draft, this will always be null.
string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyDraft string
system_area Configuration changes tracked by the system

Configuration changes against the current configuration,
tracked by the system.
The value is stored in a hierarchical body format.
Infra Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
user_area User defined configuration changes

These are user defined configuration changes, which are applicable only
in case of manual drafts. During the publish of a draft, system_area
changes gets applied first, and then these changes.
The value must be in a hierarchical body format.
Infra

PolicyDraftListRequestParameters (schema)

Policy draft list request parameters

Request parameters to be passed while listing policy drafts.

Name Description Type Notes
auto_drafts Fetch list of draft based on is_auto_draft flag

If set to true, then only auto drafts will be get fetched.
If set to false, then only manual drafts will be get fetched.
If not set, then all drafts will be get fetched.
boolean
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyDraftListResult (schema)

Paged collection of policy drafts

This holds the list of policy drafts.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Policy drafts list results

Paginated list of policy drafts.
array of PolicyDraft Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyEdgeCluster (schema)

Edge Cluster

Policy manager periodically reads edge clusters from enforcement point and
corresponding read-only intent objects are auto-created.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
nsx_id UUID of edge cluster on enforcement point

UUID of edge cluster on enforcement point.		 string Readonly
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyEdgeCluster string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyEdgeClusterListRequestParameters (schema)

Edge Cluster list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyEdgeClusterListResult (schema)

Paged Collection of Edge Cluster

Paged Collection of Edge Cluster

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Edge Cluster array of PolicyEdgeCluster Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyEdgeNode (schema)

Edge Node

Policy manager periodically reads edge nodes from enforcement point and
corresponding read-only intent objects are auto-created.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
member_index Member index of edge node in edge cluster

Member index of edge node in edge cluster.		 integer Readonly
nsx_id UUID of edge node on enforcement point

UUID of edge node on enforcement point.		 string Readonly
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyEdgeNode string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyEdgeNodeListRequestParameters (schema)

Edge Node list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyEdgeNodeListResult (schema)

Paged Collection of Edge Node

Paged Collection of Edge Node

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Edge Node array of PolicyEdgeNode Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyExcludeList (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
members ExcludeList member list

List of the members in the exclude list		 array of string Required
Maximum items: 100
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyExcludeList string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyFineTuningResourceInfo (schema)

Contains the detail of resources with name and fields

It represent the resource with details of name and fields it owns.

Name Description Type Notes
fields List of all field of any resource array of PolicyFineTuningResourceInfoDetail Required
resource_name Resource name

It will represent resource with name and fields.
string Required

PolicyFineTuningResourceInfoDetail (schema)

Contains the details resources with field type and name

Contains the details of resource field

Name Description Type Notes
field_name Resource name

It will represent resource with name and fields.
string Required
sub_type List of all field of any resource PolicyFineTuningResourceInfo Required

PolicyFirewallFloodProtectionProfileBindingMap (schema)

Policy DFW Flood Protection Profile binding map

This entity will be used to establish association between Firewall Flood
Protection profile and Group. Using this entity, user can specify intent
for applying Firewall Flood Protection profile to particular Group.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
profile_path Profile Path

PolicyPath of associated Profile		 string Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyFirewallFloodProtectionProfileBindingMap string
sequence_number Sequence number of this profile binding map.

Sequence number is used to resolve conflicts when two profiles get
applied to a single port. Lower value gets higher precedence. Two
binding maps having the same profile path should have the same sequence
number.
integer Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyFirewallFloodProtectionProfileBindingMapListRequestParameters (schema)

Policy Firewall Flood Protection Profile Binding Map list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyFirewallFloodProtectionProfileBindingMapListResult (schema)

Paged collection of Firewall Flood Protection Profile Binding Maps

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Firewall Flood Protection Profile Binding Map list results array of PolicyFirewallFloodProtectionProfileBindingMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyFirewallSessionTimerProfile (schema)

Policy Firewall Session timeout profile

A profile holding TCP, UDP and ICMP session timeout configuration.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
icmp_error_reply Timeout after ICMP error

The timeout value for the connection after an ICMP error came back in response to an ICMP packet.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "10"
icmp_first_packet First packet connection timeout

The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new ICMP flow.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "20"
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyFirewallSessionTimerProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_closed Timeout after RST

The timeout value of connection in seconds after one endpoint sends an RST.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "20"
tcp_closing Timeout after first TN

The timeout value of connection in seconds after the first FIN has been sent.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "120"
tcp_established Connection timeout

The timeout value of connection in seconds once the connection has become fully established.		 integer Required
Minimum: 120
Maximum: 4320000
Default: "43200"
tcp_finwait Timeout after FINs exchanged

The timeout value of connection in seconds after both FINs have been exchanged and connection is closed.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "45"
tcp_first_packet Connection timout after first packet

The timeout value of connection in seconds after the first packet has been sent.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "120"
tcp_opening Connection timout after second packet

The timeout value of connection in seconds after a second packet has been transferred.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "30"
udp_first_packet Connection timout after first packet

The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new UDP flow.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "60"
udp_multiple Timeout after hosts sent packet

The timeout value of connection in seconds if both hosts have sent packets.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "60"
udp_single Connection timeout for destination

The timeout value of connection in seconds if the source host sends more than one packet but the destination host has never sent one back.		 integer Required
Minimum: 10
Maximum: 4320000
Default: "30"

PolicyFirewallSessionTimerProfileBindingMap (schema)

Policy DFW Timer Session Profile binding map

This entity will be used to establish association between Firewall Timer session
profile and Group. Using this entity, user can specify intent for applying
Firewall Timer session profile to particular Group.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
firewall_session_timer_profile_path Firewall Session Timer Profile Path

PolicyPath of associated Firewall Timer Session Profile		 string Required
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyFirewallSessionTimerProfileBindingMap string
sequence_number Sequence number of this profile binding map.

Sequence number is used to resolve conflicts when two profiles get applied
to a single port. Lower value gets higher precedence. Two binding maps
having the same profile path should have the same sequence number.
integer
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyFirewallSessionTimerProfileBindingMapListRequestParameters (schema)

Policy Firewall Session Timer Profile Binding Map list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyFirewallSessionTimerProfileBindingMapListResult (schema)

Paged collection of Firewall Session Timer Profile Binding Maps

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Firewall Session Timer Profile Binding Map list results array of PolicyFirewallSessionTimerProfileBindingMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyFirewallSessionTimerProfileListRequestParameters (schema)

Policy Firewall Session timeout profile list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyFirewallSessionTimerProfileListResult (schema)

Paged Collection of Policy Firewall Session timeout profiles

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Policy Firewall Session timeout profile list results array of PolicyFirewallSessionTimerProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyGroupIPMembersListResult (schema)

Group IP members list result

Paginated collection of IP members belonging to a Group.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of IP addresses that belong to the given Group array of IPElement Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyGroupMemberDetails (schema)

Group member details

Details of the member belonging to a Group

Name Description Type Notes
display_name The display name of the member on the enforcement point string Required
Readonly
id The ID of the member on the enforcement point string Required
Readonly
path The path of the member, if relevant string Required
Readonly

PolicyGroupMembersListResult (schema)

Group members list result

Paginated collection of members belonging to a Group.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of members that belong to the given Group array of PolicyGroupMemberDetails Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyIKEDigestAlgorithm (schema) (Deprecated)

Digest Algorithms used in IKE negotiations

The IKEDigestAlgorithms are used to verify message integrity during IKE negotiation.
SHA1 produces 160 bits hash and SHA2_256 produces 256 bit hash.

Name Description Type Notes
PolicyIKEDigestAlgorithm Digest Algorithms used in IKE negotiations

The IKEDigestAlgorithms are used to verify message integrity during IKE negotiation.
SHA1 produces 160 bits hash and SHA2_256 produces 256 bit hash.
string Deprecated
Enum: SHA1, SHA2_256

PolicyIKEEncryptionAlgorithm (schema) (Deprecated)

Encryption algorithms used in IKE

IKEEncryption algorithms are used to ensure confidentiality of the messages
exchanged during IKE negotiations. AES stands for Advanced Encryption Standards.
AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and
decryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter
Mode(GCM) and is used to provide both confidentiality and data origin authentication.
AES_GCM composed of two separate functions one for encryption(AES) and one for
authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only.
AES_GMAC_128 uses 128-bit keys.
AES_GMAC_192 uses 192-bit keys.
AES_GMAC_256 uses 256-bit keys.

Name Description Type Notes
PolicyIKEEncryptionAlgorithm Encryption algorithms used in IKE

IKEEncryption algorithms are used to ensure confidentiality of the messages
exchanged during IKE negotiations. AES stands for Advanced Encryption Standards.
AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and
decryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter
Mode(GCM) and is used to provide both confidentiality and data origin authentication.
AES_GCM composed of two separate functions one for encryption(AES) and one for
authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only.
AES_GMAC_128 uses 128-bit keys.
AES_GMAC_192 uses 192-bit keys.
AES_GMAC_256 uses 256-bit keys.
string Deprecated
Enum: AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256

PolicyIKEVersion (schema) (Deprecated)

IKE version

IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds
to both IKE-V1 and IKE-V2.

Name Description Type Notes
PolicyIKEVersion IKE version

IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds
to both IKE-V1 and IKE-V2.
string Deprecated
Enum: IKE_V1, IKE_V2, IKE_FLEX

PolicyIPAddressInfo (schema) (Deprecated)

IP address information

Used to specify the display name and value of the IPv4Address.

Name Description Type Notes
address_value Value of the IPv4Address

Value of the IPv4Address.
IPv4Address Required
display_name Display name of the IPv4Address

Display name used to help identify the IPv4Address.
string
next_hop Next Hop of the IPv4Address

Next hop used in auto-plumbing of static route. If a value is not
provided, static route will not be auto-plumbed.
IPv4Address

PolicyInsertParameters (schema)

Parameters to tell where security policy/rule needs to be placed

Parameters to let the admin specify a relative position of a security
policy or rule w.r.t to another one.

Name Description Type Notes
anchor_path The security policy/rule path if operation is 'insert_after' or 'insert_before' string
operation Operation string Enum: insert_top, insert_bottom, insert_after, insert_before
Default: "insert_top"

PolicyInterfaceStatistics (schema)

Tier0 or Tier1 interface statistics on specific Enforcement Point

Tier0 or Tier1 interface statistics on specific Enforcement Point.

Name Description Type Notes
logical_router_port_id The ID of the logical router port string Required
per_node_statistics Per Node Statistics array of LogicalRouterPortStatisticsPerNode Readonly

PolicyLabel (schema)

Label to reference group of policy entities of same type.

Label to reference group of policy entities of same type.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
refs Policy entity paths referred by the label instance

Policy entity paths referred by the label instance		 array of string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyLabel string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
type Policy intent entity type from PolicyResourceType

Policy intent entity type from PolicyResourceType		 string Required

PolicyLabelListRequestParameters (schema)

PolicyLabel list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyLabelListResult (schema)

Paged Collection of Domains

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Policy label list results array of PolicyLabel Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyLbMonitorProfile (schema)

Base class for each type or protocol of PolicyLbMonitorProfile

All the types of PolicyLbMonitorProfile extend from this abstract class.
This is present for extensibility.
This is an abstract type. Concrete child types:
HttpPolicyLbMonitorProfile
HttpsPolicyLbMonitorProfile
IcmpPolicyLbMonitorProfile
TcpPolicyLbMonitorProfile
UdpPolicyLbMonitorProfile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count Monitor fall count for active healthchecks

Only if a healthcheck fails consecutively for a specified number of
times, given with fall_count, to a member will the member status be
marked DOWN.
integer Default: "3"
id Unique identifier of this resource string Sortable
interval Monitor interval in seconds for active healthchecks

Active healthchecks are initiated periodically, at a configurable
interval (in seconds), to each member of the Group.
integer Default: "5"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
monitor_port Monitor port for active healthchecks

Typically, monitors perform healthchecks to Group members using the
member IP address and pool_port.
However, in some cases, customers prefer to run healthchecks against a
different port than the pool member port which handles actual
application traffic. In such cases, the port to run healthchecks
against can be specified in the monitor_port value.
int Minimum: 0
Maximum: 65535
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyLbMonitorProfile string Required
Enum: TcpPolicyLbMonitorProfile, UdpPolicyLbMonitorProfile, IcmpPolicyLbMonitorProfile, HttpPolicyLbMonitorProfile, HttpsPolicyLbMonitorProfile
rise_count Monitor rise count for active healthchecks

Once a member is DOWN, a specified number of consecutive successful
healthchecks specified by rise_count will bring the member back to UP
state.
integer Default: "3"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Monitor timeout in seconds for active healthchecks

Timeout specified in seconds. After a healthcheck is initiated, if it
does not complete within a certain period, then also the healthcheck
is considered to be unsuccessful. Completing a healthcheck within
timeout means establishing a connection (TCP or SSL), if applicable,
sending the request and receiving the response, all within the
configured timeout.
integer Default: "15"

PolicyLbPersistenceProfile (schema)

Contains the information related to load balancer persistence options

Some applications maintain state and require all relevant connections
to be sent to the same server as the application state is not
synchronized among servers. Persistence is enabled on a
PolicyLbVirtualServer by binding a persistence profile to it.
This is an abstract type. Concrete child types:
CustomPolicyLbPersistenceProfile
L4PolicyLbPersistenceProfile
L7PolicyLbPersistenceProfile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyLbPersistenceProfile string Required
Enum: L4PolicyLbPersistenceProfile, L7PolicyLbPersistenceProfile, CustomPolicyLbPersistenceProfile
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyLbPoolAccess (schema)

Defining access a Group from a PolicyLbVirtualServer and binding to PolicyLbMonitorProfile

Defining access of a Group from a PolicyLbVirtualServer and binding to
PolicyLbMonitorProfile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
algorithm Load balancing algorithm

Load balanding algorithm controls how the incoming
connections are distributed among the members.
- ROUND_ROBIN - requests to the application servers are distributed
in a round-robin fashion,
- LEAST_CONNECTION - next request is assigned to the server with the
least number of active connections
string Enum: ROUND_ROBIN, LEAST_CONNECTION
Default: "ROUND_ROBIN"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_port_list IP Port list for applications within the Group

IP Port list for applications within the Group to allow
for non-uniform port usage by applications
array of IPAddressPortPair
lb_monitor_profile Path of the PolicyLbMonitorProfile to actively monitor the PolicyLbPoolAccess's Group

Path of the PolicyLbMonitorProfile to actively monitor the
PolicyLbPoolAccess's Group
string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
pool_port Port for LoadBalancer to send traffic

Port for LoadBalancer to send connections to the PolicyLbPoolAccess's
Group. Pool_port could be optional, if it is not specified, LB will use
PolicyLbVirtualServer port to connect to backend servers. If the
PolicyLbMonitorProfile is configured in PolicyLbPoolAccess and active
monitor IP protocol is TCP/UDP(which requires TCP or UDP port number),
monitor_port should be specified if pool_port is unset.
int Minimum: 0
Maximum: 65535
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyLbPoolAccess string
source_nat Source NAT setting of the PolicyLbPoolAccess

Depending on the topology, Source NAT (SNAT) may be required to ensure
traffic from the server destined to the client is received by the load
balancer. SNAT can be enabled per pool. If SNAT is not enabled for a
pool, then load balancer uses the client IP and port (spoofing) while
establishing connections to the servers. This is referred to as no-SNAT
or TRANSPARENT mode. SNAT is enabled by default and will use the
load balancer interface IP and an ephemeral port as the source IP and
port of the server side connection.
string Enum: ENABLED, DISABLED
Default: "ENABLED"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyLbRule (schema)

Binding of a LbPoolAccess and Group to a PolicyLbVirtualServer

Binding of a LbPoolAccess and Group to a PolicyLbVirtualServer
used to route application traffic passing through load balancers.
PolicyLbRule uses match conditions to match application traffic passing
through a PolicyLbVirtualServer using HTTP or HTTPS. Can bind
multiple PolicyLbVirtualServers to a Group. Each PolicyLbRule
consists of two optional match conditions, each match contidion defines a
criterion for application traffic. If no match conditions are
specified, then the PolicyLbRule will always match and it is used
typically to define default rules. If more than one match condition is
specified, then matching strategy determines if all conditions should
match or any one condition should match for the PolicyLbRule to be
considered a match. A match indicates that the PolicyLbVirtualServer
should route the request to the Group (parent of PolicyLbRule).

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
host_match Host HTTP header match condition

This condition is used to match HTTP request messages by the
specific HTTP header field, Host. The Host request header specifies
the domain name of the server. The supplied Host HTTP header match
condition will be matched as a regular expression.
The regular expressions in load balancer rules use the features
common to both Java regular expressions and Perl Compatible Regular
Expressions (PCREs) with some restrictions. Reference http://www.pcre
.org for PCRE and the NSX-T Administrator's Guide for the
restrictions. Please note, when regular expressions are used in JSON
(JavaScript Object Notation) string, every backslash character (\)
needs to be escaped by one additional backslash character.
string
id Unique identifier of this resource string Sortable
lb_virtual_server PolicyLbVirtualServer path

The path of PolicyLbVirtualServer to bind to this PolicyLbRule and its
Group
string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
match_strategy Match strategy for determining match of multiple conditions

If more than one match condition is specified, then
matching strategy determines if all conditions should match or any
one condition should match for the LB Rule to be considered a match.
- ALL indicates that both host_match and path_match must match for
this PolicyLbRule to be considered a match
- ANY indicates that either host_match or patch match may match for
this PolicyLbRule to be considered a match
string Enum: ALL, ANY
Default: "ANY"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
path_match HTTP request uri match condition

This condition is used to match URIs(Uniform Resource Identifier) of
HTTP request messages. The URI field can be specified as a regluar
expression. If an HTTP request message is requesting an URI which
matches specified regular expression, it matches the condition. The
syntax of whole URI looks like this:
scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment]
This condition matches only the path part of entire URI. The path_match
field is used as a regular expression to match URI path of HTTP
requests. For example, to match any URI that has "/image/" or
"/images/", uri field can be specified as: "/image[s]?/". The regular
expressions in load balancer rules use the features common to both
Java regular expressions and Perl Compatible Regular Expressions
(PCREs) with some restrictions. Reference http://www.pcre .org for
PCRE and the NSX-T Administrator's Guide for the restrictions.
Please note, when regular expressions are used in JSON (JavaScript
Object Notation) string, every backslash character (\) needs to be
escaped by one additional backslash character.
string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyLbRule string
sequence_number Sequence number of the this PolicyLbRule

This field is used to resolve conflicts between multiple
PolicyLbRules associated with a single PolicyLbVirtualServer and will
be applied numerically or low to high
int
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyLbVirtualServer (schema)

Base class for each type of PolicyLbVirtualServer

All the types of PolicyLbVirtualServer extend from this abstract class. This
is present for extensibility.
This is an abstract type. Concrete child types:
CustomPolicyLbVirtualServer
HttpPolicyLbVirtualServer
HttpsPolicyLbVirtualServer
TcpPolicyLbVirtualServer
UdpPolicyLbVirtualServer

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
access_log_enabled Access log enabled setting

If access log is enabled, all HTTP requests sent to an L7 virtual
server are logged to the access log file. Both successful requests
(backend server returns 2xx) and unsuccessful requests (backend
server returns 4xx or 5xx) are logged to access log, if enabled.
boolean Default: "False"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_address IP address of the PolicyLbVirtualServer

Configures the IP address of the PolicyLbVirtualServer where it
receives all client connections and distributes them among the
backend servers.
IPAddress Required
lb_persistence_profile Persistence Profile used by PolicyLbVirtualServer

Path to optional object that enables persistence on a virtual server
allowing related client connections to be sent to the same backend
server. Persistence is disabled by default.
string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
ports Virtual server port number(s) or port range(s)

Ports contains a list of at least one port or port range such as "80",
"1234-1236". Each port element in the list should be a single port or a
single port range.
array of PortElement Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyLbVirtualServer string Required
Enum: TcpPolicyLbVirtualServer, UdpPolicyLbVirtualServer, HttpPolicyLbVirtualServer, HttpsPolicyLbVirtualServer, CustomPolicyLbVirtualServer
router_path Path to router type object for PolicyLbVirtualServer

Path to router type object that PolicyLbVirtualServer connects to.
The only supported router object is Network.
string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
traffic_source string

PolicyListRequestParameters (schema)

Policy list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyListResult (schema)

Paged Collection of security policies

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyNATRuleCounters (schema)

Statistics count

Gives the statistics count of a NAT rule.

Name Description Type Notes
active_sessions Active sessions

Gives the total number of active sessions.
integer Readonly
total_bytes Total bytes

Gives the total number of bytes.
integer Readonly
total_packets Total packets

Gives the total number of packets.
integer Readonly

PolicyNat (schema)

Contains list of NAT Rules

Represents NAT section. This object is created by default when corresponding
tier-0/tier-1 is created. Under tier-0/tier-1 there will be 3 different NATs(sections).
(INTERNAL, USER and DEFAULT).

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
nat_type NAT section under tier-0/tier-1

Represents a NAT section under tier-0/tier-1.		 string Enum: INTERNAL, USER, DEFAULT
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyNat string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyNatRule (schema)

Represents a NAT rule between source and destination at T0/T1 router

Represents a NAT rule between source and destination at T0/T1 router.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
action Represents action of NAT Rule SNAT, DNAT, REFLEXIVE

Source NAT(SNAT) - translates a source IP address in an outbound packet so that
the packet appears to originate from a different network. SNAT is only supported
when the logical router is running in active-standby mode.
Destination NAT(DNAT) - translates the destination IP address of inbound packets
so that packets are delivered to a target address into another network. DNAT is
only supported when the logical router is running in active-standby mode.
Reflexive NAT(REFLEXIVE) - IP-Range and CIDR are supported to define the "n".
The number of original networks should be exactly the same as that of
translated networks. The address translation is deterministic. Reflexive is
supported on both Active/Standby and Active/Active LR.
NO_SNAT and NO_DNAT - These do not have support for translated_fields, only
source_network and destination_network fields are supported.
string Required
Enum: SNAT, DNAT, REFLEXIVE, NO_SNAT, NO_DNAT
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
destination_network Represents the destination network

IP Address | Comma separeted list of IP addresses | CIDR.
For DNAT and NO_DNAT rules, this is a mandatory field, and represents
the destination network for the incoming packets.
For other type of rules, optionally it can contain destination network
of outgoing packets.
NULL value for this field represents ANY network.
IPElementList
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Policy NAT Rule enabled flag

The flag, which suggests whether the NAT rule is enabled or
disabled. The default is True.
boolean Default: "True"
firewall_match Represents the firewall match flag

It indicates how the firewall matches the address after NATing if firewall
stage is not skipped.

MATCH_EXTERNAL_ADDRESS indicates the firewall will be applied to external address
of a NAT rule. For SNAT, the external address is the translated source address
after NAT is done. For DNAT, the external address is the original destination
address before NAT is done. For REFLEXIVE, to egress traffic, the firewall
will be applied to the translated source address after NAT is done; To ingress
traffic, the firewall will be applied to the original destination address
before NAT is done.

MATCH_INTERNAL_ADDRESS indicates the firewall will be applied to internal
address of a NAT rule. For SNAT, the internal address is the original source
address before NAT is done. For DNAT, the internal address is the translated
destination address after NAT is done. For REFLEXIVE, to egress traffic, the
firewall will be applied to the original source address before NAT is done;
To ingress traffic, the firewall will be applied to the translated destination
address after NAT is done.

BYPASS indicates the firewall stage will be skipped.

For NO_SNAT or NO_DNAT, it must be BYPASS or leave it unassigned
string Enum: MATCH_EXTERNAL_ADDRESS, MATCH_INTERNAL_ADDRESS, BYPASS
id Unique identifier of this resource string Sortable
logging Policy NAT Rule logging flag

The flag, which suggests whether the logging of NAT rule is enabled or
disabled. The default is False.
boolean Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyNatRule string
scope Array of policy paths of labels, ProviderInterface, NetworkInterface

Represents the array of policy paths of ProviderInterface or NetworkInterface or
labels of type ProviderInterface or NetworkInterface on which the NAT rule should
get enforced.
The interfaces must belong to the same router for which the NAT Rule is created.
array of string
sequence_number Sequence number of the Nat Rule

The sequence_number decides the rule_priority of a NAT rule.
Sequence_number and rule_priority have 1:1 mapping.For each NAT section,
there will be reserved rule_priority numbers.The valid range of
rule_priority number is from 0 to 2147483647(MAX_INT).
1. INTERNAL section
rule_priority reserved from 0 - 1023 (1024 rules)
valid sequence_number range 0 - 1023
2. USER section
rule_priority reserved from 1024 - 2147482623 (2147481600 rules)
valid sequence_number range 0 - 2147481599
3. DEFAULT section
rule_priority reserved from 2147482624 - 2147483647 (1024 rules)
valid sequence_number range 0 - 1023
int Default: "0"
service Represents the service on which the NAT rule will be applied

It represents the path of Service on which the NAT rule will be applied.
If not provided or if it is blank then Policy manager will consider it
as ANY.
string
source_network Represents the source network address

IP Address | Comma separeted list of IP addresses | CIDR.
For SNAT, NO_SNAT and REFLEXIVE rules, this is a mandatory field and
represents the source network of the packets leaving the network.
For DNAT and NO_DNAT rules, optionally it can contain source network
of incoming packets.
NULL value for this field represents ANY network.
IPElementList
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
translated_network Represents the translated network address

IP Address | Comma separeted list of IP addresses | CIDR.
For SNAT, DNAT and REFLEXIVE rules, this ia a mandatory field, which
represents the translated network address.
For NO_SNAT and NO_DNAT this should be empty.
IPElementList
translated_ports Port number or port range PortElement

PolicyNatRuleListRequestParameters (schema)

NAT Rule list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyNatRuleListResult (schema)

Paged Collection of NAT Rules

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results NAT Rules list results array of PolicyNatRule Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyNatRuleStatistics (schema)

Statistics of NAT Rule

Gives the Statistics of a NAT rule.

Name Description Type Notes
active_sessions Active sessions

Gives the total number of active sessions.
integer Readonly
last_update_timestamp Last update timestamp

Timestamp when the data was last updated.
EpochMsTimestamp Readonly
total_bytes Total bytes

Gives the total number of bytes.
integer Readonly
total_packets Total packets

Gives the total number of packets.
integer Readonly
warning_message Warning Message

The warning message about the NAT Rule Statistics.
string Readonly

PolicyNatRuleStatisticsListRequestParameters (schema)

NAT Rule statistics list request parameters

Request parameter to get NAT rule statistics.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
enforcement_point_path String Path of the enforcement point

Enforcement point path, forward slashes must be escaped using %2F.
string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyNatRuleStatisticsListResult (schema)

Collection of NAT Rule statistics

Gives the collection of NAT rule statistics per enforcement point.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results NAT rules statistics per enforcement point array of PolicyNatRuleStatisticsPerEnforcementPoint Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyNatRuleStatisticsPerEnforcementPoint (schema)

Statistics of NAT Rule per enforcement point

Gives the statistics of a NAT rule per enforcement point.

Name Description Type Notes
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point from where the statistics are fetched.
string
rule_path Path of NAT Rule

Path of NAT Rule.
string
rule_statistics Rule statistics per enforcement point

Gives NAT rule stats on an enforcement point.
array of PolicyNatRuleStatistics Readonly

PolicyNatRuleStatisticsPerLogicalRouter (schema)

Statistics of NAT Rule per logical router

Gives the statistics of a NAT rule per logical router on specified enforcement point.

Name Description Type Notes
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point from where the statistics are fetched.
string
last_update_timestamp Last update timestamp

Timestamp when the data was last updated.
EpochMsTimestamp Readonly
per_node_statistics Detailed Rule statistics

Detailed Rule statistics per logical router.
array of PolicyNatRuleStatisticsPerTransportNode Readonly
router_path Router path

Path of the router.
string
statistics Rolled up statistics

Rolled up statistics for all rules on the logical router.
PolicyNATRuleCounters Readonly

PolicyNatRuleStatisticsPerLogicalRouterListResult (schema)

Collection of NAT rule statistics per logical router

Gives the collection of NAT rule statistics per logical router on
specified enforcement point.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results NAT rules statistics per logical router array of PolicyNatRuleStatisticsPerLogicalRouter Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyNatRuleStatisticsPerTransportNode (schema)

Statistics of NAT Rule

Gives the Statistics of a NAT rule.

Name Description Type Notes
active_sessions Active sessions

Gives the total number of active sessions.
integer Readonly
last_update_timestamp Last update timestamp

Timestamp when the data was last updated.
EpochMsTimestamp Readonly
total_bytes Total bytes

Gives the total number of bytes.
integer Readonly
total_packets Total packets

Gives the total number of packets.
integer Readonly
transport_node_path Node path

Policy path of the Edge Node.
string Readonly

PolicyNonCompliantConfig (schema)

Name Description Type Notes
affected_resources Resources/Services impacted by non compliant configuration

Resources/Services impacted by non compliant configuration		 array of PolicyResourceReference Readonly
description Detail description of non compliant configuration with suggestive action string Readonly
non_compliance_code Code for non compliant configuration integer Readonly
reported_by Id and name of non compliant resource/service PolicyResourceReference Readonly

PolicyNsLookupParameters (schema)

Name Description Type Notes
address IP address or FQDN for nslookup string
enforcement_point_path String Path of the enforcement point

enforcement point path, forward slashes must be escaped using %2F.
string

PolicyRealizedResource (schema)

Abstract base class for all the realized policy objects

Abstract base class for all the realized policy objects

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyRealizedResource string
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyRelatedApiError (schema)

Detailed information about errors from API call to an enforcement point

Name Description Type Notes
details Further details about the error string
error_code A numeric error code integer
error_data Additional data about the error object
error_message A description of the error string
module_name The module name where the error occurred string

PolicyResource (schema)

Abstract base class for all the policy objects

Abstract base class for all the policy objects.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyResource string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyResourceReference (schema)

Policy resource reference

Policy resource reference.

Name Description Type Notes
is_valid Target validity

Will be set to false if the referenced NSX resource has been deleted.		 boolean Readonly
path Absolute path of this object

Absolute path of this object.		 string Readonly
target_display_name Target display name

Display name of the NSX resource.		 string Readonly
Maximum length: 255
target_id Target ID

Identifier of the NSX resource.		 string Maximum length: 64
target_type Target type

Type of the NSX resource.		 string Maximum length: 255

PolicyResourceReferenceForEP (schema)

Policy resource reference for enforcement point

Policy resource reference for enforcement point

Name Description Type Notes
is_valid Target validity

Will be set to false if the referenced NSX resource has been deleted.		 boolean Readonly
path Absolute path of this object

Absolute path of this object.		 string Readonly
target_display_name Target display name

Display name of the NSX resource.		 string Readonly
Maximum length: 255
target_id Target ID

Identifier of the NSX resource.		 string Maximum length: 64
target_type Target type

Type of the NSX resource.		 string Maximum length: 255

PolicyResourceReferenceForEPListResult (schema)

Policy resource reference list for enforcement point

Paginated collection of policy resource references for enforcement point

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of policy resource references for enforcement point array of PolicyResourceReferenceForEP Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyRuntimeAlarm (schema)

Alarm of PolicyRuntimeInfoPerEP

Alarm associated with the PolicyRuntimeInfoPerEP that exposes
potential errors when retrieving runtime information from the
enforcement point.

Name Description Type Notes
error_details Error Detailed Information

Detailed information about errors from an API call made to the
enforcement point, if any.
PolicyApiError Readonly
error_id Alarm Error Id

Alarm error id.		 string Readonly
message Error Message to Describe the Issue

Error message describing the issue.		 string Readonly

PolicyRuntimeInfoPerEP (schema)

PolicyRuntimeInfoPerEP

Runtime Info Per Enforcement Point.

Name Description Type Notes
alarm Alarm Information Details

Alarm information details.		 PolicyRuntimeAlarm Readonly
enforcement_point_path Enforcement point Path

Policy Path referencing the enforcement point where the info is fetched.
string Readonly

PolicyRuntimeOnEpRequestParameters (schema)

Request Parameters for Policy Runtime on enforcement point

Request parameters that represents an enforcement point path.
A request on runtime information can be parameterized with this path and will be
evaluated as follows:
- no enforcement point path specified: the request is evaluated on all enforcement
points.
- an enforcement point path is specified: the request is evaluated only on the given
enforcement point.

Name Description Type Notes
enforcement_point_path String Path of the enforcement point

enforcement point path, forward slashes must be escaped using %2F.
string

PolicyRuntimeRequestParameters (schema)

Request Parameters for Policy Runtime Information

Request parameters that represents an enforcement point path and data source.
A request on runtime information can be parameterized with this pair and will be
evaluted as follows:
- no enforcement point path specified: the request is evaluated on all enforcement
points.
- an enforcement point path is specified: the request is evaluated only on the given
enforcement point.

Name Description Type Notes
enforcement_point_path String Path of the enforcement point

enforcement point path, forward slashes must be escaped using %2F.
string
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType

PolicySIEnforcementPointRequestParameters (schema)

Policy Service Insertion Request Parameters

Request parameters that represents an enforcement point path. A request can be |
parameterized with this path and will be evaluted as follows |
> no enforcement point path specified: the request is evaluated on DEFAULT enforcement
point.
> {enforcement_point_path}: the request is evaluated only on the given enforcement |
point.

Name Description Type Notes
enforcement_point_path String Path of the enforcement point

enforcement point path, forward slashes must be escaped using %2F.
string

PolicyServiceChain (schema)

Policy Service Chain

Service chain is a set of network Services. A Service chain is made up of ordered list of service profiles belonging to any same or different services.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
failure_policy Failure Policy

Failure policy for the service defines the action to be taken i.e to allow or to block the traffic during failure scenarios.		 string Enum: ALLOW, BLOCK
Default: "ALLOW"
forward_path_service_profiles Forward path service profiles

Forward path service profiles are applied to ingress traffic.		 array of string Required
Maximum items: 4
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
path_selection_policy Path Selection Policy

Path selection policy can be - ANY - Service Insertion is free to redirect to any service path regardless of any load balancing considerations or flow pinning. LOCAL - Preference to be given to local service insances. REMOTE - Preference to be given to the SVM co-located on the same host. ROUND_ROBIN - All active service paths are hit with equal probability.		 string Enum: ANY, LOCAL, REMOTE, ROUND_ROBIN
Default: "ANY"
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyServiceChain string
reverse_path_service_profiles Reverse path service profiles

Reverse path service profiles are applied to egress traffic and is optional. 2 different set of profiles can be defined for forward and reverse path. If not defined, the reverse of the forward path service profile is applied.		 array of string Maximum items: 4
service_segment_path Path to service segment

Path to service segment using which the traffic needs to be redirected.		 array of string Required
Minimum items: 1
Maximum items: 1
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PolicyServiceChainListResult (schema)

Policy Service Chain List

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results All PolicyServiceChain objects array of PolicyServiceChain Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyServiceInstance (schema)

Represents an instance of partner Service and its configuration

Represents an instance of partner Service and its configuration.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
attributes Deployment Template attributes

List of attributes specific to a partner for which the service is created. There attributes are passed on to the partner appliance.		 array of Attribute Required
Maximum items: 128
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
compute_id Id of the compute resource.

Id of the compute(ResourcePool) to which this service needs to be deployed.		 string Required
context_id Id of the compute manager

UUID of VCenter/Compute Manager as seen on NSX Manager, to which this service needs to be deployed.		 string
deployment_mode Deployment Mode

Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode.		 string Enum: STAND_ALONE, ACTIVE_STANDBY
Default: "ACTIVE_STANDBY"
deployment_spec_name Name of the Deployment Specification

Form factor for the deployment of partner service.		 string Required
deployment_template_name Name of the Deployment Template

Template for the deployment of partnet service.		 string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
failure_policy Failure policy for the Service VM

Failure policy for the Service VM. If this values is not provided, it will be defaulted to FAIL_CLOSE.		 string Enum: ALLOW, BLOCK
Default: "BLOCK"
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
partner_service_name Name of Partner Service

Unique name of Partner Service in the Marketplace		 string Required
path Absolute path of this object

Absolute path of this object		 string Readonly
primary_interface_mgmt_ip Management IP Address of primary interface of the Service

Management IP Address of primary interface of the Service		 IPElement Required
primary_interface_network Path of the Network to which primary interface of the Service VM needs to be connected

Path of the Network to which primary interface of the Service VM needs to be connected		 string Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyServiceInstance string
secondary_interface_mgmt_ip Management IP Address of secondary interface of the Service

Management IP Address of secondary interface of the Service		 IPElement Required
secondary_interface_network Path of Network to which secondary interface of the Service VM needs to be connected

Path of Network to which secondary interface of the Service VM needs to be connected		 string Required
storage_id Id of the storage

Id of the storage(Datastore). VC moref of Datastore to which this service needs to be deployed.		 string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_type Transport Type

Transport to be used while deploying Service-VM.		 string Enum: L2_BRIDGE, L3_ROUTED
Default: "L2_BRIDGE"

PolicyServiceInstanceListRequestParameters (schema)

PolicyServiceInstance list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyServiceInstanceListResult (schema)

Collection of only SI objects

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service instance list results array of PolicyServiceInstance Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyServiceInstanceStatistics (schema)

Statistics for NICs on PolicyServiceInstance

Statistics for NICs for a PolicyServiceInstance

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
enforcement_point_path String Path of the enforcement point

Enforcement point path, forward slashes must be escaped using %2F.
string Readonly
instance_runtime_statistics Statistics for all runtimes

Statistics for the data NICs for all the runtimes associated
with this service instance.
array of InstanceRuntimeStatistic Readonly
service_instance_id PolicyServiceInstance path

PolicyServiceInsatnce path		 string Required
Readonly

PolicyServiceProfile (schema)

Policy Service Profile for a given Service

Service profile represents specialization of a vendor template.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
attributes Service profile attributes

List of attributes specific to a partner for which the service is created. These attributes are passed on to the partner appliance and are opaque to NSX. If a vendor template exposes configurable parameters, then their values are specified here.		 array of Attribute Maximum items: 128
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
redirection_action Redirection action

The redirection action represents if the packet is exclusively redirected to the service, or if a copy is forwarded to the service. Redirection action is not applicable to guest introspection service.		 string Enum: PUNT, COPY
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyServiceProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
vendor_template_name Vendor template name

Name of the vendor template for which this Service Profile is being created.		 string Required

PolicyServiceProfileListRequestParameters (schema)

Policy Service Profile list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyServiceProfileListResult (schema)

Policy Service Profile List

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service Profile list results array of PolicyServiceProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyServiceReferenceCascadeDeletionParam (schema)

Service reference casade delete param

Name Description Type Notes
cascade Flag to cascade delete all children associated with service reference boolean Default: "False"

PolicySubAttributes (schema)

Policy Sub Attributes data holder

Name Description Type Notes
datatype Datatype for sub attribute string Required
Enum: STRING
key Key for sub attribute string Required
Enum: TLS_CIPHER_SUITE, TLS_VERSION, CIFS_SMB_VERSION
value Value for sub attribute key

Multiple sub attribute values can be specified as elements of array.
array of string Required
Minimum items: 1

PolicyTransportZone (schema)

Transport Zone

Policy manager periodically reads transport zones (TZ) from enforcement
point and corresponding read-only intent objects are auto-created.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
is_default Indicates whether the transport zone is default

Indicates whether the transport zone is default.		 boolean Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
nsx_id UUID of transport zone on enforcement point

UUID of transport zone on enforcement point.		 string Readonly
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PolicyTransportZone string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tz_type Type of Transport Zone string Readonly
Enum: OVERLAY_STANDARD, OVERLAY_ENS, VLAN_BACKED, UNKNOWN

PolicyTransportZoneListRequestParameters (schema)

Transport Zone list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PolicyTransportZoneListResult (schema)

Paged Collection of Transport Zone

Paged Collection of Transport Zone

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Transport Zone array of PolicyTransportZone Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PolicyTunnelDigestAlgorithm (schema) (Deprecated)

Digest Algorithms used in tunnel establishment

The TunnelDigestAlgorithms are used to verify message integrity during tunnel establishment.
SHA1 produces 160 bits hash and SHA2_256 produces 256 bit hash.

Name Description Type Notes
PolicyTunnelDigestAlgorithm Digest Algorithms used in tunnel establishment

The TunnelDigestAlgorithms are used to verify message integrity during tunnel establishment.
SHA1 produces 160 bits hash and SHA2_256 produces 256 bit hash.
string Deprecated
Enum: SHA1, SHA2_256

PolicyTunnelEncryptionAlgorithm (schema) (Deprecated)

Encryption algorithm used in tunnel

TunnelEncryption algorithms are used to ensure confidentiality of the messages exchanged
during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses
128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_GCM
stands for Advanced Encryption Standard(AES) in Galois/Counter Mode (GCM) and is used to
provide both confidentiality and data origin authentication.

Name Description Type Notes
PolicyTunnelEncryptionAlgorithm Encryption algorithm used in tunnel

TunnelEncryption algorithms are used to ensure confidentiality of the messages exchanged
during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses
128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_GCM
stands for Advanced Encryption Standard(AES) in Galois/Counter Mode (GCM) and is used to
provide both confidentiality and data origin authentication.
string Deprecated
Enum: AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256

PoolAlgorithm (schema)

load balancing algorithm

Load Balancing algorithm chooses a server for each new connection by going
through the list of servers in the pool. Currently, following load balancing
algorithms are supported with ROUND_ROBIN as the default.
ROUND_ROBIN means that a server is selected in a round-robin fashion. The
weight would be ignored even if it is configured.
WEIGHTED_ROUND_ROBIN means that a server is selected in a weighted
round-robin fashion. Default weight of 1 is used if weight is not configured.
LEAST_CONNECTION means that a server is selected when it has the least
number of connections. The weight would be ignored even if it is configured.
Slow start would be enabled by default.
WEIGHTED_LEAST_CONNECTION means that a server is selected in a weighted
least connection fashion. Default weight of 1 is used if weight is not
configured. Slow start would be enabled by default.
IP_HASH means that consistent hash is performed on the source IP address of
the incoming connection. This ensures that the same client IP address will
always reach the same server as long as no server goes down or up. It may
be used on the Internet to provide a best-effort stickiness to clients
which refuse session cookies.

Name Description Type Notes
PoolAlgorithm load balancing algorithm

Load Balancing algorithm chooses a server for each new connection by going
through the list of servers in the pool. Currently, following load balancing
algorithms are supported with ROUND_ROBIN as the default.
ROUND_ROBIN means that a server is selected in a round-robin fashion. The
weight would be ignored even if it is configured.
WEIGHTED_ROUND_ROBIN means that a server is selected in a weighted
round-robin fashion. Default weight of 1 is used if weight is not configured.
LEAST_CONNECTION means that a server is selected when it has the least
number of connections. The weight would be ignored even if it is configured.
Slow start would be enabled by default.
WEIGHTED_LEAST_CONNECTION means that a server is selected in a weighted
least connection fashion. Default weight of 1 is used if weight is not
configured. Slow start would be enabled by default.
IP_HASH means that consistent hash is performed on the source IP address of
the incoming connection. This ensures that the same client IP address will
always reach the same server as long as no server goes down or up. It may
be used on the Internet to provide a best-effort stickiness to clients
which refuse session cookies.
string Enum: ROUND_ROBIN, WEIGHTED_ROUND_ROBIN, LEAST_CONNECTION, WEIGHTED_LEAST_CONNECTION, IP_HASH

PoolMember (schema)

Name Description Type Notes
admin_state member admin state PoolMemberAdminStateType Default: "ENABLED"
backup_member determine whether the pool member is for backup usage

Backup servers are typically configured with a sorry page indicating to
the user that the application is currently unavailable. While the pool
is active (a specified minimum number of pool members are active)
BACKUP members are skipped during server selection. When the pool is
inactive, incoming connections are sent to only the BACKUP member(s).
boolean Default: "False"
display_name pool member name string
ip_address pool member IP address IPAddress Required
max_concurrent_connections maximum concurrent connection number

To ensure members are not overloaded, connections to a member can be
capped by the load balancer. When a member reaches this limit, it is
skipped during server selection.
If it is not specified, it means that connections are unlimited.
integer Minimum: 1
Maximum: 2147483647
port pool member port number

If port is specified, all connections will be sent to this port. Only
single port is supported.
If unset, the same port the client connected to will be used, it could
be overrode by default_pool_member_port setting in virtual server.
The port should not specified for port range case.
PortElement
weight pool member weight

Pool member weight is used for WEIGHTED_ROUND_ROBIN balancing
algorithm. The weight value would be ignored in other algorithms.
integer Minimum: 1
Maximum: 256
Default: "1"

PoolMemberAction (schema)

Name Description Type Notes
action Specifies addition, removal and modification action string Required
Enum: ADD_MEMBERS, REMOVE_MEMBERS, UPDATE_MEMBERS

PoolMemberAdminStateType (schema)

pool member admin state

User can set the admin state of a member to ENABLED or DISABLED or
GRACEFUL_DISABLED. By default, when a member is added, it is ENABLED.
If a member is set to DISABLED, it is not selected for any new
connections. Active connections, however, will continue to be processed
by it. New connections with matching persistence entries pointing to
DISABLED members are not sent to those DISABLED members. Those connections
are assigned to other members of the pool and the corresponding persistence
entries are updated to point to the newly selected server.
To allow for a more graceful way of taking down servers for maintenance, a
routine task, another admin state GRACEFUL_DISABLED is supported. Existing
connections to a member in GRACEFUL_DISABLED state continue to be processed.

Name Description Type Notes
PoolMemberAdminStateType pool member admin state

User can set the admin state of a member to ENABLED or DISABLED or
GRACEFUL_DISABLED. By default, when a member is added, it is ENABLED.
If a member is set to DISABLED, it is not selected for any new
connections. Active connections, however, will continue to be processed
by it. New connections with matching persistence entries pointing to
DISABLED members are not sent to those DISABLED members. Those connections
are assigned to other members of the pool and the corresponding persistence
entries are updated to point to the newly selected server.
To allow for a more graceful way of taking down servers for maintenance, a
routine task, another admin state GRACEFUL_DISABLED is supported. Existing
connections to a member in GRACEFUL_DISABLED state continue to be processed.
string Enum: ENABLED, DISABLED, GRACEFUL_DISABLED

PoolMemberGroup (schema)

Name Description Type Notes
customized_members List of customized pool member settings

The list is used to show the customized pool member settings. User can
only user pool member action API to update the admin state for a specific
IP address.
array of PoolMemberSetting
grouping_object Grouping object resource reference

Load balancer pool support grouping object as dynamic pool members.
The IP list of the grouping object such as NSGroup would be used as
pool member IP setting.
ResourceReference Required
ip_revision_filter Filter of ipv4 or ipv6 address of grouping object IP list

Ip revision filter is used to filter IPv4 or IPv6 addresses from the
grouping object.
If the filter is not specified, both IPv4 and IPv6 addresses would be
used as server IPs.
The link local and loopback addresses would be always filtered out.
string Enum: IPV4, IPV6, IPV4_IPV6
Default: "IPV4"
max_ip_list_size Maximum number of grouping object IP address list

The size is used to define the maximum number of grouping object IP
address list. These IP addresses would be used as pool members.
If the grouping object includes more than certain number of
IP addresses, the redundant parts would be ignored and those IP
addresses would not be treated as pool members.
If the size is not specified, one member is budgeted for this dynamic
pool so that the pool has at least one member even if some other
dynamic pools grow beyond the capacity of load balancer service. Other
members are picked according to available dynamic capacity. The unused
members would be set to DISABLED so that the load balancer system
itself is not overloaded during runtime.
integer Minimum: 0
Maximum: 2147483647
port Pool member port for all IP addresses of the grouping object

If port is specified, all connections will be sent to this port.
If unset, the same port the client connected to will be used, it could
be overridden by default_pool_member_ports setting in virtual server.
The port should not specified for multiple ports case.
int Minimum: 1
Maximum: 65535

PoolMemberSetting (schema)

Pool member setting

The setting is used to add, update or remove pool members from pool.
For static pool members, admin_state, display_name and weight can be
updated.
For dynamic pool members, only admin_state can be updated.

Name Description Type Notes
admin_state Member admin state PoolMemberAdminStateType Default: "ENABLED"
display_name Pool member display name

Only applicable to static pool members. If supplied for a pool defined
by a grouping object, update API would fail.
string
ip_address Pool member IP address IPAddress Required
port Pool member port number PortElement
weight Pool member weight

Only applicable to static pool members. If supplied for a pool defined
by a grouping object, update API would fail.
integer Minimum: 1
Maximum: 255

PoolMemberSettingList (schema)

List of PoolMemberSetting

Name Description Type Notes
members List of pool member settings to be passed to add, update and remove APIs array of PoolMemberSetting Required

PoolUsage (schema)

Pool usage statistics in a pool.

Name Description Type Notes
allocated_ids Total number of allocated IDs in a pool integer Readonly
free_ids Total number of free IDs in a pool integer Readonly
total_ids Total number of IDs in a pool integer Readonly

PortAddressBindingEntry (schema)

Address binding information

Detailed information about static address for the port.

Name Description Type Notes
ip_address IP address

IP Address for port binding		 string
mac_address MAC address

Mac address for port binding		 MACAddress
vlan_id VLAN ID

VLAN ID for port binding		 VlanID

PortAttachment (schema)

Attachment information on the port

Detail information about port attachment

Name Description Type Notes
allocate_addresses Allocate addresses

Indicate how IP will be allocated for the port		 string Enum: IP_POOL, MAC_POOL, BOTH, NONE
app_id App Id

ID used to identify/look up a child attachment behind a parent attachment
string
context_id Context ID based on the type

Parent VIF ID if type is CHILD, Transport node ID if type is INDEPENDENT		 string
id Port attachment ID

VIF UUID on NSX Manager. If the attachement type is PARENT, this property is required.		 string
traffic_tag VLAN ID

Not valid when type is INDEPENDENT, mainly used to identify traffic from different
ports in container use case
VlanID
type Attachement type

Type of port attachment, it's an Enum value.		 string Enum: PARENT, CHILD, INDEPENDENT

PortConnectionBMEntities (schema)

Port Connection Bare Metal Entities

Name Description Type Notes
dst_port LogicalPort
src_port LogicalPort

PortConnectionContainersEntities (schema)

Port Connection Containers Entities

Name Description Type Notes
logical_ports array of LogicalPort

PortConnectionEdgeNodeGroup (schema)

Collection of edge nodes backing a logical router

Name Description Type Notes
edge_nodes array of TransportNode
id Resource ID is mapped to this. (ID is Generated for Edge node groups, since resource will be null) string Required
Readonly
logical_router_id Id of the logical router string Required
resource Resource reference with details of the entity ManagedResource Readonly

PortConnectionEntities (schema)

Port Connection Entities (to help draw a visual picture of entities between two ports)

Name Description Type Notes
containers PortConnectionContainersEntities Required
edge_node_groups array of PortConnectionEdgeNodeGroup
errors array of PortConnectionError Required
hypervisors array of PortConnectionHypervisor Required
logical_switches array of PortConnectionLogicalSwitch Required
physical_hosts PortConnectionBMEntities
routers array of PortConnectionRouter
tunnels array of PortConnectionTunnel Required
vms array of VirtualMachine Required

PortConnectionEntity (schema)

Port Connection Entity

Name Description Type Notes
id Resource ID is mapped to this. (ID is Generated for Edge node groups, since resource will be null) string Required
Readonly
resource Resource reference with details of the entity ManagedResource Readonly

PortConnectionError (schema)

Errors encountered while fetching entities in the forwarding path

Name Description Type Notes
entity_type string
error_details object
error_summary string

PortConnectionHypervisor (schema)

Port Connection Hypervisor/Transport Node Entity

Name Description Type Notes
id Resource ID is mapped to this. (ID is Generated for Edge node groups, since resource will be null) string Required
Readonly
neighbors_list array of InterfaceNeighborProperties
pnics array of Pnic Deprecated
pnics_list array of NodeInterfaceProperties
profiles array of BaseHostSwitchProfile
(Abstract type: pass one of the following concrete types)
ExtraConfigHostSwitchProfile
LldpHostSwitchProfile
NiocProfile
UplinkHostSwitchProfile
resource Resource reference with details of the entity ManagedResource Readonly

PortConnectionLogicalSwitch (schema)

Port Connection Logical Switch Entity

Name Description Type Notes
id Resource ID is mapped to this. (ID is Generated for Edge node groups, since resource will be null) string Required
Readonly
resource Resource reference with details of the entity ManagedResource Readonly
router_ports Logical Ports that are attached to a router array of LogicalPort Readonly
vm_ports Logical Ports that are attached to a VIF/VM array of LogicalPort Required
Readonly
vm_ports_states States of Logical Ports that are attached to a VIF/VM array of LogicalPortState Required
Readonly
vm_vnics Virutal Network Interfaces that are attached to the Logical Ports array of VirtualNetworkInterface Readonly

PortConnectionRequestParameters (schema)

Port Connection request parameters

Name Description Type Notes
peer_port_id ID of peer port string Required

PortConnectionRouter (schema)

Port Connection Logical Router Entity

Name Description Type Notes
downlink_ports Downlink ports of the Logical Router. array of LogicalRouterPort
(Abstract type: pass one of the following concrete types)
LogicalRouterCentralizedServicePort
LogicalRouterDownLinkPort
LogicalRouterLinkPortOnTIER0
LogicalRouterLinkPortOnTIER1
LogicalRouterLoopbackPort
LogicalRouterUpLinkPort		 Required
Readonly
id Resource ID is mapped to this. (ID is Generated for Edge node groups, since resource will be null) string Required
Readonly
resource Resource reference with details of the entity ManagedResource Readonly
uplink_ports Uplink ports of the Logical Router. array of LogicalRouterPort
(Abstract type: pass one of the following concrete types)
LogicalRouterCentralizedServicePort
LogicalRouterDownLinkPort
LogicalRouterLinkPortOnTIER0
LogicalRouterLinkPortOnTIER1
LogicalRouterLoopbackPort
LogicalRouterUpLinkPort		 Required
Readonly

PortConnectionTunnel (schema)

Tunnel information between two given transport nodes

Name Description Type Notes
src_node_id Id of the source transport node string Required
tunnel_properties Tunnel properties between the source and the destination transport node TunnelProperties Required

PortDiscoveryProfileBindingMap (schema)

Port Discovery Profile binding map

This entity will be used to establish association between discovery
profile and Port. Using this entity, user can specify intent for applying
discovery profile to particular Port. Port here is Logical Port.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_discovery_profile_path IP Discovery Profile Path

PolicyPath of associated IP Discovery Profile		 string
mac_discovery_profile_path Mac Discovery Profile Path

PolicyPath of associated Mac Discovery Profile		 string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PortDiscoveryProfileBindingMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PortDiscoveryProfileBindingMapListRequestParameters (schema)

Port Discovery Profile Binding Map list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PortDiscoveryProfileBindingMapListResult (schema)

Paged collection of Port Discovery Profile Binding Maps

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Port Discovery Profile Binding Map list results array of PortDiscoveryProfileBindingMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PortElement (schema)

A port or a port range

Examples- Single port "8080", Range of ports "8090-8095"

Name Description Type Notes
PortElement A port or a port range

Examples- Single port "8080", Range of ports "8090-8095"
string

PortMirroringFilter (schema)

Name Description Type Notes
dst_ips Destination IP used to filter packets

Destination IP in the form of IPAddresses, used to match the destination IP of a packet. If not provided, no filtering by destination IPs is performed.		 IPAddresses
dst_ports Destination port or port range used to filter packets

Destination port in the form of a port or port range, used to match the destination port of a packet. If not provided, no filtering by destination port is performed.		 PortElement
filter_action Mirror action to filter packets

If set to MIRROR, packets will be mirrored. If set to DO_NOT_MIRROR, packets will not be mirrored.		 string Enum: MIRROR, DO_NOT_MIRROR
Default: "MIRROR"
ip_protocol The protocol used to filter packets.

The transport protocols of TCP or UDP, used to match the transport protocol of a packet. If not provided, no filtering by IP protocols is performed.		 string Enum: TCP, UDP
src_ips Source IP used to filter packets

Source IP in the form of IPAddresses, used to match the source IP of a packet. If not provided, no filtering by source IPs is performed.		 IPAddresses
src_ports Source port or port range used to filter packets

Source port in the form of a port or port range, used to match the source port of a packet. If not provided, no filtering by source port is performed.		 PortElement

PortMirroringProfile (schema)

Mirrors Data from source to destination

Mirrors Data from source to destination

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
destination_group Destination group path

Data from source group will be copied to members of
destination group. Only IPSET group and group with
membership criteria VM is supported. IPSET group allows only
three ip's.
string Required
direction Direction

Port mirroring profile direction		 string Enum: INGRESS, EGRESS, BIDIRECTIONAL
Default: "BIDIRECTIONAL"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
encapsulation_type Mirror Destination encapsulation type

User can provide Mirror Destination type e.g GRE, ERSPAN_TWO or ERSPAN_THREE.If profile type is REMOTE_L3_SPAN, encapsulation type is used else ignored.		 string Enum: GRE, ERSPAN_TWO, ERSPAN_THREE
Default: "GRE"
erspan_id ERSPAN session id

Used by physical switch for the mirror traffic forwarding.
Must be provided and only effective when encapsulation type is
ERSPAN type II or type III.
int Minimum: 0
Maximum: 1023
Default: "0"
gre_key GRE encapsulation key

User-configurable 32-bit key only for GRE		 int Minimum: 0
Default: "0"
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
profile_type Allows user to select type of port mirroring session. string Enum: REMOTE_L3_SPAN, LOGICAL_SPAN
Default: "REMOTE_L3_SPAN"
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PortMirroringProfile string
snap_length Maximum packet length for packet truncation

If this property is set, the packet will be truncated to the provided
length. If this property is unset, entire packet will be mirrored.
int Minimum: 60
Maximum: 65535
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PortMirroringProfileListRequestParameters (schema)

Port mirroring profile request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PortMirroringProfileListResult (schema)

Paged collection of port mirroring profiles

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Port Mirroring Profiles list results array of PortMirroringProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PortMirroringSession (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
direction Port mirroring session direction DirectionType Required
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
encapsulation_vlan_id Encapsulation VLAN ID

Only for Remote SPAN Port Mirror.		 VlanID
id Unique identifier of this resource string Sortable
mirror_destination Mirror destination MirrorDestination
(Abstract type: pass one of the following concrete types)
IPMirrorDestination
LogicalPortMirrorDestination
PnicMirrorDestination		 Required
mirror_sources Mirror sources array of MirrorSource
(Abstract type: pass one of the following concrete types)
LogicalPortMirrorSource
LogicalSwitchMirrorSource
PnicMirrorSource
VlanMirrorSource		 Required
Minimum items: 1
port_mirroring_filters Port mirror filter for this session

An array of 5-tuples used to filter packets for the mirror session, if not provided, all the packets will be mirrored.		 array of PortMirroringFilter
preserve_original_vlan Only for Remote SPAN Port Mirror. Whether to preserve original VLAN. boolean Default: "False"
resource_type Must be set to the value PortMirroringSession string
session_type Port mirroring session type

If this property is unset, this session will be treated as
LocalPortMirrorSession.
PortMirroringSessionType Default: "LocalPortMirrorSession"
snap_length Maximum packet length for packet truncation

If this property is set, the packet will be truncated to the provided
length. If this property is unset, entire packet will be mirrored.
integer Minimum: 60
Maximum: 65535
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PortMirroringSessionListResult (schema)

Mirror session queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Port mirroring session results array of PortMirroringSession Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PortMirroringSessionType (schema)

Resource types of mirror session

PortMirroringSession is the configuration instance of port mirroring, you can
create different types of PortMirroringSession with different mirror source
and mirror destination.
Each port mirror session type has its own mirror source and mirror destination pair.
LocalPortMirrorSession include LogicalPortMirrorSession and UplinkPortMirrorSession.
You can create multiple mirror sessions of same parent type by one API call.
LogicalPortMirrorSession
- source[LogicalPortMirrorSource] destination[LogicalPortMirrorDestination]
UplinkPortMirrorSession
- source[PnicMirrorSource] destination[LogicalPortMirrorDestination]
RspanSrcMirrorSession
- source[LogicalPortMirrorSource] destination[PnicMirrorDestination]
RspanDstMirrorSession
- source[VlanMirrorSource] destination[LogicalPortMirrorDestination]
LogicalLocalPortMirrorSession
- source[LogicalPortMirrorSource] destination[LogicalPortMirrorDestination]
L3PortMirrorSession
- source[LogicalPortMirrorSource or LogicalSwitchMirrorSource] destination[IPMirrorDestination]

Name Description Type Notes
PortMirroringSessionType Resource types of mirror session

PortMirroringSession is the configuration instance of port mirroring, you can
create different types of PortMirroringSession with different mirror source
and mirror destination.
Each port mirror session type has its own mirror source and mirror destination pair.
LocalPortMirrorSession include LogicalPortMirrorSession and UplinkPortMirrorSession.
You can create multiple mirror sessions of same parent type by one API call.
LogicalPortMirrorSession
- source[LogicalPortMirrorSource] destination[LogicalPortMirrorDestination]
UplinkPortMirrorSession
- source[PnicMirrorSource] destination[LogicalPortMirrorDestination]
RspanSrcMirrorSession
- source[LogicalPortMirrorSource] destination[PnicMirrorDestination]
RspanDstMirrorSession
- source[VlanMirrorSource] destination[LogicalPortMirrorDestination]
LogicalLocalPortMirrorSession
- source[LogicalPortMirrorSource] destination[LogicalPortMirrorDestination]
L3PortMirrorSession
- source[LogicalPortMirrorSource or LogicalSwitchMirrorSource] destination[IPMirrorDestination]
string Enum: LogicalPortMirrorSession, UplinkPortMirrorSession, RspanSrcMirrorSession, RspanDstMirrorSession, LocalPortMirrorSession, LogicalLocalPortMirrorSession, L3PortMirrorSession

PortMirroringSwitchingProfile (schema) (Deprecated)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
destinations List of destination addresses array of IPAddress Maximum items: 3
direction DirectionType
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
key User-configurable 32-bit key integer
required_capabilities array of string Readonly
resource_type Must be set to the value PortMirroringSwitchingProfile string Required
snap_length Snap length for package truncation

If this property not set, original package will not be truncated.		 integer Minimum: 60
Maximum: 65535
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PortMonitoringProfileBindingMap (schema)

Port Monitoring Profile binding map

This entity will be used to establish association between monitoring
profile and Port. Using this entity, user can specify intent for applying
monitoring profile to particular Port. Port here is Segment Port.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ipfix_l2_profile_path IPFIX L2 Profile Path

PolicyPath of associated IPFIX L2 Profile		 string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
port_mirroring_profile_path Port Mirroring Profile Path

PolicyPath of associated Port Mirroring Profile		 string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PortMonitoringProfileBindingMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PortMonitoringProfileBindingMapListRequestParameters (schema)

Port Monitoring Profile Binding Map list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PortMonitoringProfileBindingMapListResult (schema)

Paged collection of Port Monitoring Profile Binding Maps

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Port Monitoring Profile Binding Map list results array of PortMonitoringProfileBindingMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PortQoSProfileBindingMap (schema)

Port QoS Profile binding map

This entity will be used to establish association between qos
profile and Port. Using this entity, you can specify intent for applying
qos profile to particular Port. Port here is Segment Port.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
qos_profile_path QoS Profile Path

PolicyPath of associated QoS Profile		 string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PortQoSProfileBindingMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PortQoSProfileBindingMapListRequestParameters (schema)

Port QoS Profile Binding Map list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PortQoSProfileBindingMapListResult (schema)

Paged collection of Port QoS Profile Binding Maps

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Port QoS Profile Binding Map list results array of PortQoSProfileBindingMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PortSecurityProfileBindingMap (schema)

Security profile binding map for port

Contains the binding relationship between port and security profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PortSecurityProfileBindingMap string
segment_security_profile_path Segment Security Profile Path

The policy path of the asscociated Segment Security profile		 string
spoofguard_profile_path SpoofGuard Profile Path

The policy path of the asscociated SpoofGuard profile		 string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PortSecurityProfileBindingMapListRequestParameters (schema)

Port security profile binding map request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PortSecurityProfileBindingMapListResult (schema)

Paged collection of port security profile binding maps

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Port security profile binding map list results array of PortSecurityProfileBindingMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PortStatus (schema)

indicates if the RabbitMQ management port is set or not

Name Description Type Notes
enabled indicates if the RabbitMQ management port is set or not boolean Required

PreconfiguredEndpoint (schema)

Tunnel endpoint configuration of preconfigured host switch

Name Description Type Notes
device_name Name of the virtual tunnel endpoint string Required

PreconfiguredHostSwitch (schema)

Preconfigured host switch

Preconfigured host switch is used for manually configured transport node.

Name Description Type Notes
endpoints List of virtual tunnel endpoints which are preconfigured on this host switch array of PreconfiguredEndpoint Maximum items: 1
host_switch_id External Id of the preconfigured host switch. string Required

PreconfiguredHostSwitchSpec (schema)

Specification of transport node preconfigured host switch

Preconfigured host switch specification is used for manually configured transport node. It is user's responsibility to ensure correct configuration is provided to NSX. This type is only valid for supported KVM fabric nodes.

Name Description Type Notes
host_switches Preconfigured Transport Node host switches array of PreconfiguredHostSwitch Required
Maximum items: 1
resource_type Must be set to the value PreconfiguredHostSwitchSpec string Required
Enum: StandardHostSwitchSpec, PreconfiguredHostSwitchSpec

PrefixConfig (schema)

Name Description Type Notes
action Action for the IPPrefix RoutingFilterAction Required
ge Greater than or equal to integer Minimum: 1
Maximum: 128
le Less than or equal to integer Minimum: 1
Maximum: 128
network CIDR

If absent, the action applies to all addresses.		 IPCIDRBlock

PrefixEntry (schema)

Network prefix entry

Name Description Type Notes
action Action for the prefix list

Action for the prefix list.
string Enum: PERMIT, DENY
Default: "PERMIT"
ge Prefix length greater than or equal to

Prefix length greater than or equal to.
int Minimum: 1
Maximum: 128
le Prefix length less than or equal to

Prefix length less than or equal to.
int Minimum: 1
Maximum: 128
network Network prefix in CIDR format

Network prefix in CIDR format. "ANY" matches all networks.
string Required

PrefixList (schema)

A named list of prefixes for routing purposes

A named list of prefixes for routing purposes.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
prefixes Ordered list of network prefixes

Specify ordered list of network prefixes.
array of PrefixEntry Required
Minimum items: 1
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value PrefixList string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PrefixListRequestParameters (schema)

PrefixList request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

PrefixListResult (schema)

Paged collection of PrefixLists

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results PrefixList results array of PrefixList Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

Principal (schema)

Name Description Type Notes
attributes Certificate list array of KeyValue Required

PrincipalIdentity (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
certificate_id Id of the stored certificate

Id of the stored certificate. When used with the deprecated POST /trust-management/principal-identities API this field is required.		 string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
is_protected Protection indicator

Indicator whether the entities created by this principal should be protected		 boolean
name Name

Name of the principal		 string Required
Maximum length: 255
Pattern: "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$"
node_id Unique node-id

Unique node-id of a principal		 string Required
Maximum length: 255
Pattern: "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$"
permission_group permission group

Use the 'role' field instead and pass in 'auditor' for read_only_api_users or 'enterprise_admin' for the others.		 UserGroupType Deprecated
resource_type Must be set to the value PrincipalIdentity string
role Role string Pattern: "^[a-zA-Z]+(_?[a-zA-Z]+)*$"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

PrincipalIdentityList (schema)

PrincipalIdentity query result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results PrincipalIdentity list array of PrincipalIdentity Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PrincipalIdentityWithCertificate (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
certificate_id Id of the stored certificate

Id of the stored certificate. When used with the deprecated POST /trust-management/principal-identities API this field is required.		 string
certificate_pem PEM encoding of the new certificate

PEM encoding of the new certificate		 string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
is_protected Protection indicator

Indicator whether the entities created by this principal should be protected		 boolean
name Name

Name of the principal		 string Required
Maximum length: 255
Pattern: "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$"
node_id Unique node-id

Unique node-id of a principal		 string Required
Maximum length: 255
Pattern: "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$"
permission_group permission group

Use the 'role' field instead and pass in 'auditor' for read_only_api_users or 'enterprise_admin' for the others.		 UserGroupType Deprecated
resource_type Must be set to the value PrincipalIdentityWithCertificate string
role Role string Pattern: "^[a-zA-Z]+(_?[a-zA-Z]+)*$"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ProfileBindingListRequestParameters (schema)

Profile binding map list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ProfileBindingMap (schema)

Policy base profile binding map

This entity will be used to establish association between profile
and policy entities.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
profile_path Profile Path

PolicyPath of associated Profile		 string Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value ProfileBindingMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ProfileSupportedAttributesListRequestParameters (schema)

Profile Attributes list request parameters.

Name Description Type Notes
attribute_key Fetch attributes and sub-attributes for the given attribute key

It fetches attributes and subattributes for the given attribute key
supported in the system which can be used for Policy Context Profile creation.
string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ProfileType (schema)

Profile type of the ServiceConfig

Name Description Type Notes
ProfileType Profile type of the ServiceConfig string Enum: FirewallSessionTimerProfile, FirewallCpuMemThresholdsProfile, GiServiceProfile, FirewallFloodProtectionProfile, FirewallDnsProfile

PropertyItem (schema)

LabelValue Property

Represents a label-value pair.

Name Description Type Notes
condition Expression for evaluating condition

If the condition is met then the property will be displayed. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.		 string Maximum length: 1024
field Field of the Property

Represents field value of the property.		 string Required
Maximum length: 1024
heading If true, represents the field as a heading

Set to true if the field is a heading. Default is false.		 boolean Default: "False"
label Label of the property

If a field represents a heading, then label is not needed		 Label
render_configuration Render Configuration

Render configuration to be applied, if any.		 array of RenderConfiguration
separator A separator after this property

If true, separates this property in a widget.		 boolean Default: "False"
type field data type

Data type of the field.		 string Required
Enum: String, Number, Date, Url
Maximum length: 255
Default: "String"

Protocol (schema)

This is an abstract type. Concrete child types:
HttpProtocol
HttpsProtocol
ScpProtocol
SftpProtocol

Name Description Type Notes
name Protocol name string Required
Enum: http, https, scp, sftp

ProtocolVersion (schema)

TLS protocol version

Name Description Type Notes
enabled Enable status for this protocol version boolean Required
name Name of the TLS protocol version string Required

Proxy (schema)

Proxy Configuration

Type to define the Proxy configuration.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Flag to indicate if proxy is enabled.

Flag to indicate if proxy is enabled. When set to true, a scheme, host
and port must be provided.
boolean Required
host FQDN or IP address of the proxy server

Specify the fully qualified domain name, or ip address, of the proxy server.
string
id Unique identifier of this resource string Sortable
password Password

Specify the password used to authenticate with the proxy server, if required.
string
port Configured port for proxy

Specify the port of the proxy server.		 int
resource_type Must be set to the value Proxy string
scheme The scheme accepted by the proxy server

The scheme accepted by the proxy server. Specify one of HTTP and HTTPS.
string Enum: HTTP, HTTPS
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
username User name

Specify the user name used to authenticate with the proxy server, if required.
string

ProxyServerProfileInfo (schema)

Proxy Server Profile Information

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
host IP Address or name of the proxy server

IP Address or name of the proxy server.
string Required
id Unique identifier of this resource string Sortable
is_default Flag to decide default proxy profile

Flag which decides whether current proxy server profile
is default or not.
boolean Default: "False"
password Password of the proxy server

The Password for the proxy server.
string
port Port of the proxy server

The port of the proxy server.
integer Required
profilename Name of the proxy profile

The name of proxy profile.
string Required
resource_type Must be set to the value ProxyServerProfileInfo string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tls_certificate TLS certificate of Proxy Server

If proxy server is using TLS certificate for secure
communication. In that case, certificate of Proxy Server
is required.
string
username Username of the proxy server

The username for the proxy server.
string

ProxyServerProfilesListResult (schema)

Proxy Server Profiles list

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Proxy Server Profile list array of ProxyServerProfileInfo
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

PublicCloudGatewayNode (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
allocation_list Allocation list

List of logical router ids to which this edge node is allocated.		 array of string Readonly
deployment_config Config for automatic deployment of edge node virtual machine.

When this configuration is specified, edge fabric node of deployment_type VIRTUAL_MACHINE
will be deployed and registered with MP.
EdgeNodeDeploymentConfig
deployment_type EdgeDeploymentType Readonly
description Description of this resource string Maximum length: 1024
Sortable
discovered_ip_addresses Discovered IP Addresses of the fabric node, version 4 or 6 array of IPAddress Readonly
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id ID of the Node maintained on the Node and used to recognize the Node string
fqdn Fully qualified domain name of the fabric node string Readonly
id Unique identifier of this resource string Sortable
ip_addresses IP Addresses of the Node, version 4 or 6

IP Addresses of the Node, version 4 or 6. This property is mandatory for all nodes except for
automatic deployment of edge virtual machine node. For automatic deployment, the ip address from
management_port_subnets property will be considered.
array of IPAddress
node_settings Current configuration on edge node.

Reports the current configuration of the SSH, DHS, NTP and host name
on this edge node. The deployment_config property is used during
deployment and this counterpart property shows current values.
EdgeNodeSettings
resource_type Must be set to the value PublicCloudGatewayNode string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

QoSBaseRateLimiter (schema)

A Limiter configuration entry that specifies type and metrics

This is an abstract type. Concrete child types:
EgressRateLimiter
IngressBroadcastRateLimiter
IngressRateLimiter

Name Description Type Notes
enabled boolean Required
resource_type Type rate limiter
string Required
Enum: IngressRateLimiter, IngressBroadcastRateLimiter, EgressRateLimiter
Default: "IngressRateLimiter"

QoSDscp (schema)

One of QoS or Encapsulated-Remote-Switched-Port-Analyzer

Dscp value is ignored in case of 'TRUSTED' DscpTrustMode.

Name Description Type Notes
mode DscpTrustMode
priority Internal Forwarding Priority int Minimum: 0
Maximum: 63
Default: "0"

QoSProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
class_of_service Class of service

Class of service groups similar types of traffic in the network and
each type of traffic is treated as a class with its own level of service
priority. The lower priority traffic is slowed down or in some cases
dropped to provide better throughput for higher priority traffic.
int Minimum: 0
Maximum: 7
Default: "0"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
dscp QoSDscp
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value QoSProfile string
shaper_configurations Array of Rate limiter configurations to applied on Segment or Port. array of QoSBaseRateLimiter
(Abstract type: pass one of the following concrete types)
EgressRateLimiter
IngressBroadcastRateLimiter
IngressRateLimiter		 Minimum items: 0
Maximum items: 3
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

QoSProfileBindingMap (schema)

Base QoS Profile Binding Map

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value QoSProfileBindingMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

QoSProfileListRequestParameters (schema)

QoS Profile request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

QoSProfileListResult (schema)

Paged collection of QoS profiles

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results QoS profiles list results array of QoSProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

QosBaseRateShaper (schema)

A shaper configuration entry that specifies type and metrics

This is an abstract type. Concrete child types:
EgressRateShaper
IngressBroadcastRateShaper
IngressRateShaper

Name Description Type Notes
enabled boolean Required
resource_type string Required
Enum: IngressRateShaper, IngressBroadcastRateShaper, EgressRateShaper
Default: "IngressRateShaper"

QosSwitchingProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
class_of_service Class of service int Minimum: 0
Maximum: 7
Default: "0"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
dscp Dscp
id Unique identifier of this resource string Sortable
required_capabilities array of string Readonly
resource_type Must be set to the value QosSwitchingProfile string Required
shaper_configuration array of QosBaseRateShaper
(Abstract type: pass one of the following concrete types)
EgressRateShaper
IngressBroadcastRateShaper
IngressRateShaper		 Minimum items: 0
Maximum items: 3
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

QueryTunnelParameters (schema)

Name Description Type Notes
bfd_diagnostic_code BFD diagnostic code of Tunnel as defined in RFC 5880 string Enum: 0, NO_DIAGNOSTIC, 1, CONTROL_DETECTION_TIME_EXPIRED, 2, ECHO_FUNCTION_FAILED, 3, NEIGHBOR_SIGNALED_SESSION_DOWN, 4, FORWARDING_PLANE_RESET, 5, PATH_DOWN, 6, CONCATENATED_PATH_DOWN, 7, ADMINISTRATIVELY_DOWN, 8, REVERSE_CONCATENATED_PATH_DOWN
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
remote_node_id string
sort_ascending boolean
sort_by Field by which records are sorted string
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType
status Tunnel status string Enum: UP, DOWN

RAConfig (schema)

Name Description Type Notes
hop_limit Hop limit

The maximum number of hops through which packets can
pass before being discarded.
integer Minimum: 0
Maximum: 255
Default: "64"
prefix_lifetime Lifetime of prefix

The time interval in seconds, in which the prefix is advertised
as valid.
integer Minimum: 0
Maximum: 4294967295
Default: "2592000"
prefix_preferred_time Prefix preferred time

The time interval in seconds, in which the prefix is advertised
as preferred.
integer Minimum: 0
Maximum: 4294967295
Default: "604800"
ra_interval RA interval

Interval between 2 Router advertisement in seconds.
integer Minimum: 4
Maximum: 1800
Default: "600"
router_lifetime Lifetime of router

Router lifetime value in seconds. A value of 0 indicates the
router is not a default router for the receiving end. Any other value
in this field specifies the lifetime, in seconds, associated with
this router as a default router.
integer Minimum: 0
Maximum: 65520
Default: "1800"

RAMode (schema)

Router Advertisement Mode

Router Advertisement Modes.
DISABLED - RA is disabled
SLAAC_DNS_THROUGH_RA - Stateless address auto-configuration RA for address and configuration
SLAAC_DNS_THROUGH_DHCP - SLAAC RA for address and DHCPv6 for configuration
DHCP_ADDRESS_AND_DNS_THROUGH_DHCP - DHCPv6 for address and configurations
SLAAC_AND_ADDRESS_DNS_THROUGH_DHCP - SLAAC RA and DHCPv6 for address and configurations

Name Description Type Notes
RAMode Router Advertisement Mode

Router Advertisement Modes.
DISABLED - RA is disabled
SLAAC_DNS_THROUGH_RA - Stateless address auto-configuration RA for address and configuration
SLAAC_DNS_THROUGH_DHCP - SLAAC RA for address and DHCPv6 for configuration
DHCP_ADDRESS_AND_DNS_THROUGH_DHCP - DHCPv6 for address and configurations
SLAAC_AND_ADDRESS_DNS_THROUGH_DHCP - SLAAC RA and DHCPv6 for address and configurations
string Enum: DISABLED, SLAAC_DNS_THROUGH_RA, SLAAC_DNS_THROUGH_DHCP, DHCP_ADDRESS_AND_DNS_THROUGH_DHCP, SLAAC_AND_ADDRESS_DNS_THROUGH_DHCP

RaDNSConfig (schema)

Name Description Type Notes
dns_server DNS server

DNS server.
array of IPv6Address Maximum items: 8
dns_server_lifetime Lifetime of DNS server in milliseconds integer Minimum: 0
Maximum: 4294967295
Default: "1800000"
domain_name Domain name

Domain name in RA message.
array of string Maximum items: 8
domain_name_lifetime Lifetime of Domain names in milliseconds integer Minimum: 0
Maximum: 4294967295
Default: "1800000"

RateLimits (schema)

Rate limiting configuration

Enables traffic limit for incoming/outgoing broadcast and multicast packets. Use 0 to disable rate limiting for a specific traffic type

Name Description Type Notes
enabled Whether rate limiting is enabled boolean Default: "False"
rx_broadcast Incoming broadcast traffic limit in packets per second int Minimum: 0
Default: "0"
rx_multicast Incoming multicast traffic limit in packets per second int Minimum: 0
Default: "0"
tx_broadcast Outgoing broadcast traffic limit in packets per second int Minimum: 0
Default: "0"
tx_multicast Outgoing multicast traffic limit in packets per second int Minimum: 0
Default: "0"

Reaction (schema)

Reaction

Reaction represents a programmable entity which encapsulates the events
and the actions in response to the events, or simply "If This Then That".

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
actions Reaction Actions

Actions that need to be taken when the events occur. These actions must appear
in the order that they need to be taken in. This field can be interpreted as the
HOW of the Reaction, or simply as "Then That".
array of Action
(Abstract type: pass one of the following concrete types)
PatchResources
SetFields		 Required
Minimum items: 1
Maximum items: 1
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
events Reaction Events

Events that provide contextual variables about what the reaction should react to.
This field can be interpreted as the WHAT of the Reaction, or simply as "If This"
Clause.
array of Event Required
Minimum items: 1
Maximum items: 1
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Reaction string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ReadNodesStatusRequestQueryParameters (schema)

Node Status list request queryparameters

Name Description Type Notes
node_ids List of requested Nodes.

A comma separated list of request Node Ids.		 string Required

RealizationListRequestParameters (schema)

Realization list request params

List request params for the pass through type api that get data from the
Enforcement point. The basic requirement for these kind of APIs is
filtering by Enforcement point.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
enforcement_point_path String Path of the enforcement point

The path of the enforcement point from which the list of members needs
to be fetched. Forward slashes must be escaped using %2F.
string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

RealizationStateBarrierConfig (schema)

The configuration data for setting the global realization state barrier

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
interval Interval in milliseconds

The interval in milliseconds used for auto incrementing the barrier number
integer Required
Minimum: 0

RealizationStateQueryParameters (schema)

Realization state request query parameters

Query parameters that allow checking the realization status of logical entities such as firewall rules and sections.

Name Description Type Notes
barrier_id The system checks to ensure that the logical entity is realized or
not at least at the given barrier number. This parameter has been
deprecated. Please use request_id instead.
integer Deprecated
Minimum: 0
request_id Realization request ID

Passing a request_id allows you to check if the changes to a
logical entity made in a particular API request have been
realized or not. The request_id is returned from each
API request in the X-NSX-REQUESTID header. For example, to
check if a change to a firewall rule has been realized, save
the X-NSX-REQUESTID header value returned from the
PUT /api/v1/firewall/sections//rules/ call,
then add ?request_id= to the
GET /api/v1/firewall/rules//state API call.
string

RealizedEnforcementPoint (schema) (Experimental)

Realized Enforcement Point

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
realized_firewalls Root of Realized Firewalls RealizedFirewalls Readonly
realized_groups Root of Realized Groups RealizedGroups Readonly
realized_services Root of Realized Services RealizedServices Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedEnforcementPoint string
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RealizedEnforcementPointListRequestParameters (schema) (Experimental)

Realized enforcement point list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

RealizedEnforcementPointListResult (schema) (Experimental)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of Enforcement Point's array of RealizedEnforcementPoint
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

RealizedFirewall (schema) (Experimental)

Realized firewall

This is an abstract type. Concrete child types:
RealizedFirewallSection

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedFirewall string Required
Enum: RealizedFirewallSection
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RealizedFirewallRule (schema) (Experimental)

Realized Firewall Rule

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
action Action

Action enforced on the packets which matches the firewall rule.		 string Readonly
Enum: ALLOW, DROP, REJECT
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
destinations Destination List

List of the destinations. Null will be treated as any.		 array of ResourceReference Readonly
Maximum items: 128
direction Rule direction

Rule direction in case of stateless firewall rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.		 string Readonly
Enum: IN, OUT, IN_OUT
Default: "IN_OUT"
disabled Rule enable/disable flag

Flag to disable rule. Disabled will only be persisted but never provisioned/realized.		 boolean Readonly
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedFirewallRule string
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
services Service List

List of the services. Null will be treated as any.		 array of ResourceReference Readonly
Maximum items: 128
sources Source List

List of sources. Null will be treated as any.		 array of ResourceReference Readonly
Maximum items: 128
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RealizedFirewallSection (schema) (Experimental)

Realized Firewall section

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedFirewallSection string Required
Enum: RealizedFirewallSection
rule_count Rule count

Number of rules in this section.		 integer Readonly
rules List of the firewall rules

List of firewall rules in the section.		 array of RealizedFirewallRule Readonly
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
section_type Section Type

Type of the rules which a section can contain.		 string Readonly
Enum: LAYER2, LAYER3
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RealizedFirewallSectionListRequestParameters (schema) (Experimental)

Realized firewall section list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

RealizedFirewallSectionListResult (schema) (Experimental)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of firewall sections array of RealizedFirewallSection Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

RealizedFirewalls (schema) (Experimental)

Realized firewalls

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
realized_firewalls list of realized firewalls array of RealizedFirewall
(Abstract type: pass one of the following concrete types)
RealizedFirewallSection		 Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedFirewalls string
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RealizedGroup (schema) (Experimental)

Realized group

This is an abstract type. Concrete child types:
RealizedNSGroup
RealizedSecurityGroup

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedGroup string Required
Enum: RealizedNSGroup, RealizedSecurityGroup
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RealizedGroups (schema) (Experimental)

Realized groups

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
realized_groups list of realized groups array of RealizedGroup
(Abstract type: pass one of the following concrete types)
RealizedNSGroup
RealizedSecurityGroup		 Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedGroups string
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RealizedIPSetListRequestParameters (schema) (Experimental)

Realized IPSet list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

RealizedLogicalPort (schema) (Experimental)

Realized Logical Port

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
logical_port_id The id of the logical port string Readonly
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedLogicalPort string
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
status The Operational status of the logical port string Readonly
Enum: UP, DOWN, UNKNOWN
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RealizedLogicalSwitch (schema) (Experimental)

Realized Logical Switch

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
logical_switch_id Id of the logical switch string Readonly
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedLogicalSwitch string
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_zone_id Transport zone identifier string Readonly

RealizedMACSetListRequestParameters (schema) (Experimental)

Realized MACSet list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

RealizedNSGroup (schema) (Experimental)

Realized Network and Security Group

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
evaluations Evaluated members of NSGroup

Reference to the evaluated members of the NSGroup.
array of RealizedNSGroupMemberEvaluation Readonly
Maximum items: 500
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedNSGroup string Required
Enum: RealizedNSGroup, RealizedSecurityGroup
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RealizedNSGroupListRequestParameters (schema) (Experimental)

Realized NSGroup list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

RealizedNSGroupMemberEvaluation (schema) (Experimental)

Realized NSGroup member evaluation

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
logical_ports list of logical ports array of RealizedLogicalPort Readonly
logical_switches list of logical switches array of RealizedLogicalSwitch Readonly
member_count Count of the members added to this NSGroup integer Readonly
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedNSGroupMemberEvaluation string
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
virtual_machines list of virtual machines array of RealizedVirtualMachine Readonly

RealizedNSService (schema) (Experimental)

Realized NSService

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedNSService string Required
Enum: RealizedNSService
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
service_type Realized nsservice type string Readonly
Enum: SERVICE, SERVICE_GROUP
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RealizedPathRequestParameter (schema)

Parameter to filter realized entities by realized path

Realized path for which state/realized entities would be fetched.

Name Description Type Notes
realized_path String Path of the realized object

Realized path of object, forward slashes must be escaped using %2F
string Required

RealizedSecurityGroup (schema) (Experimental)

Realized Network and Security Group

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
evaluations Evaluated members of Security Group

Reference to the evaluted members of the Security Group.
array of RealizedSecurityGroupMemberEvaluation Readonly
Maximum items: 500
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedSecurityGroup string Required
Enum: RealizedNSGroup, RealizedSecurityGroup
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RealizedSecurityGroupListRequestParameters (schema) (Experimental)

Realized Security Group list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

RealizedSecurityGroupListResult (schema) (Experimental)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of realized Security Groups array of RealizedSecurityGroup Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

RealizedSecurityGroupMemberEvaluation (schema) (Experimental)

Realized Security Group member evaluation

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
member_count Count of the members added to this Security Group integer Readonly
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedSecurityGroupMemberEvaluation string
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
virtual_machines list of virtual machines array of RealizedVirtualMachine Readonly

RealizedService (schema) (Experimental)

Realized Service

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedService string Required
Enum: RealizedNSService
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RealizedServices (schema) (Experimental)

Realized services

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
realized_services List of realized services array of RealizedService
(Abstract type: pass one of the following concrete types)
RealizedNSService
RealizedService		 Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedServices string
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RealizedStateRequestParameter (schema)

Binding between Intent and Enforcement Point Paths

Request parameter that represents a binding between an intent path and
enforcement point path. A request on the realized state can be parameterized
with this pair and will be evaluted as follows:
- {intent_path}: the request is evaluated on all enforcement points for
the given intent.
- {intent_path, enforcement_point_path}: the request is evaluated only on
the given enforcement point for the given intent.

Name Description Type Notes
enforcement_point_path String Path of the enforcement point

enforcement point path, forward slashes must be escaped using %2F
string
intent_path String Path of the intent object

Intent path of object, forward slashes must be escaped using %2F
string Required

RealizedVirtualMachine (schema) (Experimental)

Realized Virtual Machine

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
alarms Alarm info detail array of PolicyAlarmResource
compute_ids List of external compute ids of the virtual machine in the format 'id-type-key:value' , list of external compute ids ['uuid:xxxx-xxxx-xxxx-xxxx', 'moIdOnHost:moref-11', 'instanceUuid:xxxx-xxxx-xxxx-xxxx'] array of string Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
host_id Id of the host on which the vm exists. string Readonly
id Unique identifier of this resource string Sortable
intent_reference Desire state paths of this object array of string
local_id_on_host Id of the vm unique within the host. string Readonly
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
power_state Current power state of this virtual machine in the system. string Readonly
Enum: VM_RUNNING, VM_STOPPED, VM_SUSPENDED, UNKNOWN
realization_api Realization API of this object on enforcement point string
realization_specific_identifier Realization id of this object string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RealizedVirtualMachine string
runtime_error String representation of runtime error

It define the root cause for runtime error.
string
runtime_status String representation of runtime status

Possible values could be UP, DOWN, UNKNOWN, DEGRADED
This list is not exhaustive.
string
state Realization state of this object string Required
Enum: UNAVAILABLE, UNREALIZED, REALIZED, ERROR
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RealizedVirtualMachineListRequestParameters (schema)

Realized Virtual Machine list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
enforcement_point_path String Path of the enforcement point

enforcement point path, forward slashes must be escaped using %2F.
string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

RealizedVirtualMachineListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of VMs array of RealizedVirtualMachine
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

RedirectionPolicy (schema)

Contains ordered list of rules and path to PolicyServiceInstance

Ordered list of rules long with the path of PolicyServiceInstance
to which the traffic needs to be redirected.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
category A way to classify a security policy, if needed.

- Distributed Firewall -
Policy framework provides five pre-defined categories for classifying
a security policy. They are "Ethernet","Emergency", "Infrastructure"
"Environment" and "Application". There is a pre-determined order in
which the policy framework manages the priority of these security
policies. Ethernet category is for supporting layer 2 firewall rules.
The other four categories are applicable for layer 3 rules. Amongst
them, the Emergency category has the highest priority followed by
Infrastructure, Environment and then Application rules. Administrator
can choose to categorize a security policy into the above categories
or can choose to leave it empty. If empty it will have the least
precedence w.r.t the above four categories.
- Edge Firewall -
Policy Framework for Edge Firewall provides six pre-defined categories
"Emergency", "SystemRules", "SharedPreRules", "LocalGatewayRules",
"AutoServiceRules" and "Default", in order of priority of rules.
All categories are allowed for Gatetway Policies that belong
to 'default' Domain. However, for user created domains, category is
restricted to "SharedPreRules" or "LocalGatewayRules" only. Also, the
users can add/modify/delete rules from only the "SharedPreRules" and
"LocalGatewayRules" categories. If user doesn't specify the category
then defaulted to "Rules". System generated category is used by NSX
created rules, for example BFD rules. Autoplumbed category used by
NSX verticals to autoplumb data path rules. Finally, "Default" category
is the placeholder default rules with lowest in the order of priority.
string
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
comments SecurityPolicy lock/unlock comments

Comments for security policy lock/unlock.		 string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
lock_modified_by User who locked the security policy

ID of the user who last modified the lock for the secruity policy.
string Readonly
lock_modified_time SecuirtyPolicy locked/unlocked time

SecurityPolicy locked/unlocked time in epoch milliseconds.		 EpochMsTimestamp Readonly
locked Lock a security policy

Indicates whether a security policy should be locked. If the
security policy is locked by a user, then no other user would
be able to modify this security policy. Once the user releases
the lock, other users can update this security policy.
boolean Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
redirect_to List of path Service Instance/service Instance endpoint array of string Required
Minimum items: 1
Maximum items: 1
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RedirectionPolicy string
rules Redirection rules that are a part of this RedirectionPolicy

Redirection rules that are a part of this RedirectionPolicy. At
max, there can be 1000 rules in a given RedirectPolicy.
array of RedirectionRule Maximum items: 1000
scope The list of group paths where the rules in this policy will get
applied. This scope will take precedence over rule level scope.
Supported only for security policies.
array of string Maximum items: 128
sequence_number Sequence number to resolve conflicts across Domains

This field is used to resolve conflicts between security policies
across domains. In order to change the sequence number of a policy
one can fire a POST request on the policy entity with
a query parameter action=revise
The sequence number field will reflect the value of the computed
sequence number upon execution of the above mentioned POST request.
For scenarios where the administrator is using a template to update
several security policies, the only way to set the sequence number is
to explicitly specify the sequence number for each security policy.
int Minimum: 0
stateful Stateful nature of the entries within this security policy.

Stateful or Stateless nature of security policy is enforced on all
rules in this security policy. When it is stateful, the state of
the network connects are tracked and a stateful packet inspection is
performed.
Layer3 security policies can be stateful or stateless. By default, they are stateful.
Layer2 security policies can only be stateless.
boolean
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_strict Enforce strict tcp handshake before allowing data packets

Ensures that a 3 way TCP handshake is done before the data packets
are sent.
tcp_strict=true is supported only for stateful security policies.
boolean

RedirectionPolicyListResult (schema)

Paged Collection of Redirection Policies

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Redirection policy list results array of RedirectionPolicy Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

RedirectionRule (schema)

It define redirection rule for service insertion

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
action Action

The action to be applied to all the services
string Enum: REDIRECT, DO_NOT_REDIRECT
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
destination_groups Destination group paths

We need paths as duplicate names may exist for groups under different
domains.In order to specify all groups, use the constant "ANY". This
is case insensitive. If "ANY" is used, it should be the ONLY element
in the group array. Error will be thrown if ANY is used in conjunction
with other values.
array of string Maximum items: 128
destinations_excluded Negation of destination groups

If set to true, the rule gets applied on all the groups that are
NOT part of the destination groups. If false, the rule applies to the
destination groups
boolean Default: "False"
direction Direction

Define direction of traffic.
string Enum: IN, OUT, IN_OUT
Default: "IN_OUT"
disabled Flag to disable the rule

Flag to disable the rule. Default is enabled.		 boolean Default: "False"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_protocol IPv4 vs IPv6 packet type

Type of IP packet that should be matched while enforcing the rule.
The value is set to IPV4_IPV6 for Layer3 rule if not specified.
For Layer2/Ether rule the value must be null.
string Enum: IPV4, IPV6, IPV4_IPV6
logged Enable logging flag

Flag to enable packet logging. Default is disabled.		 boolean Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
notes Text for additional notes on changes

Text for additional notes on changes.		 string Maximum length: 2048
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
profiles Layer 7 service profiles

Holds the list of layer 7 service profile paths. These profiles accept
attributes and sub-attributes of various network services
(e.g. L4 AppId, encryption algorithm, domain name, etc) as key value
pairs.
array of string Maximum items: 128
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RedirectionRule string
scope The list of policy paths where the rule is applied
LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied
on multiple LRs/LRPs.
array of string Maximum items: 128
sequence_number Sequence number of the this Rule

This field is used to resolve conflicts between multiple
Rules under Security or Gateway Policy for a Domain
int Minimum: 0
services Names of services

In order to specify all services, use the constant "ANY".
This is case insensitive. If "ANY" is used, it should
be the ONLY element in the services array. Error will be thrown
if ANY is used in conjunction with other values.
array of string Maximum items: 128
source_groups Source group paths

We need paths as duplicate names may exist for groups under different
domains. In order to specify all groups, use the constant "ANY". This
is case insensitive. If "ANY" is used, it should be the ONLY element
in the group array. Error will be thrown if ANY is used in conjunction
with other values.
array of string Maximum items: 128
sources_excluded Negation of source groups

If set to true, the rule gets applied on all the groups that are
NOT part of the source groups. If false, the rule applies to the
source groups
boolean Default: "False"
tag Tag applied on the rule

User level field which will be printed in CLI and packet logs.
string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RedirectionRuleListRequestParameters (schema)

RedirectionRule list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

RedirectionRuleListResult (schema)

Paged Collection of RedirectionRules

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results RedirectionRule list results array of RedirectionRule Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

RedistributionConfig (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
bgp_enabled Flag to enable redistribution for BGP as destinationProtocol boolean Default: "False"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
logical_router_id Logical router id string Readonly
resource_type Must be set to the value RedistributionConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RedistributionProtocols (schema)

Redistribution Protocols

Types of route to redistribute over routing protocols.
STATIC type is deprecated, use T0_STATIC instead.
T0_STATIC type should be used to redistribute user added static
routes.
NSX_CONNECTED type is deprecated, use T0_CONNECTED instead.
For backward compatibility when NSX_CONNECTED is selected,
we will redistribute downlink port subnets for TIER0 LR.
T0_CONNECTED type should be used to redistribute all port
subnets including uplink, downlink, CSP and loopback for TIER0 LR.
NSX_STATIC type is deprecated, use T1_STATIC instead.
For backward compatibility when NSX_STATIC is selected,
we will redistribute static, CSP and downlink port subnets
advertised by TIER1 LR.
T1_STATIC type should be used to redistribute static subnets
advertised by TIER1 LR.
T0_UPLINK type should be used to redistribute uplink port subnets
on TIER0 LR.
T0_DOWNLINK type should be used to redistribute downlink port subnets
on TIER0 LR.
T0_ROUTER_LINK type should be used to redistribute router link port
subnets on TIER0 LR
T0_CSP type should be used to redistribute centralised service port
subnets on TIER0 LR.
T0_LOOPBACK type should be used to redistribute loopback port subnets
on TIER0 LR.
T0_DNS_FORWARDER_IP type should be used to redistribute DNS forwarder
subnets on TIER0 LR.
T0_IPSEC_LOCAL_IP type should be used to redistribute IPSec subnets
on TIER0 LR.
TIER0_NAT type is deprecated, use T0_NAT instead.
T0_NAT type should be used to redistribute NAT IPs owned by
TIER0 logical router.
TIER1_NAT type is deprecated, use T1_NAT instead.
T1_NAT type should be used to redistribute NAT IP subnets advertised
by TIER1 LR.
TIER1_LB_VIP type is deprecated,use T1_LB_VIP instead.
T1_LB_VIP type should be used to redistribute LB VIP IP subnets
advertised by TIER1 LR.
TIER1_LB_SNAT type is deprecated, use T1_NAT instead.
T1_LB_SNAT type should be used to redistribute LB SNAT IP subnets
advertised by TIER1 LR.
T1_DNS_FORWARDER_IP type should be used to redistribute DNS forwarder
subnets advertised by TIER1 LR.
T1_CONNECTED type should be used to redistribute downlink and CSP port
subnets advertised by TIER1 LR.
T1_DOWNLINK type should be used to redistribute downlink port
subnets advertised by TIER1 LR.
T1_CSP type should be used to redistribute centralised service port
subnets advertised by TIER1 LR.
BGP type should be used to redistribute routes learned via BGP.
T1_IPSEC_LOCAL_IP type should be used to redistribute IPSec VPN local
endpoint subnets advertised by TIER1 LR.

Name Description Type Notes
RedistributionProtocols Redistribution Protocols

Types of route to redistribute over routing protocols.
STATIC type is deprecated, use T0_STATIC instead.
T0_STATIC type should be used to redistribute user added static
routes.
NSX_CONNECTED type is deprecated, use T0_CONNECTED instead.
For backward compatibility when NSX_CONNECTED is selected,
we will redistribute downlink port subnets for TIER0 LR.
T0_CONNECTED type should be used to redistribute all port
subnets including uplink, downlink, CSP and loopback for TIER0 LR.
NSX_STATIC type is deprecated, use T1_STATIC instead.
For backward compatibility when NSX_STATIC is selected,
we will redistribute static, CSP and downlink port subnets
advertised by TIER1 LR.
T1_STATIC type should be used to redistribute static subnets
advertised by TIER1 LR.
T0_UPLINK type should be used to redistribute uplink port subnets
on TIER0 LR.
T0_DOWNLINK type should be used to redistribute downlink port subnets
on TIER0 LR.
T0_ROUTER_LINK type should be used to redistribute router link port
subnets on TIER0 LR
T0_CSP type should be used to redistribute centralised service port
subnets on TIER0 LR.
T0_LOOPBACK type should be used to redistribute loopback port subnets
on TIER0 LR.
T0_DNS_FORWARDER_IP type should be used to redistribute DNS forwarder
subnets on TIER0 LR.
T0_IPSEC_LOCAL_IP type should be used to redistribute IPSec subnets
on TIER0 LR.
TIER0_NAT type is deprecated, use T0_NAT instead.
T0_NAT type should be used to redistribute NAT IPs owned by
TIER0 logical router.
TIER1_NAT type is deprecated, use T1_NAT instead.
T1_NAT type should be used to redistribute NAT IP subnets advertised
by TIER1 LR.
TIER1_LB_VIP type is deprecated,use T1_LB_VIP instead.
T1_LB_VIP type should be used to redistribute LB VIP IP subnets
advertised by TIER1 LR.
TIER1_LB_SNAT type is deprecated, use T1_NAT instead.
T1_LB_SNAT type should be used to redistribute LB SNAT IP subnets
advertised by TIER1 LR.
T1_DNS_FORWARDER_IP type should be used to redistribute DNS forwarder
subnets advertised by TIER1 LR.
T1_CONNECTED type should be used to redistribute downlink and CSP port
subnets advertised by TIER1 LR.
T1_DOWNLINK type should be used to redistribute downlink port
subnets advertised by TIER1 LR.
T1_CSP type should be used to redistribute centralised service port
subnets advertised by TIER1 LR.
BGP type should be used to redistribute routes learned via BGP.
T1_IPSEC_LOCAL_IP type should be used to redistribute IPSec VPN local
endpoint subnets advertised by TIER1 LR.
string Enum: STATIC, T0_STATIC, NSX_CONNECTED, T0_CONNECTED, NSX_STATIC, T1_STATIC, T0_UPLINK, T0_DOWNLINK, T0_ROUTER_LINK, T0_CSP, T0_LOOPBACK, T0_DNS_FORWARDER_IP, T0_IPSEC_LOCAL_IP, TIER0_NAT, T0_NAT, TIER1_NAT, T1_NAT, TIER1_LB_VIP, T1_LB_VIP, TIER1_LB_SNAT, T1_LB_SNAT, T1_DNS_FORWARDER_IP, T1_CONNECTED, T1_DOWNLINK, T1_CSP, BGP, T1_IPSEC_LOCAL_IP

RedistributionRule (schema)

Name Description Type Notes
address_family Address family for Route Redistribution string Readonly
Enum: IPV4, IPV6, IPV4_AND_IPV6
Default: "IPV4_AND_IPV6"
description Description string Maximum length: 1024
destination Destination redistribution protocol RedistributionProtocols Required
display_name Display name string Maximum length: 255
route_map_id RouteMap Id for the filter string
sources Array of redistribution protocols array of RedistributionProtocols Required

RedistributionRuleList (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
logical_router_id Logical router id string Readonly
resource_type Must be set to the value RedistributionRuleList string
rules List of redistribution rules. User needs to re-order rules to change the priority. array of RedistributionRule Minimum items: 0
Maximum items: 5
Default: "[]"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RegistrationToken (schema)

Appliance registration access token

Name Description Type Notes
roles List results array of string Required
token Access token string Required
user User delegated by token string

RelatedApiError (schema)

Detailed information about a related API error

Name Description Type Notes
details Further details about the error string
error_code A numeric error code integer
error_data Additional data about the error object
error_message A description of the error string
module_name The module name where the error occurred string

RelatedAttribute (schema)

Related attribute details.

Related attribute on the target resource for conditional constraints based
on related attribute value.
Example - destinationGroups/service/action is related attribute of
sourceGroups in communcation entry.

Name Description Type Notes
attribute Related attribute name on the target entity. string Required

RelatedAttributeConditionalExpression (schema)

Represents the leaf level type expression to express constraint as
value of realted attribute to the target. Uses
ConditionalValueConstraintExpression to constrain the target value
based on the related attribute value on the same resource.

Represents the leaf level type expression to express constraint as
value of realted attribute to the target.
Example - Constraint traget attribute 'X' (example in Constraint),
if destinationGroups contains 'vCeneter' then allow only values
"HTTPS", "HTTP" for attribute X.
{
"target":{
"target_resource_type":"CommunicationEntry",
"attribute":"services",
"path_prefix": "/infra/domains/{{DOMAIN}}/edge-communication-maps/default/communication-entries/"
},
"constraint_expression": {
"resource_type": "RelatedAttributeConditionalExpression",
"related_attribute":{
"attribute":"destinationGroups"
},
"condition" : {
"operator":"INCLUDES",
"rhs_value": ["/infra/domains/mgw/groups/VCENTER"],
"value_constraint": {
"resource_type": "ValueConstraintExpression",
"operator":"INCLUDES",
"values":["/infra/services/HTTP", "/infra/services/HTTPS"]
}
}
}
}

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
condition Conditiona value constraint expression.

Conditional value expression for target based on realted attribute value.
ConditionalValueConstraintExpression Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
related_attribute Related attribute. RelatedAttribute Required
resource_type Must be set to the value RelatedAttributeConditionalExpression string Required
Enum: ValueConstraintExpression, RelatedAttributeConditionalExpression, EntityInstanceCountConstraintExpression, FieldSanityConstraintExpression
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RemainingSupportBundleNode (schema)

Name Description Type Notes
node_display_name Display name of node string Required
Readonly
node_id UUID of node string Required
Readonly
status Status of node string Required
Readonly
Enum: PENDING, PROCESSING

RemoteFileServer (schema)

Remote file server

Name Description Type Notes
directory_path Remote server directory to copy bundle files to string Required
Pattern: "^\/[\w\-.\+~%\/]+$"
port Server port integer Minimum: 1
Maximum: 65535
Default: "22"
protocol Protocol to use to copy file FileTransferProtocol Required
server Remote server hostname or IP address string Required

RemoteServerFingerprint (schema)

Remote server

Name Description Type Notes
port Server port integer Minimum: 1
Maximum: 65535
Default: "22"
server Remote server hostname or IP address string Required
ssh_fingerprint SSH fingerprint of server string Required

RemoteServerFingerprintRequest (schema)

Remote server

Name Description Type Notes
port Server port integer Minimum: 1
Maximum: 65535
Default: "22"
server Remote server hostname or IP address string Required

RemoteTransportNodeStatusParametersWithDataSource (schema)

Query parameters that may be used to select which transport nodes status to return in a query.
The tunnel_status and bfd_diagnostic_code parameters are ANDed together if both are provided.

Name Description Type Notes
bfd_diagnostic_code BFD diagnostic code of Tunnel

The BFD diagnostic code of Tunnel as defined in RFC 5880.
If specified, only the status for transport nodes connected via tunnels having the
specified BFD diagnostic code are returned.
string Enum: 0, NO_DIAGNOSTIC, 1, CONTROL_DETECTION_TIME_EXPIRED, 2, ECHO_FUNCTION_FAILED, 3, NEIGHBOR_SIGNALED_SESSION_DOWN, 4, FORWARDING_PLANE_RESET, 5, PATH_DOWN, 6, CONCATENATED_PATH_DOWN, 7, ADMINISTRATIVELY_DOWN, 8, REVERSE_CONCATENATED_PATH_DOWN
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType
tunnel_status Tunnel Status

If specified, only the status for transport nodes connected via tunnels having the
specified tunnel status are returned.
string Enum: UP, DOWN

RenderConfiguration (schema)

Render Configuration

Render configuration to be applied to the widget.

Name Description Type Notes
color Color of the entity

The color to use when rendering an entity. For example, set color as 'RED' to render a portion of donut in red.		 string Enum: GREY, DARK_GREY, LIGHT_GREY, SKY_BLUE, BLUE, GREEN, YELLOW, RED, DARK_RED
condition Expression for evaluating condition

If the condition is met then the rendering specified for the condition will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.		 string Maximum length: 1024
display_value Overridden value to display, if any

If specified, overrides the field value. This can be used to display a meaningful value in situations where field value is not available or not configured.		 string Maximum length: 255
icons Icons

Icons to be applied at dashboard for widgets and UI elements.		 array of Icon Minimum items: 0
tooltip Multi-line tooltip

Multi-line text to be shown on tooltip while hovering over the UI element if the condition is met.		 array of Tooltip Minimum items: 0

ReorderMigrationRequest (schema)

Name Description Type Notes
id id of the migration unit group/migration unit before/after which the migration unit group/migration unit is to be placed string Required
is_before flag indicating whether the migration unit group/migration unit is to be placed before or after the specified migration unit group/migration unit boolean Default: "True"

ReorderRequest (schema)

Name Description Type Notes
id id of the upgrade unit group/upgrade unit before/after which the upgrade unit group/upgrade unit is to be placed string Required
is_before flag indicating whether the upgrade unit group/upgrade unit is to be placed before or after the specified upgrade unit group/upgrade unit boolean Default: "True"

RepoSyncStatusReport (schema)

Name Description Type Notes
failure_code Error code for failure

In case of repo sync related failure, the code for the error will
be stored here.
integer
failure_message Error message for failure

In case if repo sync fails due to some issue, an error message will be
stored here.
string
status Repository Synchronization Status

Status of the repo sync operation on the single nsx-manager
string Required
Enum: NOT_STARTED, IN_PROGRESS, FAILED, SUCCESS
status_message Status message

Describes the steps which repo sync operation is performing currently.
string

ReportAppResultsForVmsRequestParameters (schema)

Parameters to request results of an application discovery session

Parameters to query results of an application discovery session. It has a list of vm ids.

Name Description Type Notes
vm_ids Vm external Ids array of string

RequiredTransportNodeIdParameters (schema)

Name Description Type Notes
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType
transport_node_id TransportNode Id string Required

ResetStatsParameters (schema)

Name Description Type Notes
category Aggregation statistic category

Aggregation statistic category to perform reset operation.		 string Required
Enum: L3DFW, L3EDGE, L3BRIDGEPORT

ResetStatsRequestParameters (schema)

Reset Statistics Request Parameters

Request parameters that represents an enforcement point path and category.
A request on statistics can be parameterized with this enforcement point
path and will be evaluated as follows:
- no enforcement point path specified: the request is evaluated on all enforcement
points.
- {enforcement_point_path}: the request is evaluated only on the given enforcement
point.

Name Description Type Notes
category Aggregation statistic category

Aggregation statistic category to perform reset operation.		 string Required
Enum: DFW, EDGE
enforcement_point_path String Path of the enforcement point

enforcement point path, forward slashes must be escaped using %2F.
string

Resource (schema)

Base class for resources

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly

ResourceAllocation (schema)

Resource allocation information for a host infrastructure traffic type

Specify limit, shares and reservation for all kinds of traffic.
Values for limit and reservation are expressed in percentage. And for shares,
the value is expressed as a number between 1-100.
The overall reservation among all traffic types should not exceed 75%.
Otherwise, the API request will be rejected.

Name Description Type Notes
limit Maximum bandwidth percentage

The limit property specifies the maximum bandwidth allocation for a given
traffic type and is expressed in percentage. The default value for this
field is set to -1 which means the traffic is unbounded for the traffic
type. All other negative values for this property is not supported
and will be rejected by the API.
number Required
Minimum: -1
Maximum: 100
Default: "-1.0"
reservation Minimum guaranteed bandwidth percentage number Required
Minimum: 0
Maximum: 75
Default: "0.0"
shares Shares int Required
Minimum: 1
Maximum: 100
Default: "50"
traffic_type Resource allocation traffic type HostInfraTrafficType Required

ResourceFieldPointer (schema)

Resource Field Pointer

Resource Field Pointer representing the exact value within a policy object.

Name Description Type Notes
field_pointer Field Pointer

Field Pointer referencing the exact field within the policy object.		 string Required
path Resource Path

Policy Path referencing a policy object. If not supplied, the field pointer will be applied
to the event source.
string

ResourceInfoListResult (schema)

Collection of resource info objects

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Resource info list results array of PolicyFineTuningResourceInfo Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ResourceInfoSearchParameters (schema) (Experimental)

Represents search object that provides additional search capabilities

This object presents additional search capabilities over any API through free text query string. e.g. type="FirewallRuleDto".

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
type Type query string

ResourceLink (schema)

A link to a related resource

Name Description Type Notes
action Optional action string Readonly
href Link to resource string Required
Readonly
rel Link relation type

Custom relation type (follows RFC 5988 where appropriate definitions exist)		 string Required
Readonly

ResourceOperation (schema)

Resource Operation

Resource Operation is an Event Source that represents a resource that
is being changed at very specific points of time, with regard to
its interaction with dao layer.

Name Description Type Notes
operation_types Operation Types

Operation types.		 array of ResourceOperationType Required
Minimum items: 1
resource_pointer Resource Pointer

Regex path representing a regex expression on resources. This regex is used
to identify the object(s) that is/are the source of the Event. For instance:
specifying "Lb* | /infra/tier-0s/vmc/ipsec-vpn-services/default" as a source
means that ANY resource starting with Lb or ANY resource with
"/infra/tier-0s/vmc/ipsec-vpn-services/default" as path would be the source
of the event in question.
string Required
resource_type Must be set to the value ResourceOperation string Required
Enum: ResourceOperation, ApiRequestBody

ResourceOperationType (schema)

Resource Operation Type

Resource Operation Type represents a change in state of a resource with
regard to the interaction with DAO layer:
POST_CREATE: post-create change event.
POST_UPDATE: post-update change event.
PRE_DELETE: pre-delete change event.

Name Description Type Notes
ResourceOperationType Resource Operation Type

Resource Operation Type represents a change in state of a resource with
regard to the interaction with DAO layer:
POST_CREATE: post-create change event.
POST_UPDATE: post-update change event.
PRE_DELETE: pre-delete change event.
string Enum: POST_CREATE, POST_UPDATE, PRE_DELETE

ResourceReference (schema)

A weak reference to an NSX resource.

Name Description Type Notes
is_valid Target validity

Will be set to false if the referenced NSX resource has been deleted.		 boolean Readonly
target_display_name Target display name

Display name of the NSX resource.		 string Readonly
Maximum length: 255
target_id Target ID

Identifier of the NSX resource.		 string Maximum length: 64
target_type Target type

Type of the NSX resource.		 string Maximum length: 255

RestoreConfiguration (schema)

Configuration where backup files are stored for restore

Name Description Type Notes
passphrase Passphrase used to encrypt backup files. string
remote_file_server The server from which backup files will be retrieved for restore. RemoteFileServer Required

RestoreStep (schema)

Restore step info

Name Description Type Notes
description Restore step description string Required
Readonly
status PerStepRestoreStatus
step_number Restore step number integer Required
Readonly
value Restore step value string Required
Readonly

RevisionedResource (schema)

A base class for types that track revisions

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly

Role (schema)

Role

Name Description Type Notes
role Role name string Required

RoleBinding (schema)

User/Group's role binding

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
name User/Group's name string Required
Readonly
resource_type Must be set to the value RoleBinding string
roles Roles array of Role Required
Readonly
stale Stale in vIDM

Property 'stale' can be considered to have these values - absent - This type of rolebinding does not support stale property TRUE - Rolebinding is stale in vIDM meaning the user is no longer present in vIDM FALSE - Rolebinding is available in vIDM UNKNOWN - Rolebinding's state of staleness in unknown Once rolebindings become stale, they can be deleted using the API POST /aaa/role-bindings?action=delete_stale_bindings		 string Readonly
Enum: TRUE, FALSE, UNKNOWN
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
type Type string Required
Readonly
Enum: remote_user, remote_group, local_user, principal_identity

RoleBindingListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List results array of RoleBinding Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

RoleBindingRequestParameters (schema)

Parameters to filter list of role bindings.

Pagination and Filtering parameters to get only a subset of users/groups.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
name User/Group name string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
type Type string Enum: remote_user, remote_group, local_user, principal_identity

RoleListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List results array of Role Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

RoleWithFeatures (schema)

Role

Name Description Type Notes
features Features array of FeaturePermission Required
role Role name string Required
Readonly

RouteAdvertisementRule (schema)

Route advertisement rules and filtering

Name Description Type Notes
action Action to advertise routes

Action to advertise filtered routes to the connected Tier0 gateway.
PERMIT: Enables the advertisment
DENY: Disables the advertisement
string Required
Enum: PERMIT, DENY
Default: "PERMIT"
name Display name for rule

Display name should be unique.
string Required
prefix_operator Prefix operator to match subnets

Prefix operator to filter subnets.
GE prefix operator filters all the routes with prefix length greater
than or equal to the subnets configured.
EQ prefix operator filter all the routes with prefix length equal to
the subnets configured.
string Enum: GE, EQ
Default: "GE"
route_advertisement_types Enable different types of route advertisements

Enable different types of route advertisements.
When not specified, routes to IPSec VPN local-endpoint subnets
(TIER1_IPSEC_LOCAL_ENDPOINT) are automatically advertised.
array of Tier1RouteAdvertisentTypes
subnets Network CIDRs

Network CIDRs to be routed.
array of string

RouteAggregationEntry (schema)

List of routes to be aggregated

Name Description Type Notes
prefix CIDR of aggregate address

CIDR of aggregate address		 string Required
summary_only Send only summarized route

Send only summarized route.
Summarization reduces number of routes advertised by representing
multiple related routes with prefix property.
boolean Default: "True"

RouteBasedIPSecVPNSession (schema)

Route based VPN session

A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Enable/Disable IPSec VPN session

Enable/Disable IPSec VPN session.		 boolean Default: "True"
id Unique identifier of this resource string Sortable
ipsec_vpn_service_id IPSec VPN service identifier

Identifier of VPN Service linked with local endpoint.		 string Readonly
local_endpoint_id Local endpoint identifier

Local endpoint identifier.		 string Required
peer_endpoint_id Peer endpoint identifier

Peer endpoint identifier.		 string Required
resource_type Must be set to the value RouteBasedIPSecVPNSession IPSecVPNSessionResourceType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_mss_clamping TcpMssClamping
tunnel_ports IP Tunnel ports

IP Tunnel ports.		 array of TunnelPortConfig Required
Minimum items: 1
Maximum items: 1

RouteBasedIPSecVpnSession (schema)

Route based VPN session

A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
authentication_mode Authentication Mode

Peer authentication mode.
PSK - In this mode a secret key shared between local and
peer sites is to be used for authentication. The secret
key can be a string with a maximum length of 128 characters.
CERTIFICATE - In this mode a certificate defined at the
global level is to be used for authentication.
string Enum: PSK, CERTIFICATE
Default: "PSK"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
compliance_suite Compliance suite

Compliance suite.
string Enum: CNSA, SUITE_B_GCM_128, SUITE_B_GCM_256, PRIME, FOUNDATION, FIPS, NONE
connection_initiation_mode Connection initiation mode

Connection initiation mode used by local endpoint to
establish ike connection with peer site.
INITIATOR - In this mode local endpoint initiates
tunnel setup and will also respond to incoming tunnel
setup requests from peer gateway.
RESPOND_ONLY - In this mode, local endpoint shall only
respond to incoming tunnel setup requests. It shall not
initiate the tunnel setup.
ON_DEMAND - In this mode local endpoint will initiate
tunnel creation once first packet matching the policy
rule is received and will also respond to incoming
initiation request.
string Enum: INITIATOR, RESPOND_ONLY, ON_DEMAND
Default: "INITIATOR"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
dpd_profile_path Dead peer detection (DPD) profile path

Policy path referencing Dead Peer Detection (DPD) profile. Default is set to system default profile.		 string
enabled Enable/Disable IPSec VPN session

Enable/Disable IPSec VPN session.		 boolean Default: "True"
force_whitelisting Flag to add default whitelisting Gateway Policy rule for the VTI interface.

If true the default firewall rule Action is set to DROP, otherwise set to ALLOW.
This filed is deprecated and recommended to change Rule action filed. Note that this
filed is not synchornied with default rule field.
boolean Deprecated
Default: "False"
id Unique identifier of this resource string Sortable
ike_profile_path Internet key exchange (IKE) profile path

Policy path referencing IKE profile to be used. Default is set according to system default profile.		 string
local_endpoint_path Local endpoint path

Policy path referencing Local endpoint.		 string Required
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
peer_address IPV4 address of peer endpoint on remote site

Public IPV4 address of the remote device terminating the VPN connection.		 string Required
peer_id Peer id

Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer.		 string Required
psk Pre-shared key

IPSec Pre-shared key. Maximum length of this field is 128 characters.		 string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value RouteBasedIPSecVpnSession IPSecVpnSessionResourceType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_mss_clamping TCP MSS Clamping

TCP Maximum Segment Size Clamping Direction and Value.
TcpMaximumSegmentSizeClamping
tunnel_interfaces IP Tunnel interfaces

IP Tunnel interfaces.		 array of IPSecVpnTunnelInterface Required
Minimum items: 1
Maximum items: 1
tunnel_profile_path IPSec tunnel profile path

Policy path referencing Tunnel profile to be used. Default is set to system default profile.		 string

RouteBasedL3VpnSession (schema) (Deprecated)

Route based L3Vpn Session

A Route Based L3Vpn is more flexible, more powerful and recommended over policy based.
IP Tunnel subnet is created and all traffic routed through tunnel subnet is sent over
tunnel. Routes can be learned through BGP. A route based L3Vpn is required when using
redundant L3Vpn.

Name Description Type Notes
default_rule_logging Enable logging for whitelisted rule for the VTI interface

Indicates if logging should be enabled for the default whitelisting
rule for the VTI interface.
boolean Default: "False"
force_whitelisting Flag to add default whitelisting FW rule for the VTI interface.

The default firewall rule Action is set to DROP if true otherwise set to ALLOW.
boolean Default: "False"
resource_type Must be set to the value RouteBasedL3VpnSession L3VpnSessionResourceType Required
routing_config_path Routing configuration policy path

This is a deprecated field. Any specified value is not saved and will be ignored.
string Deprecated
tunnel_subnets Virtual Tunnel Interface (VTI) IP subnets

Virtual tunnel interface (VTI) port IP subnets to be used to configure
route-based L3Vpn session. A max of one tunnel subnet is allowed.
array of TunnelSubnet Required
Minimum items: 1
Maximum items: 1

RouteDetails (schema)

BGP route details

BGP route details.

Name Description Type Notes
as_path AS path

BGP AS path attribute.		 string Readonly
local_pref Local preference

BGP Local Preference attribute.		 integer Readonly
med Multi Exit Discriminator

BGP Multi Exit Discriminator attribute.		 integer Readonly
network CIDR network address

CIDR network address.		 IPCIDRBlock Required
Readonly
next_hop Next hop IP address

Next hop IP address.		 IPAddress Readonly
weight Weight

BGP Weight attribute.		 integer Readonly

RouteMap (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
logical_router_id Logical router id string Readonly
resource_type Must be set to the value RouteMap string
sequences Ordered list of routeMap sequences array of RouteMapSequence Required
Minimum items: 1
Maximum items: 1000
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RouteMapEntry (schema)

Route map entry

Name Description Type Notes
action Action for the route map entry

Action for the route map entry
string Required
Enum: PERMIT, DENY
community_list_matches Community list match criteria

Community list match criteria for route map.
Properties community_list_matches and prefix_list_matches are mutually
exclusive and cannot be used in the same route map entry.
array of CommunityMatchCriteria
prefix_list_matches Prefix list match criteria

Prefix list match criteria for route map.
Properties community_list_matches and prefix_list_matches are mutually
exclusive and cannot be used in the same route map entry.
array of string Maximum items: 500
set Set criteria for route map entry

Set criteria for route map entry
RouteMapEntrySet

RouteMapEntrySet (schema)

Set criteria for route map entry

Name Description Type Notes
as_path_prepend AS path prepend to influence route selection

AS path prepend to influence route selection.
string
community Set BGP community

Set BGP regular or large community for matching routes. A maximum of one value for each community
type separated by space. Well-known community name, community value in aa:nn (2byte:2byte) format for regular
community and community value in aa:bb:nn (4byte:4byte:4byte) format for large community are supported.
string
local_preference Local preference to set for matching BGP routes

Local preference indicates the degree of preference for one BGP route
over other BGP routes. The path with highest local preference is
preferred.
integer Maximum: 4294967295
Default: "100"
med Multi exit descriminator

Multi exit descriminator (MED) is a hint to BGP neighbors about
the preferred path into an autonomous system (AS) that has multiple
entry points. A lower MED value is preferred over a higher value.
int Minimum: 0
Maximum: 4294967295
weight Weight used to select certain path

Weight is used to select a route when multiple routes are available
to the same network. Route with the highest weight is preferred.
int Minimum: 0
Maximum: 65535

RouteMapListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of RouteMaps array of RouteMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

RouteMapSequence (schema)

Name Description Type Notes
action Action for the Sequence RoutingFilterAction Required
match_criteria Match Criteria for the RouteMap Sequence RouteMapSequenceMatch Required
set_criteria Set Criteria for the RouteMap Sequence RouteMapSequenceSet

RouteMapSequenceMatch (schema)

Match sequence in route map which is used for matching routes.
IP prefix lists and match community expression are mutually
exclusive fields, one of them must be provided.

Name Description Type Notes
ip_prefix_lists IPPrefixList Identifiers for RouteMap Sequence Match Criteria array of string Minimum items: 1
Maximum items: 500
match_community_expression Expression to match BGP communities

It supports conjunction operator (AND) and five
operators within singular community match expression
(MATCH_ANY, MATCH_ALL, MATCH_EXACT, MATCH_NONE,
MATCH_REGEX).
CommunityMatchExpression

RouteMapSequenceSet (schema)

Name Description Type Notes
as_path_prepend As Path Prepending to influence path selection string
community Set normal BGP community

Set normal BGP community either well-known community name or
community value in aa:nn(2byte:2byte) format.
string
large_community Set large BGP community

Set large BGP community, community value shoud be in aa:bb:nn format where aa, bb, nn are unsigned integers with range [1-4294967295].		 string
local_preference Local preference number

Local preference indicates the degree of preference for one BGP route
over other BGP routes. The path/route with highest local preference
value is preferred/selected. If local preference value is not specified
then it will be considered as 100 by default.
integer Minimum: 0
Maximum: 4294967295
multi_exit_discriminator Multi Exit Discriminator (MED) integer Minimum: 0
Maximum: 4294967295
weight Weight used to select certain path int Minimum: 0
Maximum: 65535

RouterNexthop (schema)

Next hop configuration for network

Name Description Type Notes
admin_distance Cost associated with next hop route

Cost associated with next hop route		 int Minimum: 1
Maximum: 255
Default: "1"
ip_address Next hop gateway IP address

Next hop gateway IP address		 IPAddress
scope Interface path associated with current route

Interface path associated with current route.
For example: specify a policy path referencing the IPSec VPN Session.
array of string Minimum items: 1
Maximum items: 1

RoutesPerTransportNode (schema)

Routes per transport node

BGP routes per transport node.

Name Description Type Notes
routes BGP neighbor route details

Array of BGP neighbor route details for this transport node.
array of RouteDetails Readonly
source_address BGP neighbor source address

BGP neighbor source address.		 IPAddress Readonly
transport_node_id Transport node id string Required
Readonly

RoutesRequestParameters (schema)

Routes request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
edge_id UUID of edge node

UUID of edge node. Edge should be member of enforcement point.
string
enforcement_point_path String Path of the enforcement point

Enforcement point path.		 string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
route_source Filter routes based on the source from which route is learned

Filter routes based on the source from which route is learned.
string Enum: BGP, STATIC, CONNECTED
sort_ascending boolean
sort_by Field by which records are sorted string

RoutingConfig (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
forwarding_up_timer Forwarding up timer

Defines the extra time the router must wait before sending the UP notification
after the first BGP session is established. Default means forward immediately.
integer Default: "0"
id Unique identifier of this resource string Sortable
logical_router_id Logical router id string Readonly
resource_type Must be set to the value RoutingConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RoutingEntry (schema)

Routing table entry

Routing table entry.

Name Description Type Notes
admin_distance Admin distance

Admin distance.
int Readonly
network Network CIDR

Network CIDR.
string Readonly
next_hop Next hop address

Next hop address.
IPAddress Readonly
route_type Route type

Network address CIDR.
string Readonly

RoutingFilterAction (schema)

Action for Filters in Routing

Name Description Type Notes
RoutingFilterAction Action for Filters in Routing string Enum: PERMIT, DENY

RoutingGlobalConfig (schema)

NSX global configs for Routing

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
l3_forwarding_mode L3 forwarding mode

This setting does not restrict configuration as per other modes. But the forwarding will only work as per the mode set here.		 string Required
Enum: IPV4_ONLY, IPV4_AND_IPV6
Default: "IPV4_ONLY"
logical_uplink_mtu MTU for the logical uplinks

This is the global default MTU for all the logical uplinks in a NSX domain. Currently logical uplink MTU can only be set globally and applies to the entire NSX domain. There is no option to override this value at transport zone level or transport node level. If this value is not set, the default value of 1500 will be used.		 int Default: "1500"
resource_type Must be set to the value RoutingGlobalConfig GlobalConfigType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RoutingTable (schema)

Routing table

Routing table.

Name Description Type Notes
count Entry count

Entry count.		 int Readonly
edge_node Transport node ID

Transport node ID.
string Readonly
route_entries Route entries

Route entries.		 array of RoutingEntry Required

RoutingTableListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of Routes per transport node ID

Paged Collection of Routes per transport node ID.		 array of RoutingTable
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

RowListField (schema)

List of fields from which rows are formed

Root of the api result set for forming rows.

Name Description Type Notes
alias Alias Name

Short name or alias of row list field, if any. If unspecified, the row list field can be referenced by its index in the array of row list fields as $ (for example, $0).		 string Maximum length: 255
path JSON path

JSON path to the root of the api result set for forming rows.		 string Required
Maximum length: 1024

Rule (schema)

A rule specifies the security policy rule between the workload groups

A rule indicates the action to be performed for various types of traffic flowing between workload groups.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
action Action

The action to be applied to all the services
string Enum: ALLOW, DROP, REJECT
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
destination_groups Destination group paths

We need paths as duplicate names may exist for groups under different
domains.In order to specify all groups, use the constant "ANY". This
is case insensitive. If "ANY" is used, it should be the ONLY element
in the group array. Error will be thrown if ANY is used in conjunction
with other values.
array of string Maximum items: 128
destinations_excluded Negation of destination groups

If set to true, the rule gets applied on all the groups that are
NOT part of the destination groups. If false, the rule applies to the
destination groups
boolean Default: "False"
direction Direction

Define direction of traffic.
string Enum: IN, OUT, IN_OUT
Default: "IN_OUT"
disabled Flag to disable the rule

Flag to disable the rule. Default is enabled.		 boolean Default: "False"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_protocol IPv4 vs IPv6 packet type

Type of IP packet that should be matched while enforcing the rule.
The value is set to IPV4_IPV6 for Layer3 rule if not specified.
For Layer2/Ether rule the value must be null.
string Enum: IPV4, IPV6, IPV4_IPV6
logged Enable logging flag

Flag to enable packet logging. Default is disabled.		 boolean Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
notes Text for additional notes on changes

Text for additional notes on changes.		 string Maximum length: 2048
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
profiles Layer 7 service profiles

Holds the list of layer 7 service profile paths. These profiles accept
attributes and sub-attributes of various network services
(e.g. L4 AppId, encryption algorithm, domain name, etc) as key value
pairs.
array of string Maximum items: 128
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Rule string
scope The list of policy paths where the rule is applied
LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied
on multiple LRs/LRPs.
array of string Maximum items: 128
sequence_number Sequence number of the this Rule

This field is used to resolve conflicts between multiple
Rules under Security or Gateway Policy for a Domain
int Minimum: 0
services Names of services

In order to specify all services, use the constant "ANY".
This is case insensitive. If "ANY" is used, it should
be the ONLY element in the services array. Error will be thrown
if ANY is used in conjunction with other values.
array of string Maximum items: 128
source_groups Source group paths

We need paths as duplicate names may exist for groups under different
domains. In order to specify all groups, use the constant "ANY". This
is case insensitive. If "ANY" is used, it should be the ONLY element
in the group array. Error will be thrown if ANY is used in conjunction
with other values.
array of string Maximum items: 128
sources_excluded Negation of source groups

If set to true, the rule gets applied on all the groups that are
NOT part of the source groups. If false, the rule applies to the
source groups
boolean Default: "False"
tag Tag applied on the rule

User level field which will be printed in CLI and packet logs.
string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

RuleInsertParameters (schema)

Parameters to tell where rule needs to be placed

Parameters to let the admin specify a relative position of a rule w.r.t to
another one in the same security policy. If the rule specified in the
anchor_path belongs to another security policy an error will be thrown.

Name Description Type Notes
anchor_path The security policy/rule path if operation is 'insert_after' or 'insert_before' string
operation Operation string Enum: insert_top, insert_bottom, insert_after, insert_before
Default: "insert_top"

RuleListRequestParameters (schema)

Rule list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

RuleListResult (schema)

Paged Collection of Rules

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Rule list results array of Rule Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

RuleState (schema)

Name Description Type Notes
details Array of configuration state of various sub systems array of ConfigurationStateElement Readonly
failure_code Error code integer Readonly
failure_message Error message in case of failure string Readonly
pending_change_list List of pending changes

Pending changes to be realized.		 array of PendingChange Maximum items: 100
revision_desired Desired state revision number

This attribute represents revision number of rule's desired state.		 integer Readonly
state Overall state of desired configuration

Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.		 string Required
Readonly
Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED

RuleStatistics (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
byte_count Bytes count

Aggregated number of bytes processed by the rule.
integer Readonly
hit_count Hits count

Aggregated number of hits received by the rule.		 integer Readonly
internal_rule_id NSX internal rule id

Realized id of the rule on NSX MP. Policy Manager can create more than
one rule per policy rule, in which case this identifier helps to
distinguish between the multple rules created.
string Readonly
lr_path Logical Router (Tier-0/Tier1) path

Path of the LR on which the section is applied in case of Edge FW.		 string Readonly
max_popularity_index The maximum popularity index

Maximum value of popularity index of all rules of the type.
This is aggregated statistic which are computed with lower
frequency compared to individual generic rule statistics.
It may have a computation delay up to 15 minutes in response
to this API.
integer Readonly
max_session_count Maximum Sessions count

Maximum value of sessions count of all rules of the type.
This is aggregated statistic which are computed with lower
frequency compared to generic rule statistics. It may have
a computation delay up to 15 minutes in response to this API.
integer Readonly
packet_count Packets count

Aggregated number of packets processed by the rule.
integer Readonly
popularity_index The index of the popularity of rule

This is calculated by sessions count divided by age of the rule.		 integer Readonly
rule Rule path

Path of the rule.		 string Readonly
session_count sessions count

Aggregated number of sessions processed by the rule.
integer Readonly
total_session_count Total Sessions count

Aggregated number of sessions processed by all the rules
This is aggregated statistic which are computed with lower
frequency compared to individual generic rule statistics.
It may have a computation delay up to 15 minutes in
response to this API.
integer Readonly

RuleStatisticsForEnforcementPoint (schema)

Rule statistics for an enforcement point

Rule statistics for a specfic enforcement point.

Name Description Type Notes
enforcement_point Enforcement point path

Rule statistics for a single enforcement point		 string Readonly
statistics Rule Statistics

Statistics for the specified enforcement point		 RuleStatistics Readonly

RuleStatisticsListResult (schema)

Paged Collection of rule statistics

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results RuleStatistics list results array of RuleStatisticsForEnforcementPoint Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

RuntimeInterfaceOperationalStatus (schema)

Name Description Type Notes
interface_index Index of the interface integer Required
Readonly
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
status The Operational status of the interface string Required
Enum: UP, DOWN, UNKNOWN

RuntimeInterfaceStatistics (schema)

Name Description Type Notes
dropped_by_security_packets SIPacketsDroppedBySecurity Readonly
interface_index Index of the interface integer Required
Readonly
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
mac_learning SIMacLearningCounters Readonly
rx_bytes SIDataCounter Readonly
rx_packets SIDataCounter Readonly
tx_bytes SIDataCounter Readonly
tx_packets SIDataCounter Readonly

SIAggregatedDataCounter (schema)

Name Description Type Notes
rx_bytes SIDataCounter Readonly
rx_packets SIDataCounter Readonly
tx_bytes SIDataCounter Readonly
tx_packets SIDataCounter Readonly

SIAggregatedDataCounterEx (schema)

Name Description Type Notes
dropped_by_security_packets SIPacketsDroppedBySecurity Readonly
mac_learning SIMacLearningCounters Readonly
rx_bytes SIDataCounter Readonly
rx_packets SIDataCounter Readonly
tx_bytes SIDataCounter Readonly
tx_packets SIDataCounter Readonly

SIDataCounter (schema)

Name Description Type Notes
dropped The dropped packets or bytes integer
multicast_broadcast The multicast and broadcast packets or bytes integer
total The total packets or bytes integer Required

SIErrorClass (schema)

Error class for all the Service Insertion related errors.

Name Description Type Notes
error_id integer Readonly
error_message string Readonly

SIExcludeList (schema)

Exclusion List

List of entities where Service Insertion will not be enforced. Exclusion List can contain NSGroup(s) or LogicalPort(s) or LogicalSwitch(es).

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
member_count Total Member Count

Total number of members present in Exclude List.		 integer Readonly
members Member list

List of members in Exclusion List		 array of ResourceReference Required
Maximum items: 1000
resource_type Must be set to the value SIExcludeList string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

SIExcludeListRequestParams (schema)

Parameter for the exclude list

Parameter used to remove member from Exclude List.

Name Description Type Notes
object_id Identifier of the object string Required
Maximum length: 64

SIMacLearningCounters (schema)

Name Description Type Notes
mac_not_learned_packets_allowed Number of dispatched packets with unknown source MAC address.

The number of packets with unknown source MAC address that are dispatched without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_ALLOW.		 integer
mac_not_learned_packets_dropped Number of dropped packets with unknown source MAC address.

The number of packets with unknown source MAC address that are dropped without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_DROP.		 integer
macs_learned Number of MACs learned integer

SIPacketTypeAndCounter (schema)

Name Description Type Notes
counter The number of packets. integer Required
packet_type The type of the packets string Required

SIPacketsDroppedBySecurity (schema)

Name Description Type Notes
bpdu_filter_dropped The number of packets dropped by "BPDU filter". integer
dhcp_client_dropped_ipv4 The number of IPv4 packets dropped by "DHCP client block". integer
dhcp_client_dropped_ipv6 The number of IPv6 packets dropped by "DHCP client block". integer
dhcp_server_dropped_ipv4 The number of IPv4 packets dropped by "DHCP server block". integer
dhcp_server_dropped_ipv6 The number of IPv6 packets dropped by "DHCP server block". integer
spoof_guard_dropped The packets dropped by "Spoof Guard"; supported packet types are IPv4, IPv6, ARP, ND, non-IP. array of SIPacketTypeAndCounter

SIServiceProfileListResult (schema)

Service Insertion Service Profile List

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service list

List of the Service-Insertion Services. The list has to be homogenous.		 array of BaseServiceProfile
(Abstract type: pass one of the following concrete types)
BaseServiceProfile
GiServiceProfile
ServiceInsertionServiceProfile		 Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SVMConfigureIssue (schema)

Service VM configuration issue

Type of issue and detailed description of the issues in case of post-VM deployment configuration failure.

Name Description Type Notes
errors List of errors

List of errors along with details like errorId and error messages.		 array of SIErrorClass
service_instance_id Service Instance ID

The ID of service instance which was deployed.		 string

SVMDeploymentSpec (schema)

Service-VM Deployment Spec

Deployment Specs holds information required to deploy the Service-VMs.i.e. OVF url where the partner Service-VM OVF is hosted. The host type on which the OVF(Open Virtualization Format) can be deployed, Form factor to name a few.

Name Description Type Notes
host_type HostType

Host Type on which the specified OVF can be deployed.		 string Required
Enum: ESXI, RHELKVM, UBUNTUKVM
min_host_version Minimum Host Version

Minimum host version supported by this ovf. If a host in the deployment cluster is having version less than this, then service deployment will not happen on that host.		 string Default: "6.5"
name name

Deployment Spec name for ease of use, since multiple DeploymentSpec can be specified.		 string
ovf_url OVF url

Location of the partner VM OVF to be deployed.		 string Required
service_form_factor Service Form Factor

Supported ServiceInsertion Form Factor for the OVF deployment. The default FormFactor is Medium.		 string Enum: SMALL, MEDIUM, LARGE
Default: "MEDIUM"

ScpProtocol (schema)

Name Description Type Notes
authentication_scheme Scheme to authenticate if required PasswordAuthenticationScheme Required
name Must be set to the value ScpProtocol string Required
Enum: http, https, scp, sftp
ssh_fingerprint SSH fingerprint of server string Required

SearchResponse (schema)

SearchResponse

Search response

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Search results

Search results		 array of object Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SectionQueryParameters (schema)

Section query parameters

Name Description Type Notes
cascade Flag to cascade delete of this object to all it's child objects. boolean Default: "False"

SecurityCertificate (schema)

Name Description Type Notes
pem_encoded PEM encoded X.509 certificate

The certificate must include the enclosing "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----"		 string Required
Minimum length: 52
ssh_public_key string Readonly
text X.509 certificate in text form string Readonly
Minimum length: 52
valid_from The time when the certificate starts being valid string Readonly
valid_to The time when the certificate stops being valid string Readonly

SecurityGlobalConfig (schema)

NSX global configs for security purposes, like trust store and trust manager.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
ca_signed_only A flag to indicate whether the server certs are only allowed to be ca-signed.

When this flag is set to true (for NDcPP compliance) only ca-signed certificates will be allowed to be applied as server certificates.		 boolean Default: "False"
crl_checking_enabled A flag to indicate whether the Java trust-managers check certificate revocation

When this flag is set to true, during certificate checking the CRL is fetched and checked whether the certificate is revoked or not.		 boolean Default: "True"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value SecurityGlobalConfig GlobalConfigType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

SecurityGroup (schema)

Security Group

Stores information about a security group.

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
resource_type Must be set to the value SecurityGroup string Required
security_group_id Security Group ID

ID of the security group.		 string Readonly
security_group_name Security Group Name

Name of the security group.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

SecurityGroupDetails (schema)

Security Group Details

Stores details of cloud security group and corresponding NSX security group.

Name Description Type Notes
cloud_security_group Cloud Security Group

Stores information about a cloud native security group created by NSX.
For AWS, this will correspond to cloud network security group
information. For Azure, this will correspond to cloud application
security group information.
SecurityGroup Readonly
nsx_security_group NSX Security Group

Stores information about a NSX security group corresponding to the
cloud security group.
SecurityGroup Readonly

SecurityGroupListRequestParameters (schema)

These parameters will be used to filter the list of security groups.
Multiple parameters can be given as input to 'AND' them.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
is_managed_by_nsx Is Managed By NSX

Filter parameter to obtain security groups which are managed by NSX.
boolean
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

SecurityPolicy (schema)

Contains ordered list of Rules

Ordered list of Rules. This object is created by default along with the Domain.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
category A way to classify a security policy, if needed.

- Distributed Firewall -
Policy framework provides five pre-defined categories for classifying
a security policy. They are "Ethernet","Emergency", "Infrastructure"
"Environment" and "Application". There is a pre-determined order in
which the policy framework manages the priority of these security
policies. Ethernet category is for supporting layer 2 firewall rules.
The other four categories are applicable for layer 3 rules. Amongst
them, the Emergency category has the highest priority followed by
Infrastructure, Environment and then Application rules. Administrator
can choose to categorize a security policy into the above categories
or can choose to leave it empty. If empty it will have the least
precedence w.r.t the above four categories.
- Edge Firewall -
Policy Framework for Edge Firewall provides six pre-defined categories
"Emergency", "SystemRules", "SharedPreRules", "LocalGatewayRules",
"AutoServiceRules" and "Default", in order of priority of rules.
All categories are allowed for Gatetway Policies that belong
to 'default' Domain. However, for user created domains, category is
restricted to "SharedPreRules" or "LocalGatewayRules" only. Also, the
users can add/modify/delete rules from only the "SharedPreRules" and
"LocalGatewayRules" categories. If user doesn't specify the category
then defaulted to "Rules". System generated category is used by NSX
created rules, for example BFD rules. Autoplumbed category used by
NSX verticals to autoplumb data path rules. Finally, "Default" category
is the placeholder default rules with lowest in the order of priority.
string
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
comments SecurityPolicy lock/unlock comments

Comments for security policy lock/unlock.		 string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
lock_modified_by User who locked the security policy

ID of the user who last modified the lock for the secruity policy.
string Readonly
lock_modified_time SecuirtyPolicy locked/unlocked time

SecurityPolicy locked/unlocked time in epoch milliseconds.		 EpochMsTimestamp Readonly
locked Lock a security policy

Indicates whether a security policy should be locked. If the
security policy is locked by a user, then no other user would
be able to modify this security policy. Once the user releases
the lock, other users can update this security policy.
boolean Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value SecurityPolicy string
rules Rules that are a part of this SecurityPolicy array of Rule
scope The list of group paths where the rules in this policy will get
applied. This scope will take precedence over rule level scope.
Supported only for security policies.
array of string Maximum items: 128
sequence_number Sequence number to resolve conflicts across Domains

This field is used to resolve conflicts between security policies
across domains. In order to change the sequence number of a policy
one can fire a POST request on the policy entity with
a query parameter action=revise
The sequence number field will reflect the value of the computed
sequence number upon execution of the above mentioned POST request.
For scenarios where the administrator is using a template to update
several security policies, the only way to set the sequence number is
to explicitly specify the sequence number for each security policy.
int Minimum: 0
stateful Stateful nature of the entries within this security policy.

Stateful or Stateless nature of security policy is enforced on all
rules in this security policy. When it is stateful, the state of
the network connects are tracked and a stateful packet inspection is
performed.
Layer3 security policies can be stateful or stateless. By default, they are stateful.
Layer2 security policies can only be stateless.
boolean
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_strict Enforce strict tcp handshake before allowing data packets

Ensures that a 3 way TCP handshake is done before the data packets
are sent.
tcp_strict=true is supported only for stateful security policies.
boolean

SecurityPolicyInsertParameters (schema)

Parameters to tell where security policy needs to be placed

Parameters to let the admin specify a relative position of a security
policy w.r.t to another one.

Name Description Type Notes
anchor_path The security policy/rule path if operation is 'insert_after' or 'insert_before' string
operation Operation string Enum: insert_top, insert_bottom, insert_after, insert_before
Default: "insert_top"

SecurityPolicyListRequestParameters (schema)

SecurityPolicy list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

SecurityPolicyListResult (schema)

Paged Collection of security policies

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results SecurityPolicy list results array of SecurityPolicy Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SecurityPolicyStatistics (schema)

Security policy statistics

Aggregate statistics of all the rules in a security policy.

Name Description Type Notes
internal_section_id NSX internal section id

Realized id of the section on NSX MP. Policy Manager can create more than
one section per SecurityPolicy, in which case this identifier helps to
distinguish between the multiple sections created.
string Readonly
lr_path Logical Router (Tier-0/Tier1) path

Path of the LR on which the section is applied in case of Gateway Firewall.
string Readonly
result_count Rule stats count

Total count for rule statistics		 integer Required
Readonly
results Statistics for all rules

List of rule statistics.		 array of RuleStatistics Readonly
Maximum items: 1000

SecurityPolicyStatisticsForEnforcementPoint (schema)

Security policy statistics for an enforcement point

Aggregate statistics of all the rules in a security policy for a specific
enforcement point.

Name Description Type Notes
enforcement_point Enforcement point path

Enforcement point to fetch the statistics from.		 string Readonly
statistics Security Policy Statistics

Statistics for the specified enforcement point		 SecurityPolicyStatistics Readonly

SecurityPolicyStatisticsListResult (schema)

Paged Collection of Security Policy statistics

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Security Policy statistics list results array of SecurityPolicyStatisticsForEnforcementPoint Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SecurityProfileBindingMap (schema)

Base security profile binding map

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value SecurityProfileBindingMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

Segment (schema)

Segment configuration

Segment configuration to attach workloads.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
advanced_config Advanced configuration for Segment

Advanced configuration for Segment.
SegmentAdvancedConfig
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
connectivity_path Policy path to the connecting Tier-0 or Tier-1

Policy path to the connecting Tier-0 or Tier-1. Valid only for
segments created under Infra.
string
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
domain_name DNS domain name string
id Unique identifier of this resource string Sortable
l2_extension Configuration for extending Segment through L2 VPN L2Extension
ls_id Pre-created logical switch id for Segment

This property is deprecated. The property will continue to work as
expected for existing segments. The segments that are newly created
with ls_id will be ignored.
Sepcify pre-creted logical switch id for Segment.
string Deprecated
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
overlay_id Overlay connectivity ID for this Segment

Used for overlay connectivity of segments. The overlay_id
should be allocated from the pool as definied by enforcement-point.
If not provided, it is auto-allocated from the default pool on the
enforcement-point.
int Minimum: 0
Maximum: 2147483647
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Segment string
subnets Subnet configuration. Max 1 subnet array of SegmentSubnet
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_zone_path Policy path to the transport zone

Policy path to the transport zone. Supported for VLAN backed segments
as well as Overlay Segments. This field is required for VLAN backed
Segments. Auto assigned if only one transport zone exists in the
enforcement point. Default transport zone is auto assigned for
overlay segments if none specified.
string
type Segment type

Segment type based on configuration.
string Readonly
Enum: ROUTED, EXTENDED, ROUTED_AND_EXTENDED, DISCONNECTED
vlan_ids VLAN ids for VLAN backed Segment

VLAN ids for a VLAN backed Segment.
Can be a VLAN id or a range of VLAN ids specified with '-' in between.
array of string

SegmentAdvancedConfig (schema)

Advanced configuration for Segment

Name Description Type Notes
address_pool_paths Policy path to IP address pools

Policy path to IP address pools.
array of string Maximum items: 1
connectivity Connectivity configuration

Connectivity configuration to manually connect (ON) or disconnect (OFF)
a logical entity from network topology.
string Enum: ON, OFF
Default: "ON"
hybrid Flag to identify a hybrid logical switch

When set to true, all the ports created on this segment will behave
in a hybrid fashion. The hybrid port indicates to NSX that the
VM intends to operate in underlay mode, but retains the ability to
forward egress traffic to the NSX overlay network.
This property is only applicable for segment created with transport
zone type OVERLAY_STANDARD.
This property cannot be modified after segment is created.
boolean Default: "False"
local_egress Flag to enable local egress

This property is used to enable proximity routing with local egress.
When set to true, logical router interface (downlink) connecting
Segment to Tier0/Tier1 gateway is configured with prefix-length 32.
boolean Default: "False"

SegmentDiscoveryProfileBindingMap (schema)

Segment Discovery Profile binding map

This entity will be used to establish association between discovery profile
and Segment. Using this entity, user can specify intent for applying
discovery profile to particular segments.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_discovery_profile_path IP Discovery Profile Path

PolicyPath of associated IP Discovery Profile		 string
mac_discovery_profile_path Mac Discovery Profile Path

PolicyPath of associated Mac Discovery Profile		 string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value SegmentDiscoveryProfileBindingMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

SegmentDiscoveryProfileBindingMapListRequestParameters (schema)

Segment Discovery Profile Binding Map list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

SegmentDiscoveryProfileBindingMapListResult (schema)

Paged collection of Segment Discovery Profile Binding Maps

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Segment Discovery Profile Binding Map list results array of SegmentDiscoveryProfileBindingMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SegmentInfo (schema)

Segment related information

This contains details about the segment created in NSX domain on a
transport zone.

Name Description Type Notes
display_name Name of the segment

Segment Name as created in NSX domain.
string Readonly
id Segment Id

Segment id as created in NSX domain.
string Readonly
instances_count Number of instances on this segment

Number of instances or cloud compute resources on this segment.
integer Readonly
is_hybrid Flag to identify if this is a hybrid segment

Flag to identify if this is a hybrid segment.
boolean Readonly
nsx_tag NSX Tag value

This tag value is applied on cloud compute resource to be attached to
this segment.
string Readonly

SegmentListRequestParameters (schema)

Segment list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

SegmentListResult (schema)

Paged collection of Segments

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Segment list results array of Segment Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SegmentMonitoringProfileBindingMap (schema)

Segment Monitoring Profile binding map

This entity will be used to establish association between monitoring profile
and Segment. Using this entity, you can specify intent for applying
monitoring profile to particular segment.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ipfix_l2_profile_path IPFIX L2 Profile Path

PolicyPath of associated IPFIX L2 Profile		 string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
port_mirroring_profile_path Port Mirroring Profile Path

PolicyPath of associated Port Mirroring Profile		 string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value SegmentMonitoringProfileBindingMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

SegmentMonitoringProfileBindingMapListRequestParameters (schema)

Segment Monitoring Profile Binding Map list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

SegmentMonitoringProfileBindingMapListResult (schema)

Paged collection of Segment Monitoring Profile Binding Maps

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Segment Monitoring Profile Binding Map list results array of SegmentMonitoringProfileBindingMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SegmentPort (schema)

Policy port object for segment

Policy port will create LogicalPort on LogicalSwitch corresponding to the Segment.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
address_bindings Address bindings for the port

Static address binding used for the port.		 array of PortAddressBindingEntry
attachment VIF attachment

Only VIF attachment is supported		 PortAttachment
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value SegmentPort string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

SegmentPortListRequestParameters (schema)

SegmentPort list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

SegmentPortListResult (schema)

Paged collection of SegmentPort

List SegmentPort objects

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results SegmentPort list results

Place holder for the list result		 array of SegmentPort Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SegmentPortStatistics (schema)

Segment port statistics on specific Enforcement Point

Segment port statistics on specific Enforcement Point.

Name Description Type Notes
dropped_by_security_packets PacketsDroppedBySecurity Readonly
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
logical_port_id The id of the logical port string Required
Readonly
mac_learning MacLearningCounters Readonly
rx_bytes DataCounter Readonly
rx_packets DataCounter Readonly
tx_bytes DataCounter Readonly
tx_packets DataCounter Readonly

SegmentQoSProfileBindingMap (schema)

Segment QoS Profile binding map

This entity will be used to establish association between qos profile
and Segment. Using this entity, you can specify intent for applying
qos profile to particular segment.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
qos_profile_path QoS Profile Path

PolicyPath of associated QoS Profile		 string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value SegmentQoSProfileBindingMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

SegmentQoSProfileBindingMapListRequestParameters (schema)

Segment QoS Profile Binding Map list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

SegmentQoSProfileBindingMapListResult (schema)

Paged collection of Segment QoS Profile Binding Maps

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Segment QoS Profile Binding Map list results array of SegmentQoSProfileBindingMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SegmentSecurityProfile (schema)

Segment Security Profile

Security features extended by policy operations for securing logical segments.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
bpdu_filter_allow Disable BPDU filtering on this whitelist

Pre-defined list of allowed MAC addresses to be excluded from BPDU filtering.
List of allowed MACs - 01:80:c2:00:00:00, 01:80:c2:00:00:01, 01:80:c2:00:00:02, 01:80:c2:00:00:03,
01:80:c2:00:00:04, 01:80:c2:00:00:05, 01:80:c2:00:00:06, 01:80:c2:00:00:07,
01:80:c2:00:00:08, 01:80:c2:00:00:09, 01:80:c2:00:00:0a, 01:80:c2:00:00:0b,
01:80:c2:00:00:0c, 01:80:c2:00:00:0d, 01:80:c2:00:00:0e, 01:80:c2:00:00:0f,
00:e0:2b:00:00:00, 00:e0:2b:00:00:04, 00:e0:2b:00:00:06, 01:00:0c:00:00:00,
01:00:0c:cc:cc:cc, 01:00:0c:cc:cc:cd, 01:00:0c:cd:cd:cd, 01:00:0c:cc:cc:c0,
01:00:0c:cc:cc:c1, 01:00:0c:cc:cc:c2, 01:00:0c:cc:cc:c3, 01:00:0c:cc:cc:c4,
01:00:0c:cc:cc:c5, 01:00:0c:cc:cc:c6, 01:00:0c:cc:cc:c7
array of MACAddress Minimum items: 0
Maximum items: 32
bpdu_filter_enable BPDU filtering status

Indicates whether BPDU filter is enabled. BPDU filtering is enabled by default.
boolean Default: "True"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
dhcp_client_block_enabled Enable DHCP client block

Filters DHCP server and/or client traffic. DHCP server
blocking is enabled and client blocking is disabled by default.
boolean Default: "False"
dhcp_client_block_v6_enabled Enable DHCP client block v6

Filters DHCP server and/or client IPv6 traffic. DHCP server
blocking is enabled and client blocking is disabled by default.
boolean Default: "False"
dhcp_server_block_enabled Enable DHCP server block

Filters DHCP server and/or client traffic. DHCP server
blocking is enabled and client blocking is disabled by default.
boolean Default: "True"
dhcp_server_block_v6_enabled Enable DHCP server block v6

Filters DHCP server and/or client IPv6 traffic. DHCP server
blocking is enabled and client blocking is disabled by default.
boolean Default: "True"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
non_ip_traffic_block_enabled Enable non IP traffic block

A flag to block all traffic except IP/(G)ARP/BPDU.
boolean Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
ra_guard_enabled Enable Router Advertisement Guard

Enable or disable Router Advertisement Guard.
boolean Default: "False"
rate_limits Rate limiting configuration

Allows configuration of rate limits for broadcast and multicast traffic. Rate limiting is disabled by default		 TrafficRateLimits
rate_limits_enabled Enable Rate Limits

Enable or disable Rate Limits
boolean Default: "False"
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value SegmentSecurityProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

SegmentSecurityProfileBindingMap (schema)

Security profile binding map for segment

Contains the binding relationship between segment and security profile.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value SegmentSecurityProfileBindingMap string
segment_security_profile_path Segment Security Profile Path

The policy path of the asscociated Segment Security profile		 string
spoofguard_profile_path SpoofGuard Profile Path

The policy path of the asscociated SpoofGuard profile		 string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

SegmentSecurityProfileBindingMapListRequestParameters (schema)

Segment security profile binding map request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

SegmentSecurityProfileBindingMapListResult (schema)

Paged collection of segment security profile binding maps

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Segment security profile binding map list results array of SegmentSecurityProfileBindingMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SegmentSecurityProfileListRequestParameters (schema)

Segment security profile request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

SegmentSecurityProfileListResult (schema)

Paged collection of segment security profiles

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Segment Security profile list results array of SegmentSecurityProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SegmentStatistics (schema)

Segment statistics on specific Enforcement Point

Segment statistics on specific Enforcement Point.

Name Description Type Notes
dropped_by_security_packets PacketsDroppedBySecurity Readonly
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
logical_switch_id The id of the logical Switch string Required
Readonly
mac_learning MacLearningCounters Readonly
rx_bytes DataCounter Readonly
rx_packets DataCounter Readonly
tx_bytes DataCounter Readonly
tx_packets DataCounter Readonly

SegmentSubnet (schema)

Subnet configuration for segment

Name Description Type Notes
dhcp_ranges DHCP address ranges for dynamic IP allocation

DHCP address ranges are used for dynamic IP allocation.
Supports address range and CIDR formats. First valid
host address from the first value is assigned to DHCP server
IP address. Existing values cannot be deleted or modified,
but additional DHCP ranges can be added.
array of IPElement Minimum items: 1
gateway_address Gateway IP address.

Gateway IP address in CIDR format for both IPv4 and IPv6.
string
network Network CIDR for subnet

Network CIDR for this subnet calculated from gateway_addresses and
prefix_len.
string Readonly

SelectableResourceReference (schema)

Resources to take action on

Name Description Type Notes
is_valid Target validity

Will be set to false if the referenced NSX resource has been deleted.		 boolean Readonly
selected Set to true if this resource has been selected to be acted upon boolean Required
target_display_name Target display name

Display name of the NSX resource.		 string Readonly
Maximum length: 255
target_id Target ID

Identifier of the NSX resource.		 string Maximum length: 64
target_type Target type

Type of the NSX resource.		 string Maximum length: 255

SelfResourceLink (schema)

Link to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.

Name Description Type Notes
action Optional action string Readonly
href Link to resource string Required
Readonly
rel Link relation type

Custom relation type (follows RFC 5988 where appropriate definitions exist)		 string Required
Readonly

SelfSignedActionParameter (schema)

Name Description Type Notes
days_valid Number of days the certificate will be valid, default 10 years integer Required
Minimum: 1
Maximum: 10000
Default: "3650"

ServerAuthType (schema)

server authentication mode

Server authentication could be REQUIRED or IGNORE, it is used to specify
if the server certificate presented to the load balancer during handshake
should be actually validated or not. Validation is disabled by default.
If validation is REQUIRED, then to be accepted, server certificate must be
signed by one of the trusted CAs whose self signed certificates are
specified in the same server-side SSL profile binding.

Name Description Type Notes
ServerAuthType server authentication mode

Server authentication could be REQUIRED or IGNORE, it is used to specify
if the server certificate presented to the load balancer during handshake
should be actually validated or not. Validation is disabled by default.
If validation is REQUIRED, then to be accepted, server certificate must be
signed by one of the trusted CAs whose self signed certificates are
specified in the same server-side SSL profile binding.
string Enum: REQUIRED, IGNORE

ServerSslProfileBinding (schema)

Name Description Type Notes
certificate_chain_depth the maximum traversal depth of server certificate chain

authentication depth is used to set the verification depth in the server
certificates chain.
integer Minimum: 1
Maximum: 2147483647
Default: "3"
client_certificate_id client certificate identifier

To support client authentication (load balancer acting as a client
authenticating to the backend server), client certificate can be
specified in the server-side SSL profile binding
string
server_auth server authentication mode ServerAuthType Default: "IGNORE"
server_auth_ca_ids CA identifier list to verify server certificate

If server auth type is REQUIRED, server certificate must be signed by
one of the trusted Certificate Authorities (CAs), also referred to as
root CAs, whose self signed certificates are specified.
array of string
server_auth_crl_ids CRL identifier list to verify server certificate

A Certificate Revocation List (CRL) can be specified in the server-side
SSL profile binding to disallow compromised server certificates.
array of string
ssl_profile_id server SSL profile identifier

Server SSL profile defines reusable, application-independent server side
SSL properties.
string

Service (schema)

Contains the information related to a service

Used while defining a CommunicationEntry. A service may have multiple
service entries.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
is_default Flag for default services

The flag, if true, indicates that service is created in the system by default.
Such default services can't be modified/deleted.
boolean Readonly
Default: "False"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Service string
service_entries Service type array of ServiceEntry
(Abstract type: pass one of the following concrete types)
ALGTypeServiceEntry
EtherTypeServiceEntry
ICMPTypeServiceEntry
IGMPTypeServiceEntry
IPProtocolServiceEntry
L4PortSetServiceEntry		 Maximum items: 50
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ServiceAssociationListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
service_type string Required
Enum: FireWallServiceAssociationListResult, IpfixServiceAssociationListResult
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceAttachment (schema)

Logical Attachment Point for a 3rd Party Service

A ServiceAttachment represents a point on NSX entity (Example - Edge Router) to which ServiceInstance can be connected through an InstanceEndpoint. Example - In VMWare Hybric Cloud Extention (HCX) use case, HCX appliances connect to this Service Attachment Point. We do not handle the lifecycle of these appliance/s.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
attachment_status Attachment Status

UP - A Service Attachment will have its Service Port - UP and with a configured IP address. DOWN - An Inactive ServiceAttachment has its Service Port - DOWN. It can be used to connect set of appliances that do not need to exchange traffic to/from/through the Edge node.		 string Enum: UP, DOWN
Default: "UP"
deployed_to Deployed-to object

NSX Resource where we want to create Service Attachment Point. Ex. T0 LR Edge in case of north-south ServiceInsertion and a TransportZone (which is used to define the service plane) in case of east-west service insertion.		 ResourceReference Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
local_ips Local IPs

Local IPs associated with this Service Attachment.		 array of IPInfo Minimum items: 1
Maximum items: 1
logical_switch Logical Switch

Logical Switch gets created as a part of Service Attachment creation.		 ResourceReference Readonly
resource_type Must be set to the value ServiceAttachment string
service_port Service Port (Logical Router Centralized Service Port)

Service Port gets created as a part of Service Attachment creation. It is a Logical Router Port of type CentralizedServicePort. It does not participate in distributed routing. Stateless Policy Based Routing service can be applied on this port.		 ResourceReference Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ServiceAttachmentListResult (schema)

Service Attachment List

List of Service Attachments.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service-Attachment list

List of the Service Attachments.		 array of ServiceAttachment Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceBinding (schema)

Name Description Type Notes
service_id UUID of Service

Identifier of Logical Service		 ResourceReference Required

ServiceCapability (schema)

Service capabilities

Service capabilities that will be inherited by service VMs created using a service definition that contains this service capability.

Name Description Type Notes
can_decrement_si SI decrement flag

Indicating whether service is configured to decrement SI field in NSH metadata.		 boolean Readonly
Default: "False"
nsh_liveness_support_enabled NSH liveness support flag

Indicating whether service supports NSH liveness detection.		 boolean Default: "False"

ServiceChain (schema)

Service Chain

Service chain is a set of network Services. A Service chain is made up of ordered list of service profiles belonging to any same or different services.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
forward_path_service_profiles Forward path service profiles

List of ServiceInsertionServiceProfiles that constitutes the the service chain. The forward path service profiles are applied to ingress traffic.		 array of ResourceReference Required
Maximum items: 4
id Unique identifier of this resource string Sortable
on_failure_policy On Failure Policy

Failure policy for the service tells datapath, the action to take i.e to allow or block traffic during failure scenarios.		 string Enum: ALLOW, BLOCK
Default: "ALLOW"
path_selection_policy Path Selection Policy

Path selection policy can be - ANY - Service Insertion is free to redirect to any service path regardless of any load balancing considerations or flow pinning. LOCAL - means to prefer local service insances. REMOTE - preference is to redirect to the SVM co-located on the same host.		 string Enum: ANY, LOCAL, REMOTE
Default: "ANY"
resource_type Must be set to the value ServiceChain string
reverse_path_service_profiles Reverse path service profiles

List of ServiceInsertionServiceProfiles id. Reverse path service profiles are applied to egress traffic and is optional. 2 different set of profiles can be defined for forward and reverse path. If not defined, the reverse of the forward path service profile is applied.		 array of ResourceReference Maximum items: 4
service_attachments Service Attachment list

Service attachment specifies the scope i.e Service plane at which the SVMs are deployed.		 array of ResourceReference Required
Minimum items: 1
Maximum items: 1
service_chain_id Service chain id

A unique id generated for every service chain. This is not a uuid.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ServiceChainListRequestParameters (schema)

Service Chain list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ServiceChainListResult (schema)

Service Chain List

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service list

List of the Service-Insertion Services. The list has to be homogenous.		 array of ServiceChain Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceChainMapping (schema)

Service Chain Mapping

A ServiceInsertionServiceProfile can be part of multiple ServiceChains. ServiceChainMapping for a particular profile will contain a list of all the ServiceChains it's part of. Each Mapping will also contain some metadata to uniquely identify a profile from other profiles.

Name Description Type Notes
direction Direction

Each ServiceChain has forward_path_service_profiles and reverse_path_service_profiles. This property will indicate which of them being used. FORWARD - forward_path_service_profiles REVERSE - reverse_path_service_profiles		 string Readonly
Enum: FORWARD, REVERSE
service_chain_id Service Chain id

A unique id generated for every ServiceChain. This is not a uuid.		 string Readonly
service_index Service Index

Service Index represents a numerical position of a ServiceInsertionServiceProfile in a ServiceChain. It will be in reverse order. Service Index can point to either forward_path_service_profiles or reverse_path_service_profiles indicated by direction property. Example - For a ServiceChain A-B-C, A will have index of 3, B will have index of 2 and C will have index of 1.		 integer Readonly

ServiceChainMappingListResult (schema)

Service Chain Mapping List

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service Chain Mapping List

List of the Service Chain Mappings. The list has to be homogenous.		 array of ServiceChainMapping Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceConfig (schema)

Service Config for profile and common configuration

Service configs are groupings of profiles (i.e switch profiles) and configurations applied to resources or collection of resources(NSGroups).

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
applied_to Entities on which the input profile will be applied

The list of entities that the configurations should be applied to.
This can either be a NSGroup or any other entity like TransportNode, LogicalPorts etc.
array of ResourceReference
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
precedence The priority of the service config

Every ServiceConfig has a priority based upon its precedence value. Lower the value
of precedence, higher will be its priority. If user doesnt specify the precedence,
it is generated automatically by system. The precedence is generated based upon the
type of profile used in ServiceConfig. Precedence are auto-generated in decreasing
order with difference of 100. Automatically generated precedence value will be 100
less than the current minimum value of precedence of ServiceConfig of a given profile
type in system.There cannot be duplicate precedence for ServiceConfig of same profile
type.
integer Minimum: 0
Maximum: 4294967295
profiles Profiles to be added to service config

These are the NSX Profiles which will be added to service config, which
will be applied to entities/groups provided to applied_to field of service config.
array of NSXProfileReference Required
Minimum items: 1
Maximum items: 1
resource_type Must be set to the value ServiceConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ServiceConfigList (schema)

List of Service Configs for batch operation

List of Service config objects that needs to be either created
or updated with the respective profiles and precedence.

Name Description Type Notes
service_configs service config list results

An Array of ServiceConfig objects containing details of
profiles to be applied, entities on which these profiles
will be applied and precedence.
array of ServiceConfig Required
Minimum items: 1
Maximum items: 100

ServiceConfigListRequestParameters (schema)

NSProfile list request parameters.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
profile_type Fetch ServiceConfig for the given attribute profile_type

It fetches ServiceConfig for the given profile_type.
Only one type of supported profile type can be mentioned
in a single API call. API will return all ServiceConfig if
this field is not passed.
string
sort_ascending boolean
sort_by Field by which records are sorted string

ServiceConfigListResult (schema)

Paged Collection of service configs

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results service config list results array of ServiceConfig Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceDefinition (schema)

Definition of a Service.

Registering a Service is the first step in the ServiceInsertion mechanism. A ServiceDefinition is used to create a service.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
attachment_point Attachment Point

The point at which the service is deployed/attached for redirecting the traffic to the the partner appliance. Attachment Point is required if Service caters to any functionality other than EPP.		 array of string Enum: TIER0_LR, TIER1_LR, SERVICE_PLANE
Minimum items: 0
Maximum items: 2
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
functionalities Functionality Type

The capabilities provided by the services. Needs to be one or more of the following | NG_FW - Next Generation Firewall | IDS_IPS - Intrusion detection System / Intrusion Prevention System | NET_MON - Network Monitoring | HCX - Hybrid Cloud Exchange | BYOD - Bring Your Own Device | EPP - Endpoint Protection.(Third party AntiVirus partners using NXGI should use this functionality for the service)		 array of string Required
Enum: NG_FW, IDS_IPS, NET_MON, HCX, BYOD, EPP
Minimum items: 1
id Unique identifier of this resource string Sortable
implementations Implementation Type

This indicates the insertion point of the service i.e whether the service will be used to protect North-South or East-West traffic in the datacenter.		 array of string Required
Enum: NORTH_SOUTH, EAST_WEST
Minimum items: 1
Maximum items: 1
on_failure_policy On Failure Policy

Failure policy for the service tells datapath, the action to take i.e to Allow or Block traffic during failure scenarios. For north-south ServiceInsertion, failure policy in the service instance takes precedence. For east-west ServiceInsertion, failure policy in the service chain takes precedence. BLOCK is not supported for Endpoint protection (EPP) functionality.		 string Enum: ALLOW, BLOCK
Default: "ALLOW"
resource_type Must be set to the value ServiceDefinition string
service_capability Service capability

Service capability.		 ServiceCapability
service_deployment_spec Service Deployment Specification

Service Deployment Specification defines takes in information required to deploy and configure a partner appliance/service-vm.		 ServiceDeploymentSpec
service_manager_id Service Manager Id

ID of the service manager to which this service is attached with.
This field is not set during creation of service. This field will
be set explicitly when Service Manager is created successfully using this service.
string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transports Transport Type

Transport Type of the service, which is the mechanism of redirecting the traffic to the the partner appliance. Transport type is required if Service caters to any functionality other than EPP.		 array of string Enum: L2_BRIDGE, L3_ROUTED, NSH
Minimum items: 0
Maximum items: 1
vendor_id Vendor ID

Id which is unique to a vendor or partner for which the service is created.		 string Required

ServiceDefinitionListRequestParameters (schema)

Service definition list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ServiceDeployment (schema)

Deployment details of a Service

Used to provide the deployment specification for the service.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
clustered_deployment_count Clustered Deployment Count

Number of instances in case of clustered deployment.		 integer Minimum: 1
Maximum: 10
Default: "1"
deployed_to Deployed-to object list

List of resource references where service instance be deployed. Ex. Tier 0 Logical Router in case of N-S ServiceInsertion. Service Attachment in case of E-W ServiceInsertion.		 array of ResourceReference Minimum items: 1
Maximum items: 128
deployment_mode Deployment Mode

Mode of deployment. Currently, only stand alone deployment is supported. It is a single VM deployed through this deployment spec. In future, HA configurations will be supported here.		 string Enum: STAND_ALONE, ACTIVE_STANDBY
Default: "STAND_ALONE"
deployment_spec_name Deployment Spec Name

Name of the deployment spec to be used for deployment, which specifies the OVF provided by the partner and the form factor.		 string Required
deployment_type Deployment Type

Specifies whether the service VM should be deployed on each host such that it provides partner service locally on the host, or whether the service VMs can be deployed as a cluster. If deployment_type is CLUSTERED, then the clustered_deployment_count should be provided.		 string Enum: HOSTLOCAL, CLUSTERED
Default: "CLUSTERED"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
instance_deployment_template Instance Deployment Template

The deployment template to be used during the deployment to provide customized attributes to the service VM.		 DeploymentTemplate Required
perimeter Deployment perimeter

This indicates the deployment perimeter, such as a VC cluster or a host.		 string Enum: CLUSTER, HOST
Default: "HOST"
resource_type Must be set to the value ServiceDeployment string
service_deployment_config Service Deployment Config

Deployment Config contains the deployment specification, such as the storage and network to be used along with the cluster where the service VM can be deployed.		 ServiceDeploymentConfig Required
service_id Service Id

The Service to which the service deployment is associated.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ServiceDeploymentConfig (schema)

Service Deployment Config

The Deployment Config contains settings that are applied during install time.

Name Description Type Notes
compute_collection_id Compute Collection Id

Resource Pool or cluster Id.		 string Required
compute_manager_id Compute Manager Id

Context Id or VCenter Id.		 string Required
host_id Host id

The service VM will be deployed on the specified host in the specified
server within the cluster if host_id is specified.
Note: You must ensure that storage and specified networks are accessible
by this host.
string
storage_id Storage Id

Moref of the datastore in VC. If it is to be taken from 'Agent VM Settings', then it should be empty.		 string
vm_nic_info VM NIC information

VM NIC information for VMs		 VmNicInfo

ServiceDeploymentIssue (schema)

Service deployment issue

Type of issue and detailed description of the issue in case of deployment failure.

Name Description Type Notes
issue_description Description of issue encountered while service deployment

Description of issue encountered while service deployment.		 string
issue_timestamp Timestamp when issue was encountered while service deployment

Timestamp when issue was issue encountered while service deployment.		 string
issue_type Type of issue encountered while service deployment

Type of issue encountered while service deployment.		 string Required

ServiceDeploymentListResult (schema)

ServiceDeployment list result

Result of List of ServiceDeployments

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Results

Array of existing ServiceDeployments in database
array of ServiceDeployment Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceDeploymentSpec (schema)

Service Deployment Specification.

ServiceDeployment Spec consists of information required to deploy and configure the partner appliances. viz. Deployment template, deployment spec and NIC metatdata.

Name Description Type Notes
deployment_specs Service Deployment Spec List

Deployment Specs holds information required to deploy the Service-VMs. i.e. OVF url where the partner Service-VM OVF is hosted. The host type on which the OVF can be deployed, Form factor to name a few.		 array of SVMDeploymentSpec Maximum items: 128
deployment_template Service Deployment Template

Deployment Template holds the attributes specific to partner for which the service is created. These attributes are opaque to NSX Manager.		 array of DeploymentTemplate Required
nic_metadata_list NIC Metadata

NIC metadata associated with the deployment spec.		 array of NicMetadata
svm_version Partner Service-VM version.

Partner needs to specify the Service VM version which will get deployed. Modification of this field would notify administrators that new upgrade is available.		 string

ServiceDeploymentStatus (schema)

Name Description Type Notes
deployment_issues Service deployment issue

List of issue and detailed description of the issue in case of deployment failure.		 array of ServiceDeploymentIssue Readonly
deployment_status Compute collection deployment progress status

Deployment status of NXGI Partner Service-VM on a compute collection. It shows the latest status during the process of deployment, redeploy, upgrade, and un-deployment on a compute collection such as VC cluster.		 string Readonly
Enum: UPGRADE_IN_PROGRESS, UPGRADE_FAILED, DEPLOYMENT_QUEUED, DEPLOYMENT_IN_PROGRESS, DEPLOYMENT_FAILED, DEPLOYMENT_SUCCESSFUL, UNDEPLOYMENT_QUEUED, UNDEPLOYMENT_IN_PROGRESS, UNDEPLOYMENT_FAILED, UNDEPLOYMENT_SUCCESSFUL, UPGRADE_QUEUED
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
service_deployment_id Service deployment id

Id of service deployment.		 string Readonly
sva_current_version Current deployed SVA version

Currently deployed Service Virtual Appliance version.		 string
sva_max_available_version Max available SVA version

Max available SVA version for upgrade		 string

ServiceEndpoint (schema)

Name Description Type Notes
certificate Certificate or certificate chain string
certificate_sha256_thumbprint string Readonly
entities_hosted List of entities hosted on accessible through the service endpoint array of HostedEntityInfo Readonly
fqdn string Readonly
ip_address IPAddress Required
port integer Required
Minimum: 0
Maximum: 65535
service_endpoint_uuid Unique identifier of this service endpoint string Readonly

ServiceEntry (schema)

A Service entry that describes traffic

This is an abstract type. Concrete child types:
ALGTypeServiceEntry
EtherTypeServiceEntry
ICMPTypeServiceEntry
IGMPTypeServiceEntry
IPProtocolServiceEntry
L4PortSetServiceEntry

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value ServiceEntry string Required
Enum: IPProtocolServiceEntry, IGMPTypeServiceEntry, ICMPTypeServiceEntry, ALGTypeServiceEntry, L4PortSetServiceEntry, EtherTypeServiceEntry
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ServiceEntryListRequestParameters (schema)

Service entry list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ServiceEntryListResult (schema)

Paged Collection of Service entries

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service entry list results array of ServiceEntry
(Abstract type: pass one of the following concrete types)
ALGTypeServiceEntry
EtherTypeServiceEntry
ICMPTypeServiceEntry
IGMPTypeServiceEntry
IPProtocolServiceEntry
L4PortSetServiceEntry		 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceInsertionContextType (schema)

Service Insertion Context Type

Types of Service Insertion contexts. "east_west" applies to trasport_nodes in data center. "north_south" applies to logical_routers (T0/T1) in data center.

Name Description Type Notes
ServiceInsertionContextType Service Insertion Context Type

Types of Service Insertion contexts. "east_west" applies to trasport_nodes in data center. "north_south" applies to logical_routers (T0/T1) in data center.		 string Enum: east_west, north_south

ServiceInsertionDeleteParameters (schema)

Service Insertion delete parameters

Name Description Type Notes
cascade Flag to cascade delete all the child objects, associated with it. boolean Default: "False"

ServiceInsertionInsertParameters (schema)

Parameters that indicate where rule/section need to be added All the params take rule/section Id

Name Description Type Notes
id Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'. string Maximum length: 64
operation Operation string Enum: insert_top, insert_bottom, insert_after, insert_before
Default: "insert_top"

ServiceInsertionListRequestParameters (schema)

Parameters to filter list of sections/rules

Pagination and Filtering parameters to get only a subset of sections/rules.

Name Description Type Notes
applied_tos AppliedTo's referenced by this section or section's Distributed Service Rules .

Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
destinations Destinations referenced by this section's Distributed Service Rules .

The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
filter_type Filter type

Filter type defines matching criteria to qualify a rule in result. Type
'FILTER' will ensure all criterias (sources, destinations, services,
extended sources, context profiles, appliedtos) are matched. Type
'SEARCH' will match any of the given criteria.
string Enum: FILTER, SEARCH
Default: "FILTER"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
services NSService referenced by this section's Distributed Service Rules .

Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
sort_ascending boolean
sort_by Field by which records are sorted string
sources Sources referenced by this section's Distributed Service Rules .

The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string

ServiceInsertionRule (schema)

ServiceInsertion Rule

ServiceInsertion Rule.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_owner Owner of this resource OwnerResourceLink Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
action Action

Action enforced on the packets which matches the distributed service rule. Currently DS Layer supports below actions. ALLOW - Forward any packet when a rule with this action gets a match (Used by Firewall). DROP - Drop any packet when a rule with this action gets a match. Packets won't go further(Used by Firewall). REJECT - Terminate TCP connection by sending TCP reset for a packet when a rule with this action gets a match (Used by Firewall). REDIRECT - Redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DO_NOT_REDIRECT - Do not redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion).		 string Required
Enum: ALLOW, DROP, REJECT, REDIRECT, DO_NOT_REDIRECT
applied_tos AppliedTo List

List of object where rule will be enforced. The section level field overrides this one. Null will be treated as any.		 array of ResourceReference Maximum items: 128
description Description of this resource string Maximum length: 1024
Sortable
destinations Destination List

List of the destinations. Null will be treated as any.		 array of ResourceReference Maximum items: 128
destinations_excluded Negation of destination

Negation of the destination.		 boolean Default: "False"
direction Rule direction

Rule direction in case of stateless distributed service rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.		 string Enum: IN, OUT, IN_OUT
Default: "IN_OUT"
disabled Rule enable/disable flag

Flag to disable rule. Disabled will only be persisted but never provisioned/realized.		 boolean Default: "False"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Identifier of the resource string Readonly
ip_protocol IPv4 vs IPv6 packet type

Type of IP packet that should be matched while enforcing the rule.		 string Enum: IPV4, IPV6, IPV4_IPV6
Default: "IPV4_IPV6"
is_default Default rule

Flag to indicate whether rule is default.		 boolean Readonly
logged Enable logging flag

Flag to enable packet logging. Default is disabled.		 boolean Default: "False"
notes Notes

User notes specific to the rule.		 string Maximum length: 2048
priority Rule priority

Priority of the rule.		 integer Readonly
redirect_tos Redirect_Tos List

A rule can be redirected to ServiceInstance, InstanceEndpoint for North/South Traffic. A rule can be redirected to ServiceChain for East/West Traffic. For REDIRECT action, redirect_tos is mandatory. For DO_NOT_REDIRECT action, redirect_tos is optional.		 array of ResourceReference Maximum items: 1
resource_type Must be set to the value ServiceInsertionRule string
rule_tag Tag

User level field which will be printed in CLI and packet logs.		 string Maximum length: 32
section_id Section Id

ID of the section to which this rule belongs.		 string Readonly
services Service List

List of the services. Null will be treated as any.		 array of ServiceInsertionService Maximum items: 128
sources Source List

List of sources. Null will be treated as any.		 array of ResourceReference Maximum items: 128
sources_excluded Negation of source

Negation of the source.		 boolean Default: "False"

ServiceInsertionRuleList (schema)

ServiceInsertion Section RuleList

List of ServiceInsertion Rules.

Name Description Type Notes
rules List of the ServiceInsertion rules

List of ServiceInsertion rules in the section. Only homogeneous rules are supported.		 array of ServiceInsertionRule Required
Maximum items: 1000

ServiceInsertionRuleListResult (schema)

ServiceInsertion Section RuleList

List of ServiceInsertion Rules.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results ServiceInsertion rule list result

ServiceInsertion rule list result with pagination support.		 array of ServiceInsertionRule Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceInsertionSection (schema)

ServiceInsertion Section

A ServiceInsertion section composed of ServiceInsertion Rules.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
applied_tos AppliedTo List

List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.		 array of ResourceReference Maximum items: 128
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
is_default Default section flag

It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.		 boolean Readonly
resource_type Must be set to the value ServiceInsertionSection string
rule_count Rule count

Number of rules in this section.		 integer Readonly
section_type Section Type

Type of the rules which a section can contain. Only homogeneous sections are supported.		 string Required
Enum: LAYER2, LAYER3, L3REDIRECT
stateful Stateful nature of the distributed service rules in the section.

Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.		 boolean Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_strict TCP Strict

Ensures that a three way TCP handshake is done before the data packets are sent if the value is set to be true. tcp_strict=true is supported only for stateful sections.		 boolean Default: "False"

ServiceInsertionSectionFilterParameters (schema)

Parameters to filter section from list of sections

Pagination and Filtering parameters to get only a subset of sections.

Name Description Type Notes
applied_tos AppliedTo's referenced by this section or section's Distributed Service Rules .

Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
destinations Destinations referenced by this section's Distributed Service Rules .

The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
exclude_applied_to_type Limit result to sections not having a specific AppliedTo type

Used to filter out sections not having a specified AppliedTo target type. This parameter cannot be used along with include_applied_to_type parameter. Section filter only takes a single value for this param.		 DSAppliedToType
filter_type Filter type

Filter type defines matching criteria to qualify a rule in result. Type
'FILTER' will ensure all criterias (sources, destinations, services,
extended sources, context profiles, appliedtos) are matched. Type
'SEARCH' will match any of the given criteria.
string Enum: FILTER, SEARCH
Default: "FILTER"
include_applied_to_type Limit result to sections having a specific AppliedTo type

Used to filter out results based on target type of a section's AppliedTo. Only sections with matching target type in its applied to will be returned. This parameter cannot be used along with exclude_applied_to_type parameter. Section filter only takes a single value for this param.		 DSAppliedToType
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
services NSService referenced by this section's Distributed Service Rules .

Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
sort_ascending boolean
sort_by Field by which records are sorted string
sources Sources referenced by this section's Distributed Service Rules .

The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.		 string
type Section Type

Section Type with values L3REDIRECT.		 string Enum: L3REDIRECT
Default: "L3REDIRECT"

ServiceInsertionSectionListResult (schema)

ServiceInsertion Section List

List of ServiceInsertion Sections.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Section list

List of the ServiceInsertion sections. The list has to be homogeneous.		 array of ServiceInsertionSection Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceInsertionSectionQueryParameters (schema)

Section query parameters

Name Description Type Notes
cascade Flag to cascade delete of this object to all it's child objects. boolean Default: "False"

ServiceInsertionSectionRuleList (schema)

ServiceInsertion Section RuleList

List of ServiceInsertion Rules.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
applied_tos AppliedTo List

List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.		 array of ResourceReference Maximum items: 128
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
is_default Default section flag

It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.		 boolean Readonly
resource_type Must be set to the value ServiceInsertionSectionRuleList string
rule_count Rule count

Number of rules in this section.		 integer Readonly
rules List of the Service Insertion rules

List of Service Insertion rules in the section. Only homogeneous rules are supported.		 array of ServiceInsertionRule Required
Maximum items: 1000
section_type Section Type

Type of the rules which a section can contain. Only homogeneous sections are supported.		 string Required
Enum: LAYER2, LAYER3, L3REDIRECT
stateful Stateful nature of the distributed service rules in the section.

Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.		 boolean Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tcp_strict TCP Strict

Ensures that a three way TCP handshake is done before the data packets are sent if the value is set to be true. tcp_strict=true is supported only for stateful sections.		 boolean Default: "False"

ServiceInsertionService (schema)

ServiceInsertion Service

Protocol on which a particular ServiceInsertion Rule should apply to.

Name Description Type Notes
is_valid Target validity

Will be set to false if the referenced NSX resource has been deleted.		 boolean Readonly
service Distributed Service Network and Security Service element

Distributed Service API accepts raw protocol and ports as part of NS service element
in Distributed Service Rule that describes traffic corresponding to an NSService.
NSServiceElement
(Abstract type: pass one of the following concrete types)
ALGTypeNSService
EtherTypeNSService
ICMPTypeNSService
IGMPTypeNSService
IPProtocolNSService
L4PortSetNSService
target_display_name Target display name

Display name of the NSX resource.		 string Readonly
Maximum length: 255
target_id Target ID

Identifier of the NSX resource.		 string Maximum length: 64
target_type Target type

Type of the NSX resource.		 string Maximum length: 255

ServiceInsertionServiceListResult (schema)

Service List

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service list

List of the Service-Insertion Services. The list has to be homogenous.		 array of ServiceDefinition Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceInsertionServiceProfile (schema)

Service Profile for a Service

Service profile represents a specialization of vendor template.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
attributes Service profile attributes

List of attributes specific to a partner for which the service is created. These attributes are passed on to the partner appliance and are opaque to the NSX Manager. If a vendor template exposes configurables, then the values are specified here.		 array of Attribute Maximum items: 128
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
redirection_action Redirection action

The redirection action represents if the packet is exclusively redirected to the service, or if a copy is forwarded to the service. The service insertion profile inherits the redirection action if already specified at the vendor template. However the service profile cannot overide the action specified at the vendor template.		 string Enum: PUNT, COPY
Default: "PUNT"
resource_type Must be set to the value ServiceInsertionServiceProfile string Required
service_id Service Id

The service to which the service profile belongs.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
vendor_template_id Vendor template id

Id of the vendor template to be used by the servive profile.		 string Required

ServiceInsertionStatus (schema)

Service Insertion Status

It represents global status of Service Insertion for a particular context type. It shows whether a service insertion is enabled or not for a type.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
context Service Insertion Context Type

Type of service insertion contexts.		 ServiceInsertionContextType Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
global_status Service Insertion Status Type

service insertion status for a context type (e.g. east_west traffic).		 ServiceInsertionStatusType Required
id Unique identifier of this resource string Sortable
resource_type Must be set to the value ServiceInsertionStatus string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ServiceInsertionStatusListResult (schema)

Service Insertion Statuses

List of service insertion statuses for a context or all context

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results array of ServiceInsertionStatus Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceInsertionStatusType (schema)

Service Insertion Status Type

Service Insertion status for a context type (e.g. east_west traffic).

Name Description Type Notes
ServiceInsertionStatusType Service Insertion Status Type

Service Insertion status for a context type (e.g. east_west traffic).		 string Enum: DISABLED, ENABLED

ServiceInstance (schema)

Normal Instance of a service

The deployment of a registered service. Service instance is instantiation of service. It is the most used type of instance. It is a default instance to be used when NSX handles lifecycle of appliance. Deployment and appliance related all the information is necessary.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
attachment_point Attachment Point

Attachment point to be used by this service instance for deploying the Service-VM.		 string Required
Enum: TIER0_LR, TIER1_LR, SERVICE_PLANE, HOST
deployed_to Deployed-to object list

List of resource references where service instance be deployed. Ex. Tier 0 Logical Router in case of N-S ServiceInsertion.		 array of ResourceReference Required
Minimum items: 1
Maximum items: 128
deployment_mode Deployment Mode

Deployment mode specifies where the partner appliance will be deployed in HA or non-HA i.e standalone mode.		 string Required
Enum: STAND_ALONE, ACTIVE_STANDBY
Default: "ACTIVE_STANDBY"
deployment_spec_name Deployment Spec Name

Name of the deployment spec to be used by this service instance.		 string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
implementation_type Implementation Type

Implementation to be used by this service instance for deploying the Service-VM.		 string Required
Enum: NORTH_SOUTH, EAST_WEST
instance_deployment_config Instance Deployment Config

Instance Deployment Config contains the information to be injected during Service-VM deployment. This field is optional if the service only caters to functionality EPP(Endpoint Protection).		 InstanceDeploymentConfig
instance_deployment_template Instance Deployment Template

The deployment template to be used by this service instance. The attribute values specific to this instance can be added.		 DeploymentTemplate Required
on_failure_policy On Failure Policy

Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to.		 string Enum: ALLOW, BLOCK
resource_type Must be set to the value ServiceInstance ServiceInstanceResourceType Required
service_deployment_id Id of the Service Deployment using which the instances were deployed

Id of the Service Deployment using which the instances were deployed. Its available only for instances that were deployed using service deployment API.		 string Readonly
service_id Service Id

The Service to which the service instance is associated.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_type Transport Type

Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection).		 string Required
Enum: L2_BRIDGE, L3_ROUTED, NSH, NA

ServiceInstanceEndpoint (schema)

Service EndPoint for Byod Policy Service Instance

A ServiceInstanceEndpoint belongs to one ByodPolicyServiceInstance and is attached to one ServiceInterface. A ServiceInstanceEndpoint represents a redirection target for a RedirectionPolicy.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value ServiceInstanceEndpoint string Required
Enum: VirtualEndpoint, ServiceInstanceEndpoint
service_interface_path Service Interface path

Path of Service Interface to which this ServiceInstanceEndpoint is connected.		 string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
target_ips IP addresses to redirect the traffic to

IPs where either inbound or outbound traffic is to be redirected.
array of IPInfo Required
Minimum items: 1
Maximum items: 1

ServiceInstanceEndpointListRequestParameters (schema)

ServiceInstanceEndpoint list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ServiceInstanceEndpointListResult (schema)

Paged Collection of ServiceInstanceEndpoint

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results ServiceInstanceEndpoint list results array of ServiceInstanceEndpoint Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceInstanceHealthStatus (schema)

Service instance health status

Health Status of a third party partner VM.

Name Description Type Notes
connect_timestamp Timestamp when mux was connected to SVA

Latest timestamp when mux was connected to SVA.		 string
is_stale Flag is true when health status is stale

The parameter is set if the last received health status is older
than the predefined interval.
boolean Readonly
is_sva_mux_incompatible Flag is true when Mux and SVA are incompatible

Protocol version might be different in both Mux and SVA.		 boolean
mux_connected_status Context Multiplexer Status

Status of multiplexer which forwards the events from guest virtual machines to the partner appliance.		 string
mux_incompatible_version Mux incompatible version

Mux version when Mux and SVA are incompatible		 string
solution_status Third party partner solution status

Status of third party partner solution application.		 string
solution_version Solution version of partner application

Version of third party partner solution application.		 string
sync_time Health status timestamp

Latest timestamp when health status is received.		 string

ServiceInstanceListResult (schema)

Service Instance List

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service-Instance list

List of the Service-Insertion ServicesInstances. The list has to be homogenous.		 array of BaseServiceInstance
(Abstract type: pass one of the following concrete types)
ByodServiceInstance
ServiceInstance
VirtualServiceInstance		 Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceInstanceNSGroups (schema)

NSGroups referenced in North-South Service Instance

ServiceInstanceNSGroups contains list of NS Groups referenced in North-South Service Insertion Rules for a particular Service Instance.

Name Description Type Notes
nsroups NSGroup List

List of NSGroups Used in ServiceInsertion Rules.		 array of NSGroupInfo Readonly

ServiceInstanceQueryParameters (schema)

Service Instance query parameters

Name Description Type Notes
deployed_to Deployed_to referenced by service instances present in system

The deployed_to attribute in Service Instance. Currently only Logical Router id is supported as deployed_to value. Single value is supported in current release.		 string
service_deployment_id Service Deployment Id using which the instances were deployed

Service Deployment Id using which the instances were deployed. Single value is supported in current release.		 string

ServiceInstanceResourceType (schema)

Resource types of Service Instance

ServiceInstance is used when NSX handles the lifecyle of
appliance. Deployment and appliance related all the information is necessary.
ByodServiceInstance is a custom instance to be used when NSX is not handling
the lifecycles of appliance/s. User will manage their own appliance (BYOD)
to connect with NSX.
VirtualServiceInstance is a a custom instance to be used when NSX is not
handling the lifecycle of an appliance and when the user is not bringing
their own appliance.

Name Description Type Notes
ServiceInstanceResourceType Resource types of Service Instance

ServiceInstance is used when NSX handles the lifecyle of
appliance. Deployment and appliance related all the information is necessary.
ByodServiceInstance is a custom instance to be used when NSX is not handling
the lifecycles of appliance/s. User will manage their own appliance (BYOD)
to connect with NSX.
VirtualServiceInstance is a a custom instance to be used when NSX is not
handling the lifecycle of an appliance and when the user is not bringing
their own appliance.
string Enum: ServiceInstance, ByodServiceInstance, VirtualServiceInstance

ServiceInstanceStatus (schema)

Name Description Type Notes
configuration_issue Collection of configuration issues during service instance deployment

This object contains the list of issues which might come during post deployment configuration for a particular service instance.		 SVMConfigureIssue Readonly
instance_deployment_status Deployment status of a Service Instance

Deployment status of NXGI Partner Service-VM.		 ServiceDeploymentStatus Readonly
instance_health_status Health status of a Service Instance

Health status of NXGI components on Partner Service-VM.		 ServiceInstanceHealthStatus Readonly
service_instance_id Service instance id

Id of an instantiation of a registered service.		 string Readonly

ServiceInterface (schema)

Service interface configuration

Service interface configuration for internal connectivity.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value ServiceInterface string
subnets IP address and subnet specification for interface

Specify IP address and network prefix for interface.
array of InterfaceSubnet Required
Minimum items: 1
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ServiceInterfaceListResult (schema)

Paged collection of Service Interfaces

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service Interface list results array of ServiceInterface Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceListRequestParameters (schema)

Service list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
default_service Fetch all default services

If set to true, then it will display only default services.
If set to false, then it will display all user defined services.
If it is not provided, then complete (default as well as user
defined) list of services will be displayed.
boolean
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ServiceListResult (schema)

Paged Collection of Services

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service list results array of Service Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceManager (schema)

Definition of a Service Manager

Partner console endpoint information for enabling NSX to callback with events and status.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
authentication_scheme Scheme to authenticate requests sent to the server

A CallbackAuthenticationScheme that describes how notification requests/callbacks from NSX, should authenticate to the server.		 CallbackAuthenticationScheme Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
port Integer port value to specify a HTTPS port

Integer port value to specify a standard/non-standard HTTPS port.		 integer Required
Minimum: 0
Maximum: 65535
resource_type Must be set to the value ServiceManager string
server IP address or fully qualified domain name of server

IP address or fully qualified domain name of the partner REST server.		 string Required
service_ids Service IDs

The IDs of services, provided by partner.		 array of ResourceReference Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
thumbprint Thumbprint of the certificate for partner console

Thumbprint (SHA-256 hash represented in lower case hex) for the certificate on the partner console. This will be required to establish secure communication with the console and to avoid man-in-the-middle attacks.		 string
uri URI notification requests should be made on the server

URI on which notification requests should be made on the specified server.		 string Required
vendor_id Vendor ID

Id which is unique to a vendor or partner for which the service is created.		 string Readonly

ServiceManagerListResult (schema)

Service Manager List Result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service manager list

List of the Service-managers.		 array of ServiceManager Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServicePath (schema)

Service path

An instance of service chain that consists of forward and reverse service paths.

Name Description Type Notes
forward_path Forward service path

Forward service path if available that applies to ingress traffic.		 UnidirectionalServicePath Readonly
reverse_path Reverse Service Path

Reverse service path if available that applies to egress traffic.		 UnidirectionalServicePath Readonly
service_chain_id Service chain id

A unique id of a service chain.		 integer Readonly
service_chain_uuid Uuid of a service chain

Uuid of a service chain.		 string Readonly
service_path_id Service path id

Unique identifier of a service path.		 integer Readonly

ServicePathHop (schema)

Service path hop

Represents a service VM implementing a particular service in a service chain

Name Description Type Notes
action Action

Action that will be taken by the corresponding service VM of the hop.		 string Readonly
Enum: SERVICE_ACTION_INVALID, COPY, REDIRECT
can_decrement_si SI decrement flag

Indicating whether service is configured to decrement SI field in NSH metadata.		 boolean Readonly
in_maintenance_mode Maintenance mode flag

Indicating the maintenance mode of the corresponding service VM.		 boolean Readonly
is_active_from_ccp Active flag managed by CCP

Indicating whether the corresponding service VM is active or not per CCP.		 boolean Readonly
is_active_from_dp Active flag managed by DP

Indicating whether the corresponding service VM is active or not per DP.		 boolean Readonly
is_active_from_mp Active flag managed by MP

Indicating whether the corresponding service VM is active or not per MP.		 boolean Readonly
mac_address MAC address of the virtual network interface.

MAC address of the virtual network interface.		 string Readonly
nsh_liveness_support NSH liveness flag

Indicating whether NSH liveness is supported or not by the corresponding service VM.		 boolean Readonly
vif Virtual interface id

ID of the virtual network interface.		 string Readonly

ServicePathListResult (schema)

Service path list

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service Path list

List of homogenous service paths		 array of ServicePath Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceProfileGroups (schema)

Groups used in Service Profile

ServiceProfileGroups contains list of Groups referenced in Service Insertion Rules.To be considered, Service profile must be part of a Service chain and that Service chain must be used in a Rule.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
groups Group Info List

List of Groups Used in ServiceInsertion Rules.		 array of GroupInfo Readonly
id Unique identifier of this resource string Sortable
resource_type Must be set to the value ServiceProfileGroups string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ServiceProfileNSGroups (schema)

NSGroups used in Service Profile

ServiceProfileNSGroups contains list of NS Groups referenced in Service Insertion Rules. To be considered, Service profile must be part of a Service Chain and that Service chain must be used in a Rule.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
nsroups NSGroup List

List of NSGroups Used in ServiceInsertion Rules.		 array of NSGroupInfo Readonly
resource_type Must be set to the value ServiceProfileNSGroups string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ServiceReference (schema)

An anchor object representing the intent to consume a given 3rd party service.

An anchor object representing the intent to consume a given 3rd party service.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Operational state of the Service.

A Service's operational state can be enabled or disabled. Note that would work only for NetX type of services and would not work for Guest Introsp- ection type of Services. TRUE - The Service should be enabled FALSE - The Service should be disabled		 boolean Default: "True"
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
partner_service_name Name of Partner Service

Unique name of Partner Service to be consumed for redirection.		 string Required
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value ServiceReference string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

ServiceReferenceListRequestParameters (schema)

Service reference list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ServiceReferenceListResult (schema)

Service Reference List

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service Reference list results array of ServiceReference Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceRouterAllocationConfig (schema)

Name Description Type Notes
allocation_pool Edge Cluster Member Allocation Pool for logical router

Logical router allocation can be tracked for specific services and
services may have their own hard limits and allocation sizes. For
example load balancer pool should be specified if load balancer
service will be attached to logical router.
EdgeClusterMemberAllocationPool
(Abstract type: pass one of the following concrete types)
LoadBalancerAllocationPool
edge_cluster_id Edge cluster id to re allocate members

To reallocate TIER1 logical router on new or existing edge cluster
string Required
edge_cluster_member_indices Member indices of the edge node on the cluster

For TIER 1 logical router, for manual placement of service router
within the cluster, edge cluster member indices needs to be provided
else same will be auto-allocated. You can provide maximum two indices
for HA ACTIVE_STANDBY.
array of integer

ServiceSegment (schema)

Service Segment configuration

Service Segment configuration to attach Service Insertion VM.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value ServiceSegment string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_zone_path Policy path to the transport zone

Policy path to transport zone. Only overlay transport zone is supported.		 string Required

ServiceSegmentListRequestParameters (schema)

Service Segment list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

ServiceSegmentListResult (schema)

Paged collection of Service Segment

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service Segment list results array of ServiceSegment Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

ServiceType (schema)

Supported service types, that are using certificates.

Name Description Type Notes
ServiceType Supported service types, that are using certificates. string Enum: MGMT_CLUSTER, MGMT_PLANE, API, NOTIFICATION_COLLECTOR, SYSLOG_SERVER, RSYSLOG_CLIENT

ServiceVMStateParameters (schema)

Service VM maintenance mode setting parameters

Name Description Type Notes
action You could use this parameter to set a servcie VM in maintenance mode
or exit from maintenance mode, or set a service VM health state to indicate whether the
service VM is running properly or not.
'enable_maintenance_mode' will set service VM in maintenance mode.
'disable_maintenance_mode' will exit from maintenance mode.
'is_healthy' will set runtime health state by partner of a service VM to be healthy.
'is_stopped' will set runtime health state by partner of a service VM to be stopped.
'is_not_responding' will set runtime health state by partner of a service VM to be not responding.
string Enum: enable_maintenance_mode, disable_maintenance_mode, is_healthy, is_stopped, is_not_responding
unhealthy_reason Reason for the unhealthy state

Reason for the unhealthy state.		 string Maximum length: 500

SessionReclassificationParameter (schema)

Name Description Type Notes
app_profile_ids App Profile Ids array of string

SessionSummaryParameters (schema)

IPSec VPN session summary parameters

IPSec VPN session summary parameters.

Name Description Type Notes
site_id Peer site id

Peer site id.		 string
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType

SessionTimerProfileBindingListResult (schema)

Paged Collection of session timer profile binding maps

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Session timer profile binding maps list results array of SessionTimerProfileBindingMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SessionTimerProfileBindingMap (schema)

Policy Session Timer Profile binding map

This entity will be used to establish association between Session Timer
profile and Logical Routers.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
profile_path Profile Path

PolicyPath of associated Profile		 string Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value SessionTimerProfileBindingMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

SetFields (schema)

Set Fields

Set Fields is an action to set fields of the source event.

Name Description Type Notes
field_settings Field Settings

Field Settings.		 array of FieldSetting Minimum items: 1
resource_type Must be set to the value SetFields string Required
Enum: PatchResources, SetFields

SftpProtocol (schema)

Name Description Type Notes
authentication_scheme Scheme to authenticate if required PasswordAuthenticationScheme Required
name Must be set to the value SftpProtocol string Required
Enum: http, https, scp, sftp
ssh_fingerprint SSH fingerprint of server string Required

Site (schema)

Site

Logical grouping of enforcement points

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enforcement_points Logical grouping of enforcement points array of EnforcementPoint
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Site string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

SiteListRequestParameters (schema)

Site list request parameters

Site list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

SiteListResult (schema)

Paged Collection of Sites

Paged Collection of Sites

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Site array of Site Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SnatTranslationType (schema)

Snat translation type

Load balancers may need to perform SNAT to ensure reverse traffic from
the server can be received and processed by them.
There are two modes:
LbSnatAutoMap uses the load balancer interface IP and an
ephemeral port as the source IP and port of the server side connection.
LbSnatIpPool allows user to specify one or more IP addresses
along with their subnet masks that should be used for SNAT while
connecting to any of the servers in the pool.

Name Description Type Notes
SnatTranslationType Snat translation type

Load balancers may need to perform SNAT to ensure reverse traffic from
the server can be received and processed by them.
There are two modes:
LbSnatAutoMap uses the load balancer interface IP and an
ephemeral port as the source IP and port of the server side connection.
LbSnatIpPool allows user to specify one or more IP addresses
along with their subnet masks that should be used for SNAT while
connecting to any of the servers in the pool.
string Enum: LbSnatAutoMap, LbSnatIpPool

SnmpServiceProperties (schema)

SNMP Service properties

Name Description Type Notes
communities SNMP v1, v2c community array of string Maximum items: 1
start_on_boot Start when system boots boolean Required

SoftwareModule (schema)

Software module details

Name Description Type Notes
module_name Name of the module in the node string Required
module_version Version of the module in the node string Required

SoftwareModuleResult (schema)

Software module result

Name Description Type Notes
software_modules Software module results array of SoftwareModule Required

SolutionConfig (schema)

Solution Configuration Info

Solution Config would contain Vendor specific information required for configuring the NXGI partner Service after deployment.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
control_ip Control IP

Partner needs to specify their assigned control IP with which they have configured their OVFs.		 IPv4Address Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
listen_port Port

Partner needs to specify their port on which their solution application which consumes NXGI EPSec library listens.		 int Required
Minimum: 48651
Maximum: 48655
resource_type Must be set to the value SolutionConfig string
service_id Service Id

The service to which the service profile belongs.		 string Readonly
solution_id Solution Id

Partner needs to specify Solution Id assigned by VMware.		 string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

SolutionConfigListResult (schema)

Solution Config List

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Solution Config List

List of the Solution Config.		 array of SolutionConfig Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

Source (schema)

Event Source

Source that is logically deemed to be the "object" upon which the
Event in question initially occurred upon. The Source is responsible
for providing information of the occurred event. Some example sources
include:
- Resource.
- API.
This is an abstract type. Concrete child types:
ApiRequestBody
ResourceOperation

Name Description Type Notes
resource_type Resource Type

Event Source resource type.
string Required
Enum: ResourceOperation, ApiRequestBody

SourceEntity (schema)

Source entity

Service insertion data path inserts unique 'source node id' value into each packet before it received by Service VM. This value can be resolved to multiple Source Entities. It represents source of the packets.

Name Description Type Notes
source_entity_id Source entity ID

UUID of Source entity		 string Required
Readonly
source_entity_type Source entity type

Type of source entity. Currently source value can be resolved to VIF and Virtual Machine.		 string Required
Readonly
Enum: VIRTUAL_NETWORK_INTERFACE, VIRTUAL_MACHINE

SourceEntityQueryParameters (schema)

Source entity query parameters

Name Description Type Notes
source_node_value value

unique value representing source node		 string Required

SourceEntityResult (schema)

Service Entity List

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service Entity List

List of the Service Entities		 array of SourceEntity Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SourceFieldEvaluation (schema)

Source Field Evaluation

Source Field Evaluation represents an evaluation on resource fields.
A source field evaluation will be evaluated against an Event Source which
is of type Resource Operation. For instance, the attribute constraint could
be related to the necessity that one of the source fields equals one of the
specified values.

Name Description Type Notes
expected Operator Arguments

Expected values necessary to apply the specified operation on the source field value.
array of string Required
Minimum items: 1
Maximum items: 1
field_pointer Field Pointer

Field in the form of a pointer, describing the location of the attribute within the source
of the event.
string Required
operator Logical Operator

Logical operator.		 string Required
Enum: EQ, NOT_EQ
resource_type Must be set to the value SourceFieldEvaluation string Required
Enum: SourceFieldEvaluation

SourceIpPersistencePurge (schema)

source ip persistence purge setting

If the persistence table is full and a new connection without a matching persistence entry is received, then by default(FULL) oldest persistence entries are purged from the table to make space for new entries. Each time purging gets triggered, a small percentage of the entries are purged. If purging is disabled(NO_PURGE) and a new incoming connection requires a persistence entry to be created, then that connection is rejected even though backend servers are available.

Name Description Type Notes
SourceIpPersistencePurge source ip persistence purge setting

If the persistence table is full and a new connection without a matching persistence entry is received, then by default(FULL) oldest persistence entries are purged from the table to make space for new entries. Each time purging gets triggered, a small percentage of the entries are purged. If purging is disabled(NO_PURGE) and a new incoming connection requires a persistence entry to be created, then that connection is rejected even though backend servers are available.		 string Enum: NO_PURGE, FULL

SourceNsxApiEndpoint (schema)

Source NSX manager details

Details about an existing NSX manager to be migrated

Name Description Type Notes
auth_token Source NSX auth token

Auth token used to make REST calls to source NSX API endpoint. This field is not applicable in case of vSphere network migration.		 string
ip Source NSX API endpoint IP address

IP address or hostname of a source NSX API endpoint. This field is not applicable in case of vSphere network migration.		 string
nsx_password Password for NSX manager

Password for connecting to NSX manager. This field is not applicable in case of vSphere network migration.		 string
nsx_syncrole Source NSX API endpoint Universal Sync role

Signifies Universal Sync role status (STANDALONE, PRIMARY, SECONDARY) of a source NSX API endpoint.		 string Readonly
nsx_username Username for NSX manager

Username for connecting to NSX manager. This field is not applicable in case of vSphere network migration.		 string
nsx_version Source NSX API endpoint build version

Build version (major, minor, patch) of a source NSX API endpoint.		 string Readonly
vc_ip VC IP address or host name

IP address or host name of VC.		 string Required
vc_password Password for VC

Password for connecting to VC.		 string Required
vc_port VC port

VC port that will be used to fetch details.		 int Default: "443"
vc_username Username for VC

Username for connecting to VC.		 string Required
vc_version VC build version

Build version of VC.		 string Readonly

SpoofGuardProfile (schema)

SpoofGuard Profile

SpoofGuard is a tool that is designed to prevent virtual machines in your
environment from sending traffic with IP addresses which are not authorized
to send traffic from. A SpoofGuard policy profile once enabled blocks the
traffic determined to be spoofed.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
address_binding_whitelist Enable SpoofGuard

If true, enable the SpoofGuard, which only allows VM sending traffic
with the IPs in the whitelist.
boolean Required
Default: "False"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value SpoofGuardProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

SpoofGuardProfileListRequestParameters (schema)

SpoofGuard profile request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

SpoofGuardProfileListResult (schema)

Paged collection of SpoofGuard profiles

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results SpoofGuard profile list results array of SpoofGuardProfile Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SpoofGuardSwitchingProfile (schema)

SpoofGuard configuration

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
required_capabilities array of string Readonly
resource_type Must be set to the value SpoofGuardSwitchingProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
white_list_providers List of providers for white listed address bindings. array of WhiteListProvisionType Required

SshKeyBaseProperties (schema)

Name Description Type Notes
label SSH key label (used to identify the key) string Required
password Current password for user (required for users root and admin) string

SshKeyProperties (schema)

Name Description Type Notes
label SSH key label (used to identify the key) string Required
password Current password for user (required for users root and admin) string
type SSH key type string Required
Pattern: "^(ecdsa-sha2-nistp256|ecdsa-sha2-nistp384|ecdsa-sha2-nistp521|ssh-dss|ssh-ed25519|ssh-rsa)$"
value SSH key value string Required

SshKeyPropertiesListResult (schema)

SSH key properties query results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results SSH key properties query results array of SshKeyProperties Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SshServiceProperties (schema)

SSH Service properties

Name Description Type Notes
start_on_boot Start service when system boots boolean Required

SslCipher (schema)

SSL cipher

Name Description Type Notes
SslCipher SSL cipher string Enum: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384

SslCipherGroup (schema)

SSL cipher group

Name Description Type Notes
SslCipherGroup SSL cipher group string Enum: BALANCED, HIGH_SECURITY, HIGH_COMPATIBILITY, CUSTOM

SslProtocol (schema)

SSL protocol

Name Description Type Notes
SslProtocol SSL protocol string Enum: SSL_V2, SSL_V3, TLS_V1, TLS_V1_1, TLS_V1_2

SslTrustObjectData (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
key_algo Key algorithm contained in this certificate string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
passphrase Password for private key encryption string
path Absolute path of this object

Absolute path of this object		 string Readonly
pem_encoded pem encoded certificate data string Required
private_key private key data string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value SslTrustObjectData string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

StandaloneHostIdfwConfiguration (schema)

Standalone host idfw configuration

Idfw configuration for enable/disable idfw on standalone hosts.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
idfw_enabled Idfw enabled flag

If set to true, Idfw is enabled for standalone hosts		 boolean Required
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value StandaloneHostIdfwConfiguration string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

StandardHostSwitch (schema)

Standard host switch specification

Name Description Type Notes
cpu_config Enhanced Networking Stack enabled HostSwitch CPU configuration

CPU configuration specifies number of Logical cpu cores (Lcores) per Non Uniform Memory Access (NUMA) node dedicated to Enhanced Networking Stack enabled HostSwitch to get the best performance.		 array of CpuCoreConfigForEnhancedNetworkingStackSwitch
host_switch_name host switch name. This name will be used to reference this host switch.

If this name is unset or empty then the default host switch name will be used. The name must be unique among all host switches specified in a given transport node; unset name, empty name and the default host switch name are considered the same in terms of uniqueness.		 string Default: "nsxDefaultHostSwitch"
host_switch_profile_ids Identifiers of host switch profiles to be associated with this host switch.

host switch profiles bound to this host switch. If a profile ID is not provided for any HostSwitchProfileType that is supported by the transport node, the corresponding default profile will be bound to the host switch.		 array of HostSwitchProfileTypeIdEntry
ip_assignment_spec Specification for IPs to be used with host switch virtual tunnel endpoints

IPs can come from either a static IP pool or an explicitly specified IP list or DHCP. In case a list of IP is specified, the number of IPs provided should be sufficient as per teaming policy associated with host switch uplink profile.		 IpAssignmentSpec
(Abstract type: pass one of the following concrete types)
AssignedByDhcp
StaticIpListSpec
StaticIpMacListSpec
StaticIpPoolSpec
is_migrate_pnics Migrate any pnics which are in use

If the pnics specified in the pnics field are used by a single Vsphere Standard Switch or DVS, then migrate the pnics to N-VDS. If any two pnics are not used by the same Vsphere Standard Switch or DVS, it is not supported. In such cases, please migrate them in multiple steps, one Vsphere Standard Switch or DVS at a time.		 boolean Default: "False"
pnics Physical NICs connected to the host switch array of Pnic
pnics_uninstall_migration Physical NICs connected to a switch

The pnics to be migrated out to a non N-VDS switch during transport node deletion.		 array of Pnic
vmk_install_migration The vmknic and logical switch mappings

The vmk interfaces and the associated logical switches on the host switch. The state of this field is realized on the transport node during creation and update.		 array of VmknicNetwork
vmk_uninstall_migration The vmknic and portgroup mappings

The vmk interfaces and the associated portgroups on the VSS/DVS. This field is realized on the host during transport node deletion or NSX uninstallation to specify the destination for all vmks on N-VDS switches.		 array of VmknicNetwork

StandardHostSwitchSpec (schema)

Specification of transport node standard host switch

Standard host switch specification is used for NSX configured transport node.

Name Description Type Notes
host_switches Transport Node host switches array of StandardHostSwitch Required
Minimum items: 0
resource_type Must be set to the value StandardHostSwitchSpec string Required
Enum: StandardHostSwitchSpec, PreconfiguredHostSwitchSpec

StandbyRelocationConfig (schema)

Standby service contexts relocation setting

Name Description Type Notes
standby_relocation_threshold Standby service context relocation wait time

The time interval (in minutes) to wait before starting the standby
service context relocation process.
integer Minimum: 10
Maximum: 20000
Default: "30"

StartAppDiscoverySessionParameters (schema)

Parameters to start an application discovery session

Parameters to start an application discovery session. It can have NSGroup
Ids as well as the App Profile Ids.

Name Description Type Notes
app_profile_ids App Profile Ids array of string
ns_group_ids NSGroup Ids array of string Required

StatItem (schema)

Statistic of an entity

Displayed as a single number. It can be used to show the characteristics of entities such as Logical Switches, Firewall Rules, and so on. For example, number of logical switches and their admin states.

Name Description Type Notes
drilldown_id Id of drilldown widget

Id of drilldown widget, if any. Id should be a valid id of an existing widget.		 string
tooltip Multi-line tooltip

Multi-line text to be shown on tooltip while hovering over the stat.		 array of Tooltip Minimum items: 0
total Total

If expression for total is specified, it evaluates it. Total can be omitted if not needed to be shown.		 string
value Stat

Expression for stat to be displayed.		 string Required
Maximum length: 1024

StaticARPConfig (schema)

Static ARP Config

Contains Static ARP configuration for Segment.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_address IP Address IPAddress Required
mac_address MAC Address MACAddress Required
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value StaticARPConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

StaticHopBfdPeer (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
bfd_config Configuration for the BFD peer

If not specified then BFD peer will inherit configuration from the BFD global config.		 BfdConfigParameters
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled status of BFD peer

Indicate BFD peer is enabled or disabled. Default is true.		 boolean Default: "True"
id Unique identifier of this resource string Sortable
peer_ip_address IP address of BFD peer

IP address of BFD peer. This should be same as next hop IP address.		 IPAddress Required
resource_type Must be set to the value StaticHopBfdPeer string
source_addresses Array of Logical Router Uplink IP Addresses

BFD peers will be created from all these source addresses to this neighbour.		 array of IPAddress Maximum items: 1
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

StaticHopBfdPeerDeleteRequestParameters (schema)

BFD peer delete request parameters

Name Description Type Notes
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"

StaticHopBfdPeerListParameters (schema)

BFD Peers list parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

StaticHopBfdPeerListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results static hop BFD peer list results array of StaticHopBfdPeer Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

StaticIpListSpec (schema)

IP assignment specification for Static IP List.

Name Description Type Notes
default_gateway Gateway IP IPAddress Required
ip_list List of IPs for transport node host switch virtual tunnel endpoints array of IPAddress Required
Maximum items: 32
resource_type Must be set to the value StaticIpListSpec string Required
Enum: StaticIpPoolSpec, StaticIpListSpec, AssignedByDhcp, StaticIpMacListSpec
subnet_mask Subnet mask IPAddress Required

StaticIpMacListSpec (schema)

IP and MAC assignment specification for Static IP List.

Name Description Type Notes
default_gateway Gateway IP IPAddress Required
ip_mac_list List of IPs and MACs for transport node host switch virtual tunnel endpoints array of IpMacPair Required
Maximum items: 32
resource_type Must be set to the value StaticIpMacListSpec string Required
Enum: StaticIpPoolSpec, StaticIpListSpec, AssignedByDhcp, StaticIpMacListSpec
subnet_mask Subnet mask IPAddress Required

StaticIpPoolSpec (schema)

IP assignment specification for Static IP Pool.

Name Description Type Notes
ip_pool_id string Required
resource_type Must be set to the value StaticIpPoolSpec string Required
Enum: StaticIpPoolSpec, StaticIpListSpec, AssignedByDhcp, StaticIpMacListSpec

StaticRoute (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
logical_router_id Logical router id string Readonly
network CIDR IPCIDRBlock Required
next_hops Next Hops array of StaticRouteNextHop Required
Minimum items: 1
resource_type Must be set to the value StaticRoute string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

StaticRouteListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paginated list of static routes array of StaticRoute Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

StaticRouteNextHop (schema)

Name Description Type Notes
administrative_distance Administrative Distance for the next hop IP integer Minimum: 1
Maximum: 255
Default: "1"
bfd_enabled Status of bfd for this next hop where bfd_enabled = true indicate bfd is enabled for this next hop and bfd_enabled = false indicate bfd peer is disabled or not configured for this next hop. boolean Readonly
Default: "False"
blackhole_action Action to be taken on matching packets for NULL routes. BlackholeAction Readonly
ip_address Next Hop IP IPAddress
logical_router_port_id Reference of logical router port to be used for next hop ResourceReference

StaticRoutes (schema)

Static routes configuration on Tier-0 or on Tier-1

Static routes configuration on Tier-0 or Tier-1.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
network Network address in CIDR format

Specify network address in CIDR format.
IPElement Required
next_hops Next hop routes for network

Specify next hop routes for network.
array of RouterNexthop Required
Minimum items: 1
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value StaticRoutes string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

StaticRoutesListRequestParameters (schema)

Static Routes list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

StaticRoutesListResult (schema)

Paged collection of Static Routes

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Static Routes list results array of StaticRoutes Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

StatisticsRequestParameters (schema)

Statistics Request Parameters

Request parameters that represents an enforcement point path. A request on statistics
can be parameterized with this path and will be evaluated as follows:
- no enforcement point path specified: the request is evaluated on all enforcement
points.
- {enforcement_point_path}: the request is evaluated only on the given enforcement
point.

Name Description Type Notes
enforcement_point_path String Path of the enforcement point

enforcement point path, forward slashes must be escaped using %2F.
string

StatsConfiguration (schema)

Stats Configuration

Represents configuration of a statistic for an entity. Example, number of logical switches and their admin states.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
datasources Array of Datasource Instances with their relative urls

The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.		 array of Datasource Minimum items: 0
description Description of this resource string Maximum length: 1024
Sortable
display_name Widget Title

Title of the widget. If display_name is omitted, the widget will be shown without a title.		 string Maximum length: 255
drilldown_id Id of drilldown widget

Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.		 string Maximum length: 255
footer Footer
icons Icons

Icons to be applied at dashboard for widgets and UI elements.		 array of Icon
id Unique identifier of this resource string Sortable
is_drilldown Set as a drilldown widget

Set to true if this widget should be used as a drilldown.		 boolean Default: "False"
label Label of the Stats Configuration

Displayed at the sections, by default. It labels the entities of sections. If label is not provided, the sections are not labelled.		 Label
legend Legend for the widget

Legend to be displayed. If legend is not needed, do not include it.		 Legend
navigation Navigation to a specified UI page

Hyperlink of the specified UI page that provides details.		 string Maximum length: 1024
resource_type Must be set to the value StatsConfiguration string Required
Readonly
Enum: LabelValueConfiguration, DonutConfiguration, MultiWidgetConfiguration, ContainerConfiguration, StatsConfiguration, GridConfiguration, GraphConfiguration
Maximum length: 255
sections Sections array of DonutSection Minimum items: 0
shared Visiblity of widgets to other users

Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.		 boolean Deprecated
stat Expression for feching statistic of an entity

Expression that fetches statistic. It can be used to show the characteristics of entities such as Logical Switches, Firewall Rules, and so on. For example, number of logical switches and their admin states. If stat is not provided, then it will not be displayed.		 StatItem
sub_type Sub-type of the StatsConfiguration

A sub-type of StatsConfiguration. If sub-type is not specified the parent type is rendered. The COMPACT sub_type, conserves the space for the widget. The statistic is placed on the right side on top of the status bar and the title of the widget is placed on the left side on the top of the status bar. The COMPACT style aligns itself horizontally as per the width of the container. If multiple widgets are placed insided the container then the widgets are placed one below the other to conserve the space.		 string Enum: COMPACT
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
weight Weightage or placement of the widget or container

Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.		 int Deprecated

StatusCount (schema)

Name Description Type Notes
degraded_count Degraded count int
down_count Down count int
status Roll-up status string Enum: UP, DOWN, DEGRADED, UNKNOWN
up_count Up count int

StatusSummaryRequestParameters (schema)

Name Description Type Notes
component_type Component type based on which upgrade units to be filtered string
selection_status Flag to indicate whether to return status for only selected, only deselected or both type of upgrade units string Enum: SELECTED, DESELECTED, ALL
Default: "ALL"
show_history Get upgrade activity for a given component

Get details of the last 16 operations performed during the upgrade of a given component.		 boolean

StructuredData (schema)

Structured data entry in RFC5424 log format

Name Description Type Notes
audit Audit flag of the log string Required
comp Component value of the log string Required
ent_id Entity Id value of the log string
ereq_id External request Id value of the log string
error_code Error Code value of the log string
level Level value of the log string
req_id Request Id value of the log string
s2comp Sub-subcomponent value of the log string
security Security flag of the log string
subcomp Subcomponent value of the log string Required
username Username value of the log string

SubPool (schema)

Name Description Type Notes
remaining_credit_number Remaining credit number of the sub-pool

Credits remaining on the sub-pool that can be used to deploy services of
corresponding sub-pool type.
int Readonly
sub_pool_type Sub-pool Type

Type of the sub-pool configured on edge node.		 string Readonly
usage_percentage Percentage utlization of sub-pool

Percentage utlization of sub-pool based on the number of services
configured and the hard limits, if any.
number Readonly

SuccessNodeSupportBundleResult (schema)

Name Description Type Notes
bundle_name Name of support bundle, e.g. nsx_NODETYPE_UUID_YYYYMMDD_HHMMSS.tgz string Required
Readonly
bundle_size Size of support bundle in bytes integer Required
Readonly
node_display_name Display name of node string Required
Readonly
node_id UUID of node string Required
Readonly
sha256_thumbprint File's SHA256 thumbprint string Required
Readonly

SummaryMigrationFeedbackRequest (schema)

Feedback detail required for Migration

Minimal description of feedback requests.

Name Description Type Notes
details Details about this specific feedback request

Details about this specific feedback request.		 string Readonly
id UUID of the feedback request

Identifier of the feedback request.		 string Required
Readonly
object_id UUID of the object

Identifier of the object for which feedback is requested.		 string Readonly
rejected Indicates if the previous feedback response was rejected

Indicates if previous response was invalid. Please provide a valid response.		 boolean Readonly
resolution Previous resolution details for this feedback request

If the feedback request was resolved earlier, provides details about the previous resolution.		 string Readonly
resolved Indicates if this feedback request has already been resolved

Indicates if a valid response already exist for this feedback request.		 boolean Readonly
v_object_id Id of this object in the source NSX endpoint

Identifier for this object in the source NSX endpoint.		 string Required
Readonly
v_object_name Name of this object in the source NSX endpoint

Name of this object in the source NSX endpoint.		 string Required
Readonly

SummaryRequest (schema)

Name Description Type Notes
summary Flag indicating whether to return the summary boolean Default: "False"

SupportBundleFileTransferAuthenticationScheme (schema)

Name Description Type Notes
password Password to authenticate with string Required
scheme_name Authentication scheme name string Required
Enum: PASSWORD
username User name to authenticate with string Required

SupportBundleFileTransferProtocol (schema)

Name Description Type Notes
authentication_scheme Scheme to authenticate if required SupportBundleFileTransferAuthenticationScheme Required
name Protocol name string Required
Enum: SCP, SFTP
ssh_fingerprint SSH fingerprint of server string Required

SupportBundleQueryParameter (schema)

Name Description Type Notes
override_async_response Override any existing support bundle async response

Override an existing support bundle async response if it exists. If not set to true and an existing async response is available, the support bundle request results in 409 CONFLICT.		 boolean Default: "False"
require_delete_or_override_async_response Suppress auto-deletion of generated support bundle

If the remote_file_server option has not been specified, save generated support bundle until a subsequent request either deletes or overrides the support bundle generated by the current request using the action=delete_async_response or override_async_response=true query parameters. Setting this property to true allows the NSX API client to re-download a support bundle if for example a previous download attempt fails.		 boolean Default: "False"

SupportBundleQueryParameters (schema)

Name Description Type Notes
all Include all files

Include all files including files that may have sensitive information like core files.		 boolean Default: "False"

SupportBundleRemoteFileServer (schema)

Remote file server

Name Description Type Notes
directory_path Remote server directory to copy bundle files to string Required
manager_upload_only Uploads to the remote file server performed by the manager boolean Default: "False"
port Server port integer Minimum: 1
Maximum: 65535
Default: "22"
protocol Protocol to use to copy file SupportBundleFileTransferProtocol Required
server Remote server hostname or IP address string Required

SupportBundleRequest (schema)

Name Description Type Notes
content_filters Bundle should include content of specified type array of ContentFilterValue Minimum items: 1
Default: "['DEFAULT']"
log_age_limit Include log files with modified times not past the age limit in days integer Minimum: 1
nodes List of cluster/fabric node UUIDs processed in specified order array of string Required
Minimum items: 1
remote_file_server Remote file server to copy bundles to, bundle in response body if not specified SupportBundleRemoteFileServer

SupportBundleResult (schema)

Name Description Type Notes
failed_nodes Nodes where bundles were not generated or not copied to remote server array of FailedNodeSupportBundleResult Required
Readonly
remaining_nodes Nodes where bundle generation is pending or in progress array of RemainingSupportBundleNode
request_properties Request properties SupportBundleRequest Required
Readonly
success_nodes Nodes whose bundles were successfully copied to remote file server array of SuccessNodeSupportBundleResult Required
Readonly

SupportedHostOSListResult (schema)

Supported host OS list result

REST interface for supported host OS types.

Name Description Type Notes
results Supported host OS list results array of string Required
Readonly

SwitchSecuritySwitchingProfile (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
block_non_ip_traffic A flag to block all traffic except IP/(G)ARP/BPDU boolean Default: "False"
bpdu_filter Enables or disables BPDU filtering

BPDU filtering is enabled by default. A pre-defined list of MAC addresses
are automatically excluded from BPDU filtering.
BpduFilter
description Description of this resource string Maximum length: 1024
Sortable
dhcp_filter Filters DHCP server and/or client traffic.

DHCP server blocking is enabled and client blocking is disabled by default		 DhcpFilter
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ra_guard_enabled Indicates whether ra guard should be enabled

RA Guard when enabled blocks unauthorized/rogue Router Advertisement (RA) packets.		 boolean Default: "True"
rate_limits Allows configuration of rate limits for broadcast and multicast traffic

Rate limiting is disabled by default		 RateLimits
required_capabilities array of string Readonly
resource_type Must be set to the value SwitchSecuritySwitchingProfile string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

SwitchingGlobalConfig (schema)

NSX global configs for switching

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
global_replication_mode_enabled A flag to indicate if global replication mode is enabled

When this flag is set true, certain types of BUM packets will be sent to all VTEPs in the global VTEP table, ignoring the logical switching span.		 boolean Default: "False"
id Unique identifier of this resource string Sortable
physical_uplink_mtu MTU for the physical uplinks

This is the global default MTU for all the physical uplinks in a NSX domain. This is the default value for the optional uplink profile MTU field. When the MTU value is not specified in the uplink profile, this global value will be used. This value can be overridden by providing a value for the optional MTU field in the uplink profile. Whenever this value is updated, the updated value will only be propagated to the uplinks that don't have the MTU value in their uplink profiles. If this value is not set, the default value of 1700 will be used. The Transport Node state can be monitored to confirm if the updated MTU value has been realized.		 int Default: "1700"
resource_type Must be set to the value SwitchingGlobalConfig GlobalConfigType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
uplink_mtu_threshold Upper threshold for MTU on physical and logical uplinks

This value defines the upper threshold for the MTU value that can be configured at a physical uplink level or a logical routing uplink level in a NSX domain. All Uplink profiles validate against this value so that the MTU specified in an Uplink profile does not exceed this global upper threshold. Similarly, when this value is modified, the new value must be greater than or equal to any existing Uplink profile's MTU. This value is also validated to be greater than or equal to physical_uplink_mtu in SwitchingGlobalConfig and logical_uplink_mtu in RoutingGlobalConfig.		 int Default: "9000"

SwitchingProfileDeleteParameters (schema)

Name Description Type Notes
unbind force unbinding of logical switches and ports from a switching profile boolean Default: "False"

SwitchingProfileListParameters (schema)

Switching profile list parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_system_owned Whether the list result contains system resources boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
switching_profile_type comma-separated list of switching profile types, e.g. ?switching_profile_type=QosSwitchingProfile,IpDiscoverySwitchingProfile string

SwitchingProfileStatus (schema)

Name Description Type Notes
num_logical_ports Number of logical ports using a switching profile integer Required
Readonly
num_logical_switches Number of logical switches using a switching profile integer Readonly
switching_profile_id Identifier for the switching profile string

SwitchingProfileType (schema)

Supported switching profiles.

Supported switching profiles.
'PortMirroringSwitchingProfile' is deprecated, please turn to
"Troubleshooting And Monitoring: Portmirroring" and use
PortMirroringSession API for port mirror function.

Name Description Type Notes
SwitchingProfileType Supported switching profiles.

Supported switching profiles.
'PortMirroringSwitchingProfile' is deprecated, please turn to
"Troubleshooting And Monitoring: Portmirroring" and use
PortMirroringSession API for port mirror function.
string Enum: QosSwitchingProfile, PortMirroringSwitchingProfile, IpDiscoverySwitchingProfile, SpoofGuardSwitchingProfile, SwitchSecuritySwitchingProfile, MacManagementSwitchingProfile

SwitchingProfileTypeIdEntry (schema)

Name Description Type Notes
key SwitchingProfileType
value key value string Required

SwitchingProfilesListResult (schema)

Switching Profile queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Switching Profile Results array of BaseSwitchingProfile
(Abstract type: pass one of the following concrete types)
IpDiscoverySwitchingProfile
MacManagementSwitchingProfile
PortMirroringSwitchingProfile
QosSwitchingProfile
SpoofGuardSwitchingProfile
SwitchSecuritySwitchingProfile		 Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

SwitchingToVmcModeParameters (schema)

Parameters required to switch to VMC nsx node mode

Possible values of a mode in a "/config/nsx_appliance_mode" file

Name Description Type Notes
auth_code Auth Code

Client's credentials.		 Oauth2Credentials
base_url CSP base URL

Protocol and domain name (or IP address) of a CSP server, like "https://console-stg.cloud.vmware.com".		 string
basic_auth_whitelist_ips Whitelist IPs

List of whitelist IPs for basic auth		 array of string
csp_client_credential CSP Client Credential

Client's credentials on CSP server		 Oauth2Credentials
csp_client_incoming_credentials CSP client incoming credentials

List of incoming client IDs		 array of string
csp_org_uri Relative path to CSP Org

Relative path on CSP server to the Org location. Can be "/csp/gateway/am/api/orgs/".		 string
csp_time_drift CSP time drift

CSP time drift in milliseconds		 integer
default_org_id Org ID of a Client

Org ID of a Client - commonly UUID.		 string
ea_org Org Info for "Site Reliability Engineer"

Org ID and role of "Site Reliability Engineer"		 OrgInfo
gss_org Org Info for "Global Support Services"

Org ID and role of "Global Support Services"		 OrgInfo
mode_change_only Only change node mode

When this parameter is set to true, only a change of the node mode happens without any update to the auth properties. When this param is not set to true i.e. set to false or not provided, mode change and update to the auth properties will both happen.		 boolean
mode_id Nsx node mode

Possible enum values in a "/config/nsx_appliance_mode" file		 string Required
Enum: ON_PREM, SERVICE, VMC, VMC_LOCAL
proxy_host IP/host of PoP (Point-of-Presence) HTTP proxy server HostnameOrIPv4Address
proxy_port Port of PoP (Point-of-Presence) Http proxy server integer Minimum: 1
Maximum: 65535
resource_type Node Mode type string Enum: SwitchingToVmcModeParameters
Default: "SwitchingToVmcModeParameters"
sddc_id SDDC id

SDDC id		 string
service_definition_id Service definition id

Service definition id		 string
sre_org Org Info for "Enterprise Admin"

Org ID and role of "Enterprise Admin"		 OrgInfo

SyslogFacility (schema)

Syslog facility

Name Description Type Notes
SyslogFacility Syslog facility string Enum: KERN, USER, MAIL, DAEMON, AUTH, SYSLOG, LPR, NEWS, UUCP, AUTHPRIV, FTP, LOGALERT, CRON, LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7

SystemHostname (schema)

System host name

Name Description Type Notes
SystemHostname System host name string Maximum length: 255
Pattern: "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\.?$"

Tag (schema)

Arbitrary key-value pairs that may be attached to an entity

Name Description Type Notes
scope Tag scope

Tag searches may optionally be restricted by scope		 string Maximum length: 128
Default: ""
tag Tag value

Identifier meaningful to user with maximum length of 256 characters		 string Default: ""

TargetResourceStatus (schema)

Holds status of target resource in firewall context.

Name Description Type Notes
target_id Target ID

Identifier of the NSX resource.		 string Maximum length: 64
target_status Firewall Status Type

Firewall status on a target logical resource.		 FirewallStatusType Required

TaskListResult (schema)

Task query results

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Task property results array of TaskProperties Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

TaskProperties (schema)

Task properties

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
async_response_available True if response for asynchronous request is available boolean Readonly
cancelable True if this task can be canceled boolean Readonly
description Description of the task string Readonly
end_time The end time of the task in epoch milliseconds EpochMsTimestamp Readonly
id Identifier for this task string Readonly
message A message describing the disposition of the task string Readonly
progress Task progress if known, from 0 to 100 integer Readonly
Minimum: 0
Maximum: 100
request_method HTTP request method string Readonly
request_uri URI of the method invocation that spawned this task string Readonly
start_time The start time of the task in epoch milliseconds EpochMsTimestamp Readonly
status Current status of the task TaskStatus Readonly
user Name of the user who created this task string Readonly

TaskQueryParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
request_uri Request URI(s) to include in query result

Comma-separated request URIs to include in query result		 string
sort_ascending boolean
sort_by Field by which records are sorted string
status Status(es) to include in query result

Comma-separated status values to include in query result		 string
user Names of users to include in query result

Comma-separated user names to include in query result		 string

TaskStatus (schema)

Current status of the task

Name Description Type Notes
TaskStatus Current status of the task string Enum: running, error, success, canceling, canceled, killed

TcpHeader (schema)

Name Description Type Notes
dst_port Destination port of tcp header integer Minimum: 0
Maximum: 65535
src_port Source port of tcp header integer Minimum: 0
Maximum: 65535
tcp_flags TCP flags (9bits) integer Minimum: 0
Maximum: 511

TcpMaximumSegmentSizeClamping (schema)

TCP MSS Clamping

TCP MSS Clamping Direction and Value.

Name Description Type Notes
direction Maximum Segment Size Clamping Direction

Specifies the traffic direction for which to apply MSS Clamping.
string Enum: NONE, INBOUND_CONNECTION, OUTBOUND_CONNECTION, BOTH
Default: "NONE"
max_segment_size Maximum Segment Size Value

MSS defines the maximum amount of data that a host is willing to
accept in a single TCP segment. This field is set in TCP header
during connection establishment. To avoid packet fragmentation,
you can set this field depending on uplink MTU and VPN overhead.
This is an optional field and in case it is left unconfigured,
best possible MSS value will be calculated based on effective
mtu of uplink interface. Supported MSS range is 216 to 8960.
integer Minimum: 108
Maximum: 8852

TcpMssClamping (schema)

Tcp Mss Clamping Object

Tcp Mss Clamping Direction and value

Name Description Type Notes
direction MSS Clamping direction

Specifies the traffic direction for which to apply MSS Clamping.		 string Enum: NONE, INBOUND_CONNECTION, OUTBOUND_CONNECTION, BOTH
Default: "NONE"
max_segment_size Maximum Segment Size value

It defines the maximum amount of data that a host is willing to accept in a single TCP segment. This field is set in TCP header during connection establishment. To avoid packet fragmentation, you can set this field depending on uplink MTU and VPN overhead. This is optional field and in case it is left unconfigured, best possible MSS value will be calculated based on effective mtu of uplink interface. Supported MSS range is 108 to 8852.		 integer Minimum: 108
Maximum: 8852

TcpPolicyLbMonitorProfile (schema)

PolicyLbMonitorProfile for active health checks over TCP

Active healthchecks are disabled by default and can be enabled for a
server pool by binding a health monitor to the Group through the
PolicyLbRule object. This represents active health monitoring over TCP.
Active healthchecks are initiated periodically, at a configurable
interval, to each member of the Group. Only if a healthcheck fails
consecutively for a specified number of times (fall_count) to a member
will the member status be marked DOWN. Once a member is DOWN, a specified
number of consecutive successful healthchecks (rise_count) will bring
the member back to UP state. After a healthcheck is initiated, if it
does not complete within a certain period, then also
the healthcheck is considered to be unsuccessful. Completing a
healthcheck within timeout means establishing a connection (TCP or SSL),
if applicable, sending the request and receiving the response, all within
the configured timeout.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count Monitor fall count for active healthchecks

Only if a healthcheck fails consecutively for a specified number of
times, given with fall_count, to a member will the member status be
marked DOWN.
integer Default: "3"
id Unique identifier of this resource string Sortable
interval Monitor interval in seconds for active healthchecks

Active healthchecks are initiated periodically, at a configurable
interval (in seconds), to each member of the Group.
integer Default: "5"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
monitor_port Monitor port for active healthchecks

Typically, monitors perform healthchecks to Group members using the
member IP address and pool_port.
However, in some cases, customers prefer to run healthchecks against a
different port than the pool member port which handles actual
application traffic. In such cases, the port to run healthchecks
against can be specified in the monitor_port value.
int Minimum: 0
Maximum: 65535
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value TcpPolicyLbMonitorProfile string Required
Enum: TcpPolicyLbMonitorProfile, UdpPolicyLbMonitorProfile, IcmpPolicyLbMonitorProfile, HttpPolicyLbMonitorProfile, HttpsPolicyLbMonitorProfile
rise_count Monitor rise count for active healthchecks

Once a member is DOWN, a specified number of consecutive successful
healthchecks specified by rise_count will bring the member back to UP
state.
integer Default: "3"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Monitor timeout in seconds for active healthchecks

Timeout specified in seconds. After a healthcheck is initiated, if it
does not complete within a certain period, then also the healthcheck
is considered to be unsuccessful. Completing a healthcheck within
timeout means establishing a connection (TCP or SSL), if applicable,
sending the request and receiving the response, all within the
configured timeout.
integer Default: "15"

TcpPolicyLbVirtualServer (schema)

PolicyLbVirtualServer handling connections over TCP

Virtual server acts as a facade to an application, receives all client
connections over TCP and distributes them among the backend servers.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
access_log_enabled Access log enabled setting

If access log is enabled, all HTTP requests sent to an L7 virtual
server are logged to the access log file. Both successful requests
(backend server returns 2xx) and unsuccessful requests (backend
server returns 4xx or 5xx) are logged to access log, if enabled.
boolean Default: "False"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_address IP address of the PolicyLbVirtualServer

Configures the IP address of the PolicyLbVirtualServer where it
receives all client connections and distributes them among the
backend servers.
IPAddress Required
lb_persistence_profile Persistence Profile used by PolicyLbVirtualServer

Path to optional object that enables persistence on a virtual server
allowing related client connections to be sent to the same backend
server. Persistence is disabled by default.
string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
ports Virtual server port number(s) or port range(s)

Ports contains a list of at least one port or port range such as "80",
"1234-1236". Each port element in the list should be a single port or a
single port range.
array of PortElement Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value TcpPolicyLbVirtualServer string Required
Enum: TcpPolicyLbVirtualServer, UdpPolicyLbVirtualServer, HttpPolicyLbVirtualServer, HttpsPolicyLbVirtualServer, CustomPolicyLbVirtualServer
router_path Path to router type object for PolicyLbVirtualServer

Path to router type object that PolicyLbVirtualServer connects to.
The only supported router object is Network.
string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
traffic_source string

TeamingPolicy (schema)

Uplink Teaming Policy

Name Description Type Notes
active_list List of Uplinks used in active list array of Uplink Required
policy Teaming policy string Required
Enum: FAILOVER_ORDER, LOADBALANCE_SRCID, LOADBALANCE_SRC_MAC
standby_list List of Uplinks used in standby list array of Uplink

TelemetryAgreement (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value TelemetryAgreement string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
telemetry_agreement_displayed Flag to indicate if telemetry agreement has been displayed

Determine if telemetry agreement has been displayed. If false,
the agreement text will be displayed at login time.
boolean Required

TelemetryConfig (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
ceip_acceptance Flag to indicate if CEIP has been accepted

Enable this flag to participate in the Customer Experience Improvement Program.
boolean Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
proxy_enabled Flag to indicate if proxy has been configured

Enable this flag to specify a proxy, and provide the proxy settings.		 boolean Default: "False"
resource_type Must be set to the value TelemetryConfig string
schedule_enabled Flag to indicate if data collection is enabled

Enable this to schedule data collection and upload times. If enabled,
and a schedule is not provided, a default schedule (WEEKLY, Sunday at 2:00 a.m)
will be applied.
boolean Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
telemetry_proxy Set config for proxy to be used to send out telemetry data

Specify the proxy configuration (scheme, server, port) here.		 TelemetryProxy
telemetry_schedule Set schedule for when telemetry data should be collected

Specify one of Daily, Weekly or Monthly schedules.		 TelemetrySchedule
(Abstract type: pass one of the following concrete types)
DailyTelemetrySchedule
MonthlyTelemetrySchedule
WeeklyTelemetrySchedule

TelemetryProxy (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
hostname FQDN or IP address of the proxy server

Specify the fully qualified domain name, or ip address, of the proxy server.
string Required
id Unique identifier of this resource string Sortable
password Password

Specify the password used to authenticate with the proxy server, if required.
A GET call on /telemetry/config returns a non-meaningful password to maintain
security. To change the password to a new value, issue a PUT call after updating
this field. To remove the password, issue a PUT call after emptying this field.
To retain a previously set password, issue a PUT call keeping the non-meaningful
value obtained from the GET call.
string
port Configured port for proxy

Specify the port of the proxy server.		 int Required
resource_type Must be set to the value TelemetryProxy string
scheme The scheme accepted by the proxy server

The scheme accepted by the proxy server. Specify one of HTTP and HTTPS.
string Required
Enum: HTTP, HTTPS
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
username User name

Specify the user name used to authenticate with the proxy server, if required.
string

TelemetrySchedule (schema)

Abstract base type for telemetry schedule configuration

This is an abstract type. Concrete child types:
DailyTelemetrySchedule
MonthlyTelemetrySchedule
WeeklyTelemetrySchedule

Name Description Type Notes
frequency_type Frequency at which data will be collected

Specify one of DailyTelemetrySchedule, WeeklyTelemetrySchedule, or MonthlyTelemetrySchedule.		 string Required

ThreatStatus (schema)

Name Description Type Notes
status Transport node threat status string Enum: NORMAL, ABNORMAL

Tier0 (schema)

Tier-0 configuration

Tier-0 configuration for external connectivity.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
default_rule_logging Enable logging for whitelisted rule

Indicates if logging should be enabled for the default whitelisting rule. This filed is
deprecated and recommended to change Rule logging filed. Note that this
filed is not synchornied with default logging field.
boolean Deprecated
Default: "False"
description Description of this resource string Maximum length: 1024
Sortable
dhcp_config_paths DHCP configuration for Segments connected to Tier-0

DHCP configuration for Segments connected to Tier-0. DHCP service is
configured in relay mode.
array of string Minimum items: 0
Maximum items: 1
disable_firewall Disable gateway firewall

Disable or enable gateway fiewall.		 boolean Default: "False"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
failover_mode Failover mode

Determines the behavior when a Tier-0 instance in ACTIVE-STANDBY
high-availability mode restarts after a failure. If set to
PREEMPTIVE, the preferred node will take over, even if it causes
another failure. If set to NON_PREEMPTIVE, then the instance that
restarted will remain secondary. This property must not be populated
unless the ha_mode property is set to ACTIVE_STANDBY.
string Enum: PREEMPTIVE, NON_PREEMPTIVE
Default: "NON_PREEMPTIVE"
force_whitelisting Flag to add whitelisting FW rule during realization

This filed is deprecated and recommended to change Rule action filed.
Note that this filed is not synchornied with default rule field.
boolean Deprecated
Default: "False"
ha_mode High-availability Mode for Tier-0

Specify high-availability mode for Tier-0. Default is ACTIVE_ACTIVE.
string Enum: ACTIVE_ACTIVE, ACTIVE_STANDBY
Default: "ACTIVE_ACTIVE"
id Unique identifier of this resource string Sortable
internal_transit_subnets Internal transit subnets in CIDR format

Specify subnets that are used to assign addresses to logical links
connecting service routers and distributed routers. Only IPv4
addresses are supported.
When not specified, subnet 169.254.0.0/24 is assigned by default
in ACTIVE_ACTIVE HA mode or 169.254.0.0/28 in ACTIVE_STANDBY mode.
array of string Maximum items: 1
ipv6_profile_paths IPv6 NDRA and DAD profiles configuration

IPv6 NDRA and DAD profiles configuration on Tier0. Either or both
NDRA and/or DAD profiles can be configured.
array of string Minimum items: 0
Maximum items: 2
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Tier0 string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transit_subnets Transit subnets in CIDR format

Specify transit subnets that are used to assign addresses to logical links
connecting tier-0 and tier-1s. Both IPv4 and IPv6 addresses are supported.
When not specified, subnet 100.64.0.0/16 is configured by default.
array of string

Tier0DeploymentMap (schema)

Tier-0 deployment map

Associate tier-0 to the enforcement point to realize policy intent

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enforcement_point Absolute path of enforcement point

Path of enforcement point on which Tier-0 will be deployed		 string Required
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Tier0DeploymentMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

Tier0DeploymentMapListRequestParameters (schema)

Tier0DeploymentMap list request parameters

Tier0DeploymentMap list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

Tier0DeploymentMapListResult (schema)

Paged Collection of Tier-0 Deployment map

Paged Collection of Tier-0 Deployment map

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Tier-0 Deployment Maps array of Tier0DeploymentMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

Tier0GatewayState (schema)

Tier0 gateway state

Name Description Type Notes
enforcement_point_path Enforcement point path

String Path of the enforcement point.
When not specified, routes from all enforcement-points are returned.
string
ipv6_status IPv6 DAD status for Tier0 interfaces

IPv6 DAD status for interfaces configured on Tier0
array of IPv6Status
tier0_state Tier0 state

Detailed realized state information for Tier0
LogicalRouterState
tier0_status Tier0 status

Detailed realized status information for Tier0
LogicalRouterStatus

Tier0HaVipConfig (schema)

Tier0 HA VIP Config

Name Description Type Notes
enabled Flag to enable this HA VIP config. boolean Default: "True"
external_interface_paths Policy paths to Tier0 external interfaces for providing redundancy

Policy paths to Tier0 external interfaces which are to be paired to provide redundancy. Floating IP will be owned by one of these interfaces depending upon which edge node is Active.		 array of string Required
Minimum items: 2
vip_subnets VIP floating IP address subnets

Array of IP address subnets which will be used as floating IP addresses.		 array of InterfaceSubnet Required
Minimum items: 1
Maximum items: 2

Tier0Interface (schema)

Tier-0 interface configuration

Tier-0 interface configuration for external connectivity.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
edge_cluster_member_index Association of interface with edge cluster member

Specify association of interface with edge cluster member.
This property is deprecated, use edge_path instead. When both
properties are specifed, only edge_path property is used.
int Deprecated
Minimum: 0
edge_path Policy path to edge node

Policy path to edge node to handle external connectivity.
Required when interface type is EXTERNAL.
string
id Unique identifier of this resource string Sortable
ipv6_profile_paths IPv6 NDRA profile configuration

Configuration IPv6 NDRA profile. Only one
NDRA profile can be configured.
array of string Minimum items: 0
Maximum items: 1
ls_id Logical switch id to attach tier-0 interface

Specify logical switch to which tier-0 interface is connected for
external access.
This property is deprecated, use segment_path instead. Both
properties cannot be used together.
string Deprecated
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
mtu MTU size

Maximum transmission unit (MTU) specifies the size of the largest
packet that a network protocol can transmit.
int Minimum: 64
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Tier0Interface string
segment_path Segment to attach tier-0 interface

Specify Segment to which this interface is connected to.
Either segment_path or ls_id property is required.
string
subnets IP address and subnet specification for interface

Specify IP address and network prefix for interface.
array of InterfaceSubnet Required
Minimum items: 1
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
type Interface type

Interface type
string Enum: EXTERNAL, SERVICE, LOOPBACK
Default: "EXTERNAL"

Tier0InterfaceListRequestParameters (schema)

Tier-0 Interface list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

Tier0InterfaceListResult (schema)

Paged collection of Tier-0 Interfaces

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Tier-0 Interface list results array of Tier0Interface Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

Tier0ListRequestParameters (schema)

Tier-0 list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

Tier0ListResult (schema)

Paged collection of Tier-0s

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Tier-0 list results array of Tier0 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

Tier0RouteMap (schema)

RouteMap for redistributing routes to BGP and other routing protocols

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
entries Ordered list of route map entries

Ordered list of route map entries.
array of RouteMapEntry Required
Minimum items: 1
Maximum items: 1000
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Tier0RouteMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

Tier0RouteMapListResult (schema)

Paged collection of RouteMaps

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Tier0RouteMap results array of Tier0RouteMap Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

Tier0RouteRedistributionTypes (schema)

Tier-0 route redistribution types

Tier-0 route redistribution types.

TIER0_STATIC: Redistribute user added static routes.
TIER0_CONNECTED: Redistribute all subnets configured on Interfaces and
routes related to TIER0_ROUTER_LINK, TIER0_SEGMENT,
TIER0_DNS_FORWARDER_IP, TIER0_IPSEC_LOCAL_IP, TIER0_NAT types.
TIER1_STATIC: Redistribute all subnets and static routes advertised
by Tier-1s.
TIER0_EXTERNAL_INTERFACE: Redistribute external interface subnets
on Tier-0.
TIER0_LOOPBACK_INTERFACE: Redistribute loopback interface subnets
on Tier-0.
TIER0_SEGMENT: Redistribute subnets configured on Segments connected
to Tier-0.
TIER0_ROUTER_LINK: Redistribute router link port subnets on Tier-0
TIER0_SERVICE_INTERFACE: Redistribute Tier0 service interface subnets.
TIER0_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets.
TIER0_IPSEC_LOCAL_IP: Redistribute IPSec subnets.
TIER0_NAT: Redistribute NAT IPs owned by Tier-0.
TIER1_NAT: Redistribute NAT IPs advertised by Tier-1 instances.
TIER1_LB_VIP: Redistribute LB VIP IPs advertised by Tier-1 instances.
TIER1_LB_SNAT: Redistribute LB SNAT IPs advertised by Tier-1 instances.
TIER1_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets on Tier-1
instances.
TIER1_CONNECTED: Redistribute all subnets configured on Segments and
Service Interfaces.
TIER1_SERVICE_INTERFACE: Redistribute Tier1 service interface subnets.
TIER1_SEGMENT: Redistribute subnets configured on Segments connected
to Tier1.
TIER1_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint
subnets advertised by TIER1.


Route redistribution destination is BGP.

Name Description Type Notes
Tier0RouteRedistributionTypes Tier-0 route redistribution types

Tier-0 route redistribution types.

TIER0_STATIC: Redistribute user added static routes.
TIER0_CONNECTED: Redistribute all subnets configured on Interfaces and
routes related to TIER0_ROUTER_LINK, TIER0_SEGMENT,
TIER0_DNS_FORWARDER_IP, TIER0_IPSEC_LOCAL_IP, TIER0_NAT types.
TIER1_STATIC: Redistribute all subnets and static routes advertised
by Tier-1s.
TIER0_EXTERNAL_INTERFACE: Redistribute external interface subnets
on Tier-0.
TIER0_LOOPBACK_INTERFACE: Redistribute loopback interface subnets
on Tier-0.
TIER0_SEGMENT: Redistribute subnets configured on Segments connected
to Tier-0.
TIER0_ROUTER_LINK: Redistribute router link port subnets on Tier-0
TIER0_SERVICE_INTERFACE: Redistribute Tier0 service interface subnets.
TIER0_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets.
TIER0_IPSEC_LOCAL_IP: Redistribute IPSec subnets.
TIER0_NAT: Redistribute NAT IPs owned by Tier-0.
TIER1_NAT: Redistribute NAT IPs advertised by Tier-1 instances.
TIER1_LB_VIP: Redistribute LB VIP IPs advertised by Tier-1 instances.
TIER1_LB_SNAT: Redistribute LB SNAT IPs advertised by Tier-1 instances.
TIER1_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets on Tier-1
instances.
TIER1_CONNECTED: Redistribute all subnets configured on Segments and
Service Interfaces.
TIER1_SERVICE_INTERFACE: Redistribute Tier1 service interface subnets.
TIER1_SEGMENT: Redistribute subnets configured on Segments connected
to Tier1.
TIER1_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint
subnets advertised by TIER1.


Route redistribution destination is BGP.
string Enum: TIER0_STATIC, TIER0_CONNECTED, TIER0_EXTERNAL_INTERFACE, TIER0_SEGMENT, TIER0_ROUTER_LINK, TIER0_SERVICE_INTERFACE, TIER0_LOOPBACK_INTERFACE, TIER0_DNS_FORWARDER_IP, TIER0_IPSEC_LOCAL_IP, TIER0_NAT, TIER1_NAT, TIER1_STATIC, TIER1_LB_VIP, TIER1_LB_SNAT, TIER1_DNS_FORWARDER_IP, TIER1_CONNECTED, TIER1_SERVICE_INTERFACE, TIER1_SEGMENT, TIER1_IPSEC_LOCAL_ENDPOINT

Tier0StateRequestParameters (schema)

State request parameters for Tier0 gateway

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
enforcement_point_path Enforcement point path

String Path of the enforcement point.
When not specified, routes from all enforcement-points are returned.
string
included_fields Comma separated list of fields that should be included in query result string
interface_path Interface path for interface specific state such as IPv6 DAD state

String Path of interface on current Tier0 gateway for interface
specified state such as IPv6 DAD state.
When not specified, IPv6 NDRA state from from all interfaces is returned.
string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

Tier1 (schema)

Tier-1

Tier-1 instance configuration.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
default_rule_logging Enable logging for whitelisted rule

Indicates if logging should be enabled for the default whitelisting rule. This filed is
deprecated and recommended to change Rule logging filed. Note that this
filed is not synchornied with default logging field.
boolean Deprecated
Default: "False"
description Description of this resource string Maximum length: 1024
Sortable
dhcp_config_paths DHCP configuration for Segments connected to Tier-1

DHCP configuration for Segments connected to Tier-1. DHCP service is
enabled in relay mode.
array of string Minimum items: 0
Maximum items: 1
disable_firewall Disable gateway firewall

Disable or enable gateway fiewall.		 boolean Default: "False"
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enable_standby_relocation Flag to enable standby service router relocation.

Flag to enable standby service router relocation.
Standby relocation is not enabled until edge cluster is configured
for Tier1.
boolean Default: "False"
failover_mode Failover mode

Determines the behavior when a Tier-1 instance in ACTIVE-STANDBY
high-availability mode restarts after a failure. If set to
PREEMPTIVE, the preferred node will take over, even if it causes
another failure. If set to NON_PREEMPTIVE, then the instance that
restarted will remain secondary. This property must not be populated
unless the ha_mode property is set to ACTIVE_STANDBY.
string Enum: PREEMPTIVE, NON_PREEMPTIVE
Default: "NON_PREEMPTIVE"
force_whitelisting Flag to add whitelisting FW rule during realization

This filed is deprecated and recommended to change Rule action filed.
Note that this filed is not synchornied with default rule field.
boolean Deprecated
Default: "False"
id Unique identifier of this resource string Sortable
ipv6_profile_paths IPv6 NDRA and DAD profiles configuration

Configuration IPv6 NDRA and DAD profiles. Either or both
NDRA and/or DAD profiles can be configured.
array of string Minimum items: 0
Maximum items: 2
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Tier1 string
route_advertisement_rules Route advertisement rules and filtering array of RouteAdvertisementRule
route_advertisement_types Enable different types of route advertisements

Enable different types of route advertisements.
When not specified, routes to IPSec VPN local-endpoint subnets
(TIER1_IPSEC_LOCAL_ENDPOINT) are automatically advertised.
array of Tier1RouteAdvertisentTypes
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tier0_path Tier-1 connectivity to Tier-0

Specify Tier-1 connectivity to Tier-0 instance.
string
type Tier1 type

Tier1 connectivity type for reference. Property value is not validated
with Tier1 configuration.
ROUTED: Tier1 is connected to Tier0 gateway and routing is enabled.
ISOLATED: Tier1 is not connected to any Tier0 gateway.
NATTED: Tier1 is in ROUTED type with NAT configured locally.
string Enum: ROUTED, ISOLATED, NATTED

Tier1DeploymentMap (schema)

Tier-1 deployment map

Binding the Tier-1 and its associated child objects to the enforcement point
for realization.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enforcement_point Absolute path of enforcement point

Path of enforcement point on which Tier-1 will be deployed		 string Required
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Tier1DeploymentMap string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

Tier1GatewayState (schema)

Tier1 gateway state

Name Description Type Notes
enforcement_point_path Enforcement point path

String Path of the enforcement point.
When not specified, routes from all enforcement-points are returned.
string
ipv6_status IPv6 DAD status for Tier1 interfaces

IPv6 DAD status for interfaces configured on Tier1
array of IPv6Status
tier1_state Tier1 state

Detailed realized state information for Tier1
LogicalRouterState
tier1_status Tier1 status

Detailed realized status information for Tier1
LogicalRouterStatus

Tier1Interface (schema)

Tier-1 interface configuration

Tier-1 interface configuration for attaching services.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ipv6_profile_paths IPv6 NDRA profile configuration

Configrue IPv6 NDRA profile. Only one
NDRA profile can be configured.
array of string Minimum items: 0
Maximum items: 1
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
mtu MTU size

Maximum transmission unit (MTU) specifies the size of the largest
packet that a network protocol can transmit.
int Minimum: 64
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value Tier1Interface string
segment_path Policy path of Segment to attach interface

Policy path of Segment to which interface is connected to.
string Required
subnets IP address and subnet specification for interface

Specify IP address and network prefix for interface.
array of InterfaceSubnet Required
Minimum items: 1
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

Tier1InterfaceListResult (schema)

Paged collection of Tier-1 Interfaces

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Tier-1 Interface list results array of Tier1Interface Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

Tier1ListRequestParameters (schema)

Tier-1 list request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_mark_for_delete_objects Include objects that are marked for deletion in results

If true, resources that are marked for deletion will be included
in the results. By default, these resources are not included.
boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

Tier1ListResult (schema)

Paged collection of Tier-1 instances

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Tier-1 list results array of Tier1 Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

Tier1RouteAdvertisentTypes (schema)

Control routes advertised by Tier-1 instance.
TIER1_STATIC_ROUTES: Advertise all STATIC routes.
TIER1_CONNECTED: Advertise all subnets configured on connected
Interfaces and Segments.
TIER1_NAT: Advertise all NAT IP addresses.
TIER1_LB_VIP: Advertise all Load-balancer VIPs.
TIER1_LB_SNAT: Advertise all Loadbalancer SNAT IP addresses.
TIER1_DNS_FORWARDER_IP: Advertise DNS forwarder source and listener IPs
TIER1_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint subnets.

Name Description Type Notes
Tier1RouteAdvertisentTypes Control routes advertised by Tier-1 instance.
TIER1_STATIC_ROUTES: Advertise all STATIC routes.
TIER1_CONNECTED: Advertise all subnets configured on connected
Interfaces and Segments.
TIER1_NAT: Advertise all NAT IP addresses.
TIER1_LB_VIP: Advertise all Load-balancer VIPs.
TIER1_LB_SNAT: Advertise all Loadbalancer SNAT IP addresses.
TIER1_DNS_FORWARDER_IP: Advertise DNS forwarder source and listener IPs
TIER1_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint subnets.
string Enum: TIER1_STATIC_ROUTES, TIER1_CONNECTED, TIER1_NAT, TIER1_LB_VIP, TIER1_LB_SNAT, TIER1_DNS_FORWARDER_IP, TIER1_IPSEC_LOCAL_ENDPOINT

Tier1StateRequestParameters (schema)

State request parameters for Tier1 gateway

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
enforcement_point_path Enforcement point path

String Path of the enforcement point.
When not specified, routes from all enforcement-points are returned.
string
included_fields Comma separated list of fields that should be included in query result string
interface_path Interface path for interface specific state such as IPv6 DAD state

String Path of interface on current Tier1 gateway for interface
specified state such as IPv6 DAD state.
When not specified, IPv6 NDRA state from from all interfaces is returned.
string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

TlsCertificate (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
details list of X509Certificates. array of X509Certificate Readonly
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
pem_encoded pem encoded certificate data. string Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value TlsCertificate string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

TlsCertificateList (schema)

Certificate queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results TlsCertificate list. array of TlsCertificate Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

TlsCrl (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
details Details of the X509Crl object

Details of the X509Crl object.		 X509Crl Readonly
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
pem_encoded Pem encoded crl data

Pem encoded crl data.		 string Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value TlsCrl string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

TlsCrlListResult (schema)

Paged Collection of TlsCrl

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results TlsCrl list results array of TlsCrl Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

TlsTrustData (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
key_algo Key algorithm contained in this certificate. string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
passphrase Password for private key encryption. string
path Absolute path of this object

Absolute path of this object		 string Readonly
pem_encoded pem encoded certificate data. string Required
private_key private key data string
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value TlsTrustData string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

Tooltip (schema)

Tooltip

Tooltip to be shown while hovering over the dashboard UI element.

Name Description Type Notes
condition Expression for evaluating condition

If the condition is met then the tooltip will be applied. If no condition is provided, then the tooltip will be applied unconditionally. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.		 string Maximum length: 1024
heading Tooltip will be treated as header.

If true, displays tooltip text in bold		 boolean
text Textbox shown at tooltip

Text to be shown on tooltip while hovering over UI element. The text would be wrapped if it exceeds 80 chars.		 string Required
Maximum length: 1024

Traceflow (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
analysis Traceflow result analysis notes array of string Readonly
counters observation counters TraceflowObservationCounters Readonly
id The id of the traceflow round string Required
Readonly
logical_counters counters of observations from logical components TraceflowObservationCounters Readonly
lport_id id of the source logical port used for injecting the traceflow packet string Readonly
operation_state Represents the traceflow operation state string Required
Readonly
Enum: IN_PROGRESS, FINISHED, FAILED
request_status Traceflow request status

The status of the traceflow RPC request. SUCCESS - The traceflow request is sent successfully. TIMEOUT - The traceflow request gets timeout. SOURCE_PORT_NOT_FOUND - The source port of the request cannot be found. DATA_PATH_NOT_READY - The datapath component cannot be ready to receive request. CONNECTION_ERROR - There is connection error on datapath component. UNKNOWN - The status of traceflow request cannot be determined.		 string Readonly
Enum: SUCCESS, TIMEOUT, SOURCE_PORT_NOT_FOUND, DATA_PATH_NOT_READY, CONNECTION_ERROR, UNKNOWN
result_overflowed A flag, when set true, indicates some observations were deleted from the result set. boolean Readonly
timeout Timeout (in ms) for traceflow observations result list

Maximum time (in ms) the management plane will be waiting for this traceflow round.		 integer Readonly
Minimum: 5000
Maximum: 15000

TraceflowComponentSubType (schema)

Name Description Type Notes
TraceflowComponentSubType string Enum: LR_TIER0, LR_TIER1, LR_VRF_TIER0, LS_TRANSIT, SI_CLASSIFIER, SI_PROXY, VDR, ENI, AWS_GATEWAY, EDGE_UPLINK, UNKNOWN

TraceflowComponentType (schema)

Name Description Type Notes
TraceflowComponentType string Enum: PHYSICAL, LR, LS, DFW, BRIDGE, EDGE_TUNNEL, EDGE_HOSTSWITCH, FW_BRIDGE, LOAD_BALANCER, NAT, IPSEC, SERVICE_INSERTION, VMC, UNKNOWN

TraceflowListParameters (schema)

Traceflow list parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
lport_id id of the source logical port where the trace flows originated string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

TraceflowListResult (schema)

Traceflow queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Traceflow Results array of Traceflow Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

TraceflowObservation (schema)

This is an abstract type. Concrete child types:
TraceflowObservationDelivered
TraceflowObservationDropped
TraceflowObservationDroppedLogical
TraceflowObservationForwarded
TraceflowObservationForwardedLogical
TraceflowObservationReceived
TraceflowObservationReceivedLogical
TraceflowObservationRelayedLogical
TraceflowObservationReplicationLogical

Name Description Type Notes
component_name The name of the component that issued the observation. string Readonly
component_sub_type The sub type of the component that issued the observation. TraceflowComponentSubType Readonly
component_type The type of the component that issued the observation. TraceflowComponentType Readonly
resource_type TraceflowObservationType Required
Default: "TraceflowObservationReceived"
sequence_no the sequence number is the traceflow observation hop count

the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.		 integer Required
Readonly
timestamp Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (milliseconds epoch)		 EpochMsTimestamp Readonly
timestamp_micro Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (microseconds epoch)		 integer Readonly
transport_node_id id of the transport node that observed a traceflow packet string Readonly
transport_node_name name of the transport node that observed a traceflow packet string Readonly
transport_node_type type of the transport node that observed a traceflow packet TransportNodeType Readonly

TraceflowObservationCounters (schema)

Name Description Type Notes
delivered_count Delivered observation count

Total number of delivered observations for this traceflow round.		 integer Readonly
dropped_count Dropped observation count

Total number of dropped observations for this round.		 integer Readonly
forwarded_count Forwarded observation count

Total number of forwarded observations for this traceflow round.		 integer Readonly
received_count Received observation count

Total number of received observations for this traceflow round.		 integer Readonly

TraceflowObservationDelivered (schema)

Name Description Type Notes
component_name The name of the component that issued the observation. string Readonly
component_sub_type The sub type of the component that issued the observation. TraceflowComponentSubType Readonly
component_type The type of the component that issued the observation. TraceflowComponentType Readonly
lport_id The id of the logical port into which the traceflow packet was delivered string Readonly
lport_name The name of the logical port into which the traceflow packet was delivered string Readonly
resolution_type The resolution type of the delivered message for ARP

This field specifies the resolution type of ARP ARP_SUPPRESSION_PORT_CACHE - ARP request is suppressed by port DB ARP_SUPPRESSION_TABLE - ARP request is suppressed by ARP table ARP_SUPPRESSION_CP_QUERY - ARP request is suppressed by info derived from CP ARP_VM - No suppression and the ARP request is resolved.		 string Readonly
Enum: UNKNOWN, ARP_SUPPRESSION_PORT_CACHE, ARP_SUPPRESSION_TABLE, ARP_SUPPRESSION_CP_QUERY, ARP_VM
resource_type Must be set to the value TraceflowObservationDelivered TraceflowObservationType Required
Default: "TraceflowObservationReceived"
sequence_no the sequence number is the traceflow observation hop count

the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.		 integer Required
Readonly
target_mac MAC address of the resolved IP by ARP

The source MAC address of form:
"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$". For example: 00:00:00:00:00:00.
string Readonly
timestamp Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (milliseconds epoch)		 EpochMsTimestamp Readonly
timestamp_micro Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (microseconds epoch)		 integer Readonly
transport_node_id id of the transport node that observed a traceflow packet string Readonly
transport_node_name name of the transport node that observed a traceflow packet string Readonly
transport_node_type type of the transport node that observed a traceflow packet TransportNodeType Readonly
vlan_id VLAN on bridged network VlanID

TraceflowObservationDropped (schema)

Name Description Type Notes
acl_rule_id The id of the acl rule that was applied to drop the traceflow packet integer Readonly
arp_fail_reason The detailed drop reason of ARP traceflow packet

This field specifies the ARP fails reason ARP_TIMEOUT - ARP failure due to query control plane timeout ARP_CPFAIL - ARP failure due post ARP query message to control plane failure ARP_FROMCP - ARP failure due to deleting ARP entry from control plane ARP_PORTDESTROY - ARP failure due to port destruction ARP_TABLEDESTROY - ARP failure due to ARP table destruction ARP_NETDESTROY - ARP failure due to overlay network destruction		 string Readonly
Enum: ARP_UNKNOWN, ARP_TIMEOUT, ARP_CPFAIL, ARP_FROMCP, ARP_PORTDESTROY, ARP_TABLEDESTROY, ARP_NETDESTROY
component_name The name of the component that issued the observation. string Readonly
component_sub_type The sub type of the component that issued the observation. TraceflowComponentSubType Readonly
component_type The type of the component that issued the observation. TraceflowComponentType Readonly
lport_id The id of the logical port at which the traceflow packet was dropped string Readonly
lport_name The name of the logical port at which the traceflow packet was dropped string Readonly
reason The reason traceflow packet was dropped string Readonly
Enum: ARP_FAIL, BFD, DHCP, FW_RULE, GENEVE, GRE, IFACE, IP, IP_REASS, IPSEC, IPSEC_VTI, L2VPN, L4PORT, LB, LROUTER, LSERVICE, LSWITCH, MD_PROXY, NAT, ND_NS_FAIL, NEIGH, NO_EIP_FOUND, NO_EIP_ASSOCIATION, NO_ENI_FOR_IP, NO_ENI_FOR_LIF, NO_ROUTE, NO_ROUTE_TABLE_FOUND, NO_UNDERLAY_ROUTE_FOUND, NOT_VDR_DOWNLINK,, NO_VDR_FOUND, NO_VDR_ON_HOST, NOT_VDR_UPLINK,, SERVICE_INSERT, TTL_ZERO, TUNNEL, VXLAN, VXSTT, VMC_NO_RESPONSE, WRONG_UPLINK, UNKNOWN
resource_type Must be set to the value TraceflowObservationDropped TraceflowObservationType Required
Default: "TraceflowObservationReceived"
sequence_no the sequence number is the traceflow observation hop count

the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.		 integer Required
Readonly
timestamp Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (milliseconds epoch)		 EpochMsTimestamp Readonly
timestamp_micro Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (microseconds epoch)		 integer Readonly
transport_node_id id of the transport node that observed a traceflow packet string Readonly
transport_node_name name of the transport node that observed a traceflow packet string Readonly
transport_node_type type of the transport node that observed a traceflow packet TransportNodeType Readonly

TraceflowObservationDroppedLogical (schema)

Name Description Type Notes
acl_rule_id The id of the acl rule that was applied to drop the traceflow packet integer Readonly
arp_fail_reason The detailed drop reason of ARP traceflow packet

This field specifies the ARP fails reason ARP_TIMEOUT - ARP failure due to query control plane timeout ARP_CPFAIL - ARP failure due post ARP query message to control plane failure ARP_FROMCP - ARP failure due to deleting ARP entry from control plane ARP_PORTDESTROY - ARP failure due to port destruction ARP_TABLEDESTROY - ARP failure due to ARP table destruction ARP_NETDESTROY - ARP failure due to overlay network destruction		 string Readonly
Enum: ARP_UNKNOWN, ARP_TIMEOUT, ARP_CPFAIL, ARP_FROMCP, ARP_PORTDESTROY, ARP_TABLEDESTROY, ARP_NETDESTROY
component_id The id of the component that dropped the traceflow packet. string Readonly
component_name The name of the component that issued the observation. string Readonly
component_sub_type The sub type of the component that issued the observation. TraceflowComponentSubType Readonly
component_type The type of the component that issued the observation. TraceflowComponentType Readonly
lport_id The id of the logical port at which the traceflow packet was dropped string Readonly
lport_name The name of the logical port at which the traceflow packet was dropped string Readonly
reason The reason traceflow packet was dropped string Readonly
Enum: ARP_FAIL, BFD, DHCP, FW_RULE, GENEVE, GRE, IFACE, IP, IP_REASS, IPSEC, IPSEC_VTI, L2VPN, L4PORT, LB, LROUTER, LSERVICE, LSWITCH, MD_PROXY, NAT, ND_NS_FAIL, NEIGH, NO_EIP_FOUND, NO_EIP_ASSOCIATION, NO_ENI_FOR_IP, NO_ENI_FOR_LIF, NO_ROUTE, NO_ROUTE_TABLE_FOUND, NO_UNDERLAY_ROUTE_FOUND, NOT_VDR_DOWNLINK,, NO_VDR_FOUND, NO_VDR_ON_HOST, NOT_VDR_UPLINK,, SERVICE_INSERT, TTL_ZERO, TUNNEL, VXLAN, VXSTT, VMC_NO_RESPONSE, WRONG_UPLINK, UNKNOWN
resource_type Must be set to the value TraceflowObservationDroppedLogical TraceflowObservationType Required
Default: "TraceflowObservationReceived"
sequence_no the sequence number is the traceflow observation hop count

the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.		 integer Required
Readonly
timestamp Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (milliseconds epoch)		 EpochMsTimestamp Readonly
timestamp_micro Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (microseconds epoch)		 integer Readonly
transport_node_id id of the transport node that observed a traceflow packet string Readonly
transport_node_name name of the transport node that observed a traceflow packet string Readonly
transport_node_type type of the transport node that observed a traceflow packet TransportNodeType Readonly

TraceflowObservationForwarded (schema)

Name Description Type Notes
component_name The name of the component that issued the observation. string Readonly
component_sub_type The sub type of the component that issued the observation. TraceflowComponentSubType Readonly
component_type The type of the component that issued the observation. TraceflowComponentType Readonly
context The 64bit tunnel context carried on the wire integer
dst_transport_node_id The id of the transport node to which the traceflow packet is forwarded

This field will not be always available. Use remote_ip_address when this field is not set.		 string Readonly
dst_transport_node_name The name of the transport node to which the traceflow packet is forwarded string Readonly
local_ip_address IP address of the source end of the tunnel IPAddress
remote_ip_address IP address of the destination end of the tunnel IPAddress
resource_type Must be set to the value TraceflowObservationForwarded TraceflowObservationType Required
Default: "TraceflowObservationReceived"
sequence_no the sequence number is the traceflow observation hop count

the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.		 integer Required
Readonly
timestamp Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (milliseconds epoch)		 EpochMsTimestamp Readonly
timestamp_micro Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (microseconds epoch)		 integer Readonly
transport_node_id id of the transport node that observed a traceflow packet string Readonly
transport_node_name name of the transport node that observed a traceflow packet string Readonly
transport_node_type type of the transport node that observed a traceflow packet TransportNodeType Readonly
uplink_name The name of the uplink the traceflow packet is forwarded on string
vtep_label The virtual tunnel endpoint label integer

TraceflowObservationForwardedLogical (schema)

Name Description Type Notes
acl_rule_id The id of the acl rule that was applied to forward the traceflow packet integer Readonly
component_id The id of the component that forwarded the traceflow packet. string Readonly
component_name The name of the component that issued the observation. string Readonly
component_sub_type The sub type of the component that issued the observation. TraceflowComponentSubType Readonly
component_type The type of the component that issued the observation. TraceflowComponentType Readonly
dst_component_id The id of the destination component to which the traceflow packet was forwarded. string Readonly
dst_component_name The name of the destination component to which the traceflow packet was forwarded. string Readonly
dst_component_type The type of the destination component to which the traceflow packet was forwarded. TraceflowComponentType Readonly
lport_id The id of the logical port through which the traceflow packet was forwarded. string Readonly
lport_name The name of the logical port through which the traceflow packet was forwarded. string Readonly
resend_type The type of packet resending

ARP_UNKNOWN_FROM_CP - Unknown ARP query result emitted by control plane ND_NS_UNKNOWN_FROM_CP - Unknown neighbor solicitation query result emitted by control plane UNKNOWN - Unknown resend type		 string Readonly
Enum: UNKNOWN, ARP_UNKNOWN_FROM_CP, ND_NS_UNKNWON_FROM_CP
resource_type Must be set to the value TraceflowObservationForwardedLogical TraceflowObservationType Required
Default: "TraceflowObservationReceived"
sequence_no the sequence number is the traceflow observation hop count

the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.		 integer Required
Readonly
service_index The index of the service insertion component integer Readonly
service_path_index The path index of the service insertion component integer Readonly
service_ttl The ttl of the service insertion component integer Readonly
timestamp Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (milliseconds epoch)		 EpochMsTimestamp Readonly
timestamp_micro Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (microseconds epoch)		 integer Readonly
translated_dst_ip The translated destination IP address of VNP/NAT IPAddress Readonly
translated_src_ip The translated source IP address of VPN/NAT IPAddress Readonly
transport_node_id id of the transport node that observed a traceflow packet string Readonly
transport_node_name name of the transport node that observed a traceflow packet string Readonly
transport_node_type type of the transport node that observed a traceflow packet TransportNodeType Readonly
vni VNI for the logical network on which the traceflow packet was forwarded. int Readonly

TraceflowObservationListParameters (schema)

Traceflow Observation list parameters

Name Description Type Notes
component_name Observations having the given component name will be listed.

Observations of all component names will be listed if not given.		 string
component_type Observations having the given component type will be listed.

Observations of all component types will be listed if not given.		 TraceflowComponentType
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
resource_type The type of observations that will be listed.

Prefix matching; e.g. TraceflowObservationReceived will also matches TraceflowObservationReceivedLogical. Observations of all types will be listed if not given.		 TraceflowObservationType
sort_ascending boolean
sort_by Field by which records are sorted string
transport_node_name Observations having the given transport node name will be listed.

Observations of all transport node names will be listed if not given.		 string

TraceflowObservationListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results TraceflowObservation list results array of TraceflowObservation
(Abstract type: pass one of the following concrete types)
TraceflowObservationDelivered
TraceflowObservationDropped
TraceflowObservationDroppedLogical
TraceflowObservationForwarded
TraceflowObservationForwardedLogical
TraceflowObservationReceived
TraceflowObservationReceivedLogical
TraceflowObservationRelayedLogical
TraceflowObservationReplicationLogical
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

TraceflowObservationReceived (schema)

Name Description Type Notes
component_name The name of the component that issued the observation. string Readonly
component_sub_type The sub type of the component that issued the observation. TraceflowComponentSubType Readonly
component_type The type of the component that issued the observation. TraceflowComponentType Readonly
local_ip_address IP address of the destination end of the tunnel IPAddress
remote_ip_address IP address of the source end of the tunnel IPAddress
resource_type Must be set to the value TraceflowObservationReceived TraceflowObservationType Required
Default: "TraceflowObservationReceived"
sequence_no the sequence number is the traceflow observation hop count

the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.		 integer Required
Readonly
timestamp Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (milliseconds epoch)		 EpochMsTimestamp Readonly
timestamp_micro Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (microseconds epoch)		 integer Readonly
transport_node_id id of the transport node that observed a traceflow packet string Readonly
transport_node_name name of the transport node that observed a traceflow packet string Readonly
transport_node_type type of the transport node that observed a traceflow packet TransportNodeType Readonly
uplink_name The name of the uplink the traceflow packet is received on string
vtep_label The virtual tunnel endpoint label integer

TraceflowObservationReceivedLogical (schema)

Name Description Type Notes
component_id The id of the component that received the traceflow packet. string Readonly
component_name The name of the component that issued the observation. string Readonly
component_sub_type The sub type of the component that issued the observation. TraceflowComponentSubType Readonly
component_type The type of the component that issued the observation. TraceflowComponentType Readonly
lport_id The id of the logical port at which the traceflow packet was received string Readonly
lport_name The name of the logical port at which the traceflow packet was received string Readonly
resource_type Must be set to the value TraceflowObservationReceivedLogical TraceflowObservationType Required
Default: "TraceflowObservationReceived"
sequence_no the sequence number is the traceflow observation hop count

the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.		 integer Required
Readonly
src_component_id The id of the source component from which the traceflow packet was received. string Readonly
src_component_name The name of source component from which the traceflow packet was received. string Readonly
src_component_type The type of the source component from which the traceflow packet was received. TraceflowComponentType Readonly
timestamp Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (milliseconds epoch)		 EpochMsTimestamp Readonly
timestamp_micro Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (microseconds epoch)		 integer Readonly
transport_node_id id of the transport node that observed a traceflow packet string Readonly
transport_node_name name of the transport node that observed a traceflow packet string Readonly
transport_node_type type of the transport node that observed a traceflow packet TransportNodeType Readonly
vni VNI for the logical network on which the traceflow packet was received. int Readonly

TraceflowObservationRelayedLogical (schema)

Name Description Type Notes
component_name The name of the component that issued the observation. string Readonly
component_sub_type The sub type of the component that issued the observation. TraceflowComponentSubType Readonly
component_type The type of the component that issued the observation. TraceflowComponentType Readonly
dst_server_address The IP address of the destination

This field specified the IP address of the destination which the packet will be relayed.		 IPAddress Required
Readonly
logical_comp_uuid The id of the component which relay service located

This field specified the logical component that relay service located.		 string Readonly
message_type The type of the relay service

This field specified the message type of the relay service REQUEST - The relay service will relay a request message to the destination server REPLY - The relay service will relay a reply message to the client		 string Required
Readonly
Enum: REQUEST, REPLY
Default: "REQUEST"
relay_server_address The IP address of relay service

This field specified the IP address of the relay service.		 IPAddress Required
Readonly
resource_type Must be set to the value TraceflowObservationRelayedLogical TraceflowObservationType Required
Default: "TraceflowObservationReceived"
sequence_no the sequence number is the traceflow observation hop count

the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.		 integer Required
Readonly
timestamp Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (milliseconds epoch)		 EpochMsTimestamp Readonly
timestamp_micro Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (microseconds epoch)		 integer Readonly
transport_node_id id of the transport node that observed a traceflow packet string Readonly
transport_node_name name of the transport node that observed a traceflow packet string Readonly
transport_node_type type of the transport node that observed a traceflow packet TransportNodeType Readonly

TraceflowObservationReplicationLogical (schema)

Name Description Type Notes
component_name The name of the component that issued the observation. string Readonly
component_sub_type The sub type of the component that issued the observation. TraceflowComponentSubType Readonly
component_type The type of the component that issued the observation. TraceflowComponentType Readonly
local_ip_address Local IP address of the component that replicates the packet. IPAddress Readonly
replication_type The replication type of the message

This field specifies the type of replication message TX_VTEP - Transmit replication to all VTEPs TX_MTEP - Transmit replication to all MTEPs RX - Receive replication		 string Readonly
Enum: TX_VTEP, TX_MTEP, RX
resource_type Must be set to the value TraceflowObservationReplicationLogical TraceflowObservationType Required
Default: "TraceflowObservationReceived"
sequence_no the sequence number is the traceflow observation hop count

the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.		 integer Required
Readonly
timestamp Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (milliseconds epoch)		 EpochMsTimestamp Readonly
timestamp_micro Timestamp when the observation was created by the transport node

Timestamp when the observation was created by the transport node (microseconds epoch)		 integer Readonly
transport_node_id id of the transport node that observed a traceflow packet string Readonly
transport_node_name name of the transport node that observed a traceflow packet string Readonly
transport_node_type type of the transport node that observed a traceflow packet TransportNodeType Readonly
uplink_name The name of uplink string Readonly
vtep_label The label of VTEP integer Readonly

TraceflowObservationType (schema)

Name Description Type Notes
TraceflowObservationType string Enum: TraceflowObservationForwarded, TraceflowObservationDropped, TraceflowObservationDelivered, TraceflowObservationReceived, TraceflowObservationForwardedLogical, TraceflowObservationDroppedLogical, TraceflowObservationReceivedLogical, TraceflowObservationReplicationLogical, TraceflowObservationRelayedLogical

TraceflowRequest (schema)

Name Description Type Notes
lport_id id of the source logical port to inject the traceflow packet into string Required
packet Packet configuration PacketData
(Abstract type: pass one of the following concrete types)
BinaryPacketData
FieldsPacketData		 Required
timeout Timeout (in ms) for traceflow observations result list

Maximum time (in ms) the management plane will wait for observation result list to be sent by controller plane.		 integer Minimum: 5000
Maximum: 15000
Default: "10000"

TrafficRateLimits (schema)

Rate limiting configuration

Enables traffic limit for incoming/outgoing broadcast and multicast packets. Use 0 to disable rate limiting for a specific traffic type

Name Description Type Notes
rx_broadcast Broadcast receive limit

Incoming broadcast traffic limit in packets per second		 int Minimum: 0
Default: "0"
rx_multicast Multicast receive limit

Incoming multicast traffic limit in packets per second		 int Minimum: 0
Default: "0"
tx_broadcast Broadcast transmit limit

Outgoing broadcast traffic limit in packets per second		 int Minimum: 0
Default: "0"
tx_multicast Multicast transmit limit

Outgoing multicast traffic limit in packets per second		 int Minimum: 0
Default: "0"

TransportNode (schema)

Transport Node

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
failure_domain_id Id of the failure domain

Set failure domain of edge transport node which will help in
auto placement of TIER1 logical routers, DHCP Servers and
MDProxies, if failure domain based allocation is enabled in
edge cluster API. It is only supported for edge transport node
and not for host transport node. In case failure domain is not
set by user explicitly, it will be always assigned with default
system created failure domain.
string
host_switch_spec Transport node host switch specification

This property is used to either create standard host switches
or to inform NSX about preconfigured host switches that already
exist on the transport node.

Pass an array of either StandardHostSwitchSpec objects or
PreconfiguredHostSwitchSpec objects. It is an error to pass
an array containing different types of HostSwitchSpec objects.
HostSwitchSpec
(Abstract type: pass one of the following concrete types)
PreconfiguredHostSwitchSpec
StandardHostSwitchSpec
host_switches Transport Node switch(s). Prefer host_switch_spec over this.

This property is deprecated in favor of 'host_switch_spec'. Property 'host_switches' can only be used for NSX managed transport nodes. 'host_switch_spec' can be used for both NSX managed or manually preconfigured host switches.		 array of HostSwitch Deprecated
id Unique identifier of this resource string Sortable
is_overridden Indicates if config is different than compute collection.

This flag is relevant to only those hosts which are part of a
compute collection which has transport node profile (TNP)
applied on it. If you change the transport node configuration
and it is different than cluster level TNP then this flag will
be set to true
boolean Readonly
maintenance_mode transport node maintenance mode desired state

The property is read-only, used for querying result. User could update transport node maintenance mode by UpdateTransportNodeMaintenanceMode call.		 string Readonly
Enum: ENABLED, FORCE_ENABLED, DISABLED
node_deployment_info Node
(Abstract type: pass one of the following concrete types)
EdgeNode
HostNode
Node
PublicCloudGatewayNode
node_id Unique Id of the fabric node string
resource_type Must be set to the value TransportNode string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_zone_endpoints Transport zone endpoints. array of TransportZoneEndPoint

TransportNodeCollection (schema)

Compute collection transport node template

Entity to indicate relation between Compute collection and Transport node template

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
compute_collection_id Compute collection id string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value TransportNodeCollection string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_node_profile_id Transport Node Profile ID string Required

TransportNodeCollectionListResult (schema)

Transport Node collections list result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Transport Node collection results array of TransportNodeCollection Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

TransportNodeCollectionState (schema)

Transport node template application state

Realization state of attaching or detaching Transport node profile on compute collection.

Name Description Type Notes
aggregate_progress_percentage Aggregate percentage of compute collection deployment

Average of all transport node deployment progress in a cluster. Applicable only if transport node profile is applied on a cluster.		 integer Readonly
state Application state of transport node template on compute collection

If the host preparation or transport node creation is going on for
any host then state will be "IN_PROGRESS".

If setting desired state of the transport node failed for any of
the host then state will be "FAILED_TO_CREATE"

If realization of transport node failed for any of
the host then state will be "FAILED_TO_REALIZE"

If Transport node is successfully created for all of the hosts in
compute collection then state will be "SUCCESS"

You can override the configuration for one or more hosts in the
compute collection by update TN(transport node) request on individual
TN. If TN is successfully created for all hosts in compute collection
and one or more hosts have overridden configuration then transport node
collection state will be "PROFILE_MISMATCH".
string Readonly
Enum: FAILED_TO_CREATE, FAILED_TO_REALIZE, IN_PROGRESS, PROFILE_MISMATCH, SUCCESS

TransportNodeDeleteParameters (schema)

Parameters that affect how delete operations are processed

Name Description Type Notes
force Force delete the resource even if it is being used somewhere

If true, deleting the resource succeeds even if it is being
referred as a resource reference.
boolean Default: "False"
unprepare_host Uninstall NSX components from host while deleting boolean Default: "True"

TransportNodeDeploymentProgressState (schema)

Deployment progress of transport node

Deployment progress state of transport node. Object has current deployment step title and progress in percentage.

Name Description Type Notes
current_step_title Deployment step title string Readonly
progress Percentage of deployment completed integer Readonly

TransportNodeFilter (schema)

Transport node filter

Transport node filter

Name Description Type Notes
node_type Transport node type

Transport node type		 string Enum: HOST, EDGE

TransportNodeIdParameters (schema)

Name Description Type Notes
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType
transport_node_id TransportNode Id string

TransportNodeListParameters (schema)

Transport Node list parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
in_maintenance_mode maintenance mode flag

If the flag is true, transport node with 'ENABLED' or 'FORCE_ENABLED' desired state will be returned, otherwise transport nodes in 'DISABLED' will be returned.		 boolean
included_fields Comma separated list of fields that should be included in query result string
node_id node identifier

This property can be used by itself or along with 'transport_zone_id'.		 string
node_ip Fabric node IP address

This property can only be used alone. It can not be combined with other filtering properties.		 string
node_types a list of fabric node types separated by comma or a single type

The fabric node type is the resource_type of the Node such as HostNode, EdgeNode and PublicCloudGatewayNode. If a list of fabric node types are given, all transport nodes of all given types will be returned.		 string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
transport_zone_id Transport zone identifier

This propery can be used along with 'node_id'.		 string

TransportNodeListResult (schema)

Transport Node queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results TransportNode Results array of TransportNode Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

TransportNodeProfile (schema)

Transport Node Profile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
host_switch_spec Transport node host switch specification

The HostSwitchSpec is the base class for standard and preconfigured
host switch specifications. Only standard host switches are supported
in the transport node profile.
HostSwitchSpec
(Abstract type: pass one of the following concrete types)
PreconfiguredHostSwitchSpec
StandardHostSwitchSpec
id Unique identifier of this resource string Sortable
resource_type Must be set to the value TransportNodeProfile string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_zone_endpoints Transport zone endpoints. array of TransportZoneEndPoint

TransportNodeProfileListResult (schema)

Transport Node Profile queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results TransportNodeProfile Results array of TransportNodeProfile Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

TransportNodeReportParameters (schema)

Name Description Type Notes
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType
status Transport node string Enum: UP, DOWN, DEGRADED

TransportNodeState (schema)

Transport Node State

Name Description Type Notes
deployment_progress_state Deployment progress state of transport node realization TransportNodeDeploymentProgressState Readonly
details Array of configuration state of various sub systems array of ConfigurationStateElement Readonly
failure_code Error code integer Readonly
failure_message Error message in case of failure string Readonly
host_switch_states States of HostSwitches on the host array of HostSwitchState Readonly
maintenance_mode_state the present realized maintenance mode state MaintenanceModeState Readonly
node_deployment_state Deployment status of installation ConfigurationState Readonly
state Overall state of desired configuration

Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.		 string Required
Readonly
Enum: pending, in_progress, success, failed, partial_success, orphaned, unknown, error, NOT_AVAILABLE, VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, VM_DEPLOYMENT_FAILED, VM_POWER_ON_IN_PROGRESS, VM_POWER_ON_FAILED, REGISTRATION_PENDING, NODE_NOT_READY, NODE_READY, VM_POWER_OFF_IN_PROGRESS, VM_POWER_OFF_FAILED, VM_UNDEPLOY_IN_PROGRESS, VM_UNDEPLOY_FAILED, VM_UNDEPLOY_SUCCESSFUL, EDGE_CONFIG_ERROR, VM_DEPLOYMENT_RESTARTED, REGISTRATION_FAILED, TRANSPORT_NODE_SYNC_PENDING, TRANSPORT_NODE_CONFIGURATION_MISSING, EDGE_HARDWARE_NOT_SUPPORTED, MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED, TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER, TZ_ENDPOINTS_NOT_SPECIFIED, NO_PNIC_PREPARED_IN_EDGE, APPLIANCE_INTERNAL_ERROR, VTEP_DHCP_NOT_SUPPORTED, UNSUPPORTED_HOST_SWITCH_PROFILE, UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED, HOSTSWITCH_PROFILE_NOT_FOUND, LLDP_SEND_ENABLED_NOT_SUPPORTED, UNSUPPORTED_NAMED_TEAMING_POLICY, LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM, LACP_NOT_SUPPORTED_FOR_EDGE_VM, STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM, MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE, UNSUPPORTED_LACP_LB_ALGO_FOR_NODE, EDGE_NODE_VERSION_NOT_SUPPORTED, NO_PNIC_SPECIFIED_IN_TN, INVALID_PNIC_DEVICE_NAME, TRANSPORT_NODE_READY, VM_NETWORK_EDIT_PENDING, UNSUPPORTED_DEFAULT_TEAMING_POLICY, MPA_DISCONNECTED, VM_RENAME_PENDING, VM_CONFIG_EDIT_PENDING, VM_NETWORK_EDIT_FAILED, VM_RENAME_FAILED, VM_CONFIG_EDIT_FAILED, VM_CONFIG_DISCREPANCY, VM_NODE_REFRESH_FAILED, VM_PLACEMENT_REFRESH_FAILED
transport_node_id Unique Id of the TransportNode string Readonly

TransportNodeStateListResult (schema)

Transport node state queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Transport Node State Results array of TransportNodeState Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

TransportNodeStateParameters (schema)

Name Description Type Notes
mm_state Realized maintenance node state MaintenanceModeState
status Realized state of transport nodes string Enum: PENDING, IN_PROGRESS, SUCCESS, PARTIAL_SUCCESS, FAILED, ORPHANED
vtep_ip Virtual tunnel endpoint ip address of transport node string

TransportNodeStatus (schema)

Name Description Type Notes
agent_status NSX agents status AgentStatusCount
control_connection_status Control connection status StatusCount
mgmt_connection_status Management connection status string Enum: UP, DOWN
node_display_name Display name

Transport node display name		 string
node_status Node status NodeStatus
node_uuid Transport node uuid string
pnic_status pNIC status StatusCount
status Roll-up status of connections

Roll-up status of pNIC, management connection, control connection, tunnel status, agent status		 string Enum: UP, DOWN, DEGRADED, UNKNOWN
threat_status Threat status ThreatStatus
tunnel_status Tunnel Status TunnelStatusCount

TransportNodeStatusListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of transport node statuses array of TransportNodeStatus
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

TransportNodeStatusParametersWithDataSource (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
source The data source, either realtime or cached. If not provided, cached data is returned. DataSourceType
status Transport node

Rolled-up status of pNIC, management connection, control connection, tunnel status and agent status. UP means all of these are up; DOWN represents the state when pNIC or agent status is down. DEGRADED status here represents the state for a node when its pNIC bond status is DEGRADED, or, its Control connection status is either DEGRADED or DOWN. UNKNOWN is the case when both control connection, tunnel and agent status are unknown. If none of these conditions are true, the node status is considered DOWN.		 string Enum: UP, DOWN, DEGRADED, UNKNOWN

TransportNodeTemplateListParameters (schema) (Deprecated)

Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.

Name Description Type Notes
compute_collection_id Compute collection id string

TransportNodeTemplateListResult (schema) (Deprecated)

Compute collection transport node template list result

Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Compute collection transport node template results array of ComputeCollectionTransportNodeTemplate Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

TransportNodeTemplateState (schema) (Deprecated)

transport node template application state

Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.

Name Description Type Notes
node_id node id string Required
state Application state of transport node template on this host

Transport node template state on individual hosts of ComputeCollection
which enabled automated transport code creation.
'FAILED_TO_CREATE' means transport node isn't created. 'IN_PROGRESS' means
transport node is in progress of creation. 'FAILED_TO_REALIZE' means
transport node has been created, but failed on host realization, it will
repush to host by NSX later. 'SUCCESS' means transport node creation is
succeeded.
string Readonly
Enum: FAILED_TO_CREATE, IN_PROGRESS, FAILED_TO_REALIZE, SUCCESS
transport_node_id transport node id string

TransportNodeTemplateStateParameters (schema) (Deprecated)

Transport node template state parameters

Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.

Name Description Type Notes
compute_collection_id Compute collection id string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

TransportNodeType (schema)

Name Description Type Notes
TransportNodeType string Enum: ESX, RHELKVM, UBUNTUKVM, EDGE, PUBLIC_CLOUD_GATEWAY_NODE, OTHERS, HYPERV

TransportNodeUpdateParameters (schema)

Transport node update parameters

Transport node update parameters are mainly used for migrating ESX VMkernel (vmk) interfaces and VM NICs into or out-of logical switches. The 'esx_mgmt_if_migration_dest' and 'if_id' must be used as a pair to migrate vmk interfaces; they can not be used to migrate VM NICs. NSX manager will auto-create logical ports and vif ids for the vmk interfaces when they are used to migrate vmks into logical switches. The 'vnic' and 'vnic_migration_dest' must also be used as a pair; they can be used to migrate both vmk interfaces and VM NICs. When they are used to migrate interfaces into logical switches, logical ports and vif ids must be created in advance because 'vnic_migration_dest' must contain existing vif ids. These two paires can not be specified together.

Name Description Type Notes
esx_mgmt_if_migration_dest The network ids to which the ESX vmk interfaces will be migrated

A comma separated list of network ids. When migrating vmks into logical
switches, the ids are the logical switches's ids. When migrating out of
logical switches, the ids are vSphere Standard Switch portgroup names
in a single vSphere Standard Switch, or distributed virtual portgroup
names in a single distributed virtual switch (DVS).
This property can only used together with 'if_id'.
string
if_id The ESX vmk interfaces to migrate

A comma separated list of vmk interfaces (for example, vmk0,vmk1).
This property can only used along with 'esx_mgmt_if_migration_dest'.
If all vmk interfaces will be migrated into the same logical switch or
DV portgroup, the 'esx_mgmt_if_migration_dest' can be just one logical
switch id or DV portgroup name. Otherwise the number of vmks in this
list must equal the number of ids in 'esx_mgmt_if_migration_dest' list,
and the orders of the two lists are important because the vmks match
the network ids one by one in the same order.
string
ping_ip IP Addresses to ping right after ESX vmk interfaces were migrated.

A comma separated list of IP addresses that match the vmk interfaces
given in property 'if_id" or 'vnic' one-by-one in the same order.
'0.0.0.0' is a special IP that indicates the pre-migration gateway of
the vmk will be pinged post-migration. If a VMK does not need the ping
ip or a VM NIC is given inside 'vnic', the ping ip must be skipped but
the comma has to stay. For example, '0.0.0.0,,10.1.1.1' indicates the
vmk or VM NIC at the 2nd position does not need ping post-migration.
Right after all ESX vmk interfaces are migrated, ping packets will be
sent through each vmk to its given ping_ip to check if the migraton
will break the network connectivity or not. If any vmk_ping fails, the
whole migration of all vmks will be rolled back and transport-node will
be in failed state.
string
vnic The ESX vmk interfaces and/or VM NIC to migrate

A comma separated list of vmk interfaces and/or one VM NIC. Only one VM
NIC is allowed in the list; the format must be vmInstanceUuid:DeviceId
like '50ca5f2d-1fa2-432d-991e-f01e0e16d182:4000'. An example list is
'vmk0,vmk1,50ca5f2d-1fa2-432d-991e-f01e0e16d182:4000'.
The property can only be used along with 'vnic_migration_dest'.
string
vnic_migration_dest The migration destinations of ESX vmk interfaces and/or VM NIC

A comma separated list of vif ids, or port group names. When migrating
into logical switches, the ids are vif ids in the logical ports created
in the logical switches. When migrating out of logical switches, the
ids are vSphere Standard Switch portgroup names in a single vSphere
Standard Switch, or distributed virtual portgroup names in a single
distributed virtual switch (DVS).
The property can only be used in combination with property 'vnic'. The
number of vnic interfaces in 'vnic' must equal the number of vif ids or
port-group names in this list. The items in the two lists match by the
the order.
string

TransportProtocolHeader (schema)

Name Description Type Notes
dhcp_header DHCP header DhcpHeader
dhcpv6_header DHCP v6 header Dhcpv6Header
dns_header DNS header DnsHeader
icmp_echo_request_header ICMP echo request header IcmpEchoRequestHeader
ndp_header Neighbor discovery protocol header NdpHeader
tcp_header TCP header TcpHeader
udp_header UDP header UdpHeader

TransportTunnelResourceType (schema)

Resource types of L2VPN Transport tunnels

Name Description Type Notes
TransportTunnelResourceType Resource types of L2VPN Transport tunnels string Enum: IPSecVPNTransportStatus

TransportType (schema)

Name Description Type Notes
TransportType string Enum: OVERLAY, VLAN

TransportZone (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
host_switch_id the host switch id generated by the system. string Readonly
host_switch_mode Operational mode of Transport Zone.

STANDARD mode applies to all the hypervisors. ENS mode stands for Enhanced Networking Stack. This feature is only available for ESX hypervisor. It is not available on KVM, EDGE and Public Cloud Gateway etc. When a Transport Zone mode is set to ENS, only Transport Nodes of type ESX can participate in such a Transport Zone.		 string Enum: STANDARD, ENS
Default: "STANDARD"
host_switch_name Name of the host switch on all transport nodes in this transport zone that will be used to run NSX network traffic.

If this name is unset or empty then the default host switch name will be used.		 string Default: "nsxDefaultHostSwitch"
id Unique identifier of this resource string Sortable
is_default Flag to indicate if the transport zone is the default one.

Only one transport zone can be the default one for a given transport zone type. APIs that need transport zone can choose to use the default transport zone if a transport zone is not given by the user.		 boolean Default: "False"
nested_nsx Flag to indicate if transport nodes in this transport zone are connected through nested NSX.

The flag only need to be set in nested NSX environment.		 boolean Default: "False"
resource_type Must be set to the value TransportZone string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_type The transport type of this transport zone. TransportType Required
transport_zone_profile_ids Identifiers of the transport zone profiles associated with this TransportZone. array of TransportZoneProfileTypeIdEntry
uplink_teaming_policy_names Names of the switching uplink teaming policies that are supported by this transport zone.

The names of switching uplink teaming policies that all transport nodes in this transport zone must support. An exception will be thrown if a transport node within the transport zone does not support a named teaming policy. The user will need to first ensure all trasnport nodes support the desired named teaming policy before assigning it to the transport zone. If the field is not specified, the host switch's default teaming policy will be used.		 array of string

TransportZoneEndPoint (schema)

This object associates TransportNode to a certain TransportZone

Specify which HostSwitch from this TransportNode is used handle traffic for given TransportZone

Name Description Type Notes
transport_zone_id Unique ID identifying the transport zone for this endpoint string Required
transport_zone_profile_ids Identifiers of the transport zone profiles associated with this transport zone endpoint on this transport node. array of TransportZoneProfileTypeIdEntry

TransportZoneInfo (schema)

Name Description Type Notes
is_underlay_transport_zone Flag to identify if this is the underlay transport zone boolean Readonly
logical_switches Logical switches for the transport zone array of LogicalSwitchInfo Readonly
segments Segments of transport zone

List of segments created on this transport zone.
array of SegmentInfo Readonly
transport_zone_display_name Name of the transport zone string Readonly
transport_zone_id ID of the transport zone string Readonly

TransportZoneListParameters (schema)

Transport Zone list parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
is_default Filter to choose if default transport zones will be returned

If set to true, only the default transport zones will be returned. If set to false, all transport zones except the default ones will be returned. If unset, all transport zones will be returned.		 boolean
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
transport_type Filter to choose the type of transport zones to return

If set, only transport zones of the given type will be returned; otherwise transport zones of all types will be returned.		 TransportType
uplink_teaming_policy_name The transport zone's uplink teaming policy name

All transport zone's with the specified uplink teaming policy name. Otherwise, transport zones with any uplink teaming policy will be returned.		 string

TransportZoneListResult (schema)

Transport zone queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Transport Zone Results array of TransportZone Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

TransportZoneProfile (schema)

This is an abstract type. Concrete child types:
BfdHealthMonitoringProfile

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value TransportZoneProfile string Required
Enum: BfdHealthMonitoringProfile
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

TransportZoneProfileListParameters (schema)

Transport zone profile list parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
include_system_owned Whether the list result contains system resources boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
resource_type comma-separated list of transport zone profile types, e.g. ?resource_type=BfdHealthMonitoringProfile string
sort_ascending boolean
sort_by Field by which records are sorted string

TransportZoneProfileListResult (schema)

Transport zone profile queries result

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Transport zone profile results array of TransportZoneProfile
(Abstract type: pass one of the following concrete types)
BfdHealthMonitoringProfile		 Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

TransportZoneProfileType (schema)

Supported transport zone profiles.

Name Description Type Notes
TransportZoneProfileType Supported transport zone profiles. string Enum: BfdHealthMonitoringProfile

TransportZoneProfileTypeIdEntry (schema)

Name Description Type Notes
profile_id profile id of the resource type string Required
resource_type Selects the type of the transport zone profile TransportZoneProfileType

TransportZoneStatus (schema)

Transport zone runtime status information

Name Description Type Notes
num_logical_ports Count of logical ports in the transport zone int Required
Readonly
num_logical_switches Count of logical switches in the transport zone int Required
Readonly
num_transport_nodes Count of transport nodes in the transport zone int Required
Readonly
transport_zone_id Unique ID identifying the transport zone string Required
Readonly

TrunkVlanRange (schema)

Trunk VLAN id range

Name Description Type Notes
end VlanID Required
start VlanID Required

TrustManagementData (schema)

Name Description Type Notes
supported_algorithms list of supported algorithms array of CryptoAlgorithm Readonly

TrustObjectData (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
key_algo Key algorithm contained in this certificate string
passphrase Password for private key encryption string
pem_encoded pem encoded certificate data string Required
private_key private key data string
resource_type Must be set to the value TrustObjectData string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

TunnelDigestAlgorithm (schema)

Digest Algorithms used in tunnel establishment

The TunnelDigestAlgorithms are used to verify message
integrity during IPSec VPN tunnel establishment.
SHA1 produces 160 bits hash and SHA2_XXX produces
XXX bit hash.

Name Description Type Notes
TunnelDigestAlgorithm Digest Algorithms used in tunnel establishment

The TunnelDigestAlgorithms are used to verify message
integrity during IPSec VPN tunnel establishment.
SHA1 produces 160 bits hash and SHA2_XXX produces
XXX bit hash.
string Enum: SHA1, SHA2_256, SHA2_384, SHA2_512

TunnelEncryptionAlgorithm (schema)

Encryption algorithm used in tunnel

TunnelEncryption algorithms are used to ensure confidentiality
of the messages exchanged during Tunnel negotiations. AES
stands for Advanced Encryption Standards. AES_128 uses 128-bit
keys whereas AES_256 uses 256-bit keys for encryption and
decryption. AES_GCM stands for Advanced Encryption Standard(AES)
in Galois/Counter Mode (GCM) and is used to provide both
confidentiality and data origin authentication.
NO_ENCRYPTION_AUTH_AES_GMAC_* enables authentication on input
data without encyption. Digest algorithm should be empty for this
option.

Name Description Type Notes
TunnelEncryptionAlgorithm Encryption algorithm used in tunnel

TunnelEncryption algorithms are used to ensure confidentiality
of the messages exchanged during Tunnel negotiations. AES
stands for Advanced Encryption Standards. AES_128 uses 128-bit
keys whereas AES_256 uses 256-bit keys for encryption and
decryption. AES_GCM stands for Advanced Encryption Standard(AES)
in Galois/Counter Mode (GCM) and is used to provide both
confidentiality and data origin authentication.
NO_ENCRYPTION_AUTH_AES_GMAC_* enables authentication on input
data without encyption. Digest algorithm should be empty for this
option.
string Enum: AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256, NO_ENCRYPTION_AUTH_AES_GMAC_128, NO_ENCRYPTION_AUTH_AES_GMAC_192, NO_ENCRYPTION_AUTH_AES_GMAC_256, NO_ENCRYPTION

TunnelInterfaceIPSubnet (schema)

Name Description Type Notes
ip_addresses IPv4 Addresses array of IPv4Address Required
Minimum items: 1
Maximum items: 1
prefix_length Subnet Prefix Length integer Required
Minimum: 1
Maximum: 31

TunnelList (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly
tunnels List of transport node tunnels array of TunnelProperties Readonly

TunnelPortConfig (schema)

IP Tunnel port configuration

IP Tunnel port configuration.

Name Description Type Notes
ip_subnets IP Tunnel port subnet

IP Tunnel port (commonly referred as VTI) subnet.		 array of IPSubnet Required
Maximum items: 1
tunnel_port_id Logical route port identifier

Logical route port identifier.		 string Readonly

TunnelProperties (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
bfd Detailed information about BFD configured on interface BFDProperties Readonly
egress_interface Name of local transport interface carrying tunnel traffic

Corresponds to the interface where local_ip_address is routed.		 string Readonly
encap Tunnel encap string Readonly
Enum: STT, VXLAN, GENEVE, UNKNOWN_ENCAP
last_updated_time Time at which the Tunnel status has been fetched last time. EpochMsTimestamp Readonly
latency_type Latency type

Latency type.		 string Readonly
Enum: UNKNOWN_LATENCY, VALID, NOT_READY, TIMEOUT
latency_value Latency value

The latency value is set only when latency_type is VALID.		 integer Readonly
local_ip Local IP address of tunnel string Readonly
name Name of tunnel string Readonly
remote_ip Remote IP address of tunnel string Readonly
remote_node_display_name Display name of the remote transport node

Represents the display name of the remote transport node at the other end of the tunnel.		 string Readonly
remote_node_id UUID of the remote transport node string Readonly
status Status of tunnel string Readonly
Enum: UP, DOWN, UNKNOWN

TunnelStatusCount (schema)

Name Description Type Notes
bfd_diagnostic BFD Diagnostic BFDDiagnosticCount
bfd_status BFD Status BFDStatusCount
degraded_count Degraded count int
down_count Down count int
status Roll-up status string Enum: UP, DOWN, DEGRADED, UNKNOWN
up_count Up count int

TunnelSubnet (schema) (Deprecated)

Name Description Type Notes
ip_addresses Subnet ip addresses array of IPv4Address Required
Minimum items: 1
Maximum items: 1
prefix_length Subnet Prefix Length integer Required
Minimum: 1
Maximum: 31

UcFunctionalState (schema)

Uc Functional State

Upgrade coordinator Uc functional State.

Name Description Type Notes
error_message error message

error message that explains why UC is on standby mode.		 string Readonly
state State of UC UI

function state of the upgrade coordinator		 string Required
Readonly
Enum: RUNNING, STANDBY

UcStateProperties (schema)

Upgrade Coordinator state properties

Name Description Type Notes
update_uc_state_properties Flag for updating upgrade-coodinator state properties to database boolean Default: "True"

UcUpgradeStatus (schema)

UC Upgrade status

Upgrade status of upgrade-coordinator

Name Description Type Notes
state State of UC upgrade

Current state of UC upgrade		 string Readonly
Enum: NOT_STARTED, IN_PROGRESS, SUCCESS, FAILED
status Status of UC upgrade

Status of UC upgrade		 string Readonly

UdpHeader (schema)

Name Description Type Notes
dst_port Destination port of udp header integer Minimum: 0
Maximum: 65535
Default: "0"
src_port Source port of udp header integer Minimum: 0
Maximum: 65535
Default: "0"

UdpPolicyLbMonitorProfile (schema)

PolicyLbMonitorProfile for active health checks over UDP

Active healthchecks are disabled by default and can be enabled for a
server pool by binding a health monitor to the Group through the PolicyLbRule
object. This represents active health monitoring over UDP. Active
healthchecks are initiated periodically, at a configurable interval, to
each member of the Group. Only if a healthcheck fails consecutively for a
specified number of times (fall_count) to a member will the member status
be marked DOWN. Once a member is DOWN, a specified number of consecutive
successful healthchecks (rise_count) will bring the member back to UP
state. After a healthcheck is initiated, if it does not complete within a
certain period, then also the healthcheck is considered to be
unsuccessful. Completing a healthcheck within timeout means establishing
a connection (TCP or SSL), if applicable, sending the request and
receiving the response, all within the configured timeout.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
fall_count Monitor fall count for active healthchecks

Only if a healthcheck fails consecutively for a specified number of
times, given with fall_count, to a member will the member status be
marked DOWN.
integer Default: "3"
id Unique identifier of this resource string Sortable
interval Monitor interval in seconds for active healthchecks

Active healthchecks are initiated periodically, at a configurable
interval (in seconds), to each member of the Group.
integer Default: "5"
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
monitor_port Monitor port for active healthchecks

Typically, monitors perform healthchecks to Group members using the
member IP address and pool_port.
However, in some cases, customers prefer to run healthchecks against a
different port than the pool member port which handles actual
application traffic. In such cases, the port to run healthchecks
against can be specified in the monitor_port value.
int Minimum: 0
Maximum: 65535
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
receive expected data received from server

Expected data, can be anywhere in the response and it has to be a
string, regular expressions are not supported.
UDP healthcheck is considered failed if there is no server response
within the timeout period.
string Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value UdpPolicyLbMonitorProfile string Required
Enum: TcpPolicyLbMonitorProfile, UdpPolicyLbMonitorProfile, IcmpPolicyLbMonitorProfile, HttpPolicyLbMonitorProfile, HttpsPolicyLbMonitorProfile
rise_count Monitor rise count for active healthchecks

Once a member is DOWN, a specified number of consecutive successful
healthchecks specified by rise_count will bring the member back to UP
state.
integer Default: "3"
send data to send

The data to be sent to the monitored server.
string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
timeout Monitor timeout in seconds for active healthchecks

Timeout specified in seconds. After a healthcheck is initiated, if it
does not complete within a certain period, then also the healthcheck
is considered to be unsuccessful. Completing a healthcheck within
timeout means establishing a connection (TCP or SSL), if applicable,
sending the request and receiving the response, all within the
configured timeout.
integer Default: "15"

UdpPolicyLbVirtualServer (schema)

PolicyLbVirtualServer handling connections over UDP

Virtual server acts as a facade to an application, receives all client
connections over UDP and distributes them among the backend servers.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
access_log_enabled Access log enabled setting

If access log is enabled, all HTTP requests sent to an L7 virtual
server are logged to the access log file. Both successful requests
(backend server returns 2xx) and unsuccessful requests (backend
server returns 4xx or 5xx) are logged to access log, if enabled.
boolean Default: "False"
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ip_address IP address of the PolicyLbVirtualServer

Configures the IP address of the PolicyLbVirtualServer where it
receives all client connections and distributes them among the
backend servers.
IPAddress Required
lb_persistence_profile Persistence Profile used by PolicyLbVirtualServer

Path to optional object that enables persistence on a virtual server
allowing related client connections to be sent to the same backend
server. Persistence is disabled by default.
string
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
ports Virtual server port number(s) or port range(s)

Ports contains a list of at least one port or port range such as "80",
"1234-1236". Each port element in the list should be a single port or a
single port range.
array of PortElement Required
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value UdpPolicyLbVirtualServer string Required
Enum: TcpPolicyLbVirtualServer, UdpPolicyLbVirtualServer, HttpPolicyLbVirtualServer, HttpsPolicyLbVirtualServer, CustomPolicyLbVirtualServer
router_path Path to router type object for PolicyLbVirtualServer

Path to router type object that PolicyLbVirtualServer connects to.
The only supported router object is Network.
string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
traffic_source string

UnaryOperation (schema)

Unary Operation

Unary Operation.

Name Description Type Notes
operand Operand

Represents an argument of the operation pointing to a specific field value.		 ResourceFieldPointer Required
operator Operator

Logical Operator describing the operation to apply to the operand.		 string Required
Enum: APPEND, SUBTRACT

UnaryOperationBasedInjectionValue (schema)

Operation based Injection Value

Operation based Injection Value.

Name Description Type Notes
initial_value Intitial value

Resource field pointer representing the initial value for the injection value. If an
operation is supplied, the value is handed to the operation function to produce a
final result.
ResourceFieldPointer Required
operation Operation Function

Represents an optional operation to be done on the initial value.		 UnaryOperation
resource_type Must be set to the value UnaryOperationBasedInjectionValue string Required
Enum: UnaryOperationBasedInjectionValue

UnassociatedVMListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
last_update_timestamp EpochMsTimestamp
result_count Count of results found (across all pages), set only on first page integer Readonly
results Unassociated Vitual Machine list results

List of VMs which are not associated with any NSGroup
array of VirtualMachine Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

UnidirectionalServicePath (schema)

Forward or reverse service path

Representing either forward or reverse service path for ingress or egress traffic respectively.

Name Description Type Notes
hops Forward or reverse service path hops

List of service path hops that constitutes the forward or reverse service path.		 array of ServicePathHop Readonly
host_cross_count Host crossing count

The number of times the traffic needs to cross hosts for the given forward or reverse service path.		 integer Readonly
in_maintenance_mode Is in maintenance mode

Is forward or revserse service path in maintenance mode or not.		 boolean Readonly
is_active Is active

Is forward or revserse service path active or not.		 boolean Readonly
unidir_service_path_id Unidirectional service path id

Unique identifier of one directional service path.		 integer Readonly

UpdatePrincipalIdentityCertificateRequest (schema)

Request to update the certificate of a principal identity

Request to update the certificate of a principal identity with a new
certificate

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
certificate_id Id of the stored certificate

Id of the stored certificate		 string Required
Pattern: "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
principal_identity_id Principal Identity ID

Unique ID of the principal		 string Required
Maximum length: 255
Pattern: "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$"
resource_type Must be set to the value UpdatePrincipalIdentityCertificateRequest string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

UpgradeBundle (schema)

Name Description Type Notes
file Upgrade bundle file multipart_file Required

UpgradeBundleFetchRequest (schema)

Fetch request for fetching upgrade bundle

URL and other fetch requests of upgrade bundle

Name Description Type Notes
url URL of upgrade bundle

URL for uploading upgrade bundle		 string Required

UpgradeBundleId (schema)

Bundle id of upgrade bundle

Identifier of the upgrade bundle

Name Description Type Notes
bundle_id Bundle Id of upgrade bundle uploaded

Identifier of bundle upload		 string Readonly

UpgradeBundleInfo (schema)

Information about upgrade bundle

Information about the upgrade bundle

Name Description Type Notes
bundle_size size of upgrade bundle string Readonly
url URL of the upgrade bundle

URL for uploading upgrade bundle		 string Readonly

UpgradeBundleUploadStatus (schema)

Upload status of upgrade bundle

Upload status of upgrade bundle uploaded from url

Name Description Type Notes
detailed_status Detailed status of bundle upload

Detailed status of upgrade bundle upload		 string Readonly
percent Percent of upload completed

Percent of bundle uploaded from URL		 number Readonly
status Status of upgrade bundle upload

Current status of upgrade bundle upload		 string Readonly
Enum: UPLOADING, VERIFYING, SUCCESS, FAILED
url URL from which the bundle was uploaded

URL for uploading upgrade bundle		 string Readonly

UpgradeCheck (schema)

Pre/post-upgrade check

Check to identify potential pre/post-upgrade issues

Name Description Type Notes
component_type Component type string Required
display_name Name of the pre/post-upgrade check string
failure_messages List of failure messages array of string Readonly
status Status of pre/post-upgrade check string Required
Readonly
Enum: SUCCESS, FAILURE, WARNING

UpgradeCheckCsvListResult (schema)

Name Description Type Notes
file_name File name

File name set by HTTP server if API returns CSV result as a file.		 string
results array of UpgradeCheckCsvRecord

UpgradeCheckCsvRecord (schema)

CSV record for an upgrade-check

CSV record for a pre/post-upgrade check

Name Description Type Notes
check_description Description of the upgrade check

Description of the pre/post-upgrade check		 string
check_name Name of the upgrade check

Display name of the pre/post-upgrade check		 string Required
failure_messages Failure messages

Space-separated list of failure messages		 string Readonly
status Status of the upgrade check

Status of the pre/post-upgrade check		 string Required
Readonly
Enum: SUCCESS, FAILURE, WARNING
upgrade_unit_id UUID of the upgrade unit

Identifier of the upgrade unit		 string Required
Readonly
upgrade_unit_metadata Meta-data of the upgrade-unit

Meta-data of the upgrade-unit		 string Readonly
upgrade_unit_type Component type

Component type of the upgrade unit		 string Required

UpgradeCheckInfo (schema)

Meta-data of a pre/post-upgrade check

Meta-data of a pre/post-upgrade check

Name Description Type Notes
component_type Component type

Component type of the pre/post-upgrade check		 string Required
description Description

Description of the pre/post-upgrade check		 string Readonly
name Name of the upgrade check

Display name of the pre/post-upgrade check		 string Required
Readonly

UpgradeCheckInfoListRequestParameters (schema)

Name Description Type Notes
component_type Component type based on which upgrade checks are to be filtered string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

UpgradeCheckListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
checks Paged Collection of pre/post-upgrade checks array of UpgradeCheck Required
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

UpgradeCheckListResults (schema)

Name Description Type Notes
checks_with_warnings UpgradeCheckListResult Readonly
failed_checks UpgradeCheckListResult Readonly
successful_checks UpgradeCheckListResult Readonly

UpgradeChecksExecutionStatus (schema)

Execution status of pre/post-upgrade checks

Execution status of pre/post-upgrade checks

Name Description Type Notes
details Details about current execution of pre/post-upgrade checks string Readonly
end_time Time (in milliseconds since epoch) when the execution of pre/post-upgrade checks completed EpochMsTimestamp
node_with_issues_count Number of nodes which generated failures or warnings during pre/post-upgrade checks int Readonly
start_time Time (in milliseconds since epoch) when the execution of pre/post-upgrade checks started EpochMsTimestamp
status Status of execution of pre/post-upgrade checks string Required
Readonly
Enum: NOT_STARTED, IN_PROGRESS, COMPLETED

UpgradeHistory (schema)

Name Description Type Notes
initial_version Initial Version

Version before the upgrade started		 string Required
target_version Target Version

Version being upgraded to		 string Required
timestamp Timestamp (in milliseconds since epoch) when the upgrade was performed EpochMsTimestamp Required
upgrade_status Status of the upgrade string Required
Enum: STARTED, SUCCESS, FAILED

UpgradeHistoryList (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Upgrade history list array of UpgradeHistory Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

UpgradeInfraRequestParameters (schema)

Upgrade Infra request parameters.

Name Description Type Notes
disable_vm_migration Should VM migration be disabled during upgrade boolean Default: "False"

UpgradePlanResetRequest (schema)

Name Description Type Notes
component_type Component type string Required

UpgradePlanSettings (schema)

Name Description Type Notes
parallel Upgrade Method to specify whether the upgrade is to be performed serially or in parallel boolean Default: "True"
pause_after_each_group Flag to indicate whether to pause the upgrade after upgrade of each group is completed boolean Default: "False"
pause_on_error Flag to indicate whether to pause the upgrade plan execution when an error occurs boolean Default: "False"

UpgradeStatus (schema)

Name Description Type Notes
ccp_status CCP upgrade status CCPUpgradeStatus Readonly
component_status List of component statuses array of ComponentUpgradeStatus Required
Readonly
edge_status Edge upgrade status EdgeUpgradeStatus Readonly
host_status Host upgrade status HostUpgradeStatus Readonly
overall_upgrade_status Status of upgrade string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED

UpgradeSummary (schema)

Name Description Type Notes
component_target_versions array of ComponentTargetVersion Readonly
system_version Current system version string Required
Readonly
target_version Target system version string Required
Readonly
upgrade_bundle_file_name Name of the last successfully uploaded upgrade bundle file string Readonly
upgrade_coordinator_updated Has upgrade coordinator been updated after upload of upgrade bundle file boolean Readonly
upgrade_coordinator_version Current version of upgrade coordinator string Required
Readonly
upgrade_status Status of upgrade string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED

UpgradeTaskProperties (schema)

Task properties

Name Description Type Notes
bundle_name Name of Bundle string Required
parameters Bundle arguments object Readonly
step Step name string

UpgradeTaskStatusQueryParameters (schema)

Name Description Type Notes
bundle_name Bundle Name

Provide a bundle name		 string Pattern: "^[a-zA-Z0-9-.]+$"
upgrade_task_id Upgrade Task ID

Provide a task id		 string Pattern: "^[a-z0-9-]+$"

UpgradeUnit (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
current_version Current version of upgrade unit

This is component version e.g. if upgrade unit is of type edge, then this is edge version.		 string Readonly
display_name Name of the upgrade unit string
group Info of the group to which this upgrade unit belongs UpgradeUnitGroupInfo Readonly
id UUID of the upgrade unit

Identifier of the upgrade unit		 string Required
Readonly
metadata Metadata about upgrade unit array of KeyValuePair Readonly
type Upgrade unit type string
warnings List of warnings indicating issues with the upgrade unit that may result in upgrade failure array of string Readonly

UpgradeUnitAggregateInfo (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
current_version Current version of upgrade unit

This is component version e.g. if upgrade unit is of type edge, then this is edge version.		 string Readonly
display_name Name of the upgrade unit string
errors List of errors occurred during upgrade of this upgrade unit array of string Readonly
group Info of the group to which this upgrade unit belongs UpgradeUnitGroupInfo Readonly
id Identifier of the upgrade unit

Identifier of the upgrade unit		 string Required
Readonly
metadata Metadata about upgrade unit array of KeyValuePair Readonly
percent_complete Indicator of upgrade progress in percentage number Required
Readonly
post_upgrade_checks UpgradeCheckListResults Readonly
pre_upgrade_checks UpgradeCheckListResults Readonly
status Status of upgrade unit string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED
type Upgrade unit type string
warnings List of warnings indicating issues with the upgrade unit that may result in upgrade failure array of string Readonly

UpgradeUnitAggregateInfoListRequestParameters (schema)

Name Description Type Notes
component_type Component type based on which upgrade units to be filtered string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
group_id Identifier of group based on which upgrade units to be filtered string
has_errors Flag to indicate whether to return only upgrade units with errors boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
metadata Metadata about upgrade unit to filter on string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
selection_status Flag to indicate whether to return only selected, only deselected or both type of upgrade units string Enum: SELECTED, DESELECTED, ALL
Default: "ALL"
sort_ascending boolean
sort_by Field by which records are sorted string
upgrade_unit_display_name Display name of upgrade unit

Display name of upgrade unit to filter the results on. String matching for the filter is case-insensitive.
string

UpgradeUnitAggregateInfoListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged collection of UpgradeUnit AggregateInfo array of UpgradeUnitAggregateInfo Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

UpgradeUnitGroup (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Flag to indicate whether upgrade of this group is enabled or not boolean Default: "True"
extended_configuration Extended configuration for the group array of KeyValuePair Maximum items: 100
id Unique identifier of this resource string Sortable
parallel Upgrade method to specify whether the upgrade is to be performed in parallel or serially boolean Default: "True"
resource_type Must be set to the value UpgradeUnitGroup string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
type Component type string Required
upgrade_unit_count Count of upgrade units in the group

Number of upgrade units in the group		 int Readonly
upgrade_units List of upgrade units in the group array of UpgradeUnit Maximum items: 100

UpgradeUnitGroupAggregateInfo (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
enabled Flag to indicate whether upgrade of this group is enabled or not boolean Default: "True"
extended_configuration Extended configuration for the group array of KeyValuePair Maximum items: 100
failed_count Number of nodes in the upgrade unit group that failed upgrade int Readonly
id Unique identifier of this resource string Sortable
parallel Upgrade method to specify whether the upgrade is to be performed in parallel or serially boolean Default: "True"
percent_complete Indicator of upgrade progress in percentage number Required
Readonly
post_upgrade_status Post-upgrade status of group UpgradeChecksExecutionStatus Readonly
resource_type Must be set to the value UpgradeUnitGroupAggregateInfo string
status Upgrade status of upgrade unit group string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
type Component type string Required
upgrade_unit_count Count of upgrade units in the group

Number of upgrade units in the group		 int Readonly
upgrade_units List of upgrade units in the group array of UpgradeUnit Maximum items: 100

UpgradeUnitGroupAggregateInfoListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged collection of upgrade status for upgrade unit groups array of UpgradeUnitGroupAggregateInfo Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

UpgradeUnitGroupInfo (schema)

Name Description Type Notes
display_name Name of the group string Required
Readonly
id UUID of group

Identifier of group		 string Required
Readonly

UpgradeUnitGroupListRequestParameters (schema)

Name Description Type Notes
component_type Component type based on which upgrade unit groups to be filtered string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
summary Flag indicating whether to return summary boolean Default: "False"
sync Synchronize before returning upgrade unit groups

If true, synchronize with the management plane before returning upgrade unit groups		 boolean Default: "False"

UpgradeUnitGroupListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of Upgrade unit groups array of UpgradeUnitGroup Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

UpgradeUnitGroupStatus (schema)

Name Description Type Notes
failed_count Number of nodes in the upgrade unit group that failed upgrade int Readonly
group_id UUID of upgrade unit group

Identifier for upgrade unit group		 string Required
Readonly
group_name Upgrade unit group Name

Name of the upgrade unit group		 string Required
Readonly
percent_complete Indicator of upgrade progress in percentage number Required
Readonly
status Upgrade status of upgrade unit group string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED
upgrade_unit_count Number of upgrade units in the group int Required
Readonly

UpgradeUnitGroupStatusListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged collection of upgrade status for upgrade unit groups array of UpgradeUnitGroupStatus Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

UpgradeUnitList (schema)

Name Description Type Notes
list Collection of Upgrade units array of UpgradeUnit Required

UpgradeUnitListRequestParameters (schema)

Name Description Type Notes
component_type Component type based on which upgrade units to be filtered string
current_version Current version of upgrade unit based on which upgrade units to be filtered string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
group_id UUID of group based on which upgrade units to be filtered string
has_warnings Flag to indicate whether to return only upgrade units with warnings boolean Default: "False"
included_fields Comma separated list of fields that should be included in query result string
metadata Metadata about upgrade unit to filter on string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
upgrade_unit_type Upgrade unit type based on which upgrade units to be filtered string

UpgradeUnitListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of Upgrade units array of UpgradeUnit Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

UpgradeUnitStatus (schema)

Name Description Type Notes
display_name Name of upgrade unit string Required
Readonly
errors List of errors occurred during upgrade of this upgrade unit array of string Readonly
id UUID of upgrade unit

Identifier of upgrade unit		 string Required
Readonly
metadata Metadata about upgrade unit array of KeyValuePair Readonly
percent_complete Indicator of upgrade progress in percentage number Required
Readonly
status Status of upgrade unit string Required
Readonly
Enum: SUCCESS, FAILED, IN_PROGRESS, NOT_STARTED, PAUSING, PAUSED

UpgradeUnitStatusListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Paged Collection of upgrade units status array of UpgradeUnitStatus Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

UpgradeUnitTypeStats (schema)

Name Description Type Notes
node_count Number of nodes int Required
Readonly
node_with_issues_count Number of nodes with issues that may cause upgrade failure int Readonly
type Type of upgrade unit string Required
Readonly
version Version of the upgrade unit string Required
Readonly

UpgradeUnitTypeStatsList (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List of upgrade unit type stats array of UpgradeUnitTypeStats Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

UpgradeUnitsStatsRequestParameters (schema)

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
sync Synchronize before returning upgrade unit stats

If true, synchronize with the management plane before returning upgrade unit stats		 boolean Default: "False"

Uplink (schema)

Object to identify an uplink based on its type and name

Name Description Type Notes
uplink_name Name of this uplink string Required
uplink_type Type of the uplink string Required
Enum: PNIC, LAG

UplinkHostSwitchProfile (schema)

Profile for uplink policies

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
lags list of LACP group array of Lag Maximum items: 64
mtu Maximum Transmission Unit used for uplinks int Minimum: 1280
named_teamings List of named uplink teaming policies that can be used by logical switches array of NamedTeamingPolicy Maximum items: 32
overlay_encap The protocol used to encapsulate overlay traffic string Enum: VXLAN, GENEVE
Default: "GENEVE"
required_capabilities array of string Readonly
resource_type Must be set to the value UplinkHostSwitchProfile HostSwitchProfileType Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
teaming Default TeamingPolicy associated with this UplinkProfile TeamingPolicy Required
transport_vlan VLAN used for tagging Overlay traffic of associated HostSwitch VlanID Default: "0"

UpmEntityType (schema)

Supported Entity Types

All entity types supported.

Name Description Type Notes
UpmEntityType Supported Entity Types

All entity types supported.		 string Enum: LogicalPort, LogicalSwitch, NSGroup

UrlAlias (schema)

Url Alias

Short name or alias of a url. It is used to represent the url.

Name Description Type Notes
alias Url Alias Name

Short name or alias of url, if any. If not specified, the url can be referenced by its index in the array of urls of the datasource instance as $ (for example, $0).		 string Maximum length: 255
query Search query of the search api, if any

Search query to be applied, if any. If query string is not provided, it will be ignored.		 string Maximum length: 1024
url Url

Url to fetch data from.		 string Required
Maximum length: 1024

UrpfMode (schema)

Unicast Reverse Path Forwarding mode

Name Description Type Notes
UrpfMode Unicast Reverse Path Forwarding mode string Enum: NONE, STRICT

UserGroupType (schema)

Supported groups a principal identity can belong to.

Name Description Type Notes
UserGroupType Supported groups a principal identity can belong to. string Enum: read_only_api_users, read_write_api_users, superusers, undefined

UserInfo (schema)

Authenticated User Info

Name Description Type Notes
roles Permissions array of NsxRole Required
Readonly
user_name User Name string Required
Readonly

UserSession (schema)

User login session information

Name Description Type Notes
domain_name AD Domain

AD Domain of user.		 string Required
login_time Login time

Login time.		 EpochMsTimestamp Required
logout_time Logout time if applicable

Logout time if applicable. An active user session has no logout time.
EpochMsTimestamp
user_name AD user name

AD user name.		 string Required
user_session_id User session ID

User session ID. This also indicates whether this is VDI / RDSH.		 int Required

UsernamePasswordLoginCredential (schema)

A login credential specifying a username and password

Name Description Type Notes
credential_type Must be set to the value UsernamePasswordLoginCredential string Required
password The authentication password for login string
thumbprint Thumbprint of the login server string Pattern: "^(([0-9A-Fa-f]{2}[:])+([0-9A-Fa-f]{2}))?$"
username The username for login string

VIPSubnet (schema)

Name Description Type Notes
active_vip_addresses IP Addresses which will be owned by uplink on active node.

Array of IP address subnets which will be used as floating IP addresses. | These IPs will move and will be owned by Active node.		 array of IPAddress Required
Minimum items: 1
Maximum items: 1
prefix_length Subnet Prefix Length integer Required
Minimum: 1
Maximum: 128

ValueConstraintExpression (schema)

Represents the leaf level value constraint.

Represents the leaf level value constraint to constrain specified attribute
value to the set of values to be allowed/not-allowed.
Example - sourceGroups allowed to have only with list of groups.
{
"operator":"INCLUDES",
"values":["/infra/services/HTTP", "/infra/services/HTTPS"]
}

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
operator Operation to check for value list for resource attribute of constraint. string Required
Enum: INCLUDES, EXCLUDES, EQUALS
resource_type Must be set to the value ValueConstraintExpression string Required
Enum: ValueConstraintExpression, RelatedAttributeConditionalExpression, EntityInstanceCountConstraintExpression, FieldSanityConstraintExpression
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
values Array of values to perform operation.

List of values.		 array of string Required

VendorTemplate (schema)

Vendor Template registered for a service

Vendor Templates are registered by the partner service manager to be used in the service profile. They contain named (k-v) pairs.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
attributes Vendor Template attributes

List of attributes specific to a partner for which the vendor template is created. There attributes are passed on to the partner appliance and is opaque to the NSX Manager. Attributes are not supported by guest introspection service.		 array of Attribute Maximum items: 128
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
functionality Functionality Type

The capabilities provided by the services. Needs to be one of the following | NG_FW - Next Generation Firewall | IDS_IPS - Intrusion detection System / Intrusion Prevention System | NET_MON - Network Monitoring | HCX - Hybrid Cloud Exchange | BYOD - Bring Your Own Device | EPP - Endpoint Protection.(Third party AntiVirus partners using NXGI should use this functionality for the service)		 string Enum: NG_FW, IDS_IPS, NET_MON, HCX, BYOD, EPP
id Unique identifier of this resource string Sortable
redirection_action Redirection action

The redirection action represents if the packet is exclusively redirected to the service, or if a copy is forwarded to the service. Service profile inherits the redirection action specified at the vendor template and cannot override the action specified at the vendor template. Redirection action is not applicable to guest introspection service.		 string Enum: PUNT, COPY
Default: "PUNT"
resource_type Must be set to the value VendorTemplate string
service_id Service Id

The service to which the vendor template belongs.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
vendor_template_key Vendor template key

Different VMs in data center can have Different protection levels as specified by administrator in the policy. The identifier for the policy with which the partner appliance identifies this policy. This identifier will be passed to the partner appliance at runtime to specify which protection level is applicable for the VM being protected.		 string

VendorTemplateListResult (schema)

Vendor Template List

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Service list

List of the Service-Insertion Services. The list has to be homogenous.		 array of VendorTemplate Required
Readonly
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

VendorTemplateQueryParameters (schema)

Vendor template query parameters

Name Description Type Notes
vendor_template_name Name of vendor template

The name of the vendor template, created by partner.		 string

VerifiableAsymmetricLoginCredential (schema)

Name Description Type Notes
asymmetric_credential Asymmetric login credential string
credential_key Credential key string
credential_type Must be set to the value VerifiableAsymmetricLoginCredential string Required
credential_verifier Credential verifier string

VersionList (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
acceptable_versions List of component versions array of string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
resource_type Must be set to the value VersionList string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

VidmInfo (schema)

Vidm Info

Name Description Type Notes
display_name User's Full Name Or User Group's Display Name string Required
Readonly
name Username Or Groupname string Required
Readonly
type Type string Required
Readonly
Enum: remote_user, remote_group

VidmInfoListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results List results array of VidmInfo Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

VidmInfoSearchRequestParameters (schema)

Vidm information search request parameters

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
search_string Search string to search for.

This is a substring search that is case insensitive.
string Required
sort_ascending boolean
sort_by Field by which records are sorted string

View (schema)

Dashboard View

Describes the configuration of a view to be displayed on the dashboard.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Widget Title

Title of the widget.		 string Required
Maximum length: 255
exclude_roles Roles to which the shared view is not visible

Comma separated list of roles to which the shared view is not visible. Allows user to prevent the visibility of a shared view to the specified roles. User defined roles can also be specified in the list. The roles can be obtained via GET /api/v1/aaa/roles. Please visit API documentation for details about roles. If include_roles is specified then exclude_roles cannot be specified.		 string Maximum length: 1024
id Unique identifier of this resource string Sortable
include_roles Roles to which the shared view is visible

Comma separated list of roles to which the shared view is visible. Allows user to specify the visibility of a shared view to the specified roles. User defined roles can also be specified in the list. The roles can be obtained via GET /api/v1/aaa/roles. Please visit API documentation for details about roles.		 string Maximum length: 1024
resource_type Must be set to the value View string
shared Share the view with other users

Defaults to false. Set to true to publish the view to other users. The widgets of a shared view are visible to other users.		 boolean Default: "False"
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
weight Weightage or placement of the view

Determines placement of view relative to other views. The lower the weight, the higher it is in the placement order.		 int Default: "10000"
widgets Widgets

Array of widgets that are part of the view.		 array of WidgetItem Required
Minimum items: 0

ViewList (schema)

List of Views

Represents a list of views.

Name Description Type Notes
views Array of views

Array of views		 array of View Required
Readonly

ViewQueryParameters (schema)

Parameters for querying views

Name Description Type Notes
tag The tag for which associated views to be queried.

The tag for which associated views to be queried. For tags specified on views, scope is automatically set to 'nsx-dashboard' and hence scope is ignored for searching views based on tag.		 string Readonly
view_ids Ids of the Views

Comma separated ids of views to be queried.		 string Readonly
Maximum length: 8192
widget_id Id of widget configuration

Id of widget to be queried for all the views it is part of.		 string Readonly
Maximum length: 255

VifAttachmentContext (schema)

Name Description Type Notes
allocate_addresses A flag to indicate whether to allocate addresses from allocation pools bound to the parent logical switch. string Enum: IpPool, MacPool, Both, None
app_id ID used to identify/look up a child VIF behind a parent VIF

An application ID used to identify / look up a child VIF
behind a parent VIF. Only effective when vif_type is CHILD.
string
parent_vif_id VIF ID of the parent VIF if vif_type is CHILD string
resource_type Must be set to the value VifAttachmentContext string Required
traffic_tag Tag used for the traffic between this VIF and parent VIF

Current we use VLAN id as the traffic tag.
Only effective when vif_type is CHILD.
Each logical port inside a container must have a
unique traffic tag. If the traffic_tag is not
unique, no error is generated, but traffic will
not be delivered to any port with a non-unique tag.
int
transport_node_uuid The UUID of the transport node

Only effective when vif_type is INDEPENDENT.
Each logical port inside a bare metal server
or container must have a transport node UUID.
We use transport node ID as transport node UUID.
string
vif_type Type of the VIF attached to logical port string Required
Enum: PARENT, CHILD, INDEPENDENT

VifListRequestParameters (schema)

VirtualNetworkInterface list request parameters.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
host_id Id of the host where this vif is located. string
included_fields Comma separated list of fields that should be included in query result string
lport_attachment_id LPort Attachment Id of the virtual network interface. string
owner_vm_id External id of the virtual machine. string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string
vm_id External id of the virtual machine. string

VifsOnEPListRequestParams (schema)

Request parameters for listing VIFs for an enforcement point

Request parameter for listing VIFs for an enforcement point

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
lport_attachment_id LPort attachment ID of the VIF. string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

VirtualEndpoint (schema)

This endpoint is strictly of the type Virtual

A VirtualEndpoint represents an IP (or nexthop) which is outside
SDDC. It represents a redirection target for RedirectionPolicy.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
children subtree for this type within policy tree

subtree for this type within policy tree containing nested elements.
array of ChildPolicyConfigResource
(Abstract type: pass one of the following concrete types)
ChildBgpNeighborConfig
ChildBgpRoutingConfig
ChildByodPolicyServiceInstance
ChildCommunicationEntry
ChildCommunicationMap
ChildCommunityList
ChildComputeClusterIdfwConfiguration
ChildConstraint
ChildDeploymentZone
ChildDfwFirewallConfiguration
ChildDhcpRelayConfig
ChildDhcpServerConfig
ChildDomain
ChildDomainDeploymentMap
ChildEndpointPolicy
ChildEndpointRule
ChildEnforcementPoint
ChildFloodProtectionProfile
ChildFloodProtectionProfileBindingMap
ChildForwardingPolicy
ChildForwardingRule
ChildGatewayPolicy
ChildGroup
ChildGroupMonitoringProfileBindingMap
ChildIPDiscoveryProfile
ChildIPFIXDFWCollectorProfile
ChildIPFIXDFWProfile
ChildIPFIXL2CollectorProfile
ChildIPFIXL2Profile
ChildIPSecVpnDpdProfile
ChildIPSecVpnIkeProfile
ChildIPSecVpnLocalEndpoint
ChildIPSecVpnService
ChildIPSecVpnSession
ChildIPSecVpnTunnelProfile
ChildIpAddressAllocation
ChildIpAddressBlock
ChildIpAddressPool
ChildIpAddressPoolSubnet
ChildL2VPNService
ChildL2VPNSession
ChildL2Vpn
ChildL2VpnContext
ChildL3Vpn
ChildL3VpnContext
ChildLBAppProfile
ChildLBClientSslProfile
ChildLBMonitorProfile
ChildLBPersistenceProfile
ChildLBPool
ChildLBServerSslProfile
ChildLBService
ChildLBVirtualServer
ChildLocaleServices
ChildMacDiscoveryProfile
ChildPolicyContextProfile
ChildPolicyDnsForwarder
ChildPolicyDnsForwarderZone
ChildPolicyEdgeCluster
ChildPolicyEdgeNode
ChildPolicyExcludeList
ChildPolicyFirewallSessionTimerProfile
ChildPolicyLabel
ChildPolicyLbMonitorProfile
ChildPolicyLbPersistenceProfile
ChildPolicyLbPoolAccess
ChildPolicyLbRule
ChildPolicyLbVirtualServer
ChildPolicyNat
ChildPolicyNatRule
ChildPolicyServiceChain
ChildPolicyServiceInstance
ChildPolicyServiceProfile
ChildPolicyTransportZone
ChildPortDiscoveryProfileBindingMap
ChildPortMirroringProfile
ChildPortMonitoringProfileBindingMap
ChildPortQoSProfileBindingMap
ChildPortSecurityProfileBindingMap
ChildPrefixList
ChildQoSProfile
ChildRedirectionPolicy
ChildRedirectionRule
ChildRule
ChildSecurityPolicy
ChildSegment
ChildSegmentDiscoveryProfileBindingMap
ChildSegmentMonitoringProfileBindingMap
ChildSegmentPort
ChildSegmentQoSProfileBindingMap
ChildSegmentSecurityProfile
ChildSegmentSecurityProfileBindingMap
ChildService
ChildServiceEntry
ChildServiceInstanceEndpoint
ChildServiceInterface
ChildServiceReference
ChildServiceSegment
ChildSessionTimerProfileBindingMap
ChildSite
ChildSpoofGuardProfile
ChildSslTrustObjectData
ChildStandaloneHostIdfwConfiguration
ChildStaticARPConfig
ChildStaticRoutes
ChildTier0
ChildTier0DeploymentMap
ChildTier0Interface
ChildTier0RouteMap
ChildTier1
ChildTier1DeploymentMap
ChildTier1Interface
ChildTlsCertificate
ChildTlsCrl
ChildTlsTrustData
ChildVirtualEndpoint
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
marked_for_delete Indicates whether the intent object is marked for deletion

Intent objects are not directly deleted from the system when a delete
is invoked on them. They are marked for deletion and only when all the
realized entities for that intent object gets deleted, the intent object
is deleted. Objects that are marked for deletion are not returned in
GET call. One can use the search API to get these objects.
boolean Readonly
Default: "False"
parent_path Path of its parent

Path of its parent		 string Readonly
path Absolute path of this object

Absolute path of this object		 string Readonly
relative_path Relative path of this object

Path relative from its parent		 string Readonly
resource_type Must be set to the value VirtualEndpoint string Required
Enum: VirtualEndpoint, ServiceInstanceEndpoint
service_names Services for which this endpoint to be created

One VirtualEndpoint will be created per service name.		 array of string Required
Minimum items: 1
Maximum items: 1
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
target_ips IP addresses to redirect the traffic to

IPs where either inbound or outbound traffic is to be redirected.
array of IPInfo Required
Minimum items: 1
Maximum items: 1

VirtualEndpointListResult (schema)

Collection of vitual endpoints under a Tier0

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results All virtual endpoints under a Tier0 array of VirtualEndpoint Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

VirtualMachine (schema)

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
compute_ids List of external compute ids of the virtual machine in the format 'id-type-key:value' , list of external compute ids ['uuid:xxxx-xxxx-xxxx-xxxx', 'moIdOnHost:moref-11', 'instanceUuid:xxxx-xxxx-xxxx-xxxx'] array of string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id Current external id of this virtual machine in the system. string Required
guest_info Guest virtual machine details

Guest virtual machine details include OS name, computer name of guest VM. Currently
this is supported for guests on ESXi that have VMware Tools installed.
GuestInfo
host_id Id of the host in which this virtual machine exists. string
local_id_on_host Id of the vm unique within the host. string Required
power_state Current power state of this virtual machine in the system. string Required
Enum: VM_RUNNING, VM_STOPPED, VM_SUSPENDED, UNKNOWN
resource_type Must be set to the value VirtualMachine string Required
source Reference of the Host or Public Cloud Gateway that reported the VM ResourceReference
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
type Virtual Machine type; Edge, Service VM or other. string Required
Readonly
Enum: EDGE, SERVICE, REGULAR

VirtualMachineConfig (schema)

Virtual Machine Configuration

Stores the configurations for a virtual machine

Name Description Type Notes
vm_config_properties Properties to configure the way NSX manages virtual machine. VmConfigProperties
vm_id Instance ID

Identifier for virtual machine.		 string

VirtualMachineConfigList (schema)

Name Description Type Notes
virtual_machines Virtual machine configuration list

Stores a list of configuration of virtual machines.		 array of VirtualMachineConfig

VirtualMachineDetails (schema)

Virtual Machine Details

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
active_sessions List of active (still logged in) user login/sessions data (no limit)

List of active (still logged in) user login/session data (no limit).		 array of UserSession
archived_sessions Optional list of archived (previously logged in) user login/session data (maximum 5)

Optional list of up to 5 most recent archived (previously logged in) user login/session data.		 array of UserSession

VirtualMachineListRequestParameters (schema)

VirtualMachine list request parameters.

Name Description Type Notes
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
display_name Display Name of the virtual machine string
external_id External id of the virtual machine string
host_id Id of the host where this vif is located string
included_fields Comma separated list of fields that should be included in query result string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
sort_ascending boolean
sort_by Field by which records are sorted string

VirtualMachineListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results VirtualMachine list results array of VirtualMachine Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

VirtualMachineTagUpdate (schema)

Name Description Type Notes
external_id External id of the virtual machine to which tags are to be applied string Required
tags List of tags to be applied to the virtual machine array of Tag Required

VirtualMachineTagsUpdate (schema)

Payload to update the tags on a Virtual Machine

List of tags applied to the virtual machine. Based on the enforcement
point, the virtual_machine_id will be different. It could be an external
id for NSX T or a moid for NSX V

Name Description Type Notes
tags List of tags to be applied to the virtual machine

List of tags to be applied on the virtual machine
array of Tag Required
virtual_machine_id This is the value of the identifier on the enforcement point that uniquely identifies the virtual machine

The identifier that is used in the enforcement point that uniquely
identifies the virtual machine. In case of NSXT it would be the
value of the external_id of the virtual machine.
string Required

VirtualNetworkInterface (schema)

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
description Description of this resource string Maximum length: 1024
Sortable
device_key Device key of the virtual network interface. string Required
device_name Device name of the virtual network interface. string
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id External Id of the virtual network inferface. string Required
host_id Id of the host on which the vm exists. string Required
ip_address_info IP Addresses of the the virtual network interface, from various sources. array of IpAddressInfo
lport_attachment_id LPort Attachment Id of the virtual network interface. string
mac_address MAC address of the virtual network interface. string Required
owner_vm_id Id of the vm to which this virtual network interface belongs. string Required
owner_vm_type Owner virtual machine type; Edge, Service VM or other. string Readonly
Enum: EDGE, SERVICE, REGULAR
resource_type Must be set to the value VirtualNetworkInterface string Required
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
vm_local_id_on_host Id of the vm unique within the host. string Required

VirtualNetworkInterfaceListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results VirtualNetworkInterface list results array of VirtualNetworkInterface Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

VirtualPrivateCloudConfig (schema)

Virtual Private Cloud Config

Stores configuration of the virtual private cloud managed
using a transit virtual private cloud.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
cloud_fallback_security_group_id Id of Cloud Security Group

Id of security group where the VMs should be moved after last gateway
undeployed. This field is required only when
default_quarantine_policy_enabled field is set to false.
string
default_quarantine_policy_enabled Flag to Identify if Default Quarantine Policy is Enabled

Flag to convey if virtual machines belonging to the compute
virtual private cloud should be quarantined or not.
boolean Default: "False"
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
managed_without_agents Managed Without NSX Agents

This flag determines if this compute virtual private cloud is managed
with or without NSX agents.
boolean Default: "False"
resource_type Must be set to the value VirtualPrivateCloudConfig string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

VirtualPrivateCloudInfo (schema)

Virtual Private Cloud Information

Stores the array of account IDs and virtual private cloud ID related to
the cloud account.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
associated_account_ids Array of Cloud Account IDs

Cloud account ID related to the virtual private cloud.
array of string Required
Readonly
virtual_private_cloud_id Virtual Private Cloud ID

Virtual private cloud ID of the corresponding cloud.
string Required
Readonly
virtual_private_cloud_name Virtual Private Cloud name

Virtual private cloud name of the corresponding cloud.
string Required
Readonly

VirtualPrivateCloudStatus (schema)

Virtual Private Cloud Status

Stores the information related to onboard and offboard status of virtual private cloud.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
error_code Error Code

Error code related to virtual private cloud
Onboard/Offboard failure.
integer Readonly
error_message Error Message

Error message related to virtual private cloud
Onboard/Offboard failure.
string Readonly
offboard_step States of Virtual Private Cloud While OffBoard

Stores the different states of virtual private cloud while
offboarding from a transit virtual private cloud.
string Readonly
Enum: UNCONFIGURING_GATEWAY, DELETING_SECURITY_GROUPS, OFFBOARD_SUCCESSFUL, OFFBOARD_FAILED, NOT_APPLICABLE
onboard_step States of Virtual Private Cloud While Onboard

Stores the different states of virtual private cloud while
onboarding using a transit virtual private cloud.
string Readonly
Enum: VALIDATING_ENVIRONMENT, CREATING_SECURITY_GROUPS, CONFIGURING_GATEWAY, ONBOARD_SUCCESSFUL, ONBOARD_FAILED, NOT_APPLICABLE
status Virtual Private Cloud Status

Indicates the status of a virtual private cloud.
UP: virtual private cloud is NSX managed.
DOWN: virtual private cloud is NSX managed with errors.
ONBOARDING: virtual private cloud is in the process of
onboarding using a transit virtual private cloud.
OFFBOARDING: virtual private cloud is in the process of
offboarding from a transit virtual private cloud.
NOT_APPLICABLE: virtual private cloud is NSX unmanaged.
string Readonly
Enum: UP, DOWN, ONBOARDING, OFFBOARDING, NOT_APPLICABLE
virtual_private_cloud_name Virtual Private Cloud Name

Name of the transit virtual private cloud.
string Readonly

VirtualServerIpProtocol (schema)

IP protocol of virtual server

Assigned Internet protocol in IP header, TCP and UDP are supported.

Name Description Type Notes
VirtualServerIpProtocol IP protocol of virtual server

Assigned Internet protocol in IP header, TCP and UDP are supported.
string Enum: TCP, UDP

VirtualServiceInstance (schema)

Custom Instance of a service

VirtualServiceInstance is a custom instance to be used when NSX is not handling the lifecycles of appliance/s and the user is not bringing their own appliance (BYOD).

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
on_failure_policy On Failure Policy

Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to.		 string Enum: ALLOW, BLOCK
resource_type Must be set to the value VirtualServiceInstance ServiceInstanceResourceType Required
service_id Service Id

The Service to which the service instance is associated.		 string Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
transport_type Transport Type

Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection).		 string Required
Enum: L2_BRIDGE, L3_ROUTED, NSH, NA

VlanID (schema)

Virtual Local Area Network Identifier

Name Description Type Notes
VlanID Virtual Local Area Network Identifier integer Minimum: 0
Maximum: 4094

VlanMirrorSource (schema)

Name Description Type Notes
resource_type Must be set to the value VlanMirrorSource MirrorSourceResourceType Required
vlan_ids Source VLAN ID list array of VlanID Required
Minimum items: 1

VlanMtuHealthCheckResultStatus (schema)

VLAN-MTU Health Check Result Status

Status of VLAN-MTU health check result;
TRUNKED - all specified VLAN IDs are allowed by VLAN and MTU settings;
UNTRUNKED - some/all specified VLAN IDs may be disallowed by VLAN or MTU settings;
UNKNOWN - some/all health check result are unknown due to infrastructure issues.

Name Description Type Notes
VlanMtuHealthCheckResultStatus VLAN-MTU Health Check Result Status

Status of VLAN-MTU health check result;
TRUNKED - all specified VLAN IDs are allowed by VLAN and MTU settings;
UNTRUNKED - some/all specified VLAN IDs may be disallowed by VLAN or MTU settings;
UNKNOWN - some/all health check result are unknown due to infrastructure issues.
string Enum: TRUNKED, UNTRUNKED, UNKNOWN

VlanTrunkSpec (schema)

VLAN trunk range specification

VlanTrunkspec is used for specifying trunk VLAN id ranges.

Name Description Type Notes
vlan_ranges Trunk VLAN id ranges array of TrunkVlanRange Required

VmConfigError (schema)

Error in realising vm config property

Error in realising vm config property.

Name Description Type Notes
error_code Error code for vm config operation failure integer Readonly
error_message Error message for vm config operation failure string Readonly

VmConfigProperties (schema)

User configurable properties

Properties to configure the way NSX manages virtual machine.

Name Description Type Notes
whitelisted Flag to identify if this VM is whitelisted or not.

Setting this flag to true means NSX will not consider this
virtual machine while performing quarantine operation.
boolean Required

VmConfigStatus (schema)

Status for user configurable properties

Status for user configurable properties.

Name Description Type Notes
whitelist Status for whitelisting operation. WhitelistingStatus Readonly

VmNicInfo (schema)

Set of NIC information of a VM

Contains a set of information of a VM on the network interfaces present on the partner appliance that needs to be configured by the NSX Manager.

Name Description Type Notes
nic_infos Set of NIC information of a VM

Set of information of a VM on the network interfaces present on the partner appliance that needs to be configured by the NSX Manager.		 array of NicInfo Required

VmToolsInfo (schema)

Name Description Type Notes
_last_sync_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
external_id VM external ID

Current external id of this virtual machine in the system.		 string Readonly
file_agent_version File agent version on the VM

Version of file agent on the VM of a third party partner solution.		 string Readonly
host_local_id VM ID given by the host

Id of the VM which is assigned locally by the host. It is the VM-moref on ESXi hosts, in other environments it is VM UUID.		 string Readonly
network_agent_version Network agent version on the VM

Version of network agent on the VM of a third party partner solution.		 string Readonly
resource_type Must be set to the value VmToolsInfo string Required
source Reference of the Host or Public Cloud Gateway that reported the VM. ResourceReference Readonly
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
tools_version VM tools version on the VM

Version of VMTools installed on the VM.		 string Readonly
vm_type Virtual Machine type

Type of VM - Edge, Service or other.		 string Readonly
Enum: EDGE, SERVICE, REGULAR

VmToolsInfoListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results VmToolsInfo list results. array of VmToolsInfo Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

VmkToLogicalSwitchMapping (schema) (Deprecated)

Holds VMkernal to logical switch mapping. This will be used for network migration.

Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.

Name Description Type Notes
dest_network_id The ID of the NSX logical switch to which source vmkernal interface needs to be migrated to.

Only VLAN type of logical switch can be specified here, as migration operation is only supported for these types.		 string Required
src_interface_id The ID (for example, vmk0) of the vmkernal interface on ESX to migrate. string Required

VmknicNetwork (schema)

Vmknic network specification

Mapping of all vmk interfaces to destination networks

Name Description Type Notes
destination_network The network id to which the ESX vmk interface will be migrated.

When migrating vmks to N-VDS/logical switches, the id is the logical switch id. When migrating out of N-VDS/logical switches, the id is the vSphere Switch portgroup name in a single vSphere Standard Switch (VSS), or distributed virtual portgroup name in a single distributed virtual switch (DVS).		 string Required
device_name ESX vmk interface name

The vmk interface name, e.g., vmk0, vmk1; the id assigned by vCenter.		 string Required

VnetStats (schema)

Virtual Network statistics

Stores statistics of the number of MANAGED and UNMANAGED virtual networks.

Name Description Type Notes
error Erroneous virtual networks

The number of VNets with status NSX_GATEWAY_ERROR
and NSX_COMPUTE_ERROR.
integer Readonly
managed Managed virtual networks

The number of virtual networks with status NSX_MANAGED.		 integer Readonly
unmanaged Unmanaged virtual networks

The number of vitual networks with status NSX_UNMANAGED.		 integer Readonly

VniPool (schema)

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
ranges VNI range list results array of VniRange Required
resource_type Must be set to the value VniPool string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

VniPoolListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results VNI pool list results array of VniPool Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

VniRange (schema)

A range of virtual network identifiers (VNIs)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
end End value of vni range

End value for vni range to be used for virtual networks		 integer Required
Minimum: 5000
Maximum: 16777215
start Start value of vni range

Start value for vni range to be used for virtual networks		 integer Required
Minimum: 5000
Maximum: 16777215

VpcStats (schema)

VPC statistics

Stores statistics of the number of MANAGED and UNMANAGED VPCs.

Name Description Type Notes
error Erroneous VPCs

The number of VPCs with status NSX_GATEWAY_ERROR
and NSX_COMPUTE_ERROR.
integer Readonly
managed Managed VPCs

The number of VPCs with status NSX_MANAGED.		 integer Readonly
unmanaged Unmanaged VPCs

The number of VPCs with status NSX_UNMANAGED.		 integer Readonly

VpnRoutingTableState (schema)

Public Cloud Routing Table State

State of a public cloud routing table from VPN point of view

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
account_id Identifier for account based on which routing tables are to be filtered string Required
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Public Cloud Routing Table Identifier

The identifier of the public cloud routing table
string Required
managed_for_vpn NSX Managed Routing Table

Flag to identify whether the routing table is actually managed by NSX for VPN		 boolean Required
network_id Identifier for a network based on which the list are to be filtered string Required
reason_for_not_managed Unmanaged Table Reason

Reason why a routing table is not being managed for VPN		 string Enum: RT_CONTAINS_MGMT_SUBNET, RT_CONTAINS_UPLINK_SUBNET, RT_CONTAINS_MGMT_UPLINK_SUBNET, NONSELECTED
resource_type Must be set to the value VpnRoutingTableState string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

VpnRoutingTableStateListResult (schema)

List of Public Cloud Routing State

List of public cloud routing tables and their state. It contains the state information relevant for VPN.

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Public Cloud Routing State Tables

Set of public cloud routing tables and their state		 array of VpnRoutingTableState Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

VpnRoutingTablesStateListRequestParameters (schema)

These parameters can be used to filter the list of routing table states.
Multiple parameters can be given as input. Different parameters are implicitly 'AND'ed.

Name Description Type Notes
account_id Identifier for account based on which routing tables are to be filtered string
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string
included_fields Comma separated list of fields that should be included in query result string
managed_for_vpn Flag to identify whether the routing table is actually managed by NSX for VPN boolean
network_id Identifier for a network based on which the list is to be filtered string
page_size Maximum number of results to return in this page (server may return fewer) integer Minimum: 0
Maximum: 1000
Default: "1000"
reason_for_not_managed Reason why a routing table is not being managed for VPN string Enum: RT_CONTAINS_MGMT_SUBNET, RT_CONTAINS_UPLINK_SUBNET, RT_CONTAINS_MGMT_UPLINK_SUBNET, NONSELECTED
sort_ascending boolean
sort_by Field by which records are sorted string

VsphereClusterNodeVMDeploymentConfig (schema)

Deployment config on the Vsphere platform

The Vsphere deployment configuration determines where to deploy the
cluster node VM through a vCenter server. It contains settings that are
applied during install time.
If using DHCP, the following fields must be left unset - dns_servers,
management_port_subnets, and default_gateway_addresses

Name Description Type Notes
allow_ssh_root_login Allow root SSH logins

If true, the root user will be allowed to log into the VM.
Allowing root SSH logins is not recommended for security reasons.
boolean Default: "False"
compute_id Cluster identifier or resourcepool identifier

The cluster node VM will be deployed on the specified cluster or
resourcepool for specified VC server.
string Required
default_gateway_addresses Default gateway for the VM

The default gateway for the VM to be deployed must be specified if all
the other VMs it communicates with are not in the same subnet.
Do not specify this field and management_port_subnets to use DHCP.
Note: only single IPv4 default gateway address is supported and it
must belong to management network.
IMPORTANT: VMs deployed using DHCP are currently not supported,
so this parameter should be specified.
array of IPAddress Minimum items: 1
Maximum items: 1
dns_servers DNS servers

List of DNS servers.
If DHCP is used, the default DNS servers associated with
the DHCP server will be used instead.
Required if using static IP.
array of IPv4Address Minimum items: 1
enable_ssh Enable SSH

If true, the SSH service will automatically be started on the VM.
Enabling SSH service is not recommended for security reasons.
boolean Default: "False"
host_id Host identifier

The cluster node VM will be deployed on the specified host in the
specified VC server within the cluster if host_id is specified.
Note: User must ensure that storage and specified networks are
accessible by this host.
string
hostname Host name or FQDN for the VM

Desired host name/FQDN for the VM to be deployed		 string Required
Pattern: "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*?$"
management_network_id Portgroup identifier for management network connectivity

Distributed portgroup identifier to which the management vnic of
cluster node VM will be connected.
string Required
management_port_subnets Port subnets for management port

IP Address and subnet configuration for the management port.
Do not specify this field and default_gateway_addresses to use DHCP.
Note: only one IPv4 address is supported for the management port.
IMPORTANT: VMs deployed using DHCP are currently not supported,
so this parameter should be specified.
array of IPSubnet Minimum items: 1
Maximum items: 1
ntp_servers NTP servers

List of NTP servers.
To use hostnames, a DNS server must be defined. If not using DHCP,
a DNS server should be specified under dns_servers.
array of HostnameOrIPv4Address
placement_type Must be set to the value VsphereClusterNodeVMDeploymentConfig string Required
Enum: VsphereClusterNodeVMDeploymentConfig
search_domains DNS search domain names

List of domain names that are used to complete unqualified host names.
array of string
storage_id Storage/datastore identifier

The cluster node VM will be deployed on the specified datastore in
the specified VC server. User must ensure that storage is accessible
by the specified cluster/host.
string Required
vc_id Vsphere compute identifier for identifying VC server

The VC-specific identifiers will be resolved on this VC, so all other
identifiers specified in the config must belong to this vCenter server.
string Required

VsphereDeploymentConfig (schema)

The Vsphere deployment configuration determines where to deploy the edge
node. It contains settings that are applied during install time.
If using DHCP, you must leave the following fields unset: search_domains,
management_port_subnets, dns_servers and default_gateway_addresses.
Use EdgeNodeSettings to specify host name, SSH, NTP and DNS settings for
both deployment and consequent update. These settings are editable for
manually deployed edge nodes as well.
EdgeNodeSettings reports current values configured on the edge node.
The following fields are deprecated Hostname, SSH, NTP and DNS settings.

Name Description Type Notes
allow_ssh_root_login Allow root SSH logins.

Allowing root SSH logins is not recommended for security reasons.
This field is deprecated. Use allow_ssh_root_login property in EdgeNodeSettings
section when creating transport nodes.
boolean Deprecated
Default: "False"
compute_id Cluster identifier or resourcepool identifier for specified vcenter server.

The edge node vm will be deployed on the specified cluster or resourcepool.
Note - all the hosts must have nsx fabric prepared in the specified cluster.
string Required
data_network_ids Portgroup or logical switch identifiers for datapath connectivity.

List of distributed portgroup or VLAN logical identifiers to which the
datapath serving vnics of edge node vm will be connected.
array of string Required
Minimum items: 1
Maximum items: 3
default_gateway_addresses Default gateway for the node.

The default gateway for edge node must be specified if all the nodes it
communicates with are not in the same subnet.
Note: Only single IPv4 default gateway address is supported and it must
belong to management network.
array of IPAddress Minimum items: 1
Maximum items: 1
dns_servers DNS servers.

List of DNS servers.
This field is deprecated. Use dns_servers property in EdgeNodeSettings
section when creating or updating transport nodes.
array of IPAddress Deprecated
enable_ssh Enable SSH.

Enabling SSH service is not recommended for security reasons.
This field is deprecated. Use enable_ssh property in EdgeNodeSettings
section when creating or updating transport nodes.
boolean Deprecated
Default: "False"
host_id Host identifier in the specified vcenter server.

The edge node vm will be deployed on the specified Host within the cluster
if host_id is specified.
Note - User must ensure that storage and specified networks are accessible by this host.
string
hostname Host name or FQDN for edge node. string Deprecated
Pattern: "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*?$"
management_network_id Portgroup or logical switch identifier for management network connectivity.

Distributed portgroup identifier to which the management vnic of edge node vm
will be connected. This portgroup must have connectivity with MP and CCP. A
VLAN logical switch identifier may also be specified.
string Required
management_port_subnets Port subnets for management port. Only one IPv4 Address is supported.

IP Address and subnet configuration for the management port. Note:
only one IPv4 address is supported for the management port.
array of IPSubnet Minimum items: 1
Maximum items: 1
ntp_servers NTP servers.

List of NTP servers.
This field is deprecated. Use ntp_servers property in EdgeNodeSettings
section when creating or updating transport nodes.
array of HostnameOrIPv4Address Deprecated
placement_type Must be set to the value VsphereDeploymentConfig string Required
Enum: VsphereDeploymentConfig
search_domains Search domain names.

List of domain names that are used to complete unqualified host names.
This field is deprecated. Use search_domains property in EdgeNodeSettings
section when creating or updating transport nodes.
array of string Deprecated
storage_id Storage/datastore identifier in the specified vcenter server.

The edge node vm will be deployed on the specified datastore. User must ensure
that storage is accessible by the specified cluster/host.
string Required
vc_id Vsphere compute identifier for identifying the vcenter server.

The vc specific identifiers will be resolved on this VC.
So all other identifiers specified here must belong to this vcenter server.
string Required

VtepCsvListResult (schema)

Name Description Type Notes
file_name File name

File name set by HTTP server if API returns CSV result as a file.		 string
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
results array of VtepTableCsvRecord

VtepLabelPool (schema)

A collection of ranges of virtual tunnel endpoint labels

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
description Description of this resource string Maximum length: 1024
Sortable
display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set		 string Maximum length: 255
Sortable
id Unique identifier of this resource string Sortable
pool_usage Pool usage statistics VtepLabelPoolUsage Readonly
ranges Array of ranges for virtual tunnel endpoint labels array of VtepLabelRange Required
resource_type Must be set to the value VtepLabelPool string
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

VtepLabelPoolListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results Virtual tunnel endpoint label pool list results array of VtepLabelPool Required
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly

VtepLabelPoolUsage (schema)

Pool usage statistics in a pool

Name Description Type Notes
allocated_ids Total number of allocated IDs in a pool integer Readonly
free_ids Total number of free IDs in a pool integer Readonly
total_ids Total number of IDs in a pool integer Readonly

VtepLabelRange (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
end Virtual tunnel endpoint label range end

End value for virtual tunnel endpoint label range		 integer Required
Minimum: 1
Maximum: 131071
start Virtual tunnel endpoint label range start

Start value for virtual tunnel endpoint label range		 integer Required
Minimum: 1
Maximum: 131071

VtepListResult (schema)

Name Description Type Notes
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
cursor Opaque cursor to be used for getting next page of records (supplied by current result page) string Readonly
last_update_timestamp Timestamp when the data was last updated; unset if data source has never updated the data. EpochMsTimestamp Readonly
logical_switch_id The id of the logical Switch string Required
Readonly
result_count Count of results found (across all pages), set only on first page integer Readonly
results array of VtepTableEntry
sort_ascending If true, results are sorted in ascending order boolean Readonly
sort_by Field by which records are sorted string Readonly
transport_node_id Transport node identifier string Readonly

VtepTableCsvRecord (schema)

Name Description Type Notes
segment_id The segment Id string
vtep_ip The virtual tunnel endpoint IP address IPAddress
vtep_label The virtual tunnel endpoint label integer Required
vtep_mac_address The virtual tunnel endpoint MAC address string Required

VtepTableEntry (schema)

Name Description Type Notes
segment_id The segment Id string
vtep_ip The virtual tunnel endpoint IP address IPAddress
vtep_label The virtual tunnel endpoint label integer
vtep_mac_address The virtual tunnel endpoint MAC address string

WeeklyBackupSchedule (schema)

Schedule to specify day of the week and time to take automated backup

Name Description Type Notes
days_of_week Days of week when backup is taken. 0 - Sunday, 1 - Monday, 2 - Tuesday, 3 - Wednesday ... array of integer Required
Minimum items: 1
Maximum items: 7
hour_of_day Time of day when backup is taken integer Required
Minimum: 0
Maximum: 23
minute_of_day Time of day when backup is taken integer Required
Minimum: 0
Maximum: 59
resource_type Must be set to the value WeeklyBackupSchedule string Required
Enum: WeeklyBackupSchedule, IntervalBackupSchedule

WeeklyTelemetrySchedule (schema)

Name Description Type Notes
day_of_week Day of week on which data will be collected

Day of week on which data will be collected. Specify one of SUNDAY through SATURDAY.
string Required
Enum: SUNDAY, MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY
frequency_type Must be set to the value WeeklyTelemetrySchedule string Required
hour_of_day Hour at which data will be collected

Hour at which data will be collected. Specify a value between 0 through 23.
integer Required
Minimum: 0
Maximum: 23
minutes Minute at which data will be collected

Minute at which data will be collected. Specify a value between 0 through 59.
integer Minimum: 0
Maximum: 59
Default: "0"

WhiteListProvisionType (schema)

Ways to provide white listed addresses for SpoofGuard

Name Description Type Notes
WhiteListProvisionType Ways to provide white listed addresses for SpoofGuard string Enum: LPORT_BINDINGS, LSWITCH_BINDINGS

WhitelistingStatus (schema)

Status for whitelisting operation

Status for whitelisting operation.

Name Description Type Notes
whitelist_errors VmConfigError Readonly
whitelisted Property to identify if this VM is whitelisted or not whitelisted.

Property whitelisted YES means NSX will not consider this
virtual machine while performing quarantine operation.
Value IN_PROGRESS signifies the state change is under progress.
string Required
Enum: True, False, IN_PROGRESS

WidgetConfiguration (schema)

Dashboard Widget Configuration

Describes the configuration of a widget to be displayed on the dashboard. WidgetConfiguration is a base type that provides attributes of a widget in-general.

Name Description Type Notes
_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable
_create_user ID of the user who created this resource string Readonly
_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable
_last_modified_user ID of the user who last modified this resource string Readonly
_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST.		 array of ResourceLink Readonly
_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly
_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.		 int
_schema Schema for this resource string Readonly
_self Link to this resource SelfResourceLink Readonly
_system_owned Indicates system owned resource boolean Readonly
datasources Array of Datasource Instances with their relative urls

The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.		 array of Datasource Minimum items: 0
description Description of this resource string Maximum length: 1024
Sortable
display_name Widget Title

Title of the widget. If display_name is omitted, the widget will be shown without a title.		 string Maximum length: 255
drilldown_id Id of drilldown widget

Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.		 string Maximum length: 255
footer Footer
icons Icons

Icons to be applied at dashboard for widgets and UI elements.		 array of Icon
id Unique identifier of this resource string Sortable
is_drilldown Set as a drilldown widget

Set to true if this widget should be used as a drilldown.		 boolean Default: "False"
legend Legend for the widget

Legend to be displayed. If legend is not needed, do not include it.		 Legend
resource_type Must be set to the value WidgetConfiguration string Required
Readonly
Enum: LabelValueConfiguration, DonutConfiguration, MultiWidgetConfiguration, ContainerConfiguration, StatsConfiguration, GridConfiguration, GraphConfiguration
Maximum length: 255
shared Visiblity of widgets to other users

Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.		 boolean Deprecated
tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30
weight Weightage or placement of the widget or container

Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.		 int Deprecated

WidgetConfigurationList (schema)

List of Widget Configurations

Represents a list of widget configurations.

Name Description Type Notes
widgetconfigurations Array of widget configurations

Array of widget configurations		 array of WidgetConfiguration
(Abstract type: pass one of the following concrete types)
ContainerConfiguration
DonutConfiguration
GraphConfiguration
GridConfiguration
LabelValueConfiguration
MultiWidgetConfiguration
StatsConfiguration
WidgetConfiguration		 Required
Readonly

WidgetItem (schema)

Widget held by MultiWidgetConfiguration or Container or a View

Represents a reference to a widget that is held by a container or a multi-widget or a View.

Name Description Type Notes
alignment Alignment of widget inside container

Aligns widget either left or right.		 string Enum: LEFT, RIGHT
Default: "LEFT"
label Label of the the report

Applicable for 'DonutConfiguration' and 'StatsConfiguration' reports only. If label is not specified, then it defaults to the label of the donut or stats report.		 Label
separator A separator after this widget

If true, separates this widget in a container.		 boolean Default: "False"
weight Weightage or placement of the widget or container

Determines placement of widget or container relative to other widgets and containers. The lower the weight, the higher it is in the placement order.		 int Default: "10000"
widget_id Id of the widget configuration

Id of the widget configuration that is held by a multi-widget or a container or a view.		 string Required
Maximum length: 255

WidgetQueryParameters (schema)

Parameters for querying widget configurations

Name Description Type Notes
container Id of the container

Id of the container whose widget configurations are to be queried.		 string Readonly
Maximum length: 255
widget_ids Ids of the WidgetConfigurations

Comma separated ids of WidgetConfigurations to be queried.		 string Readonly
Maximum length: 8192

X509Certificate (schema)

Name Description Type Notes
dsa_public_key_g One of the DSA cryptogaphic algorithm's strength parameters, base string Readonly
dsa_public_key_p One of the DSA cryptogaphic algorithm's strength parameters, prime string Readonly
dsa_public_key_q One of the DSA cryptogaphic algorithm's strength parameters, sub-prime string Readonly
dsa_public_key_y One of the DSA cryptogaphic algorithm's strength parameters string Readonly
ecdsa_curve_name ECDSA Curve Name

The Curve name for the ECDSA certificate.		 string Readonly
ecdsa_ec_field ECDSA Elliptic Curve Finite Field

Represents an elliptic curve (EC) finite field in ECDSA.		 string Readonly
Enum: F2M, FP
ecdsa_ec_field_f2mks ECDSA Elliptic Curve F2MKS

The order of the middle term(s) of the reduction polynomial in elliptic curve (EC) | characteristic 2 finite field.| Contents of this array are copied to protect against subsequent modification in ECDSA.		 array of integer Readonly
ecdsa_ec_field_f2mm ECDSA Elliptic Curve F2MM

The first coefficient of this elliptic curve in elliptic curve (EC) | characteristic 2 finite field for ECDSA.		 integer Readonly
ecdsa_ec_field_f2mrp ECDSA Elliptic Curve F2MRP

The value whose i-th bit corresponds to the i-th coefficient of the reduction polynomial | in elliptic curve (EC) characteristic 2 finite field for ECDSA.		 string Readonly
ecdsa_ec_field_f2pp ECDSA Elliptic Curve F2PP

The specified prime for the elliptic curve prime finite field in ECDSA.		 string Readonly
ecdsa_public_key_a ECDSA Elliptic Curve Public Key A

The first coefficient of this elliptic curve in ECDSA.		 string Readonly
ecdsa_public_key_b ECDSA Elliptic Curve Public Key B

The second coefficient of this elliptic curve in ECDSA.		 string Readonly
ecdsa_public_key_cofactor ECDSA Elliptic Curve Public Key Cofactor

The co-factor in ECDSA.		 integer Readonly
ecdsa_public_key_generator_x ECDSA Elliptic Curve Public Key X

x co-ordinate of G (the generator which is also known as the base point) in ECDSA.		 string Readonly
ecdsa_public_key_generator_y ECDSA Elliptic Curve Public Key Y

y co-ordinate of G (the generator which is also known as the base point) in ECDSA.		 string Readonly
ecdsa_public_key_order ECDSA Elliptic Curve Public Key Order

The order of generator G in ECDSA.		 string Readonly
ecdsa_public_key_seed ECDSA Elliptic Curve Public Key Seed

The bytes used during curve generation for later validation in ECDSA.| Contents of this array are copied to protect against subsequent modification.		 array of string Readonly
is_ca True if this is a CA certificate. boolean Required
Readonly
is_valid True if this certificate is valid. boolean Required
Readonly
issuer the certificate issuers complete distinguished name string Required
Readonly
issuer_cn the certificate issuer's common name string Required
Readonly
not_after the time in epoch milliseconds at which the certificate becomes invalid EpochMsTimestamp Required
Readonly
not_before the time in epoch milliseconds at which the certificate becomes valid EpochMsTimestamp Required
Readonly
public_key_algo Public Key Algorithm

Cryptographic algorithm used by the public key for data encryption.		 string Required
Readonly
Enum: RSA, DSA, ECDSA
public_key_length size measured in bits of the public/private keys used in a cryptographic algorithm integer Required
Readonly
rsa_public_key_exponent An RSA public key is made up of the modulus and the public exponent. Exponent is a power number string Readonly
rsa_public_key_modulus An RSA public key is made up of the modulus and the public exponent. Modulus is wrap around number string Readonly
serial_number certificate's serial number string Required
Readonly
signature the signature value(the raw signature bits) used for signing and validate the cert string Required
Readonly
signature_algorithm the algorithm used by the Certificate Authority to sign the certificate string Required
Readonly
subject the certificate owners complete distinguished name string Required
Readonly
subject_cn the certificate owner's common name string Required
Readonly
version Certificate version (default v1) string Required
Readonly

X509Crl (schema)

A CRL is a time-stamped list identifying revoked certificates.

Name Description Type Notes
crl_entries list of X509CrlEntry array of X509CrlEntry Readonly
issuer Issuer's distinguished name(DN) string Readonly
next_update Next update time for the CRL string Readonly
version CRL's version number either 1 or 2 string Readonly

X509CrlEntry (schema)

Each revoked certificate is identified in a CRL by its certificate serial number.

Name Description Type Notes
revocation_date Revocation date string Readonly
serial_number the revoked certificate's serial number string Readonly

XForwardedForType (schema)

x-forwarded-for type

Name Description Type Notes
XForwardedForType x-forwarded-for type string Enum: INSERT, REPLACE



API Type Schemas

Request and response bodies for API Methods are specified using the proposed JSON Schema format (revision 03) documented at http://json-schema.org/ . All data returned by API methods references the schema being used through the an attribute of the top-level object named "_schema". These will refer to the schema definitions provided as described in the Embedded API Documentation methods of the API. The schemas make use of JSON referencing to reduce restatement of the same schema information in multiple places.

JsonSchema

As defined in http://tools.ietf.org/html/draft-zyp-json-schema-03.

ALGTypeNSService (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "NSServiceElement
  }, 
  "id": "ALGTypeNSService", 
  "module_id": "Types", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ALGTypeNSService"
  }, 
  "properties": {
    "alg": {
      "description": "The Application Layer Gateway (ALG) protocol. Please note, protocol NBNS_BROADCAST and NBDG_BROADCAST are  deprecated. Please use UDP protocol and create L4 Port Set type of service instead.", 
      "enum": [
        "ORACLE_TNS", 
        "FTP", 
        "SUN_RPC_TCP", 
        "SUN_RPC_UDP", 
        "MS_RPC_TCP", 
        "MS_RPC_UDP", 
        "NBNS_BROADCAST", 
        "NBDG_BROADCAST", 
        "TFTP"
      ], 
      "required": true, 
      "title": "The Application Layer Gateway (ALG) protocol", 
      "type": "string"
    }, 
    "destination_ports": {
      "items": {
        "$ref": "PortElement
      }, 
      "maxItems": 15, 
      "minItems": 1, 
      "required": true, 
      "title": "The destination_port cannot be empty and must be a single value.", 
      "type": "array"
    }, 
    "resource_type": {
      "enum": [
        "EtherTypeNSService", 
        "IPProtocolNSService", 
        "IGMPTypeNSService", 
        "ICMPTypeNSService", 
        "ALGTypeNSService", 
        "L4PortSetNSService"
      ], 
      "required": true, 
      "title": "The specific type of NSServiceElement", 
      "type": "string"
    }, 
    "source_ports": {
      "items": {
        "$ref": "PortElement
      }, 
      "maxItems": 15, 
      "required": false, 
      "title": "Source ports", 
      "type": "array"
    }
  }, 
  "title": "An NSService element that represents an ALG protocol", 
  "type": "object"
}

ALGTypeServiceEntry (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ServiceEntry
  }, 
  "id": "ALGTypeServiceEntry", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ALGTypeServiceEntry"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alg": {
      "description": "The Application Layer Gateway (ALG) protocol. Please note, protocol NBNS_BROADCAST and NBDG_BROADCAST are  deprecated. Please use UDP protocol and create L4 Port Set type of service instead.", 
      "enum": [
        "ORACLE_TNS", 
        "FTP", 
        "SUN_RPC_TCP", 
        "SUN_RPC_UDP", 
        "MS_RPC_TCP", 
        "MS_RPC_UDP", 
        "NBNS_BROADCAST", 
        "NBDG_BROADCAST", 
        "TFTP"
      ], 
      "required": true, 
      "title": "The Application Layer Gateway (ALG) protocol", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destination_ports": {
      "items": {
        "$ref": "PortElement
      }, 
      "maxItems": 15, 
      "minItems": 1, 
      "required": true, 
      "title": "The destination_port cannot be empty and must be a single value.", 
      "type": "array"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "IPProtocolServiceEntry", 
        "IGMPTypeServiceEntry", 
        "ICMPTypeServiceEntry", 
        "ALGTypeServiceEntry", 
        "L4PortSetServiceEntry", 
        "EtherTypeServiceEntry"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "source_ports": {
      "items": {
        "$ref": "PortElement
      }, 
      "maxItems": 15, 
      "required": false, 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "An ServiceEntry that represents an ALG protocol", 
  "type": "object"
}

AbstractSpace (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Represents the space in which the policy is being defined.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "AbstractSpace", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "connectivity_strategy": {
      "description": "This field indicates the default connectivity policy for the infra or tenant space WHITELIST - Adds a default drop rule. Administrator can then use \"allow\" rules (aka whitelist) to allow traffic between groups BLACKLIST - Adds a default allow rule. Admin can then use \"drop\" rules (aka blacklist) to block traffic between groups WHITELIST_ENABLE_LOGGING - Whitelising with logging enabled BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled NONE - No default rules are added.", 
      "enum": [
        "WHITELIST", 
        "BLACKLIST", 
        "WHITELIST_ENABLE_LOGGING", 
        "BLACKLIST_ENABLE_LOGGING", 
        "NONE"
      ], 
      "required": false, 
      "title": "Connectivity strategy used by this tenant", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "The space in which policy is being defined", 
  "type": "object"
}

AcceptableComponentVersion (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "VersionList
  }, 
  "id": "AcceptableComponentVersion", 
  "module_id": "VersionWhitelist", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "acceptable_versions": {
      "items": {
        "type": "string"
      }, 
      "required": true, 
      "title": "List of component versions", 
      "type": "array"
    }, 
    "component_type": {
      "enum": [
        "HOST", 
        "EDGE", 
        "CCP", 
        "MP"
      ], 
      "required": true, 
      "title": "Node type", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

AcceptableComponentVersionList (type) 

{
  "additionalProperties": false, 
  "id": "AcceptableComponentVersionList", 
  "module_id": "VersionWhitelist", 
  "properties": {
    "results": {
      "items": {
        "$ref": "AcceptableComponentVersion
      }, 
      "required": true, 
      "title": "Acceptable version whitelist for different components", 
      "type": "array"
    }
  }, 
  "type": "object"
}

Action (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Reaction Action is the action to take when the stipulated criteria specified in the event exist over the source. Some example actions include: - Notify Admin (or VMC's SRE) via email. - Populate a specific label with the IPSec VPN Session. - Remove the IPSec VPN Session from a specific label.", 
  "id": "Action", 
  "module_id": "PolicyReaction", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "resource_type": {
      "description": "Reaction Action resource type.", 
      "enum": [
        "PatchResources", 
        "SetFields"
      ], 
      "required": true, 
      "title": "Resource Type", 
      "type": "string"
    }
  }, 
  "title": "Reaction Action", 
  "type": "object"
}

ActionableResource (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ActionableResource", 
  "module_id": "ClusterRestore", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_address": {
      "format": "hostname-or-ip", 
      "required": false, 
      "title": "A resource reference on which actions can be performed", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Resources managed during restore process", 
  "type": "object"
}

ActionableResourceListRequestParameters (type) 

{
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "ActionableResourceListRequestParameters", 
  "module_id": "ClusterRestore", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "instruction_id": {
      "required": true, 
      "title": "Id of the instruction set whose instructions are to be returned", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ActionableResourceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ActionableResourceListResult", 
  "module_id": "ClusterRestore", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ActionableResource
      }, 
      "required": true, 
      "title": "List results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AddClusterNodeAction (type) 

{
  "id": "AddClusterNodeAction", 
  "module_id": "ClusterManagement", 
  "properties": {
    "action": {
      "enum": [
        "add_cluster_node"
      ], 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }
  }, 
  "type": "object"
}

AddClusterNodeSpec (type) 

{
  "id": "AddClusterNodeSpec", 
  "module_id": "ClusterManagement", 
  "properties": {
    "controller_role_config": {
      "$ref": "AddControllerNodeSpec
    }, 
    "display_name": {
      "title": "Display name for the node", 
      "type": "string"
    }, 
    "external_id": {
      "readonly": false, 
      "title": "External identifier of the node", 
      "type": "string"
    }, 
    "mgr_role_config": {
      "$ref": "AddManagementNodeSpec
    }
  }, 
  "type": "object"
}

AddClusterNodeVMInfo (type) 

{
  "description": "Contains a list of cluster node VM deployment requests and optionally a clustering configuration.", 
  "id": "AddClusterNodeVMInfo", 
  "module_id": "ClusterNodeVMDeployment", 
  "properties": {
    "clustering_config": {
      "$ref": "ClusteringConfig, 
      "deprecated": true, 
      "description": "This property is deprecated since ClusteringConfig is no longer needed for auto-installation and will be ignored if provided.", 
      "required": false, 
      "title": "Configuration for auto-clustering of VMs post-deployment"
    }, 
    "deployment_requests": {
      "description": "Cluster node VM deployment requests to be deployed by the Manager.", 
      "items": {
        "$ref": "ClusterNodeVMDeploymentRequest
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "List of deployment requests", 
      "type": "array"
    }
  }, 
  "title": "Info for AddClusterNodeVM", 
  "type": "object"
}

AddControllerNodeSpec (type) 

{
  "additionalProperties": false, 
  "id": "AddControllerNodeSpec", 
  "module_id": "ClusterManagement", 
  "properties": {
    "clustering_params": {
      "$ref": "ClusteringInfo, 
      "description": "The details of the controller node required for cluster initialization or joining to an existing cluster.  If this property is set, the node will be added to an existing cluster or used to create a new cluster.  Otherwise no clustering operation/s will be performed.", 
      "required": false, 
      "title": "Clustering parameters for the node"
    }, 
    "control_plane_server_certificate": {
      "deprecated": true, 
      "description": "Deprecated. Do not supply a value for this property.", 
      "type": "string"
    }, 
    "host_msg_client_info": {
      "$ref": "MsgClientInfo, 
      "required": true
    }, 
    "mpa_msg_client_info": {
      "$ref": "MsgClientInfo, 
      "required": true
    }, 
    "node_id": {
      "description": "Only use this if an id for the node already exists with MP. If not specified, then the node_id will be set to a random id.", 
      "required": false, 
      "title": "Internal identifier of the node", 
      "type": "string"
    }, 
    "type": {
      "enum": [
        "AddControllerNodeSpec"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "must be set to AddControllerNodeSpec", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AddIntelligenceClusterNodeVMInfo (type) 

{
  "description": "Contains a list of NSX-Intelligence cluster node VM deployment requests and optionally a clustering configuration.", 
  "id": "AddIntelligenceClusterNodeVMInfo", 
  "module_id": "NsxIntelligenceDeployment", 
  "properties": {
    "deployment_requests": {
      "description": "Intelligence Cluster node VM deployment requests to be deployed by NSX.", 
      "items": {
        "$ref": "IntelligenceClusterNodeVMDeploymentRequest
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "List of deployment requests", 
      "type": "array"
    }
  }, 
  "title": "Info for AddIntelligenceClusterNodeVM", 
  "type": "object"
}

AddManagementNodeSpec (type) 

{
  "additionalProperties": false, 
  "id": "AddManagementNodeSpec", 
  "module_id": "ClusterManagement", 
  "properties": {
    "cert_thumbprint": {
      "readonly": false, 
      "title": "The certificate thumbprint of the remote node.", 
      "type": "string"
    }, 
    "mpa_msg_client_info": {
      "$ref": "MsgClientInfo
    }, 
    "password": {
      "readonly": false, 
      "required": true, 
      "sensitive": true, 
      "title": "The password to be used to authenticate with the remote node.", 
      "type": "string"
    }, 
    "remote_address": {
      "$ref": "IPAddress, 
      "readonly": false, 
      "required": true, 
      "title": "The host address of the remote node to which to send this join request."
    }, 
    "type": {
      "enum": [
        "AddManagementNodeSpec"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "must be set to AddManagementNodeSpec", 
      "type": "string"
    }, 
    "user_name": {
      "readonly": false, 
      "required": true, 
      "title": "The username to be used to authenticate with the remote node.", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AdditionalSearchParameters (type) 

{
  "additionalProperties": false, 
  "description": "This object presents additional search capabilities over any API through free text query string. e.g. query=\"Web-VM-1\".", 
  "experimental": true, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AdditionalSearchParameters", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "dsl": {
      "description": "It's human readable and context-based query language for retreiving information from search indices. For example: Find router where ip is 10.10.1.10", 
      "required": false, 
      "title": "Search DSL (domain specific language) query", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "query": {
      "required": false, 
      "title": "Search query", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Represents search object that provides additional search capabilities", 
  "type": "object"
}

AddressBindingEntry (type) 

{
  "additionalProperties": false, 
  "description": "An address binding entry is a combination of the IP-MAC-VLAN binding for a logical port. The address bindings can be obtained via various methods like ARP snooping, DHCP snooping etc. or by user configuration.", 
  "id": "AddressBindingEntry", 
  "module_id": "LogicalPort", 
  "properties": {
    "binding": {
      "$ref": "PacketAddressClassifier, 
      "title": "Combination of IP-MAC-VLAN binding"
    }, 
    "binding_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp at which the binding was discovered via snooping or manually specified by the user", 
      "title": "Timestamp of binding"
    }, 
    "source": {
      "$ref": "AddressBindingSource, 
      "default": "UNKNOWN", 
      "description": "Source from which the address binding entry was obtained", 
      "title": "Address binding source"
    }
  }, 
  "title": "Combination of IP-MAC-VLAN binding", 
  "type": "object"
}

AddressBindingSource (type) 

{
  "enum": [
    "INVALID", 
    "UNKNOWN", 
    "USER_DEFINED", 
    "ARP_SNOOPING", 
    "DHCP_SNOOPING", 
    "VM_TOOLS", 
    "ND_SNOOPING", 
    "DHCPV6_SNOOPING", 
    "VM_TOOLS_V6"
  ], 
  "id": "AddressBindingSource", 
  "module_id": "LogicalPort", 
  "title": "Source from which the address binding is obtained", 
  "type": "string"
}

AddressFamilyType (type) 

{
  "additionalProperties": false, 
  "enum": [
    "IPV4_UNICAST", 
    "VPNV4_UNICAST", 
    "IPV6_UNICAST"
  ], 
  "id": "AddressFamilyType", 
  "module_id": "Routing", 
  "title": "Type of Address Family", 
  "type": "string"
}

AdvanceClusterRestoreInput (type) 

{
  "id": "AdvanceClusterRestoreInput", 
  "module_id": "ClusterRestore", 
  "properties": {
    "id": {
      "readonly": true, 
      "required": true, 
      "title": "Unique id of an instruction (as returned by the GET /restore/status\ncall) for which input is to be provided\n", 
      "type": "string"
    }, 
    "resources": {
      "items": {
        "$ref": "SelectableResourceReference
      }, 
      "required": true, 
      "title": "List of resources for which the instruction is applicable.", 
      "type": "array"
    }
  }, 
  "type": "object"
}

AdvanceClusterRestoreRequest (type) 

{
  "id": "AdvanceClusterRestoreRequest", 
  "module_id": "ClusterRestore", 
  "properties": {
    "data": {
      "items": {
        "$ref": "AdvanceClusterRestoreInput
      }, 
      "required": true, 
      "title": "List of instructions and their associated data", 
      "type": "array"
    }
  }, 
  "type": "object"
}

AdvertiseRule (type) 

{
  "additionalProperties": false, 
  "id": "AdvertiseRule", 
  "module_id": "Routing", 
  "properties": {
    "action": {
      "default": "ALLOW", 
      "description": "ALLOW action enables the advertisment and DENY action disables the advertisement of a filtered routes to the connected TIER0 router.", 
      "enum": [
        "DENY", 
        "ALLOW"
      ], 
      "required": false, 
      "title": "Action to ALLOW or DENY advertisement of routes", 
      "type": "string"
    }, 
    "description": {
      "maxLength": 1024, 
      "required": false, 
      "title": "Description", 
      "type": "string"
    }, 
    "display_name": {
      "maxLength": 255, 
      "required": false, 
      "title": "Display name", 
      "type": "string"
    }, 
    "networks": {
      "items": {
        "$ref": "IPCIDRBlock
      }, 
      "required": true, 
      "title": "network(CIDR) to be routed", 
      "type": "array"
    }, 
    "rule_filter": {
      "$ref": "AdvertisementRuleFilter, 
      "required": false, 
      "title": "Rule filter for the advertise rule"
    }
  }, 
  "type": "object"
}

AdvertiseRuleList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "AdvertiseRuleList", 
  "module_id": "Routing", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logical_router_id": {
      "readonly": true, 
      "required": false, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rules": {
      "default": [], 
      "items": {
        "$ref": "AdvertiseRule
      }, 
      "minItems": 0, 
      "required": false, 
      "title": "List of advertisement rules", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

AdvertisementConfig (type) 

{
  "additionalProperties": false, 
  "description": "Advertisement config for different types of routes which need to be advertised from TIER1 logical router to the linked TIER0 logical router", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "AdvertisementConfig", 
  "module_id": "Routing", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "advertise_dns_forwarder": {
      "default": false, 
      "description": "Flag to advertise all routes of dns forwarder listener ips and source ips", 
      "required": false, 
      "title": "Advertise dns forwarder ips", 
      "type": "boolean"
    }, 
    "advertise_ipsec_local_ip": {
      "default": false, 
      "description": "Flag to advertise all IPSec VPN local endpoint ips to linked TIER0 logical router", 
      "required": false, 
      "title": "Advertise IPSec VPN local endpoint ips", 
      "type": "boolean"
    }, 
    "advertise_lb_snat_ip": {
      "default": false, 
      "description": "Flag to advertise all lb SNAT ips", 
      "required": false, 
      "title": "Advertise lb SNAT ips", 
      "type": "boolean"
    }, 
    "advertise_lb_vip": {
      "default": false, 
      "description": "Flag to advertise lb vip ips", 
      "required": false, 
      "title": "Advertise lb vip ips", 
      "type": "boolean"
    }, 
    "advertise_nat_routes": {
      "default": false, 
      "description": "Flag to advertise all routes of nat", 
      "required": false, 
      "title": "Advertise NAT routes", 
      "type": "boolean"
    }, 
    "advertise_nsx_connected_routes": {
      "default": false, 
      "description": "Flag to advertise all connected routes", 
      "required": false, 
      "title": "Advertise connected routes", 
      "type": "boolean"
    }, 
    "advertise_static_routes": {
      "default": false, 
      "description": "Flag to advertise all static routes", 
      "required": false, 
      "title": "Advertise static routes", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": false, 
      "description": "Flag to enable this configuration", 
      "required": false, 
      "title": "Enable advertisement", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logical_router_id": {
      "description": "TIER1 logical router id on which to enable this configuration", 
      "readonly": true, 
      "required": false, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Advertisement config", 
  "type": "object"
}

AdvertisementRuleFilter (type) 

{
  "additionalProperties": false, 
  "description": "To filter the routes advertised by the TIER1 LR to TIER0 LR. Filtering will be based on the type of route and the prefix operator configured.", 
  "id": "AdvertisementRuleFilter", 
  "module_id": "Routing", 
  "properties": {
    "match_route_types": {
      "items": {
        "$ref": "AdvertisementRuleFilterRouteType
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Array of route types to filter routes", 
      "type": "array"
    }, 
    "prefix_operator": {
      "default": "GE", 
      "description": "GE prefix operator filters all the routes having network subset of any of the networks configured in Advertise rule. EQ prefix operator filter all the routes having network equal to any of the network configured in Advertise rule.", 
      "enum": [
        "GE", 
        "EQ"
      ], 
      "required": true, 
      "title": "Prefix operator to apply on networks", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AdvertisementRuleFilterRouteType (type) 

{
  "additionalProperties": false, 
  "description": "Route types to filter the routes advertised by TIER1 LR. The ANY type filters all routes advertised by TIER1. The STATIC type is deprecated. Please refer to T1_STATIC. The T1_STATIC type filters STATIC routes advertised by TIER1. The NSX_CONNECTED type is deprecated. Please refer to T1_CONNECTED. The T1_CONNECTED type filters directly connected routes including downlink and CSP networks advertised by TIER1. The T1_NAT type filters routes for NAT rules advertised by TIER1. The T1_LB_VIP type filters LB VIP networks advertised by TIER1. The T1_LB_SNAT type filters routes corresponding to LB SNAT rules advertised by TIER1. The T1_DNSFORWARDER type filters routes for DNS FORWARDER advertised by TIER1. The T1_IPSEC_LOCAL_IP type filters IPSec VPN local endpoint ip addresses to be advertised.", 
  "enum": [
    "ANY", 
    "STATIC", 
    "T1_STATIC", 
    "NSX_CONNECTED", 
    "T1_CONNECTED", 
    "T1_NAT", 
    "T1_LB_VIP", 
    "T1_LB_SNAT", 
    "T1_DNSFORWARDER", 
    "T1_IPSEC_LOCAL_IP"
  ], 
  "id": "AdvertisementRuleFilterRouteType", 
  "module_id": "Routing", 
  "title": "Route types to filter TIER1 LR advertised routes", 
  "type": "string"
}

AgentInfo (type) 

{
  "additionalProperties": false, 
  "description": "Information on agent download link and install command.", 
  "id": "AgentInfo", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "agent_download_link": {
      "required": false, 
      "title": "Link to Download Agent", 
      "type": "string"
    }, 
    "agent_install_command": {
      "required": false, 
      "title": "Command to Install Agent", 
      "type": "string"
    }, 
    "agent_os_type": {
      "required": false, 
      "title": "Agent OS Type", 
      "type": "string"
    }
  }, 
  "title": "Agent Information", 
  "type": "object"
}

AgentStatus (type) 

{
  "id": "AgentStatus", 
  "module_id": "Heatmap", 
  "properties": {
    "name": {
      "enum": [
        "NSX_AGENT", 
        "NSX_OPSAGENT", 
        "NSX_CFGAGENT", 
        "NSX_NESTDB"
      ], 
      "title": "Agent name", 
      "type": "string"
    }, 
    "status": {
      "enum": [
        "UP", 
        "DOWN", 
        "UNKNOWN"
      ], 
      "title": "Agent status", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AgentStatusCount (type) 

{
  "additionalProperties": false, 
  "id": "AgentStatusCount", 
  "module_id": "Heatmap", 
  "properties": {
    "agents": {
      "description": "List of agent statuses belonging to the transport node", 
      "items": {
        "$ref": "AgentStatus
      }, 
      "title": "NSX agents status", 
      "type": "array"
    }, 
    "down_count": {
      "title": "Down count", 
      "type": "int"
    }, 
    "status": {
      "enum": [
        "UP", 
        "DOWN", 
        "UNKNOWN"
      ], 
      "title": "Roll-up agent status", 
      "type": "string"
    }, 
    "up_count": {
      "title": "Up count", 
      "type": "int"
    }
  }, 
  "type": "object"
}

AggregateDNSForwarderStatistics (type) 

{
  "additionalProperties": false, 
  "description": "Aggregate of DNS forwarder statistics across enforcement points.", 
  "id": "AggregateDNSForwarderStatistics", 
  "module_id": "PolicyDNSStatistics", 
  "properties": {
    "intent_path": {
      "description": "String path of the DNS forwarder intent.", 
      "required": true, 
      "title": "String path of the DNS forwarder intent", 
      "type": "string"
    }, 
    "statistics_per_enforcement_point": {
      "description": "List of DNS forwarder statistics per enforcement point.", 
      "items": {
        "$ref": "DNSForwarderStatisticsPerEnforcementPoint
      }, 
      "readonly": true, 
      "title": "List of DNS forwarder statistics per enforcement point", 
      "type": "array"
    }
  }, 
  "title": "Aggregate of DNS forwarder statistics", 
  "type": "object"
}

AggregateDNSForwarderStatus (type) 

{
  "additionalProperties": false, 
  "description": "Aggregate of DNS forwarder status across enforcement points.", 
  "id": "AggregateDNSForwarderStatus", 
  "module_id": "PolicyDNSStatistics", 
  "properties": {
    "intent_path": {
      "description": "String path of the DNS forwarder intent.", 
      "required": true, 
      "title": "String path of the DNS forwarder intent", 
      "type": "string"
    }, 
    "status_per_enforcement_point": {
      "description": "List of DNS forwarder status per enforcement point.", 
      "items": {
        "$ref": "DNSForwarderStatusPerEnforcementPoint
      }, 
      "readonly": true, 
      "title": "List of DNS forwarder status per enforcement point", 
      "type": "array"
    }
  }, 
  "title": "Aggregate of DNS forwarder status", 
  "type": "object"
}

AggregateIPSecVpnSessionStatistics (type) 

{
  "additionalProperties": false, 
  "description": "Aggregate of IPSec VPN Session Statistics across Enforcement Points.", 
  "extends": {
    "$ref": "AggregatePolicyRuntimeInfo
  }, 
  "id": "AggregateIPSecVpnSessionStatistics", 
  "module_id": "PolicyVpnStats", 
  "properties": {
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }, 
    "results": {
      "description": "List of IPSec VPN Session Statistics per Enforcement Point.", 
      "items": {
        "$ref": "IPSecVpnSessionStatisticsPerEP, 
        "title": "IPSec VPN Session Statistics per Enforcement Point"
      }, 
      "readonly": true, 
      "title": "List of IPSec VPN Session Statistics per Enforcement Point", 
      "type": "array"
    }
  }, 
  "title": "Aggregate of IPSec VPN Session Statistics", 
  "type": "object"
}

AggregateIPSecVpnSessionStatus (type) 

{
  "additionalProperties": false, 
  "description": "Aggregate of IPSec VPN Session Status across Enforcement Points.", 
  "extends": {
    "$ref": "AggregatePolicyRuntimeInfo
  }, 
  "id": "AggregateIPSecVpnSessionStatus", 
  "module_id": "PolicyVpnStats", 
  "properties": {
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }, 
    "results": {
      "description": "List of IPSec VPN Session Status per Enforcement Point.", 
      "items": {
        "$ref": "IPSecVpnSessionStatusPerEP, 
        "title": "IPSec VPN Session Status per Enforcement Point"
      }, 
      "readonly": true, 
      "title": "List of IPSec VPN Session Status per Enforcement Point", 
      "type": "array"
    }
  }, 
  "title": "Aggregate of IPSec VPN Session Status", 
  "type": "object"
}

AggregateL2VPNSessionPeerConfig (type) 

{
  "additionalProperties": false, 
  "description": "Aggregate of L2VPN Session peer config across Enforcement Points.", 
  "extends": {
    "$ref": "AggregatePolicyRuntimeInfo
  }, 
  "id": "AggregateL2VPNSessionPeerConfig", 
  "module_id": "PolicyLayer2VPN", 
  "properties": {
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }, 
    "results": {
      "description": "List of L2VPN Session peer config per Enforcement Point.", 
      "items": {
        "$ref": "L2VPNSessionPeerConfigPerEP
      }, 
      "readonly": true, 
      "title": "List of L2VPN Session Peer config per Enforcement Point", 
      "type": "array"
    }
  }, 
  "title": "Aggregate of L2VPN Session Peer Config", 
  "type": "object"
}

AggregateL2VPNSessionStatistics (type) 

{
  "additionalProperties": false, 
  "description": "Aggregate of L2VPN Session Statistics across Enforcement Points.", 
  "extends": {
    "$ref": "AggregatePolicyRuntimeInfo
  }, 
  "id": "AggregateL2VPNSessionStatistics", 
  "module_id": "PolicyVpnStats", 
  "properties": {
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }, 
    "results": {
      "description": "List of L2VPN Session Statistics per Enforcement Point.", 
      "items": {
        "$ref": "L2VPNSessionStatisticsPerEP, 
        "title": "L2VPN Session Statistics per Enforcement Point"
      }, 
      "readonly": true, 
      "title": "List of L2VPN Session Statistics per Enforcement Point", 
      "type": "array"
    }
  }, 
  "title": "Aggregate of L2VPN Session Statistics", 
  "type": "object"
}

AggregateL2VPNSessionStatus (type) 

{
  "additionalProperties": false, 
  "description": "Aggregate of L2VPN Session Status across Enforcement Points.", 
  "extends": {
    "$ref": "AggregatePolicyRuntimeInfo
  }, 
  "id": "AggregateL2VPNSessionStatus", 
  "module_id": "PolicyVpnStats", 
  "properties": {
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }, 
    "results": {
      "description": "List of L2VPN Session Status per Enforcement Point.", 
      "items": {
        "$ref": "L2VPNSessionStatusPerEP, 
        "title": "L2VPN Session Status per Enforcement Point"
      }, 
      "readonly": true, 
      "title": "List of L2VPN Session Status per Enforcement Point", 
      "type": "array"
    }
  }, 
  "title": "Aggregate of L2VPN Session Status", 
  "type": "object"
}

AggregateLBNodeUsageSummary (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "AggregatePolicyRuntimeInfo
  }, 
  "id": "AggregateLBNodeUsageSummary", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }, 
    "results": {
      "description": "LBNodeUsageSummary list results.", 
      "items": {
        "$ref": "LBNodeUsageSummary, 
        "title": "LBNodeUsageSummary"
      }, 
      "readonly": true, 
      "title": "LBNodeUsageSummary list results", 
      "type": "array"
    }
  }, 
  "title": "Aggregate of LBNodeUsageSummary across Enforcement Points.", 
  "type": "object"
}

AggregateLBPoolStatistics (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "AggregatePolicyRuntimeInfo
  }, 
  "id": "AggregateLBPoolStatistics", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }, 
    "results": {
      "description": "LBPoolStatisticsPerEP list results.", 
      "items": {
        "$ref": "LBPoolStatisticsPerEP, 
        "title": "LBPoolStatisticsPerEP"
      }, 
      "readonly": true, 
      "title": "LBPoolStatisticsPerEP list results", 
      "type": "array"
    }
  }, 
  "title": "Paged Collection of LBPoolStatisticsPerEP", 
  "type": "object"
}

AggregateLBPoolStatus (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "AggregatePolicyRuntimeInfo
  }, 
  "id": "AggregateLBPoolStatus", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }, 
    "results": {
      "description": "LBPoolStatusPerEP list results.", 
      "items": {
        "$ref": "LBPoolStatusPerEP, 
        "title": "LBPoolStatusPerEP"
      }, 
      "readonly": true, 
      "title": "LBPoolStatusPerEP list results", 
      "type": "array"
    }
  }, 
  "title": "Paged Collection of LBPoolStatusPerEP", 
  "type": "object"
}

AggregateLBServiceStatistics (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "AggregatePolicyRuntimeInfo
  }, 
  "id": "AggregateLBServiceStatistics", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }, 
    "results": {
      "description": "LBServiceStatisticsPerEP list results.", 
      "items": {
        "$ref": "LBServiceStatisticsPerEP, 
        "title": "LBServiceStatisticsPerEP"
      }, 
      "readonly": true, 
      "title": "LBServiceStatisticsPerEP list results", 
      "type": "array"
    }
  }, 
  "title": "Paged Collection of LBServiceStatisticsPerEP", 
  "type": "object"
}

AggregateLBServiceStatus (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "AggregatePolicyRuntimeInfo
  }, 
  "id": "AggregateLBServiceStatus", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }, 
    "results": {
      "description": "LBServiceStatusPerEP list results.", 
      "items": {
        "$ref": "LBServiceStatusPerEP, 
        "title": "LBServiceStatusPerEP"
      }, 
      "readonly": true, 
      "title": "LBServiceStatusPerEP list results", 
      "type": "array"
    }
  }, 
  "title": "Paged Collection of LBServiceStatusPerEP", 
  "type": "object"
}

AggregateLBServiceUsage (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "AggregatePolicyRuntimeInfo
  }, 
  "id": "AggregateLBServiceUsage", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }, 
    "results": {
      "description": "LBServiceUsagePerEP list results.", 
      "items": {
        "$ref": "LBServiceUsagePerEP, 
        "title": "LBServiceUsagePerEP"
      }, 
      "readonly": true, 
      "title": "LBServiceUsagePerEP list results", 
      "type": "array"
    }
  }, 
  "title": "Aggregate of LBServiceUsagePerEP across Enforcement Points.", 
  "type": "object"
}

AggregateLBVirtualServerStatistics (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "AggregatePolicyRuntimeInfo
  }, 
  "id": "AggregateLBVirtualServerStatistics", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }, 
    "results": {
      "description": "LBVirtualServerStatisticsPerEP list results.", 
      "items": {
        "$ref": "LBVirtualServerStatisticsPerEP, 
        "title": "LBVirtualServerStatisticsPerEP"
      }, 
      "readonly": true, 
      "title": "LBVirtualServerStatisticsPerEP list results", 
      "type": "array"
    }
  }, 
  "title": "Paged Collection of LBVirtualServerStatisticsPerEP", 
  "type": "object"
}

AggregateLBVirtualServerStatus (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "AggregatePolicyRuntimeInfo
  }, 
  "id": "AggregateLBVirtualServerStatus", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }, 
    "results": {
      "description": "LBVirtualServerStatusPerEP list results.", 
      "items": {
        "$ref": "LBVirtualServerStatusPerEP, 
        "title": "LBVirtualServerStatusPerEP"
      }, 
      "readonly": true, 
      "title": "LBVirtualServerStatusPerEP list results", 
      "type": "array"
    }
  }, 
  "title": "Paged Collection of LBVirtualServerStatusPerEP", 
  "type": "object"
}

AggregatePolicyDnsAnswer (type) 

{
  "additionalProperties": false, 
  "description": "Aggregate of DNS forwarder nslookup answer across enforcement points.", 
  "id": "AggregatePolicyDnsAnswer", 
  "module_id": "PolicyDnsForwarder", 
  "properties": {
    "dns_answer_per_enforcement_point": {
      "description": "List of DNS forwarder nslookup answer per enforcement point.", 
      "items": {
        "$ref": "PolicyDnsAnswerPerEnforcementPoint
      }, 
      "readonly": true, 
      "title": "List of DNS forwarder nslookup answer per enforcement point", 
      "type": "array"
    }, 
    "intent_path": {
      "description": "String path of the DNS forwarder intent.", 
      "required": true, 
      "title": "String path of the DNS forwarder intent", 
      "type": "string"
    }
  }, 
  "title": "Aggregate of DNS forwarder nslookup answer", 
  "type": "object"
}

AggregatePolicyRuntimeInfo (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Aggregate of PolicyRuntimeInfoPerEP across Enforcement Points.", 
  "id": "AggregatePolicyRuntimeInfo", 
  "module_id": "PolicyBaseStatistics", 
  "properties": {
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }
  }, 
  "title": "Aggregate of PolicyRuntimeInfoPerEP", 
  "type": "object"
}

AggregatedDataCounter (type) 

{
  "id": "AggregatedDataCounter", 
  "module_id": "AggSvcL2Types", 
  "properties": {
    "rx_bytes": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "rx_packets": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_bytes": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_packets": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }
  }, 
  "type": "object"
}

AggregatedDataCounterEx (type) 

{
  "extends": {
    "$ref": "AggregatedDataCounter
  }, 
  "id": "AggregatedDataCounterEx", 
  "module_id": "AggSvcL2Types", 
  "properties": {
    "dropped_by_security_packets": {
      "$ref": "PacketsDroppedBySecurity, 
      "readonly": true, 
      "required": false
    }, 
    "mac_learning": {
      "$ref": "MacLearningCounters, 
      "readonly": true, 
      "required": false
    }, 
    "rx_bytes": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "rx_packets": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_bytes": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_packets": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }
  }, 
  "type": "object"
}

AggregatedLogicalRouterPortCounters (type) 

{
  "id": "AggregatedLogicalRouterPortCounters", 
  "module_id": "AggSvcLogicalRouterPort", 
  "properties": {
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Timestamp when the data was last updated; unset if data source has never updated the data."
    }, 
    "rx": {
      "$ref": "LogicalRouterPortCounters, 
      "readonly": true, 
      "required": false
    }, 
    "tx": {
      "$ref": "LogicalRouterPortCounters, 
      "readonly": true, 
      "required": false
    }
  }, 
  "type": "object"
}

Alarm (type) 

{
  "additionalProperties": false, 
  "id": "Alarm", 
  "properties": {
    "id": {
      "readonly": true, 
      "required": true, 
      "title": "Unique identifier for an NSX Alarm", 
      "type": "string"
    }, 
    "message": {
      "required": true, 
      "title": "Description of the Alarm", 
      "type": "string"
    }, 
    "severity": {
      "enum": [
        "UNKNOWN", 
        "MINOR", 
        "MAJOR", 
        "CRITICAL"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Severity of an Alarm", 
      "type": "string"
    }, 
    "source_comp": {
      "readonly": true, 
      "required": true, 
      "title": "Alarm source component like nsx-manager, nsx-edge etc", 
      "type": "string"
    }, 
    "source_comp_id": {
      "readonly": true, 
      "required": true, 
      "title": "Unique identifier(like UUID) for the node sending the Alarm", 
      "type": "string"
    }, 
    "source_subcomp": {
      "readonly": true, 
      "required": true, 
      "title": "Alarm source sub component like nsx-mpa etc", 
      "type": "string"
    }, 
    "sources": {
      "$ref": "AlarmSource, 
      "readonly": true, 
      "required": false, 
      "title": "Sources emitting this alarm", 
      "type": "object"
    }, 
    "state": {
      "enum": [
        "UNKNOWN", 
        "ACTIVE", 
        "ACKNOWLEDGED", 
        "RESOLVED"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Alarm state"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "required": true, 
      "title": "Date and time in UTC of the Alarm"
    }
  }, 
  "title": "Alarm in NSX that needs users' attention", 
  "type": "object"
}

AlarmListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AlarmListResult", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Alarm
      }, 
      "required": true, 
      "title": "Alarm results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Alarm collection results", 
  "type": "object"
}

AlarmQueryParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResultQueryParameters
  }, 
  "id": "AlarmQueryParameters", 
  "properties": {
    "cursor": {
      "description": "A log cursor points to a specific line number in the alarm list", 
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "integer"
    }, 
    "fields": {
      "description": "Comma-separated field names to include in query result", 
      "title": "Fields to include in query results", 
      "type": "string"
    }, 
    "page_size": {
      "default": 100, 
      "description": "The page size determines the number of alarms to be returned", 
      "maximum": 100, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

AlarmSource (type) 

{
  "id": "AlarmSource", 
  "properties": {
    "id": {
      "readonly": true, 
      "required": false, 
      "title": "Identifier of the Alarm source entity for e.g. Vpn session id, Vpn tunnel id etc.", 
      "type": "string"
    }, 
    "ip_address": {
      "readonly": true, 
      "required": false, 
      "title": "Ip address", 
      "type": "string"
    }, 
    "ip_address_type": {
      "enum": [
        "IPV4", 
        "IPV6"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Ip address type v4, v6 etc."
    }, 
    "local_ip": {
      "readonly": true, 
      "required": false, 
      "title": "VPN session/tunnel etc. local Ip(v4 or v6) address", 
      "type": "string"
    }, 
    "mount": {
      "readonly": true, 
      "required": false, 
      "title": "Filesystem mount name", 
      "type": "string"
    }, 
    "peer_ip": {
      "readonly": true, 
      "required": false, 
      "title": "VPN session/tunnel etc. peer Ip(v4 or v6) address", 
      "type": "string"
    }
  }, 
  "title": "Source of the Alarm", 
  "type": "object"
}

AllAccountsStateInfo (type) 

{
  "additionalProperties": false, 
  "description": "State Information of all accounts like synchronization in progress count.", 
  "id": "AllAccountsStateInfo", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "sync_in_progress": {
      "description": "Number of cloud accounts for which inventory synchronization is in progress.", 
      "readonly": true, 
      "required": false, 
      "title": "Sync In Progress Count", 
      "type": "integer"
    }
  }, 
  "title": "State Information Of All Accounts", 
  "type": "object"
}

AllAccountsStatistics (type) 

{
  "additional_properties": false, 
  "description": "Stores statistics of all accounts managed by CSM.", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AllAccountsStatistics", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "accounts_count": {
      "description": "Count of the all accounts managed by CSM.", 
      "readonly": true, 
      "required": false, 
      "title": "Accounts Count", 
      "type": "integer"
    }, 
    "accounts_status": {
      "$ref": "AllAccountsStateInfo, 
      "description": "Status of all accounts like synchronization in progress count.", 
      "readonly": true, 
      "required": false, 
      "title": "Status Of All Accounts"
    }, 
    "instance_stats": {
      "$ref": "InstanceStats, 
      "description": "Instance statistics accross all accounts managed by CSM.", 
      "readonly": true, 
      "required": false, 
      "title": "Instance Statistics"
    }, 
    "resource_type": {
      "description": "Optional identifier for listing all accounts statistics of a particular cloud provider. Legal values are AwsAccount or AzureAccount.", 
      "enum": [
        "AwsAccount", 
        "AzureAccount"
      ], 
      "required": false, 
      "title": "Resource Type", 
      "type": "string"
    }
  }, 
  "title": "All Accounts  Statistics", 
  "type": "object"
}

AllAccountsStatisticsListResult (type) 

{
  "additionalProperties": false, 
  "description": "Stores statistics for all accounts managed by CSM.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AllAccountsStatisticsListResult", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "decription": "Array of All Accounts Statistics.", 
      "items": {
        "$ref": "AllAccountsStatistics
      }, 
      "required": false, 
      "title": "Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "All Accounts Statistics List Result", 
  "type": "object"
}

AllAccountsStatisticsRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "A set of optional filter paramters to list all accounts statistics.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AllAccountsStatisticsRequestParameters", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "cloud_type": {
      "description": "Optional identifier for cloud provider based on which all accounts statistics are to be filtered. Legal values are AWS or AZURE.", 
      "enum": [
        "AWS", 
        "AZURE"
      ], 
      "required": false, 
      "title": "Cloud Type", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "Optional identifier for listing all accounts statistics of a particular cloud provider. Legal values are AwsAccount or AzureAccount.", 
      "enum": [
        "AwsAccount", 
        "AzureAccount"
      ], 
      "required": false, 
      "title": "Resource Type", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "All Accounts Statistics Request Parameters", 
  "type": "object"
}

AllClusterGroupStatus (type) 

{
  "additionalProperties": false, 
  "description": "A list of the statuses of all the groups in the cluster.", 
  "id": "AllClusterGroupStatus", 
  "module_id": "Cluster", 
  "properties": {
    "cluster_id": {
      "readonly": true, 
      "title": "UUID of the cluster", 
      "type": "string"
    }, 
    "groups": {
      "items": {
        "$ref": "ClusterGroupStatus
      }, 
      "readonly": true, 
      "title": "Array of groups and their statuses", 
      "type": "array"
    }, 
    "overall_status": {
      "enum": [
        "STABLE", 
        "DEGRADED", 
        "UNAVAILABLE"
      ], 
      "readonly": true, 
      "title": "Overall status of the cluster", 
      "type": "string"
    }
  }, 
  "title": "Status of all the cluster groups", 
  "type": "object"
}

AllocatedService (type) 

{
  "additionalProperties": false, 
  "id": "AllocatedService", 
  "module_id": "EdgeClusters", 
  "properties": {
    "allocation_details": {
      "description": "Additional properties of a service, say the sub_pool_size and sub_pool_type for a LoadBalancer.", 
      "items": {
        "$ref": "KeyValuePair
      }, 
      "readonly": false, 
      "title": "Key-Value map of additional specific properties of services", 
      "type": "array"
    }, 
    "high_availability_status": {
      "description": "Represents the active or the standby state of the service.", 
      "enum": [
        "ACTIVE", 
        "STANDBY", 
        "DOWN", 
        "SYNC", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "title": "HA Status of the service context node", 
      "type": "string"
    }, 
    "service_reference": {
      "$ref": "ResourceReference, 
      "readonly": true, 
      "required": true, 
      "title": "Id and Name of the service context configured on edge node."
    }
  }, 
  "type": "object"
}

AllocationAction (type) 

{
  "additionalProperties": false, 
  "id": "AllocationAction", 
  "module_id": "Ipam", 
  "properties": {
    "action": {
      "enum": [
        "ALLOCATE", 
        "RELEASE"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Specifies allocate or release action", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AllocationBasedOnFailureDomain (type) 

{
  "additionalProperties": false, 
  "description": "Auto place TIER1 logical routers, DHCP and MDProxy contexts on two edge nodes (active and standby) from different failure domains.", 
  "extends": {
    "$ref": "AllocationRuleAction
  }, 
  "id": "AllocationBasedOnFailureDomain", 
  "module_id": "EdgeClusters", 
  "polymorphic-type-descriptor": {
    "type-identifier": "AllocationBasedOnFailureDomain"
  }, 
  "properties": {
    "action_type": {
      "$ref": "AllocationRuleActionType, 
      "description": "Set action for each allocation rule on edge cluster which will help in auto placement.", 
      "required": true, 
      "title": "Type of action for allocation rule"
    }, 
    "enabled": {
      "default": false, 
      "description": "Enable placement algorithm to consider failure domain of edge transport nodes and place active and standby contexts in different failure domains.", 
      "required": false, 
      "title": "Flag to enable failure domain based allocation", 
      "type": "boolean"
    }
  }, 
  "title": "Placement based on failure domain of edge node", 
  "type": "object"
}

AllocationIpAddress (type) 

{
  "additionalProperties": false, 
  "description": "Allocation parameters for the IP address (e.g. specific IP address) can be specified. Tags, display_name and description attributes are not supported in this release.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "AllocationIpAddress", 
  "module_id": "Ipam", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "allocation_id": {
      "$ref": "IPAddress, 
      "readonly": true, 
      "title": "Address that is allocated from pool"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

AllocationIpAddressListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AllocationIpAddressListResult", 
  "module_id": "Ipam", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "AllocationIpAddress
      }, 
      "required": true, 
      "title": "Pool allocation list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AllocationPool (type) 

{
  "additionalProperties": false, 
  "id": "AllocationPool", 
  "module_id": "EdgeClusters", 
  "properties": {
    "active_service_count": {
      "description": "Represents the number of acitve services running on the edge node.", 
      "readonly": true, 
      "title": "Number of active services on edge node", 
      "type": "int"
    }, 
    "standby_service_count": {
      "description": "Represents the number of standby services running on the edge node.", 
      "readonly": true, 
      "title": "Number of standby services on edge node", 
      "type": "int"
    }, 
    "sub_pools": {
      "description": "Allocation details of sub-pools configured on edge node.", 
      "items": {
        "$ref": "SubPool
      }, 
      "title": "Edge node sub-pool allocation details", 
      "type": "array"
    }
  }, 
  "type": "object"
}

AllocationPoolType (type) 

{
  "additionalProperties": false, 
  "enum": [
    "LoadBalancerAllocationPool"
  ], 
  "id": "AllocationPoolType", 
  "module_id": "LogicalRouter", 
  "title": "Types of logical router allocation pool based on services", 
  "type": "string"
}

AllocationRule (type) 

{
  "additionalProperties": false, 
  "description": "Allocation rule on edge cluster which will be considered in auto placement of TIER1 logical routers, DHCP and MDProxy.", 
  "id": "AllocationRule", 
  "module_id": "EdgeClusters", 
  "properties": {
    "action": {
      "$ref": "AllocationRuleAction, 
      "description": "Set action for each allocation rule", 
      "required": true, 
      "title": "Action for allocation rule"
    }
  }, 
  "title": "Allocation rule on edge cluster", 
  "type": "object"
}

AllocationRuleAction (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Define action for each allocation rule which added on edge cluster.", 
  "id": "AllocationRuleAction", 
  "module_id": "EdgeClusters", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "action_type"
  }, 
  "properties": {
    "action_type": {
      "$ref": "AllocationRuleActionType, 
      "description": "Set action for each allocation rule on edge cluster which will help in auto placement.", 
      "required": true, 
      "title": "Type of action for allocation rule"
    }
  }, 
  "title": "Set action for allocation rule", 
  "type": "object"
}

AllocationRuleActionType (type) 

{
  "additionalProperties": false, 
  "description": "Set action for each allocation rule on edge cluster which will help in auto placement.", 
  "enum": [
    "AllocationBasedOnFailureDomain"
  ], 
  "id": "AllocationRuleActionType", 
  "module_id": "EdgeClusters", 
  "title": "Type of action for allocation rule", 
  "type": "string"
}

ApiError (type) 

{
  "extends": {
    "$ref": "RelatedApiError
  }, 
  "id": "ApiError", 
  "module_id": "Common", 
  "properties": {
    "details": {
      "title": "Further details about the error", 
      "type": "string"
    }, 
    "error_code": {
      "title": "A numeric error code", 
      "type": "integer"
    }, 
    "error_data": {
      "title": "Additional data about the error", 
      "type": "object"
    }, 
    "error_message": {
      "title": "A description of the error", 
      "type": "string"
    }, 
    "module_name": {
      "title": "The module name where the error occurred", 
      "type": "string"
    }, 
    "related_errors": {
      "items": {
        "$ref": "RelatedApiError
      }, 
      "title": "Other errors related to this error", 
      "type": "array"
    }
  }, 
  "title": "Detailed information about an API Error", 
  "type": "object"
}

ApiRequestBody (type) 

{
  "additionalProperties": false, 
  "description": "API Request Body is an Event Source that represents an API request body that is being reveived as part of an API. Supported Request Bodies are those received as part of a PATCH/PUT/POST request.", 
  "extends": {
    "$ref": "Source
  }, 
  "id": "ApiRequestBody", 
  "module_id": "PolicyReaction", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ApiRequestBody"
  }, 
  "properties": {
    "resource_pointer": {
      "description": "Regex path representing a regex expression on resources. This regex is used to identify the request body(ies) that is/are the source of the Event. For instance: specifying \"Lb* | /infra/tier-0s/vmc/ipsec-vpn-services/default\" as a source means that ANY resource starting with Lb or ANY resource with \"/infra/tier-0s/vmc/ipsec-vpn-services/default\" as path would be the source of the event in question.", 
      "required": true, 
      "title": "Resource Pointer", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Event Source resource type.", 
      "enum": [
        "ResourceOperation", 
        "ApiRequestBody"
      ], 
      "required": true, 
      "title": "Resource Type", 
      "type": "string"
    }
  }, 
  "title": "API Request Body", 
  "type": "object"
}

ApiServiceConfig (type) 

{
  "additionalProperties": false, 
  "description": "Properties that affect the configuration of the NSX API service.", 
  "id": "ApiServiceConfig", 
  "properties": {
    "cipher_suites": {
      "description": "The TLS cipher suites that the API service will negotiate.", 
      "items": {
        "$ref": "CipherSuite
      }, 
      "minItems": 1, 
      "title": "Cipher suites used to secure contents of connection", 
      "type": "array"
    }, 
    "client_api_concurrency_limit": {
      "default": 40, 
      "description": "The maximum number of concurrent API requests that will be serviced for a given authenticated client.  If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0.", 
      "minimum": 0, 
      "title": "Client API rate limit in calls", 
      "type": "integer"
    }, 
    "client_api_rate_limit": {
      "default": 100, 
      "description": "The maximum number of API requests that will be serviced per second for a given authenticated client.  If more API requests are received than can be serviced, a 429 Too Many Requests HTTP response will be returned. To disable API rate limiting, set this value to 0.", 
      "minimum": 0, 
      "title": "Client API rate limit in calls per second", 
      "type": "integer"
    }, 
    "connection_timeout": {
      "default": 30, 
      "description": "NSX connection timeout, in seconds. To disable timeout, set to 0.", 
      "maximum": 2147483647, 
      "minimum": 0, 
      "title": "NSX connection timeout", 
      "type": "integer"
    }, 
    "global_api_concurrency_limit": {
      "default": 199, 
      "description": "The maximum number of concurrent API requests that will be serviced. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client.  To disable API concurrency limiting, set this value to 0.", 
      "minimum": 0, 
      "title": "Global API rate limit in calls", 
      "type": "integer"
    }, 
    "lockout_immune_addresses": {
      "description": "The list of IP addresses which are not subjected to a lockout on failed login attempts.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "title": "IP addresses which are not subject to lockout on failed login attempts", 
      "type": "array"
    }, 
    "protocol_versions": {
      "description": "The TLS protocol versions that the API service will negotiate.", 
      "items": {
        "$ref": "ProtocolVersion
      }, 
      "minItems": 1, 
      "title": "TLS protocol versions", 
      "type": "array"
    }, 
    "redirect_host": {
      "$ref": "HostnameOrIPv4AddressOrEmptyString, 
      "default": "", 
      "description": "Host name or IP address to use for redirect location headers, or empty string to derive from current request. To disable, set redirect_host to the empty string (\"\").", 
      "title": "Hostname/IP to use in redirect headers"
    }, 
    "session_timeout": {
      "default": 1800, 
      "descriptions": "Sessions inactive for more than this value are terminated. The value is given in seconds. Set to 0 to disable timeouts.", 
      "maximum": 2147483647, 
      "minimum": 0, 
      "title": "NSX session inactivity timeout", 
      "type": "integer"
    }
  }, 
  "title": "Configuration of the API service", 
  "type": "object"
}

AppDiscoveryAppProfileResultSummary (type) 

{
  "description": "Contains the application discovery result summary of the App Profile", 
  "id": "AppDiscoveryAppProfileResultSummary", 
  "module_id": "AppDiscovery", 
  "properties": {
    "app_profile_id": {
      "required": false, 
      "title": "ID of the App Profile", 
      "type": "string"
    }, 
    "display_name": {
      "required": false, 
      "title": "Name of the App Profile", 
      "type": "string"
    }, 
    "installed_apps_count": {
      "required": false, 
      "title": "Number of apps installed that belongs to this App Profile", 
      "type": "integer"
    }
  }, 
  "title": "Application discovery result summary of an App Profile", 
  "type": "object"
}

AppDiscoverySession (type) 

{
  "description": "Contains the details of an application discovery session", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "AppDiscoverySession", 
  "module_id": "AppDiscovery", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "end_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "required": false, 
      "title": "End time of the session expressed in milliseconds since epoch"
    }, 
    "failed_reason": {
      "readonly": true, 
      "required": false, 
      "title": "The reason for the session status failure.", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "reclassification": {
      "description": "Some App Profiles that were part of the discovery session could be modified or deleted | after the session has been completed. NOT_REQUIRED status denotes that there were no such modifications. | REQUIRED status denotes some App Profiles that were part of the session has been modified/deleted and some | and some applications might not have been classfifed correctly. Use /session/<session-id>/reclassify API to| re-classfy the applications discovered based on app profiles.", 
      "enum": [
        "NOT_REQUIRED", 
        "REQUIRED"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "The reclassification status of the discovery session", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "start_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "required": false, 
      "title": "Start time of the session expressed in milliseconds since epoch"
    }, 
    "status": {
      "enum": [
        "FAILED", 
        "RUNNING", 
        "FINISHED"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "The status of the session", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Contains the details of an application discovery session", 
  "type": "object"
}

AppDiscoverySessionResultSummary (type) 

{
  "description": "Contains the summary of the results of an application discovery session", 
  "extends": {
    "$ref": "AppDiscoverySession
  }, 
  "id": "AppDiscoverySessionResultSummary", 
  "module_id": "AppDiscovery", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "app_profile_summary_list": {
      "items": {
        "$ref": "AppDiscoveryAppProfileResultSummary
      }, 
      "required": false, 
      "title": "List of App Profiles summary discovered in this session", 
      "type": "array"
    }, 
    "app_profiles": {
      "items": {
        "$ref": "AppProfileMetaInfo
      }, 
      "required": false, 
      "title": "List of app profiles targeted to be classified for this session", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "end_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "required": false, 
      "title": "End time of the session expressed in milliseconds since epoch"
    }, 
    "failed_reason": {
      "readonly": true, 
      "required": false, 
      "title": "The reason for the session status failure.", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ns_groups": {
      "items": {
        "$ref": "NSGroupMetaInfo
      }, 
      "required": false, 
      "title": "List of NSGroups provided for discovery for this session", 
      "type": "array"
    }, 
    "reclassification": {
      "description": "Some App Profiles that were part of the discovery session could be modified or deleted | after the session has been completed. NOT_REQUIRED status denotes that there were no such modifications. | REQUIRED status denotes some App Profiles that were part of the session has been modified/deleted and some | and some applications might not have been classfifed correctly. Use /session/<session-id>/reclassify API to| re-classfy the applications discovered based on app profiles.", 
      "enum": [
        "NOT_REQUIRED", 
        "REQUIRED"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "The reclassification status of the discovery session", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "start_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "required": false, 
      "title": "Start time of the session expressed in milliseconds since epoch"
    }, 
    "status": {
      "enum": [
        "FAILED", 
        "RUNNING", 
        "FINISHED"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "The status of the session", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Contains the summary of the results of an application discovery session", 
  "type": "object"
}

AppDiscoverySessionsListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AppDiscoverySessionsListResult", 
  "module_id": "AppDiscovery", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "AppDiscoverySession
      }, 
      "required": true, 
      "title": "AppProfile Sessions results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Application discovery sessions list", 
  "type": "object"
}

AppDiscoverySessionsParameters (type) 

{
  "description": "Parameters to query application discovery sessions with.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AppDiscoverySessionsParameters", 
  "module_id": "AppDiscovery", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "group_id": {
      "required": false, 
      "title": "NSGroup id, helps user query sessions related to one nsgroup", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "status": {
      "enum": [
        "STARTING", 
        "FAILED", 
        "RUNNING", 
        "FINISHED"
      ], 
      "required": false, 
      "title": "Session Status, e.g. get all running sessions", 
      "type": "string"
    }
  }, 
  "title": "Parameters to query session with, such as nsgroup id", 
  "type": "object"
}

AppDiscoveryVmInfo (type) 

{
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AppDiscoveryVmInfo", 
  "module_id": "AppDiscovery", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "os_properties": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "OS properties of the VM", 
      "type": "array"
    }, 
    "os_type": {
      "enum": [
        "INVALID", 
        "WINDOWS", 
        "LINUX"
      ], 
      "required": false, 
      "title": "OS type of the VM", 
      "type": "string"
    }, 
    "vm_external_id": {
      "title": "External Id of the VM", 
      "type": "string"
    }, 
    "vm_name": {
      "required": false, 
      "title": "Name of the VM", 
      "type": "string"
    }
  }, 
  "title": "AppDiscoveryVmInfo details", 
  "type": "object"
}

AppDiscoveryVmInfoListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AppDiscoveryVmInfoListResult", 
  "module_id": "AppDiscovery", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "AppDiscoveryVmInfo
      }, 
      "required": true, 
      "title": "list of AppDiscoveryVmInfos", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "AppDiscoveryVmInfo list", 
  "type": "object"
}

AppInfo (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "AppInfo", 
  "module_id": "AppDiscovery", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "manufacturer": {
      "required": false, 
      "title": "Manufacturer of the app", 
      "type": "string"
    }, 
    "name": {
      "required": false, 
      "title": "Name of the app", 
      "type": "string"
    }, 
    "os_type": {
      "enum": [
        "INVALID", 
        "WINDOWS", 
        "LINUX"
      ], 
      "required": false, 
      "title": "OS type of VM the App belongs to", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "version": {
      "required": false, 
      "title": "Version of the app", 
      "type": "string"
    }, 
    "vm_ids": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Ids of the VMs in which this app is installed", 
      "type": "array"
    }
  }, 
  "title": "AppInfo details", 
  "type": "object"
}

AppInfoHostVmCsvRecord (type) 

{
  "extends": {
    "$ref": "CsvRecord
  }, 
  "id": "AppInfoHostVmCsvRecord", 
  "module_id": "AppDiscovery", 
  "properties": {
    "display_name": {
      "readonly": true, 
      "title": "Name of the app", 
      "type": "string"
    }, 
    "host_vms": {
      "readonly": true, 
      "title": "vm ids that this application belongs to", 
      "type": "string"
    }, 
    "id": {
      "readonly": true, 
      "title": "Id of the app", 
      "type": "string"
    }, 
    "manufacturer": {
      "readonly": true, 
      "title": "Manufacturer of the app", 
      "type": "string"
    }, 
    "os_type": {
      "enum": [
        "INVALID", 
        "WINDOWS", 
        "LINUX"
      ], 
      "required": false, 
      "title": "OS type of the VM", 
      "type": "string"
    }, 
    "version": {
      "readonly": true, 
      "title": "Version of the app", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AppInfoHostVmListInCsvFormat (type) 

{
  "extends": {
    "$ref": "CsvListResult
  }, 
  "id": "AppInfoHostVmListInCsvFormat", 
  "module_id": "AppDiscovery", 
  "properties": {
    "file_name": {
      "description": "File name set by HTTP server if API  returns CSV result as a file.", 
      "required": false, 
      "title": "File name", 
      "type": "string"
    }, 
    "results": {
      "items": {
        "$ref": "AppInfoHostVmCsvRecord
      }, 
      "required": false, 
      "title": "List of appplications discovered during an application discovery session", 
      "type": "array"
    }
  }, 
  "type": "object"
}

AppInfoListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AppInfoListResult", 
  "module_id": "AppDiscovery", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "AppInfo
      }, 
      "required": true, 
      "title": "Application details corresponding to the App Profile", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "AppInfo Sessions list results", 
  "type": "object"
}

AppProfile (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "AppProfile", 
  "module_id": "AppDiscovery", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "app_profile_category": {
      "required": false, 
      "title": "Category of the app profile, value could be any string that describes the profile", 
      "type": "string"
    }, 
    "app_profile_criteria": {
      "items": {
        "type": "string"
      }, 
      "required": true, 
      "title": "Criteria of the app profile, value could be any string or \"*\"\n(match any string)\n", 
      "type": "array"
    }, 
    "default_app_profile": {
      "required": false, 
      "title": "True if this App Profile is a default profile (automatically created by the system)", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "AppProfile details", 
  "type": "object"
}

AppProfileDeleteRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DeleteRequestParameters
  }, 
  "id": "AppProfileDeleteRequestParameters", 
  "module_id": "AppDiscovery", 
  "properties": {
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }
  }, 
  "title": "AppProfile delete request parameters", 
  "type": "object"
}

AppProfileListRequestParameters (type) 

{
  "description": "Parameters to query app profiles with.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AppProfileListRequestParameters", 
  "module_id": "AppDiscovery", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Parameters to query app profiles with", 
  "type": "object"
}

AppProfileListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AppProfileListResult", 
  "module_id": "AppDiscovery", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "AppProfile
      }, 
      "required": true, 
      "title": "AppProfile IDs", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "App Profile ID list", 
  "type": "object"
}

AppProfileMemberAppsCsvRecord (type) 

{
  "extends": {
    "$ref": "CsvRecord
  }, 
  "id": "AppProfileMemberAppsCsvRecord", 
  "module_id": "AppDiscovery", 
  "properties": {
    "app_profile_category": {
      "readonly": true, 
      "title": "Category of the app profile, value could be any string that describes the profile", 
      "type": "string"
    }, 
    "app_profile_criteria": {
      "readonly": true, 
      "title": "Criteria of the app profile, value could be any string or \"*\" (match any string)", 
      "type": "string"
    }, 
    "description": {
      "readonly": true, 
      "title": "Description of the app profile", 
      "type": "string"
    }, 
    "display_name": {
      "readonly": true, 
      "title": "Name of the app profile", 
      "type": "string"
    }, 
    "member_apps": {
      "readonly": true, 
      "title": "Applications that are member of this app profile", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AppProfileMemberAppsListInCsvFormat (type) 

{
  "extends": {
    "$ref": "CsvListResult
  }, 
  "id": "AppProfileMemberAppsListInCsvFormat", 
  "module_id": "AppDiscovery", 
  "properties": {
    "file_name": {
      "description": "File name set by HTTP server if API  returns CSV result as a file.", 
      "required": false, 
      "title": "File name", 
      "type": "string"
    }, 
    "results": {
      "items": {
        "$ref": "AppProfileMemberAppsCsvRecord
      }, 
      "required": false, 
      "title": "List of app profiles for an application discovery session", 
      "type": "array"
    }
  }, 
  "type": "object"
}

AppProfileMetaInfo (type) 

{
  "description": "Contains the metadata of an App Profile", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "AppProfileMetaInfo", 
  "module_id": "AppDiscovery", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "app_profile_category": {
      "required": false, 
      "title": "Categories of the app profile", 
      "type": "string"
    }, 
    "app_profile_id": {
      "required": false, 
      "title": "ID of the App Profile", 
      "type": "string"
    }, 
    "app_profile_name": {
      "required": false, 
      "title": "Name of the App Profile", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Metadata about App Profile", 
  "type": "object"
}

ApplianceManagementSuppressRedirectQueryParameter (type) 

{
  "additionalProperties": false, 
  "id": "ApplianceManagementSuppressRedirectQueryParameter", 
  "properties": {
    "suppress_redirect": {
      "default": false, 
      "description": "Do not return a redirect HTTP status.", 
      "title": "Suppress redirect status if applicable", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

ApplianceManagementTaskListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ApplianceManagementTaskListResult", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ApplianceManagementTaskProperties
      }, 
      "required": true, 
      "title": "Task property results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Appliance management task query results", 
  "type": "object"
}

ApplianceManagementTaskProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "ApplianceManagementTaskProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "async_response_available": {
      "readonly": true, 
      "title": "True if response for asynchronous request is available", 
      "type": "boolean"
    }, 
    "cancelable": {
      "readonly": true, 
      "title": "True if this task can be canceled", 
      "type": "boolean"
    }, 
    "description": {
      "readonly": true, 
      "title": "Description of the task", 
      "type": "string"
    }, 
    "details": {
      "readonly": true, 
      "title": "Details about the task if known", 
      "type": "object"
    }, 
    "end_time": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "The end time of the task in epoch milliseconds"
    }, 
    "id": {
      "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}_[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$", 
      "readonly": true, 
      "title": "Identifier for this task", 
      "type": "string"
    }, 
    "message": {
      "readonly": true, 
      "title": "A message describing the disposition of the task", 
      "type": "string"
    }, 
    "progress": {
      "maximum": 100, 
      "minimum": 0, 
      "readonly": true, 
      "title": "Task progress if known, from 0 to 100", 
      "type": "integer"
    }, 
    "request_method": {
      "readonly": true, 
      "title": "HTTP request method", 
      "type": "string"
    }, 
    "request_uri": {
      "readonly": true, 
      "title": "URI of the method invocation that spawned this task", 
      "type": "string"
    }, 
    "start_time": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "The start time of the task in epoch milliseconds"
    }, 
    "status": {
      "$ref": "ApplianceManagementTaskStatus, 
      "readonly": true, 
      "title": "Current status of the task"
    }, 
    "user": {
      "readonly": true, 
      "title": "Name of the user who created this task", 
      "type": "string"
    }
  }, 
  "title": "Appliance management task properties", 
  "type": "object"
}

ApplianceManagementTaskQueryParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResultQueryParameters
  }, 
  "id": "ApplianceManagementTaskQueryParameters", 
  "properties": {
    "fields": {
      "description": "Comma-separated field names to include in query result", 
      "title": "Fields to include in query results", 
      "type": "string"
    }, 
    "request_method": {
      "description": "Comma-separated request methods to include in query result", 
      "pattern": "^(=|!=|~|!~)?.+$", 
      "title": "Request method(s) to include in query result", 
      "type": "string"
    }, 
    "request_path": {
      "description": "Comma-separated request paths to include in query result", 
      "pattern": "^(=|!=|~|!~)?.+$", 
      "title": "Request URI path(s) to include in query result", 
      "type": "string"
    }, 
    "request_uri": {
      "description": "Comma-separated request URIs to include in query result", 
      "pattern": "^(=|!=|~|!~)?.+$", 
      "title": "Request URI(s) to include in query result", 
      "type": "string"
    }, 
    "status": {
      "description": "Comma-separated status values to include in query result", 
      "pattern": "^(=|!=|~|!~)?.+$", 
      "title": "Status(es) to include in query result", 
      "type": "string"
    }, 
    "user": {
      "description": "Comma-separated user names to include in query result", 
      "pattern": "^(=|!=|~|!~)?.+$", 
      "title": "Names of users to include in query result", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ApplianceManagementTaskStatus (type) 

{
  "enum": [
    "running", 
    "error", 
    "success", 
    "canceling", 
    "canceled", 
    "killed"
  ], 
  "id": "ApplianceManagementTaskStatus", 
  "title": "Current status of the appliance management task", 
  "type": "string"
}

ApplicationProfileType (type) 

{
  "additionalProperties": false, 
  "description": "An application profile can be bound to a virtual server to specify the application protocol characteristics. It is used to influence how load balancing is performed. Currently, three types of application profiles are supported: LbFastTCPProfile, LbFastUDPProfile and LbHttpProfile. LbFastTCPProfile or LbFastUDPProfile is typically used when the application is using a custom protocol or a standard protocol not supported by the load balancer. It is also used in cases where the user only wants L4 load balancing mainly because L4 load balancing has much higher performance and scalability, and/or supports connection mirroring. LbHttpProfile is used for both HTTP and HTTPS applications. Though application rules, if bound to the virtual server, can be used to accomplish the same goal, LbHttpProfile is intended to simplify enabling certain common use cases.", 
  "enum": [
    "LbHttpProfile", 
    "LbFastTcpProfile", 
    "LbFastUdpProfile"
  ], 
  "id": "ApplicationProfileType", 
  "module_id": "LoadBalancer", 
  "title": "application profile type", 
  "type": "string"
}

AppliedTos (type) 

{
  "description": "Entity lists where the profile will be enabled on.", 
  "id": "AppliedTos", 
  "module_id": "UpmCommon", 
  "properties": {
    "logical_ports": {
      "items": {
        "$ref": "ResourceReference
      }, 
      "readonly": false, 
      "required": false, 
      "title": "Logical Port List", 
      "type": "array"
    }, 
    "logical_switches": {
      "items": {
        "$ref": "ResourceReference
      }, 
      "readonly": false, 
      "required": false, 
      "title": "Logical Switch List", 
      "type": "array"
    }, 
    "nsgroups": {
      "items": {
        "$ref": "ResourceReference
      }, 
      "nsx_feature": "UnifiedProfileManagementSupportNSGroup", 
      "readonly": false, 
      "required": false, 
      "title": "NSGroup List", 
      "type": "array"
    }
  }, 
  "title": "Entities Applied to Profile", 
  "type": "object"
}

ArpHeader (type) 

{
  "additionalProperties": false, 
  "id": "ArpHeader", 
  "module_id": "Traceflow", 
  "properties": {
    "dst_ip": {
      "$ref": "IPv4Address, 
      "required": true, 
      "title": "The destination IP address"
    }, 
    "op_code": {
      "default": "ARP_REQUEST", 
      "description": "This field specifies the nature of the Arp message being sent.", 
      "enum": [
        "ARP_REQUEST", 
        "ARP_REPLY"
      ], 
      "required": true, 
      "title": "Arp message type", 
      "type": "string"
    }, 
    "src_ip": {
      "$ref": "IPv4Address, 
      "description": "This field specifies the IP address of the sender. If omitted, the src_ip is set to 0.0.0.0.", 
      "required": false, 
      "title": "The source IP address"
    }
  }, 
  "type": "object"
}

ArpSnoopingConfig (type) 

{
  "additionalProperties": false, 
  "description": "Contains ARP snooping related configuration.", 
  "id": "ArpSnoopingConfig", 
  "module_id": "PolicyIpDiscovery", 
  "properties": {
    "arp_binding_limit": {
      "default": 1, 
      "description": "Number of arp snooped IP addresses Indicates the number of arp snooped IP addresses to be remembered per LogicalPort. Decreasing this value, will retain the latest bindings from the existing list of address bindings. Increasing this value will retain existing bindings and also learn any new address bindings discovered on the port until the new limit is reached.", 
      "maximum": 256, 
      "minimum": 1, 
      "required": false, 
      "title": "Maximum number of ARP bindings", 
      "type": "int"
    }, 
    "arp_snooping_enabled": {
      "default": true, 
      "description": "Indicates whether ARP snooping is enabled", 
      "required": false, 
      "title": "Is ARP snooping enabled or not", 
      "type": "boolean"
    }
  }, 
  "title": "ARP Snooping Configuration", 
  "type": "object"
}

AssignedByDhcp (type) 

{
  "description": "This type can be specified in ip assignment spec of host switch if DHCP based IP assignment is desired for host switch virtual tunnel endpoints.", 
  "extends": {
    "$ref": "IpAssignmentSpec
  }, 
  "id": "AssignedByDhcp", 
  "module_id": "TransportNode", 
  "polymorphic-type-descriptor": {
    "type-identifier": "AssignedByDhcp"
  }, 
  "properties": {
    "resource_type": {
      "enum": [
        "StaticIpPoolSpec", 
        "StaticIpListSpec", 
        "AssignedByDhcp", 
        "StaticIpMacListSpec"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "DHCP based IP assignment.", 
  "type": "object"
}

AssociationListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AssociationListRequestParameters", 
  "module_id": "Association", 
  "properties": {
    "associated_resource_type": {
      "$ref": "AssociationTargetType, 
      "required": true, 
      "title": "Type of the associated resources"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "fetch_ancestors": {
      "default": false, 
      "description": "If set to true, will fetch direct as well as indirect(considering containment as well as nesting) associated objects for the given source Id.", 
      "required": false, 
      "title": "Fetch complete list of associated resources considering\ncontainment and nesting\n", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "resource_id": {
      "required": true, 
      "title": "The resource for which associated resources are to be fetched", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "AssociationSourceType, 
      "required": true, 
      "title": "Type of the resource for which associated resources are to be fetched"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Association list request parameters", 
  "type": "object"
}

AssociationListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AssociationListResult", 
  "module_id": "Association", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ResourceReference
      }, 
      "required": true, 
      "title": "Paged Collection of ResourceReference", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AssociationSourceType (type) 

{
  "enum": [
    "NSGroup", 
    "IPSet", 
    "MACSet", 
    "LogicalSwitch", 
    "LogicalPort", 
    "VirtualMachine", 
    "DirectoryGroup", 
    "VirtualNetworkInterface", 
    "TransportNode"
  ], 
  "id": "AssociationSourceType", 
  "module_id": "Association", 
  "title": "Resource type valid for use as source in association API", 
  "type": "string"
}

AssociationTargetType (type) 

{
  "enum": [
    "NSGroup"
  ], 
  "id": "AssociationTargetType", 
  "module_id": "Association", 
  "title": "Resource type valid for use as target in association API", 
  "type": "string"
}

AttachmentContext (type) 

{
  "abstract": true, 
  "id": "AttachmentContext", 
  "module_id": "LogicalPort", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "allocate_addresses": {
      "enum": [
        "IpPool", 
        "MacPool", 
        "Both", 
        "None"
      ], 
      "required": false, 
      "title": "A flag to indicate whether to allocate addresses from allocation\n    pools bound to the parent logical switch.\n", 
      "type": "string"
    }, 
    "resource_type": {
      "help_summary": "Possible values are 'VifAttachmentContext' or 'L2VpnAttachmentContext'\n", 
      "required": true, 
      "title": "Used to identify which concrete class it is", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AttachmentType (type) 

{
  "enum": [
    "VIF", 
    "LOGICALROUTER", 
    "BRIDGEENDPOINT", 
    "DHCP_SERVICE", 
    "METADATA_PROXY", 
    "L2VPN_SESSION"
  ], 
  "id": "AttachmentType", 
  "module_id": "LogicalPort", 
  "title": "Type of attachment for logical port.", 
  "type": "string"
}

AttachmentTypeQueryString (type) 

{
  "enum": [
    "VIF", 
    "LOGICALROUTER", 
    "BRIDGEENDPOINT", 
    "DHCP_SERVICE", 
    "METADATA_PROXY", 
    "L2VPN_SESSION", 
    "NONE"
  ], 
  "id": "AttachmentTypeQueryString", 
  "module_id": "LogicalPort", 
  "title": "Type of attachment for logical port; for query only.", 
  "type": "string"
}

Attribute (type) 

{
  "description": "Attribute specific to a partner. There attributes are passed on to the partner appliance and is opaque to the NSX Manager. The Attributes used by the partner applicance.", 
  "id": "Attribute", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "attribute_type": {
      "description": "Attribute Type can be of any of the allowed enum type.", 
      "enum": [
        "IP_ADDRESS", 
        "PORT", 
        "PASSWORD", 
        "STRING", 
        "LONG", 
        "BOOLEAN"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Attributetype.", 
      "type": "string"
    }, 
    "display_name": {
      "description": "Attribute display name string value.", 
      "readonly": false, 
      "required": false, 
      "title": "Display name", 
      "type": "string"
    }, 
    "key": {
      "description": "Attribute key string value.", 
      "readonly": false, 
      "required": true, 
      "title": "key", 
      "type": "string"
    }, 
    "read_only": {
      "default": false, 
      "description": "Read only Attribute cannot be overdidden by service instance/deployment.", 
      "readonly": false, 
      "required": false, 
      "title": "read only", 
      "type": "boolean"
    }, 
    "value": {
      "description": "Attribute value string value.", 
      "readonly": false, 
      "required": false, 
      "title": "value", 
      "type": "string"
    }
  }, 
  "title": "Attributes", 
  "type": "object"
}

AttributeVal (type) 

{
  "description": "Contains type specific properties of generic realized entity", 
  "id": "AttributeVal", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "data_type": {
      "description": "Datatype of the property", 
      "enum": [
        "STRING", 
        "DATE", 
        "INTEGER", 
        "BOOLEAN"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Datatype of property represented by this attribute", 
      "type": "string"
    }, 
    "key": {
      "description": "Attribute key", 
      "required": false, 
      "title": "Key for the attribute value", 
      "type": "string"
    }, 
    "multivalue": {
      "description": "If attribute has a single value or collection of values", 
      "readonly": true, 
      "title": "multivalue flag", 
      "type": "boolean"
    }, 
    "values": {
      "description": "List of attribute values", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of values for the attribute", 
      "type": "array"
    }
  }, 
  "title": "Attribute values of realized type", 
  "type": "object"
}

AuditLog (type) 

{
  "additionalProperties": false, 
  "id": "AuditLog", 
  "properties": {
    "appname": {
      "required": true, 
      "title": "Application name field of the log", 
      "type": "string"
    }, 
    "facility": {
      "required": true, 
      "title": "Facility field of the log", 
      "type": "integer"
    }, 
    "full_log": {
      "required": true, 
      "title": "Full log with both header and message", 
      "type": "string"
    }, 
    "hostname": {
      "required": true, 
      "title": "Hostname field of the log", 
      "type": "string"
    }, 
    "message": {
      "required": true, 
      "title": "Message field of the log", 
      "type": "string"
    }, 
    "msgid": {
      "required": true, 
      "title": "Message ID field of the log", 
      "type": "string"
    }, 
    "priority": {
      "required": true, 
      "title": "Priority field of the log", 
      "type": "integer"
    }, 
    "procid": {
      "required": true, 
      "title": "Process ID field of the log", 
      "type": "integer"
    }, 
    "struct_data": {
      "$ref": "StructuredData, 
      "required": true, 
      "title": "Structured data field of the log"
    }, 
    "timestamp": {
      "required": true, 
      "title": "Date and time in UTC of the log", 
      "type": "string"
    }
  }, 
  "title": "Audit log in RFC5424 format", 
  "type": "object"
}

AuditLogListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AuditLogListResult", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "last_full_sync_timestamp": {
      "required": true, 
      "title": "Timestamp of the last full audit log collection", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "AuditLog
      }, 
      "required": true, 
      "title": "Audit log results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Audit log collection results", 
  "type": "object"
}

AuditLogQueryParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResultQueryParameters
  }, 
  "id": "AuditLogQueryParameters", 
  "properties": {
    "cursor": {
      "description": "A log cursor points to a specific line number in the master audit log", 
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "integer"
    }, 
    "fields": {
      "description": "Comma-separated field names to include in query result", 
      "title": "Fields to include in query results", 
      "type": "string"
    }, 
    "page_size": {
      "default": 100, 
      "description": "The page size determines the number of logs to be returned", 
      "maximum": 100, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

AuditLogRequest (type) 

{
  "additionalProperties": false, 
  "id": "AuditLogRequest", 
  "properties": {
    "log_age_limit": {
      "minimum": 0, 
      "title": "Include logs with timstamps not past the age limit in days", 
      "type": "integer"
    }, 
    "log_filter": {
      "required": false, 
      "title": "Audit logs should meet the filter condition", 
      "type": "string"
    }, 
    "log_filter_type": {
      "default": "TEXT", 
      "enum": [
        "TEXT", 
        "REGEX"
      ], 
      "title": "Type of log filter", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AuthenticationPolicyProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AuthenticationPolicyProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "api_failed_auth_lockout_period": {
      "default": 900, 
      "description": "Once a lockout occurs, the account remains locked out of the API for this time period. Only applies to NSX Manager nodes. Ignored on other node types.", 
      "minimum": 0, 
      "title": "Lockout period in seconds", 
      "type": "integer"
    }, 
    "api_failed_auth_reset_period": {
      "default": 900, 
      "description": "In order to trigger an account lockout, all authentication failures must occur in this time window. If the reset period expires, the failed login count is reset to zero. Only applies to NSX Manager nodes. Ignored on other node types.", 
      "minimum": 0, 
      "title": "Period, in seconds, for authentication failures to trigger lockout", 
      "type": "integer"
    }, 
    "api_max_auth_failures": {
      "default": 5, 
      "description": "Only applies to NSX Manager nodes. Ignored on other node types.", 
      "minimum": 0, 
      "title": "Number of authentication failures that trigger API lockout", 
      "type": "integer"
    }, 
    "cli_failed_auth_lockout_period": {
      "default": 900, 
      "description": "Once a lockout occurs, the account remains locked out of the CLI for this time period. While the lockout period is in effect, additional authentication attempts restart the lockout period, even if a valid password is specified.", 
      "minimum": 0, 
      "title": "Lockout period in seconds", 
      "type": "integer"
    }, 
    "cli_max_auth_failures": {
      "default": 5, 
      "minimum": 0, 
      "title": "Number of authentication failures that trigger CLI lockout", 
      "type": "integer"
    }, 
    "minimum_password_length": {
      "default": 8, 
      "minimum": 8, 
      "title": "Minimum number of characters required in account passwords", 
      "type": "integer"
    }
  }, 
  "title": "Configuration of authentication policies for the NSX node", 
  "type": "object"
}

AuthenticationScheme (type) 

{
  "additionalProperties": {}, 
  "id": "AuthenticationScheme", 
  "properties": {
    "scheme_name": {
      "required": true, 
      "title": "Authentication scheme name", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AwsAccount (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "CloudAccount
  }, 
  "id": "AwsAccount", 
  "module_id": "CloudAccounts", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "access_key": {
      "deprecated": true, 
      "description": "This field is DEPRECATED. Please use the field credentials.", 
      "readonly": false, 
      "required": false, 
      "sensitive": true, 
      "title": "Access key of cloud account", 
      "type": "string"
    }, 
    "auth_mechanism_iam": {
      "deprecated": true, 
      "description": "This field is DEPRECATED. Please use the field auth_method.", 
      "readonly": false, 
      "required": false, 
      "title": "Is the AWS authorization mechanism based on Identity and Access\nManagement(IAM) service?\n", 
      "type": "boolean"
    }, 
    "auth_method": {
      "description": "This property conveys the authorization method to use. Appropriate credentials/parameters will be expected based on this method selection.", 
      "enum": [
        "CREDENTIALS"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "AWS account authorization method", 
      "type": "string"
    }, 
    "auth_users": {
      "description": "List of authorized users.", 
      "items": {
        "$ref": "CloudUserInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Authrized Users", 
      "type": "array"
    }, 
    "cloud_type": {
      "decription": "Name of the cloud vendor.", 
      "enum": [
        "AWS", 
        "AZURE", 
        "GOOGLE"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Cloud Type", 
      "type": "string"
    }, 
    "credentials": {
      "$ref": "AwsCredentials, 
      "description": "Credentials of AWS Account.", 
      "readonly": true, 
      "required": false, 
      "title": "AWS Credentials"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "deprecated": true, 
      "description": "This field is DEPRECATED. Please use the field credentials.", 
      "readonly": false, 
      "required": false, 
      "title": "External id for the IAM role csm needs to assume", 
      "type": "string"
    }, 
    "gateway_role_name": {
      "deprecated": true, 
      "description": "This field is DEPRECATED. Please use the field credentials.", 
      "readonly": false, 
      "required": false, 
      "title": "Gateway Role Name", 
      "type": "string"
    }, 
    "has_managed_vpc": {
      "deprecated": true, 
      "description": "This field is DEPRECATED. Please use vpc_stats to get the number of managed VPCs.", 
      "readonly": true, 
      "required": false, 
      "title": "Has a managed VPC?", 
      "type": "boolean"
    }, 
    "iam_role_arn": {
      "deprecated": true, 
      "description": "This field is DEPRECATED. Please use the field credentials.", 
      "readonly": false, 
      "required": false, 
      "title": "Amazon Resource Name for IAM role CSM needs to assume", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "instance_stats": {
      "$ref": "InstanceStats, 
      "description": "Stores statistics of the number of managed, unmanaged and error virtual machines.", 
      "readonly": true, 
      "required": false, 
      "title": "Instance statistics"
    }, 
    "regions_count": {
      "description": "Count of the AWS regions which have atleast one VPC created.", 
      "readonly": true, 
      "required": false, 
      "title": "AWS Regions Count", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "secret_key": {
      "deprecated": true, 
      "description": "This field is DEPRECATED. Please use the field credentials.", 
      "readonly": false, 
      "required": false, 
      "sensitive": true, 
      "title": "Secret key of cloud account", 
      "type": "string"
    }, 
    "status": {
      "$ref": "AwsAccountStatus, 
      "readonly": true, 
      "required": false, 
      "title": "Status of the account"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tenant_id": {
      "description": "Tenant ID of the cloud account.", 
      "readonly": true, 
      "required": false, 
      "title": "Tenant ID", 
      "type": "string"
    }, 
    "vpc_stats": {
      "$ref": "VpcStats, 
      "readonly": true, 
      "required": false, 
      "title": "VPC statistics"
    }
  }, 
  "title": "AWS account", 
  "type": "object"
}

AwsAccountStatus (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "CloudAccountStatus
  }, 
  "id": "AwsAccountStatus", 
  "module_id": "CloudAccounts", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "credentials_status": {
      "description": "Status of the cloud account credentials synced at the auto interval.", 
      "enum": [
        "VALID", 
        "INVALID"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Credentials Status", 
      "type": "string"
    }, 
    "error_message": {
      "description": "Error encountered while syncing AWS inventory such as read timeout.", 
      "readonly": true, 
      "required": false, 
      "title": "Error encountered while syncing AWS inventory", 
      "type": "string"
    }, 
    "inventory_sync_status": {
      "description": "Status of inventory synchronization process.", 
      "enum": [
        "SYNCED", 
        "IN_PROGRESS"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Inventory Synchronization Status", 
      "type": "string"
    }, 
    "inventory_sync_step": {
      "description": "Step of the inventory synchronization process", 
      "enum": [
        "SYNCING_AWS_REGIONS", 
        "SYNCING_AWS_VPCS", 
        "SYNCING_AWS_AZS", 
        "SYNCING_VMS", 
        "SYNCING_NSX_DATA", 
        "SYNCING_AWS_GATEWAYS", 
        "SYNCING_MANAGED_INSTANCES", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "title": "Inventory sync step", 
      "type": "string"
    }
  }, 
  "title": "AWS account status", 
  "type": "object"
}

AwsAccountsListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "These parameters will be used to filter the list of accounts.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AwsAccountsListRequestParameters", 
  "module_id": "CloudAccounts", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_id": {
      "required": false, 
      "title": "Identifier for region based on which accounts statistics will be\naggregated. Using this request parameter will return\nonly all_accounts_vpc_stats and all_accounts_instance_stats properties.\n", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AwsAccountsListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AwsAccountsListResult", 
  "module_id": "CloudAccounts", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "all_accounts_instance_stats": {
      "$ref": "InstanceStats, 
      "deprecated": true, 
      "description": "This field is DEPRECATED. To obtain statistics about instances, use the GET /csm/accounts/statistics API.", 
      "readonly": true, 
      "required": false, 
      "title": "Instance statistics"
    }, 
    "all_accounts_vpc_stats": {
      "$ref": "VpcStats, 
      "deprecated": true, 
      "description": "This field is DEPRECATED. To obtain statistics about VPCs, use the GET /csm/accounts/statistics API.", 
      "readonly": true, 
      "required": false, 
      "title": "VPC statistics"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "AwsAccount
      }, 
      "required": true, 
      "title": "AWS accounts list result", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Cloud accounts list", 
  "type": "object"
}

AwsAvailabilityZoneInfo (type) 

{
  "additionalProperties": false, 
  "id": "AwsAvailabilityZoneInfo", 
  "module_id": "AwsRegionInformation", 
  "properties": {
    "display_name": {
      "readonly": true, 
      "required": false, 
      "title": "Display name of the availability zone", 
      "type": "string"
    }, 
    "id": {
      "readonly": true, 
      "required": false, 
      "title": "ID of the availability zone", 
      "type": "string"
    }
  }, 
  "title": "Availability Zone information", 
  "type": "object"
}

AwsComputeVpcConfig (type) 

{
  "additionalProperties": false, 
  "description": "Stores the parameters required for linking compute VPC with a transit VPC", 
  "extends": {
    "$ref": "AwsVpcConfig
  }, 
  "id": "AwsComputeVpcConfig", 
  "module_id": "AwsVpcInformation", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "account_id": {
      "deprecated": true, 
      "description": "AWS account ID related to the compute VPC. This field is deprecated. Field account_id can be learnt using vpc_id. GET /csm/aws/vpcs/<vpc-id> API returns associated_account_ids. Hence, this field is optional.", 
      "required": false, 
      "title": "AWS Account ID", 
      "type": "string"
    }, 
    "cloud_fallback_security_group_id": {
      "description": "Id of security group where the VMs should be moved after last gateway undeployed. This field is required only when default_quarantine_policy_enabled field is set to false.", 
      "title": "Id of Cloud Security Group", 
      "type": "string"
    }, 
    "configuration": {
      "$ref": "AwsTransitVpcConfig, 
      "description": "All the required informations regarding a transit VPC will be absorbed as a part of this field.", 
      "required": true, 
      "title": "AWS Transit VPC Configuration"
    }, 
    "default_quarantine_policy_enabled": {
      "default": false, 
      "description": "Flag to convey if virtual machines belonging to the compute virtual private cloud should be quarantined or not.", 
      "title": "Flag to Identify if Default Quarantine Policy is Enabled", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "managed_without_agents": {
      "default": false, 
      "description": "This flag determines if this compute virtual private cloud is managed with or without NSX agents.", 
      "required": false, 
      "title": "Managed Without NSX Agents", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "AWS Compute VPC Configuration", 
  "type": "object"
}

AwsComputeVpcListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "These paramaters will be used to filter the list of compute VPCs. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AwsComputeVpcListRequestParameters", 
  "module_id": "AwsVpcInformation", 
  "properties": {
    "account_id": {
      "description": "Identifier for account based on which compute VPCs are to be filtered.", 
      "required": false, 
      "title": "AWS account ID", 
      "type": "string"
    }, 
    "associated_transit_vpc_id": {
      "description": "Identifier for filtering all the compute VPCs which are NSX managed by the given transit VPC.", 
      "required": false, 
      "title": "Transit VPC ID", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "vpc_id": {
      "description": "Identifier for VPC based on which the list can be filtered or can be used to validate that hierarchy is correct", 
      "required": false, 
      "title": "VPC ID", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AwsComputeVpcListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AwsComputeVpcListResult", 
  "module_id": "AwsVpcInformation", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of Compute VPCs", 
      "items": {
        "$ref": "AwsComputeVpcConfig
      }, 
      "required": false, 
      "title": "List of Compute VPC", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Compute Vpc list", 
  "type": "object"
}

AwsComputeVpcStatus (type) 

{
  "additionalProperties": false, 
  "description": "Stores onboard and offboard status of AWS VPC. There are 4 states in onboarding a VPC using transit VPC and the corresponding states in sequence are VALIDATING_ENVIRONMENT, CREATING_SECURITY_GROUPS, CONFIGURING_GATEWAY and ONBOARD_SUCCESSFUL. There are 3 states in offboarding a VPC and the corresponding states in sequence are UNCONFIGURING_GATEWAY, DELETING_SECURITY_GROUPS and OFFBOARD_SUCCESSFUL. The state of failure in onboarding or offboarding is indicated by ONBOARD_FAILED and OFFBOARD_FAILED.", 
  "extends": {
    "$ref": "VirtualPrivateCloudStatus
  }, 
  "id": "AwsComputeVpcStatus", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "configuration": {
      "$ref": "AwsVpcConfig, 
      "description": "Stores AWS VPC configuration.", 
      "required": false, 
      "title": "AWS VPC Config"
    }, 
    "error_code": {
      "description": "Error code related to virtual private cloud Onboard/Offboard failure.", 
      "readonly": true, 
      "required": false, 
      "title": "Error Code", 
      "type": "integer"
    }, 
    "error_message": {
      "description": "Error message related to virtual private cloud Onboard/Offboard failure.", 
      "readonly": true, 
      "required": false, 
      "title": "Error Message", 
      "type": "string"
    }, 
    "offboard_step": {
      "description": "Stores the different states of virtual private cloud while offboarding from a transit virtual private cloud.", 
      "enum": [
        "UNCONFIGURING_GATEWAY", 
        "DELETING_SECURITY_GROUPS", 
        "OFFBOARD_SUCCESSFUL", 
        "OFFBOARD_FAILED", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "States of Virtual Private Cloud While OffBoard", 
      "type": "string"
    }, 
    "onboard_step": {
      "description": "Stores the different states of virtual private cloud while onboarding using a transit virtual private cloud.", 
      "enum": [
        "VALIDATING_ENVIRONMENT", 
        "CREATING_SECURITY_GROUPS", 
        "CONFIGURING_GATEWAY", 
        "ONBOARD_SUCCESSFUL", 
        "ONBOARD_FAILED", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "States of Virtual Private Cloud While Onboard", 
      "type": "string"
    }, 
    "status": {
      "description": "Indicates the status of a virtual private cloud. UP: virtual private cloud is NSX managed. DOWN: virtual private cloud is NSX managed with errors. ONBOARDING: virtual private cloud is in the process of   onboarding using a transit virtual private cloud. OFFBOARDING: virtual private cloud is in the process of    offboarding from a transit virtual private cloud. NOT_APPLICABLE: virtual private cloud is NSX unmanaged.", 
      "enum": [
        "UP", 
        "DOWN", 
        "ONBOARDING", 
        "OFFBOARDING", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Virtual Private Cloud Status", 
      "type": "string"
    }, 
    "virtual_private_cloud_name": {
      "description": "Name of the transit virtual private cloud.", 
      "readonly": true, 
      "title": "Virtual Private Cloud Name", 
      "type": "string"
    }
  }, 
  "title": "VPC Status", 
  "type": "object"
}

AwsCredentials (type) 

{
  "additional_properties": false, 
  "description": "Stores information about AWS account credentials.", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AwsCredentials", 
  "module_id": "CloudAccounts", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "access_key": {
      "description": "Access key of the AWS account.", 
      "readonly": false, 
      "required": false, 
      "sensitive": true, 
      "title": "Access Key", 
      "type": "string"
    }, 
    "gateway_role": {
      "description": "Name of the IAM service role that should be attached to the Cloud Gateways deployed in the AWS account. Based on the permissions in the role, the gateways will have access to resources in the AWS account.", 
      "readonly": false, 
      "required": false, 
      "title": "Gateway Role Name", 
      "type": "string"
    }, 
    "secret_key": {
      "description": "Secret key of the AWS account.", 
      "readonly": false, 
      "required": false, 
      "sensitive": true, 
      "title": "Secret Key", 
      "type": "string"
    }
  }, 
  "title": "AWS Account Credentials", 
  "type": "object"
}

AwsGatewayAmiInfo (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "AwsGatewayAmiInfo", 
  "module_id": "AwsGatewayAmiInformation", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "ami_id": {
      "description": "The ID of the Amazon Machine Image", 
      "required": true, 
      "title": "AMI id", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "region_id": {
      "required": true, 
      "title": "Name of the Aws Region in which ami is present", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Aws Gateway Ami Information", 
  "type": "object"
}

AwsGatewayAmisListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "These paramaters will be used to filter the list of AWS Gateway AMIs.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AwsGatewayAmisListRequestParameters", 
  "module_id": "AwsGatewayAmiInformation", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_id": {
      "required": false, 
      "title": "Identifier for region based on which list of AWS Gateway AMIs\nwill be obtained\n", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AwsGatewayAmisListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AwsGatewayAmisListResult", 
  "module_id": "AwsGatewayAmiInformation", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "AwsGatewayAmiInfo
      }, 
      "required": false, 
      "title": "Aws Gateway amis list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of Aws Gateway amis", 
  "type": "object"
}

AwsGatewayConfig (type) 

{
  "additionalProperties": false, 
  "description": "Stores AWS gateway configuration like ami_id, key_pair_name and gateway_ha_configuration.", 
  "extends": {
    "$ref": "GatewayConfig
  }, 
  "id": "AwsGatewayConfig", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "ami_id": {
      "description": "The ID of the Amazon Machine Image on which this gateway resides", 
      "required": false, 
      "title": "AMI id", 
      "type": "string"
    }, 
    "cloud_fallback_security_group_id": {
      "description": "Id of security group where the VMs should be moved after last gateway undeployed.", 
      "required": false, 
      "title": "Id of cloud security group", 
      "type": "string"
    }, 
    "default_quarantine_policy_enabled": {
      "default": false, 
      "required": false, 
      "title": "Flag to identify if default quarantine policy is enabled", 
      "type": "boolean"
    }, 
    "dns_settings": {
      "$ref": "DnsSettings, 
      "description": "Settings related to Cloud gateway DNS configuration. This determines DNS configuration based on dns_mode.", 
      "title": "DNS settings"
    }, 
    "gateway_ha_configuration": {
      "items": {
        "$ref": "AwsGatewayHaConfig
      }, 
      "required": false, 
      "title": "Aws Gateway HA configuration", 
      "type": "array"
    }, 
    "is_ha_enabled": {
      "required": false, 
      "title": "Flag to identify if HA is enabled", 
      "type": "boolean"
    }, 
    "key_pair_name": {
      "required": false, 
      "title": "The key pair name required to authenticate into any instance", 
      "type": "string"
    }, 
    "managed_without_agents": {
      "default": false, 
      "description": "This flag determines if this virtual private cloud is managed with or without NSX agents. This flag is applicable only for this network. If this virtual private cloud is being managed without NSX agents, quarantine state and threat state will be NOT_APPLICABLE for all the virtual machines under it.", 
      "required": false, 
      "title": "Managed Without NSX Agents", 
      "type": "boolean"
    }, 
    "nsx_manager_connection": {
      "description": "Determines if connection to NSX Manager is via public IP or private IP", 
      "enum": [
        "PUBLIC_IP", 
        "PRIVATE_IP"
      ], 
      "required": false, 
      "title": "NSX Manager connection", 
      "type": "string"
    }, 
    "proxy_server_profile": {
      "description": "Id of the proxy server profile, corresponding proxy settings will be applied while deploying the gateway.", 
      "required": false, 
      "title": "Id of the proxy server profile", 
      "type": "string"
    }, 
    "target_disk_size": {
      "description": "This is the target disk size of the PCG appliance in GB. Based on this an additional disk is attached to the PCG appliance, if required. The supported size is 191 GB and this property should only be modified post upgrade for exisiting PCG appliances.", 
      "required": false, 
      "title": "Target Disk Size", 
      "type": "integer"
    }, 
    "vpn_service_enabled": {
      "default": true, 
      "description": "Flag that will enable or disable inter-operation between NSX and non-NSX services via VPN.", 
      "required": false, 
      "title": "Flag to enable or disable inter-operation with services via VPN", 
      "type": "boolean"
    }
  }, 
  "title": "AWS gateway configuration", 
  "type": "object"
}

AwsGatewayDeployConfig (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AwsGatewayDeployConfig", 
  "module_id": "AwsGatewayManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "account_id": {
      "required": true, 
      "title": "ID of the Aws account", 
      "type": "string"
    }, 
    "configuration": {
      "$ref": "AwsGatewayConfig, 
      "readonly": true, 
      "required": false, 
      "title": "Configuration of this gateway"
    }, 
    "vpc_id": {
      "required": true, 
      "title": "ID of the vpc", 
      "type": "string"
    }
  }, 
  "title": "Aws gateway deployment configuration", 
  "type": "object"
}

AwsGatewayHaConfig (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AwsGatewayHaConfig", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "availability_zone": {
      "required": true, 
      "title": "Availability Zone", 
      "type": "string"
    }, 
    "downlink_subnet": {
      "required": true, 
      "title": "Downlink subnet", 
      "type": "string"
    }, 
    "gateway_ha_index": {
      "required": true, 
      "title": "Index of HA that indicates whether gateway is primary or secondary.\nIf index is 0, then it is primary gateway. Else secondary gateway.\n", 
      "type": "integer"
    }, 
    "management_subnet": {
      "required": true, 
      "title": "Management subnet", 
      "type": "string"
    }, 
    "public_ip_settings": {
      "$ref": "GatewayPublicIp, 
      "description": "Stores settings related to AWS gateway Public IP configuration. The public_ip will be attached to management interface of the gateway, based on the value of ip_allocation_mode.", 
      "required": false, 
      "title": "Public IP settings for management interface"
    }, 
    "uplink_public_ip_settings": {
      "$ref": "GatewayPublicIp, 
      "description": "Stores settings related to AWS gateway Public IP configuration. The public_ip will be attached to uplink interface of the primary gateway, based on the value of ip_allocation_mode.", 
      "required": false, 
      "title": "Public IP settings for uplink interface"
    }, 
    "uplink_subnet": {
      "required": true, 
      "title": "Uplink subnet", 
      "type": "string"
    }
  }, 
  "title": "AWS subnet configuration to deploy gateways", 
  "type": "object"
}

AwsGatewayInfo (type) 

{
  "additionalProperties": false, 
  "description": "Stores AWS gateway information like configuration and status.", 
  "id": "AwsGatewayInfo", 
  "module_id": "AwsVpcInformation", 
  "properties": {
    "configuration": {
      "$ref": "AwsGatewayConfig, 
      "description": "Configuration of AWS gateway", 
      "readonly": true, 
      "required": false, 
      "title": "Gateway Configuration"
    }, 
    "csm_ip_address": {
      "description": "Cloud service manager IP address used to communicate with the AWS Vpc gateways.", 
      "readonly": true, 
      "required": false, 
      "title": "Cloud service manager IP address", 
      "type": "string"
    }, 
    "gateway_status": {
      "$ref": "AwsGatewayStatus, 
      "description": "Array of gateway statuses", 
      "readonly": true, 
      "required": false, 
      "title": "Gateway Status"
    }
  }, 
  "title": "AWS Gateway Information", 
  "type": "object"
}

AwsGatewayInstanceStatus (type) 

{
  "description": "Stores information about AWS gateway instance status", 
  "extends": {
    "$ref": "GatewayInstanceStatus
  }, 
  "id": "AwsGatewayInstanceStatus", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "configuration_operation_status": {
      "$ref": "GatewayConfigOperationStatus, 
      "description": "This property provides a consolidated status of supported gateway configuration operations.", 
      "readonly": true, 
      "required": false, 
      "title": "Status of different gateway configuration operations", 
      "type": "object"
    }, 
    "deployment_step": {
      "enum": [
        "VALIDATING_ENVIRONMENT", 
        "COPYING_IMAGE", 
        "CREATING_SECURITY_GROUPS", 
        "LAUNCHING_GATEWAY", 
        "CREATING_NETWORK_INTERFACES", 
        "ATTACHING_NETWORK_INTERFACES", 
        "ATTACHING_SECURITY_GROUPS", 
        "CONFIGURING_GATEWAY", 
        "CREATING_LOGICAL_NETWORK_CONSTRUCTS", 
        "DEPLOYMENT_SUCCESSFUL", 
        "DEPLOYMENT_FAILED", 
        "UNCONFIGURING_GATEWAY", 
        "RELEASING_EIPS", 
        "TERMINATING_GATEWAY", 
        "DELETING_SECURITY_GROUPS", 
        "DELETING_CLOUD_RESOURCES", 
        "UNDEPLOYMENT_SUCCESSFUL", 
        "UNDEPLOYMENT_FAILED", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Different states of gateway deployment", 
      "type": "string"
    }, 
    "error_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code for gateway operation failure", 
      "type": "integer"
    }, 
    "error_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message for gateway operation failure", 
      "type": "string"
    }, 
    "gateway_ha_index": {
      "required": false, 
      "title": "Index of HA that indicates whether gateway is primary or secondary.\nIf index is 0, then it is primary gateway. Else secondary gateway.\n", 
      "type": "integer"
    }, 
    "gateway_instance_id": {
      "required": false, 
      "title": "ID of the gateway instance", 
      "type": "string"
    }, 
    "gateway_lcp_connectivity_status": {
      "description": "Status of connectivity between NSX controller and public cloud gateway.", 
      "enum": [
        "UP", 
        "DOWN", 
        "DEGRADED", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Gateway to NSX Controller connectivity status", 
      "type": "string"
    }, 
    "gateway_mpa_connectivity_status": {
      "description": "Status of connectivity between NSX manager and public cloud gateway.", 
      "enum": [
        "UP", 
        "DOWN", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Gateway to NSX Manager connectivity status", 
      "type": "string"
    }, 
    "gateway_name": {
      "required": false, 
      "title": "Name of the gateway instance", 
      "type": "string"
    }, 
    "gateway_node_id": {
      "required": false, 
      "title": "NSX Node ID of the public cloud gateway", 
      "type": "string"
    }, 
    "gateway_status": {
      "enum": [
        "UP", 
        "DOWN", 
        "DEPLOYING", 
        "NOT_AVAILABLE", 
        "UNDEPLOYING"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Gateway instance status", 
      "type": "string"
    }, 
    "gateway_tn_id": {
      "required": false, 
      "title": "NSX transport node id of the public cloud gateway", 
      "type": "string"
    }, 
    "is_gateway_active": {
      "readonly": true, 
      "required": false, 
      "title": "Flag to identify if this is an active gateway", 
      "type": "boolean"
    }, 
    "private_ip": {
      "readonly": true, 
      "required": false, 
      "title": "Private IP address of the virtual machine", 
      "type": "string"
    }, 
    "public_ip": {
      "readonly": true, 
      "required": false, 
      "title": "Public IP address of the virtual machine", 
      "type": "string"
    }, 
    "vpn_private_ip": {
      "description": "Private IP address of the virtual machine for VPN", 
      "readonly": true, 
      "required": false, 
      "title": "VPN Private IP address", 
      "type": "string"
    }
  }, 
  "title": "AWS gateway instance status", 
  "type": "object"
}

AwsGatewayStatus (type) 

{
  "additionalProperties": false, 
  "description": "Stores AWS gateway status related information", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AwsGatewayStatus", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "gateway_cluster_id": {
      "description": "Cluster ID of NSX gateway", 
      "required": false, 
      "title": "NSX gateway cluster ID", 
      "type": "string"
    }, 
    "gateway_instances_status": {
      "description": "Array of gateway instances statuses", 
      "items": {
        "$ref": "AwsGatewayInstanceStatus
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Gateway Instances Status", 
      "type": "array"
    }
  }, 
  "title": "AWS Gateway Status", 
  "type": "object"
}

AwsGatewayUndeployConfig (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AwsGatewayUndeployConfig", 
  "module_id": "AwsGatewayManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "account_id": {
      "required": true, 
      "title": "ID of the Aws account", 
      "type": "string"
    }, 
    "instance_id": {
      "required": true, 
      "title": "ID of the gateway instance", 
      "type": "string"
    }
  }, 
  "title": "Aws gateway undeployment configuration", 
  "type": "object"
}

AwsGatewaysListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "These paramaters will be used to filter the list of Aws Gateways. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AwsGatewaysListRequestParameters", 
  "module_id": "AwsGatewayManagement", 
  "properties": {
    "account_id": {
      "description": "Optional identifier for account based on which AWS gateways list can be filtered.", 
      "required": false, 
      "title": "Account ID", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_id": {
      "description": "Optional identifier for region based on which AWS gateways list can be filtered.", 
      "required": false, 
      "title": "Region ID", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "vpc_id": {
      "description": "Optional identifier for vpc based on which AWS gateways list can be filtered.", 
      "required": false, 
      "title": "VPC ID", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AwsGatewaysListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AwsGatewaysListResult", 
  "module_id": "AwsGatewayManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "AwsGatewayDeployConfig
      }, 
      "required": false, 
      "title": "Vpc list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "AWS Gateways List Result", 
  "type": "object"
}

AwsKeyPair (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AwsKeyPair", 
  "module_id": "AwsResources", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "name": {
      "required": true, 
      "title": "Name of the Aws Key Pair", 
      "type": "string"
    }
  }, 
  "title": "Aws Key Pair", 
  "type": "object"
}

AwsKeyPairList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AwsKeyPairList", 
  "module_id": "AwsResources", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "AwsKeyPair
      }, 
      "required": false, 
      "title": "Aws Key Pairs list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of Aws Key Pairs", 
  "type": "object"
}

AwsKeyPairListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "These paramaters will be used to filter the list of subnets. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AwsKeyPairListRequestParameters", 
  "module_id": "AwsResources", 
  "properties": {
    "account_id": {
      "required": true, 
      "title": "Identifier for account based on which list of key pairs will be obtained\n", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_id": {
      "required": true, 
      "title": "Identifier for region based on which list of key pairs will be obtained\n", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AwsPublicIpListResult (type) 

{
  "additionalProperties": false, 
  "description": "Stores a list of Aws public IPs.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AwsPublicIpListResult", 
  "module_id": "AwsResources", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of Aws public IPs.", 
      "items": {
        "type": "string"
      }, 
      "required": true, 
      "title": "AWS public IP", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Aws Public IP List Result", 
  "type": "object"
}

AwsRegion (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "AwsRegion", 
  "module_id": "AwsRegionInformation", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "associated_account_ids": {
      "description": "Array of associated AWS account IDs.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Associated AWS Account IDs", 
      "type": "array"
    }, 
    "availability_zones": {
      "items": {
        "$ref": "AwsAvailabilityZoneInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Availability zones under this region", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "gateway_stats": {
      "$ref": "GatewayStats, 
      "readonly": true, 
      "required": false, 
      "title": "Gateway statistics"
    }, 
    "has_managed_vpc": {
      "readonly": true, 
      "required": false, 
      "title": "Has a managed VPC?", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "instance_stats": {
      "$ref": "InstanceStats, 
      "readonly": true, 
      "required": false, 
      "title": "Instance statistics"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "vpc_stats": {
      "$ref": "VpcStats, 
      "readonly": true, 
      "required": false, 
      "title": "VPC statistics"
    }
  }, 
  "title": "Aws Region Information", 
  "type": "object"
}

AwsRegionsListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "These paramaters will be used to filter the list of regions. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AwsRegionsListRequestParameters", 
  "module_id": "AwsRegionInformation", 
  "properties": {
    "account_id": {
      "required": false, 
      "title": "Identifier for account based on which regions are to be filtered", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_id": {
      "required": false, 
      "title": "Identifier for region based on which the list can be filtered or can be used\nto validate that hierarchy is correct\n", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AwsRegionsListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AwsRegionsListResult", 
  "module_id": "AwsRegionInformation", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "AwsRegion
      }, 
      "required": false, 
      "title": "Aws Regions list result", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "AwsRegions list", 
  "type": "object"
}

AwsResourcesListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "A set of filter parameters to list Aws resources. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AwsResourcesListRequestParameters", 
  "module_id": "AwsResources", 
  "properties": {
    "account_id": {
      "description": "Mandatory identifier for account based on which resources are to be filtered.", 
      "required": true, 
      "title": "Account ID", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_id": {
      "description": "Optional identifier for region based on which resources are to be filtered.", 
      "required": false, 
      "title": "Region ID", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Aws Resource List Request Parameters", 
  "type": "object"
}

AwsSecurityGroup (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about an AWS security group.", 
  "extends": {
    "$ref": "CloudSecurityGroup
  }, 
  "id": "AwsSecurityGroup", 
  "module_id": "AwsVpcResources", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cloud_tags": {
      "description": "Array of tags associated to a cloud security group.", 
      "items": {
        "$ref": "CloudTag
      }, 
      "readonly": true, 
      "title": "Cloud Tags", 
      "type": "array"
    }, 
    "description": {
      "description": "Description of AWS security group.", 
      "readonly": true, 
      "required": false, 
      "title": "Security Group Description", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "inbound_rules": {
      "description": "Array of inbound rules of the AWS security group.", 
      "items": {
        "$ref": "AwsSecurityGroupRule
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Inbound Rules", 
      "type": "array"
    }, 
    "is_managed_by_nsx": {
      "description": "If the flag is true, the cloud security group is managed by NSX.", 
      "readonly": true, 
      "required": false, 
      "title": "Is Managed By NSX", 
      "type": "boolean"
    }, 
    "nsx_security_group": {
      "$ref": "SecurityGroup, 
      "description": "Stores information about the NSX security group corresponding to the AWS security group.", 
      "readonly": true, 
      "required": false, 
      "title": "NSX Security Group"
    }, 
    "outbound_rules": {
      "description": "Array of outbound rules of the AWS security group.", 
      "items": {
        "$ref": "AwsSecurityGroupRule
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Outbound Rules", 
      "type": "array"
    }, 
    "region_id": {
      "description": "ID of the cloud region.", 
      "readonly": true, 
      "required": false, 
      "title": "Region ID", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "security_group_id": {
      "description": "ID of the cloud security group.", 
      "readonly": true, 
      "required": false, 
      "title": "Security Group ID", 
      "type": "string"
    }, 
    "security_group_name": {
      "description": "Name of the cloud security group.", 
      "readonly": true, 
      "required": false, 
      "title": "Security Group Name", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "AWS Security Group", 
  "type": "object"
}

AwsSecurityGroupRule (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about an AWS security group rule.", 
  "extends": {
    "$ref": "CloudSecurityGroupRule
  }, 
  "id": "AwsSecurityGroupRule", 
  "module_id": "AwsVpcResources", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destination": {
      "description": "Destination corresponding to the cloud security group rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Destination", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "port_range": {
      "description": "Port range corresponding to the cloud security group rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Port Range", 
      "type": "string"
    }, 
    "protocol": {
      "description": "Protocol corresponding to the cloud security group rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Protocol", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "source": {
      "description": "Source corresponding to the cloud security group rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Source", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "type": {
      "description": "Type of AWS security group rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Type", 
      "type": "string"
    }
  }, 
  "title": "AWS Security Group Rule", 
  "type": "object"
}

AwsSecurityGroupsListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "A set of filter parameters to list Aws security groups. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "AwsResourcesListRequestParameters
  }, 
  "id": "AwsSecurityGroupsListRequestParameters", 
  "module_id": "AwsVpcInformation", 
  "properties": {
    "account_id": {
      "description": "Mandatory identifier for account based on which resources are to be filtered.", 
      "required": true, 
      "title": "Account ID", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_id": {
      "description": "Optional identifier for region based on which resources are to be filtered.", 
      "required": false, 
      "title": "Region ID", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "vpc_id": {
      "description": "Optional identifier for region based on which resources are to be filtered.", 
      "required": true, 
      "title": "Region ID", 
      "type": "string"
    }
  }, 
  "title": "Aws Security Groups List Request Parameters", 
  "type": "object"
}

AwsSecurityGroupsListResult (type) 

{
  "additionalProperties": false, 
  "description": "Stores a list of AWS security groups.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AwsSecurityGroupsListResult", 
  "module_id": "AwsVpcResources", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of AWS security groups.", 
      "items": {
        "$ref": "AwsSecurityGroup
      }, 
      "required": false, 
      "title": "Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "AWS Security Groups List Result", 
  "type": "object"
}

AwsServiceEndpoint (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about any service endpoint which is provided by AWS. NSX supported services are currently limited to Simple Storage Service (S3), Relational Database Service (RDS), DynamoDB and Elastic Load Balancing.", 
  "extends": {
    "$ref": "CloudServiceEndpoint
  }, 
  "id": "AwsServiceEndpoint", 
  "module_id": "AwsVpcResources", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cidrs": {
      "description": "Array of CIDRs associated to an AWS service.", 
      "items": {
        "format": "ipv4_cidr_block", 
        "type": "string"
      }, 
      "readonly": true, 
      "title": "CIDRs", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "nsx_security_groups": {
      "description": "Stores an array of NSX security groups associated to this cloud service endpoint.", 
      "items": {
        "$ref": "SecurityGroup
      }, 
      "readonly": true, 
      "required": false, 
      "title": "NSX security groups array", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "service_endpoint_id": {
      "description": "Cloud provided ID of the service endpoint.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Endpoint ID", 
      "type": "string"
    }, 
    "service_endpoint_type": {
      "description": "Cloud provided type of the service endpoint.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Endpoint Type", 
      "type": "string"
    }, 
    "service_name": {
      "description": "Name of the cloud service the endpoint is associated with.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Name", 
      "type": "string"
    }, 
    "service_type": {
      "description": "Stores the type of AWS service corresponding to this endpoint. AWS_RDS - Amazon Relational Database Service AWS_DYNAMODB - Amazon DynamoDB AWS_S3 - Amazon Simple Storage Service AWS_ELB - Amazon Elastic Load Balancer", 
      "enum": [
        "AWS_RDS", 
        "AWS_DYNAMODB", 
        "AWS_S3", 
        "AWS_ELB"
      ], 
      "readonly": true, 
      "title": "Service type", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "AWS Service Endpoint", 
  "type": "object"
}

AwsServiceEndpointsListResult (type) 

{
  "additionalProperties": false, 
  "description": "Stores a list of service endpoints which are provided by AWS with information about each of them. NSX supported services are currently limited to Simple Storage Service (S3), Relational Database Service (RDS), DynamoDB and Elastic Load Balancing.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AwsServiceEndpointsListResult", 
  "module_id": "AwsVpcResources", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of AWS service endpoints.", 
      "items": {
        "$ref": "AwsServiceEndpoint
      }, 
      "required": false, 
      "title": "Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "AWS Service Endpoints List Result", 
  "type": "object"
}

AwsSubnet (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "AwsSubnet", 
  "module_id": "AwsResources", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "availability_zone": {
      "required": false, 
      "tilte": "Availability zone", 
      "type": "string"
    }, 
    "cidr": {
      "format": "ipv4_cidr_block", 
      "required": true, 
      "title": "IPV4 CIDR Block for the Vpc", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "required": true, 
      "title": "ID of subnet", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "vpc_id": {
      "required": true, 
      "title": "ID of the vpc", 
      "type": "string"
    }
  }, 
  "title": "Aws subnet", 
  "type": "object"
}

AwsSubnetListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "These paramaters will be used to filter the list of subnets. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AwsSubnetListRequestParameters", 
  "module_id": "AwsResources", 
  "properties": {
    "account_id": {
      "required": true, 
      "title": "Identifier for account based on which subnets are to be filtered", 
      "type": "string"
    }, 
    "availability_zone_name": {
      "required": true, 
      "title": "Identifier for availability zone based on which subnets are to be filtered", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_name": {
      "deprecated": true, 
      "description": "This field is DEPRECATED. region_name will be learnt from vpc_id information.", 
      "required": false, 
      "title": "Identifier for region based on which subnets are to be filtered", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "vpc_id": {
      "required": true, 
      "title": "Identifier for vpc based on which subnets are to be filtered", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AwsSubnetListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AwsSubnetListResult", 
  "module_id": "AwsResources", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "AwsSubnet
      }, 
      "required": true, 
      "title": "Aws subnets list result", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Aws subnets list", 
  "type": "object"
}

AwsTransitVpcConfig (type) 

{
  "additionalProperties": false, 
  "description": "Stores the account IDs and VPC ID related to the transit VPC.", 
  "id": "AwsTransitVpcConfig", 
  "module_id": "AwsVpcInformation", 
  "properties": {
    "account_id": {
      "deprecated": true, 
      "description": "AWS account ID of the transit VPC. This field is deprecated. Field account_id can be learnt using vpc_id. GET /csm/aws/vpcs/<vpc-id> API returns associated_account_ids. Hence, this field is optional.", 
      "required": false, 
      "title": "AWS account ID", 
      "type": "string"
    }, 
    "vpc_id": {
      "description": "VPC ID of the transit VPC.", 
      "required": true, 
      "title": "VPC ID", 
      "type": "string"
    }
  }, 
  "title": "AWS Transit VPC Configuration", 
  "type": "object"
}

AwsTransitVpcInfo (type) 

{
  "description": "Stores the account ID and VPC ID related to the transit VPC. A transit VPC is a AWS VPC in which public cloud gateways are deployed and is managing the workload VMs present in other compute VPCs.", 
  "extends": {
    "$ref": "VirtualPrivateCloudInfo
  }, 
  "id": "AwsTransitVpcInfo", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "associated_account_ids": {
      "description": "Cloud account ID related to the virtual private cloud.", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Array of Cloud Account IDs", 
      "type": "array"
    }, 
    "virtual_private_cloud_id": {
      "description": "Virtual private cloud ID of the corresponding cloud.", 
      "readonly": true, 
      "required": true, 
      "title": "Virtual Private Cloud ID", 
      "type": "string"
    }, 
    "virtual_private_cloud_name": {
      "description": "Virtual private cloud name of the corresponding cloud.", 
      "readonly": true, 
      "required": true, 
      "title": "Virtual Private Cloud name", 
      "type": "string"
    }
  }, 
  "title": "AWS Transit VPC Information", 
  "type": "object"
}

AwsVirtualMachine (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about a AWS Virtual Machine", 
  "extends": {
    "$ref": "CloudVirtualMachine
  }, 
  "id": "AwsVirtualMachine", 
  "module_id": "CloudVirtualMachineInformation", 
  "polymorphic-type-descriptor": {
    "type-identifier": "AwsVirtualMachine"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "agent_status": {
      "description": "UP - NSX Agent is up and running DOWN - NSX Agent is down NO_AGENT - No NSX Agent installed on VM UNKNOWN - NSX Agent status is unknown", 
      "enum": [
        "UP", 
        "DOWN", 
        "NO_AGENT", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Agent Status", 
      "type": "string"
    }, 
    "agent_version": {
      "readonly": true, 
      "required": false, 
      "title": "Agent version details", 
      "type": "string"
    }, 
    "associated_account_ids": {
      "description": "Array of associated cloud account IDs.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Associated Cloud Account IDs", 
      "type": "array"
    }, 
    "availability_zone": {
      "description": "AWS availability zone in which virtual machine is residing", 
      "readonly": true, 
      "required": false, 
      "title": "AWS Availability Zone", 
      "type": "string"
    }, 
    "cloud_tags": {
      "items": {
        "$ref": "CloudTag
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Cloud tags for the virtual machine", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "error_messages": {
      "description": "List of error messages identified. Returns only error messages identified in the last 1 hour.", 
      "items": {
        "$ref": "ComputeInstanceErrorMessage
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of error messages", 
      "type": "array"
    }, 
    "gateway_ha_index": {
      "description": "Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway.", 
      "required": false, 
      "title": "Gateway HA Index", 
      "type": "integer"
    }, 
    "gateway_status": {
      "enum": [
        "UP", 
        "DOWN", 
        "DEPLOYING", 
        "NOT_AVAILABLE", 
        "UNDEPLOYING"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Gateway Status", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_gateway": {
      "readonly": true, 
      "required": false, 
      "title": "Flag to identify if this VM is a gateway node", 
      "type": "boolean"
    }, 
    "is_gateway_active": {
      "readonly": true, 
      "required": false, 
      "title": "Flag to identify if this VM is an active gateway node", 
      "type": "boolean"
    }, 
    "logical_switch_display_name": {
      "readonly": true, 
      "required": false, 
      "title": "Logical Switch display name", 
      "type": "string"
    }, 
    "logical_switch_id": {
      "readonly": true, 
      "required": false, 
      "title": "Logical Switch ID", 
      "type": "string"
    }, 
    "managed_by_nsx": {
      "readonly": true, 
      "required": true, 
      "title": "Indicate if vm is managed by NSX or not", 
      "type": "boolean"
    }, 
    "nsx_ip": {
      "readonly": true, 
      "required": false, 
      "title": "IP address provided by NSX", 
      "type": "string"
    }, 
    "nsx_security_group_mapping": {
      "description": "Map of cloud security groups associated to the virtual machine and corresponding NSX security groups.", 
      "items": {
        "$ref": "SecurityGroupDetails
      }, 
      "readonly": true, 
      "required": false, 
      "title": "NSX Security Group Mapping", 
      "type": "array"
    }, 
    "nsx_security_rule_errors": {
      "description": "Array of NSX security rule realization errors.", 
      "items": {
        "$ref": "NsxSecurityRuleErrorDetails
      }, 
      "readonly": true, 
      "required": false, 
      "title": "NSX Security Rule Errors", 
      "type": "array"
    }, 
    "nsx_security_rule_errors_count": {
      "description": "Count of the NSX security rule realization errors.", 
      "readonly": true, 
      "required": false, 
      "title": "NSX Security Rule Errors Count", 
      "type": "integer"
    }, 
    "os_details": {
      "readonly": true, 
      "required": false, 
      "title": "Operating system details", 
      "type": "string"
    }, 
    "os_type": {
      "readonly": true, 
      "required": false, 
      "title": "Operating system of the virtual machine", 
      "type": "string"
    }, 
    "power_state": {
      "description": "Indicates the power state of the virtual machine as returned by AWS.", 
      "enum": [
        "PENDING", 
        "RUNNING", 
        "SHUTTING_DOWN", 
        "TERMINATED", 
        "STOPPING", 
        "STOPPED"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Power State", 
      "type": "string"
    }, 
    "private_ip": {
      "readonly": true, 
      "required": false, 
      "title": "Private IP address of the virtual machine", 
      "type": "string"
    }, 
    "public_ip": {
      "readonly": true, 
      "required": false, 
      "title": "Public IP address of the virtual machine", 
      "type": "string"
    }, 
    "quarantine_state": {
      "description": "Indicates the quarantine state of the VM. QUARANTINED - This state implies VM is moved to quarantine security group because some threat has been detected. NOT_QUARANTINED - This state implies no quarantine action has been taken. UNKNOWN - This state implies either quarantine policy is disabled or quarantine information is not available. OVERRIDDEN - This state implies VM is associated with vm_override_sg which overrides any action based on threat detection. WHITELISTED - This state implies that quarantine operation will not be performed on the VM. NOT_APPLICABLE - This state will be populated for agentless vm.", 
      "enum": [
        "QUARANTINED", 
        "NOT_QUARANTINED", 
        "UNKNOWN", 
        "OVERRIDDEN", 
        "WHITELISTED", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Quarantine State", 
      "type": "string"
    }, 
    "region": {
      "description": "AWS region in which virtual machine is residing", 
      "readonly": true, 
      "required": false, 
      "title": "AWS Region", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource. Possible values are in the form of VirtualMachine prefixed by cloud name. For example, AwsVirtualMachine or AzureVirtualMachine.", 
      "enum": [
        "AwsVirtualMachine", 
        "AzureVirtualMachine"
      ], 
      "required": true, 
      "title": "Resource Type", 
      "type": "string"
    }, 
    "segment_display_name": {
      "description": "Segment display name on which this VM resides.", 
      "readonly": true, 
      "required": false, 
      "title": "Segment display name", 
      "type": "string"
    }, 
    "segment_id": {
      "description": "Segment ID on which this VM resides.", 
      "readonly": true, 
      "required": false, 
      "title": "Segment ID", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "threat_state": {
      "description": "Indicates the threat state of the VM. NORMAL - This state implies no threat has been detected and VM is functioning as expected. THREAT - This state implies quarantine enabling threat has been detected. INVALID - This state implies either VM is unmanaged or threat related information is not available. NOT_APPLICABLE - This state will be populated for agentless vm.", 
      "enum": [
        "NORMAL", 
        "THREAT", 
        "INVALID", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Threat State", 
      "type": "string"
    }, 
    "vm_config_status": {
      "$ref": "VmConfigStatus, 
      "readonly": true, 
      "required": false, 
      "title": "Status for user configurable properties"
    }, 
    "vm_extension_execution_status": {
      "description": "UNKNOWN - This is the default state. Indicates no information available           regarding extension execution. This can potentially occur for           a VM when agent is installed out of band or if           cloud_agent_automated_install_enabled flag is enabled for the           VNET/VPC which already has managed VMs. SUCCESSFUL - Indicates VM extension script execution was successful.           This does not necessarily mean agent installation was           successful. FAILED - Indicates VM extension script execution failed.", 
      "readonly": true, 
      "required": false, 
      "title": "VM extension script execution status", 
      "type": "string"
    }, 
    "vpc": {
      "description": "AWS VPC ID in which virtual machine is residing", 
      "readonly": true, 
      "required": false, 
      "title": "AWS VPC", 
      "type": "string"
    }, 
    "vpc_name": {
      "description": "AWS VPC name in which virtual machine is residing", 
      "readonly": true, 
      "required": false, 
      "title": "AWS VPC name", 
      "type": "string"
    }
  }, 
  "title": "Aws Virtual Machine Information", 
  "type": "object"
}

AwsVpc (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "AwsVpc", 
  "module_id": "AwsVpcInformation", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "agent_info": {
      "description": "Array of agent install and download instructions for various OS types.", 
      "items": {
        "$ref": "AgentInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Aws Agent Information", 
      "type": "array"
    }, 
    "ami_id": {
      "description": "Amazon Machine Image is a special type of virtual appliance that is used to create a virtual machine with the Amazon Elastic Compute Cloud. It serves as the basic unit of deployment for services delivered using Amazon EC2", 
      "readonly": true, 
      "required": false, 
      "title": "AMI ID", 
      "type": "string"
    }, 
    "associated_account_ids": {
      "description": "Array of associated AWS account IDs.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Associated AWS Account IDs", 
      "type": "array"
    }, 
    "associated_transit_vpc": {
      "$ref": "AwsTransitVpcInfo, 
      "description": "Stores the VPC ID and associated account IDs of the transit VPC. This property describes the associated transit VPC for a given AWS compute VPC.", 
      "readonly": true, 
      "required": false, 
      "title": "Associated AWS Transit VPC"
    }, 
    "cidr": {
      "deprecated": true, 
      "description": "This field is DEPRECATED as AWS started supporting multiple CIDR blocks per VPC. This field will return only the first CIDR block from the response received from AWS. Please use cidr_blocks to see the multiple CIDR blocks associated with the VPC.", 
      "format": "ipv4-cidr-block", 
      "readonly": true, 
      "title": "IPV4 CIDR Block for the Vpc", 
      "type": "string"
    }, 
    "cidr_blocks": {
      "description": "IPv4 CIDR Block of the virtual network.", 
      "items": {
        "$ref": "CidrBlock
      }, 
      "readonly": true, 
      "title": "IPv4 CIDR Block", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "gateway_info": {
      "$ref": "AwsGatewayInfo, 
      "readonly": true, 
      "required": false, 
      "title": "Gateway details for the Vpc"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "instance_stats": {
      "$ref": "InstanceStats, 
      "readonly": true, 
      "required": false, 
      "title": "Managed, unmanaged and error instance counts for the Vpc", 
      "type": "object"
    }, 
    "is_management_vpc": {
      "default": false, 
      "readonly": true, 
      "required": false, 
      "title": "Flag to identify if this is the management Vpc", 
      "type": "boolean"
    }, 
    "managed_vpcs": {
      "description": "Array of compute VPCs managed by a transit VPC. This property describes array of managed compute VPC for a given transit VPC.", 
      "items": {
        "$ref": "ManagedVpcInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Array of NSX Managed Compute VPCs", 
      "type": "array"
    }, 
    "op_status": {
      "$ref": "AwsVpcOpStatus, 
      "description": "Operational status of the VPC.", 
      "readonly": true, 
      "title": "AWS VPC Operational Status"
    }, 
    "region_id": {
      "readonly": true, 
      "required": false, 
      "title": "Id of the AWS region", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_zones": {
      "items": {
        "$ref": "TransportZoneInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Transport zones for the Vpc", 
      "type": "array"
    }, 
    "vpc_status": {
      "$ref": "AwsComputeVpcStatus, 
      "description": "Stores onboard and offboard states and corresponding error messages and error code related to AWS compute VPC. The status for a transit VPC should be obtained from gateway_info.", 
      "readonly": true, 
      "required": false, 
      "title": "AWS Compute VPC Status"
    }
  }, 
  "title": "Vpc Information", 
  "type": "object"
}

AwsVpcConfig (type) 

{
  "description": "Stores the configuration such as default_quarantine_policy_enabled and cloud_fallback_security_group_id for related AWS VPC.", 
  "extends": {
    "$ref": "VirtualPrivateCloudConfig
  }, 
  "id": "AwsVpcConfig", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "cloud_fallback_security_group_id": {
      "description": "Id of security group where the VMs should be moved after last gateway undeployed. This field is required only when default_quarantine_policy_enabled field is set to false.", 
      "title": "Id of Cloud Security Group", 
      "type": "string"
    }, 
    "default_quarantine_policy_enabled": {
      "default": false, 
      "description": "Flag to convey if virtual machines belonging to the compute virtual private cloud should be quarantined or not.", 
      "title": "Flag to Identify if Default Quarantine Policy is Enabled", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "managed_without_agents": {
      "default": false, 
      "description": "This flag determines if this compute virtual private cloud is managed with or without NSX agents.", 
      "required": false, 
      "title": "Managed Without NSX Agents", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "AWS VPC Configuration", 
  "type": "object"
}

AwsVpcListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "These paramaters will be used to filter the list of Vpcs. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AwsVpcListRequestParameters", 
  "module_id": "AwsVpcInformation", 
  "properties": {
    "account_id": {
      "required": false, 
      "title": "Identifier for account based on which vpcs are to be filtered", 
      "type": "string"
    }, 
    "associated_transit_vpc_id": {
      "description": "Identifier for filtering all the compute VPCs which are NSX managed by the given transit VPC.", 
      "required": false, 
      "title": "Transit VPC ID", 
      "type": "string"
    }, 
    "cidr": {
      "format": "ipv4_cidr_block", 
      "required": false, 
      "title": "IPV4 CIDR Block for the Vpc", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "op_status": {
      "$ref": "AwsVpcOpStatus, 
      "description": "Operational status of the VPC.", 
      "title": "AWS VPC Operational Status"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_id": {
      "required": false, 
      "title": "Identifier for region based on which vpcs are to be filtered", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "vpc_id": {
      "required": false, 
      "title": "Identifier for vpc based on which the list can be filtered or can be\nused to validate that hierarchy is correct\n", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AwsVpcListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AwsVpcListResult", 
  "module_id": "AwsVpcInformation", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "AwsVpc
      }, 
      "required": false, 
      "title": "Vpc list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Vpc list", 
  "type": "object"
}

AwsVpcOpStatus (type) 

{
  "description": "Operational status of the AWS VPC. After there are gateways deployed in a VPC, that VPC is called as transit VPC and it's status will be set as NSX_MANAGED_BY_GATEWAY. For all the compute VNets which are being managed by a transit VPC, their status will be set as NSX_MANAGED_BY_TRANSIT_VPC. NSX_GATEWAY_ERROR status means gateways are deployed in VPC, but no gateway is UP and at least one gateway is DOWN. The remaining gateway can be in NOT_AVAILABLE state. NSX_COMPUTE_ERROR status will be shown in compute VPC when transit VPC is in NSX_GATEWAY_ERROR state. Status for all the rest of the VPCs will be NSX_UNMANAGED. NSX_MANAGED is deprecated.", 
  "enum": [
    "NSX_MANAGED_BY_GATEWAY", 
    "NSX_MANAGED_BY_TRANSIT_VPC", 
    "NSX_MANAGED", 
    "NSX_UNMANAGED", 
    "NSX_GATEWAY_ERROR", 
    "NSX_COMPUTE_ERROR"
  ], 
  "id": "AwsVpcOpStatus", 
  "module_id": "CloudServiceManager", 
  "readonly": true, 
  "required": false, 
  "title": "Operational Status", 
  "type": "string"
}

Axes (type) 

{
  "additionalProperties": false, 
  "description": "Represents X and Y axes of a graph. For a multi-graph, the same axes are shared by all the graphs.", 
  "id": "Axes", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "x_label": {
      "$ref": "Label, 
      "decription": "Describes the X axis of a graph. If x_label is not specified, the label will not appear for X axis.", 
      "title": "Label for X axis of a graph"
    }, 
    "y_label": {
      "$ref": "Label, 
      "decription": "Describes the Y axis of a graph. If y_label is not specified, the label will not appear for Y axis.", 
      "title": "Label for Y axis of a graph"
    }
  }, 
  "title": "Axes of a graph", 
  "type": "object"
}

AzureAccount (type) 

{
  "additional_properties": false, 
  "description": "Stores information about an Azure account", 
  "extends": {
    "$ref": "CloudAccount
  }, 
  "id": "AzureAccount", 
  "module_id": "CloudAccounts", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "auth_method": {
      "description": "This property conveys the authorization method to use. Appropriate credentials/parameters will be expected based on this method selection.", 
      "enum": [
        "CREDENTIALS"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Azure account authorization method", 
      "type": "string"
    }, 
    "auth_users": {
      "description": "List of authorized users.", 
      "items": {
        "$ref": "CloudUserInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Authrized Users", 
      "type": "array"
    }, 
    "cloud_type": {
      "decription": "Name of the cloud vendor.", 
      "enum": [
        "AWS", 
        "AZURE", 
        "GOOGLE"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Cloud Type", 
      "type": "string"
    }, 
    "credentials": {
      "$ref": "AzureCredentials, 
      "description": "Credentials of Azure Account.", 
      "readonly": true, 
      "required": false, 
      "title": "Azure Credentials"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "has_managed_vnet": {
      "deprecated": true, 
      "description": "This field is DEPRECATED. Please use vnet_stats to get the number of managed virtual networks.", 
      "readonly": true, 
      "required": false, 
      "title": "Has a managed virtual network?", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "instance_stats": {
      "$ref": "InstanceStats, 
      "description": "Stores statistics of the number of managed, unmanaged and error virtual machines.", 
      "readonly": true, 
      "required": false, 
      "title": "Instance statistics"
    }, 
    "regions_count": {
      "description": "Count of the Azure regions which have atleast one virtual network created.", 
      "readonly": true, 
      "required": false, 
      "title": "Azure Regions Count", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "status": {
      "$ref": "AzureAccountStatus, 
      "description": "Status of the Azure Account.", 
      "readonly": true, 
      "required": false, 
      "title": "Azure Account Status"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tenant_id": {
      "description": "Tenant ID of the cloud account.", 
      "readonly": true, 
      "required": false, 
      "title": "Tenant ID", 
      "type": "string"
    }, 
    "vnet_stats": {
      "$ref": "VnetStats, 
      "description": "Stores statistics of the number of MANAGED and UNMANAGED virtual networks.", 
      "readonly": true, 
      "required": false, 
      "title": "Virtual Network Statistics"
    }
  }, 
  "title": "Azure Account", 
  "type": "object"
}

AzureAccountStatus (type) 

{
  "additional_properties": false, 
  "description": "Stores information about Azure account status.", 
  "extends": {
    "$ref": "CloudAccountStatus
  }, 
  "id": "AzureAccountStatus", 
  "module_id": "CloudAccounts", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "credentials_status": {
      "description": "Status of the cloud account credentials synced at the auto interval.", 
      "enum": [
        "VALID", 
        "INVALID"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Credentials Status", 
      "type": "string"
    }, 
    "error_message": {
      "description": "Error encountered while syncing azure inventory such as read timeout.", 
      "readonly": true, 
      "required": false, 
      "title": "Error encountered while syncing azure inventory", 
      "type": "string"
    }, 
    "inventory_sync_status": {
      "description": "Status of inventory synchronization process.", 
      "enum": [
        "SYNCED", 
        "IN_PROGRESS"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Inventory Synchronization Status", 
      "type": "string"
    }, 
    "inventory_sync_step": {
      "description": "Step of the inventory synchronization process.", 
      "enum": [
        "SYNCING_AZURE_REGIONS", 
        "SYNCING_AZURE_VNETS", 
        "SYNCING_VMS", 
        "SYNCING_NSX_DATA", 
        "SYNCING_AZURE_GATEWAYS", 
        "SYNCING_MANAGED_INSTANCES", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Inventory sync step", 
      "type": "string"
    }
  }, 
  "title": "Azure Account Status", 
  "type": "object"
}

AzureAccountsListResult (type) 

{
  "additionalProperties": false, 
  "description": "Stores a list of Azure accounts.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AzureAccountsListResult", 
  "module_id": "CloudAccounts", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of Azure accounts.", 
      "items": {
        "$ref": "AzureAccount
      }, 
      "required": true, 
      "title": "Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Azure Accounts List Result", 
  "type": "object"
}

AzureComputeVNetConfig (type) 

{
  "additionalProperties": false, 
  "description": "Stores the parameters required for linking compute VNet with the Transit VNet.", 
  "extends": {
    "$ref": "AzureVNetConfig
  }, 
  "id": "AzureComputeVNetConfig", 
  "module_id": "AzureVnetInformation", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "account_id": {
      "deprecated": true, 
      "description": "Azure account ID related to the compute VNet. This field is deprecated. Field account_id can be learnt using vnet_id. GET /csm/azure/vnets/<vnet-id> API returns associated_account_ids. Hence, this field is optional.", 
      "required": false, 
      "title": "Azure Account ID", 
      "type": "string"
    }, 
    "auto_agent_install_enabled": {
      "default": false, 
      "description": "Flag to identify if NSX agent installation will be done automatically or not. As of now this is supported for Azure Cloud only. If the flag managed_without_agents is set to true, this property will be ignored.", 
      "required": false, 
      "title": "Auto Agent Install Enabled", 
      "type": "boolean"
    }, 
    "cloud_fallback_security_group_id": {
      "description": "Id of security group where the VMs should be moved after last gateway undeployed. This field is required only when default_quarantine_policy_enabled field is set to false.", 
      "title": "Id of Cloud Security Group", 
      "type": "string"
    }, 
    "configuration": {
      "$ref": "AzureTransitVnetConfig, 
      "description": "All the required informations regarding a transit VNet will be absorbed as a part of this field.", 
      "required": true, 
      "title": "Azure Transit VNet Configuration"
    }, 
    "default_quarantine_policy_enabled": {
      "default": false, 
      "description": "Flag to convey if virtual machines belonging to the compute virtual private cloud should be quarantined or not.", 
      "title": "Flag to Identify if Default Quarantine Policy is Enabled", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "managed_without_agents": {
      "default": false, 
      "description": "This flag determines if this compute virtual private cloud is managed with or without NSX agents.", 
      "required": false, 
      "title": "Managed Without NSX Agents", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Azure Compute VNet Configuration", 
  "type": "object"
}

AzureComputeVNetListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "These paramaters will be used to filter the list of compute VNets. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AzureComputeVNetListRequestParameters", 
  "module_id": "AzureVnetInformation", 
  "properties": {
    "account_id": {
      "description": "Identifier for account based on which compute VNets are to be filtered.", 
      "required": false, 
      "title": "Azure Account ID", 
      "type": "string"
    }, 
    "associated_transit_vnet_id": {
      "description": "Identifier for filtering all the compute VNets which are NSX managed by the given transit VNet.", 
      "required": false, 
      "title": "Transit VNet ID", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "vnet_id": {
      "description": "Optional identifier for virtual network based on which compute virtual networks list can be filtered. It consists of resourceGuid of Azure VNet.", 
      "required": false, 
      "title": "VNet ID", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AzureComputeVNetListResult (type) 

{
  "additionalProperties": false, 
  "description": "Stores a list of Azure compute virtual networks.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AzureComputeVNetListResult", 
  "module_id": "AzureVnetInformation", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of Azure compute virtual networks.", 
      "items": {
        "$ref": "AzureComputeVNetConfig
      }, 
      "required": false, 
      "title": "List of Compute VNets", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Azure Compute VNet list", 
  "type": "object"
}

AzureComputeVnetStatus (type) 

{
  "additionalProperties": false, 
  "description": "Stores onboard and offboard status of Azure VNet. There are 4 states in onboarding a VNet using transit VNet and the corresponding states in sequence are VALIDATING_ENVIRONMENT, CREATING_SECURITY_GROUPS, CONFIGURING_GATEWAY and ONBOARD_SUCCESSFUL. There are 3 states in offboarding a VNet and the corresponding states in sequence are UNCONFIGURING_GATEWAY, DELETING_SECURITY_GROUPS and OFFBOARD_SUCCESSFUL. The state of failure in onboarding or offboarding is indicated by ONBOARD_FAILED and OFFBOARD_FAILED.", 
  "extends": {
    "$ref": "VirtualPrivateCloudStatus
  }, 
  "id": "AzureComputeVnetStatus", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "configuration": {
      "$ref": "AzureVNetConfig, 
      "description": "Stores AZURE VNet configuration.", 
      "required": false, 
      "title": "AZURE VNet Config"
    }, 
    "error_code": {
      "description": "Error code related to virtual private cloud Onboard/Offboard failure.", 
      "readonly": true, 
      "required": false, 
      "title": "Error Code", 
      "type": "integer"
    }, 
    "error_message": {
      "description": "Error message related to virtual private cloud Onboard/Offboard failure.", 
      "readonly": true, 
      "required": false, 
      "title": "Error Message", 
      "type": "string"
    }, 
    "offboard_step": {
      "description": "Stores the different states of virtual private cloud while offboarding from a transit virtual private cloud.", 
      "enum": [
        "UNCONFIGURING_GATEWAY", 
        "DELETING_SECURITY_GROUPS", 
        "OFFBOARD_SUCCESSFUL", 
        "OFFBOARD_FAILED", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "States of Virtual Private Cloud While OffBoard", 
      "type": "string"
    }, 
    "onboard_step": {
      "description": "Stores the different states of virtual private cloud while onboarding using a transit virtual private cloud.", 
      "enum": [
        "VALIDATING_ENVIRONMENT", 
        "CREATING_SECURITY_GROUPS", 
        "CONFIGURING_GATEWAY", 
        "ONBOARD_SUCCESSFUL", 
        "ONBOARD_FAILED", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "States of Virtual Private Cloud While Onboard", 
      "type": "string"
    }, 
    "status": {
      "description": "Indicates the status of a virtual private cloud. UP: virtual private cloud is NSX managed. DOWN: virtual private cloud is NSX managed with errors. ONBOARDING: virtual private cloud is in the process of   onboarding using a transit virtual private cloud. OFFBOARDING: virtual private cloud is in the process of    offboarding from a transit virtual private cloud. NOT_APPLICABLE: virtual private cloud is NSX unmanaged.", 
      "enum": [
        "UP", 
        "DOWN", 
        "ONBOARDING", 
        "OFFBOARDING", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Virtual Private Cloud Status", 
      "type": "string"
    }, 
    "virtual_private_cloud_name": {
      "description": "Name of the transit virtual private cloud.", 
      "readonly": true, 
      "title": "Virtual Private Cloud Name", 
      "type": "string"
    }
  }, 
  "title": "VNet Status", 
  "type": "object"
}

AzureCredentials (type) 

{
  "additional_properties": false, 
  "description": "Stores information about Azure account credentials", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AzureCredentials", 
  "module_id": "CloudAccounts", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "client_id": {
      "description": "Client ID of the Azure account.", 
      "readonly": false, 
      "required": false, 
      "title": "Azure Account Client ID", 
      "type": "string"
    }, 
    "gateway_role": {
      "description": "Default Azure Managed Service Identity role that will be set to the Cloud Gateways deployed in the Azure account. Based on the permissions in the role, the gateways will have access to resources in the Azure account.", 
      "readonly": false, 
      "required": false, 
      "title": "Azure role name for gateway", 
      "type": "string"
    }, 
    "key": {
      "description": "Key of the Azure account. Used only to take input. Will never be returned in any API response.", 
      "readonly": false, 
      "required": false, 
      "sensitive": true, 
      "title": "Azure Account Key", 
      "type": "string"
    }, 
    "subscription_id": {
      "description": "Subscription ID of the Azure account.", 
      "readonly": false, 
      "required": false, 
      "title": "Azure Account Subscription ID", 
      "type": "string"
    }, 
    "tenant_id": {
      "description": "Tenant ID of the Azure account.", 
      "readonly": false, 
      "required": false, 
      "title": "Azure Account Tenant ID", 
      "type": "string"
    }
  }, 
  "title": "Azure Account Credentials", 
  "type": "object"
}

AzureGatewayConfig (type) 

{
  "additionalProperties": false, 
  "description": "Stores Azure gateway configuration like image_id, ssh_key and gateway_ha_configuration.", 
  "extends": {
    "$ref": "GatewayConfig
  }, 
  "id": "AzureGatewayConfig", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "auto_agent_install_enabled": {
      "default": false, 
      "description": "Flag to identify if NSX agent installation will be done automatically or not. As of now this is supported for Azure Cloud only. If the flag managed_without_agents is set to true, this property will be ignored.", 
      "required": false, 
      "title": "Auto Agent Install Enabled", 
      "type": "boolean"
    }, 
    "cloud_fallback_security_group_id": {
      "description": "Id of security group where the VMs should be moved after last gateway undeployed.", 
      "required": false, 
      "title": "Id of cloud security group", 
      "type": "string"
    }, 
    "default_quarantine_policy_enabled": {
      "default": false, 
      "required": false, 
      "title": "Flag to identify if default quarantine policy is enabled", 
      "type": "boolean"
    }, 
    "dns_settings": {
      "$ref": "DnsSettings, 
      "description": "Settings related to Cloud gateway DNS configuration. This determines DNS configuration based on dns_mode.", 
      "title": "DNS settings"
    }, 
    "gateway_ha_configuration": {
      "items": {
        "$ref": "AzureGatewayHaConfig
      }, 
      "required": false, 
      "title": "Azure Gateway HA configuration", 
      "type": "array"
    }, 
    "image_id": {
      "description": "The ID of the Public Cloud Gateway image in Azure", 
      "required": false, 
      "title": "NSX PCG Image ID", 
      "type": "string"
    }, 
    "is_ha_enabled": {
      "required": false, 
      "title": "Flag to identify if HA is enabled", 
      "type": "boolean"
    }, 
    "managed_without_agents": {
      "default": false, 
      "description": "This flag determines if this virtual private cloud is managed with or without NSX agents. This flag is applicable only for this network. If this virtual private cloud is being managed without NSX agents, quarantine state and threat state will be NOT_APPLICABLE for all the virtual machines under it.", 
      "required": false, 
      "title": "Managed Without NSX Agents", 
      "type": "boolean"
    }, 
    "nsx_manager_connection": {
      "description": "Determines if connection to NSX Manager is via public IP or private IP", 
      "enum": [
        "PUBLIC_IP", 
        "PRIVATE_IP"
      ], 
      "required": false, 
      "title": "NSX Manager connection", 
      "type": "string"
    }, 
    "proxy_server_profile": {
      "description": "Id of the proxy server profile, corresponding proxy settings will be applied while deploying the gateway.", 
      "required": false, 
      "title": "Id of the proxy server profile", 
      "type": "string"
    }, 
    "ssh_key": {
      "description": "This key will be associated to Public Cloud Gateway instance while it is launched in Azure.", 
      "required": false, 
      "title": "SSH Key", 
      "type": "string"
    }, 
    "storage_account_name": {
      "description": "Azure Storage Account where gateway image will be copied.", 
      "required": false, 
      "title": "Azure Storage Account Name", 
      "type": "string"
    }, 
    "target_disk_size": {
      "description": "This is the target disk size of the PCG appliance in GB. Based on this an additional disk is attached to the PCG appliance, if required. The supported size is 191 GB and this property should only be modified post upgrade for exisiting PCG appliances.", 
      "required": false, 
      "title": "Target Disk Size", 
      "type": "integer"
    }, 
    "vpn_service_enabled": {
      "default": true, 
      "description": "Flag that will enable or disable inter-operation between NSX and non-NSX services via VPN.", 
      "required": false, 
      "title": "Flag to enable or disable inter-operation with services via VPN", 
      "type": "boolean"
    }
  }, 
  "title": "Azure gateway configuration", 
  "type": "object"
}

AzureGatewayDeployConfig (type) 

{
  "additionalProperties": false, 
  "description": "Stores configuration for Azure gateway deployment request.", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AzureGatewayDeployConfig", 
  "module_id": "AzureGatewayManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "account_id": {
      "description": "ID of the Azure account.", 
      "required": true, 
      "title": "Azure Account ID", 
      "type": "string"
    }, 
    "configuration": {
      "$ref": "AzureGatewayConfig, 
      "description": "Configuration of Azure gateway.", 
      "readonly": false, 
      "required": true, 
      "title": "Azure Gateway Configuration"
    }, 
    "vnet_id": {
      "description": "ID of the Azure Virtual Network. It consists of resourceGuid of Azure Vnet.", 
      "required": true, 
      "title": "Azure Virtual Network ID", 
      "type": "string"
    }
  }, 
  "title": "Azure gateway deployment configuration", 
  "type": "object"
}

AzureGatewayHaConfig (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AzureGatewayHaConfig", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "downlink_subnet": {
      "required": true, 
      "title": "Downlink subnet", 
      "type": "string"
    }, 
    "gateway_ha_index": {
      "required": true, 
      "title": "Index of HA that indicates whether gateway is primary or secondary.\nIf index is 0, then it is primary gateway. Else secondary gateway.\n", 
      "type": "integer"
    }, 
    "management_subnet": {
      "required": true, 
      "title": "Management subnet", 
      "type": "string"
    }, 
    "public_ip_settings": {
      "$ref": "GatewayPublicIp, 
      "description": "Stores settings related to Azure gateway Public IP configuration. The public_ip will be attached for management interface of the gateway.", 
      "required": false, 
      "title": "Public IP settings"
    }, 
    "uplink_public_ip_settings": {
      "$ref": "GatewayPublicIp, 
      "description": "Stores settings related to Azure gateway Public IP configuration. The public_ip will be attached to uplink interface of the primary gateway, based on the value of ip_allocation_mode.", 
      "required": false, 
      "title": "Public IP settings for uplink interface"
    }, 
    "uplink_subnet": {
      "required": true, 
      "title": "Uplink subnet", 
      "type": "string"
    }
  }, 
  "title": "Azure subnet configuration to deploy gateways", 
  "type": "object"
}

AzureGatewayInfo (type) 

{
  "additionalProperties": false, 
  "description": "Stores azure gateway information like configuration and status.", 
  "id": "AzureGatewayInfo", 
  "module_id": "AzureVnetInformation", 
  "properties": {
    "configuration": {
      "$ref": "AzureGatewayConfig, 
      "description": "Configuration of Azure gateway.", 
      "readonly": true, 
      "required": false, 
      "title": "Gateway Configuration"
    }, 
    "csm_ip_address": {
      "description": "Cloud service manager IP address used to communicate with the Azure VNet gateways.", 
      "readonly": true, 
      "required": false, 
      "title": "Cloud service manager IP address", 
      "type": "string"
    }, 
    "gateway_status": {
      "$ref": "AzureGatewayStatus, 
      "description": "Array of gateway statuses.", 
      "readonly": true, 
      "required": false, 
      "title": "Gateway Status"
    }
  }, 
  "title": "Azure Gateway Information", 
  "type": "object"
}

AzureGatewayInstanceStatus (type) 

{
  "description": "Stores information about Azure gateway instance status", 
  "extends": {
    "$ref": "GatewayInstanceStatus
  }, 
  "id": "AzureGatewayInstanceStatus", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "azure_image_bytes_copied": {
      "description": "Displays number of bytes copied, while copying gateway image.", 
      "readonly": true, 
      "required": false, 
      "title": "Bytes copied, while copying image", 
      "type": "integer"
    }, 
    "azure_image_copy_progress": {
      "description": "Displays progress percentage while copying gateway image.", 
      "readonly": true, 
      "required": false, 
      "title": "Progress Percentage for image copy", 
      "type": "integer"
    }, 
    "azure_image_total_bytes": {
      "description": "Displays total number of bytes required to be copied, for copying gateway image.", 
      "readonly": true, 
      "required": false, 
      "title": "Total bytes required to be copied, for copying image", 
      "type": "integer"
    }, 
    "configuration_operation_status": {
      "$ref": "GatewayConfigOperationStatus, 
      "description": "This property provides a consolidated status of supported gateway configuration operations.", 
      "readonly": true, 
      "required": false, 
      "title": "Status of different gateway configuration operations", 
      "type": "object"
    }, 
    "deployment_step": {
      "enum": [
        "VALIDATING_ENVIRONMENT", 
        "COPYING_IMAGE", 
        "CREATING_SECURITY_GROUPS", 
        "LAUNCHING_GATEWAY", 
        "CREATING_NETWORK_INTERFACES", 
        "ATTACHING_NETWORK_INTERFACES", 
        "ATTACHING_SECURITY_GROUPS", 
        "CONFIGURING_GATEWAY", 
        "CREATING_LOGICAL_NETWORK_CONSTRUCTS", 
        "DEPLOYMENT_SUCCESSFUL", 
        "DEPLOYMENT_FAILED", 
        "UNCONFIGURING_GATEWAY", 
        "RELEASING_EIPS", 
        "TERMINATING_GATEWAY", 
        "DELETING_SECURITY_GROUPS", 
        "DELETING_CLOUD_RESOURCES", 
        "UNDEPLOYMENT_SUCCESSFUL", 
        "UNDEPLOYMENT_FAILED", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Different states of gateway deployment", 
      "type": "string"
    }, 
    "error_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code for gateway operation failure", 
      "type": "integer"
    }, 
    "error_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message for gateway operation failure", 
      "type": "string"
    }, 
    "gateway_ha_index": {
      "required": false, 
      "title": "Index of HA that indicates whether gateway is primary or secondary.\nIf index is 0, then it is primary gateway. Else secondary gateway.\n", 
      "type": "integer"
    }, 
    "gateway_instance_id": {
      "required": false, 
      "title": "ID of the gateway instance", 
      "type": "string"
    }, 
    "gateway_lcp_connectivity_status": {
      "description": "Status of connectivity between NSX controller and public cloud gateway.", 
      "enum": [
        "UP", 
        "DOWN", 
        "DEGRADED", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Gateway to NSX Controller connectivity status", 
      "type": "string"
    }, 
    "gateway_mpa_connectivity_status": {
      "description": "Status of connectivity between NSX manager and public cloud gateway.", 
      "enum": [
        "UP", 
        "DOWN", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Gateway to NSX Manager connectivity status", 
      "type": "string"
    }, 
    "gateway_name": {
      "required": false, 
      "title": "Name of the gateway instance", 
      "type": "string"
    }, 
    "gateway_node_id": {
      "required": false, 
      "title": "NSX Node ID of the public cloud gateway", 
      "type": "string"
    }, 
    "gateway_status": {
      "enum": [
        "UP", 
        "DOWN", 
        "DEPLOYING", 
        "NOT_AVAILABLE", 
        "UNDEPLOYING"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Gateway instance status", 
      "type": "string"
    }, 
    "gateway_tn_id": {
      "required": false, 
      "title": "NSX transport node id of the public cloud gateway", 
      "type": "string"
    }, 
    "is_gateway_active": {
      "readonly": true, 
      "required": false, 
      "title": "Flag to identify if this is an active gateway", 
      "type": "boolean"
    }, 
    "private_ip": {
      "readonly": true, 
      "required": false, 
      "title": "Private IP address of the virtual machine", 
      "type": "string"
    }, 
    "public_ip": {
      "readonly": true, 
      "required": false, 
      "title": "Public IP address of the virtual machine", 
      "type": "string"
    }, 
    "vpn_private_ip": {
      "description": "Private IP address of the virtual machine for VPN", 
      "readonly": true, 
      "required": false, 
      "title": "VPN Private IP address", 
      "type": "string"
    }
  }, 
  "title": "Azure gateway instance status", 
  "type": "object"
}

AzureGatewayStatus (type) 

{
  "additionalProperties": false, 
  "description": "Stores Azure gateway status related information", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AzureGatewayStatus", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "gateway_cluster_id": {
      "description": "Cluster ID of NSX gateway", 
      "required": false, 
      "title": "NSX gateway cluster ID", 
      "type": "string"
    }, 
    "gateway_instances_status": {
      "description": "Array of gateway instances statuses", 
      "items": {
        "$ref": "AzureGatewayInstanceStatus
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Gateway Instances Status", 
      "type": "array"
    }
  }, 
  "title": "Azure Gateway Status", 
  "type": "object"
}

AzureGatewayUndeployConfig (type) 

{
  "additionalProperties": false, 
  "description": "Stores configuration for Azure gateway undeployment request.", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AzureGatewayUndeployConfig", 
  "module_id": "AzureGatewayManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "account_id": {
      "description": "ID of the Azure account.", 
      "required": true, 
      "title": "Azure Account ID", 
      "type": "string"
    }, 
    "instance_id": {
      "description": "ID of the gateway instance.", 
      "required": true, 
      "title": "Azure Instance ID", 
      "type": "string"
    }
  }, 
  "title": "Azure gateway undeployment configuration", 
  "type": "object"
}

AzureGatewaysListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "A set of optional filter parameters to list Azure gateways. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AzureGatewaysListRequestParameters", 
  "module_id": "AzureGatewayManagement", 
  "properties": {
    "account_id": {
      "description": "Optional identifier for account based on which Azure gateways list can be filtered.", 
      "required": false, 
      "title": "Azure Account ID", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_id": {
      "description": "Optional identifier for region based on which Azure Gateways list can be filtered.", 
      "required": false, 
      "title": "Azure Region ID", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "vnet_id": {
      "description": "Optional identifier for virtual network based on which Azure Gateways list can be filtered. It consists of resourceGuid of Azure Vnet.", 
      "required": false, 
      "title": "Azure Virtual Network ID", 
      "type": "string"
    }
  }, 
  "title": "Azure Gateways List Request Parameters", 
  "type": "object"
}

AzureGatewaysListResult (type) 

{
  "additionalProperties": false, 
  "description": "Stores a list of Azure gateways.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AzureGatewaysListResult", 
  "module_id": "AzureGatewayManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of Azure gateways.", 
      "items": {
        "$ref": "AzureGatewayDeployConfig
      }, 
      "required": false, 
      "title": "Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Azure Gateways List Result", 
  "type": "object"
}

AzureIpAllocationConfig (type) 

{
  "additionalProperties": false, 
  "description": "Azure cloud specific configuration parameters to create IP allocations for a Pivotal Application Service / Pivotal Cloud Foundry foundation.", 
  "extends": {
    "$ref": "CloudIpAllocationConfig
  }, 
  "id": "AzureIpAllocationConfig", 
  "module_id": "AzureIpManagement", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "cloud_account_id": {
      "description": "ID of the Cloud Account in which the IPs are allocated.", 
      "readonly": false, 
      "required": true, 
      "title": "Cloud Account ID", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_allocation_mode": {
      "default": "PUBLIC_IP", 
      "description": "PUBLIC_IP: Allocate new public IP. LINK_LOCAL_IP: Allocate new link local IP.", 
      "enum": [
        "PUBLIC_IP", 
        "LINK_LOCAL_IP"
      ], 
      "title": "IP Allocation Mode", 
      "type": "string"
    }, 
    "ip_allocation_type": {
      "default": "PAS", 
      "description": "Based on the type, IP allocation will be done accordingly. Legal values are PAS and NAT.", 
      "enum": [
        "PAS", 
        "NAT"
      ], 
      "title": "IP allocation type", 
      "type": "string"
    }, 
    "number_of_allocations": {
      "desription": "The number of public/link local IP allocations requested.\n", 
      "readonly": false, 
      "required": true, 
      "title": "Number of IP allocations required.", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "vnet_id": {
      "description": "ID of the Azure Vnet in which the IPs are allocated.", 
      "readonly": false, 
      "required": true, 
      "title": "Vnet ID", 
      "type": "string"
    }
  }, 
  "title": "Cloud IP allocation configuration", 
  "type": "object"
}

AzureIpAllocationMappings (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about Cloud IP mapping for a Pivotal Application Service / Pivotal Cloud Foundry foundation.", 
  "extends": {
    "$ref": "CloudIpAllocationMappings
  }, 
  "id": "AzureIpAllocationMappings", 
  "module_id": "AzureIpManagement", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "cloud_account_id": {
      "description": "ID of the Cloud Account in which the IPs are allocated.", 
      "readonly": true, 
      "title": "Cloud Account ID", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "error_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code for IP allocation failure", 
      "type": "integer"
    }, 
    "error_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message for IP allocation failure", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_allocation_type": {
      "default": "PAS", 
      "description": "Based on the type, IP allocation will be done accordingly. Legal values are PAS and NAT.", 
      "enum": [
        "PAS", 
        "NAT"
      ], 
      "readonly": true, 
      "title": "IP allocation type", 
      "type": "string"
    }, 
    "ip_mappings": {
      "description": "IP mappings for a foundation.", 
      "items": {
        "$ref": "CloudIpAllocationMapping
      }, 
      "readonly": true, 
      "type": "array"
    }, 
    "ip_operation_status": {
      "description": "Indicates the state of the IP allocation or de-allocation. ALLOCATION_IN_PROGRESS: IP allocation is in progress. DELETION_IN_PROGRESS: IP de-allocation or deletion is in progress. SUCCESSFUL: IP allocation is successful. Successful de-allocation can be confirmed if the status API for this mapping returns a 404 error. FAILED: IP allocation or de-allocation failed.", 
      "enum": [
        "ALLOCATION_IN_PROGRESS", 
        "DELETION_IN_PROGRESS", 
        "SUCCESSFUL", 
        "FAILED"
      ], 
      "readonly": true, 
      "title": "IP Allocation State", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "vnet_id": {
      "description": "ID of the Azure Vnet in which the IPs are allocated.", 
      "readonly": true, 
      "title": "Vnet ID", 
      "type": "string"
    }
  }, 
  "title": "Cloud IP allocation mappings", 
  "type": "object"
}

AzureIpMappingsListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "These paramaters will be used to filter the list of IP allocation mappings. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "IpMappingsListRequestParameters
  }, 
  "id": "AzureIpMappingsListRequestParameters", 
  "module_id": "AzureIpManagement", 
  "properties": {
    "cloud_account_id": {
      "description": "ID of the Cloud Account in which the IPs are allocated.", 
      "required": false, 
      "title": "Cloud Account ID", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "display_name": {
      "description": "Name of IP Mappings.", 
      "required": false, 
      "title": "Name of IP Mappings", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "ip_allocation_type": {
      "default": "PAS", 
      "description": "Based on the type, IP allocation will be done accordingly. Legal values are PAS and NAT.", 
      "enum": [
        "PAS", 
        "NAT"
      ], 
      "required": false, 
      "title": "IP allocation type", 
      "type": "string"
    }, 
    "mapping_id": {
      "description": "ID of the mapping returned in IP allocation request.", 
      "required": false, 
      "title": "Mapping ID", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "vnet_id": {
      "description": "ID of the Azure Vnet in which the IPs are allocated.", 
      "required": false, 
      "title": "Vnet ID", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AzureIpMappingsListResult (type) 

{
  "additionalProperties": false, 
  "description": "Stores a list of Cloud IP mappings.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AzureIpMappingsListResult", 
  "module_id": "AzureIpManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of Cloud public/link local IP to secondary IP mappings.", 
      "items": {
        "$ref": "AzureIpAllocationMappings
      }, 
      "required": false, 
      "title": "Cloud IP mappings Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Cloud IP Mappings List Result", 
  "type": "object"
}

AzurePublicIpListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "A set of filter parameters to list Azure Public IPs. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AzurePublicIpListRequestParameters", 
  "module_id": "AzureResources", 
  "properties": {
    "account_id": {
      "description": "Mandatory identifier for account based on which public IPs are to be filtered.", 
      "required": true, 
      "title": "Account ID", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_id": {
      "description": "Optional identifier for region based on which public IPs are to be filtered.", 
      "required": false, 
      "title": "Region ID", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Azure Public IP List Request Parameters", 
  "type": "object"
}

AzurePublicIpListResult (type) 

{
  "additionalProperties": false, 
  "description": "Stores a list of Azure public IPs.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AzurePublicIpListResult", 
  "module_id": "AzureResources", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of Azure Public IPs.", 
      "items": {
        "type": "string"
      }, 
      "required": true, 
      "title": "Azure Public IP", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Azure Public IP List Result", 
  "type": "object"
}

AzureRegion (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about an Azure region.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "AzureRegion", 
  "module_id": "AzureRegionInformation", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "associated_account_ids": {
      "description": "Array of associated Azure account IDs.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Associated Azure Account IDs", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "gateway_stats": {
      "$ref": "GatewayStats, 
      "description": "Stores statistics of the number of UP, DOWN and DEPLOYING gateways.", 
      "readonly": true, 
      "required": false, 
      "title": "Gateway Statistics"
    }, 
    "has_managed_vnet": {
      "readonly": true, 
      "required": false, 
      "title": "Has a managed Virtual Network?", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "instance_stats": {
      "$ref": "InstanceStats, 
      "description": "Stores statistics of the number of MANAGED, UNMANAGED and ERROR instances.", 
      "readonly": true, 
      "required": false, 
      "title": "Instance Statistics"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "vnet_stats": {
      "$ref": "VnetStats, 
      "description": "Stores statistics of the number of MANAGED and UNMANAGED virtual networks.", 
      "readonly": true, 
      "required": false, 
      "title": "Virtual Network Statistics"
    }
  }, 
  "title": "Azure Region Information", 
  "type": "object"
}

AzureRegionsListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "A set of optional filter parameters to list Azure regions. Multiple parameters can be given as input to use 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AzureRegionsListRequestParameters", 
  "module_id": "AzureRegionInformation", 
  "properties": {
    "account_id": {
      "description": "Optional identifier for account based on which regions list can be filtered.", 
      "required": false, 
      "title": "Azure Account ID", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_id": {
      "description": "Optional identifier for region based on which the regions list can be filtered.", 
      "required": false, 
      "title": "Azure Region ID", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Azure Regions List Request Parameters", 
  "type": "object"
}

AzureRegionsListResult (type) 

{
  "additionalProperties": false, 
  "description": "A list of Azure regions.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AzureRegionsListResult", 
  "module_id": "AzureRegionInformation", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of Azure regions.", 
      "items": {
        "$ref": "AzureRegion
      }, 
      "required": false, 
      "title": "Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Azure Regions List Result", 
  "type": "object"
}

AzureResourceGroup (type) 

{
  "additionalProperties": false, 
  "description": "Stores Azure resource group information.", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AzureResourceGroup", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "resource_group_id": {
      "description": "Id of resource group.", 
      "required": false, 
      "title": "Id of resource group", 
      "type": "string"
    }, 
    "resource_group_name": {
      "description": "Name of resource group.", 
      "required": false, 
      "title": "Name of resource group", 
      "type": "string"
    }
  }, 
  "title": "Azure Resource Group", 
  "type": "object"
}

AzureResourceGroupsListResult (type) 

{
  "additionalProperties": false, 
  "description": "Stores a list of Azure resource groups.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AzureResourceGroupsListResult", 
  "module_id": "AzureResources", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of Azure resource groups.", 
      "items": {
        "$ref": "AzureResourceGroup
      }, 
      "required": true, 
      "title": "Azure resource groups Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Azure Resource Groups List Result", 
  "type": "object"
}

AzureResourcesListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "A set of filter parameters to list Azure resources. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "SecurityGroupListRequestParameters
  }, 
  "id": "AzureResourcesListRequestParameters", 
  "module_id": "AzureResources", 
  "properties": {
    "account_id": {
      "description": "Optional identifier for account based on which resources are to be filtered.", 
      "required": false, 
      "title": "Account ID", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "is_managed_by_nsx": {
      "description": "Filter parameter to obtain security groups which are managed by NSX.", 
      "title": "Is Managed By NSX", 
      "type": "boolean"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_id": {
      "description": "Optional identifier for region based on which resources are to be filtered.", 
      "required": false, 
      "title": "Region ID", 
      "type": "string"
    }, 
    "resource_group_id": {
      "description": "Optional identifier for resource group id based on which resources are to be filtered.", 
      "required": false, 
      "title": "Resource Group ID", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "vnet_id": {
      "description": "Optional identifier for virtual network based on which resources are to be filtered.", 
      "required": false, 
      "title": "Virtual Network ID", 
      "type": "string"
    }
  }, 
  "title": "Azure Resource List Request Parameters", 
  "type": "object"
}

AzureSecurityGroup (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about an Azure VNet security group.", 
  "extends": {
    "$ref": "CloudSecurityGroup
  }, 
  "id": "AzureSecurityGroup", 
  "module_id": "AzureResources", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "associated_vnet_ids": {
      "description": "Array of VNet IDs.", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "VNet IDs", 
      "type": "array"
    }, 
    "cloud_tags": {
      "description": "Array of tags associated to a cloud security group.", 
      "items": {
        "$ref": "CloudTag
      }, 
      "readonly": true, 
      "title": "Cloud Tags", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "inbound_rules": {
      "description": "Array of inbound rules of the Azure security group.", 
      "items": {
        "$ref": "AzureSecurityGroupRule
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Inbound Rules", 
      "type": "array"
    }, 
    "is_managed_by_nsx": {
      "description": "If the flag is true, the cloud security group is managed by NSX.", 
      "readonly": true, 
      "required": false, 
      "title": "Is Managed By NSX", 
      "type": "boolean"
    }, 
    "nsx_security_group_mapping": {
      "description": "Map of cloud application security groups associated to this Azure network security group and corresponding NSX security groups.", 
      "items": {
        "$ref": "SecurityGroupDetails
      }, 
      "readonly": true, 
      "required": false, 
      "title": "NSX Security Group Mapping", 
      "type": "array"
    }, 
    "outbound_rules": {
      "description": "Array of outbound rules of the Azure security group.", 
      "items": {
        "$ref": "AzureSecurityGroupRule
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Outbound Rules", 
      "type": "array"
    }, 
    "region_id": {
      "description": "ID of the cloud region.", 
      "readonly": true, 
      "required": false, 
      "title": "Region ID", 
      "type": "string"
    }, 
    "resource_group_name": {
      "description": "Name of the Azure resource group.", 
      "readonly": true, 
      "required": false, 
      "title": "Resource Group Name", 
      "type": "string"
    }, 
    "resource_id": {
      "description": "Resource ID of Azure Network Security Group.", 
      "readonly": true, 
      "required": false, 
      "title": "Resource ID", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "security_group_id": {
      "description": "ID of the cloud security group.", 
      "readonly": true, 
      "required": false, 
      "title": "Security Group ID", 
      "type": "string"
    }, 
    "security_group_name": {
      "description": "Name of the cloud security group.", 
      "readonly": true, 
      "required": false, 
      "title": "Security Group Name", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Azure VNet Security Group", 
  "type": "object"
}

AzureSecurityGroupRule (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about an Azure security group rule.", 
  "extends": {
    "$ref": "CloudSecurityGroupRule
  }, 
  "id": "AzureSecurityGroupRule", 
  "module_id": "AzureResources", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "action": {
      "description": "Action configured for the Azure security group rule.", 
      "enum": [
        "ALLOW", 
        "DENY"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Action", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destination": {
      "description": "Destination corresponding to the cloud security group rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Destination", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "port_range": {
      "description": "Port range corresponding to the cloud security group rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Port Range", 
      "type": "string"
    }, 
    "priority": {
      "description": "Priority of the Azure security group rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Priority", 
      "type": "integer"
    }, 
    "protocol": {
      "description": "Protocol corresponding to the cloud security group rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Protocol", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "source": {
      "description": "Source corresponding to the cloud security group rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Source", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Azure Security Group Rule", 
  "type": "object"
}

AzureSecurityGroupsListResult (type) 

{
  "additionalProperties": false, 
  "description": "Stores a list of Azure security groups.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AzureSecurityGroupsListResult", 
  "module_id": "AzureResources", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of Azure security groups.", 
      "items": {
        "$ref": "AzureSecurityGroup
      }, 
      "required": false, 
      "title": "Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Azure Security Groups List Result", 
  "type": "object"
}

AzureServiceEndpoint (type) 

{
  "additionalProperties": false, 
  "description": "Stores endpoint information about any service which is provided by Azure. NSX supported services are currently limited to Azure Storage, Azure SQL Database, Azure Cosmos DB and Azure Load Balancer.", 
  "extends": {
    "$ref": "CloudServiceEndpoint
  }, 
  "id": "AzureServiceEndpoint", 
  "module_id": "AzureVnetResources", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "nsx_security_groups": {
      "description": "Stores an array of NSX security groups associated to this cloud service endpoint.", 
      "items": {
        "$ref": "SecurityGroup
      }, 
      "readonly": true, 
      "required": false, 
      "title": "NSX security groups array", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "service_endpoint_id": {
      "description": "Cloud provided ID of the service endpoint.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Endpoint ID", 
      "type": "string"
    }, 
    "service_endpoint_type": {
      "description": "Cloud provided type of the service endpoint.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Endpoint Type", 
      "type": "string"
    }, 
    "service_name": {
      "description": "Name of the cloud service the endpoint is associated with.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Name", 
      "type": "string"
    }, 
    "service_type": {
      "description": "Stores the type of Azure service corresponding to this endpoint. AZURE_COSMOSDB - Azure Cosmos DB AZURE_SQL - Azure SQL Database AZURE_STORAGE - Azure Storage AZURE_LOAD_BALANCER - Azure Load Balancer", 
      "enum": [
        "AZURE_COSMOSDB", 
        "AZURE_SQL", 
        "AZURE_STORAGE", 
        "AZURE_LOAD_BALANCER"
      ], 
      "readonly": true, 
      "title": "Service type", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Azure Service Endpoint", 
  "type": "object"
}

AzureServiceEndpointsListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "These paramaters will be used to filter the list of Azure service endpoints. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AzureServiceEndpointsListRequestParameters", 
  "module_id": "AzureVnetResources", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "service_endpoint_id": {
      "description": "Optional ID of Azure service endpoint based on which the list of service endpoints are to be filtered.", 
      "required": false, 
      "title": "Azure Service Endpoint ID", 
      "type": "string"
    }, 
    "service_name": {
      "description": "Optional name of Azure service based on which the list of service endpoints are to be filtered.", 
      "required": false, 
      "title": "Azure Service Name", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AzureServiceEndpointsListResult (type) 

{
  "additionalProperties": false, 
  "description": "Stores a list of service endpoints which are provided by Azure with information about each of them. NSX supported services are currently limited to Azure\u00a0Storage, Azure SQL Database, Azure Cosmos DB and Azure Load Balancer.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AzureServiceEndpointsListResult", 
  "module_id": "AzureVnetResources", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of Azure service endpoints.", 
      "items": {
        "$ref": "AzureServiceEndpoint
      }, 
      "required": false, 
      "title": "Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Azure Service Endpoints List Result", 
  "type": "object"
}

AzureStorageAccount (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "AzureStorageAccount", 
  "module_id": "AzureResources", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "name": {
      "required": true, 
      "title": "Name of the Azure Storage Account", 
      "type": "string"
    }
  }, 
  "title": "Azure Storage Account", 
  "type": "object"
}

AzureStorageAccountList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AzureStorageAccountList", 
  "module_id": "AzureResources", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "AzureStorageAccount
      }, 
      "required": false, 
      "title": "Azure Storage Accounts list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of Azure Storage Accounts", 
  "type": "object"
}

AzureStorageAccountsListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "These paramaters will be used to filter the list of storage accounts. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AzureStorageAccountsListRequestParameters", 
  "module_id": "AzureResources", 
  "properties": {
    "account_id": {
      "required": true, 
      "title": "Identifier for account based on which list of storage accounts will be obtained\n", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_id": {
      "required": true, 
      "title": "Identifier for region based on which list of storage accounts will be obtained\n", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

AzureSubnet (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about an Azure subnet.", 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "AzureSubnet", 
  "module_id": "AzureResources", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "address_space": {
      "format": "Address space of the subnet in IPv4 CIDR block format.", 
      "readonly": true, 
      "title": "Azure subnet address space", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "desription": "Stores the ID of the subnet.", 
      "readonly": true, 
      "title": "ID of Subnet", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "vnet_id": {
      "description": "ID of the Azure Virtual Network.It consists of resourceGuid of Azure Vnet.", 
      "readonly": true, 
      "title": "Azure Virtual Network ID", 
      "type": "string"
    }
  }, 
  "title": "Azure Subnet", 
  "type": "object"
}

AzureSubnetListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "A set of filter parameters to list Azure subnets. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AzureSubnetListRequestParameters", 
  "module_id": "AzureResources", 
  "properties": {
    "account_id": {
      "description": "Mandatory identifier for account based on which subnets are to be filtered.", 
      "required": true, 
      "title": "Account ID", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_id": {
      "deprecated": true, 
      "description": "This field is DEPRECATED. region_id will be learnt from vnet_id information.", 
      "required": false, 
      "title": "Region ID", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "vnet_id": {
      "description": "Identifier for vnet based on which subnets are to be filtered. It consists of resourceGuid of Azure Vnet.", 
      "required": true, 
      "title": "Virtual Network ID", 
      "type": "string"
    }
  }, 
  "title": "Azure Subnet List Request Parameters", 
  "type": "object"
}

AzureSubnetListResult (type) 

{
  "additionalProperties": false, 
  "description": "Stores a list of Azure subnets.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AzureSubnetListResult", 
  "module_id": "AzureResources", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of Azure subnets.", 
      "items": {
        "$ref": "AzureSubnet
      }, 
      "required": true, 
      "title": "Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Azure subnets List Result", 
  "type": "object"
}

AzureTransitVnetConfig (type) 

{
  "additionalProperties": false, 
  "description": "Stores the account IDs and VNet ID related to the transit VNet.", 
  "id": "AzureTransitVnetConfig", 
  "module_id": "AzureVnetInformation", 
  "properties": {
    "account_id": {
      "deprecated": true, 
      "description": "Azure account ID of the transit VNet. This field is deprecated. Field account_id can be learnt using vnet_id. GET /csm/azure/vnets/<vnet-id> API returns associated_account_ids. Hence, this field is optional.", 
      "required": false, 
      "title": "Azure account ID", 
      "type": "string"
    }, 
    "vnet_id": {
      "description": "VNet ID of the transit VNet.", 
      "required": true, 
      "title": "VNet ID", 
      "type": "string"
    }
  }, 
  "title": "Azure Transit VNet Configuration", 
  "type": "object"
}

AzureTransitVnetInfo (type) 

{
  "description": "Stores the account ID and VNet ID related to the transit VNet. A transit VNet is a Azure VNet in which public cloud gateways are deployed and is managing the workload VMs present in other compute VNets.", 
  "extends": {
    "$ref": "VirtualPrivateCloudInfo
  }, 
  "id": "AzureTransitVnetInfo", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "associated_account_ids": {
      "description": "Cloud account ID related to the virtual private cloud.", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Array of Cloud Account IDs", 
      "type": "array"
    }, 
    "virtual_private_cloud_id": {
      "description": "Virtual private cloud ID of the corresponding cloud.", 
      "readonly": true, 
      "required": true, 
      "title": "Virtual Private Cloud ID", 
      "type": "string"
    }, 
    "virtual_private_cloud_name": {
      "description": "Virtual private cloud name of the corresponding cloud.", 
      "readonly": true, 
      "required": true, 
      "title": "Virtual Private Cloud name", 
      "type": "string"
    }
  }, 
  "title": "Azure Transit VNet Information", 
  "type": "object"
}

AzureVNetConfig (type) 

{
  "additionalProperties": false, 
  "description": "Stores the configuration such as default_quarantine_policy_enabled, cloud_fallback_security_group_id and auto_agent_install_enabled for correponding AZURE VNet.", 
  "extends": {
    "$ref": "VirtualPrivateCloudConfig
  }, 
  "id": "AzureVNetConfig", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "auto_agent_install_enabled": {
      "default": false, 
      "description": "Flag to identify if NSX agent installation will be done automatically or not. As of now this is supported for Azure Cloud only. If the flag managed_without_agents is set to true, this property will be ignored.", 
      "required": false, 
      "title": "Auto Agent Install Enabled", 
      "type": "boolean"
    }, 
    "cloud_fallback_security_group_id": {
      "description": "Id of security group where the VMs should be moved after last gateway undeployed. This field is required only when default_quarantine_policy_enabled field is set to false.", 
      "title": "Id of Cloud Security Group", 
      "type": "string"
    }, 
    "default_quarantine_policy_enabled": {
      "default": false, 
      "description": "Flag to convey if virtual machines belonging to the compute virtual private cloud should be quarantined or not.", 
      "title": "Flag to Identify if Default Quarantine Policy is Enabled", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "managed_without_agents": {
      "default": false, 
      "description": "This flag determines if this compute virtual private cloud is managed with or without NSX agents.", 
      "required": false, 
      "title": "Managed Without NSX Agents", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "AZURE VNet Configuration", 
  "type": "object"
}

AzureVirtualMachine (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about a Azure Virtual Machine", 
  "extends": {
    "$ref": "CloudVirtualMachine
  }, 
  "id": "AzureVirtualMachine", 
  "module_id": "CloudVirtualMachineInformation", 
  "polymorphic-type-descriptor": {
    "type-identifier": "AzureVirtualMachine"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "agent_status": {
      "description": "UP - NSX Agent is up and running DOWN - NSX Agent is down NO_AGENT - No NSX Agent installed on VM UNKNOWN - NSX Agent status is unknown", 
      "enum": [
        "UP", 
        "DOWN", 
        "NO_AGENT", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Agent Status", 
      "type": "string"
    }, 
    "agent_version": {
      "readonly": true, 
      "required": false, 
      "title": "Agent version details", 
      "type": "string"
    }, 
    "associated_account_ids": {
      "description": "Array of associated cloud account IDs.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Associated Cloud Account IDs", 
      "type": "array"
    }, 
    "cloud_network_security_group": {
      "$ref": "SecurityGroup, 
      "description": "Stores information about the cloud network security group associated to the virtual machine.", 
      "readonly": true, 
      "required": false, 
      "title": "Cloud Network Security Group"
    }, 
    "cloud_tags": {
      "items": {
        "$ref": "CloudTag
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Cloud tags for the virtual machine", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "error_messages": {
      "description": "List of error messages identified. Returns only error messages identified in the last 1 hour.", 
      "items": {
        "$ref": "ComputeInstanceErrorMessage
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of error messages", 
      "type": "array"
    }, 
    "gateway_ha_index": {
      "description": "Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway.", 
      "required": false, 
      "title": "Gateway HA Index", 
      "type": "integer"
    }, 
    "gateway_status": {
      "enum": [
        "UP", 
        "DOWN", 
        "DEPLOYING", 
        "NOT_AVAILABLE", 
        "UNDEPLOYING"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Gateway Status", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_gateway": {
      "readonly": true, 
      "required": false, 
      "title": "Flag to identify if this VM is a gateway node", 
      "type": "boolean"
    }, 
    "is_gateway_active": {
      "readonly": true, 
      "required": false, 
      "title": "Flag to identify if this VM is an active gateway node", 
      "type": "boolean"
    }, 
    "logical_switch_display_name": {
      "readonly": true, 
      "required": false, 
      "title": "Logical Switch display name", 
      "type": "string"
    }, 
    "logical_switch_id": {
      "readonly": true, 
      "required": false, 
      "title": "Logical Switch ID", 
      "type": "string"
    }, 
    "managed_by_nsx": {
      "readonly": true, 
      "required": true, 
      "title": "Indicate if vm is managed by NSX or not", 
      "type": "boolean"
    }, 
    "nsx_ip": {
      "readonly": true, 
      "required": false, 
      "title": "IP address provided by NSX", 
      "type": "string"
    }, 
    "nsx_security_group_mapping": {
      "description": "Map of cloud security groups associated to the virtual machine and corresponding NSX security groups.", 
      "items": {
        "$ref": "SecurityGroupDetails
      }, 
      "readonly": true, 
      "required": false, 
      "title": "NSX Security Group Mapping", 
      "type": "array"
    }, 
    "nsx_security_rule_errors": {
      "description": "Array of NSX security rule realization errors.", 
      "items": {
        "$ref": "NsxSecurityRuleErrorDetails
      }, 
      "readonly": true, 
      "required": false, 
      "title": "NSX Security Rule Errors", 
      "type": "array"
    }, 
    "nsx_security_rule_errors_count": {
      "description": "Count of the NSX security rule realization errors.", 
      "readonly": true, 
      "required": false, 
      "title": "NSX Security Rule Errors Count", 
      "type": "integer"
    }, 
    "os_details": {
      "readonly": true, 
      "required": false, 
      "title": "Operating system details", 
      "type": "string"
    }, 
    "os_type": {
      "readonly": true, 
      "required": false, 
      "title": "Operating system of the virtual machine", 
      "type": "string"
    }, 
    "power_state": {
      "description": "Indicates power state of the virtual machine as returned by Azure.", 
      "enum": [
        "RUNNING", 
        "DEALLOCATING", 
        "DEALLOCATED", 
        "STARTING", 
        "STOPPED", 
        "STOPPING", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Power State", 
      "type": "string"
    }, 
    "private_ip": {
      "readonly": true, 
      "required": false, 
      "title": "Private IP address of the virtual machine", 
      "type": "string"
    }, 
    "public_ip": {
      "readonly": true, 
      "required": false, 
      "title": "Public IP address of the virtual machine", 
      "type": "string"
    }, 
    "quarantine_state": {
      "description": "Indicates the quarantine state of the VM. QUARANTINED - This state implies VM is moved to quarantine security group because some threat has been detected. NOT_QUARANTINED - This state implies no quarantine action has been taken. UNKNOWN - This state implies either quarantine policy is disabled or quarantine information is not available. OVERRIDDEN - This state implies VM is associated with vm_override_sg which overrides any action based on threat detection. WHITELISTED - This state implies that quarantine operation will not be performed on the VM. NOT_APPLICABLE - This state will be populated for agentless vm.", 
      "enum": [
        "QUARANTINED", 
        "NOT_QUARANTINED", 
        "UNKNOWN", 
        "OVERRIDDEN", 
        "WHITELISTED", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Quarantine State", 
      "type": "string"
    }, 
    "region": {
      "description": "Azure region in which virtual machine is residing", 
      "readonly": true, 
      "required": false, 
      "title": "Azure region", 
      "type": "string"
    }, 
    "resource_group": {
      "description": "Resource Group of the Azure Virtual Machine.", 
      "readonly": true, 
      "required": false, 
      "title": "Resource Group", 
      "type": "string"
    }, 
    "resource_id": {
      "description": "Resource Id of Azure Virtual Machine.", 
      "readonly": true, 
      "required": false, 
      "title": "Azure Virtual Machine resource id", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource. Possible values are in the form of VirtualMachine prefixed by cloud name. For example, AwsVirtualMachine or AzureVirtualMachine.", 
      "enum": [
        "AwsVirtualMachine", 
        "AzureVirtualMachine"
      ], 
      "required": true, 
      "title": "Resource Type", 
      "type": "string"
    }, 
    "segment_display_name": {
      "description": "Segment display name on which this VM resides.", 
      "readonly": true, 
      "required": false, 
      "title": "Segment display name", 
      "type": "string"
    }, 
    "segment_id": {
      "description": "Segment ID on which this VM resides.", 
      "readonly": true, 
      "required": false, 
      "title": "Segment ID", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "threat_state": {
      "description": "Indicates the threat state of the VM. NORMAL - This state implies no threat has been detected and VM is functioning as expected. THREAT - This state implies quarantine enabling threat has been detected. INVALID - This state implies either VM is unmanaged or threat related information is not available. NOT_APPLICABLE - This state will be populated for agentless vm.", 
      "enum": [
        "NORMAL", 
        "THREAT", 
        "INVALID", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Threat State", 
      "type": "string"
    }, 
    "vm_config_status": {
      "$ref": "VmConfigStatus, 
      "readonly": true, 
      "required": false, 
      "title": "Status for user configurable properties"
    }, 
    "vm_extension_execution_status": {
      "description": "UNKNOWN - This is the default state. Indicates no information available           regarding extension execution. This can potentially occur for           a VM when agent is installed out of band or if           cloud_agent_automated_install_enabled flag is enabled for the           VNET/VPC which already has managed VMs. SUCCESSFUL - Indicates VM extension script execution was successful.           This does not necessarily mean agent installation was           successful. FAILED - Indicates VM extension script execution failed.", 
      "readonly": true, 
      "required": false, 
      "title": "VM extension script execution status", 
      "type": "string"
    }, 
    "vnet": {
      "description": "Azure virtual network ID in which virtual machine is residing", 
      "readonly": true, 
      "required": false, 
      "title": "Azure virtual network", 
      "type": "string"
    }, 
    "vnet_name": {
      "description": "Azure virtual network name in which virtual machine is residing", 
      "readonly": true, 
      "required": false, 
      "title": "Azure virtual network name", 
      "type": "string"
    }
  }, 
  "title": "Azure Virtual Machine Information", 
  "type": "object"
}

AzureVnet (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about an Azure VNet (Virtual Network).", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "AzureVnet", 
  "module_id": "AzureVnetInformation", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "agent_info": {
      "description": "Array of agent install and download instructions for various OS types.", 
      "items": {
        "$ref": "AgentInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Azure Agent Information", 
      "type": "array"
    }, 
    "associated_account_ids": {
      "description": "Array of associated Azure account IDs.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Associated Azure Account IDs", 
      "type": "array"
    }, 
    "associated_transit_vnet": {
      "$ref": "AzureTransitVnetInfo, 
      "description": "Stores the VNet ID and associated account IDs of the transit VNet. This property describes the associated transit VNet for a given Azure compute VNet.", 
      "readonly": true, 
      "title": "Associated Azure Transit VNet"
    }, 
    "cidr_blocks": {
      "description": "IPv4 CIDR Block of the virtual network.", 
      "items": {
        "$ref": "CidrBlock
      }, 
      "readonly": true, 
      "required": false, 
      "title": "IPv4 CIDR Block", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "gateway_info": {
      "$ref": "AzureGatewayInfo, 
      "description": "Gateway information of the virtual network like configuration and status.", 
      "readonly": true, 
      "required": false, 
      "title": "Gateway Info"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "instance_stats": {
      "$ref": "InstanceStats, 
      "description": "Stores statistics of the number of MANAGED, MANAGED and ERROR instances.", 
      "readonly": true, 
      "required": false, 
      "title": "Instance Statistics", 
      "type": "object"
    }, 
    "is_management_vnet": {
      "default": false, 
      "description": "This flag indicates if this is a management virtual network.", 
      "readonly": true, 
      "required": false, 
      "title": "Is Management VNet?", 
      "type": "boolean"
    }, 
    "managed_vnets": {
      "description": "Array of compute VNets managed by a transit VNet. This property describes array of managed compute VNet for a given transit VNet.", 
      "items": {
        "$ref": "ManagedVnetInfo
      }, 
      "readonly": true, 
      "title": "Array of NSX Managed Compute VNets", 
      "type": "array"
    }, 
    "op_status": {
      "$ref": "AzureVnetOpStatus, 
      "description": "Operational status of the virtual network.", 
      "readonly": true, 
      "title": "Azure VNet Operational Status"
    }, 
    "region_id": {
      "description": "ID of the Azure region.", 
      "readonly": true, 
      "required": false, 
      "title": "Region ID", 
      "type": "string"
    }, 
    "resource_group": {
      "description": "Resource Group of the Azure VNet.", 
      "readonly": true, 
      "required": false, 
      "title": "Resource Group", 
      "type": "string"
    }, 
    "resource_id": {
      "description": "Resource Id of Azure VNet.", 
      "readonly": true, 
      "required": false, 
      "title": "Azure VNet resource id", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "storage_account_name": {
      "description": "Azure Storage Account where gateway image will be copied.", 
      "required": false, 
      "title": "Azure Storage Account Name", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_zones": {
      "description": "Array of transport zones in the virtual network.", 
      "items": {
        "$ref": "TransportZoneInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Transport Zones", 
      "type": "array"
    }, 
    "vnet_status": {
      "$ref": "AzureComputeVnetStatus, 
      "description": "Stores onboard and offboard states and corresponding error messages and error code related to Azure compute VNet. The status for a transit VNet should be obtained from gateway_info.", 
      "readonly": true, 
      "title": "Azure Compute VNet Status"
    }
  }, 
  "title": "Azure VNet", 
  "type": "object"
}

AzureVnetListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "A set of optional filter parameters to list Azure virtual networks. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "AzureVnetListRequestParameters", 
  "module_id": "AzureVnetInformation", 
  "properties": {
    "account_id": {
      "description": "Optional identifier for account based on which virtual networks list can be filtered.", 
      "required": false, 
      "title": "Account ID", 
      "type": "string"
    }, 
    "associated_transit_vnet_id": {
      "description": "Identifier for filtering all the compute VNets which are NSX managed by the given transit VNet.", 
      "required": false, 
      "title": "Transit VNet ID", 
      "type": "string"
    }, 
    "cidr": {
      "$ref": "CidrBlock, 
      "description": "Optional identifier for IPv4 CIDR Block based on which virtual networks list can be filtered.", 
      "format": "ipv4_cidr_block", 
      "required": false, 
      "title": "IPv4 CIDR Block"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "op_status": {
      "$ref": "AzureVnetOpStatus, 
      "description": "Operational status of the virtual network.", 
      "readonly": true, 
      "title": "Azure VNet Operational Status"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "region_id": {
      "description": "Optional identifier for region based on which virtual networks list can be filtered.", 
      "required": false, 
      "title": "Region ID", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "vnet_id": {
      "description": "Optional identifier for virtual network based on which virtual networks list can be filtered. It consists of resourceGuid of Azure VNet.", 
      "required": false, 
      "title": "Virtual Network ID", 
      "type": "string"
    }
  }, 
  "title": "Azure VNet List Request Parameters", 
  "type": "object"
}

AzureVnetListResult (type) 

{
  "additionalProperties": false, 
  "description": "Stores a list of Azure virtual networks.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "AzureVnetListResult", 
  "module_id": "AzureVnetInformation", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of Azure virtual networks.", 
      "items": {
        "$ref": "AzureVnet
      }, 
      "required": false, 
      "title": "Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Azure VNet List Result", 
  "type": "object"
}

AzureVnetOpStatus (type) 

{
  "description": "Operational status of the azure virtual network. After there are gateways deployed in a VNet, that VNet is called as transit VNet and it's status will be set as NSX_MANAGED_BY_GATEWAY. For all the compute VNets which are being managed by a transit VNet, their status will be set as NSX_MANAGED_BY_TRANSIT_VNET. NSX_GATEWAY_ERROR status means gateways are deployed in VNet, but no gateway is UP and at least one gateway is DOWN, The remaining gateway can be in NOT_AVAILABLE state. NSX_COMPUTE_ERROR status will be shown in compute VNet when transit VNet is in NSX_GATEWAY_ERROR state. Status for all the rest of the VNets will be NSX_UNMANAGED. NSX_MANAGED is deprecated.", 
  "enum": [
    "NSX_MANAGED_BY_GATEWAY", 
    "NSX_MANAGED_BY_TRANSIT_VNET", 
    "NSX_MANAGED", 
    "NSX_UNMANAGED", 
    "NSX_GATEWAY_ERROR", 
    "NSX_COMPUTE_ERROR"
  ], 
  "id": "AzureVnetOpStatus", 
  "module_id": "CloudServiceManager", 
  "readonly": true, 
  "required": false, 
  "title": "Operational Status", 
  "type": "string"
}

BFDDiagnosticCount (type) 

{
  "additionalProperties": false, 
  "id": "BFDDiagnosticCount", 
  "module_id": "Heatmap", 
  "properties": {
    "administratively_down_count": {
      "description": "Number of tunnels with administratively down diagnostic message", 
      "title": "Number of tunnels with administratively message", 
      "type": "integer"
    }, 
    "concatenated_path_down_count": {
      "description": "Number of tunnels with concatenated path down diagnostic message", 
      "title": "Number of tunnels with concatenated message", 
      "type": "integer"
    }, 
    "control_detection_time_expired_count": {
      "description": "Number of tunnels with control detection time expired diagnostic message", 
      "title": "Number of tunnels with expired message", 
      "type": "integer"
    }, 
    "echo_function_failed_count": {
      "description": "Number of tunnels with echo function failed diagnostic message", 
      "title": "Number of tunnels with failed message", 
      "type": "integer"
    }, 
    "forwarding_plane_reset_count": {
      "description": "Number of tunnels with forwarding plane reset diagnostic message", 
      "title": "Number of tunnels with reset message", 
      "type": "integer"
    }, 
    "neighbor_signaled_session_down_count": {
      "title": "Number of tunnels neighbor signaled session down", 
      "type": "integer"
    }, 
    "no_diagnostic_count": {
      "title": "Number of tunnels with no diagnostic", 
      "type": "integer"
    }, 
    "path_down_count": {
      "description": "Number of tunnels with path down diagnostic message", 
      "title": "Number of tunnels with path down message", 
      "type": "integer"
    }, 
    "reverse_concatenated_path_down_count": {
      "description": "Number of tunnels with reverse concatenated path down diagnostic message", 
      "title": "Number of tunnels with reverse message", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

BFDProperties (type) 

{
  "additionalProperties": false, 
  "id": "BFDProperties", 
  "module_id": "Tunnel", 
  "properties": {
    "active": {
      "readonly": true, 
      "required": false, 
      "title": "True if tunnel is active in a gateway HA setup", 
      "type": "boolean"
    }, 
    "diagnostic": {
      "description": "A short message indicating what the BFD session thinks is wrong in case of a problem", 
      "readonly": true, 
      "required": false, 
      "title": "Diagnostic message of a problem", 
      "type": "string"
    }, 
    "forwarding": {
      "readonly": true, 
      "required": false, 
      "title": "True if the BFD session believes this interface may be used to forward traffic", 
      "type": "boolean"
    }, 
    "remote_diagnostic": {
      "description": "A short message indicating what the remote interface's BFD session thinks is wrong in case of a problem", 
      "readonly": true, 
      "required": false, 
      "title": "Diagnostic message of a problem", 
      "type": "string"
    }, 
    "remote_state": {
      "enum": [
        "UNKNOWN_STATE", 
        "ADMIN_DOWN", 
        "DOWN", 
        "INIT", 
        "UP"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "State of the remote interface's BFD session", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNKNOWN_STATE", 
        "ADMIN_DOWN", 
        "DOWN", 
        "INIT", 
        "UP"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "State of the BFD session", 
      "type": "string"
    }
  }, 
  "title": "BFD information", 
  "type": "object"
}

BFDStatusCount (type) 

{
  "additionalProperties": false, 
  "id": "BFDStatusCount", 
  "module_id": "Heatmap", 
  "properties": {
    "bfd_admin_down_count": {
      "title": "Number of tunnels in BFD admin down state", 
      "type": "int"
    }, 
    "bfd_down_count": {
      "title": "Number of tunnels in BFD down state", 
      "type": "int"
    }, 
    "bfd_init_count": {
      "title": "Number of tunnels in BFD init state", 
      "type": "int"
    }, 
    "bfd_up_count": {
      "title": "Number of tunnels in BFD up state", 
      "type": "int"
    }
  }, 
  "type": "object"
}

BGPCommunityList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "BGPCommunityList", 
  "module_id": "Routing", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "communities": {
      "description": "Array of BGP communities", 
      "items": {
        "type": "string"
      }, 
      "required": true, 
      "title": "BGP community list", 
      "type": "array"
    }, 
    "community_type": {
      "default": "NormalBGPCommunity", 
      "description": "BGP community type. It has two types as NormalBGPCommunity BGP normal community which includes well-known community name as well as community value in range from [1-4294967295] or value in aa:nn format(aa/nn range from 1-65535). LargeBGPCommunity BGP large community which includes community value in aa:bb:nn format where aa, bb, nn are unsigned integers in the range [1-4294967295].", 
      "enum": [
        "NormalBGPCommunity", 
        "LargeBGPCommunity"
      ], 
      "title": "BGP community type", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logical_router_id": {
      "readonly": true, 
      "required": false, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

BGPCommunityListListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "BGPCommunityListListResult", 
  "module_id": "Routing", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Paginated list of bgp community lists", 
      "items": {
        "$ref": "BGPCommunityList
      }, 
      "required": false, 
      "title": "List of bgp communities", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

BackupConfiguration (type) 

{
  "additionalProperties": false, 
  "id": "BackupConfiguration", 
  "module_id": "BackupConfiguration", 
  "properties": {
    "after_inventory_update_interval": {
      "maximum": 86400, 
      "minimum": 300, 
      "required": false, 
      "title": "A number of seconds after a last backup, that needs to pass, before a topology change will trigger a generation of a new cluster/node backups. If parameter is not provided, then changes in a topology will not trigger a generation of cluster/node backups.", 
      "type": "integer"
    }, 
    "backup_enabled": {
      "default": false, 
      "title": "true if automated backup is enabled", 
      "type": "boolean"
    }, 
    "backup_schedule": {
      "$ref": "BackupSchedule, 
      "title": "Set when backups should be taken - on a weekly schedule or at regular intervals."
    }, 
    "inventory_summary_interval": {
      "default": 240, 
      "maximum": 3600, 
      "minimum": 30, 
      "title": "The minimum number of seconds between each upload of the inventory summary to backup server.", 
      "type": "integer"
    }, 
    "passphrase": {
      "description": "Passphrase used to encrypt backup files. The passphrase specified must be at least 8 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one special character (any other non-space character).", 
      "pattern": "^$|^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[^a-zA-Z\\d\\s]).{8,}$", 
      "sensitive": true, 
      "title": "Passphrase used to encrypt backup files.", 
      "type": "string", 
      "validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.weak_passprase.message"
    }, 
    "remote_file_server": {
      "$ref": "RemoteFileServer, 
      "required": true, 
      "title": "The server to which backups will be sent."
    }
  }, 
  "title": "Configuration for taking manual/automated backup", 
  "type": "object"
}

BackupOperationHistory (type) 

{
  "additionalProperties": false, 
  "id": "BackupOperationHistory", 
  "module_id": "BackupConfiguration", 
  "properties": {
    "cluster_backup_statuses": {
      "items": {
        "$ref": "BackupOperationStatus
      }, 
      "required": false, 
      "title": "Statuses of previous cluser backups", 
      "type": "array"
    }, 
    "inventory_backup_statuses": {
      "items": {
        "$ref": "BackupOperationStatus
      }, 
      "required": false, 
      "title": "Statuses of previous inventory backups", 
      "type": "array"
    }, 
    "node_backup_statuses": {
      "items": {
        "$ref": "BackupOperationStatus
      }, 
      "required": false, 
      "title": "Statuses of previous node backups", 
      "type": "array"
    }
  }, 
  "title": "Past backup operation details", 
  "type": "object"
}

BackupOperationStatus (type) 

{
  "additionalProperties": false, 
  "id": "BackupOperationStatus", 
  "module_id": "BackupConfiguration", 
  "properties": {
    "backup_id": {
      "required": true, 
      "title": "Unique identifier of a backup", 
      "type": "string"
    }, 
    "end_time": {
      "$ref": "EpochMsTimestamp, 
      "required": false, 
      "title": "Time when operation was ended"
    }, 
    "error_code": {
      "enum": [
        "BACKUP_NOT_RUN_ON_MASTER", 
        "BACKUP_SERVER_UNREACHABLE", 
        "BACKUP_AUTHENTICATION_FAILURE", 
        "BACKUP_PERMISSION_ERROR", 
        "BACKUP_TIMEOUT", 
        "BACKUP_BAD_FINGERPRINT", 
        "BACKUP_GENERIC_ERROR"
      ], 
      "required": false, 
      "title": "Error code", 
      "type": "string"
    }, 
    "error_message": {
      "required": false, 
      "title": "Error code details", 
      "type": "string"
    }, 
    "start_time": {
      "$ref": "EpochMsTimestamp, 
      "required": false, 
      "title": "Time when operation was started"
    }, 
    "success": {
      "required": true, 
      "title": "True if backup is successfully completed, else false", 
      "type": "boolean"
    }
  }, 
  "readOnly": true, 
  "title": "Backup operation status", 
  "type": "object"
}

BackupSchedule (type) 

{
  "abstract": true, 
  "id": "BackupSchedule", 
  "module_id": "BackupConfiguration", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "resource_type": {
      "enum": [
        "WeeklyBackupSchedule", 
        "IntervalBackupSchedule"
      ], 
      "required": true, 
      "title": "Schedule type", 
      "type": "string"
    }
  }, 
  "title": "Abstract base type for Weekly or Interval Backup Schedule", 
  "type": "object"
}

BaseEndpoint (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Represents an endpoint which will be used as subject in rule. It is a polymorphic type object which can be either of the types - 1. Virtual 2. Logical We have 2 separate objects representing these 2 types. VirtualEndPoint for Virtual type and ServiceInstanceEndpoint for Logical.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "BaseEndpoint", 
  "module_id": "PolicyServiceInsertion", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "VirtualEndpoint", 
        "ServiceInstanceEndpoint"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "target_ips": {
      "description": "IPs where either inbound or outbound traffic is to be redirected.", 
      "items": {
        "$ref": "IPInfo
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "IP addresses to redirect the traffic to", 
      "type": "array"
    }
  }, 
  "title": "An endpoint to be used in redirection rule", 
  "type": "object"
}

BaseFirewallProfile (type) 

{
  "abstract": true, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "BaseFirewallProfile", 
  "module_id": "FirewallProfile", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Resource type to use as profile type", 
      "enum": [
        "FirewallSessionTimerProfile", 
        "FirewallCpuMemThresholdsProfile", 
        "FirewallFloodProtectionProfile", 
        "FirewallDnsProfile"
      ], 
      "help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile'\n", 
      "required": true, 
      "title": "Resource type to use as profile type.", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

BaseHostSwitchProfile (type) 

{
  "abstract": true, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "BaseHostSwitchProfile", 
  "module_id": "BaseHostSwitchProfile", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "required_capabilities": {
      "help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "resource_type": {
      "$ref": "HostSwitchProfileType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

BaseNodeAggregateInfo (type) 

{
  "additionalProperties": false, 
  "id": "BaseNodeAggregateInfo", 
  "module_id": "ClusterManagement", 
  "properties": {
    "display_name": {
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "readonly": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "node_interface_properties": {
      "items": {
        "$ref": "NodeInterfaceProperties
      }, 
      "readonly": true, 
      "title": "Array of Node interface statistic properties", 
      "type": "array"
    }, 
    "node_interface_statistics": {
      "items": {
        "$ref": "NodeInterfaceStatisticsProperties
      }, 
      "readonly": true, 
      "title": "Array of Node network interface statistic properties", 
      "type": "array"
    }, 
    "node_status": {
      "$ref": "ClusterNodeStatus, 
      "readonly": true
    }, 
    "node_status_properties": {
      "items": {
        "$ref": "NodeStatusProperties
      }, 
      "title": "Time series of the node's system properties", 
      "type": "array"
    }
  }, 
  "type": "object"
}

BasePolicyServiceInstance (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Represents an instance of partner Service and its configuration.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "BasePolicyServiceInstance", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "deployment_mode": {
      "default": "ACTIVE_STANDBY", 
      "description": "Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode.", 
      "enum": [
        "STAND_ALONE", 
        "ACTIVE_STANDBY"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Deployment Mode", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "partner_service_name": {
      "description": "Unique name of Partner Service in the Marketplace", 
      "required": true, 
      "title": "Name of Partner Service", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_type": {
      "default": "L2_BRIDGE", 
      "description": "Transport to be used while deploying Service-VM.", 
      "enum": [
        "L2_BRIDGE", 
        "L3_ROUTED"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Transport Type", 
      "type": "string"
    }
  }, 
  "title": "Represents an instance of partner Service and its configuration", 
  "type": "object"
}

BaseRule (type) 

{
  "additionalProperties": false, 
  "description": "A rule indicates the action to be performed for various types of traffic flowing between workload groups.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "BaseRule", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destination_groups": {
      "description": "We need paths as duplicate names may exist for groups under different domains.In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Destination group paths", 
      "type": "array"
    }, 
    "destinations_excluded": {
      "default": false, 
      "description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups", 
      "readonly": false, 
      "required": false, 
      "title": "Negation of destination groups", 
      "type": "boolean"
    }, 
    "direction": {
      "default": "IN_OUT", 
      "description": "Define direction of traffic.", 
      "enum": [
        "IN", 
        "OUT", 
        "IN_OUT"
      ], 
      "required": false, 
      "title": "Direction", 
      "type": "string"
    }, 
    "disabled": {
      "default": false, 
      "description": "Flag to disable the rule. Default is enabled.", 
      "readonly": false, 
      "required": false, 
      "title": "Flag to disable the rule", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_protocol": {
      "description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.", 
      "enum": [
        "IPV4", 
        "IPV6", 
        "IPV4_IPV6"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "IPv4 vs IPv6 packet type", 
      "type": "string"
    }, 
    "logged": {
      "default": false, 
      "description": "Flag to enable packet logging. Default is disabled.", 
      "readonly": false, 
      "required": false, 
      "title": "Enable logging flag", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "notes": {
      "description": "Text for additional notes on changes.", 
      "maxLength": 2048, 
      "readonly": false, 
      "required": false, 
      "title": "Text for additional notes on changes", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "profiles": {
      "description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Layer 7 service profiles", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "scope": {
      "description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "type": "array"
    }, 
    "sequence_number": {
      "description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain", 
      "minimum": 0, 
      "required": false, 
      "title": "Sequence number of the this Rule", 
      "type": "int"
    }, 
    "services": {
      "description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Names of services", 
      "type": "array"
    }, 
    "source_groups": {
      "description": "We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Source group paths", 
      "type": "array"
    }, 
    "sources_excluded": {
      "default": false, 
      "description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups", 
      "readonly": false, 
      "required": false, 
      "title": "Negation of source groups", 
      "type": "boolean"
    }, 
    "tag": {
      "description": "User level field which will be printed in CLI and packet logs.", 
      "required": false, 
      "title": "Tag applied on the rule", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "A rule represent base properties for ,dfw, forwarding, redirection rule", 
  "type": "object"
}

BaseRuleListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "BaseRuleListResult", 
  "module_id": "Policy", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Rules", 
  "type": "object"
}

BaseServiceInstance (type) 

{
  "abstract": true, 
  "description": "The deployment of a registered service. service instance is instantiation of service.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "BaseServiceInstance", 
  "module_id": "ServiceInsertionCommonTypes", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "on_failure_policy": {
      "description": "Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to.", 
      "enum": [
        "ALLOW", 
        "BLOCK"
      ], 
      "required": false, 
      "title": "On Failure Policy", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "ServiceInstanceResourceType, 
      "required": true
    }, 
    "service_id": {
      "description": "The Service to which the service instance is associated.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Id", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_type": {
      "description": "Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection).", 
      "enum": [
        "L2_BRIDGE", 
        "L3_ROUTED", 
        "NSH", 
        "NA"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Transport Type", 
      "type": "string"
    }
  }, 
  "title": "Base Instance of a service", 
  "type": "object"
}

BaseServiceProfile (type) 

{
  "description": "Base Service Profile", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "BaseServiceProfile", 
  "module_id": "ServiceInsertionCommonTypes", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Service Profile type, for example 'GiServiceProfile', 'ServiceInsertionServiceProfile'", 
      "required": true, 
      "title": "Service Profile Resource type.", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Base Service Profile", 
  "type": "object"
}

BaseSwitchingProfile (type) 

{
  "abstract": true, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "BaseSwitchingProfile", 
  "module_id": "BaseSwitchingProfile", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "required_capabilities": {
      "help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "resource_type": {
      "help_summary": "Possible values are 'QosSwitchingProfile', 'PortMirroringSwitchingProfile',\n'IpDiscoverySwitchingProfile', 'MacManagementSwitchingProfile', 'SpoofGuardSwitchingProfile' and 'SwitchSecuritySwitchingProfile'\n'PortMirroringSwitchingProfile' is deprecated, please turn to\n\"Troubleshooting And Monitoring: Portmirroring\" and use\nPortMirroringSession API for port mirror function.\n", 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

BaseTier0Interface (type) 

{
  "additionalProperties": false, 
  "description": "Tier-0 interface configuration for external connectivity.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "BaseTier0Interface", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "subnets": {
      "description": "Specify IP address and network prefix for interface.", 
      "items": {
        "$ref": "InterfaceSubnet
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "IP address and subnet specification for interface", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Tier-0 interface configuration", 
  "type": "object"
}

BasicAuthenticationScheme (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "AuthenticationScheme
  }, 
  "id": "BasicAuthenticationScheme", 
  "properties": {
    "password": {
      "required": true, 
      "sensitive": true, 
      "title": "Password to authenticate with", 
      "type": "string"
    }, 
    "scheme_name": {
      "enum": [
        "basic"
      ], 
      "required": true, 
      "title": "Authentication scheme name", 
      "type": "string"
    }, 
    "username": {
      "pattern": "^.+$", 
      "required": true, 
      "title": "User name to authenticate with", 
      "type": "string"
    }
  }, 
  "type": "object"
}

BatchParameter (type) 

{
  "id": "BatchParameter", 
  "module_id": "Common", 
  "properties": {
    "atomic": {
      "default": false, 
      "description": "use this flag if you want transactional atomicity", 
      "required": false, 
      "title": "transactional atomicity for the batch of requests embedded in the batch list", 
      "type": "boolean"
    }
  }, 
  "title": "Options that affect how batch operations are processed", 
  "type": "object"
}

BatchRequest (type) 

{
  "id": "BatchRequest", 
  "module_id": "Common", 
  "properties": {
    "continue_on_error": {
      "default": true, 
      "description": "Flag to decide if we will continue processing subsequent requests in case of current error for atomic = false.", 
      "required": false, 
      "type": "boolean"
    }, 
    "requests": {
      "items": {
        "$ref": "BatchRequestItem
      }, 
      "sensitive": true, 
      "type": "array"
    }
  }, 
  "title": "A set of operations to be performed in a single batch", 
  "type": "object"
}

BatchRequestItem (type) 

{
  "id": "BatchRequestItem", 
  "module_id": "Common", 
  "properties": {
    "body": {
      "type": "object"
    }, 
    "method": {
      "description": "http method type", 
      "enum": [
        "GET", 
        "POST", 
        "PUT", 
        "DELETE", 
        "PATCH"
      ], 
      "required": true, 
      "title": "method type(POST/PUT/DELETE/UPDATE)", 
      "type": "string"
    }, 
    "uri": {
      "description": "relative uri (path and args), of the call including resource id (if this is a POST/DELETE), exclude hostname and port and prefix, exploded form of parameters", 
      "required": true, 
      "title": "Internal uri of the call", 
      "type": "string"
    }
  }, 
  "title": "A single request within a batch of operations", 
  "type": "object"
}

BatchResponse (type) 

{
  "additionalProperties": false, 
  "id": "BatchResponse", 
  "module_id": "Common", 
  "properties": {
    "has_errors": {
      "description": "Indicates if any of the APIs failed", 
      "title": "errors indicator", 
      "type": "boolean"
    }, 
    "results": {
      "items": {
        "$ref": "BatchResponseItem
      }, 
      "required": true, 
      "title": "Bulk list results", 
      "type": "array"
    }, 
    "rolled_back": {
      "description": "Optional flag indicating that all items were rolled back even if succeeded initially", 
      "title": "indicates if all items were rolled back.", 
      "type": "boolean"
    }
  }, 
  "title": "The reponse to a batch operation", 
  "type": "object"
}

BatchResponseItem (type) 

{
  "id": "BatchResponseItem", 
  "module_id": "Common", 
  "properties": {
    "body": {
      "description": "object returned by api", 
      "required": false, 
      "title": "object returned by api", 
      "type": "object"
    }, 
    "code": {
      "description": "http status code", 
      "required": true, 
      "title": "object returned by api", 
      "type": "integer"
    }, 
    "headers": {
      "description": "The headers returned by the API call", 
      "title": "object returned by api", 
      "type": "object"
    }
  }, 
  "title": "A single respose in a list of batched responses", 
  "type": "object"
}

BfdConfig (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "BfdConfig", 
  "module_id": "Routing", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "declare_dead_multiple": {
      "default": 3, 
      "maximum": 16, 
      "minimum": 2, 
      "required": false, 
      "title": "Number of times a packet is missed before BFD declares the neighbor down.", 
      "type": "integer"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": false, 
      "required": false, 
      "title": "Flag to enable BFD for this LogicalRouter", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logical_router_id": {
      "readonly": true, 
      "required": false, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "receive_interval": {
      "default": 1000, 
      "description": "the time interval (in milliseconds) between heartbeat packets for BFD when receiving heartbeats.", 
      "maximum": 60000, 
      "minimum": 100, 
      "required": false, 
      "title": "Receive interval for heartbeats", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transmit_interval": {
      "default": 1000, 
      "description": "the time interval (in milliseconds) between heartbeat packets for BFD when sending heartbeats.", 
      "maximum": 60000, 
      "minimum": 100, 
      "required": false, 
      "title": "Transmit interval for heartbeats", 
      "type": "integer"
    }
  }, 
  "title": "BFD configuration for LogicalRouter", 
  "type": "object"
}

BfdConfigParameters (type) 

{
  "id": "BfdConfigParameters", 
  "module_id": "Routing", 
  "properties": {
    "declare_dead_multiple": {
      "default": 3, 
      "maximum": 16, 
      "minimum": 2, 
      "required": false, 
      "title": "Number of times a packet is missed before BFD declares the neighbor down.", 
      "type": "integer"
    }, 
    "receive_interval": {
      "default": 1000, 
      "description": "The time interval (in milliseconds) between heartbeat packets for BFD when receiving heartbeats.| For edge cluster type of bare metal, this value should be >= 300ms.| For edge cluster type of virtual machine or hybrid, this value should be >= 1000ms.", 
      "maximum": 60000, 
      "minimum": 300, 
      "required": false, 
      "title": "Receive interval for heartbeats", 
      "type": "integer"
    }, 
    "transmit_interval": {
      "default": 1000, 
      "description": "The time interval (in milliseconds) between heartbeat packets for BFD when sending heartbeats.| For edge cluster type of bare metal, this value should be >= 300ms.| For edge cluster type of virtual machine or hybrid, this value should be >= 1000ms.", 
      "maximum": 60000, 
      "minimum": 300, 
      "required": false, 
      "title": "Transmit interval for heartbeats", 
      "type": "integer"
    }
  }, 
  "title": "BFD configuration for the given Peer.", 
  "type": "object"
}

BfdHealthMonitoringProfile (type) 

{
  "extends": {
    "$ref": "TransportZoneProfile
  }, 
  "id": "BfdHealthMonitoringProfile", 
  "module_id": "BfdHealthMonitoringProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "BfdHealthMonitoringProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "required": true, 
      "title": "Whether the heartbeat is enabled. A POST or PUT request with \"enabled\" false (with no probe intervals) will set (POST) or reset (PUT) the probe_interval to their default value.", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "latency_enabled": {
      "description": "The flag is to turn on/off latency. A POST or PUT request with \"latency_enabled\" true will enable NSX to send the networking latency data to thrid-party monitoring tools like vRNI.", 
      "required": false, 
      "title": "Whether the latency is enabled.", 
      "type": "boolean"
    }, 
    "probe_interval": {
      "default": 1000, 
      "minimum": 300, 
      "required": false, 
      "title": "The time interval (in millisec) between probe packets for tunnels between transport nodes.", 
      "type": "integer"
    }, 
    "resource_type": {
      "enum": [
        "BfdHealthMonitoringProfile"
      ], 
      "help_summary": "Possible value is 'BfdHealthMonitoringProfile'", 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Profile for BFD health monitoring", 
  "type": "object"
}

BgpAddressFamily (type) 

{
  "additionalProperties": false, 
  "id": "BgpAddressFamily", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "in_prefix_count": {
      "description": "Count of in prefixes", 
      "readonly": true, 
      "required": false, 
      "title": "Count of in prefixes", 
      "type": "integer"
    }, 
    "out_prefix_count": {
      "description": "Count of out prefixes", 
      "readonly": true, 
      "required": false, 
      "title": "Count of out prefixes", 
      "type": "integer"
    }, 
    "type": {
      "description": "BGP address family type", 
      "enum": [
        "IPV4_UNICAST", 
        "VPNV4_UNICAST", 
        "IPV6_UNICAST"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "BGP address family type", 
      "type": "string"
    }
  }, 
  "type": "object"
}

BgpBfdConfig (type) 

{
  "additionalProperties": false, 
  "id": "BgpBfdConfig", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "enabled": {
      "default": false, 
      "description": "Flag to enable BFD cofiguration.", 
      "title": "Flag to enable BFD cofiguration", 
      "type": "boolean"
    }, 
    "interval": {
      "default": 1000, 
      "description": "Time interval between heartbeat packets in milliseconds.", 
      "maximum": 60000, 
      "minimum": 300, 
      "title": "Time interval between heartbeat packets in milliseconds", 
      "type": "int"
    }, 
    "multiple": {
      "default": 3, 
      "description": "Declare dead multiple. Number of times heartbeat packet is missed before BFD declares the neighbor is down.", 
      "maximum": 16, 
      "minimum": 2, 
      "title": "Declare dead multiple", 
      "type": "int"
    }
  }, 
  "title": "BFD configuration for BGP peers", 
  "type": "object"
}

BgpConfig (type) 

{
  "additionalProperties": false, 
  "description": "BGP configuration for Tier0 logical router. We create BGP configuration while creation of Tier0 logical router.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "BgpConfig", 
  "module_id": "Routing", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "as_num": {
      "required": false, 
      "title": "4 Byte ASN in ASPLAIN/ASDOT Format", 
      "type": "string"
    }, 
    "as_number": {
      "deprecated": true, 
      "description": "This is a deprecated property, Please use 'as_num' instead.", 
      "maximum": 4294967296, 
      "minimum": 1, 
      "required": false, 
      "title": "Autonomous System Number", 
      "type": "integer"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "ecmp": {
      "default": true, 
      "description": "While creation of BGP config this flag will be set to - true for Tier0 logical router with Active-Active high-availability mode - false for Tier0 logical router with Active-Standby high-availability mode. User can change this value while updating BGP config. If this property is not specified in the payload, the default value will be considered as true irrespective of the high-availability mode.", 
      "required": false, 
      "title": "Flag to enable outbound ECMP", 
      "type": "boolean"
    }, 
    "enabled": {
      "default": false, 
      "description": "While creation of BGP config this flag will be set to - true for Tier0 logical router with Active-Active high-availability mode - false for Tier0 logical router with Active-Standby high-availanility mode. User can change this value while updating the config. If this property is not specified in the payload, the default value will be considered as false irrespective of the high-availability mode.", 
      "required": false, 
      "title": "Flag to enable this configuration", 
      "type": "boolean"
    }, 
    "graceful_restart": {
      "deprecated": true, 
      "description": "Flag to enable graceful restart. This field is deprecated, kindly use graceful_restart_config parameter for graceful restart configuration. If both parameters are set and consistent with each other [i.e. graceful_restart=false and graceful_restart_mode=HELPER_ONLY OR graceful_restart=true and graceful_restart_mode=GR_AND_HELPER] then this is allowed, but if inconsistent with each other then this is not allowed and validation error will be thrown.", 
      "required": false, 
      "title": "Flag to enable graceful restart", 
      "type": "boolean"
    }, 
    "graceful_restart_config": {
      "$ref": "GracefulRestartConfig, 
      "description": "Configuration parameters for BGP Graceful Restart functionality. It has graceful_restart_mode and graceful_restart_timer parameters.", 
      "required": false, 
      "title": "BGP Graceful Restart configuration"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "inter_sr_ibgp": {
      "$ref": "InterSRRoutingConfig, 
      "required": false, 
      "title": "Inter SR IBGP configuration"
    }, 
    "logical_router_id": {
      "readonly": true, 
      "required": false, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "multipath_relax": {
      "default": true, 
      "required": false, 
      "title": "Flag to enable BGP multipath relax option", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "route_aggregation": {
      "items": {
        "$ref": "BgpRouteAggregation
      }, 
      "maxItems": 1000, 
      "minItems": 0, 
      "required": false, 
      "title": "List of routes to be aggregated", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "BGP configuration for logical router", 
  "type": "object"
}

BgpGracefulRestartConfig (type) 

{
  "additionalProperties": false, 
  "description": "Configuration field to hold BGP restart mode and timer.", 
  "id": "BgpGracefulRestartConfig", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "mode": {
      "default": "HELPER_ONLY", 
      "description": "If mode is DISABLE, then graceful restart and helper modes are disabled. If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled. If mode is HELPER_ONLY, then helper mode is enabled. HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability to preserve forwarding state during BGP restart. GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart to its peers.", 
      "enum": [
        "DISABLE", 
        "GR_AND_HELPER", 
        "HELPER_ONLY"
      ], 
      "required": false, 
      "title": "BGP Graceful Restart Configuration Mode", 
      "type": "string"
    }, 
    "timer": {
      "$ref": "BgpGracefulRestartTimer, 
      "description": "Configuration field to hold BGP restart timers.", 
      "title": "BGP Graceful Restart Timer"
    }
  }, 
  "title": "BGP Graceful Restart Configuration", 
  "type": "object"
}

BgpGracefulRestartTimer (type) 

{
  "additionalProperties": false, 
  "description": "Configuration field to hold BGP restart timers", 
  "id": "BgpGracefulRestartTimer", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "restart_timer": {
      "default": 180, 
      "description": "Maximum time taken (in seconds) for a BGP session to be established after a restart. This can be used to speed up routing convergence by its peer in case the BGP speaker does not come back up after a restart. If the session is not re-established within this timer,  the receiving speaker will delete all the stale routes from that peer.", 
      "maximum": 3600, 
      "minimum": 1, 
      "title": "BGP Graceful Restart Timer", 
      "type": "integer"
    }, 
    "stale_route_timer": {
      "default": 600, 
      "description": "Maximum time (in seconds) before stale routes are removed from the RIB (Routing Information Base) when BGP restarts.", 
      "maximum": 3600, 
      "minimum": 1, 
      "title": "BGP Stale Route Timer", 
      "type": "integer"
    }
  }, 
  "title": "BGP Graceful Restart Timers", 
  "type": "object"
}

BgpNeighbor (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "BgpNeighbor", 
  "module_id": "Routing", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "address_families": {
      "description": "User can enable the neighbor for the specific address families and also define filters per address family. When the neighbor is created, it is default enabled for IPV4_UNICAST address family for backward compatibility reasons. User can change that if required, by defining the address family configuration.", 
      "items": {
        "$ref": "BgpNeighborAddressFamily
      }, 
      "required": false, 
      "title": "AddressFamily settings for the neighbor", 
      "type": "array"
    }, 
    "allow_as_in": {
      "default": false, 
      "required": false, 
      "title": "Flag to enable allowas_in option for BGP neighbor", 
      "type": "boolean"
    }, 
    "bfd_config": {
      "$ref": "BfdConfigParameters, 
      "description": "By specifying these paramaters BFD config for this given peer can be overriden | (the globally configured values will not apply for this peer)", 
      "required": false, 
      "title": "BFD Configuration Parameters for the given peer."
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enable_bfd": {
      "default": false, 
      "description": "Flag to enable BFD for this BGP Neighbor. Enable this if the neighbor supports BFD as this will lead to faster convergence.", 
      "required": false, 
      "title": "Enable BFD for this BGP Neighbor", 
      "type": "boolean"
    }, 
    "enabled": {
      "default": true, 
      "required": false, 
      "title": "Flag to enable this BGP Neighbor", 
      "type": "boolean"
    }, 
    "filter_in_ipprefixlist_id": {
      "deprecated": true, 
      "description": "This is a deprecated property, Please  use 'address_family' instead.", 
      "required": false, 
      "title": "IPPrefix List to be used for IN direction filter for IPV4_UNICAST address family", 
      "type": "string"
    }, 
    "filter_in_routemap_id": {
      "deprecated": true, 
      "description": "This is a deprecated property, Please use 'address_family' instead.", 
      "required": false, 
      "title": "RouteMap to be used for IN direction filter for IPV4_UNICAST address family", 
      "type": "string"
    }, 
    "filter_out_ipprefixlist_id": {
      "deprecated": true, 
      "description": "This is a deprecated property, Please use 'address_family' instead.", 
      "required": false, 
      "title": "IPPrefixList to be used for OUT direction filter for IPV4_UNICAST address family", 
      "type": "string"
    }, 
    "filter_out_routemap_id": {
      "deprecated": true, 
      "description": "This is a deprecated property, Please use 'address_family' instead.", 
      "required": false, 
      "title": "RouteMap to be used for OUT direction filter for IPV4_UNICAST address family", 
      "type": "string"
    }, 
    "graceful_restart_mode": {
      "$ref": "GracefulRestartMode, 
      "description": "BGP Graceful Restart mode. If specified, then it will take precedence over global Graceful Restart mode configured in logical router BgpConfig otherwise BgpConfig level Graceful Restart mode will be applicable for peer.", 
      "required": false, 
      "title": "Graceful Restart Mode"
    }, 
    "hold_down_timer": {
      "default": 180, 
      "maximum": 65535, 
      "minimum": 1, 
      "required": false, 
      "title": "Wait period (seconds) before declaring peer dead", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "keep_alive_timer": {
      "default": 60, 
      "maximum": 65535, 
      "minimum": 1, 
      "required": false, 
      "title": "Frequency (seconds) with which keep alive messages are sent to peers", 
      "type": "integer"
    }, 
    "logical_router_id": {
      "readonly": true, 
      "required": false, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "maximum_hop_limit": {
      "default": 1, 
      "description": "This value is set on TTL(time to live) of BGP header. When router receives the BGP packet, it decrements the TTL. The default value of TTL is one when BPG request is initiated.So in the case of a BGP peer multiple hops away and and value of TTL is one, then  next router in the path will decrement the TTL to 0, realize it cant forward the packet and will drop it. If the hop count value to reach neighbor is equal to or less than the maximum_hop_limit value then intermediate router decrements the TTL count by one and forwards the request to BGP neighour. If the hop count value is greater than the maximum_hop_limit value then intermediate router discards the request when TTL becomes 0.", 
      "maximum": 255, 
      "minimum": 1, 
      "required": false, 
      "title": "Maximum Number of hops allowed to reach BGP neighbor", 
      "type": "int"
    }, 
    "neighbor_address": {
      "$ref": "IPAddress, 
      "required": true, 
      "title": "Neighbor IP Address"
    }, 
    "password": {
      "description": "User can create (POST) the neighbor with or without the password. The view (GET) on the neighbor, would never reveal if the password is set or not. The password can be set later using edit neighbor workFlow (PUT) On the edit neighbor (PUT), if the user does not specify the password property, the older value is retained. Maximum length of this field is 20 characters.", 
      "minLength": 1, 
      "required": false, 
      "sensitive": true, 
      "title": "Password", 
      "type": "string"
    }, 
    "remote_as": {
      "deprecated": true, 
      "description": "This is a deprecated property, Please use 'remote_as_num' instead.", 
      "maximum": 4294967296, 
      "minimum": 1, 
      "required": false, 
      "title": "Autonomous System Number of the neighbor", 
      "type": "integer"
    }, 
    "remote_as_num": {
      "required": false, 
      "title": "4 Byte ASN of the neighbor in ASPLAIN/ASDOT Format", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "source_address": {
      "$ref": "IPAddress, 
      "deprecated": true, 
      "description": "Deprecated - do not provide a value for this field. Use source_addresses instead.", 
      "required": false, 
      "title": "Logical Router Uplink IP Address"
    }, 
    "source_addresses": {
      "description": "BGP neighborship will be formed from all these source addresses to this neighbour.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "maxItems": 8, 
      "required": false, 
      "title": "Array of Logical Router Uplink IP Addresses", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

BgpNeighborAddressFamily (type) 

{
  "id": "BgpNeighborAddressFamily", 
  "module_id": "Routing", 
  "properties": {
    "enabled": {
      "default": true, 
      "required": false, 
      "title": "Enable this address family", 
      "type": "boolean"
    }, 
    "in_filter_ipprefixlist_id": {
      "required": false, 
      "title": "Id of the IPPrefix List to be used for IN direction filter", 
      "type": "string"
    }, 
    "in_filter_routemap_id": {
      "required": false, 
      "title": "Id of the RouteMap to be used for IN direction filter", 
      "type": "string"
    }, 
    "out_filter_ipprefixlist_id": {
      "required": false, 
      "title": "Id of the IPPrefixList to be used for OUT direction filter", 
      "type": "string"
    }, 
    "out_filter_routemap_id": {
      "required": false, 
      "title": "Id of the RouteMap to be used for OUT direction filter", 
      "type": "string"
    }, 
    "type": {
      "$ref": "AddressFamilyType, 
      "required": true, 
      "title": "Address family type"
    }
  }, 
  "type": "object"
}

BgpNeighborConfig (type) 

{
  "additionalProperties": false, 
  "description": "Contains information necessary to configure a BGP neighbor.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "BgpNeighborConfig", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "allow_as_in": {
      "default": false, 
      "required": false, 
      "title": "Flag to enable allowas_in option for BGP neighbor", 
      "type": "boolean"
    }, 
    "bfd": {
      "$ref": "BgpBfdConfig, 
      "description": "BFD configuration for failure detection. BFD is enabled with default values when not configured.", 
      "title": "BFD configuration for failure detection"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "graceful_restart_mode": {
      "description": "If mode is DISABLE, then graceful restart and helper modes are disabled. If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled. If mode is HELPER_ONLY, then helper mode is enabled. HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability to preserve forwarding state during BGP restart. GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart to its peers.", 
      "enum": [
        "DISABLE", 
        "GR_AND_HELPER", 
        "HELPER_ONLY"
      ], 
      "title": "BGP Graceful Restart Configuration Mode", 
      "type": "string"
    }, 
    "hold_down_time": {
      "default": 180, 
      "description": "Wait time in seconds before declaring peer dead.", 
      "maximum": 65535, 
      "minimum": 1, 
      "title": "Wait time in seconds before declaring peer dead", 
      "type": "int"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "in_route_filters": {
      "deprecated": true, 
      "description": "Specify path of prefix-list or route map to filter routes for IN direction. This property is deprecated, use route_filtering instead. Specifying different values for both properties will result in error.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "required": false, 
      "title": "Prefix-list or route map path for IN direction", 
      "type": "array"
    }, 
    "keep_alive_time": {
      "default": 60, 
      "description": "Interval (in seconds) between keep alive messages sent to peer.", 
      "maximum": 65535, 
      "minimum": 1, 
      "title": "Interval between keep alive messages sent to peer", 
      "type": "int"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "maximum_hop_limit": {
      "default": 1, 
      "description": "Maximum number of hops allowed to reach BGP neighbor.", 
      "maximum": 255, 
      "minimum": 1, 
      "title": "Maximum number of hops allowed to reach BGP neighbor", 
      "type": "int"
    }, 
    "neighbor_address": {
      "$ref": "IPAddress, 
      "required": true, 
      "title": "Neighbor IP Address"
    }, 
    "out_route_filters": {
      "deprecated": true, 
      "description": "Specify path of prefix-list or route map to filter routes for OUT direction. When not specified, a built-in prefix-list named 'prefixlist-out-default' is automatically applied. This property is deprecated, use route_filtering instead. Specifying different values for both properties will result in error.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "required": false, 
      "title": "Prefix-list or route map path for OUT direction", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "password": {
      "description": "Specify password for BGP neighbor authentication. Empty string (\"\") clears existing password.", 
      "maxLength": 20, 
      "minLength": 0, 
      "sensitive": true, 
      "title": "Password", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "remote_as_num": {
      "required": true, 
      "title": "4 Byte ASN of the neighbor in ASPLAIN Format", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "route_filtering": {
      "description": "Enable address families and route filtering in each direction.", 
      "items": {
        "$ref": "BgpRouteFiltering
      }, 
      "maxItems": 1, 
      "required": false, 
      "title": "Enable address families and route filtering in each direction", 
      "type": "array"
    }, 
    "source_addresses": {
      "description": "Source addresses should belong to Tier0 external or loopback interface IP Addresses . BGP peering is formed from all these addresses. This property is mandatory when maximum_hop_limit is greater than 1.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "maxItems": 8, 
      "required": false, 
      "title": "Source IP Addresses for BGP peering", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "BGP neighbor config", 
  "type": "object"
}

BgpNeighborConfigListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "BgpNeighborConfigListRequestParameters", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Routing Config list request parameters", 
  "type": "object"
}

BgpNeighborConfigListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "BgpNeighborConfigListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "BgpNeighborConfig
      }, 
      "required": true, 
      "title": "BGP neighbor configs list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of BGP Neighbor Configs", 
  "type": "object"
}

BgpNeighborListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "BgpNeighborListResult", 
  "module_id": "Routing", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "BgpNeighbor
      }, 
      "required": true, 
      "title": "Paginated list of bgp neighbors", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

BgpNeighborRouteDetails (type) 

{
  "additionalProperties": false, 
  "description": "BGP neighbor learned/advertised route details.", 
  "id": "BgpNeighborRouteDetails", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "logical_router_id": {
      "readonly": true, 
      "required": true, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "neighbor_address": {
      "$ref": "IPAddress, 
      "description": "BGP neighbor peer IP address.", 
      "readonly": true, 
      "required": true, 
      "title": "Neighbor IP address"
    }, 
    "neighbor_id": {
      "readonly": true, 
      "required": true, 
      "title": "BGP neighbor id", 
      "type": "string"
    }, 
    "per_transport_node_routes": {
      "description": "Array of BGP neighbor route details per transport node.", 
      "items": {
        "$ref": "RoutesPerTransportNode
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Route details per transport node", 
      "type": "array"
    }
  }, 
  "title": "BGP neighbor route details", 
  "type": "object"
}

BgpNeighborRouteDetailsCsvRecord (type) 

{
  "additionalProperties": false, 
  "description": "BGP neighbor learned/advertised route details.", 
  "extends": {
    "$ref": "CsvRecord
  }, 
  "id": "BgpNeighborRouteDetailsCsvRecord", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "as_path": {
      "description": "BGP AS path attribute.", 
      "readonly": true, 
      "required": false, 
      "title": "AS path", 
      "type": "string"
    }, 
    "local_pref": {
      "description": "BGP Local Preference attribute.", 
      "readonly": true, 
      "required": false, 
      "title": "Local preference", 
      "type": "integer"
    }, 
    "logical_router_id": {
      "description": "Logical router id", 
      "readonly": true, 
      "required": true, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "med": {
      "description": "BGP Multi Exit Discriminator attribute.", 
      "readonly": true, 
      "required": false, 
      "title": "Multi Exit Discriminator", 
      "type": "integer"
    }, 
    "neighbor_address": {
      "$ref": "IPAddress, 
      "description": "BGP neighbor peer IP address.", 
      "readonly": true, 
      "required": true, 
      "title": "Neighbor IP address"
    }, 
    "neighbor_id": {
      "description": "BGP neighbor id", 
      "readonly": true, 
      "required": true, 
      "title": "BGP neighbor id", 
      "type": "string"
    }, 
    "network": {
      "$ref": "IPCIDRBlock, 
      "description": "CIDR network address.", 
      "readonly": true, 
      "required": true, 
      "title": "CIDR network address"
    }, 
    "next_hop": {
      "$ref": "IPAddress, 
      "description": "Next hop IP address.", 
      "readonly": true, 
      "required": false, 
      "title": "Next hop IP address"
    }, 
    "source_address": {
      "$ref": "IPAddress, 
      "description": "BGP neighbor source address.", 
      "readonly": true, 
      "required": false, 
      "title": "BGP neighbor source address"
    }, 
    "transport_node_id": {
      "description": "Transport node id", 
      "readonly": true, 
      "required": true, 
      "title": "Transport node id", 
      "type": "string"
    }, 
    "weight": {
      "description": "BGP Weight attribute.", 
      "readonly": true, 
      "required": false, 
      "title": "Weight", 
      "type": "integer"
    }
  }, 
  "title": "BGP neighbor route details", 
  "type": "object"
}

BgpNeighborRouteDetailsInCsvFormat (type) 

{
  "extends": {
    "$ref": "CsvListResult
  }, 
  "id": "BgpNeighborRouteDetailsInCsvFormat", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "file_name": {
      "description": "File name set by HTTP server if API  returns CSV result as a file.", 
      "required": false, 
      "title": "File name", 
      "type": "string"
    }, 
    "results": {
      "items": {
        "$ref": "BgpNeighborRouteDetailsCsvRecord
      }, 
      "required": false, 
      "type": "array"
    }
  }, 
  "type": "object"
}

BgpNeighborRoutes (type) 

{
  "additionalProperties": false, 
  "description": "BGP neighbor learned/advertised route details.", 
  "id": "BgpNeighborRoutes", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "egde_node_routes": {
      "description": "Array of BGP neighbor route details per edge node.", 
      "items": {
        "$ref": "RoutesPerTransportNode
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Route details per transport node", 
      "type": "array"
    }, 
    "enforcement_point_path": {
      "readonly": true, 
      "required": true, 
      "title": "Enforcement point policy path", 
      "type": "string"
    }, 
    "neighbor_path": {
      "readonly": true, 
      "required": true, 
      "title": "BGP neighbor policy path", 
      "type": "string"
    }
  }, 
  "title": "BGP neighbor route details", 
  "type": "object"
}

BgpNeighborRoutesListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "BgpNeighborRoutesListResult", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Paged Collection of Bgp neighbor routes.", 
      "items": {
        "$ref": "BgpNeighborRoutes
      }, 
      "required": false, 
      "title": "Paged Collection of Bgp neighbor routes", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

BgpNeighborStatus (type) 

{
  "additionalProperties": false, 
  "id": "BgpNeighborStatus", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "address_families": {
      "description": "Address families of BGP neighbor", 
      "items": {
        "$ref": "BgpAddressFamily
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Address families of BGP neighbor", 
      "type": "array"
    }, 
    "announced_capabilities": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "BGP capabilities sent to BGP neighbor.", 
      "type": "array"
    }, 
    "connection_drop_count": {
      "readonly": true, 
      "required": false, 
      "title": "Count of connection drop", 
      "type": "integer"
    }, 
    "connection_state": {
      "enum": [
        "INVALID", 
        "IDLE", 
        "CONNECT", 
        "ACTIVE", 
        "OPEN_SENT", 
        "OPEN_CONFIRM", 
        "ESTABLISHED", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Current state of the BGP session.", 
      "type": "string"
    }, 
    "established_connection_count": {
      "readonly": true, 
      "required": false, 
      "title": "Count of connections established", 
      "type": "integer"
    }, 
    "graceful_restart": {
      "deprecated": true, 
      "description": "Current state of graceful restart where graceful_restart = true indicates graceful restart is enabled and graceful_restart = false indicates graceful restart is disabled. This is deprecated field, use graceful_restart_mode instead.", 
      "readonly": true, 
      "required": false, 
      "title": "Graceful restart flag", 
      "type": "boolean"
    }, 
    "graceful_restart_mode": {
      "description": "Current state of graceful restart of BGP neighbor. Possible values are - 1. GR_AND_HELPER - Graceful restart with Helper 2. HELPER_ONLY - Helper only 3. DISABLE - Disabled", 
      "readonly": true, 
      "required": false, 
      "title": "Graceful restart mode", 
      "type": "string"
    }, 
    "hold_time": {
      "readonly": true, 
      "required": false, 
      "title": "Time in ms to wait for HELLO from BGP peer. If a HELLO packet is not seen from BGP Peer withing hold_time then BGP neighbor will be marked as down.", 
      "type": "integer"
    }, 
    "keep_alive_interval": {
      "readonly": true, 
      "required": false, 
      "title": "Time in ms to wait for HELLO packet from BGP peer", 
      "type": "integer"
    }, 
    "local_port": {
      "maximum": 65535, 
      "minimum": 1, 
      "readonly": true, 
      "required": false, 
      "title": "TCP port number of Local BGP connection", 
      "type": "integer"
    }, 
    "lr_component_id": {
      "readonly": true, 
      "required": true, 
      "title": "Logical router component(Service Router/Distributed Router) id", 
      "type": "string"
    }, 
    "messages_received": {
      "readonly": true, 
      "required": false, 
      "title": "Count of messages received from the neighbor", 
      "type": "integer"
    }, 
    "messages_sent": {
      "readonly": true, 
      "required": false, 
      "title": "Count of messages sent to the neighbor", 
      "type": "integer"
    }, 
    "negotiated_capability": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "BGP capabilities negotiated with BGP neighbor.", 
      "type": "array"
    }, 
    "neighbor_address": {
      "$ref": "IPAddress, 
      "readonly": true, 
      "required": false, 
      "title": "The IP of the BGP neighbor"
    }, 
    "neighbor_router_id": {
      "$ref": "IPAddress, 
      "readonly": true, 
      "required": false, 
      "title": "Router ID of the BGP neighbor."
    }, 
    "remote_as_number": {
      "readonly": true, 
      "required": false, 
      "title": "AS number of the BGP neighbor", 
      "type": "string"
    }, 
    "remote_port": {
      "maximum": 65535, 
      "minimum": 1, 
      "readonly": true, 
      "required": false, 
      "title": "TCP port number of remote BGP Connection", 
      "type": "integer"
    }, 
    "source_address": {
      "$ref": "IPAddress, 
      "readonly": true, 
      "required": false, 
      "title": "The Ip address of logical port"
    }, 
    "time_since_established": {
      "readonly": true, 
      "required": false, 
      "title": "Time(in milliseconds) since connection was established.", 
      "type": "integer"
    }, 
    "total_in_prefix_count": {
      "description": "Sum of in prefixes counts across all address families.", 
      "readonly": true, 
      "required": false, 
      "title": "Count of in prefixes", 
      "type": "integer"
    }, 
    "total_out_prefix_count": {
      "description": "Sum of out prefixes counts across all address families.", 
      "readonly": true, 
      "required": false, 
      "title": "Count of out prefixes", 
      "type": "integer"
    }, 
    "transport_node": {
      "$ref": "ResourceReference, 
      "readonly": true, 
      "required": false, 
      "title": "Transport node id and name"
    }
  }, 
  "type": "object"
}

BgpNeighborsStatusListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "BgpNeighborsStatusListResult", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated, unset if data source has never updated the data.", 
      "readonly": true, 
      "title": "Timestamp indicating last update time of data"
    }, 
    "logical_router_id": {
      "readonly": true, 
      "required": true, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "logical_router_name": {
      "readonly": true, 
      "required": false, 
      "title": "Name of the logical router", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "additionalProperties": false, 
      "items": {
        "$ref": "BgpNeighborStatus
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Status of BGP neighbors of the logical router", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

BgpRouteAggregation (type) 

{
  "additionalProperties": false, 
  "id": "BgpRouteAggregation", 
  "module_id": "Routing", 
  "properties": {
    "prefix": {
      "$ref": "IPCIDRBlock, 
      "required": true, 
      "title": "cidr of the aggregate address"
    }, 
    "summary_only": {
      "default": true, 
      "required": false, 
      "title": "Flag to send only summarized route", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

BgpRouteFiltering (type) 

{
  "additionalProperties": false, 
  "id": "BgpRouteFiltering", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "address_family": {
      "description": "Address family type. If not configured, this property automatically derived for IPv4 & IPv6 peer configuration.", 
      "enum": [
        "IPV4", 
        "IPV6"
      ], 
      "title": "Address family type", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Flag to enable address family.", 
      "title": "Enable address family", 
      "type": "boolean"
    }, 
    "in_route_filters": {
      "description": "Specify path of prefix-list or route map to filter routes for IN direction.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "required": false, 
      "title": "Prefix-list or route map path for IN direction", 
      "type": "array"
    }, 
    "out_route_filters": {
      "description": "Specify path of prefix-list or route map to filter routes for OUT direction. When not specified, a built-in prefix-list named 'prefixlist-out-default' is automatically applied.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "required": false, 
      "title": "Prefix-list or route map path for OUT direction", 
      "type": "array"
    }
  }, 
  "title": "Enable address_families and route filtering in each direction", 
  "type": "object"
}

BgpRoutesRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "BgpRoutesRequestParameters", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "count": {
      "default": 1000, 
      "description": "Number of routes to return in response. Not used when routes are requested in CSV format.", 
      "minimum": 1, 
      "title": "Number of routes to retrieve", 
      "type": "int"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "enforcement_point_path": {
      "description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format.", 
      "title": "Enforcement point path", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "BGP Routes request parameters", 
  "type": "object"
}

BgpRoutingConfig (type) 

{
  "additionalProperties": false, 
  "description": "Contains BGP routing configuration.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "BgpRoutingConfig", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "ecmp": {
      "default": true, 
      "description": "Flag to enable ECMP.", 
      "required": false, 
      "title": "Flag to enable ECMP", 
      "type": "boolean"
    }, 
    "enabled": {
      "default": true, 
      "description": "Flag to enable BGP configuration. Disabling will stop feature and BGP peering.", 
      "required": false, 
      "title": "Flag to enable BGP configuration", 
      "type": "boolean"
    }, 
    "graceful_restart": {
      "deprecated": true, 
      "description": "Flag to enable graceful restart. This field is deprecated, please use graceful_restart_config parameter for graceful restart configuration. If both parameters are set and consistent with each other (i.e. graceful_restart=false and graceful_restart_mode=HELPER_ONLY OR graceful_restart=true and graceful_restart_mode=GR_AND_HELPER) then this is allowed, but if inconsistent with each other then this is not allowed and validation error will be thrown.", 
      "required": false, 
      "title": "Flag to enable graceful restart", 
      "type": "boolean"
    }, 
    "graceful_restart_config": {
      "$ref": "BgpGracefulRestartConfig, 
      "description": "Configuration field to hold BGP Restart mode and timer.", 
      "title": "BGP Graceful Restart Configuration"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "inter_sr_ibgp": {
      "description": "Flag to enable inter SR IBGP configuration. When not specified, inter SR IBGP is automatically enabled if Tier-0 is created in ACTIVE_ACTIVE ha_mode.", 
      "required": false, 
      "title": "Enable inter SR IBGP configuration", 
      "type": "boolean"
    }, 
    "local_as_num": {
      "description": "Specify BGP AS number for Tier-0 to advertize to BGP peers. AS number can be specified in ASPLAIN (e.g., \"65546\") or ASDOT (e.g., \"1.10\") format. Empty string disables BGP feature.", 
      "required": true, 
      "title": "BGP AS number in ASPLAIN/ASDOT Format", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "multipath_relax": {
      "default": true, 
      "description": "Flag to enable BGP multipath relax option.", 
      "required": false, 
      "title": "Flag to enable BGP multipath relax option", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "route_aggregations": {
      "description": "List of routes to be aggregated.", 
      "items": {
        "$ref": "RouteAggregationEntry
      }, 
      "maxItems": 1000, 
      "required": false, 
      "title": "List of routes to be aggregated", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "BGP routing config", 
  "type": "object"
}

BinaryPacketData (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PacketData
  }, 
  "id": "BinaryPacketData", 
  "module_id": "Traceflow", 
  "polymorphic-type-descriptor": {
    "type-identifier": "BinaryPacketData"
  }, 
  "properties": {
    "frame_size": {
      "default": 128, 
      "description": "If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message.  The frame will be zero padded to the requested size.", 
      "maximum": 1000, 
      "minimum": 60, 
      "required": false, 
      "title": "Requested total size of the (logical) packet in bytes", 
      "type": "integer"
    }, 
    "payload": {
      "description": "Up to 1000 bytes of payload may be supplied (with a base64-encoded length of 1336 bytes.) Additional bytes of traceflow metadata will be appended to the payload. The payload must contain all headers (Ethernet, IP, etc). Note that VLAN is not supported in the logical space. Hence, payload must not contain 802.1Q headers.", 
      "maxLength": 1336, 
      "required": false, 
      "title": "RFC3548 compatible base64 encoded full payload", 
      "type": "string"
    }, 
    "resource_type": {
      "default": "FieldsPacketData", 
      "enum": [
        "BinaryPacketData", 
        "FieldsPacketData"
      ], 
      "required": true, 
      "title": "Packet configuration", 
      "type": "string"
    }, 
    "routed": {
      "required": false, 
      "title": "A flag, when set true, indicates that the traceflow packet is of L3 routing.", 
      "type": "boolean"
    }, 
    "transport_type": {
      "default": "UNICAST", 
      "enum": [
        "BROADCAST", 
        "UNICAST", 
        "MULTICAST", 
        "UNKNOWN"
      ], 
      "required": false, 
      "title": "transport type of the traceflow packet", 
      "type": "string"
    }
  }, 
  "type": "object"
}

BlackholeAction (type) 

{
  "additionalProperties": false, 
  "enum": [
    "DISCARD"
  ], 
  "id": "BlackholeAction", 
  "module_id": "Routing", 
  "title": "Action to be taken on matching packets for NULL routes. For action is DISCARD, matching packets are dropped rather than forwarded.", 
  "type": "string"
}

BpduFilter (type) 

{
  "id": "BpduFilter", 
  "module_id": "SwitchSecuritySwitchingProfile", 
  "properties": {
    "enabled": {
      "readonly": false, 
      "required": true, 
      "title": "Indicates whether BPDU filter is enabled", 
      "type": "boolean"
    }, 
    "white_list": {
      "items": {
        "type": "string"
      }, 
      "maxItems": 32, 
      "minItems": 0, 
      "readonly": false, 
      "required": false, 
      "title": "Pre-defined list of allowed MAC addresses to be excluded from BPDU filtering", 
      "type": "array"
    }
  }, 
  "title": "BPDU filter configuration", 
  "type": "object"
}

BridgeCluster (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "BridgeCluster", 
  "module_id": "BridgeCluster", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "bridge_nodes": {
      "items": {
        "$ref": "BridgeClusterNode
      }, 
      "maxItems": 2, 
      "required": false, 
      "title": "Nodes used in bridging", 
      "type": "array"
    }, 
    "cluster_profile_bindings": {
      "items": {
        "$ref": "ClusterProfileTypeIdEntry
      }, 
      "required": false, 
      "title": "Bridge cluster profile bindings", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Bridge Cluster", 
  "type": "object"
}

BridgeClusterListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "BridgeClusterListResult", 
  "module_id": "BridgeCluster", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "BridgeCluster
      }, 
      "minItems": 0, 
      "readonly": true, 
      "required": true, 
      "title": "BridgeCluster Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Bridge cluster queries result", 
  "type": "object"
}

BridgeClusterNode (type) 

{
  "id": "BridgeClusterNode", 
  "module_id": "BridgeCluster", 
  "properties": {
    "ha_mac": {
      "$ref": "MACAddress, 
      "readonly": true, 
      "required": false, 
      "title": "MAC address used for HA protocol"
    }, 
    "transport_node_id": {
      "maxLength": 36, 
      "required": true, 
      "title": "UUID of the transport node", 
      "type": "string"
    }
  }, 
  "title": "Bridge transport node", 
  "type": "object"
}

BridgeClusterStatus (type) 

{
  "id": "BridgeClusterStatus", 
  "module_id": "AggSvcBridging", 
  "properties": {
    "cluster_id": {
      "readonly": true, 
      "required": true, 
      "title": "The id of the cluster", 
      "type": "string"
    }, 
    "health": {
      "enum": [
        "UP", 
        "DOWN", 
        "DEGRADED", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "The health status of the cluster", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }
  }, 
  "type": "object"
}

BridgeEndpoint (type) 

{
  "description": "A bridge endpoint can be created on a bridge cluster or on an edge cluster. Few of the properties of this class will not be used depending on the type of bridge endpoint being created. When creating a bridge endpoint on a bridge cluster, following propeties will be used: vlan, bridge_cluster_id and ha_enable. Similarly, for creating a bridge endpoint on an edge cluster following properties will be used: vlan, bridge_endpoint_profile_id and vlan_transport_zone_id.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "BridgeEndpoint", 
  "module_id": "BridgeEndpoint", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "bridge_cluster_id": {
      "description": "This field will not be used if an edge cluster is being used for the bridge endpoint", 
      "maxLength": 36, 
      "required": false, 
      "title": "UUID of the bridge cluster for this bridge endpoint", 
      "type": "string"
    }, 
    "bridge_endpoint_profile_id": {
      "description": "This field will not be used if a bridge cluster is being used for the bridge endpoint", 
      "required": false, 
      "title": "Bridge endpoint profile used by the edge cluster", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "ha_enable": {
      "default": true, 
      "description": "This field will not be used if an edge cluster is being used for the bridge endpoint", 
      "required": false, 
      "title": "Controls the enabling of HA on the VLAN for this endpoint", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "uplink_teaming_policy_name": {
      "description": "This name has to be one of the switching uplink teaming policy names listed inside the TransportZone. If this field is not specified, bridge will use the first pnic in host-switch config. This field will not be used if a bridge cluster is being used for the bridge endpoint", 
      "required": false, 
      "title": "The name of the switching uplink teaming policy for the bridge endpoint", 
      "type": "string"
    }, 
    "vlan": {
      "$ref": "VlanID, 
      "description": "This property is used for VLAN specification of bridge endpoint. It's mutually exclusive with 'vlan_trunk_spec', either 'vlan' or 'vlan_trunk_spec' should be specified.", 
      "required": false
    }, 
    "vlan_transport_zone_id": {
      "description": "This field will not be used if a bridge cluster is being used for the bridge endpoint", 
      "required": false, 
      "title": "VLAN transport zone id by the edge cluster", 
      "type": "string"
    }, 
    "vlan_trunk_spec": {
      "$ref": "VlanTrunkSpec, 
      "description": "This property is used for VLAN trunk specification of edge bridge endpoint. It's mutually exclusive with 'vlan', either 'vlan' or 'vlan_trunk_spec' should be specified.", 
      "required": false, 
      "title": "VLAN trunk spec of edge bridge endpoint"
    }
  }, 
  "title": "Bridge Endpoint", 
  "type": "object"
}

BridgeEndpointListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "BridgeEndpointListResult", 
  "module_id": "BridgeEndpoint", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "BridgeEndpoint
      }, 
      "minItems": 0, 
      "readonly": true, 
      "required": true, 
      "title": "BridgeEndpoint Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Bridge Endpoint queries result", 
  "type": "object"
}

BridgeEndpointProfile (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "BridgeEndpointProfile", 
  "module_id": "BridgeEndpointProfile", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "edge_cluster_id": {
      "maxLength": 36, 
      "required": true, 
      "title": "UUID of the edge cluster for this bridge endpoint", 
      "type": "string"
    }, 
    "edge_cluster_member_indexes": {
      "description": "First index will be used as the preferred member", 
      "items": {
        "type": "int"
      }, 
      "required": false, 
      "title": "Indexes of the member hosts of the edge bridge cluster", 
      "type": "array"
    }, 
    "failover_mode": {
      "default": "PREEMPTIVE", 
      "description": "Faileover mode can be preemmptive or non-preemptive", 
      "enum": [
        "PREEMPTIVE", 
        "NON_PREEMPTIVE"
      ], 
      "required": false, 
      "title": "Failover mode for the edge bridge cluster", 
      "type": "string"
    }, 
    "high_availability_mode": {
      "default": "ACTIVE_STANDBY", 
      "description": "High avaialability mode can be active-active or active-standby", 
      "enum": [
        "ACTIVE_STANDBY"
      ], 
      "required": false, 
      "title": "High availability mode for the edge bridge cluster", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Bridge Endpoint Profile", 
  "type": "object"
}

BridgeEndpointProfileListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "BridgeEndpointProfileListResult", 
  "module_id": "BridgeEndpointProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "BridgeEndpointProfile
      }, 
      "minItems": 0, 
      "readonly": true, 
      "required": true, 
      "title": "BridgeEndpointProfile Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Bridge Endpoint Profile queries result", 
  "type": "object"
}

BridgeEndpointProfileRequestParameters (type) 

{
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "BridgeEndpointProfileRequestParameters", 
  "module_id": "BridgeEndpointProfile", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "edge_cluster_id": {
      "required": false, 
      "title": "Edge Cluster Identifier", 
      "type": "string"
    }, 
    "failover_mode": {
      "required": false, 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Bridge Endpoint Profile request parameters", 
  "type": "object"
}

BridgeEndpointRequestParameters (type) 

{
  "description": "When querying for bridge endpoints on a bridge cluster, following parameters can be used: bridge_cluster_id and logical_switch_id. When querying for bridge endpoints on an edge cluster, following parameters can be used: bridge_endpoint_profile_id, vlan_transport_zone_id and logical_switch_id. When multiple parameters are provided they will be anded together. if bridge_cluster_id is used along with bridge_endpoint_profile_id or vlan_transport_zone_id an error will be thrown.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "BridgeEndpointRequestParameters", 
  "module_id": "BridgeEndpoint", 
  "properties": {
    "bridge_cluster_id": {
      "description": "If provided, only bridge endpoints associated with the given bridge cluster will be returned.", 
      "required": false, 
      "title": "Bridge Cluster Identifier", 
      "type": "string"
    }, 
    "bridge_endpoint_profile_id": {
      "description": "If provided, only bridge endpoints associated with the given bridge endpoint profile will be returned.", 
      "required": false, 
      "title": "Bridge endpoint profile used by the edge cluster", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "logical_switch_id": {
      "description": "If provided, only bridge endpoints associated with the given logical switch will be returned.", 
      "required": false, 
      "title": "Logical Switch Identifier", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "vlan_transport_zone_id": {
      "description": "If provided, only bridge endpoints associated with the given transport zone will be returned.", 
      "required": false, 
      "title": "VLAN transport zone id used by the edge cluster", 
      "type": "string"
    }
  }, 
  "title": "Bridge Endpoint request parameters", 
  "type": "object"
}

BridgeEndpointStatistics (type) 

{
  "extends": {
    "$ref": "AggregatedDataCounter
  }, 
  "id": "BridgeEndpointStatistics", 
  "module_id": "AggSvcBridging", 
  "properties": {
    "endpoint_id": {
      "readonly": true, 
      "required": true, 
      "title": "The id of the bridge endpoint", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "rx_bytes": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "rx_packets": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_bytes": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_packets": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }
  }, 
  "type": "object"
}

BridgeEndpointStatus (type) 

{
  "id": "BridgeEndpointStatus", 
  "module_id": "AggSvcBridging", 
  "properties": {
    "active_nodes": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "The Ids of the transport nodes which actively serve the endpoint.", 
      "type": "array"
    }, 
    "endpoint_id": {
      "readonly": true, 
      "required": true, 
      "title": "The id of the bridge endpoint", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }
  }, 
  "type": "object"
}

BridgeHighAvailabilityClusterProfile (type) 

{
  "extends": {
    "$ref": "ClusterProfile
  }, 
  "id": "BridgeHighAvailabilityClusterProfile", 
  "module_id": "BridgeHighAvailabilityClusterProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "BridgeHighAvailabilityClusterProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "bfd_probe_interval": {
      "default": 1000, 
      "maximum": 60000, 
      "minimum": 300, 
      "required": false, 
      "title": "the time interval (in millisec) between probe packets for heartbeat purpose", 
      "type": "integer"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enable": {
      "default": true, 
      "required": false, 
      "title": "whether the heartbeat is enabled", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "ClusterProfileType, 
      "help_summary": "The cluster profile type.", 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Profile for BFD HA cluster setting", 
  "type": "object"
}

BrokerProperties (type) 

{
  "additionalProperties": false, 
  "id": "BrokerProperties", 
  "properties": {
    "BrokerFqdn": {
      "description": "Fully qualified domain name of the message bus broker on the management plane node.", 
      "required": false, 
      "type": "string"
    }, 
    "BrokerIpAddress": {
      "$ref": "HostnameOrIPv4Address, 
      "description": "IP address or hostname of the message bus broker on the management plane node.", 
      "readonly": false, 
      "required": true
    }, 
    "BrokerIsMaster": {
      "description": "Indicates whether this broker is the master.", 
      "type": "string"
    }, 
    "BrokerPort": {
      "description": "Port number of the message bus broker on the management plane node.", 
      "type": "string"
    }, 
    "BrokerSslCertThumbprint": {
      "description": "Certificate thumbprint of the message bus broker on the management plane node.", 
      "required": true, 
      "type": "string"
    }, 
    "BrokerVirtualHost": {
      "description": "Type of host running the broker.", 
      "type": "string"
    }
  }, 
  "title": "Information about a management plane node this transport node is configured to communicate with", 
  "type": "object"
}

ByodPolicyServiceInstance (type) 

{
  "additionalProperties": false, 
  "description": "Represents an instance of partner's service whose wiring will be done by partner itself. As partner does all the wiring, we call it as Byod - Bring your own device.", 
  "extends": {
    "$ref": "BasePolicyServiceInstance
  }, 
  "id": "ByodPolicyServiceInstance", 
  "module_id": "PolicyServiceInsertion", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ByodPolicyServiceInstance"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "deployment_mode": {
      "default": "ACTIVE_STANDBY", 
      "description": "Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode.", 
      "enum": [
        "STAND_ALONE", 
        "ACTIVE_STANDBY"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Deployment Mode", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "partner_service_name": {
      "description": "Unique name of Partner Service in the Marketplace", 
      "required": true, 
      "title": "Name of Partner Service", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_type": {
      "default": "L2_BRIDGE", 
      "description": "Transport to be used while deploying Service-VM.", 
      "enum": [
        "L2_BRIDGE", 
        "L3_ROUTED"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Transport Type", 
      "type": "string"
    }
  }, 
  "title": "Represents instance of self wiring partner's service", 
  "type": "object"
}

ByodPolicyServiceInstanceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ByodPolicyServiceInstanceListResult", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ByodPolicyServiceInstance
      }, 
      "required": true, 
      "title": "Byod Service instance list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Collection of only Byod SI objects", 
  "type": "object"
}

ByodServiceInstance (type) 

{
  "description": "ByodServiceInstance is a custom instance to be used when NSX is not handling the lifecycles of appliance/s. User will manage their own appliance (BYOD) to connect with NSX.", 
  "extends": {
    "$ref": "BaseServiceInstance
  }, 
  "id": "ByodServiceInstance", 
  "module_id": "ServiceInsertionCommonTypes", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ByodServiceInstance"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "deployment_mode": {
      "default": "ACTIVE_STANDBY", 
      "description": "Deployment mode specifies where the partner appliance will be deployed in HA or non-HA i.e standalone mode.", 
      "enum": [
        "STAND_ALONE", 
        "ACTIVE_STANDBY"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Deployment Mode", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "on_failure_policy": {
      "description": "Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to.", 
      "enum": [
        "ALLOW", 
        "BLOCK"
      ], 
      "required": false, 
      "title": "On Failure Policy", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "ServiceInstanceResourceType, 
      "required": true
    }, 
    "service_id": {
      "description": "The Service to which the service instance is associated.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Id", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_type": {
      "description": "Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection).", 
      "enum": [
        "L2_BRIDGE", 
        "L3_ROUTED", 
        "NSH", 
        "NA"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Transport Type", 
      "type": "string"
    }
  }, 
  "title": "Custom Instance of a service", 
  "type": "object"
}

CCPUpgradeStatus (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ComponentUpgradeStatus
  }, 
  "id": "CCPUpgradeStatus", 
  "module_id": "Upgrade", 
  "properties": {
    "can_skip": {
      "readonly": true, 
      "required": false, 
      "title": "Can the upgrade of the remaining units in this component be skipped", 
      "type": "boolean"
    }, 
    "component_type": {
      "readonly": true, 
      "required": false, 
      "title": "Component type for the upgrade status", 
      "type": "string"
    }, 
    "current_version_node_summary": {
      "$ref": "NodeSummaryList, 
      "readonly": true, 
      "required": false, 
      "title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
    }, 
    "details": {
      "readonly": true, 
      "required": false, 
      "title": "Details about the upgrade status", 
      "type": "string"
    }, 
    "node_count_at_target_version": {
      "description": "Number of nodes of the type and at the component version", 
      "readonly": true, 
      "required": false, 
      "title": "Count of nodes at target component vrin", 
      "type": "int"
    }, 
    "percent_complete": {
      "readonly": true, 
      "required": true, 
      "title": "Indicator of upgrade progress in percentage", 
      "type": "number"
    }, 
    "pre_upgrade_status": {
      "$ref": "UpgradeChecksExecutionStatus, 
      "readonly": true, 
      "required": false, 
      "title": "Pre-upgrade status of the component-type"
    }, 
    "status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSING", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Upgrade status of component", 
      "type": "string"
    }, 
    "target_component_version": {
      "readonly": true, 
      "required": false, 
      "title": "Target component version", 
      "type": "string"
    }
  }, 
  "title": "Status of CCP upgrade", 
  "type": "object"
}

CallbackAuthenticationScheme (type) 

{
  "description": "CallbackAuthenticationScheme describes how notification requests should authenticate to the server.", 
  "id": "CallbackAuthenticationScheme", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "certificate_id": {
      "description": "Certificate ID with a valid certificate and private key, procured from trust-management API.", 
      "readonly": false, 
      "title": "Valid certificate ID", 
      "type": "string"
    }, 
    "password": {
      "description": "Password to use if scheme_name is BASIC_AUTH.", 
      "readonly": false, 
      "sensitive": true, 
      "title": "Password for authentication", 
      "type": "string"
    }, 
    "scheme_name": {
      "description": "Authentication scheme to use when making notification requests to the partner console. Specify one of BASIC_AUTH or CERTIFICATE.", 
      "enum": [
        "BASIC_AUTH", 
        "CERTIFICATE"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Authentication scheme to use when making notification requests", 
      "type": "string"
    }, 
    "username": {
      "description": "Username to use if scheme_name is BASIC_AUTH.", 
      "readonly": false, 
      "title": "Username for authentication", 
      "type": "string"
    }
  }, 
  "type": "object"
}

CapacityDashboardUsage (type) 

{
  "id": "CapacityDashboardUsage", 
  "module_id": "CapacityDashboard", 
  "properties": {
    "current_usage_count": {
      "description": "Indicate the current usage count of object type.", 
      "required": true, 
      "title": "Current usage count of object type", 
      "type": "integer"
    }, 
    "current_usage_percentage": {
      "description": "Current usage percentage for object type", 
      "required": true, 
      "title": "Current usage percentage", 
      "type": "number"
    }, 
    "display_name": {
      "description": "Display name for NSX object type.", 
      "required": true, 
      "title": "User friendly name for object type", 
      "type": "string"
    }, 
    "max_supported_count": {
      "description": "This is the maximum supported count for object type in consideration.", 
      "required": true, 
      "title": "Maximum supported count for object type", 
      "type": "integer"
    }, 
    "max_threshold_percentage": {
      "description": "This indicates the maximum threshold percentage for object type.", 
      "required": true, 
      "title": "Max threshold percentage for object type", 
      "type": "number"
    }, 
    "min_threshold_percentage": {
      "description": "This indicates the minimum threshold percentage for object type.", 
      "required": true, 
      "title": "Min threshold percentage for object type", 
      "type": "number"
    }, 
    "severity": {
      "description": "Severity calculated from percentage usage", 
      "enum": [
        "INFO", 
        "WARNING", 
        "CRITICAL", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Severity calculated from percentage usage", 
      "type": "string"
    }, 
    "usage_type": {
      "description": "Indicate the object type for which usage is calculated.", 
      "enum": [
        "NUMBER_OF_LOGICAL_SWITCHES", 
        "NUMBER_OF_PREPARED_HOSTS", 
        "NUMBER_OF_SYSTEM_WIDE_VIFS", 
        "NUMBER_OF_NSGROUP", 
        "NUMBER_OF_VCENTER_CLUSTERS", 
        "NUMBER_OF_GI_PROTECTED_HOSTS", 
        "NUMBER_OF_GI_PROTECTED_VMS", 
        "NUMBER_OF_DFW_RULES", 
        "NUMBER_OF_DFW_SECTIONS", 
        "NUMBER_OF_L2_DFW_SECTIONS", 
        "NUMBER_OF_L3_DFW_SECTIONS", 
        "NUMBER_OF_L2_DFW_RULES", 
        "NUMBER_OF_L3_DFW_RULES", 
        "NUMBER_OF_L3_EDGE_SECTIONS", 
        "NUMBER_OF_L3_EDGE_RULES", 
        "NUMBER_OF_L3_BRIDGEPORT_SECTIONS", 
        "NUMBER_OF_L3_BRIDGEPORT_RULES", 
        "NUMBER_OF_IPSETS", 
        "NUMBER_OF_GROUPS_BASED_ON_IP_SETS", 
        "NUMBER_OF_LOGICAL_PORTS", 
        "NUMBER_OF_EDGE_CLUSTERS", 
        "NUMBER_OF_EDGE_NODES", 
        "NUMBER_OF_TIER0_ROUTERS", 
        "NUMBER_OF_TIER1_ROUTERS", 
        "NUMBER_OF_PREFIX_LIST", 
        "NUMBER_OF_NAT_RULES", 
        "NUMBER_OF_TIER1_WITH_NAT_RULE", 
        "NUMBER_OF_DHCP_SERVERS", 
        "NUMBER_OF_DHCP_IP_POOLS", 
        "NUMBER_OF_ACTIVE_DIRECTORY_GROUPS", 
        "NUMBER_OF_ACTIVE_DIRECTORY_DOMAINS", 
        "NUMBER_OF_FIREWALL_SECTIONS", 
        "NUMBER_OF_FIREWALL_RULES"
      ], 
      "required": true, 
      "title": "Object type for which usage is fetched", 
      "type": "string"
    }
  }, 
  "type": "object"
}

CapacityThreshold (type) 

{
  "id": "CapacityThreshold", 
  "module_id": "CapacityDashboard", 
  "properties": {
    "max_threshold_percentage": {
      "description": "Set the maximum threshold percentage. Specify a value between 0 and 100. Usage percentage above this value is tagged as critical.", 
      "maximum": 100, 
      "minimum": 0, 
      "required": true, 
      "title": "Maximum threshold percentage", 
      "type": "number"
    }, 
    "min_threshold_percentage": {
      "description": "Set the minimum threshold percentage. Specify a value between 0 and 100. Usage percentage above this value is tagged as warning.", 
      "maximum": 100, 
      "minimum": 0, 
      "required": true, 
      "title": "Minimum threshold percentage", 
      "type": "number"
    }, 
    "threshold_type": {
      "description": "Indicate the object type for which threshold is to be set.", 
      "enum": [
        "NUMBER_OF_LOGICAL_SWITCHES", 
        "NUMBER_OF_PREPARED_HOSTS", 
        "NUMBER_OF_SYSTEM_WIDE_VIFS", 
        "NUMBER_OF_NSGROUP", 
        "NUMBER_OF_VCENTER_CLUSTERS", 
        "NUMBER_OF_GI_PROTECTED_HOSTS", 
        "NUMBER_OF_GI_PROTECTED_VMS", 
        "NUMBER_OF_DFW_RULES", 
        "NUMBER_OF_DFW_SECTIONS", 
        "NUMBER_OF_IPSETS", 
        "NUMBER_OF_GROUPS_BASED_ON_IP_SETS", 
        "NUMBER_OF_LOGICAL_PORTS", 
        "NUMBER_OF_EDGE_CLUSTERS", 
        "NUMBER_OF_EDGE_NODES", 
        "NUMBER_OF_TIER0_ROUTERS", 
        "NUMBER_OF_TIER1_ROUTERS", 
        "NUMBER_OF_PREFIX_LIST", 
        "NUMBER_OF_NAT_RULES", 
        "NUMBER_OF_TIER1_WITH_NAT_RULE", 
        "NUMBER_OF_DHCP_SERVERS", 
        "NUMBER_OF_DHCP_IP_POOLS", 
        "NUMBER_OF_ACTIVE_DIRECTORY_GROUPS", 
        "NUMBER_OF_ACTIVE_DIRECTORY_DOMAINS", 
        "NUMBER_OF_FIREWALL_SECTIONS", 
        "NUMBER_OF_FIREWALL_RULES", 
        "GLOBAL_DEFAULT"
      ], 
      "required": true, 
      "title": "Object type for which threshold is to be set", 
      "type": "string"
    }
  }, 
  "type": "object"
}

CapacityThresholdList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "CapacityThresholdList", 
  "module_id": "CapacityDashboard", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "capacity_thresholds": {
      "items": {
        "$ref": "CapacityThreshold
      }, 
      "required": true, 
      "title": "List of capacity thresholds for NSX Objects", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

CapacityUsage (type) 

{
  "description": "usage of each capacity type ex. vm, cpu", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "CapacityUsage", 
  "module_id": "License", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "capacity_type": {
      "readonly": true, 
      "title": "type of the capacity field", 
      "type": "string"
    }, 
    "usage_count": {
      "readonly": true, 
      "title": "count of number of items of capacity_type", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

CapacityUsageMetaInfo (type) 

{
  "additionalProperties": false, 
  "id": "CapacityUsageMetaInfo", 
  "module_id": "CapacityDashboard", 
  "properties": {
    "last_updated_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "required": true, 
      "title": "Timestamp at which capacity usage was last calculated"
    }, 
    "max_global_threshold_percentage": {
      "description": "Indicates the maximum global threshold percentage", 
      "required": true, 
      "title": "Maximum global threshold percentage", 
      "type": "number"
    }, 
    "min_global_threshold_percentage": {
      "description": "Indicates the minimum global threshold percentage", 
      "required": true, 
      "title": "Minimum global threshold percentage", 
      "type": "number"
    }
  }, 
  "type": "object"
}

CapacityUsageRequestParameters (type) 

{
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "CapacityUsageRequestParameters", 
  "module_id": "CapacityDashboard", 
  "properties": {
    "category": {
      "description": "Category of attributes for which capacity details need to be fetched. Supported categories are security, inventory, networking and system. User can provide comma separated list of multiple categories.", 
      "required": false, 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "force": {
      "default": false, 
      "description": "Parameter to force inline calculation instead of retrieving cached results.", 
      "required": false, 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Parameter to force inline calculation.", 
  "type": "object"
}

CapacityUsageResponse (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "CapacityUsageResponse", 
  "module_id": "CapacityDashboard", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "capacity_usage": {
      "items": {
        "$ref": "CapacityDashboardUsage
      }, 
      "required": true, 
      "title": "List of capacity usage for NSX Objects", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "meta_info": {
      "extends": {
        "$ref": "CapacityUsageMetaInfo
      }, 
      "required": true, 
      "title": "Meta data for capacity usage statistics", 
      "type": "object"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

CdpStatusType (type) 

{
  "enum": [
    "NOT_READY", 
    "FETCHING", 
    "READY", 
    "ERROR"
  ], 
  "id": "CdpStatusType", 
  "module_id": "CertificateManager", 
  "title": "Status types supported of the CrlDistributionPoint", 
  "type": "string"
}

Certificate (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "Certificate", 
  "module_id": "CertificateManager", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "details": {
      "description": "list of X509Certificates", 
      "items": {
        "$ref": "X509Certificate
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "pem_encoded": {
      "description": "pem encoded certificate data", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "used_by": {
      "description": "list of node IDs with services, that are using this certificate", 
      "items": {
        "$ref": "NodeIdServicesMap
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }
  }, 
  "type": "object"
}

CertificateId (type) 

{
  "additionalProperties": false, 
  "id": "CertificateId", 
  "properties": {
    "certificate_id": {
      "readonly": true, 
      "required": true, 
      "title": "Certificate ID", 
      "type": "string"
    }
  }, 
  "type": "object"
}

CertificateKeyPair (type) 

{
  "additionalProperties": false, 
  "id": "CertificateKeyPair", 
  "properties": {
    "certificate": {
      "$ref": "SecurityCertificate, 
      "display": {
        "order": 1
      }, 
      "readonly": false, 
      "required": true
    }, 
    "rsa_private_key": {
      "description": "The private key must include the enclosing \"-----BEGIN RSA PRIVATE KEY-----\" and \"-----END RSA PRIVATE KEY-----\". An empty string is returned in read responses.", 
      "display": {
        "order": 2
      }, 
      "minLength": 60, 
      "readonly": false, 
      "required": true, 
      "sensitive": true, 
      "title": "PEM encoded RSA private key", 
      "type": "string"
    }
  }, 
  "type": "object"
}

CertificateList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "CertificateList", 
  "module_id": "CertificateManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Certificate list", 
      "items": {
        "$ref": "Certificate
      }, 
      "readonly": true, 
      "required": true, 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Certificate queries result", 
  "type": "object"
}

ChildBgpNeighborConfig (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for BgpNeighborConfig, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildBgpNeighborConfig", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildBgpNeighborConfig"
  }, 
  "properties": {
    "BgpNeighborConfig": {
      "$ref": "BgpNeighborConfig, 
      "description": "Contains the actual BgpNeighborConfig object.", 
      "required": true, 
      "title": "BgpNeighborConfig"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for BgpNeighborConfig", 
  "type": "object"
}

ChildBgpRoutingConfig (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for BgpRoutingConfig, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildBgpRoutingConfig", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildBgpRoutingConfig"
  }, 
  "properties": {
    "BgpRoutingConfig": {
      "$ref": "BgpRoutingConfig, 
      "description": "Contains the actual BgpRoutingConfig object.", 
      "required": true, 
      "title": "BgpRoutingConfig"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for BgpRoutingConfig", 
  "type": "object"
}

ChildByodPolicyServiceInstance (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for ByodPolicyServiceInstance used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildByodPolicyServiceInstance", 
  "module_id": "PolicyServiceInsertion", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildByodPolicyServiceInstance"
  }, 
  "properties": {
    "ByodPolicyServiceInstance": {
      "$ref": "ByodPolicyServiceInstance, 
      "description": "Contains actual ByodPolicyServiceInstance.", 
      "required": true, 
      "title": "ByodPolicyServiceInstance"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for ByodPolicyServiceInstance", 
  "type": "object"
}

ChildCommunicationEntry (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Child wrapper object for CommunicationEntry, used in hierarchical API This type is deprecated. Use the type ChildRule instead.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildCommunicationEntry", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildCommunicationEntry"
  }, 
  "properties": {
    "CommunicationEntry": {
      "$ref": "CommunicationEntry, 
      "description": "Contains the actual CommunicationEntry object.", 
      "required": true, 
      "title": "CommunicationEntry"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for CommunicationEntry", 
  "type": "object"
}

ChildCommunicationMap (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Child wrapper object for CommunicationMap, used in hierarchical API This type is deprecated. Use the type ChildSecurityPolicy instead.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildCommunicationMap", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildCommunicationMap"
  }, 
  "properties": {
    "CommunicationMap": {
      "$ref": "CommunicationMap, 
      "description": "Contains the actual CommunicationMap object.", 
      "required": true, 
      "title": "CommunicationMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for CommunicationMap", 
  "type": "object"
}

ChildCommunityList (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for CommunityList, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildCommunityList", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildCommunityList"
  }, 
  "properties": {
    "CommunityList": {
      "$ref": "CommunityList, 
      "description": "Contains the actual CommunityList object", 
      "required": true, 
      "title": "CommunityList"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for CommunityList", 
  "type": "object"
}

ChildComputeClusterIdfwConfiguration (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildComputeClusterIdfwConfiguration", 
  "module_id": "PolicyFirewallConfiguration", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildComputeClusterIdfwConfiguration"
  }, 
  "properties": {
    "ComputeClusterIdfwConfiguration": {
      "$ref": "ComputeClusterIdfwConfiguration, 
      "description": "Contains the actual compute cluster idfw configuration object.", 
      "required": true, 
      "title": "ComputeClusterIdfwConfiguration"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for ComputeClusterIdfwConfiguration", 
  "type": "object"
}

ChildConstraint (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for Constraint, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildConstraint", 
  "module_id": "PolicyConstraints", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildConstraint"
  }, 
  "properties": {
    "Constraint": {
      "$ref": "Constraint, 
      "description": "Contains the actual Constraint object", 
      "required": true, 
      "title": "Constraint"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Constraint", 
  "type": "object"
}

ChildDeploymentZone (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Child wrapper object for DeploymentZone, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildDeploymentZone", 
  "module_id": "PolicyEnforcementPointManagement", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildDeploymentZone"
  }, 
  "properties": {
    "DeploymentZone": {
      "$ref": "DeploymentZone, 
      "description": "Contains the actual DeploymentZone object", 
      "required": true, 
      "title": "DeploymentZone"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for DeploymentZone", 
  "type": "object"
}

ChildDfwFirewallConfiguration (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildDfwFirewallConfiguration", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildDfwFirewallConfiguration"
  }, 
  "properties": {
    "DfwFirewallConfiguration": {
      "$ref": "DfwFirewallConfiguration, 
      "description": "Contains the actual dfw firewall configuration list object.", 
      "required": true, 
      "title": "Dfw Firewall Configuration"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for FirewallConfiguration", 
  "type": "object"
}

ChildDhcpRelayConfig (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for DhcpRelayConfig, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildDhcpRelayConfig", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildDhcpRelayConfig"
  }, 
  "properties": {
    "DhcpRelayConfig": {
      "$ref": "DhcpRelayConfig, 
      "description": "Contains the actual DhcpRelayConfig object", 
      "required": true, 
      "title": "DhcpRelayConfig"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for DhcpRelayConfig", 
  "type": "object"
}

ChildDhcpServerConfig (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for DhcpServerConfig, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildDhcpServerConfig", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildDhcpServerConfig"
  }, 
  "properties": {
    "DhcpServerConfig": {
      "$ref": "DhcpServerConfig, 
      "description": "Contains the actual DhcpServerConfig object", 
      "required": true, 
      "title": "DhcpServerConfig"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for DhcpServerConfig", 
  "type": "object"
}

ChildDnsSecurityProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for DnsSecurityProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildDnsSecurityProfile", 
  "module_id": "PolicyProfile", 
  "properties": {
    "DnsSecurityProfile": {
      "$ref": "DnsSecurityProfile, 
      "description": "Contains the actual DnsSecurityProfile object", 
      "required": true, 
      "title": "DnsSecurityProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for DnsSecurityProfile", 
  "type": "object"
}

ChildDnsSecurityProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper obejct for DnsSecurityProfileBindingMap used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildDnsSecurityProfileBindingMap", 
  "module_id": "PolicyFirewallDnsSecurityProfileBinding", 
  "properties": {
    "DnsSecurityProfileBindingMap": {
      "$ref": "DnsSecurityProfileBindingMap, 
      "description": "Contains the actual DnsSecurityProfileBindingMap object", 
      "required": true, 
      "title": "DnsSecurityProfileBindingMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for DnsSecurityProfileBindingMap", 
  "type": "object"
}

ChildDomain (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for domain, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildDomain", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildDomain"
  }, 
  "properties": {
    "Domain": {
      "$ref": "Domain, 
      "description": "Contains the actual domain object.", 
      "required": true, 
      "title": "Domain"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Domain", 
  "type": "object"
}

ChildDomainDeploymentMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for DomainDeploymentMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildDomainDeploymentMap", 
  "module_id": "PolicyEnforcementPointManagement", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildDomainDeploymentMap"
  }, 
  "properties": {
    "DomainDeploymentMap": {
      "$ref": "DomainDeploymentMap, 
      "description": "Contains the actual DomainDeploymentMap object", 
      "required": true, 
      "title": "DomainDeploymentMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for DomainDeploymentMap", 
  "type": "object"
}

ChildEndpointPolicy (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for EndpointPolicy used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildEndpointPolicy", 
  "module_id": "PolicyGuestIntrospection", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildEndpointPolicy"
  }, 
  "properties": {
    "EndpointPolicy": {
      "$ref": "EndpointPolicy, 
      "description": "Contains actual EndpointPolicy.", 
      "required": true, 
      "title": "EndpointPolicy"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Endpoint Policy", 
  "type": "object"
}

ChildEndpointRule (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for EndpointRule used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildEndpointRule", 
  "module_id": "PolicyGuestIntrospection", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildEndpointRule"
  }, 
  "properties": {
    "EndpointRule": {
      "$ref": "EndpointRule, 
      "description": "Contains actual EndpointRule.", 
      "required": true, 
      "title": "EndpointRule"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Endpoint Rule", 
  "type": "object"
}

ChildEnforcementPoint (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for EnforcementPoint, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildEnforcementPoint", 
  "module_id": "PolicyEnforcementPointManagement", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildEnforcementPoint"
  }, 
  "properties": {
    "EnforcementPoint": {
      "$ref": "EnforcementPoint, 
      "description": "Contains the actual Enforcement point object", 
      "required": true, 
      "title": "EnforcementPoint"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for EnforcementPoint", 
  "type": "object"
}

ChildFloodProtectionProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for FloodProtectionProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildFloodProtectionProfile", 
  "module_id": "PolicyProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildFloodProtectionProfile"
  }, 
  "properties": {
    "FloodProtectionProfile": {
      "$ref": "FloodProtectionProfile, 
      "description": "Contains the actual FloodProtectionProfile object", 
      "required": true, 
      "title": "FloodProtectionProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for FloodProtectionProfile", 
  "type": "object"
}

ChildFloodProtectionProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for FloodProtectionProfileBindingMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildFloodProtectionProfileBindingMap", 
  "module_id": "PolicyProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildFloodProtectionProfileBindingMap"
  }, 
  "properties": {
    "FloodProtectionProfileBindingMap": {
      "$ref": "FloodProtectionProfileBindingMap, 
      "description": "Contains the actual FloodProtectionProfileBindingMap object", 
      "required": true, 
      "title": "FloodProtectionProfileBindingMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for FloodProtectionProfileBindingMap", 
  "type": "object"
}

ChildForwardingPolicy (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for ForwardingPolicy used in Hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildForwardingPolicy", 
  "module_id": "PolicyForwarding", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildForwardingPolicy"
  }, 
  "properties": {
    "ForwardingPolicy": {
      "$ref": "ForwardingPolicy, 
      "description": "Contains actual ForwardingPolicy.", 
      "required": true, 
      "title": "ForwardingPolicy"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for children of type ForwardingPolicy\n", 
  "type": "object"
}

ChildForwardingRule (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for ForwardingRule used in Hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildForwardingRule", 
  "module_id": "PolicyForwarding", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildForwardingRule"
  }, 
  "properties": {
    "ForwardingRule": {
      "$ref": "ForwardingRule, 
      "description": "Contains actual ForwardingRule.", 
      "required": true, 
      "title": "ForwardingRule"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for ForwardingRule\n", 
  "type": "object"
}

ChildGatewayPolicy (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for GatewayPolicy, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildGatewayPolicy", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildGatewayPolicy"
  }, 
  "properties": {
    "GatewayPolicy": {
      "$ref": "GatewayPolicy, 
      "description": "Contains the actual GatewayPolicy object", 
      "required": true, 
      "title": "GatewayPolicy"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for GatewayPolicy", 
  "type": "object"
}

ChildGlobalConfig (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for GlobalConfig, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildGlobalConfig", 
  "module_id": "Policy", 
  "properties": {
    "GlobalConfig": {
      "$ref": "GlobalConfig, 
      "description": "Contains the actual GlobalConfig object.", 
      "required": true, 
      "title": "GlobalConfig"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for GlobalConfig", 
  "type": "object"
}

ChildGroup (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for group, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildGroup", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildGroup"
  }, 
  "properties": {
    "Group": {
      "$ref": "Group, 
      "description": "Contains the actual group objects.", 
      "required": true, 
      "title": "Group"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Group", 
  "type": "object"
}

ChildGroupMonitoringProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for GroupMonitoringProfileBindingMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildGroupMonitoringProfileBindingMap", 
  "module_id": "PolicyMonitoringProfileBinding", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildGroupMonitoringProfileBindingMap"
  }, 
  "properties": {
    "GroupMonitoringProfileBindingMap": {
      "$ref": "GroupMonitoringProfileBindingMap, 
      "description": "Contains the actual GroupMonitoringProfileBindingMap object", 
      "required": true, 
      "title": "GroupMonitoringProfileBindingMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for GroupMonitoringProfileBindingMap", 
  "type": "object"
}

ChildIPDiscoveryProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for IPDiscoveryProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIPDiscoveryProfile", 
  "module_id": "PolicyIpDiscovery", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildIPDiscoveryProfile"
  }, 
  "properties": {
    "IPDiscoveryProfile": {
      "$ref": "IPDiscoveryProfile, 
      "description": "Contains the actual IPDiscoveryProfile object", 
      "required": true, 
      "title": "IPDiscoveryProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for IPDiscoveryProfile", 
  "type": "object"
}

ChildIPFIXDFWCollectorProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for IPFIXDFWCollectorProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIPFIXDFWCollectorProfile", 
  "module_id": "PolicyIPFIXDFW", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildIPFIXDFWCollectorProfile"
  }, 
  "properties": {
    "IPFIXDFWCollectorProfile": {
      "$ref": "IPFIXDFWCollectorProfile, 
      "description": "Contains the actual IPFIXDFWCollectorProfile object", 
      "required": true, 
      "title": "IPFIXDFWCollectorProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for IPFIXDFWCollectorProfile", 
  "type": "object"
}

ChildIPFIXDFWProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for IPFIXDFWProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIPFIXDFWProfile", 
  "module_id": "PolicyIPFIXDFW", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildIPFIXDFWProfile"
  }, 
  "properties": {
    "IPFIXDFWProfile": {
      "$ref": "IPFIXDFWProfile, 
      "description": "Contains the actual IPFIXDFWProfile object", 
      "required": true, 
      "title": "IPFIXDFWProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for IPFIXDFWProfile", 
  "type": "object"
}

ChildIPFIXL2CollectorProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for IPFIXL2CollectorProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIPFIXL2CollectorProfile", 
  "module_id": "PolicyIPFIXSwitch", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildIPFIXL2CollectorProfile"
  }, 
  "properties": {
    "IPFIXL2CollectorProfile": {
      "$ref": "IPFIXL2CollectorProfile, 
      "description": "Contains the actual IPFIXL2CollectorProfile object", 
      "required": true, 
      "title": "IPFIXL2CollectorProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for IPFIXL2CollectorProfile", 
  "type": "object"
}

ChildIPFIXL2Profile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for IPFIXL2Profile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIPFIXL2Profile", 
  "module_id": "PolicyIPFIXSwitch", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildIPFIXL2Profile"
  }, 
  "properties": {
    "IPFIXL2Profile": {
      "$ref": "IPFIXL2Profile, 
      "description": "Contains the actual IPFIXL2Profile object", 
      "required": true, 
      "title": "IPFIXL2Profile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for IPFIXL2Profile", 
  "type": "object"
}

ChildIPSecVpnDpdProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for IPSecVpnDpdProfile, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIPSecVpnDpdProfile", 
  "module_id": "PolicyIPSecVpn", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildIPSecVpnDpdProfile"
  }, 
  "properties": {
    "IPSecVpnDpdProfile": {
      "$ref": "IPSecVpnDpdProfile, 
      "description": "Contains the actual IPSecVpnDpdProfile object.", 
      "required": true, 
      "title": "IPSecVpnDpdProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for IPSecVpnDpdProfile", 
  "type": "object"
}

ChildIPSecVpnIkeProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for IPSecVpnIkeProfile, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIPSecVpnIkeProfile", 
  "module_id": "PolicyIPSecVpn", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildIPSecVpnIkeProfile"
  }, 
  "properties": {
    "IPSecVpnIkeProfile": {
      "$ref": "IPSecVpnIkeProfile, 
      "description": "Contains the actual IPSecVpnIkeProfile object.", 
      "required": true, 
      "title": "IPSecVpnIkeProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for IPSecVpnIkeProfile", 
  "type": "object"
}

ChildIPSecVpnLocalEndpoint (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for IPSecVpnLocalEndpoint, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIPSecVpnLocalEndpoint", 
  "module_id": "PolicyIPSecVpn", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildIPSecVpnLocalEndpoint"
  }, 
  "properties": {
    "IPSecVpnLocalEndpoint": {
      "$ref": "IPSecVpnLocalEndpoint, 
      "description": "Contains the actual IPSecVpnLocalEndpoint object.", 
      "required": true, 
      "title": "IPSecVpnLocalEndpoint"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for IPSecVpnLocalEndpoint", 
  "type": "object"
}

ChildIPSecVpnService (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for IPSecVpnService, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIPSecVpnService", 
  "module_id": "PolicyIPSecVpn", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildIPSecVpnService"
  }, 
  "properties": {
    "IPSecVpnService": {
      "$ref": "IPSecVpnService, 
      "description": "Contains the actual IPSecVpnService object.", 
      "required": true, 
      "title": "IPSecVpnService"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for IPSecVpnService", 
  "type": "object"
}

ChildIPSecVpnSession (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for IPSecVpnSession, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIPSecVpnSession", 
  "module_id": "PolicyIPSecVpn", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildIPSecVpnSession"
  }, 
  "properties": {
    "IPSecVpnSession": {
      "$ref": "IPSecVpnSession, 
      "description": "Contains the actual IPSecVpnSession object.", 
      "required": true, 
      "title": "IPSecVpnSession"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for IPSecVpnSession", 
  "type": "object"
}

ChildIPSecVpnTunnelProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for IPSecVpnTunnelProfile, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIPSecVpnTunnelProfile", 
  "module_id": "PolicyIPSecVpn", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildIPSecVpnTunnelProfile"
  }, 
  "properties": {
    "IPSecVpnTunnelProfile": {
      "$ref": "IPSecVpnTunnelProfile, 
      "description": "Contains the actual IPSecVpnTunnelProfile object", 
      "required": true, 
      "title": "IPSecVpnTunnelProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for IPSecVpnTunnelProfile", 
  "type": "object"
}

ChildIpAddressAllocation (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for IpAddressAllocation, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIpAddressAllocation", 
  "module_id": "PolicyIpam", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildIpAddressAllocation"
  }, 
  "properties": {
    "IpAddressAllocation": {
      "$ref": "IpAddressAllocation, 
      "description": "Contains the actual IpAddressAllocation object", 
      "required": true, 
      "title": "IpAddressAllocation"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for IpAddressAllocation", 
  "type": "object"
}

ChildIpAddressBlock (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for IpAddressBlock, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIpAddressBlock", 
  "module_id": "PolicyIpam", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildIpAddressBlock"
  }, 
  "properties": {
    "IpAddressBlock": {
      "$ref": "IpAddressBlock, 
      "description": "Contains the actual IpAddressBlock object", 
      "required": true, 
      "title": "IpAddressBlock"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for IpAddressBlock", 
  "type": "object"
}

ChildIpAddressPool (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for IpAddressPool, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIpAddressPool", 
  "module_id": "PolicyIpam", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildIpAddressPool"
  }, 
  "properties": {
    "IpAddressPool": {
      "$ref": "IpAddressPool, 
      "description": "Contains the actual IpAddressPool object", 
      "required": true, 
      "title": "IpAddressPool"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for IpAddressPool", 
  "type": "object"
}

ChildIpAddressPoolSubnet (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for IpAddressPoolSubnet, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIpAddressPoolSubnet", 
  "module_id": "PolicyIpam", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildIpAddressPoolSubnet"
  }, 
  "properties": {
    "IpAddressPoolSubnet": {
      "$ref": "IpAddressPoolSubnet, 
      "description": "Contains the actual IpAddressPoolSubnet object", 
      "required": true, 
      "title": "IpAddressPoolSubnet"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for IpAddressPoolSubnet", 
  "type": "object"
}

ChildIpv6DadProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for Ipv6DadProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIpv6DadProfile", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "Ipv6DadProfile": {
      "$ref": "Ipv6DadProfile, 
      "description": "Contains the actual Ipv6DadProfile objects", 
      "required": true, 
      "title": "Ipv6DadProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Ipv6DadProfile", 
  "type": "object"
}

ChildIpv6NdraProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for Ipv6NdraProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildIpv6NdraProfile", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "Ipv6NdraProfile": {
      "$ref": "Ipv6NdraProfile, 
      "description": "Contains the actual Ipv6NdraProfile objects", 
      "required": true, 
      "title": "Ipv6NdraProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Ipv6NdraProfile", 
  "type": "object"
}

ChildL2VPNService (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for L2VPNService, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildL2VPNService", 
  "module_id": "PolicyLayer2VPN", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildL2VPNService"
  }, 
  "properties": {
    "L2VPNService": {
      "$ref": "L2VPNService, 
      "description": "Contains the actual L2VPNService object.", 
      "required": true, 
      "title": "L2VPNService"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for L2VPNService", 
  "type": "object"
}

ChildL2VPNSession (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for L2VPNSession, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildL2VPNSession", 
  "module_id": "PolicyLayer2VPN", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildL2VPNSession"
  }, 
  "properties": {
    "L2VPNSession": {
      "$ref": "L2VPNSession, 
      "description": "Contains the actual L2VPNSession object.", 
      "required": true, 
      "title": "L2VPNSession"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for L2VPNSession", 
  "type": "object"
}

ChildL2Vpn (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Child wrapper object for L2Vpn, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildL2Vpn", 
  "module_id": "PolicyL2Vpn", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildL2Vpn"
  }, 
  "properties": {
    "L2Vpn": {
      "$ref": "L2Vpn, 
      "description": "Contains the actual L2Vpn object.", 
      "required": true, 
      "title": "L2Vpn"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for L2Vpn", 
  "type": "object"
}

ChildL2VpnContext (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Child wrapper object for L2VpnContext, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildL2VpnContext", 
  "module_id": "PolicyL2Vpn", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildL2VpnContext"
  }, 
  "properties": {
    "L2VpnContext": {
      "$ref": "L2VpnContext, 
      "description": "Contains the actual L2VpnContext object.", 
      "required": true, 
      "title": "L2VpnContext"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for L2VpnContext", 
  "type": "object"
}

ChildL3Vpn (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Child wrapper object for L3Vpn, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildL3Vpn", 
  "module_id": "PolicyL3Vpn", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildL3Vpn"
  }, 
  "properties": {
    "L3Vpn": {
      "$ref": "L3Vpn, 
      "description": "Contains the actual L3Vpn object.", 
      "required": true, 
      "title": "L3Vpn"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for L3Vpn", 
  "type": "object"
}

ChildL3VpnContext (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Child wrapper object for L3VpnContext, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildL3VpnContext", 
  "module_id": "PolicyL3Vpn", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildL3VpnContext"
  }, 
  "properties": {
    "L3VpnContext": {
      "$ref": "L3VpnContext, 
      "description": "Contains the actual L3VpnContext object.", 
      "required": true, 
      "title": "L3VpnContext"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for L3VpnContext", 
  "type": "object"
}

ChildLBAppProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for LBAppProfile, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildLBAppProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildLBAppProfile"
  }, 
  "properties": {
    "LBAppProfile": {
      "$ref": "LBAppProfile, 
      "description": "Contains the actual LBAppProfile object.", 
      "required": true, 
      "title": "LBAppProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for LBAppProfile", 
  "type": "object"
}

ChildLBClientSslProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for LBClientSslProfile, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildLBClientSslProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildLBClientSslProfile"
  }, 
  "properties": {
    "LBClientSslProfile": {
      "$ref": "LBClientSslProfile, 
      "description": "Contains the actual LBClientSslProfile object.", 
      "required": true, 
      "title": "LBClientSslProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for LBClientSslProfile", 
  "type": "object"
}

ChildLBMonitorProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for LBMonitorProfile, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildLBMonitorProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildLBMonitorProfile"
  }, 
  "properties": {
    "LBMonitorProfile": {
      "$ref": "LBMonitorProfile, 
      "description": "Contains the actual LBMonitorProfile object.", 
      "required": true, 
      "title": "LBMonitorProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for LBMonitorProfile", 
  "type": "object"
}

ChildLBPersistenceProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for LBPersistenceProfile, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildLBPersistenceProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildLBPersistenceProfile"
  }, 
  "properties": {
    "LBPersistenceProfile": {
      "$ref": "LBPersistenceProfile, 
      "description": "Contains the actual LBPersistenceProfile object.", 
      "required": true, 
      "title": "LBPersistenceProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for LBPersistenceProfile", 
  "type": "object"
}

ChildLBPool (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for LBPool, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildLBPool", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildLBPool"
  }, 
  "properties": {
    "LBPool": {
      "$ref": "LBPool, 
      "description": "Contains the actual LBPool object.", 
      "required": true, 
      "title": "LBPool"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for LBPool", 
  "type": "object"
}

ChildLBServerSslProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for LBServerSslProfile, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildLBServerSslProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildLBServerSslProfile"
  }, 
  "properties": {
    "LBServerSslProfile": {
      "$ref": "LBServerSslProfile, 
      "description": "Contains the actual LBServerSslProfile object.", 
      "required": true, 
      "title": "LBServerSslProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for LBServerSslProfile", 
  "type": "object"
}

ChildLBService (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for LBService, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildLBService", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildLBService"
  }, 
  "properties": {
    "LBService": {
      "$ref": "LBService, 
      "description": "Contains the actual LBService object.", 
      "required": true, 
      "title": "LBService"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for LBService", 
  "type": "object"
}

ChildLBVirtualServer (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for LBVirtualServer, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildLBVirtualServer", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildLBVirtualServer"
  }, 
  "properties": {
    "LBVirtualServer": {
      "$ref": "LBVirtualServer, 
      "description": "Contains the actual LBVirtualServer object.", 
      "required": true, 
      "title": "LBVirtualServer"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for LBVirtualServer", 
  "type": "object"
}

ChildLocaleServices (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for LocaleServices, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildLocaleServices", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildLocaleServices"
  }, 
  "properties": {
    "LocaleServices": {
      "$ref": "LocaleServices, 
      "description": "Contains the actual LocaleServices object", 
      "required": true, 
      "title": "LocaleServices"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for LocaleServices", 
  "type": "object"
}

ChildMacDiscoveryProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for MacDiscoveryProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildMacDiscoveryProfile", 
  "module_id": "PolicyMacDiscovery", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildMacDiscoveryProfile"
  }, 
  "properties": {
    "MacDiscoveryProfile": {
      "$ref": "MacDiscoveryProfile, 
      "description": "Contains the actual MacDiscoveryProfile object", 
      "required": true, 
      "title": "MacDiscoveryProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for MacDiscoveryProfile", 
  "type": "object"
}

ChildPolicyConfigResource (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Represents an object on the desired state", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ChildPolicyConfigResource", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Represents the desired state object as child resource", 
  "type": "object"
}

ChildPolicyContextProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PolicyContextProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyContextProfile", 
  "module_id": "PolicyContextProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyContextProfile"
  }, 
  "properties": {
    "PolicyContextProfile": {
      "$ref": "PolicyContextProfile, 
      "description": "Contains the actual PolicyContextProfile objects", 
      "required": true, 
      "title": "PolicyContextProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyContextProfile", 
  "type": "object"
}

ChildPolicyDnsForwarder (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PolicyDnsForwarder, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyDnsForwarder", 
  "module_id": "PolicyDnsForwarder", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyDnsForwarder"
  }, 
  "properties": {
    "PolicyDnsForwarder": {
      "$ref": "PolicyDnsForwarder, 
      "description": "Contains the actual PolicyDnsForwarder object", 
      "required": true, 
      "title": "PolicyDnsForwarder"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyDnsForwarder", 
  "type": "object"
}

ChildPolicyDnsForwarderZone (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PolicyDnsForwarderZone, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyDnsForwarderZone", 
  "module_id": "PolicyDnsForwarder", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyDnsForwarderZone"
  }, 
  "properties": {
    "PolicyDnsForwarderZone": {
      "$ref": "PolicyDnsForwarderZone, 
      "description": "Contains the actual PolicyDnsForwarderZone object", 
      "required": true, 
      "title": "PolicyDnsForwarderZone"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyDnsForwarderZone", 
  "type": "object"
}

ChildPolicyEdgeCluster (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PolicyEdgeCluster, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyEdgeCluster", 
  "module_id": "PolicyEnforcementPointManagement", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyEdgeCluster"
  }, 
  "properties": {
    "PolicyEdgeCluster": {
      "$ref": "PolicyEdgeCluster, 
      "description": "Contains the actual PolicyEdgeCluster object", 
      "required": true, 
      "title": "PolicyEdgeCluster"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyEdgeCluster", 
  "type": "object"
}

ChildPolicyEdgeNode (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PolicyEdgeNode, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyEdgeNode", 
  "module_id": "PolicyEnforcementPointManagement", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyEdgeNode"
  }, 
  "properties": {
    "PolicyEdgeNode": {
      "$ref": "PolicyEdgeNode, 
      "description": "Contains the actual PolicyEdgeNode object", 
      "required": true, 
      "title": "PolicyEdgeNode"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyEdgeNode", 
  "type": "object"
}

ChildPolicyExcludeList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyExcludeList", 
  "module_id": "PolicyFirewallConfiguration", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyExcludeList"
  }, 
  "properties": {
    "PolicyExcludeList": {
      "$ref": "PolicyExcludeList, 
      "description": "Contains the actual policy exclude list object.", 
      "required": true, 
      "title": "PolicyExcludeList"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyExcludeList", 
  "type": "object"
}

ChildPolicyFirewallFloodProtectionProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PolicyFirewallFloodProtectionProfileBindingMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyFirewallFloodProtectionProfileBindingMap", 
  "module_id": "PolicyFirewallFloodProtectionProfileBinding", 
  "properties": {
    "PolicyFirewallFloodProtectionProfileBindingMap": {
      "$ref": "PolicyFirewallFloodProtectionProfileBindingMap, 
      "description": "Contains the actual PolicyFirewallFloodProtectionProfileBindingMap object", 
      "required": true, 
      "title": "PolicyFirewallFloodProtectionProfileBindingMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyFirewallFloodProtectionProfileBindingMap", 
  "type": "object"
}

ChildPolicyFirewallSessionTimerProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PolicyFirewallSessionTimerProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyFirewallSessionTimerProfile", 
  "module_id": "PolicyFirewallSessionTimerProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyFirewallSessionTimerProfile"
  }, 
  "properties": {
    "PolicyFirewallSessionTimerProfile": {
      "$ref": "PolicyFirewallSessionTimerProfile, 
      "description": "Contains the actual PolicyFirewallSessionTimerProfile object", 
      "required": true, 
      "title": "PolicyFirewallSessionTimerProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyFirewallSessionTimerProfile", 
  "type": "object"
}

ChildPolicyFirewallSessionTimerProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PolicyFirewallSessionTimerProfileBindingMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyFirewallSessionTimerProfileBindingMap", 
  "module_id": "PolicyFirewallSessionTimerProfileBinding", 
  "properties": {
    "PolicyFirewallSessionTimerProfileBindingMap": {
      "$ref": "PolicyFirewallSessionTimerProfileBindingMap, 
      "description": "Contains the actual PolicyFirewallSessionTimerProfileBindingMap object", 
      "required": true, 
      "title": "PolicyFirewallSessionTimerProfileBindingMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyFirewallSessionTimerProfileBindingMap", 
  "type": "object"
}

ChildPolicyLabel (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PolicyLabel, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyLabel", 
  "module_id": "PolicyLabel", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyLabel"
  }, 
  "properties": {
    "PolicyLabel": {
      "$ref": "PolicyLabel, 
      "description": "Contains the actual PolicyLabel object", 
      "required": true, 
      "title": "PolicyLabel"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyLabel", 
  "type": "object"
}

ChildPolicyLbMonitorProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for PolicyLbMonitorProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyLbMonitorProfile", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyLbMonitorProfile"
  }, 
  "properties": {
    "PolicyLbMonitorProfile": {
      "$ref": "PolicyLbMonitorProfile, 
      "description": "Contains the actual PolicyLbMonitorProfile object", 
      "required": true, 
      "title": "PolicyLbMonitorProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyLbMonitorProfile", 
  "type": "object"
}

ChildPolicyLbPersistenceProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for PolicyLbPersistenceProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyLbPersistenceProfile", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyLbPersistenceProfile"
  }, 
  "properties": {
    "PolicyLbPersistenceProfile": {
      "$ref": "PolicyLbPersistenceProfile, 
      "description": "Contains the actual PolicyLbPersistenceProfile object", 
      "required": true, 
      "title": "PolicyLbPersistenceProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyLbPersistenceProfile", 
  "type": "object"
}

ChildPolicyLbPoolAccess (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for PolicyLbPoolAccess, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyLbPoolAccess", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyLbPoolAccess"
  }, 
  "properties": {
    "PolicyLbPoolAccess": {
      "$ref": "PolicyLbPoolAccess, 
      "description": "Contains the actual PolicyLbPoolAccess object", 
      "required": true, 
      "title": "PolicyLbPoolAccess"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyLbPoolAccess", 
  "type": "object"
}

ChildPolicyLbRule (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for PolicyLbRule, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyLbRule", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyLbRule"
  }, 
  "properties": {
    "PolicyLbRule": {
      "$ref": "PolicyLbRule, 
      "description": "Contains the actual PolicyLbRule object", 
      "required": true, 
      "title": "PolicyLbRule"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyLbRule", 
  "type": "object"
}

ChildPolicyLbVirtualServer (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for PolicyLbVirtualServer, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyLbVirtualServer", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyLbVirtualServer"
  }, 
  "properties": {
    "PolicyLbVirtualServer": {
      "$ref": "PolicyLbVirtualServer, 
      "description": "Contains the actual PolicyLbVirtualServer object", 
      "required": true, 
      "title": "PolicyLbVirtualServer"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyLbVirtualServer", 
  "type": "object"
}

ChildPolicyNat (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PolicyNat, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyNat", 
  "module_id": "PolicyNAT", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyNat"
  }, 
  "properties": {
    "PolicyNat": {
      "$ref": "PolicyNat, 
      "description": "Contains the actual PolicyNAT object", 
      "required": true, 
      "title": "PolicyNat"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyNat", 
  "type": "object"
}

ChildPolicyNatRule (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PolicyNatRule, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyNatRule", 
  "module_id": "PolicyNAT", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyNatRule"
  }, 
  "properties": {
    "PolicyNatRule": {
      "$ref": "PolicyNatRule, 
      "description": "Contains the actual PolicyNatRule object", 
      "required": true, 
      "title": "PolicyNatRule"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyNatRule", 
  "type": "object"
}

ChildPolicyServiceChain (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PolicyServiceInstance used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyServiceChain", 
  "module_id": "PolicyServiceInsertion", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyServiceChain"
  }, 
  "properties": {
    "PolicyServiceChain": {
      "$ref": "PolicyServiceChain, 
      "description": "Contains actual PolicyServiceChain.", 
      "required": true, 
      "title": "PolicyServiceChain"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyServiceChain", 
  "type": "object"
}

ChildPolicyServiceInstance (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PolicyServiceInstance used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyServiceInstance", 
  "module_id": "PolicyServiceInsertion", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyServiceInstance"
  }, 
  "properties": {
    "PolicyServiceInstance": {
      "$ref": "PolicyServiceInstance, 
      "description": "Contains actual PolicyServiceInstance.", 
      "required": true, 
      "title": "PolicyServiceInstance"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyServiceInstance", 
  "type": "object"
}

ChildPolicyServiceProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PolicyServiceProfile used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyServiceProfile", 
  "module_id": "PolicyServiceInsertion", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyServiceProfile"
  }, 
  "properties": {
    "PolicyServiceProfile": {
      "$ref": "PolicyServiceProfile, 
      "description": "Contains actual PolicyServiceProfile.", 
      "required": true, 
      "title": "PolicyServiceProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyServiceProfile", 
  "type": "object"
}

ChildPolicyTransportZone (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PolicyTransportZone, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPolicyTransportZone", 
  "module_id": "PolicyEnforcementPointManagement", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPolicyTransportZone"
  }, 
  "properties": {
    "PolicyTransportZone": {
      "$ref": "PolicyTransportZone, 
      "description": "Contains the actual PolicyTransportZone object", 
      "required": true, 
      "title": "PolicyTransportZone"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PolicyTransportZone", 
  "type": "object"
}

ChildPortDiscoveryProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PortDiscoveryProfileBindingMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPortDiscoveryProfileBindingMap", 
  "module_id": "PolicyDiscoveryProfileBinding", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPortDiscoveryProfileBindingMap"
  }, 
  "properties": {
    "PortDiscoveryProfileBindingMap": {
      "$ref": "PortDiscoveryProfileBindingMap, 
      "description": "Contains the actual PortDiscoveryProfileBindingMap object", 
      "required": true, 
      "title": "PortDiscoveryProfileBindingMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PortDiscoveryProfileBindingMap", 
  "type": "object"
}

ChildPortMirroringProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PortMirroringProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPortMirroringProfile", 
  "module_id": "PolicyPortMirroring", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPortMirroringProfile"
  }, 
  "properties": {
    "PortMirroringProfile": {
      "$ref": "PortMirroringProfile, 
      "description": "Contains the actual PortMirroringProfile object", 
      "required": true, 
      "title": "PortMirroringProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PortMirroringProfile", 
  "type": "object"
}

ChildPortMonitoringProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PortMonitoringProfileBindingMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPortMonitoringProfileBindingMap", 
  "module_id": "PolicyMonitoringProfileBinding", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPortMonitoringProfileBindingMap"
  }, 
  "properties": {
    "PortMonitoringProfileBindingMap": {
      "$ref": "PortMonitoringProfileBindingMap, 
      "description": "Contains the actual PortMonitoringProfileBindingMap object", 
      "required": true, 
      "title": "PortMonitoringProfileBindingMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PortMonitoringProfileBindingMap", 
  "type": "object"
}

ChildPortQoSProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PortQoSProfileBindingMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPortQoSProfileBindingMap", 
  "module_id": "PolicyQoSProfileBinding", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPortQoSProfileBindingMap"
  }, 
  "properties": {
    "PortQoSProfileBindingMap": {
      "$ref": "PortQoSProfileBindingMap, 
      "description": "Contains the actual PortQoSProfileBindingMap object", 
      "required": true, 
      "title": "PortQoSProfileBindingMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PortQoSProfileBindingMap", 
  "type": "object"
}

ChildPortSecurityProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PortSecurityProfileBindingMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPortSecurityProfileBindingMap", 
  "module_id": "PolicySecurityProfileBinding", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPortSecurityProfileBindingMap"
  }, 
  "properties": {
    "PortSecurityProfileBindingMap": {
      "$ref": "PortSecurityProfileBindingMap, 
      "description": "Contains the actual PortSecurityProfileBindingMap object", 
      "required": true, 
      "title": "PortSecurityProfileBindingMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PortSecurityProfileBindingMap", 
  "type": "object"
}

ChildPrefixList (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for PrefixList, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildPrefixList", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildPrefixList"
  }, 
  "properties": {
    "PrefixList": {
      "$ref": "PrefixList, 
      "description": "Contains the actual PrefixList object.", 
      "required": true, 
      "title": "PrefixList"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for PrefixList", 
  "type": "object"
}

ChildQoSProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for QoSProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildQoSProfile", 
  "module_id": "PolicyQoS", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildQoSProfile"
  }, 
  "properties": {
    "QoSProfile": {
      "$ref": "QoSProfile, 
      "description": "Contains the actual QoSProfile object", 
      "required": true, 
      "title": "QoSProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for QoSProfile", 
  "type": "object"
}

ChildReaction (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for Reaction used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildReaction", 
  "module_id": "PolicyReaction", 
  "properties": {
    "Reaction": {
      "$ref": "Reaction, 
      "description": "Contains the actual Reaction object.", 
      "required": true, 
      "title": "Reaction"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Reaction", 
  "type": "object"
}

ChildRedirectionPolicy (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for RedirectionPolicy used in Hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildRedirectionPolicy", 
  "module_id": "PolicyServiceInsertion", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildRedirectionPolicy"
  }, 
  "properties": {
    "RedirectionPolicy": {
      "$ref": "RedirectionPolicy, 
      "description": "Contains actual RedirectionPolicy.", 
      "required": true, 
      "title": "RedirectionPolicy"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for RedirectionPolicy\n", 
  "type": "object"
}

ChildRedirectionRule (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for ChildRedirectionRule used in Hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildRedirectionRule", 
  "module_id": "PolicyServiceInsertion", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildRedirectionRule"
  }, 
  "properties": {
    "RedirectionRule": {
      "$ref": "RedirectionRule, 
      "description": "Contains actual RedirectionRule.", 
      "required": true, 
      "title": "RedirectionRule"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for RedirectionRule\n", 
  "type": "object"
}

ChildResourceReference (type) 

{
  "additionalProperties": false, 
  "description": "Represents a reference to ChildPolicyConfigResource in the hierarchical API. resource_type, id and target_type are mandatory fields.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildResourceReference", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "target_type": {
      "required": true, 
      "title": "The target type of this reference", 
      "type": "string"
    }
  }, 
  "title": "Represents the reference to ChildPolicyConfigResource", 
  "type": "object"
}

ChildRule (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for Rule, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildRule", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildRule"
  }, 
  "properties": {
    "Rule": {
      "$ref": "Rule, 
      "description": "Contains the actual Rule object", 
      "required": true, 
      "title": "Rule"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Rule", 
  "type": "object"
}

ChildSecurityPolicy (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for SecurityPolicy, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildSecurityPolicy", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildSecurityPolicy"
  }, 
  "properties": {
    "SecurityPolicy": {
      "$ref": "SecurityPolicy, 
      "description": "Contains the actual SecurityPolicy object", 
      "required": true, 
      "title": "SecurityPolicy"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for SecurityPolicy", 
  "type": "object"
}

ChildSegment (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for Segment, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildSegment", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildSegment"
  }, 
  "properties": {
    "Segment": {
      "$ref": "Segment, 
      "description": "Contains the actual Segment object.", 
      "required": true, 
      "title": "Segment"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Segment", 
  "type": "object"
}

ChildSegmentDiscoveryProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for SegmentDiscoveryProfileBindingMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildSegmentDiscoveryProfileBindingMap", 
  "module_id": "PolicyDiscoveryProfileBinding", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildSegmentDiscoveryProfileBindingMap"
  }, 
  "properties": {
    "SegmentDiscoveryProfileBindingMap": {
      "$ref": "SegmentDiscoveryProfileBindingMap, 
      "description": "Contains the actual SegmentDiscoveryProfileBindingMap object", 
      "required": true, 
      "title": "SegmentDiscoveryProfileBindingMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for SegmentDiscoveryProfileBindingMap", 
  "type": "object"
}

ChildSegmentMonitoringProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for SegmentMonitoringProfileBindingMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildSegmentMonitoringProfileBindingMap", 
  "module_id": "PolicyMonitoringProfileBinding", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildSegmentMonitoringProfileBindingMap"
  }, 
  "properties": {
    "SegmentMonitoringProfileBindingMap": {
      "$ref": "SegmentMonitoringProfileBindingMap, 
      "description": "Contains the actual SegmentMonitoringProfileBindingMap object", 
      "required": true, 
      "title": "SegmentMonitoringProfileBindingMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for SegmentMonitoringProfileBindingMap", 
  "type": "object"
}

ChildSegmentPort (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for SegmentPort, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildSegmentPort", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildSegmentPort"
  }, 
  "properties": {
    "SegmentPort": {
      "$ref": "SegmentPort, 
      "description": "Contains the actual SegmentPort object", 
      "required": true, 
      "title": "SegmentPort"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for SegmentPort", 
  "type": "object"
}

ChildSegmentQoSProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for SegmentQoSProfileBindingMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildSegmentQoSProfileBindingMap", 
  "module_id": "PolicyQoSProfileBinding", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildSegmentQoSProfileBindingMap"
  }, 
  "properties": {
    "SegmentQoSProfileBindingMap": {
      "$ref": "SegmentQoSProfileBindingMap, 
      "description": "Contains the actual SegmentQoSProfileBindingMap object", 
      "required": true, 
      "title": "SegmentQoSProfileBindingMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for SegmentQoSProfileBindingMap", 
  "type": "object"
}

ChildSegmentSecurityProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for SegmentSecurityProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildSegmentSecurityProfile", 
  "module_id": "PolicySegmentSecurity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildSegmentSecurityProfile"
  }, 
  "properties": {
    "SegmentSecurityProfile": {
      "$ref": "SegmentSecurityProfile, 
      "description": "Contains the actual SegmentSecurityProfile object", 
      "required": true, 
      "title": "SegmentSecurityProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for SegmentSecurityProfile", 
  "type": "object"
}

ChildSegmentSecurityProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for SegmentSecurityProfileBindingMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildSegmentSecurityProfileBindingMap", 
  "module_id": "PolicySecurityProfileBinding", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildSegmentSecurityProfileBindingMap"
  }, 
  "properties": {
    "SegmentSecurityProfileBindingMap": {
      "$ref": "SegmentSecurityProfileBindingMap, 
      "description": "Contains the actual SegmentSecurityProfileBindingMap object", 
      "required": true, 
      "title": "SegmentSecurityProfileBindingMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for SegmentSecurityProfileBindingMap", 
  "type": "object"
}

ChildService (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for Service, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildService", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildService"
  }, 
  "properties": {
    "Service": {
      "$ref": "Service, 
      "description": "Contains the actual Service object.", 
      "required": true, 
      "title": "Service"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Service", 
  "type": "object"
}

ChildServiceEntry (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for ServiceEntry, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildServiceEntry", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildServiceEntry"
  }, 
  "properties": {
    "Service": {
      "$ref": "ServiceEntry, 
      "deprecated": true, 
      "description": "This is a deprecated property, Please use 'ServiceEntry' instead.", 
      "title": "ServiceEntry"
    }, 
    "ServiceEntry": {
      "$ref": "ServiceEntry, 
      "description": "Contains the actual ServiceEntry object.", 
      "required": true, 
      "title": "ServiceEntry"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for ServiceEntry", 
  "type": "object"
}

ChildServiceInstanceEndpoint (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for ServiceInstanceEndpoint used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildServiceInstanceEndpoint", 
  "module_id": "PolicyServiceInsertion", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildServiceInstanceEndpoint"
  }, 
  "properties": {
    "ServiceInstanceEndpoint": {
      "$ref": "ServiceInstanceEndpoint, 
      "description": "Contains actual ServiceInstanceEndpoint.", 
      "required": true, 
      "title": "ServiceInstanceEndpoint"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for ServiceInstanceEndpoint", 
  "type": "object"
}

ChildServiceInterface (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for ServiceInterface, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildServiceInterface", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildServiceInterface"
  }, 
  "properties": {
    "ServiceInterface": {
      "$ref": "ServiceInterface, 
      "description": "Contains the actual ServiceInterface object.", 
      "required": true, 
      "title": "ServiceInterface"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for ServiceInterface", 
  "type": "object"
}

ChildServiceReference (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for ServiceReference used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildServiceReference", 
  "module_id": "PolicyServiceInsertion", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildServiceReference"
  }, 
  "properties": {
    "ServiceReference": {
      "$ref": "ServiceReference, 
      "description": "Contains actual ServiceReference.", 
      "required": true, 
      "title": "ServiceReference"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for ServiceReference", 
  "type": "object"
}

ChildServiceSegment (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for ServiceSegment, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildServiceSegment", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildServiceSegment"
  }, 
  "properties": {
    "ServiceSegment": {
      "$ref": "ServiceSegment, 
      "description": "Contains the actual ServiceSegment objects", 
      "required": true, 
      "title": "ServiceSegments"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for SerivceSegment", 
  "type": "object"
}

ChildSessionTimerProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for SessionTimerProfileBindingMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildSessionTimerProfileBindingMap", 
  "module_id": "PolicyProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildSessionTimerProfileBindingMap"
  }, 
  "properties": {
    "SessionTimerProfileBindingMap": {
      "$ref": "SessionTimerProfileBindingMap, 
      "description": "Contains the actual SessionTimerProfileBindingMap object", 
      "required": true, 
      "title": "SessionTimerProfileBindingMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for SessionTimerProfileBindingMap", 
  "type": "object"
}

ChildSite (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for Site, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildSite", 
  "module_id": "PolicyEnforcementPointManagement", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildSite"
  }, 
  "properties": {
    "Site": {
      "$ref": "Site, 
      "description": "Contains the actual Site object", 
      "required": true, 
      "title": "Site"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Site", 
  "type": "object"
}

ChildSpoofGuardProfile (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for SpoofGuardProfile, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildSpoofGuardProfile", 
  "module_id": "PolicySpoofGuard", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildSpoofGuardProfile"
  }, 
  "properties": {
    "SpoofGuardProfile": {
      "$ref": "SpoofGuardProfile, 
      "description": "Contains the actual SpoofGuardProfile object", 
      "required": true, 
      "title": "SpoofGuardProfile"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for SpoofGuardProfile", 
  "type": "object"
}

ChildSslTrustObjectData (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for SslTrustObjectData, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildSslTrustObjectData", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildSslTrustObjectData"
  }, 
  "properties": {
    "SslTrustObjectData": {
      "$ref": "SslTrustObjectData, 
      "description": "Contains the actual SslTrustObjectData object", 
      "required": true, 
      "title": "SslTrustObjectData"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for SslTrustObjectData", 
  "type": "object"
}

ChildStandaloneHostIdfwConfiguration (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildStandaloneHostIdfwConfiguration", 
  "module_id": "PolicyFirewallConfiguration", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildStandaloneHostIdfwConfiguration"
  }, 
  "properties": {
    "StandaloneHostIdfwConfiguration": {
      "$ref": "StandaloneHostIdfwConfiguration, 
      "description": "Contains the actual standalone host idfw configuration object.", 
      "required": true, 
      "title": "StandaloneHostIdfwConfiguration"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for StandaloneHostIdfwConfiguration", 
  "type": "object"
}

ChildStaticARPConfig (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for StaticARPConfig, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildStaticARPConfig", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildStaticARPConfig"
  }, 
  "properties": {
    "StaticARPConfig": {
      "$ref": "StaticARPConfig, 
      "description": "Contains the actual StaticARPConfig object.", 
      "required": true, 
      "title": "StaticARPConfig"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for StaticARPConfig", 
  "type": "object"
}

ChildStaticRoutes (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for StaticRoutes, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildStaticRoutes", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildStaticRoutes"
  }, 
  "properties": {
    "StaticRoutes": {
      "$ref": "StaticRoutes, 
      "description": "Contains the actual StaticRoutes object.", 
      "required": true, 
      "title": "StaticRoutes"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for StaticRoutes", 
  "type": "object"
}

ChildTier0 (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for Tier-0, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildTier0", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildTier0"
  }, 
  "properties": {
    "Tier0": {
      "$ref": "Tier0, 
      "description": "Contains the actual Tier-0 object.", 
      "required": true, 
      "title": "Tier-0"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Tier-0", 
  "type": "object"
}

ChildTier0DeploymentMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for Tier0DeploymentMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildTier0DeploymentMap", 
  "module_id": "PolicyEnforcementPointManagement", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildTier0DeploymentMap"
  }, 
  "properties": {
    "Tier0DeploymentMap": {
      "$ref": "Tier0DeploymentMap, 
      "description": "Contains the actual Tier0DeploymentMap object", 
      "required": true, 
      "title": "Tier0DeploymentMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Tier0DeploymentMap", 
  "type": "object"
}

ChildTier0Interface (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for Tier0Interface, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildTier0Interface", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildTier0Interface"
  }, 
  "properties": {
    "Tier0Interface": {
      "$ref": "Tier0Interface, 
      "description": "Contains the actual Tier0Interface object.", 
      "required": true, 
      "title": "Tier0Interface"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Tier0Interface", 
  "type": "object"
}

ChildTier0RouteMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for Tier0RouteMap, used in hierarchical API", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildTier0RouteMap", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildTier0RouteMap"
  }, 
  "properties": {
    "Tier0RouteMap": {
      "$ref": "Tier0RouteMap, 
      "description": "Contains the actual Tier0RouteMap object", 
      "required": true, 
      "title": "Tier0RouteMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Tier0RouteMap", 
  "type": "object"
}

ChildTier1 (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for Tier-1 , used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildTier1", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildTier1"
  }, 
  "properties": {
    "Tier1": {
      "$ref": "Tier1, 
      "description": "Contains the actual Tier-1 object.", 
      "required": true, 
      "title": "Tier-1"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Tier-1", 
  "type": "object"
}

ChildTier1DeploymentMap (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for Tier1DeploymentMap, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildTier1DeploymentMap", 
  "module_id": "PolicyEnforcementPointManagement", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildTier1DeploymentMap"
  }, 
  "properties": {
    "Tier1DeploymentMap": {
      "$ref": "Tier1DeploymentMap, 
      "description": "Contains the actual Tier1DeploymentMap object", 
      "required": true, 
      "title": "Tier1DeploymentMap"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Tier1DeploymentMap", 
  "type": "object"
}

ChildTier1Interface (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for Tier1Interface, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildTier1Interface", 
  "module_id": "PolicyConnectivity", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildTier1Interface"
  }, 
  "properties": {
    "Tier1Interface": {
      "$ref": "Tier1Interface, 
      "description": "Contains the actual Tier1Interface object.", 
      "required": true, 
      "title": "Tier1Interface"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for Tier1Interface", 
  "type": "object"
}

ChildTlsCertificate (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for TlsCertificate, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildTlsCertificate", 
  "module_id": "PolicyCertificate", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildTlsCertificate"
  }, 
  "properties": {
    "TlsCertificate": {
      "$ref": "TlsCertificate, 
      "description": "Contains the actual TlsCertificate object.", 
      "required": true, 
      "title": "TlsCertificate"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for TlsCertificate", 
  "type": "object"
}

ChildTlsCrl (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for TlsCrl, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildTlsCrl", 
  "module_id": "PolicyCertificate", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildTlsCrl"
  }, 
  "properties": {
    "TlsCrl": {
      "$ref": "TlsCrl, 
      "description": "Contains the actual TlsCrl object.", 
      "required": true, 
      "title": "TlsCrl"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for TlsCrl", 
  "type": "object"
}

ChildTlsTrustData (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper for TlsTrustData, used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildTlsTrustData", 
  "module_id": "PolicyCertificate", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildTlsTrustData"
  }, 
  "properties": {
    "TlsTrustData": {
      "$ref": "TlsTrustData, 
      "description": "Contains the actual TlsTrustData object.", 
      "required": true, 
      "title": "TlsTrustData"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for TlsTrustData", 
  "type": "object"
}

ChildTypesRequestParameter (type) 

{
  "description": "Specified child resource types will be populated in the response body", 
  "id": "ChildTypesRequestParameter", 
  "module_id": "Policy", 
  "properties": {
    "filter": {
      "description": "Filter string, can contain multiple or single java regular expressions separated by ';'. - Sample query string to prevent loading services and deployment zones: filter=Type-^(?!.*?(?:Service|DeploymentZone)).*$ - Sample query string to load every policy object under Infra: filter=/", 
      "required": false, 
      "title": "Filter string as java regex", 
      "type": "string"
    }
  }, 
  "title": "Filter to populate child types of the policyConfigResource", 
  "type": "object"
}

ChildVirtualEndpoint (type) 

{
  "additionalProperties": false, 
  "description": "Child wrapper object for VirtualEndpoint used in hierarchical API.", 
  "extends": {
    "$ref": "ChildPolicyConfigResource
  }, 
  "id": "ChildVirtualEndpoint", 
  "module_id": "PolicyServiceInsertion", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ChildVirtualEndpoint"
  }, 
  "properties": {
    "VirtualEndpoint": {
      "$ref": "VirtualEndpoint, 
      "description": "Contains reference to actual VirtualEndpoint.", 
      "required": true, 
      "title": "VirtualEndpoint"
    }, 
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.", 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Wrapper object for VirtualEndpoint", 
  "type": "object"
}

CidrBlock (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about IPv4 CIDR block.", 
  "format": "ipv4_cidr_block", 
  "id": "CidrBlock", 
  "module_id": "CloudServiceManager", 
  "title": "IPv4 CIDR Block", 
  "type": "string"
}

CipherSuite (type) 

{
  "additionalProperties": false, 
  "id": "CipherSuite", 
  "properties": {
    "enabled": {
      "required": true, 
      "title": "Enable status for this cipher suite", 
      "type": "boolean"
    }, 
    "name": {
      "required": true, 
      "title": "Name of the TLS cipher suite", 
      "type": "string"
    }
  }, 
  "title": "TLS cipher suite", 
  "type": "object"
}

ClasslessStaticRoute (type) 

{
  "additionalProperties": false, 
  "description": "DHCP classless static route option.", 
  "id": "ClasslessStaticRoute", 
  "module_id": "Dhcp", 
  "properties": {
    "network": {
      "$ref": "IPElement, 
      "description": "Destination network in CIDR format.", 
      "required": true, 
      "title": "Destination in CIDR"
    }, 
    "next_hop": {
      "$ref": "IPAddress, 
      "description": "IP address of next hop of the route.", 
      "required": true, 
      "title": "Router"
    }
  }, 
  "title": "DHCP classless static route option", 
  "type": "object"
}

ClearPasswordActionParameters (type) 

{
  "id": "ClearPasswordActionParameters", 
  "module_id": "Routing", 
  "properties": {
    "action": {
      "enum": [
        "clear_password"
      ], 
      "type": "string"
    }
  }, 
  "type": "object"
}

ClientAuthType (type) 

{
  "additionalProperties": false, 
  "description": "Client authentication could be REQUIRED or IGNORE. REQUIRED means that client is required to present its certificate to the server for authentication. To be accepted, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified in the same client SSL profile binding. IGNORE means that client certificate would be ignored.", 
  "enum": [
    "REQUIRED", 
    "IGNORE"
  ], 
  "id": "ClientAuthType", 
  "module_id": "LoadBalancer", 
  "title": "client authentication mode", 
  "type": "string"
}

ClientSslProfileBinding (type) 

{
  "additionalProperties": false, 
  "id": "ClientSslProfileBinding", 
  "module_id": "LoadBalancer", 
  "properties": {
    "certificate_chain_depth": {
      "default": 3, 
      "description": "authentication depth is used to set the verification depth in the client certificates chain.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "the maximum traversal depth of client certificate chain", 
      "type": "integer"
    }, 
    "client_auth": {
      "$ref": "ClientAuthType, 
      "default": "IGNORE", 
      "required": false, 
      "title": "client authentication mode"
    }, 
    "client_auth_ca_ids": {
      "description": "If client auth type is REQUIRED, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "CA identifier list to verify client certificate", 
      "type": "array"
    }, 
    "client_auth_crl_ids": {
      "description": "A Certificate Revocation List (CRL) can be specified in the client-side SSL profile binding to disallow compromised client certificates.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "CRL identifier list to verify client certificate", 
      "type": "array"
    }, 
    "default_certificate_id": {
      "description": "A default certificate should be specified which will be used if the server does not host multiple hostnames on the same IP address or if the client does not support SNI extension.", 
      "required": true, 
      "title": "default service certificate identifier", 
      "type": "string"
    }, 
    "sni_certificate_ids": {
      "description": "Client-side SSL profile binding allows multiple certificates, for different hostnames, to be bound to the same virtual server.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "SNI certificate identifier list", 
      "type": "array"
    }, 
    "ssl_profile_id": {
      "description": "Client SSL profile defines reusable, application-independent client side SSL properties.", 
      "required": false, 
      "title": "client SSL profile identifier", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ClientTypeCollectionConfiguration (type) 

{
  "id": "ClientTypeCollectionConfiguration", 
  "module_id": "AggSvcDataCollectionConfig", 
  "properties": {
    "client_type": {
      "description": "The client type for which this data collection frequency setting applies", 
      "enum": [
        "HYPERVISOR", 
        "EDGE", 
        "CONTROL_PLANE", 
        "CONTROL_PLANE_PLATFORM", 
        "MANAGEMENT_PLANE", 
        "MANAGEMENT_PLANE_PLATFORM"
      ], 
      "required": true, 
      "title": "Client Type", 
      "type": "string"
    }, 
    "data_type_configurations": {
      "description": "The set of data collection type configurations, one for each data collection type", 
      "items": {
        "$ref": "DataTypeCollectionConfiguration
      }, 
      "required": true, 
      "title": "Data type configurations", 
      "type": "array"
    }
  }, 
  "title": "HPM client data collection configuration", 
  "type": "object"
}

CloudAccount (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about a cloud account like cloud type and insatnce statistics.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "CloudAccount", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "auth_users": {
      "description": "List of authorized users.", 
      "items": {
        "$ref": "CloudUserInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Authrized Users", 
      "type": "array"
    }, 
    "cloud_type": {
      "decription": "Name of the cloud vendor.", 
      "enum": [
        "AWS", 
        "AZURE", 
        "GOOGLE"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Cloud Type", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "instance_stats": {
      "$ref": "InstanceStats, 
      "description": "Stores statistics of the number of managed, unmanaged and error virtual machines.", 
      "readonly": true, 
      "required": false, 
      "title": "Instance statistics"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tenant_id": {
      "description": "Tenant ID of the cloud account.", 
      "readonly": true, 
      "required": false, 
      "title": "Tenant ID", 
      "type": "string"
    }
  }, 
  "title": "Cloud Account", 
  "type": "object"
}

CloudAccountStatus (type) 

{
  "additionalProperties": false, 
  "description": "Stores the status of cloud account like credentials validity status and inventory synchronization status.", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "CloudAccountStatus", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "credentials_status": {
      "description": "Status of the cloud account credentials synced at the auto interval.", 
      "enum": [
        "VALID", 
        "INVALID"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Credentials Status", 
      "type": "string"
    }, 
    "inventory_sync_status": {
      "description": "Status of inventory synchronization process.", 
      "enum": [
        "SYNCED", 
        "IN_PROGRESS"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Inventory Synchronization Status", 
      "type": "string"
    }
  }, 
  "title": "Cloud Account status", 
  "type": "object"
}

CloudGatewayPrivateIpAddress (type) 

{
  "additionalProperties": false, 
  "id": "CloudGatewayPrivateIpAddress", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "gateway_ha_index": {
      "minimum": 0, 
      "readonly": true, 
      "title": "Index of HA that indicates whether gateway is primary or secondary.\nIf index is 0, then it is primary gateway. Else secondary gateway.\n", 
      "type": "integer"
    }, 
    "private_ip": {
      "description": "The secondary Private IP allocated on the gateway's uplink interface.", 
      "format": "ipv4", 
      "readonly": true, 
      "title": "Secondary Private IP", 
      "type": "string"
    }
  }, 
  "title": "Private IP address of the gateway", 
  "type": "object"
}

CloudIpAllocationConfig (type) 

{
  "additionalProperties": false, 
  "description": "Configuration parameters to create IP allocations that will be used for containers. These containers will be deployed in an Aws Vpc or Azure Vnet.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "CloudIpAllocationConfig", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "cloud_account_id": {
      "description": "ID of the Cloud Account in which the IPs are allocated.", 
      "readonly": false, 
      "required": true, 
      "title": "Cloud Account ID", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_allocation_mode": {
      "default": "PUBLIC_IP", 
      "description": "PUBLIC_IP: Allocate new public IP. LINK_LOCAL_IP: Allocate new link local IP.", 
      "enum": [
        "PUBLIC_IP", 
        "LINK_LOCAL_IP"
      ], 
      "title": "IP Allocation Mode", 
      "type": "string"
    }, 
    "ip_allocation_type": {
      "default": "PAS", 
      "description": "Based on the type, IP allocation will be done accordingly. Legal values are PAS and NAT.", 
      "enum": [
        "PAS", 
        "NAT"
      ], 
      "title": "IP allocation type", 
      "type": "string"
    }, 
    "number_of_allocations": {
      "desription": "The number of public/link local IP allocations requested.\n", 
      "readonly": false, 
      "required": true, 
      "title": "Number of IP allocations required.", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Cloud IP Allocation Configuration", 
  "type": "object"
}

CloudIpAllocationMapping (type) 

{
  "additionalProperties": false, 
  "description": "Information about Cloud IP mapping and allocation state.", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "CloudIpAllocationMapping", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "allocated_ip": {
      "desription": "The public/link local IP allocated for the IP mapping.", 
      "format": "ipv4", 
      "readonly": true, 
      "title": "Public/link local IP", 
      "type": "string"
    }, 
    "gateway_private_ips": {
      "description": "List of secondary Private IPs allocated on the gateway's uplink interface.", 
      "items": {
        "$ref": "CloudGatewayPrivateIpAddress
      }, 
      "readonly": true, 
      "title": "Secondary Private IP Addresses", 
      "type": "array"
    }
  }, 
  "title": "Cloud IP Allocation Mapping", 
  "type": "object"
}

CloudIpAllocationMappings (type) 

{
  "additionalProperties": false, 
  "description": "Information about Cloud IP mappings.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "CloudIpAllocationMappings", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "cloud_account_id": {
      "description": "ID of the Cloud Account in which the IPs are allocated.", 
      "readonly": true, 
      "title": "Cloud Account ID", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "error_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code for IP allocation failure", 
      "type": "integer"
    }, 
    "error_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message for IP allocation failure", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_allocation_type": {
      "default": "PAS", 
      "description": "Based on the type, IP allocation will be done accordingly. Legal values are PAS and NAT.", 
      "enum": [
        "PAS", 
        "NAT"
      ], 
      "readonly": true, 
      "title": "IP allocation type", 
      "type": "string"
    }, 
    "ip_mappings": {
      "description": "IP mappings for a foundation.", 
      "items": {
        "$ref": "CloudIpAllocationMapping
      }, 
      "readonly": true, 
      "type": "array"
    }, 
    "ip_operation_status": {
      "description": "Indicates the state of the IP allocation or de-allocation. ALLOCATION_IN_PROGRESS: IP allocation is in progress. DELETION_IN_PROGRESS: IP de-allocation or deletion is in progress. SUCCESSFUL: IP allocation is successful. Successful de-allocation can be confirmed if the status API for this mapping returns a 404 error. FAILED: IP allocation or de-allocation failed.", 
      "enum": [
        "ALLOCATION_IN_PROGRESS", 
        "DELETION_IN_PROGRESS", 
        "SUCCESSFUL", 
        "FAILED"
      ], 
      "readonly": true, 
      "title": "IP Allocation State", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Cloud IP Allocation Mappings", 
  "type": "object"
}

CloudSecurityGroup (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about a cloud security group.", 
  "extends": {
    "$ref": "SecurityGroup
  }, 
  "id": "CloudSecurityGroup", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cloud_tags": {
      "description": "Array of tags associated to a cloud security group.", 
      "items": {
        "$ref": "CloudTag
      }, 
      "readonly": true, 
      "title": "Cloud Tags", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "is_managed_by_nsx": {
      "description": "If the flag is true, the cloud security group is managed by NSX.", 
      "readonly": true, 
      "required": false, 
      "title": "Is Managed By NSX", 
      "type": "boolean"
    }, 
    "region_id": {
      "description": "ID of the cloud region.", 
      "readonly": true, 
      "required": false, 
      "title": "Region ID", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "security_group_id": {
      "description": "ID of the cloud security group.", 
      "readonly": true, 
      "required": false, 
      "title": "Security Group ID", 
      "type": "string"
    }, 
    "security_group_name": {
      "description": "Name of the cloud security group.", 
      "readonly": true, 
      "required": false, 
      "title": "Security Group Name", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Cloud Security Group", 
  "type": "object"
}

CloudSecurityGroupRule (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about a cloud security group rule.", 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "CloudSecurityGroupRule", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destination": {
      "description": "Destination corresponding to the cloud security group rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Destination", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "port_range": {
      "description": "Port range corresponding to the cloud security group rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Port Range", 
      "type": "string"
    }, 
    "protocol": {
      "description": "Protocol corresponding to the cloud security group rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Protocol", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "source": {
      "description": "Source corresponding to the cloud security group rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Source", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Cloud Security Group Rule", 
  "type": "object"
}

CloudServiceEndpoint (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about any service endpoint which is provided in the cloud. Example services include the cloud provided equivalent service for Storage, Database or Load Balancer.", 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "CloudServiceEndpoint", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "nsx_security_groups": {
      "description": "Stores an array of NSX security groups associated to this cloud service endpoint.", 
      "items": {
        "$ref": "SecurityGroup
      }, 
      "readonly": true, 
      "required": false, 
      "title": "NSX security groups array", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "service_endpoint_id": {
      "description": "Cloud provided ID of the service endpoint.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Endpoint ID", 
      "type": "string"
    }, 
    "service_endpoint_type": {
      "description": "Cloud provided type of the service endpoint.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Endpoint Type", 
      "type": "string"
    }, 
    "service_name": {
      "description": "Name of the cloud service the endpoint is associated with.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Name", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Cloud Service Endpoint", 
  "type": "object"
}

CloudTag (type) 

{
  "additionalProperties": false, 
  "description": "Stores the key-value pair of cloud tag.", 
  "id": "CloudTag", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "key": {
      "description": "Key of the cloud tag.", 
      "readonly": true, 
      "required": false, 
      "title": "Tag Key", 
      "type": "string"
    }, 
    "value": {
      "description": "Value of the cloud tag.", 
      "readonly": true, 
      "required": false, 
      "title": "Tag Value", 
      "type": "string"
    }
  }, 
  "title": "Cloud Tag", 
  "type": "object"
}

CloudTypeInfo (type) 

{
  "additionalProperties": false, 
  "id": "CloudTypeInfo", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "cloud_type": {
      "description": "Name of the cloud vendor.", 
      "readonly": true, 
      "required": false, 
      "title": "Cloud Type", 
      "type": "string"
    }
  }, 
  "title": "Cloud Type information", 
  "type": "object"
}

CloudUserInfo (type) 

{
  "additionalProperties": false, 
  "id": "CloudUserInfo", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "display_name": {
      "readonly": true, 
      "required": false, 
      "title": "Display name of the user", 
      "type": "string"
    }, 
    "id": {
      "readonly": true, 
      "required": false, 
      "title": "ID of the user", 
      "type": "string"
    }
  }, 
  "title": "User information", 
  "type": "object"
}

CloudVirtualMachine (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about a Virtual Machine", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "CloudVirtualMachine", 
  "module_id": "CloudVirtualMachineInformation", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "agent_status": {
      "description": "UP - NSX Agent is up and running DOWN - NSX Agent is down NO_AGENT - No NSX Agent installed on VM UNKNOWN - NSX Agent status is unknown", 
      "enum": [
        "UP", 
        "DOWN", 
        "NO_AGENT", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Agent Status", 
      "type": "string"
    }, 
    "agent_version": {
      "readonly": true, 
      "required": false, 
      "title": "Agent version details", 
      "type": "string"
    }, 
    "associated_account_ids": {
      "description": "Array of associated cloud account IDs.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Associated Cloud Account IDs", 
      "type": "array"
    }, 
    "cloud_tags": {
      "items": {
        "$ref": "CloudTag
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Cloud tags for the virtual machine", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "error_messages": {
      "description": "List of error messages identified. Returns only error messages identified in the last 1 hour.", 
      "items": {
        "$ref": "ComputeInstanceErrorMessage
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of error messages", 
      "type": "array"
    }, 
    "gateway_ha_index": {
      "description": "Index of HA that indicates whether gateway is primary or secondary. If index is 0, then it is primary gateway. Else secondary gateway.", 
      "required": false, 
      "title": "Gateway HA Index", 
      "type": "integer"
    }, 
    "gateway_status": {
      "enum": [
        "UP", 
        "DOWN", 
        "DEPLOYING", 
        "NOT_AVAILABLE", 
        "UNDEPLOYING"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Gateway Status", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_gateway": {
      "readonly": true, 
      "required": false, 
      "title": "Flag to identify if this VM is a gateway node", 
      "type": "boolean"
    }, 
    "is_gateway_active": {
      "readonly": true, 
      "required": false, 
      "title": "Flag to identify if this VM is an active gateway node", 
      "type": "boolean"
    }, 
    "logical_switch_display_name": {
      "readonly": true, 
      "required": false, 
      "title": "Logical Switch display name", 
      "type": "string"
    }, 
    "logical_switch_id": {
      "readonly": true, 
      "required": false, 
      "title": "Logical Switch ID", 
      "type": "string"
    }, 
    "managed_by_nsx": {
      "readonly": true, 
      "required": true, 
      "title": "Indicate if vm is managed by NSX or not", 
      "type": "boolean"
    }, 
    "nsx_ip": {
      "readonly": true, 
      "required": false, 
      "title": "IP address provided by NSX", 
      "type": "string"
    }, 
    "nsx_security_group_mapping": {
      "description": "Map of cloud security groups associated to the virtual machine and corresponding NSX security groups.", 
      "items": {
        "$ref": "SecurityGroupDetails
      }, 
      "readonly": true, 
      "required": false, 
      "title": "NSX Security Group Mapping", 
      "type": "array"
    }, 
    "nsx_security_rule_errors": {
      "description": "Array of NSX security rule realization errors.", 
      "items": {
        "$ref": "NsxSecurityRuleErrorDetails
      }, 
      "readonly": true, 
      "required": false, 
      "title": "NSX Security Rule Errors", 
      "type": "array"
    }, 
    "nsx_security_rule_errors_count": {
      "description": "Count of the NSX security rule realization errors.", 
      "readonly": true, 
      "required": false, 
      "title": "NSX Security Rule Errors Count", 
      "type": "integer"
    }, 
    "os_details": {
      "readonly": true, 
      "required": false, 
      "title": "Operating system details", 
      "type": "string"
    }, 
    "os_type": {
      "readonly": true, 
      "required": false, 
      "title": "Operating system of the virtual machine", 
      "type": "string"
    }, 
    "private_ip": {
      "readonly": true, 
      "required": false, 
      "title": "Private IP address of the virtual machine", 
      "type": "string"
    }, 
    "public_ip": {
      "readonly": true, 
      "required": false, 
      "title": "Public IP address of the virtual machine", 
      "type": "string"
    }, 
    "quarantine_state": {
      "description": "Indicates the quarantine state of the VM. QUARANTINED - This state implies VM is moved to quarantine security group because some threat has been detected. NOT_QUARANTINED - This state implies no quarantine action has been taken. UNKNOWN - This state implies either quarantine policy is disabled or quarantine information is not available. OVERRIDDEN - This state implies VM is associated with vm_override_sg which overrides any action based on threat detection. WHITELISTED - This state implies that quarantine operation will not be performed on the VM. NOT_APPLICABLE - This state will be populated for agentless vm.", 
      "enum": [
        "QUARANTINED", 
        "NOT_QUARANTINED", 
        "UNKNOWN", 
        "OVERRIDDEN", 
        "WHITELISTED", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Quarantine State", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource. Possible values are in the form of VirtualMachine prefixed by cloud name. For example, AwsVirtualMachine or AzureVirtualMachine.", 
      "enum": [
        "AwsVirtualMachine", 
        "AzureVirtualMachine"
      ], 
      "required": true, 
      "title": "Resource Type", 
      "type": "string"
    }, 
    "segment_display_name": {
      "description": "Segment display name on which this VM resides.", 
      "readonly": true, 
      "required": false, 
      "title": "Segment display name", 
      "type": "string"
    }, 
    "segment_id": {
      "description": "Segment ID on which this VM resides.", 
      "readonly": true, 
      "required": false, 
      "title": "Segment ID", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "threat_state": {
      "description": "Indicates the threat state of the VM. NORMAL - This state implies no threat has been detected and VM is functioning as expected. THREAT - This state implies quarantine enabling threat has been detected. INVALID - This state implies either VM is unmanaged or threat related information is not available. NOT_APPLICABLE - This state will be populated for agentless vm.", 
      "enum": [
        "NORMAL", 
        "THREAT", 
        "INVALID", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Threat State", 
      "type": "string"
    }, 
    "vm_config_status": {
      "$ref": "VmConfigStatus, 
      "readonly": true, 
      "required": false, 
      "title": "Status for user configurable properties"
    }, 
    "vm_extension_execution_status": {
      "description": "UNKNOWN - This is the default state. Indicates no information available           regarding extension execution. This can potentially occur for           a VM when agent is installed out of band or if           cloud_agent_automated_install_enabled flag is enabled for the           VNET/VPC which already has managed VMs. SUCCESSFUL - Indicates VM extension script execution was successful.           This does not necessarily mean agent installation was           successful. FAILED - Indicates VM extension script execution failed.", 
      "readonly": true, 
      "required": false, 
      "title": "VM extension script execution status", 
      "type": "string"
    }
  }, 
  "title": "Cloud Virtual Machine Information", 
  "type": "object"
}

CloudVirtualMachinesListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "A set of optional filter parameters to list cloud virtual machines", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "CloudVirtualMachinesListRequestParameters", 
  "module_id": "CloudVirtualMachineInformation", 
  "properties": {
    "account_id": {
      "description": "Optional identifier for account based on which virtual machines are to be filtered", 
      "required": false, 
      "title": "Account ID", 
      "type": "string"
    }, 
    "cloud_type": {
      "description": "Optional identifier for cloud provider based on which Virtual Machines are to be filtered", 
      "enum": [
        "AWS", 
        "AZURE"
      ], 
      "required": false, 
      "title": "Cloud Type", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "instance_id": {
      "description": "Optional identifier for virtual machine based on which the list can be filtered", 
      "required": false, 
      "title": "Instance ID", 
      "type": "string"
    }, 
    "is_gateway": {
      "description": "Optional identifier based on which only gateway Virtual Machines can be filtered", 
      "required": false, 
      "title": "Is the VM a gateway node?", 
      "type": "boolean"
    }, 
    "logical_switch_id": {
      "description": "Optional identifier for logical switch based on which Aws Virtual Machines are to be filtered", 
      "required": false, 
      "title": "Logical Switch ID", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "public_ip": {
      "description": "Optional identifier for public IP based on which Virtual Machines are to be filtered", 
      "required": false, 
      "title": "Public IP address of the virtual machine", 
      "type": "string"
    }, 
    "quarantine_state": {
      "description": "Identifier for quarantine state based on which Virtual Machines are to be filtered. QUARANTINED - This state implies VM is moved to quarantine security group because some threat has been detected. NOT_QUARANTINED - This state implies no quarantine action has been taken. UNKNOWN - This state implies either quarantine policy is disabled or quarantine information is not available. OVERRIDDEN - This state implies VM is associated with vm_override_sg which overrides any action based on threat detection.", 
      "enum": [
        "QUARANTINED", 
        "NOT_QUARANTINED", 
        "UNKNOWN", 
        "OVERRIDDEN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Quarantine State", 
      "type": "string"
    }, 
    "region_id": {
      "description": "Optional identifier for AWS or Azure region based on which Virtual Machines are to be filtered", 
      "required": false, 
      "title": "Region ID", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Optional identifier for listing virtual machines of a particular cloud provider. Possible values are in the form of VirtualMachine prefixed by cloud name. For example, AwsVirtualMachine or AzureVirtualMachine.", 
      "enum": [
        "AwsVirtualMachine", 
        "AzureVirtualMachine"
      ], 
      "required": false, 
      "title": "Resource Type", 
      "type": "string"
    }, 
    "segment_id": {
      "description": "Optional identifier for segment based on which Virtual Machines are to be filtered.", 
      "required": false, 
      "title": "Segment ID", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "vnet_id": {
      "description": "Optional identifier for Azure virtual network based on which Azure Virtual Machines are to be filtered. It consists of resourceGuid of Azure Vnet.", 
      "required": false, 
      "title": "Azure virtual network ID", 
      "type": "string"
    }, 
    "vpc_id": {
      "description": "Optional identifier for AWS VPC based on which Virtual Machines are to be filtered", 
      "required": false, 
      "title": "AWS VPC ID", 
      "type": "string"
    }
  }, 
  "title": "Cloud Virtual Machines List Request Parameters", 
  "type": "object"
}

CloudVirtualMachinesListResult (type) 

{
  "additionalProperties": false, 
  "description": "Stores a list of cloud virtual machines", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "CloudVirtualMachinesListResult", 
  "module_id": "CloudVirtualMachineInformation", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of cloud virtual machines", 
      "items": {
        "$ref": "CloudVirtualMachine
      }, 
      "required": false, 
      "title": "Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Cloud Virtual Machines List Result", 
  "type": "object"
}

ClusterBackupInfo (type) 

{
  "additionalProperties": false, 
  "id": "ClusterBackupInfo", 
  "module_id": "ClusterRestore", 
  "properties": {
    "ip_address": {
      "format": "hostname-or-ip", 
      "readonly": true, 
      "required": true, 
      "title": "IP address or FQDN of the node from which the backup was taken", 
      "type": "string"
    }, 
    "node_id": {
      "readonly": true, 
      "required": true, 
      "title": "ID of the node from which the backup was taken", 
      "type": "string"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "required": true, 
      "title": "timestamp of the cluster backup file"
    }
  }, 
  "title": "Cluster backup details", 
  "type": "object"
}

ClusterBackupInfoListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ClusterBackupInfoListResult", 
  "module_id": "ClusterRestore", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ClusterBackupInfo
      }, 
      "readonly": true, 
      "required": true, 
      "title": "List of timestamps of backed-up cluster files", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ClusterCertificateId (type) 

{
  "additionalProperties": false, 
  "id": "ClusterCertificateId", 
  "properties": {
    "certificate_id": {
      "required": true, 
      "title": "Certificate ID", 
      "type": "string"
    }
  }, 
  "title": "Cluster Certificate ID", 
  "type": "object"
}

ClusterConfig (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "RevisionedResource
  }, 
  "id": "ClusterConfig", 
  "module_id": "ClusterManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cluster_id": {
      "readonly": true, 
      "required": true, 
      "title": "Unique identifier of this cluster", 
      "type": "string"
    }, 
    "control_cluster_changes_allowed": {
      "title": "True if control cluster nodes may be added or removed", 
      "type": "boolean"
    }, 
    "mgmt_cluster_changes_allowed": {
      "title": "True if management cluster nodes may be added or removed", 
      "type": "boolean"
    }, 
    "nodes": {
      "items": {
        "$ref": "ClusterNodeInfo
      }, 
      "title": "Configuration of each node in cluster", 
      "type": "array"
    }
  }, 
  "type": "object"
}

ClusterConfiguration (type) 

{
  "additionalProperties": false, 
  "description": "The configuration of the NSX cluster. The cluster configuration consists of a list of cluster node attributes.", 
  "id": "ClusterConfiguration", 
  "module_id": "Cluster", 
  "properties": {
    "cluster_id": {
      "readonly": true, 
      "title": "UUID of the cluster", 
      "type": "string"
    }, 
    "config_version": {
      "readonly": true, 
      "title": "Cluster configuration version", 
      "type": "integer"
    }, 
    "nodes": {
      "items": {
        "$ref": "ClusterNode
      }, 
      "readonly": true, 
      "title": "Nodes in the cluster configuration", 
      "type": "array"
    }
  }, 
  "title": "Cluster configuration", 
  "type": "object"
}

ClusterGroupMemberStatus (type) 

{
  "additionalProperties": false, 
  "description": "This type contains the attributes and status of a group member.", 
  "id": "ClusterGroupMemberStatus", 
  "module_id": "Cluster", 
  "properties": {
    "member_fqdn": {
      "format": "hostname", 
      "readonly": true, 
      "title": "FQDN of the group member", 
      "type": "string"
    }, 
    "member_ip": {
      "format": "ip", 
      "readonly": true, 
      "title": "IP of the group member", 
      "type": "string"
    }, 
    "member_status": {
      "enum": [
        "UP", 
        "DOWN", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "title": "Status of the group member", 
      "type": "string"
    }, 
    "member_uuid": {
      "readonly": true, 
      "title": "UUID of the group member", 
      "type": "string"
    }
  }, 
  "title": "Status of a group member", 
  "type": "object"
}

ClusterGroupServiceLeader (type) 

{
  "additionalProperties": false, 
  "description": "Each cluster node entity provides multiple services. When working in a group, each service can elect a cluster node entity to be the leader of the service. Leader election helps in coordination of the service. The leader holds a renewable lease on the leadership for a fixed period of time. The lease version is incremented every time the leadership lease is renewed. This type contains the attributes of a leader.", 
  "id": "ClusterGroupServiceLeader", 
  "module_id": "Cluster", 
  "properties": {
    "leader_uuid": {
      "readonly": true, 
      "title": "Member UUID of the leader", 
      "type": "string"
    }, 
    "lease_version": {
      "readonly": true, 
      "title": "Number of times the lease has been renewed", 
      "type": "integer"
    }, 
    "service_name": {
      "readonly": true, 
      "title": "Name of the service", 
      "type": "string"
    }
  }, 
  "title": "Leader for a service of the group", 
  "type": "object"
}

ClusterGroupStatus (type) 

{
  "additionalProperties": false, 
  "description": "This type contains the attributes and status of a group.", 
  "id": "ClusterGroupStatus", 
  "module_id": "Cluster", 
  "properties": {
    "group_id": {
      "readonly": true, 
      "title": "UUID of the group", 
      "type": "string"
    }, 
    "group_status": {
      "enum": [
        "STABLE", 
        "DEGRADED", 
        "UNSTABLE", 
        "UNAVAILABLE"
      ], 
      "readonly": true, 
      "title": "Group status", 
      "type": "string"
    }, 
    "group_type": {
      "enum": [
        "MANAGER", 
        "CONTROLLER", 
        "POLICY", 
        "HTTPS", 
        "DATASTORE", 
        "CLUSTER_BOOT_MANAGER"
      ], 
      "readonly": true, 
      "title": "Type of the group", 
      "type": "string"
    }, 
    "leaders": {
      "items": {
        "$ref": "ClusterGroupServiceLeader
      }, 
      "readonly": true, 
      "title": "Array of group leaders and their attributes", 
      "type": "array"
    }, 
    "members": {
      "items": {
        "$ref": "ClusterGroupMemberStatus
      }, 
      "readonly": true, 
      "title": "Array of group members and their statuses", 
      "type": "array"
    }
  }, 
  "title": "Status of a group", 
  "type": "object"
}

ClusterInitializationNodeInfo (type) 

{
  "additionalProperties": false, 
  "description": "The type provides the information of a non-running cluster node required for the initialization of a management cluster. The administrator needs to start this node for management cluster to initialize properly (or decommission it explicitly).", 
  "id": "ClusterInitializationNodeInfo", 
  "module_id": "ClusterManagement", 
  "properties": {
    "disk_store_id": {
      "readonly": true, 
      "required": false, 
      "title": "The (internal) disk-store ID of the member", 
      "type": "string"
    }, 
    "host_address": {
      "readonly": true, 
      "title": "The IP address (or domain name) of the cluster node", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ClusterNode (type) 

{
  "additionalProperties": false, 
  "description": "This type contains attributes of a cluster node that are relevant to the Cluster Boot Manager.", 
  "id": "ClusterNode", 
  "module_id": "Cluster", 
  "properties": {
    "entities": {
      "items": {
        "$ref": "ClusterNodeEntity
      }, 
      "required": true, 
      "title": "Entities on the node", 
      "type": "array"
    }, 
    "node_uuid": {
      "required": true, 
      "title": "UUID of the node", 
      "type": "string"
    }, 
    "status": {
      "default": "REMOVED", 
      "enum": [
        "JOINING", 
        "JOINED", 
        "REMOVING", 
        "REMOVED"
      ], 
      "title": "Current clustering status of the node", 
      "type": "string"
    }
  }, 
  "title": "Cluster Node Properties", 
  "type": "object"
}

ClusterNodeConfig (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ClusterNodeConfig", 
  "module_id": "ClusterManagement", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "appliance_mgmt_listen_addr": {
      "readonly": true, 
      "title": "The IP and port for the appliance management API service on this node", 
      "type": "string"
    }, 
    "controller_role": {
      "$ref": "ControllerClusterRoleConfig, 
      "required": false
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "readonly": true, 
      "title": "Internal identifier provided by the node", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "manager_role": {
      "$ref": "ManagementClusterRoleConfig, 
      "required": false
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

ClusterNodeConfigListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ClusterNodeConfigListResult", 
  "module_id": "ClusterManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ClusterNodeConfig
      }, 
      "required": true, 
      "title": "Cluster node configuration results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ClusterNodeEntity (type) 

{
  "additionalProperties": false, 
  "description": "NSX Cluster is made up of multiple cluster nodes. Each node can perform multiple functions, commonly referred to as roles. Cluster node entities are processes running in a cluster node that assist in the performance of a role. Cluster Boot Manager is a daemon that securely bootstraps and configures the entities. This type contains attributes of a cluster node entity that are relevant to the Cluster Boot Manager.", 
  "id": "ClusterNodeEntity", 
  "module_id": "Cluster", 
  "properties": {
    "certificate": {
      "required": true, 
      "title": "Public certificate of the entity in PEM format", 
      "type": "string"
    }, 
    "entity_type": {
      "enum": [
        "MANAGER", 
        "CONTROLLER", 
        "POLICY", 
        "HTTPS", 
        "CLUSTER_BOOT_MANAGER", 
        "DATASTORE"
      ], 
      "required": true, 
      "title": "Type of the entity", 
      "type": "string"
    }, 
    "entity_uuid": {
      "required": true, 
      "title": "UUID of the entity", 
      "type": "string"
    }, 
    "fqdn": {
      "format": "hostname", 
      "required": false, 
      "title": "Domain name the entity binds to", 
      "type": "string"
    }, 
    "ip_address": {
      "required": false, 
      "title": "IP address the entity binds to", 
      "type": "string"
    }, 
    "port": {
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Port the entity binds to", 
      "type": "integer"
    }, 
    "subnet_prefix_length": {
      "maximum": 32, 
      "minimum": 0, 
      "required": false, 
      "title": "Subnet mask prefix length of the entity binds to", 
      "type": "integer"
    }
  }, 
  "title": "Cluster Node Entity Properties", 
  "type": "object"
}

ClusterNodeInfo (type) 

{
  "id": "ClusterNodeInfo", 
  "module_id": "ClusterManagement", 
  "properties": {
    "certificates": {
      "items": {
        "$ref": "NodeCertificateInfo
      }, 
      "title": "Certificate and thumbprint of all entities", 
      "type": "array"
    }, 
    "display_name": {
      "title": "The display name of this node", 
      "type": "string"
    }, 
    "entities": {
      "items": {
        "$ref": "NodeEntityInfo
      }, 
      "title": "Service endpoint of all entities", 
      "type": "array"
    }, 
    "fqdn": {
      "title": "The fqdn of this node", 
      "type": "string"
    }, 
    "msg_clients": {
      "items": {
        "$ref": "NodeMessagingClientInfo
      }, 
      "title": "Messaging client of all entities", 
      "type": "array"
    }, 
    "node_uuid": {
      "readonly": true, 
      "required": true, 
      "title": "Unique identifier of this node", 
      "type": "string"
    }, 
    "status": {
      "enum": [
        "JOINING", 
        "JOINED", 
        "REMOVING", 
        "REMOVED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Node clustering status", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ClusterNodeRole (type) 

{
  "description": "Enumerates the roles that can be specified in VM auto-deployment.", 
  "enum": [
    "CONTROLLER", 
    "MANAGER"
  ], 
  "id": "ClusterNodeRole", 
  "module_id": "ClusterNodeVMDeployment", 
  "title": "Cluster node role", 
  "type": "string"
}

ClusterNodeStatus (type) 

{
  "additionalProperties": false, 
  "id": "ClusterNodeStatus", 
  "module_id": "ClusterManagement", 
  "properties": {
    "control_cluster_status": {
      "$ref": "ControlClusterNodeStatus, 
      "readonly": true, 
      "title": "Clustering status for control plane functions on this node"
    }, 
    "mgmt_cluster_status": {
      "$ref": "ManagementClusterNodeStatus, 
      "readonly": true, 
      "title": "Clustering status for management plane functions on this node"
    }, 
    "system_status": {
      "$ref": "NodeStatusProperties, 
      "readonly": true, 
      "title": "Node status properties"
    }, 
    "version": {
      "readonly": true, 
      "title": "Software version running on node", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ClusterNodeVMDeletionParameters (type) 

{
  "description": "Parameters for deletion of a cluster node VM.", 
  "id": "ClusterNodeVMDeletionParameters", 
  "module_id": "ClusterNodeVMDeployment", 
  "properties": {
    "force_delete": {
      "description": "If true, the VM will be undeployed even if it cannot be removed from its cluster.", 
      "title": "Delete by force", 
      "type": "boolean"
    }
  }, 
  "title": "Parameters for DeleteAutoDeployedClusterNodeVM", 
  "type": "object"
}

ClusterNodeVMDeploymentConfig (type) 

{
  "description": "Contains info used to configure the VM on deployment", 
  "id": "ClusterNodeVMDeploymentConfig", 
  "module_id": "ClusterNodeVMDeployment", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "placement_type"
  }, 
  "properties": {
    "placement_type": {
      "description": "Specifies the config for the platform through which to deploy the VM", 
      "enum": [
        "VsphereClusterNodeVMDeploymentConfig"
      ], 
      "required": true, 
      "title": "Type of deployment", 
      "type": "string"
    }
  }, 
  "title": "Configuration for deploying cluster node VM", 
  "type": "object"
}

ClusterNodeVMDeploymentRequest (type) 

{
  "additionalProperties": false, 
  "description": "Contains the deployment information for a cluster node VM soon to be deployed or already deployed by the Manager", 
  "id": "ClusterNodeVMDeploymentRequest", 
  "module_id": "ClusterNodeVMDeployment", 
  "properties": {
    "deployment_config": {
      "$ref": "ClusterNodeVMDeploymentConfig, 
      "description": "Info needed to configure a cluster node VM at deployment for a specific platform. May require different parameters depending on the method used to deploy the VM.", 
      "required": true, 
      "title": "Deployment config for cluster node VM"
    }, 
    "form_factor": {
      "$ref": "ClusterNodeVMFormFactor, 
      "default": "MEDIUM", 
      "description": "Specifies the desired \"size\" of the VM", 
      "required": false, 
      "title": "Form factor for cluster node VMs"
    }, 
    "roles": {
      "description": "List of cluster node role (or roles) which the VM should take on. They specify what type (or types) of cluster node which the new VM should act as. Currently both CONTROLLER and MANAGER must be provided, since this permutation is the only one supported now.", 
      "items": {
        "$ref": "ClusterNodeRole
      }, 
      "required": true, 
      "title": "Cluster node roles of the VM", 
      "type": "array"
    }, 
    "user_settings": {
      "$ref": "NodeUserSettings, 
      "description": "Username and password settings for the cluster node VM. Passwords must be at least 12 characters in length and contain at least one lowercase, one uppercase, one numerical, and one special character. Note: These settings will be honored only during VM deployment. Post-deployment, CLI must be used for changing the user settings and changes to these parameters will not have any effect.", 
      "required": true, 
      "sensitive": true, 
      "title": "User settings for the VM"
    }, 
    "vm_id": {
      "description": "ID of the VM maintained internally and used to recognize it. Note: This is automatically generated and cannot be modified.", 
      "readonly": true, 
      "required": false, 
      "title": "ID of VM used to recognize it", 
      "type": "string"
    }
  }, 
  "title": "Info for an auto-deployment request", 
  "type": "object"
}

ClusterNodeVMDeploymentRequestList (type) 

{
  "additionalProperties": false, 
  "description": "List of ClusterNodeVMDeploymentRequests", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ClusterNodeVMDeploymentRequestList", 
  "module_id": "ClusterNodeVMDeployment", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of existing ClusterNodeVMDeploymentRequests", 
      "items": {
        "$ref": "ClusterNodeVMDeploymentRequest
      }, 
      "required": true, 
      "title": "Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "ClusterNodeVMDeploymentRequest list", 
  "type": "object"
}

ClusterNodeVMDeploymentStatusReport (type) 

{
  "description": "Contains up-to-date information relating to an auto-deployed VM, including its status and (potentially) an error message.", 
  "id": "ClusterNodeVMDeploymentStatusReport", 
  "module_id": "ClusterNodeVMDeployment", 
  "properties": {
    "failure_code": {
      "description": "In case of auto-deployment-related failure, the code for the error will be stored here.", 
      "required": false, 
      "title": "Error code for failure", 
      "type": "integer"
    }, 
    "failure_message": {
      "description": "In case of auto-deployment-related failure, an error message will be stored here.", 
      "required": false, 
      "title": "Error message for failure", 
      "type": "string"
    }, 
    "status": {
      "description": "Status of the addition or deletion of an auto-deployed cluster node VM.", 
      "enum": [
        "UNKNOWN_STATE", 
        "VM_DEPLOYMENT_QUEUED", 
        "VM_DEPLOYMENT_IN_PROGRESS", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_IN_PROGRESS", 
        "VM_POWER_ON_FAILED", 
        "WAITING_TO_REGISTER_VM", 
        "VM_REGISTRATION_FAILED", 
        "VM_WAITING_TO_CLUSTER", 
        "VM_WAITING_TO_COME_ONLINE", 
        "VM_ONLINE_FAILED", 
        "VM_CLUSTERING_IN_PROGRESS", 
        "VM_CLUSTERING_FAILED", 
        "VM_CLUSTERING_SUCCESSFUL", 
        "WAITING_TO_UNDEPLOY_VM", 
        "VM_DECLUSTER_IN_PROGRESS", 
        "VM_DECLUSTER_FAILED", 
        "VM_DECLUSTER_SUCCESSFUL", 
        "VM_POWER_OFF_IN_PROGRESS", 
        "VM_POWER_OFF_FAILED", 
        "VM_UNDEPLOY_IN_PROGRESS", 
        "VM_UNDEPLOY_FAILED", 
        "VM_UNDEPLOY_SUCCESSFUL"
      ], 
      "required": true, 
      "title": "Auto-deployed VM's deployment status", 
      "type": "string"
    }
  }, 
  "title": "Report of a VM's deployment status", 
  "type": "object"
}

ClusterNodeVMFormFactor (type) 

{
  "description": "Specifies the desired \"size\" of the VM. Affects number of virtual CPUs and/or memory size given to the new cluster node VM.", 
  "enum": [
    "SMALL", 
    "MEDIUM", 
    "LARGE"
  ], 
  "id": "ClusterNodeVMFormFactor", 
  "module_id": "ClusterNodeVMDeployment", 
  "title": "Supported VM form factor for cluster nodes", 
  "type": "string"
}

ClusterProfile (type) 

{
  "abstract": true, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ClusterProfile", 
  "module_id": "ClusterProfile", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "ClusterProfileType, 
      "help_summary": "The cluster profile type.", 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

ClusterProfileListParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "ClusterProfileListParameters", 
  "module_id": "ClusterProfile", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_system_owned": {
      "default": true, 
      "required": false, 
      "title": "Whether the list result contains system resources", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "resource_type": {
      "$ref": "ClusterProfileType, 
      "required": false, 
      "title": "Type of cluster profile"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "ClusterProfile List Parameters", 
  "type": "object"
}

ClusterProfileListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ClusterProfileListResult", 
  "module_id": "ClusterProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ClusterProfile
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Cluster Profile Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Cluster Profile queries result", 
  "type": "object"
}

ClusterProfileType (type) 

{
  "enum": [
    "EdgeHighAvailabilityProfile", 
    "BridgeHighAvailabilityClusterProfile"
  ], 
  "id": "ClusterProfileType", 
  "module_id": "ClusterProfile", 
  "title": "Supported cluster profiles.", 
  "type": "string"
}

ClusterProfileTypeIdEntry (type) 

{
  "id": "ClusterProfileTypeIdEntry", 
  "module_id": "ClusterProfile", 
  "properties": {
    "profile_id": {
      "description": "key value", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "ClusterProfileType
    }
  }, 
  "type": "object"
}

ClusterRestoreStatus (type) 

{
  "id": "ClusterRestoreStatus", 
  "module_id": "ClusterRestore", 
  "properties": {
    "backup_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "required": true, 
      "title": "Timestamp when backup was initiated in epoch millisecond"
    }, 
    "endpoints": {
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "required": true, 
      "title": "The list of allowed endpoints, based on the current state of\nthe restore process\n", 
      "type": "array"
    }, 
    "id": {
      "readonly": true, 
      "required": true, 
      "title": "Unique id for backup request", 
      "type": "string"
    }, 
    "instructions": {
      "items": {
        "$ref": "InstructionInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Instructions for users to reconcile Restore operations", 
      "type": "array"
    }, 
    "restore_end_time": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when restore was completed in epoch millisecond"
    }, 
    "restore_start_time": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when restore was started in epoch millisecond"
    }, 
    "status": {
      "$ref": "GlobalRestoreStatus
    }, 
    "step": {
      "$ref": "RestoreStep
    }, 
    "total_steps": {
      "readonly": true, 
      "required": true, 
      "title": "Total number of steps in the entire restore process", 
      "type": "integer"
    }
  }, 
  "title": "Cluster restore status", 
  "type": "object"
}

ClusterRoleConfig (type) 

{
  "additionalProperties": false, 
  "id": "ClusterRoleConfig", 
  "module_id": "ClusterManagement", 
  "properties": {
    "type": {
      "enum": [
        "ManagementClusterRoleConfig", 
        "ControllerClusterRoleConfig"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Type of this role configuration", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ClusterStatus (type) 

{
  "additionalProperties": false, 
  "id": "ClusterStatus", 
  "module_id": "ClusterManagement", 
  "properties": {
    "cluster_id": {
      "readonly": true, 
      "title": "Unique identifier of this cluster", 
      "type": "string"
    }, 
    "control_cluster_status": {
      "$ref": "ControllerClusterStatus, 
      "readonly": true, 
      "title": "The current status of the control cluster"
    }, 
    "mgmt_cluster_status": {
      "$ref": "ManagementClusterStatus, 
      "readonly": true, 
      "title": "The current status of the management cluster"
    }
  }, 
  "type": "object"
}

ClusterVirtualIpProperties (type) 

{
  "additionalProperties": false, 
  "id": "ClusterVirtualIpProperties", 
  "properties": {
    "ip_address": {
      "required": true, 
      "title": "Virtual IP address, 0.0.0.0 if not configured", 
      "type": "string"
    }
  }, 
  "title": "Cluster virtual IP properties", 
  "type": "object"
}

ClusteringConfig (type) 

{
  "description": "Configuration for automatically joining a cluster node to the cluster after it is deployed. ClusteringConfig is required if any of the deployment nodes has CONTROLLER role.", 
  "id": "ClusteringConfig", 
  "module_id": "ClusterNodeVMDeployment", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "clustering_type"
  }, 
  "properties": {
    "clustering_type": {
      "description": "Specifies the type of clustering config to be used.", 
      "enum": [
        "ControlClusteringConfig"
      ], 
      "required": true, 
      "title": "Type for the clustering config", 
      "type": "string"
    }
  }, 
  "title": "Configuration for VM's clustering", 
  "type": "object"
}

ClusteringInfo (type) 

{
  "description": "Clustering parameters for the controller cluster", 
  "id": "ClusteringInfo", 
  "module_id": "ClusterManagement", 
  "properties": {
    "join_to_existing_cluster": {
      "description": "Property to indicate if the node must join an existing cluster.", 
      "required": true, 
      "title": "True If the controller node should join an existing cluster", 
      "type": "boolean"
    }, 
    "shared_secret": {
      "description": "Shared secret of the cluster.", 
      "required": true, 
      "sensitive": true, 
      "title": "Shared Secret of the cluster", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ClusteringStatus (type) 

{
  "enum": [
    "CONNECTED", 
    "DISCONNECTED", 
    "UNKNOWN"
  ], 
  "id": "ClusteringStatus", 
  "module_id": "ClusterManagement", 
  "type": "string"
}

ClustersAggregateInfo (type) 

{
  "additionalProperties": false, 
  "id": "ClustersAggregateInfo", 
  "module_id": "ClusterManagement", 
  "properties": {
    "cluster_status": {
      "$ref": "AllClusterGroupStatus, 
      "title": "Status of all the cluster groups"
    }, 
    "controller_cluster": {
      "items": {
        "$ref": "ControllerNodeAggregateInfo
      }, 
      "required": true, 
      "title": "Array of Controller Nodes", 
      "type": "array"
    }, 
    "management_cluster": {
      "items": {
        "$ref": "ManagementNodeAggregateInfo
      }, 
      "required": true, 
      "title": "Array of Management Nodes", 
      "type": "array"
    }
  }, 
  "type": "object"
}

ColumnItem (type) 

{
  "additionalProperties": false, 
  "description": "Represents a column of the Grid", 
  "id": "ColumnItem", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "column_identifier": {
      "description": "Identifies the column and used for fetching content upon an user click or drilldown. If column identifier is not provided, the column's data will not participate in searches and drilldowns.", 
      "title": "Identifier for this column", 
      "type": "string"
    }, 
    "drilldown_id": {
      "description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget.", 
      "maxLength": 255, 
      "title": "Id of drilldown widget", 
      "type": "string"
    }, 
    "field": {
      "description": "Field from which values of the column will be derived.", 
      "maxLength": 1024, 
      "required": true, 
      "title": "Column Field", 
      "type": "string"
    }, 
    "hidden": {
      "default": false, 
      "description": "If set to true, hides the column", 
      "title": "Hide the column", 
      "type": "boolean"
    }, 
    "label": {
      "$ref": "Label, 
      "description": "Label of the column.", 
      "readonly": false, 
      "required": true, 
      "title": "Column Label"
    }, 
    "navigation": {
      "description": "Hyperlink of the specified UI page that provides details. If drilldown_id is provided, then navigation cannot be used.", 
      "maxLength": 1024, 
      "title": "Navigation to a specified UI page", 
      "type": "string"
    }, 
    "render_configuration": {
      "description": "Render configuration to be applied, if any.", 
      "items": {
        "$ref": "RenderConfiguration
      }, 
      "title": "Render Configuration", 
      "type": "array"
    }, 
    "sort_ascending": {
      "default": true, 
      "description": "If true, the value of the column are sorted in ascending order. Otherwise, in descending order.", 
      "title": "Represents order of sorting the values", 
      "type": "boolean"
    }, 
    "sort_key": {
      "description": "Sorting on column is based on the sort_key. sort_key represents the field in the output data on which sort is requested.", 
      "maxLength": 255, 
      "title": "Key for sorting on this column", 
      "type": "string"
    }, 
    "tooltip": {
      "description": "Multi-line text to be shown on tooltip while hovering over a cell in the grid.", 
      "items": {
        "$ref": "Tooltip
      }, 
      "title": "Multi-line tooltip", 
      "type": "array"
    }, 
    "type": {
      "default": "String", 
      "description": "Data type of the field.", 
      "enum": [
        "String", 
        "Number", 
        "Date"
      ], 
      "maxLength": 255, 
      "required": true, 
      "title": "Field data type", 
      "type": "string"
    }
  }, 
  "title": "Grid Column", 
  "type": "object"
}

CommunicationEntry (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "A communication entry indicates the action to be performed for various types of traffic flowing between workload groups. This type is deprecated. Use the type Rule instead.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "CommunicationEntry", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "action": {
      "description": "The action to be applied to all the services.", 
      "enum": [
        "ALLOW", 
        "DROP", 
        "REJECT"
      ], 
      "required": false, 
      "title": "Action", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destination_groups": {
      "description": "We need paths as duplicate names may exist for groups under different domains.In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Destination group paths", 
      "type": "array"
    }, 
    "direction": {
      "default": "IN_OUT", 
      "description": "Define direction of traffic.", 
      "enum": [
        "IN", 
        "OUT", 
        "IN_OUT"
      ], 
      "required": false, 
      "title": "Direction", 
      "type": "string"
    }, 
    "disabled": {
      "default": false, 
      "description": "Flag to disable the rule. Default is enabled.", 
      "readonly": false, 
      "required": false, 
      "title": "Flag to disable the rule", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logged": {
      "default": false, 
      "description": "Flag to enable packet logging. Default is disabled.", 
      "readonly": false, 
      "required": false, 
      "title": "Enable logging flag", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "notes": {
      "description": "Text for additional notes on changes.", 
      "required": false, 
      "title": "Text for additional notes on changes", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "scope": {
      "description": "The list of policy paths where the communication entry is applied Edge/LR/T0/T1/LRP/CGW/MGW/etc. Note that a given rule can be applied on multiple LRs/LRPs.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "type": "array"
    }, 
    "sequence_number": {
      "description": "This field is used to resolve conflicts between multiple CommunicationEntries under CommunicationMap for a Domain", 
      "required": false, 
      "title": "Sequence number of the this CommunicationEntry", 
      "type": "int"
    }, 
    "services": {
      "description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Names of services", 
      "type": "array"
    }, 
    "source_groups": {
      "description": "We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Source group paths", 
      "type": "array"
    }, 
    "tag": {
      "description": "User level field which will be printed in CLI and packet logs.", 
      "maxLength": 32, 
      "required": false, 
      "title": "Tag applied on the communication entry", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "A communication entry specifies the security policy between the workload groups", 
  "type": "object"
}

CommunicationEntryInsertParameters (type) (Deprecated) 

{
  "deprecated": true, 
  "description": "Parameters to let the admin specify a relative position of a communication entry w.r.t to another one in the same communication map. If the communication entry specified in the anchor_path belongs to another communication map an error will be thrown This type is deprecated. Use the type RuleInsertParameters instead.", 
  "extends": {
    "$ref": "CommunicationInsertParameters
  }, 
  "id": "CommunicationEntryInsertParameters", 
  "module_id": "Policy", 
  "properties": {
    "anchor_path": {
      "required": false, 
      "title": "The communication map/communication entry path if operation is\n'insert_after' or 'insert_before'\n", 
      "type": "string"
    }, 
    "operation": {
      "default": "insert_top", 
      "enum": [
        "insert_top", 
        "insert_bottom", 
        "insert_after", 
        "insert_before"
      ], 
      "required": false, 
      "title": "Operation", 
      "type": "string"
    }
  }, 
  "title": "Parameters to tell where communication entry needs to be placed", 
  "type": "object"
}

CommunicationEntryListRequestParameters (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "This type is deprecated. Use the type RuleListRequestParameters instead.", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "CommunicationEntryListRequestParameters", 
  "module_id": "Policy", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "CommunicationEntry list request parameters", 
  "type": "object"
}

CommunicationEntryListResult (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "This type is deprecated. Use the type RuleListResult instead.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "CommunicationEntryListResult", 
  "module_id": "Policy", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "CommunicationEntry
      }, 
      "required": true, 
      "title": "CommunicationEntry list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of CommunicationEntries", 
  "type": "object"
}

CommunicationInsertParameters (type) (Deprecated) 

{
  "deprecated": true, 
  "description": "Parameters to let the admin specify a relative position of a communication map or communication entry w.r.t to another one. This type is deprecated. Use the type RuleInsertParameters instead.", 
  "id": "CommunicationInsertParameters", 
  "module_id": "Policy", 
  "properties": {
    "anchor_path": {
      "required": false, 
      "title": "The communication map/communication entry path if operation is\n'insert_after' or 'insert_before'\n", 
      "type": "string"
    }, 
    "operation": {
      "default": "insert_top", 
      "enum": [
        "insert_top", 
        "insert_bottom", 
        "insert_after", 
        "insert_before"
      ], 
      "required": false, 
      "title": "Operation", 
      "type": "string"
    }
  }, 
  "title": "Parameters to tell where communication map/communication entry\nneeds to be placed\n", 
  "type": "object"
}

CommunicationMap (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Ordered list of CommunicationEntries. This object is created by default along with the Domain. This type is deprecated. Use the type SecurityPolicy instead.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "CommunicationMap", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "category": {
      "description": "- Distributed Firewall - Policy framework for Distributed Firewall provides four pre-defined categories for classifying a communication map. They are \"Emergency\", \"Infrastructure\", \"Environment\" and \"Application\". Amongst the layer 3 communication maps,there is a pre-determined order in which the policy framework manages the priority of these communication maps. Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a communication  map into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four layer 3 categories.", 
      "required": false, 
      "title": "A way to classify a communication map, if needed.", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "communication_entries": {
      "items": {
        "$ref": "CommunicationEntry
      }, 
      "required": false, 
      "title": "CommunicationEntries that are a part of this CommunicationMap", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "precedence": {
      "description": "This field is used to resolve conflicts between communication maps across domains. In order to change the precedence of a communication map one can fire a POST request on the communication map entity with a query parameter action=revise The precedence field will reflect the value of the computed precedence upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several communication maps, the only way to set the precedence is to explicitly specify the precedence number for each communication map.", 
      "title": "Precedence to resolve conflicts across Domains", 
      "type": "int"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Contains ordered list of CommunicationEntries", 
  "type": "object"
}

CommunicationMapInsertParameters (type) (Deprecated) 

{
  "deprecated": true, 
  "description": "Parameters to let the admin specify a relative position of a communication map w.r.t to another one. This type is deprecated. Use the type SecurityPolicyInsertParameters instead.", 
  "extends": {
    "$ref": "CommunicationInsertParameters
  }, 
  "id": "CommunicationMapInsertParameters", 
  "module_id": "Policy", 
  "properties": {
    "anchor_path": {
      "required": false, 
      "title": "The communication map/communication entry path if operation is\n'insert_after' or 'insert_before'\n", 
      "type": "string"
    }, 
    "operation": {
      "default": "insert_top", 
      "enum": [
        "insert_top", 
        "insert_bottom", 
        "insert_after", 
        "insert_before"
      ], 
      "required": false, 
      "title": "Operation", 
      "type": "string"
    }
  }, 
  "title": "Parameters to tell where communication map needs to be placed", 
  "type": "object"
}

CommunicationMapListRequestParameters (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "This type is deprecated. Use the type SecurityPolicyListRequestParameters instead.", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "CommunicationMapListRequestParameters", 
  "module_id": "Policy", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "CommunicationMap list request parameters", 
  "type": "object"
}

CommunicationMapListResult (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "This type is deprecated. Use the type SecurityPolicyListResult instead.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "CommunicationMapListResult", 
  "module_id": "Policy", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "CommunicationMap
      }, 
      "required": true, 
      "title": "CommunicationMap list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Communication map", 
  "type": "object"
}

CommunityList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "CommunityList", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "communities": {
      "description": "List of BGP community entries. Both standard and large communities are supported. Standard community format: aa:nn where aa and nn must be within the range [1 - 65536]. Large BGP Community format: aa:bb:nn where aa (Global Administrator), bb  (Local Data Part 1) and nn (Local Data Part 2) must be within the range [1 - 4294967295]. In additon to numbered communites (e.g. 3356:2040), predefined communities (NO_EXPORT, NO_ADVERTISE, NO_EXPORT_SUBCONFED) are supported.", 
      "items": {
        "type": "string"
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "List of BGP community entries", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Community list for BGP routing configuration", 
  "type": "object"
}

CommunityListListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "CommunityListListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "CommunityList
      }, 
      "required": true, 
      "title": "CommunityList results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of CommunityLists", 
  "type": "object"
}

CommunityMatchCriteria (type) 

{
  "additionalProperties": false, 
  "id": "CommunityMatchCriteria", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "criteria": {
      "description": "Match criteria specified as a community list path or a regular expression.", 
      "required": true, 
      "title": "Match criteria based on community list path or a regular expression", 
      "type": "string"
    }, 
    "match_operator": {
      "description": "Match operator for community list entries. Not valid when a regular expression is specified for criteria.", 
      "enum": [
        "MATCH_ANY", 
        "MATCH_ALL", 
        "MATCH_EXACT", 
        "MATCH_COMMUNITY_REGEX", 
        "MATCH_LARGE_COMMUNITY_REGEX"
      ], 
      "required": false, 
      "title": "Match operator for community list entries", 
      "type": "string"
    }
  }, 
  "title": "Match criteria based on a community list", 
  "type": "object"
}

CommunityMatchExpression (type) 

{
  "additionalProperties": false, 
  "id": "CommunityMatchExpression", 
  "module_id": "Routing", 
  "properties": {
    "expression": {
      "items": {
        "$ref": "CommunityMatchOperation
      }, 
      "required": true, 
      "title": "Array of community match operations", 
      "type": "array"
    }, 
    "operator": {
      "description": "Operator for evaluating community match expressions. AND logical AND operator", 
      "enum": [
        "AND"
      ], 
      "readonly": true, 
      "title": "Operator", 
      "type": "string"
    }
  }, 
  "title": "Community match expression", 
  "type": "object"
}

CommunityMatchOperation (type) 

{
  "additionalProperties": false, 
  "id": "CommunityMatchOperation", 
  "module_id": "Routing", 
  "properties": {
    "community_list_id": {
      "description": "ID of BGP community list. This value is not required when match_operator is MATCH_REGEX otherwise required.", 
      "title": "Community list id", 
      "type": "string"
    }, 
    "match_operator": {
      "default": "MATCH_ANY", 
      "description": "Match operator for communities from provided community list id. MATCH_ANY will match any community MATCH_ALL will match all communities MATCH_EXACT will do exact match on community MATCH_NONE [operator not supported] will not match any community MATCH_REGEX will match normal communities by evaluating regular expression MATCH_LARGE_COMMUNITY_REGEX will match large communities by evaluating regular expression", 
      "enum": [
        "MATCH_ANY", 
        "MATCH_ALL", 
        "MATCH_EXACT", 
        "MATCH_NONE", 
        "MATCH_REGEX", 
        "MATCH_LARGE_COMMUNITY_REGEX"
      ], 
      "title": "Match operator", 
      "type": "string"
    }, 
    "regular_expression": {
      "description": "Regular expression to match BGP communities. If match_operator is MATCH_REGEX then this value must be specified.", 
      "title": "Regular expression", 
      "type": "string"
    }
  }, 
  "title": "Community match operation", 
  "type": "object"
}

ComponentMigrationStatus (type) 

{
  "additionalProperties": false, 
  "id": "ComponentMigrationStatus", 
  "module_id": "Migration", 
  "properties": {
    "can_skip": {
      "readonly": true, 
      "required": false, 
      "title": "Can the migration of the remaining units in this component be skipped", 
      "type": "boolean"
    }, 
    "component_type": {
      "readonly": true, 
      "required": false, 
      "title": "Component type for the migration status", 
      "type": "string"
    }, 
    "details": {
      "readonly": true, 
      "required": false, 
      "title": "Details about the migration status", 
      "type": "string"
    }, 
    "percent_complete": {
      "readonly": true, 
      "required": true, 
      "title": "Indicator of migration progress in percentage", 
      "type": "number"
    }, 
    "status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Migration status of component", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ComponentTargetVersion (type) 

{
  "id": "ComponentTargetVersion", 
  "module_id": "Migration", 
  "properties": {
    "component_type": {
      "readonly": true, 
      "required": true, 
      "type": "string"
    }, 
    "target_version": {
      "readonly": true, 
      "required": true, 
      "type": "string"
    }
  }, 
  "type": "object"
}

ComponentTypeListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "ComponentTypeListRequestParameters", 
  "module_id": "Upgrade", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": false, 
      "title": "Component type on which the action is performed or on which the results are filtered", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ComponentUpgradeChecksInfo (type) 

{
  "additionalProperties": false, 
  "description": "Meta-data of pre/post-upgrade checks for a component", 
  "id": "ComponentUpgradeChecksInfo", 
  "module_id": "Upgrade", 
  "properties": {
    "component_type": {
      "description": "Component type of the pre/post-upgrade checks", 
      "readonly": false, 
      "required": true, 
      "title": "Component type", 
      "type": "string"
    }, 
    "post_upgrade_checks_info": {
      "items": {
        "$ref": "UpgradeCheckInfo
      }, 
      "required": false, 
      "title": "Collection of post-upgrade checks", 
      "type": "array"
    }, 
    "pre_upgrade_checks_info": {
      "items": {
        "$ref": "UpgradeCheckInfo
      }, 
      "required": false, 
      "title": "Collection of pre-upgrade checks", 
      "type": "array"
    }
  }, 
  "title": "Meta-data of pre/post-upgrade checks for a component", 
  "type": "object"
}

ComponentUpgradeChecksInfoListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ComponentUpgradeChecksInfoListResult", 
  "module_id": "Upgrade", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ComponentUpgradeChecksInfo
      }, 
      "required": true, 
      "title": "Collection of info of pre/post-upgrade checks for components", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ComponentUpgradeStatus (type) 

{
  "additionalProperties": false, 
  "id": "ComponentUpgradeStatus", 
  "module_id": "Upgrade", 
  "properties": {
    "can_skip": {
      "readonly": true, 
      "required": false, 
      "title": "Can the upgrade of the remaining units in this component be skipped", 
      "type": "boolean"
    }, 
    "component_type": {
      "readonly": true, 
      "required": false, 
      "title": "Component type for the upgrade status", 
      "type": "string"
    }, 
    "current_version_node_summary": {
      "$ref": "NodeSummaryList, 
      "readonly": true, 
      "required": false, 
      "title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
    }, 
    "details": {
      "readonly": true, 
      "required": false, 
      "title": "Details about the upgrade status", 
      "type": "string"
    }, 
    "node_count_at_target_version": {
      "description": "Number of nodes of the type and at the component version", 
      "readonly": true, 
      "required": false, 
      "title": "Count of nodes at target component vrin", 
      "type": "int"
    }, 
    "percent_complete": {
      "readonly": true, 
      "required": true, 
      "title": "Indicator of upgrade progress in percentage", 
      "type": "number"
    }, 
    "pre_upgrade_status": {
      "$ref": "UpgradeChecksExecutionStatus, 
      "readonly": true, 
      "required": false, 
      "title": "Pre-upgrade status of the component-type"
    }, 
    "status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSING", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Upgrade status of component", 
      "type": "string"
    }, 
    "target_component_version": {
      "readonly": true, 
      "required": false, 
      "title": "Target component version", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ComputeClusterIdfwConfiguration (type) 

{
  "additionalProperties": false, 
  "description": "Idfw configuration for enable/disable idfw on cluster level.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "ComputeClusterIdfwConfiguration", 
  "module_id": "PolicyFirewallConfiguration", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "cluster_idfw_enabled": {
      "description": "If set to true, idfw is enabled for this cluster", 
      "readonly": false, 
      "required": true, 
      "title": "Idfw enabled flag", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "member": {
      "$ref": "PolicyResourceReference, 
      "description": "Contains actual policy resource reference object", 
      "required": true, 
      "title": "PolicyResourceReference"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Compute cluster idfw configuration", 
  "type": "object"
}

ComputeClusterIdfwConfigurationListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "ComputeClusterIdfwConfigurationListRequestParameters", 
  "module_id": "PolicyFirewallConfiguration", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Compute cluster idfw configuration request parameters", 
  "type": "object"
}

ComputeClusterIdfwConfigurationListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ComputeClusterIdfwConfigurationListResult", 
  "module_id": "PolicyFirewallConfiguration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ComputeClusterIdfwConfiguration
      }, 
      "required": true, 
      "title": "Compute cluster wise identity firewall configuration list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of compute cluster idfw configuration", 
  "type": "object"
}

ComputeCollection (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "ComputeCollection", 
  "module_id": "InventoryCmObj", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cm_local_id": {
      "readonly": true, 
      "required": true, 
      "title": "Local Id of the compute collection in the Compute Manager", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "readonly": true, 
      "required": true, 
      "title": "External ID of the ComputeCollection in the source Compute manager,\ne.g. mo-ref in VC\n", 
      "type": "string"
    }, 
    "origin_id": {
      "readonly": true, 
      "required": true, 
      "title": "Id of the compute manager from where this Compute Collection was discovered", 
      "type": "string"
    }, 
    "origin_properties": {
      "items": {
        "$ref": "KeyValuePair
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Key-Value map of additional specific properties of\ncompute collection in the Compute Manager\n", 
      "type": "array"
    }, 
    "origin_type": {
      "readonly": true, 
      "required": true, 
      "title": "ComputeCollection type like VC_Cluster. Here the Compute Manager\ntype prefix would help in differentiating similar named Compute\nCollection types from different Compute Managers\n", 
      "type": "string"
    }, 
    "owner_id": {
      "readonly": true, 
      "required": false, 
      "title": "Id of the owner of compute collection in the Compute Manager", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

ComputeCollectionAction (type) 

{
  "additionalProperties": false, 
  "id": "ComputeCollectionAction", 
  "module_id": "ComputeCollectionDeployment", 
  "properties": {
    "action": {
      "description": "For Compute collection, the supported actions are removeNSX.", 
      "enum": [
        "remove_nsx"
      ], 
      "title": "Supported actions on compute-collection", 
      "type": "string"
    }
  }, 
  "title": "Compute collection action parameters", 
  "type": "object"
}

ComputeCollectionFabricTemplate (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ComputeCollectionFabricTemplate", 
  "module_id": "ComputeCollectionHostPrepFabricService", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "auto_install_nsx": {
      "description": "Indicates whether NSX components should be automcatically installed. When 'true' NSX components will be automatically installed on the new host added to compute collection.", 
      "required": true, 
      "title": "Flag to enable/disable automatic install of NSX components", 
      "type": "boolean"
    }, 
    "compute_collection_id": {
      "required": true, 
      "title": "Associated compute collection id", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Compute collection fabric template", 
  "type": "object"
}

ComputeCollectionFabricTemplateListParameters (type) 

{
  "additionalProperties": false, 
  "id": "ComputeCollectionFabricTemplateListParameters", 
  "module_id": "ComputeCollectionHostPrepFabricService", 
  "properties": {
    "compute_collection_id": {
      "required": false, 
      "title": "Compute collection id", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ComputeCollectionFabricTemplateListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ComputeCollectionFabricTemplateListResult", 
  "module_id": "ComputeCollectionHostPrepFabricService", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ComputeCollectionFabricTemplate
      }, 
      "readonly": true, 
      "title": "List of compute collection fabric template", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of compute collection fabric template", 
  "type": "object"
}

ComputeCollectionListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "ComputeCollectionListRequestParameters", 
  "module_id": "InventoryCmObj", 
  "properties": {
    "cm_local_id": {
      "required": false, 
      "title": "Local Id of the compute collection in the Compute Manager", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "discovered_node_id": {
      "required": false, 
      "title": "Id of the discovered node which belongs to this Compute Collection\n", 
      "type": "string"
    }, 
    "display_name": {
      "required": false, 
      "title": "Name of the ComputeCollection in source compute manager", 
      "type": "string"
    }, 
    "external_id": {
      "required": false, 
      "title": "External ID of the ComputeCollection in the source Compute manager,\ne.g. mo-ref in VC\n", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "node_id": {
      "required": false, 
      "title": "Id of the fabric node created from a discovered node belonging to\nthis Compute Collection\n", 
      "type": "string"
    }, 
    "origin_id": {
      "required": false, 
      "title": "Id of the compute manager from where this Compute Collection was discovered", 
      "type": "string"
    }, 
    "origin_type": {
      "required": false, 
      "title": "ComputeCollection type like VC_Cluster. Here the Compute Manager\ntype prefix would help in differentiating similar named Compute\nCollection types from different Compute Managers\n", 
      "type": "string"
    }, 
    "owner_id": {
      "required": false, 
      "title": "Id of the owner of compute collection in the Compute Manager", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Compute Collection list parameters", 
  "type": "object"
}

ComputeCollectionListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ComputeCollectionListResult", 
  "module_id": "InventoryCmObj", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ComputeCollection
      }, 
      "required": true, 
      "title": "Compute Collection list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Compute Collection list result", 
  "type": "object"
}

ComputeCollectionNetworkInterfacesListResult (type) 

{
  "description": "List of network interfaces for all discovered nodes in compute collection", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ComputeCollectionNetworkInterfacesListResult", 
  "module_id": "InventoryCmObj", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of discovered node with network interfaces", 
      "items": {
        "$ref": "DiscoveredNodeNetworkInterfaces
      }, 
      "required": true, 
      "title": "Discovered node network interfaces", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "ComputeCollection Interfaces List Result", 
  "type": "object"
}

ComputeCollectionTransportNodeTemplate (type) (Deprecated) 

{
  "deprecated": true, 
  "description": "Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ComputeCollectionTransportNodeTemplate", 
  "module_id": "TransportNode", 
  "nsx_feature": "AutoTn", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "compute_collection_ids": {
      "items": {
        "title": "Compute collection id", 
        "type": "string"
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "Associated compute collection ids", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "host_switch_spec": {
      "$ref": "HostSwitchSpec, 
      "description": "Property 'host_switch_spec' can be used to create either standard host switch or preconfigured host switch.", 
      "required": false, 
      "title": "Transport node host switch specification"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "network_migration_spec_ids": {
      "description": "Property 'network_migration_spec_ids' should only be used for compute collections which are clusters in VMware vCenter. Currently only HostProfileNetworkMigrationSpec type is supported. This specification will only apply to Stateless ESX hosts which are under this vCenter cluster.", 
      "items": {
        "$ref": "NetworkMigrationSpecTypeIdEntry
      }, 
      "maxItems": 1, 
      "nsx_feature": "HostProfileSupport", 
      "title": "Id(s) of Network migration specifications to be linked to compute collections", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_zone_endpoints": {
      "items": {
        "$ref": "TransportZoneEndPoint
      }, 
      "required": false, 
      "title": "Transport zone endpoints", 
      "type": "array"
    }
  }, 
  "title": "Compute collection transport node template", 
  "type": "object"
}

ComputeCollectionTransportNodeTemplateState (type) (Deprecated) 

{
  "deprecated": true, 
  "description": "Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.", 
  "id": "ComputeCollectionTransportNodeTemplateState", 
  "module_id": "TransportNode", 
  "nsx_feature": "AutoTn", 
  "properties": {
    "compute_collection_id": {
      "readonly": true, 
      "title": "Associated compute collection id", 
      "type": "string"
    }, 
    "template_states": {
      "items": {
        "$ref": "TransportNodeTemplateState
      }, 
      "readonly": true, 
      "title": "Transport node template states in compute collection", 
      "type": "array"
    }
  }, 
  "title": "Transport node state per compute collection", 
  "type": "object"
}

ComputeCollectionTransportNodeTemplateStateList (type) (Deprecated) 

{
  "deprecated": true, 
  "description": "Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ComputeCollectionTransportNodeTemplateStateList", 
  "module_id": "TransportNode", 
  "nsx_feature": "AutoTn", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ComputeCollectionTransportNodeTemplateState
      }, 
      "readonly": true, 
      "required": false, 
      "title": "State list per compute collection", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Transport node creation state list", 
  "type": "object"
}

ComputeInstanceErrorMessage (type) 

{
  "additionalProperties": false, 
  "description": "Stores an error ID and error message", 
  "id": "ComputeInstanceErrorMessage", 
  "module_id": "CloudVirtualMachineInformation", 
  "properties": {
    "detailed_message": {
      "description": "Error message string to indicate, if it is NSX or cloud operation generated error.", 
      "readonly": true, 
      "required": true, 
      "title": "Error details", 
      "type": "string"
    }, 
    "error_id": {
      "readonly": true, 
      "required": true, 
      "title": "An error ID contract obtained from PCM", 
      "type": "integer"
    }
  }, 
  "title": "Compute Instance Error Message", 
  "type": "object"
}

ComputeManager (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ComputeManager", 
  "module_id": "InventoryCmObj", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "credential": {
      "$ref": "LoginCredential, 
      "readonly": false, 
      "required": false, 
      "title": "Login credentials for the compute manager"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "origin_properties": {
      "items": {
        "$ref": "KeyValuePair
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Key-Value map of additional specific properties of compute manager", 
      "type": "array"
    }, 
    "origin_type": {
      "readonly": false, 
      "required": true, 
      "title": "Compute manager type like vCenter", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "server": {
      "format": "hostname-or-ip", 
      "readonly": false, 
      "required": true, 
      "title": "IP address or hostname of compute manager", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

ComputeManagerListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "ComputeManagerListRequestParameters", 
  "module_id": "InventoryCmObj", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "origin_type": {
      "readonly": false, 
      "required": false, 
      "title": "Compute manager type like vCenter", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "server": {
      "format": "hostname-or-ip", 
      "readonly": false, 
      "required": false, 
      "title": "IP address or hostname of compute manager", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Compute manager list parameters", 
  "type": "object"
}

ComputeManagerListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ComputeManagerListResult", 
  "module_id": "InventoryCmObj", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ComputeManager
      }, 
      "required": true, 
      "title": "List of compute managers", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of compute managers", 
  "type": "object"
}

ComputeManagerStatus (type) 

{
  "additionalProperties": false, 
  "id": "ComputeManagerStatus", 
  "module_id": "InventoryCmObj", 
  "properties": {
    "connection_errors": {
      "help_detail": "Errors will be cleared after successful connection", 
      "items": {
        "$ref": "ErrorInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Errors when connecting with compute manager", 
      "type": "array"
    }, 
    "connection_status": {
      "enum": [
        "UP", 
        "DOWN", 
        "CONNECTING"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Status of connection with the compute manager", 
      "type": "string"
    }, 
    "connection_status_details": {
      "help_detail": "Details, if any, about the current status of the connection with the compute manager", 
      "readonly": true, 
      "required": false, 
      "title": "Details about connection status", 
      "type": "string"
    }, 
    "last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp of the last successful update of Inventory, in epoch milliseconds."
    }, 
    "registration_errors": {
      "help_detail": "Errors will be cleared after successful registration", 
      "items": {
        "$ref": "ErrorInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Errors when registering with compute manager", 
      "type": "array"
    }, 
    "registration_status": {
      "enum": [
        "REGISTERED", 
        "UNREGISTERED", 
        "REGISTERING"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Registration status of compute manager", 
      "type": "string"
    }, 
    "version": {
      "readonly": true, 
      "required": false, 
      "title": "Version of the compute manager", 
      "type": "string"
    }
  }, 
  "title": "Runtime status information of the compute manager", 
  "type": "object"
}

Condition (type) 

{
  "additionalProperties": false, 
  "description": "Represents the leaf level condition.", 
  "extends": {
    "$ref": "Expression
  }, 
  "id": "Condition", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "Condition"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "key": {
      "enum": [
        "Tag", 
        "Name", 
        "OSName", 
        "ComputerName"
      ], 
      "required": true, 
      "title": "Key", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "member_type": {
      "enum": [
        "IPSet", 
        "VirtualMachine", 
        "LogicalPort", 
        "LogicalSwitch", 
        "Segment", 
        "SegmentPort"
      ], 
      "required": true, 
      "title": "Group member type", 
      "type": "string"
    }, 
    "operator": {
      "enum": [
        "EQUALS", 
        "CONTAINS", 
        "STARTSWITH", 
        "ENDSWITH", 
        "NOTEQUALS"
      ], 
      "required": true, 
      "title": "operator", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "Condition", 
        "ConjunctionOperator", 
        "NestedExpression", 
        "IPAddressExpression", 
        "MACAddressExpression", 
        "ExternalIDExpression", 
        "PathExpression", 
        "IdentityGroupExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "value": {
      "minLength": 1, 
      "required": true, 
      "title": "Value", 
      "type": "string"
    }
  }, 
  "title": "Represents the leaf level condition", 
  "type": "object"
}

ConditionalForwarderZone (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ForwarderZone
  }, 
  "id": "ConditionalForwarderZone", 
  "module_id": "DnsForwarder", 
  "properties": {
    "domain_names": {
      "description": "A forwarder domain name should be a valid FQDN. If reverse lookup is needed for this zone, reverse lookup domain name like X.in-addr.arpa can be defined. Here the X represents a subnet.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 100, 
      "minItems": 1, 
      "required": true, 
      "title": "Domain names of a forwarder zone", 
      "type": "array"
    }, 
    "source_ip": {
      "$ref": "IPv4Address, 
      "description": "The source ip used by the fowarder of the zone. If no source ip specified, the ip address of listener of the DNS forwarder will be used.", 
      "required": false, 
      "title": "Source ip of the forwarder"
    }, 
    "upstream_servers": {
      "description": "Ip address of the upstream DNS servers the DNS forwarder accesses.", 
      "items": {
        "$ref": "IPv4Address
      }, 
      "maxItems": 3, 
      "minItems": 1, 
      "required": true, 
      "title": "Ips of upsteam DNS servers", 
      "type": "array"
    }
  }, 
  "type": "object"
}

ConditionalValueConstraintExpression (type) 

{
  "additionalProperties": false, 
  "description": "Represents the leaf level expression to restrict the target attribute value based on the set of existing values. Generally, used in combination with RelatedAttributeConditionalExpression to constraint the values related to another attribute on the same resource. This object is always used in conjunction with some exression. Example - {   \"condition\" : {       \"operator\":\"INCLUDES\",       \"rhs_value\": [\"/infra/domains/mgw/groups/VCENTER\", \"/infra/domains/mgw/groups/SRM\", \"/infra/domains/mgw/groups/NSX\"],       \"value_constraint\": {           \"resource_type\": \"ValueConstraintExpression\",           \"operator\":\"EXCLUDES\",           \"values\":[\"/infra/domains/mgw/groups/VCENTER\", \"/infra/domains/mgw/groups/SRM\", \"/infra/domains/mgw/groups/NSX\"]   } }", 
  "id": "ConditionalValueConstraintExpression", 
  "module_id": "PolicyConstraints", 
  "properties": {
    "operator": {
      "enum": [
        "INCLUDES", 
        "EXCLUDES", 
        "EQUALS"
      ], 
      "required": true, 
      "title": "Set operation to constraint values.", 
      "type": "string"
    }, 
    "rhs_value": {
      "description": "List of values.", 
      "items": {
        "type": "string"
      }, 
      "required": true, 
      "title": "Array of values to perform operation.", 
      "type": "array"
    }, 
    "value_constraint": {
      "$ref": "ValueConstraintExpression, 
      "description": "Values to apply the conditional constraint on target.", 
      "required": true, 
      "title": "Value Constraint"
    }
  }, 
  "title": "Represents the leaf level conditional value constraint.", 
  "type": "object"
}

ConfigState (type) 

{
  "additionalProperties": false, 
  "description": "Configuration State.", 
  "enum": [
    "SUCCESS", 
    "IN_PROGRESS", 
    "ERROR", 
    "UNKNOWN", 
    "UNINITIALIZED"
  ], 
  "id": "ConfigState", 
  "module_id": "PolicyRealizedState", 
  "title": "Config State", 
  "type": "string"
}

ConfigurationState (type) 

{
  "id": "ConfigurationState", 
  "module_id": "Common", 
  "properties": {
    "details": {
      "items": {
        "$ref": "ConfigurationStateElement
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Array of configuration state of various sub systems", 
      "type": "array"
    }, 
    "failure_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code", 
      "type": "integer"
    }, 
    "failure_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message in case of failure", 
      "type": "string"
    }, 
    "state": {
      "description": "Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.", 
      "enum": [
        "pending", 
        "in_progress", 
        "success", 
        "failed", 
        "partial_success", 
        "orphaned", 
        "unknown", 
        "error", 
        "NOT_AVAILABLE", 
        "VM_DEPLOYMENT_QUEUED", 
        "VM_DEPLOYMENT_IN_PROGRESS", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_IN_PROGRESS", 
        "VM_POWER_ON_FAILED", 
        "REGISTRATION_PENDING", 
        "NODE_NOT_READY", 
        "NODE_READY", 
        "VM_POWER_OFF_IN_PROGRESS", 
        "VM_POWER_OFF_FAILED", 
        "VM_UNDEPLOY_IN_PROGRESS", 
        "VM_UNDEPLOY_FAILED", 
        "VM_UNDEPLOY_SUCCESSFUL", 
        "EDGE_CONFIG_ERROR", 
        "VM_DEPLOYMENT_RESTARTED", 
        "REGISTRATION_FAILED", 
        "TRANSPORT_NODE_SYNC_PENDING", 
        "TRANSPORT_NODE_CONFIGURATION_MISSING", 
        "EDGE_HARDWARE_NOT_SUPPORTED", 
        "MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED", 
        "TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER", 
        "TZ_ENDPOINTS_NOT_SPECIFIED", 
        "NO_PNIC_PREPARED_IN_EDGE", 
        "APPLIANCE_INTERNAL_ERROR", 
        "VTEP_DHCP_NOT_SUPPORTED", 
        "UNSUPPORTED_HOST_SWITCH_PROFILE", 
        "UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED", 
        "HOSTSWITCH_PROFILE_NOT_FOUND", 
        "LLDP_SEND_ENABLED_NOT_SUPPORTED", 
        "UNSUPPORTED_NAMED_TEAMING_POLICY", 
        "LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM", 
        "LACP_NOT_SUPPORTED_FOR_EDGE_VM", 
        "STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM", 
        "MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE", 
        "UNSUPPORTED_LACP_LB_ALGO_FOR_NODE", 
        "EDGE_NODE_VERSION_NOT_SUPPORTED", 
        "NO_PNIC_SPECIFIED_IN_TN", 
        "INVALID_PNIC_DEVICE_NAME", 
        "TRANSPORT_NODE_READY", 
        "VM_NETWORK_EDIT_PENDING", 
        "UNSUPPORTED_DEFAULT_TEAMING_POLICY", 
        "MPA_DISCONNECTED", 
        "VM_RENAME_PENDING", 
        "VM_CONFIG_EDIT_PENDING", 
        "VM_NETWORK_EDIT_FAILED", 
        "VM_RENAME_FAILED", 
        "VM_CONFIG_EDIT_FAILED", 
        "VM_CONFIG_DISCREPANCY", 
        "VM_NODE_REFRESH_FAILED", 
        "VM_PLACEMENT_REFRESH_FAILED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Overall state of desired configuration", 
      "type": "string"
    }
  }, 
  "title": "Describes status of configuration of an entity", 
  "type": "object"
}

ConfigurationStateElement (type) 

{
  "id": "ConfigurationStateElement", 
  "module_id": "Common", 
  "properties": {
    "failure_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code", 
      "type": "integer"
    }, 
    "failure_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message in case of failure", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "in_progress", 
        "success", 
        "failed", 
        "partial_success", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_FAILED", 
        "VM_POWER_OFF_FAILED", 
        "VM_UNDEPLOY_FAILED", 
        "EDGE_CONFIG_ERROR", 
        "REGISTRATION_FAILED", 
        "TRANSPORT_NODE_CONFIGURATION_MISSING", 
        "EDGE_HARDWARE_NOT_SUPPORTED", 
        "MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED", 
        "TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER", 
        "TZ_ENDPOINTS_NOT_SPECIFIED", 
        "NO_PNIC_PREPARED_IN_EDGE", 
        "APPLIANCE_INTERNAL_ERROR", 
        "VTEP_DHCP_NOT_SUPPORTED", 
        "UNSUPPORTED_HOST_SWITCH_PROFILE", 
        "UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED", 
        "HOSTSWITCH_PROFILE_NOT_FOUND", 
        "LLDP_SEND_ENABLED_NOT_SUPPORTED", 
        "UNSUPPORTED_NAMED_TEAMING_POLICY", 
        "LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM", 
        "LACP_NOT_SUPPORTED_FOR_EDGE_VM", 
        "STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM", 
        "MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE", 
        "UNSUPPORTED_LACP_LB_ALGO_FOR_NODE", 
        "EDGE_NODE_VERSION_NOT_SUPPORTED", 
        "NO_PNIC_SPECIFIED_IN_TN", 
        "INVALID_PNIC_DEVICE_NAME", 
        "UNSUPPORTED_DEFAULT_TEAMING_POLICY", 
        "MPA_DISCONNECTED", 
        "VM_NETWORK_EDIT_PENDING", 
        "VM_RENAME_PENDING", 
        "VM_CONFIG_EDIT_PENDING", 
        "VM_NETWORK_EDIT_FAILED", 
        "VM_RENAME_FAILED", 
        "VM_CONFIG_EDIT_FAILED", 
        "VM_CONFIG_DISCREPANCY", 
        "VM_NODE_REFRESH_FAILED", 
        "VM_PLACEMENT_REFRESH_FAILED", 
        "NOT_AVAILABLE", 
        "pending", 
        "orphaned", 
        "unknown", 
        "error"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "State of configuration on this sub system", 
      "type": "string"
    }, 
    "sub_system_address": {
      "readonly": true, 
      "required": false, 
      "title": "URI of backing resource on sub system", 
      "type": "string"
    }, 
    "sub_system_id": {
      "readonly": true, 
      "required": false, 
      "title": "Identifier of backing resource on sub system", 
      "type": "string"
    }, 
    "sub_system_type": {
      "readonly": true, 
      "required": false, 
      "title": "Type of backing resource on sub system", 
      "type": "string"
    }
  }, 
  "title": "Describes status of configuration of an entity", 
  "type": "object"
}

ConjunctionOperator (type) 

{
  "additionalProperties": false, 
  "description": "Represents the operators AND or OR.", 
  "extends": {
    "$ref": "Expression
  }, 
  "id": "ConjunctionOperator", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ConjunctionOperator"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "conjunction_operator": {
      "enum": [
        "OR", 
        "AND"
      ], 
      "required": true, 
      "title": "Conjunction Operator Node", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "Condition", 
        "ConjunctionOperator", 
        "NestedExpression", 
        "IPAddressExpression", 
        "MACAddressExpression", 
        "ExternalIDExpression", 
        "PathExpression", 
        "IdentityGroupExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Represents the operators AND or OR", 
  "type": "object"
}

ConnectivityAdvancedConfig (type) 

{
  "additionalProperties": false, 
  "id": "ConnectivityAdvancedConfig", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "connectivity": {
      "default": "ON", 
      "description": "Connectivity configuration to manually connect (ON) or disconnect (OFF) a logical entity from network topology.", 
      "enum": [
        "ON", 
        "OFF"
      ], 
      "required": false, 
      "title": "Connectivity configuration", 
      "type": "string"
    }
  }, 
  "title": "Advanced configuration for Policy connectivity", 
  "type": "object"
}

ConsolidatedRealizedStatus (type) 

{
  "additionalProperties": false, 
  "description": "Consolidated Realized Status of an intent object across enforcement points.", 
  "extends": {
    "$ref": "AggregatePolicyRuntimeInfo
  }, 
  "id": "ConsolidatedRealizedStatus", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "consolidated_status": {
      "$ref": "ConsolidatedStatus, 
      "description": "Consolidated Realized Status across enforcement points.", 
      "readonly": true, 
      "title": "Consolidated Realized Status"
    }, 
    "consolidated_status_per_enforcement_point": {
      "description": "List of Consolidated Realized Status per enforcement point.", 
      "items": {
        "$ref": "ConsolidatedStatusPerEnforcementPoint
      }, 
      "readonly": true, 
      "title": "List of Consolidated Realized Status per Enforcement Point", 
      "type": "array"
    }, 
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }
  }, 
  "title": "Consolidated Realized Status for an Intent Object", 
  "type": "object"
}

ConsolidatedStatus (type) 

{
  "additionalProperties": false, 
  "description": "Consolidated Status of an intent object. Status Consolidation of an intent happens at multiple levels: - Per Enforcement Point: calculation of the consolidated status is performed using all realized entities that the intent objet maps to on a specific enforcement point. - Across Enforcement Points: calculation of the consolidated status is performend aggregating the consolidated status from each enforcement point.", 
  "id": "ConsolidatedStatus", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "consolidated_status": {
      "$ref": "ConfigState, 
      "description": "Consolidated Realized Status of an intent object.", 
      "readonly": true, 
      "title": "Consolidated Realized Status"
    }
  }, 
  "title": "Consolidated Status", 
  "type": "object"
}

ConsolidatedStatusPerEnforcementPoint (type) 

{
  "additionalProperties": false, 
  "description": "Consolidated Realized Status Per Enforcement Point.", 
  "extends": {
    "$ref": "PolicyRuntimeInfoPerEP
  }, 
  "id": "ConsolidatedStatusPerEnforcementPoint", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "consolidated_status": {
      "$ref": "ConsolidatedStatus, 
      "description": "Consolidated Realized Status of an Intent object per enforcement point.", 
      "readonly": true, 
      "title": "Consolidated Realized Status"
    }, 
    "enforcement_point_id": {
      "description": "Enforcement Point Id.", 
      "readonly": true, 
      "title": "Enforcement Point Id", 
      "type": "string"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }
  }, 
  "title": "Consolidated Realized Status Per Enforcement Point", 
  "type": "object"
}

ConstantFieldValue (type) 

{
  "additionalProperties": false, 
  "description": "Constant Field Value.", 
  "extends": {
    "$ref": "FieldSettingValue
  }, 
  "id": "ConstantFieldValue", 
  "module_id": "PolicyReaction", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ConstantFieldValue"
  }, 
  "properties": {
    "constant": {
      "description": "Constant Value that the field must be set to.", 
      "title": "Constant Value", 
      "type": "object"
    }, 
    "resource_type": {
      "description": "Field Setting Value resource type.", 
      "enum": [
        "ConstantFieldValue"
      ], 
      "required": true, 
      "title": "Resource Type", 
      "type": "string"
    }
  }, 
  "title": "Constant Field Value", 
  "type": "object"
}

Constraint (type) 

{
  "additionalProperties": false, 
  "description": "Constraint object to constraint any attribute on a resource based on specified expression. Example- Restrict the allowed services in Edge Communication Entry to list of  services, if the destinationGroups contain vCenter. {   \"target\":{      \"target_resource_type\":\"CommunicationEntry\",      \"attribute\":\"services\",      \"path_prefix\":\"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries\"   }   \"constraint_expression\":{     \"related_attribute\":{       \"attribute\":\"destinationGroups\"     }     \"condition\":{       \"operator\":\"INCLUDES\",       \"rhs_value\":{\"vCenter\"}       \"value_constraint\":{           \"operator\":\"ALLOW\",           \"values\":{\"/ref/services/HTTPS\", \"/ref/services/HTTOP\", ...}      }     }   } }", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Constraint", 
  "module_id": "PolicyConstraints", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "constraint_expression": {
      "$ref": "ConstraintExpression, 
      "required": true, 
      "title": "Expression to constrain the target attribute value."
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "message": {
      "required": false, 
      "title": "User friendly message to be shown to users upon violation.", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "target": {
      "$ref": "ConstraintTarget, 
      "required": true, 
      "title": "Target resource attribute details."
    }
  }, 
  "title": "Constraint definition.", 
  "type": "object"
}

ConstraintExpression (type) 

{
  "abstract": true, 
  "description": "All the types of the expression extend from this abstract class. This is present for extensibility.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ConstraintExpression", 
  "module_id": "PolicyConstraints", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "ValueConstraintExpression", 
        "RelatedAttributeConditionalExpression", 
        "EntityInstanceCountConstraintExpression", 
        "FieldSanityConstraintExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Base class for constraint expression", 
  "type": "object"
}

ConstraintListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ConstraintListResult", 
  "module_id": "PolicyConstraints", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Constraint
      }, 
      "required": true, 
      "title": "Constraint list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Constraints", 
  "type": "object"
}

ConstraintTarget (type) 

{
  "additionalProperties": false, 
  "description": "Resource attribute on which constraint should be applied. Example - sourceGroups attribute of Edge CommunicationEntry to be   restricted, is given as:   {      \"target_resource_type\":\"CommunicationEntry\",      \"attribute\":\"sourceGroups\",      \"path_prefix\":\"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries\"   }", 
  "id": "ConstraintTarget", 
  "module_id": "PolicyConstraints", 
  "properties": {
    "attribute": {
      "required": false, 
      "title": "Attribute name of the target entity.", 
      "type": "string"
    }, 
    "path_prefix": {
      "required": false, 
      "title": "Path prefix of the entity to apply constraint.\nThis is required to further disambiguiate if multiple policy entities\nshare the same resource type.\nExample - Edge FW and DFW use the same resource type CommunicationMap,\nCommunicationEntry, Group, etc.\n", 
      "type": "string"
    }, 
    "target_resource_type": {
      "required": true, 
      "title": "Resource type of the target entity.", 
      "type": "string"
    }
  }, 
  "title": "Resource attribute on which constraint should be applied.", 
  "type": "object"
}

ContainerApplication (type) 

{
  "description": "Container application within a project.", 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "ContainerApplication", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "container_cluster_id": {
      "description": "Identifier of the container cluster this container application belongs to.", 
      "readonly": true, 
      "required": false, 
      "title": "Identifier of the container cluster", 
      "type": "string"
    }, 
    "container_project_id": {
      "description": "Identifier of the project which this container application belongs to.", 
      "readonly": false, 
      "required": false, 
      "title": "Identifier of the project", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "description": "Identifier of the container application on container cluster e.g. PCF app id, k8s service id.", 
      "readonly": false, 
      "required": true, 
      "title": "External identifier of the container application", 
      "type": "string"
    }, 
    "origin_properties": {
      "description": "Array of additional specific properties of container application in key-value format.", 
      "items": {
        "$ref": "KeyValuePair
      }, 
      "readonly": false, 
      "required": false, 
      "title": "Origin properties", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "status": {
      "description": "Status of the container application.", 
      "enum": [
        "UNKNOWN", 
        "HEALTHY", 
        "UP", 
        "DOWN", 
        "DEGRADED"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Status of the container application", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Container application within a project", 
  "type": "object"
}

ContainerApplicationInstance (type) 

{
  "description": "Container application instance within a project.", 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "ContainerApplicationInstance", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cluster_node_id": {
      "description": "Cluster node id where application instance is running.", 
      "readonly": false, 
      "required": false, 
      "title": "Cluster node id", 
      "type": "string"
    }, 
    "container_application_ids": {
      "description": "List of identifiers of the container application.", 
      "items": {
        "type": "string"
      }, 
      "readonly": false, 
      "required": false, 
      "title": "Identifiers of the container application", 
      "type": "array"
    }, 
    "container_cluster_id": {
      "description": "Identifier of the container cluster this application instance belongs to.", 
      "readonly": true, 
      "required": false, 
      "title": "Identifier of the container cluster", 
      "type": "string"
    }, 
    "container_project_id": {
      "description": "Identifier of the container project which this container application instance belongs to.", 
      "readonly": false, 
      "required": false, 
      "title": "Identifier of the project", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "description": "Identifier of the container application instance on container cluster.", 
      "readonly": false, 
      "required": true, 
      "title": "External identifier of the container application instance", 
      "type": "string"
    }, 
    "origin_properties": {
      "description": "Array of additional specific properties of container application instance in key-value format.", 
      "items": {
        "$ref": "KeyValuePair
      }, 
      "readonly": false, 
      "required": false, 
      "title": "Origin properties", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "status": {
      "description": "Status of the container application instance.", 
      "enum": [
        "UNKNOWN", 
        "HEALTHY", 
        "UP", 
        "DOWN", 
        "DEGRADED"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Status of the container application instance", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Container Application Instance", 
  "type": "object"
}

ContainerApplicationInstanceListRequestParameters (type) 

{
  "description": "Request object, containing multiple properties, based on which the result will be filtered. None or multiple properties can be passed as filter criteria. If multiple properties are passed then result will be the intersection of the resultsets by applying each filter individually.", 
  "extends": {
    "$ref": "ContainerObjectsListRequestParameters
  }, 
  "id": "ContainerApplicationInstanceListRequestParameters", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "container_application_id": {
      "description": "Identifier of the container application.", 
      "readonly": false, 
      "required": false, 
      "title": "Identifier of the container application", 
      "type": "string"
    }, 
    "container_cluster_id": {
      "description": "Identifier of the container cluster.", 
      "readonly": false, 
      "required": false, 
      "title": "Identifier of the container cluster", 
      "type": "string"
    }, 
    "container_project_id": {
      "description": "Identifier of the container project.", 
      "readonly": false, 
      "required": false, 
      "title": "Identifier of the container project", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Container application instance list parameters", 
  "type": "object"
}

ContainerApplicationInstanceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ContainerApplicationInstanceListResult", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ContainerApplicationInstance
      }, 
      "required": true, 
      "title": "List of Container Applications", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ContainerApplicationListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ContainerApplicationListResult", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ContainerApplication
      }, 
      "required": true, 
      "title": "List of Container Applications", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ContainerCluster (type) 

{
  "description": "Details of container cluster.", 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "ContainerCluster", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cluster_type": {
      "description": "Type of the container cluster. In case of creating container cluster first time, it is expected to pass the valid cluster-type. In case of update, if there is no change in cluster-type, then this field can be omitted in the request.", 
      "enum": [
        "PAS", 
        "PKS", 
        "Kubernetes", 
        "Openshift", 
        "WCP", 
        "Other"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Type of the container cluster", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "description": "External identifier of the container cluster.", 
      "readonly": false, 
      "required": false, 
      "title": "External identifier of the container cluster", 
      "type": "string"
    }, 
    "infrastructure": {
      "$ref": "ContainerInfrastructureInfo, 
      "description": "Details of underlying infrastructure that hosts the container cluster. In case of creating container cluster first time, it is expected to pass the valid infrastructure. In case of update, if there is no change in cluster-type, then this field can be omitted in the request.", 
      "readonly": false, 
      "required": false, 
      "title": "Details of infrastructure for the container cluster"
    }, 
    "origin_properties": {
      "description": "Array of additional specific properties of container cluster in key-value format.", 
      "items": {
        "$ref": "KeyValuePair
      }, 
      "readonly": false, 
      "required": false, 
      "title": "Origin properties", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Container cluster", 
  "type": "object"
}

ContainerClusterFilterParameters (type) 

{
  "description": "Request object, containing multiple properties, based on which the result will be filtered. None or multiple properties can be passed as filter criteria. If multiple properties are passed then result will be the intersection of the resultsets by applying each filter individually.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "ContainerClusterFilterParameters", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "container_cluster_id": {
      "description": "Identifier of the container cluster.", 
      "readonly": false, 
      "required": false, 
      "title": "Identifier of the container cluster", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Container cluster filter parameter", 
  "type": "object"
}

ContainerClusterListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ContainerClusterListResult", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ContainerCluster
      }, 
      "required": true, 
      "title": "List of Container Clusters", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ContainerClusterNode (type) 

{
  "description": "Details of container cluster node i.e. container host.", 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "ContainerClusterNode", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "container_cluster_id": {
      "description": "External identifier of the container cluster.", 
      "readonly": false, 
      "required": false, 
      "title": "External identifier of the container cluster", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "description": "External identifier of the container cluster node in K8S/PAS.", 
      "readonly": false, 
      "required": true, 
      "title": "External identifier of the container cluster node", 
      "type": "string"
    }, 
    "origin_properties": {
      "description": "Array of additional specific properties of container cluster node in key-value format.", 
      "items": {
        "$ref": "KeyValuePair
      }, 
      "readonly": false, 
      "required": false, 
      "title": "Origin properties", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Container cluster node", 
  "type": "object"
}

ContainerClusterNodeListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ContainerClusterNodeListResult", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ContainerClusterNode
      }, 
      "required": true, 
      "title": "List of container cluster nodes", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ContainerClusterPropertiesFilterParameters (type) 

{
  "description": "Request object, containing multiple cluster properties, based on which the result will be filtered. None or multiple properties can be passed as filter criteria. If multiple properties are passed then result will be the intersection of the resultsets by applying each filter individually.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "ContainerClusterPropertiesFilterParameters", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "cluster_type": {
      "description": "This is the type of container cluster.", 
      "enum": [
        "PAS", 
        "PKS", 
        "Kubernetes", 
        "Openshift", 
        "WCP", 
        "Other"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Type of container cluster", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "infra_type": {
      "description": "This is the type of container's infrastructure.", 
      "enum": [
        "vSphere", 
        "AWS", 
        "Azure", 
        "VMC", 
        "KVM", 
        "Baremetal"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Type of infrastructure", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Container cluster filter parameter by cluster properties", 
  "type": "object"
}

ContainerConfiguration (type) 

{
  "additionalProperties": false, 
  "description": "Represents a container to group widgets that belong to a common category or have a common purpose.", 
  "extends": {
    "$ref": "WidgetConfiguration
  }, 
  "id": "ContainerConfiguration", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ContainerConfiguration"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "datasources": {
      "description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.", 
      "items": {
        "$ref": "Datasource
      }, 
      "minItems": 0, 
      "title": "Array of Datasource Instances with their relative urls", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.", 
      "maxLength": 255, 
      "title": "Widget Title", 
      "type": "string"
    }, 
    "drilldown_id": {
      "description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.", 
      "maxLength": 255, 
      "title": "Id of drilldown widget", 
      "type": "string"
    }, 
    "footer": {
      "$ref": "Footer
    }, 
    "icons": {
      "description": "Icons to be applied at dashboard for widgets and UI elements.", 
      "items": {
        "$ref": "Icon
      }, 
      "title": "Icons", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_drilldown": {
      "default": false, 
      "description": "Set to true if this widget should be used as a drilldown.", 
      "title": "Set as a drilldown widget", 
      "type": "boolean"
    }, 
    "labels": {
      "description": "Labels for the container.", 
      "items": {
        "$ref": "Label
      }, 
      "minItems": 0, 
      "title": "Labels", 
      "type": "array"
    }, 
    "layout": {
      "$ref": "Layout, 
      "description": "Layout of widgets can be either vertical or horizontal. If layout is not specified a default horizontal layout is applied.", 
      "title": "Layout of widgets inside container"
    }, 
    "legend": {
      "$ref": "Legend, 
      "description": "Legend to be displayed. If legend is not needed, do not include it.", 
      "title": "Legend for the widget"
    }, 
    "navigation": {
      "description": "Hyperlink of the specified UI page that provides details.", 
      "maxLength": 1024, 
      "title": "Navigation to a specified UI page", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration and ContainerConfiguration.", 
      "enum": [
        "LabelValueConfiguration", 
        "DonutConfiguration", 
        "MultiWidgetConfiguration", 
        "ContainerConfiguration", 
        "StatsConfiguration", 
        "GridConfiguration", 
        "GraphConfiguration"
      ], 
      "maxLength": 255, 
      "readonly": true, 
      "required": true, 
      "title": "Widget visualization type", 
      "type": "string"
    }, 
    "shared": {
      "deprecated": true, 
      "description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.", 
      "title": "Visiblity of widgets to other users", 
      "type": "boolean"
    }, 
    "span": {
      "default": 2, 
      "description": "Represents the horizontal span of the container.", 
      "title": "Number of widgets to be held in this container horizontally", 
      "type": "int"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "weight": {
      "deprecated": true, 
      "description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.", 
      "title": "Weightage or placement of the widget or container", 
      "type": "int"
    }, 
    "widgets": {
      "description": "If not specified, creates an empty container.", 
      "items": {
        "$ref": "WidgetItem
      }, 
      "minItems": 0, 
      "title": "Widgets held by the container", 
      "type": "array"
    }
  }, 
  "title": "Container that holds widgets", 
  "type": "object"
}

ContainerInfrastructureInfo (type) 

{
  "description": "Details of infrastructure hosting the container cluster e.g. vSphere, AWS, VMC etc..", 
  "id": "ContainerInfrastructureInfo", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "infra_type": {
      "description": "Type of the infrastructure.", 
      "enum": [
        "vSphere", 
        "AWS", 
        "Azure", 
        "VMC", 
        "KVM", 
        "Baremetal"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Type of the infrastructure", 
      "type": "string"
    }
  }, 
  "title": "Details of container infrastructure", 
  "type": "object"
}

ContainerIngressPolicy (type) 

{
  "description": "Details of Container Ingress Policy.", 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "ContainerIngressPolicy", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "container_cluster_id": {
      "description": "Identifier of the container cluster this ingress policy belongs to.", 
      "readonly": false, 
      "required": false, 
      "title": "Identifier of the container cluster", 
      "type": "string"
    }, 
    "container_project_id": {
      "description": "Identifier of the project which this container ingress belongs to.", 
      "readonly": false, 
      "required": false, 
      "title": "Identifier of the project", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "description": "Identifier of the container ingress policy.", 
      "readonly": false, 
      "required": true, 
      "title": "External identifier of the container ingress policy", 
      "type": "string"
    }, 
    "origin_properties": {
      "description": "Array of additional specific properties of container ingress in key-value format.", 
      "items": {
        "$ref": "KeyValuePair
      }, 
      "readonly": false, 
      "required": false, 
      "title": "Origin properties", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "spec": {
      "description": "Container ingress policy specification.", 
      "readonly": false, 
      "required": false, 
      "title": "Container ingress policy specification", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Container Ingress Policy", 
  "type": "object"
}

ContainerIngressPolicyListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ContainerIngressPolicyListResult", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ContainerIngressPolicy
      }, 
      "required": true, 
      "title": "List of Container Ingress Policy specs", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ContainerNetworkPolicy (type) 

{
  "description": "Network policy applied to container.", 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "ContainerNetworkPolicy", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "container_cluster_id": {
      "description": "Identifier of the container cluster this network policy belongs to.", 
      "readonly": false, 
      "required": false, 
      "title": "Identifier of the container cluster", 
      "type": "string"
    }, 
    "container_project_id": {
      "description": "Identifier of the project which this network policy belongs to.", 
      "readonly": false, 
      "required": false, 
      "title": "Identifier of the project", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "description": "Identifier of the container network policy.", 
      "readonly": false, 
      "required": true, 
      "title": "External identifier of the container network policy", 
      "type": "string"
    }, 
    "origin_properties": {
      "description": "Array of additional specific properties of container network policy in key-value format.", 
      "items": {
        "$ref": "KeyValuePair
      }, 
      "readonly": false, 
      "required": false, 
      "title": "Origin properties", 
      "type": "array"
    }, 
    "policy_type": {
      "description": "Type e.g. Network Policy, ASG.", 
      "enum": [
        "NETWORK_POLICY", 
        "ASG"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Type", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "spec": {
      "description": "Container network policy specification.", 
      "readonly": false, 
      "required": false, 
      "title": "Container network policy specification", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Container Network Policy", 
  "type": "object"
}

ContainerNetworkPolicyListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ContainerNetworkPolicyListResult", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ContainerNetworkPolicy
      }, 
      "required": true, 
      "title": "List of Container Network Policy specs", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ContainerObjectsListRequestParameters (type) 

{
  "description": "Request object, containing multiple properties, based on which the result will be filtered. None or multiple properties can be passed as filter criteria. If multiple properties are passed then result will be the intersection of the resultsets by applying each filter individually.", 
  "extends": {
    "$ref": "ContainerClusterFilterParameters
  }, 
  "id": "ContainerObjectsListRequestParameters", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "container_cluster_id": {
      "description": "Identifier of the container cluster.", 
      "readonly": false, 
      "required": false, 
      "title": "Identifier of the container cluster", 
      "type": "string"
    }, 
    "container_project_id": {
      "description": "Identifier of the container project.", 
      "readonly": false, 
      "required": false, 
      "title": "Identifier of the container project", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Container objects list parameters", 
  "type": "object"
}

ContainerProject (type) 

{
  "description": "Details of org/namespace within a container cluster.", 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "ContainerProject", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "container_cluster_id": {
      "description": "Identifier of the container cluster to which this project/namespace belongs.", 
      "readonly": false, 
      "required": false, 
      "title": "Identifier of the container cluster", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "description": "External identifier of the container project.", 
      "readonly": false, 
      "required": true, 
      "title": "External identifier of the container project", 
      "type": "string"
    }, 
    "origin_properties": {
      "description": "Array of additional specific properties of container project in key-value format.", 
      "items": {
        "$ref": "KeyValuePair
      }, 
      "readonly": false, 
      "required": false, 
      "title": "Origin properties", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Container project within a container cluster", 
  "type": "object"
}

ContainerProjectListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ContainerProjectListResult", 
  "module_id": "InventoryContainerObj", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ContainerProject
      }, 
      "required": true, 
      "title": "List of projects", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ContentFilterValue (type) 

{
  "enum": [
    "ALL", 
    "DEFAULT"
  ], 
  "id": "ContentFilterValue", 
  "title": "Support bundle content filter allowed values", 
  "type": "string"
}

ContinueMigrationRequestParameters (type) 

{
  "additionalProperties": false, 
  "id": "ContinueMigrationRequestParameters", 
  "module_id": "Migration", 
  "properties": {
    "skip": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Skip to migration of next component.", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

ContinueRequestParameters (type) 

{
  "additionalProperties": false, 
  "id": "ContinueRequestParameters", 
  "module_id": "Upgrade", 
  "properties": {
    "component_type": {
      "description": "Hints NSX to upgrade a specific component.", 
      "readonly": false, 
      "required": false, 
      "title": "Component to upgrade.", 
      "type": "string"
    }, 
    "skip": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Skip to upgrade of next component.", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

ControlClusterNodeStatus (type) 

{
  "additionalProperties": false, 
  "id": "ControlClusterNodeStatus", 
  "module_id": "ClusterManagement", 
  "properties": {
    "control_cluster_status": {
      "$ref": "ClusteringStatus, 
      "readonly": true, 
      "title": "Status of this node's connection to the control cluster"
    }, 
    "mgmt_connection_status": {
      "$ref": "MgmtConnStatus, 
      "readonly": true, 
      "title": "Status of this node's management plane connection"
    }
  }, 
  "type": "object"
}

ControlClusteringConfig (type) 

{
  "description": "Config for joining cluster nodes VMs to a control cluster", 
  "extends": {
    "$ref": "ClusteringConfig
  }, 
  "id": "ControlClusteringConfig", 
  "module_id": "ClusterNodeVMDeployment", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ControlClusteringConfig"
  }, 
  "properties": {
    "clustering_type": {
      "description": "Specifies the type of clustering config to be used.", 
      "enum": [
        "ControlClusteringConfig"
      ], 
      "required": true, 
      "title": "Type for the clustering config", 
      "type": "string"
    }, 
    "join_to_existing_cluster": {
      "description": "Specifies whether or not the cluster node VM should try to join to the existing control cluster or initialize a new one. Only required in uncertainty case, i.e. when there are manually- deployed controllers that are registered but not connected to the cluster and no auto-deployed controllers are part of the cluster.", 
      "required": false, 
      "title": "Flag to identify the type of clustering", 
      "type": "boolean"
    }, 
    "shared_secret": {
      "description": "Shared secret to be used when joining the cluster node VM to a control cluster or for initializing a new cluster with the VM. Must contain at least 4 unique characters and be at least 6 characters long.", 
      "required": true, 
      "sensitive": true, 
      "title": "Cluster's shared secret", 
      "type": "string"
    }
  }, 
  "title": "Clustering config for joining control cluster", 
  "type": "object"
}

ControlConnStatus (type) 

{
  "id": "ControlConnStatus", 
  "module_id": "FabricNode", 
  "properties": {
    "control_node_ip": {
      "readonly": true, 
      "required": true, 
      "title": "IP address of the control Node.", 
      "type": "string"
    }, 
    "failure_status": {
      "enum": [
        "CONNECTION_REFUSED", 
        "INCOMPLETE_HOST_CERT", 
        "INCOMPLETE_CONTROLLER_CERT", 
        "CONTROLLER_REJECTED_HOST_CERT", 
        "HOST_REJECTED_CONTROLLER_CERT", 
        "KEEP_ALIVE_TIMEOUT", 
        "OTHER_SSL_ERROR", 
        "OTHER_ERROR"
      ], 
      "help_detail": "CONNECTION_REFUSED \"Connection refused by control node\"\nINCOMPLETE_HOST_CERT \"Incomplete host certificate\"\nINCOMPLETE_CONTROLLER_CERT \"Incomplete controller certificate\"\nCONTROLLER_REJECTED_HOST_CERT \"Controller rejected host certificate\"\nHOST_REJECTED_CONTROLLER_CERT \"Host rejected controller certificate\"\nKEEP_ALIVE_TIMEOUT \"Keep alive timeout\"\nOTHER_SSL_ERROR \"Other ssl error\"\nOTHER_ERROR \"Other error\".\n", 
      "readonly": true, 
      "required": false, 
      "title": "Failure status of the control Node for e.g CONNECTION_REFUSED,INCOMPLETE_HOST_CERT.", 
      "type": "string"
    }, 
    "status": {
      "enum": [
        "UP", 
        "DOWN"
      ], 
      "help_detail": "UP \"Control node is up\"\nDown \"Control node is down\".\n", 
      "readonly": true, 
      "required": true, 
      "title": "Status of the control Node for e.g  UP, DOWN.", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ControllerClusterRoleConfig (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ClusterRoleConfig
  }, 
  "id": "ControllerClusterRoleConfig", 
  "module_id": "ClusterManagement", 
  "properties": {
    "control_cluster_listen_addr": {
      "$ref": "ServiceEndpoint, 
      "readonly": true, 
      "title": "The IP and port for the control cluster service on this node"
    }, 
    "control_plane_listen_addr": {
      "$ref": "ServiceEndpoint, 
      "readonly": true, 
      "title": "The IP and port for the control plane service on this node"
    }, 
    "host_msg_client_info": {
      "$ref": "MsgClientInfo
    }, 
    "mpa_msg_client_info": {
      "$ref": "MsgClientInfo
    }, 
    "type": {
      "enum": [
        "ManagementClusterRoleConfig", 
        "ControllerClusterRoleConfig"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Type of this role configuration", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ControllerClusterStatus (type) 

{
  "additionalProperties": false, 
  "id": "ControllerClusterStatus", 
  "module_id": "ClusterManagement", 
  "properties": {
    "status": {
      "enum": [
        "NO_CONTROLLERS", 
        "UNSTABLE", 
        "DEGRADED", 
        "STABLE", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "title": "The current status of the controller cluster", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ControllerNodeAggregateInfo (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "BaseNodeAggregateInfo
  }, 
  "id": "ControllerNodeAggregateInfo", 
  "module_id": "ClusterManagement", 
  "properties": {
    "display_name": {
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "readonly": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "node_interface_properties": {
      "items": {
        "$ref": "NodeInterfaceProperties
      }, 
      "readonly": true, 
      "title": "Array of Node interface statistic properties", 
      "type": "array"
    }, 
    "node_interface_statistics": {
      "items": {
        "$ref": "NodeInterfaceStatisticsProperties
      }, 
      "readonly": true, 
      "title": "Array of Node network interface statistic properties", 
      "type": "array"
    }, 
    "node_status": {
      "$ref": "ClusterNodeStatus, 
      "readonly": true
    }, 
    "node_status_properties": {
      "items": {
        "$ref": "NodeStatusProperties
      }, 
      "title": "Time series of the node's system properties", 
      "type": "array"
    }, 
    "role_config": {
      "$ref": "ControllerClusterRoleConfig, 
      "readonly": true
    }
  }, 
  "type": "object"
}

ControllerProfilerProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "ControllerProfilerProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "enabled": {
      "description": "True for enabling controller profiler, False for disabling controller profiler.", 
      "type": "boolean"
    }
  }, 
  "title": "Controller profiler properties", 
  "type": "object"
}

CookiePersistenceModeType (type) 

{
  "additionalProperties": false, 
  "description": "If the persistence cookie is found in the incoming request, value of the cookie is used to identify the server that this request should be sent to. If the cookie is not found, then the server selection algorithm is used to select a new server to handle that request. Three different modes of cookie persistence are supported: insert, prefix and rewrite. In cookie insert mode, a cookie is inserted by load balancer in the HTTP response going from server to client. In cookie prefix and rewrite modes, server controls the cookie and load balancer only manipulates the value of the cookie. In prefix mode, server's cookie value is prepended with the server IP and port and then sent to the client. In rewrite mode, entire server's cookie value is replaced with the server IP and port in the response before sending it to the client.", 
  "enum": [
    "INSERT", 
    "PREFIX", 
    "REWRITE"
  ], 
  "id": "CookiePersistenceModeType", 
  "module_id": "LoadBalancer", 
  "title": "cookie persistence mode", 
  "type": "string"
}

CookieTimeType (type) 

{
  "additionalProperties": false, 
  "description": "Both session cookie and persistence cookie are supported, Use LbSessionCookieTime for session cookie time setting, Use LbPersistenceCookieTime for persistence cookie time setting", 
  "enum": [
    "LbSessionCookieTime", 
    "LbPersistenceCookieTime"
  ], 
  "id": "CookieTimeType", 
  "module_id": "LoadBalancer", 
  "title": "Snat translation type", 
  "type": "string"
}

CopyFromRemoteFileProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "CopyRemoteFileProperties
  }, 
  "id": "CopyFromRemoteFileProperties", 
  "properties": {
    "port": {
      "maximum": 65535, 
      "minimum": 1, 
      "title": "Server port", 
      "type": "integer"
    }, 
    "protocol": {
      "$ref": "Protocol, 
      "required": true, 
      "title": "Protocol to use to copy file"
    }, 
    "server": {
      "pattern": "^[^/:]+$", 
      "required": true, 
      "title": "Remote server hostname or IP address", 
      "type": "string"
    }, 
    "uri": {
      "required": true, 
      "title": "URI of file to copy", 
      "type": "string"
    }
  }, 
  "type": "object"
}

CopyRemoteFileProperties (type) 

{
  "additionalProperties": {}, 
  "id": "CopyRemoteFileProperties", 
  "properties": {
    "port": {
      "maximum": 65535, 
      "minimum": 1, 
      "title": "Server port", 
      "type": "integer"
    }, 
    "server": {
      "pattern": "^[^/:]+$", 
      "required": true, 
      "title": "Remote server hostname or IP address", 
      "type": "string"
    }, 
    "uri": {
      "required": true, 
      "title": "URI of file to copy", 
      "type": "string"
    }
  }, 
  "type": "object"
}

CopyToRemoteFileProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "CopyRemoteFileProperties
  }, 
  "id": "CopyToRemoteFileProperties", 
  "properties": {
    "port": {
      "maximum": 65535, 
      "minimum": 1, 
      "title": "Server port", 
      "type": "integer"
    }, 
    "protocol": {
      "$ref": "Protocol, 
      "description": "Only scp and sftp may be used.", 
      "required": true, 
      "title": "Protocol to use to copy file"
    }, 
    "server": {
      "pattern": "^[^/:]+$", 
      "required": true, 
      "title": "Remote server hostname or IP address", 
      "type": "string"
    }, 
    "uri": {
      "required": true, 
      "title": "URI of file to copy", 
      "type": "string"
    }
  }, 
  "type": "object"
}

CpuCoreConfigForEnhancedNetworkingStackSwitch (type) 

{
  "description": "Non Uniform Memory Access (NUMA) nodes and Logical cpu cores (Lcores) per NUMA node configuration for Enhanced Networking Stack enabled HostSwitch.", 
  "id": "CpuCoreConfigForEnhancedNetworkingStackSwitch", 
  "module_id": "TransportNode", 
  "properties": {
    "num_lcores": {
      "minimum": 1, 
      "readonly": false, 
      "required": true, 
      "title": "Number of Logical cpu cores (Lcores) to be placed on a specified NUMA node", 
      "type": "int"
    }, 
    "numa_node_index": {
      "minimum": 0, 
      "readonly": false, 
      "required": true, 
      "title": "Unique index of the Non Uniform Memory Access (NUMA) node", 
      "type": "int"
    }
  }, 
  "title": "Enhanced Networking Stack CPU configuration", 
  "type": "object"
}

CreateRemoteDirectoryProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "CopyRemoteFileProperties
  }, 
  "id": "CreateRemoteDirectoryProperties", 
  "properties": {
    "port": {
      "maximum": 65535, 
      "minimum": 1, 
      "title": "Server port", 
      "type": "integer"
    }, 
    "protocol": {
      "$ref": "SftpProtocol, 
      "required": true, 
      "title": "Protocol to use to copy file"
    }, 
    "server": {
      "pattern": "^[^/:]+$", 
      "required": true, 
      "title": "Remote server hostname or IP address", 
      "type": "string"
    }, 
    "uri": {
      "required": true, 
      "title": "URI of file to copy", 
      "type": "string"
    }
  }, 
  "type": "object"
}

Criterion (type) 

{
  "additionalProperties": false, 
  "description": "Event Criterion is the logical evaluations by which the event may be deemed fulfilled. All the evaluations must be met in order for the criterion to be met (implicit AND).", 
  "id": "Criterion", 
  "module_id": "PolicyReaction", 
  "properties": {
    "evaluations": {
      "description": "Criterion Evaluations.", 
      "items": {
        "$ref": "Evaluation
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Criterion Evaluations", 
      "type": "array"
    }
  }, 
  "title": "Event Criterion", 
  "type": "object"
}

Crl (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "Crl", 
  "module_id": "CertificateManager", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "details": {
      "$ref": "X509Crl, 
      "description": "details of the X509Crl object", 
      "readonly": true, 
      "required": false
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "pem_encoded": {
      "description": "pem encoded crl data", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

CrlDistributionPoint (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "CrlDistributionPoint", 
  "module_id": "CertificateManager", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "cdp_uri": {
      "description": "CRL Distribution Point URI where to fetch the CRL.", 
      "maxLength": 255, 
      "readonly": true, 
      "required": true, 
      "title": "CDP URI", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "issuer": {
      "description": "Issuer of the CRL, referring to the CA.", 
      "maxLength": 255, 
      "readonly": true, 
      "required": true, 
      "title": "Issuer", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Reference to a CRL Distribution Point where to fetch a CRL", 
  "type": "object"
}

CrlDistributionPointList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "CrlDistributionPointList", 
  "module_id": "CertificateManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "CrlDistributionPoint list", 
      "items": {
        "$ref": "CrlDistributionPoint
      }, 
      "readonly": false, 
      "required": true, 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "CrlDistributionPoint query result", 
  "type": "object"
}

CrlDistributionPointStatus (type) 

{
  "additionalProperties": false, 
  "id": "CrlDistributionPointStatus", 
  "module_id": "CertificateManager", 
  "properties": {
    "error_message": {
      "description": "Error message when fetching the CRL failed.", 
      "readonly": true, 
      "required": false, 
      "title": "Error Message", 
      "type": "string"
    }, 
    "status": {
      "$ref": "CdpStatusType, 
      "description": "Status of the fetched CRL for this CrlDistributionPoint", 
      "readonly": true, 
      "required": true, 
      "title": "Status"
    }
  }, 
  "title": "Reference to a CRL Distribution Point where to fetch a CRL", 
  "type": "object"
}

CrlList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "CrlList", 
  "module_id": "CertificateManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "CRL list", 
      "items": {
        "$ref": "Crl
      }, 
      "readonly": true, 
      "required": true, 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Crl queries result", 
  "type": "object"
}

CrlObjectData (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "CrlObjectData", 
  "module_id": "CertificateManager", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "pem_encoded": {
      "description": "pem encoded crl data", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

CrlPemRequestType (type) 

{
  "additionalProperties": false, 
  "id": "CrlPemRequestType", 
  "module_id": "CertificateManager", 
  "properties": {
    "cdp_uri": {
      "description": "CRL Distribution Point URI where to fetch the CRL.", 
      "maxLength": 255, 
      "readonly": true, 
      "required": true, 
      "title": "CDP URI", 
      "type": "string"
    }
  }, 
  "title": "Request Type to get a CRL's PEM file.", 
  "type": "object"
}

CryptoAlgorithm (type) 

{
  "additionalProperties": false, 
  "id": "CryptoAlgorithm", 
  "module_id": "CertificateManager", 
  "properties": {
    "key_size": {
      "description": "supported key sizes for the algorithm", 
      "items": {
        "$ref": "KeySize
      }, 
      "readonly": true, 
      "required": true, 
      "type": "array"
    }, 
    "name": {
      "description": "crypto algorithm name", 
      "readonly": true, 
      "required": true, 
      "type": "string"
    }
  }, 
  "type": "object"
}

CsmStatus (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "CsmStatus", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "display_name": {
      "readonly": true, 
      "required": false, 
      "title": "Name of the Csm instance", 
      "type": "string"
    }, 
    "id": {
      "description": "Identifier of the Csm appliance", 
      "readonly": true, 
      "required": true, 
      "title": "UUID of the Csm appliance", 
      "type": "string"
    }, 
    "ip_address": {
      "readonly": true, 
      "required": false, 
      "title": "IP address of Csm instance", 
      "type": "string"
    }, 
    "managed_by_vmware": {
      "description": "This property is used only if CSM is running in service mode", 
      "readonly": true, 
      "required": false, 
      "title": "Mode of running of Csm instance", 
      "type": "boolean"
    }, 
    "supported_clouds": {
      "description": "This property provides the list of names of supported clouds by CSM.", 
      "items": {
        "$ref": "CloudTypeInfo
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Indication of clouds supported by CSM", 
      "type": "array"
    }, 
    "version": {
      "readonly": true, 
      "required": true, 
      "title": "Version of Csm", 
      "type": "string"
    }
  }, 
  "title": "Information about status of cloud service manager", 
  "type": "object"
}

Csr (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "Csr", 
  "module_id": "CertificateManager", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "algorithm": {
      "description": "Cryptographic algorithm(asymmetric ) used by the public key for data encryption", 
      "enum": [
        "RSA", 
        "DSA"
      ], 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "key_size": {
      "description": "size measured in bits of the public key used in a cryptographic algorithm", 
      "readonly": false, 
      "required": true, 
      "type": "integer"
    }, 
    "pem_encoded": {
      "description": "pem encoded certificate data", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "subject": {
      "$ref": "Principal, 
      "description": "the certificate owner's information (CN, O, OU, C, ST, L)", 
      "readonly": false, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

CsrList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "CsrList", 
  "module_id": "CertificateManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "CSR list", 
      "items": {
        "$ref": "Csr
      }, 
      "readonly": false, 
      "required": true, 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Csr queries result", 
  "type": "object"
}

CsvListResult (type) 

{
  "abstract": true, 
  "description": "Base type for CSV result.", 
  "id": "CsvListResult", 
  "module_id": "CsvTypes", 
  "properties": {
    "file_name": {
      "description": "File name set by HTTP server if API  returns CSV result as a file.", 
      "required": false, 
      "title": "File name", 
      "type": "string"
    }
  }, 
  "type": "object"
}

CsvRecord (type) 

{
  "abstract": true, 
  "description": "Base type for CSV records.", 
  "id": "CsvRecord", 
  "module_id": "CsvTypes", 
  "type": "object"
}

CurrentBackupOperationStatus (type) 

{
  "additionalProperties": false, 
  "id": "CurrentBackupOperationStatus", 
  "module_id": "BackupConfiguration", 
  "properties": {
    "backup_id": {
      "required": false, 
      "title": "Unique identifier of current backup", 
      "type": "string"
    }, 
    "current_step": {
      "enum": [
        "BACKUP_CREATING_CLUSTER_BACKUP", 
        "BACKUP_CREATING_NODE_BACKUP"
      ], 
      "required": false, 
      "title": "Current step of operation", 
      "type": "string"
    }, 
    "current_step_message": {
      "required": false, 
      "title": "Additional human-readable status information about current step", 
      "type": "string"
    }, 
    "end_time": {
      "$ref": "EpochMsTimestamp, 
      "required": false, 
      "title": "Time when operation is expected to end"
    }, 
    "operation_type": {
      "enum": [
        "NONE", 
        "BACKUP"
      ], 
      "required": true, 
      "title": "Type of operation that is in progress. Returns none if no operation is in progress, in which case\nnone of the other fields will be set.\n", 
      "type": "string"
    }, 
    "start_time": {
      "$ref": "EpochMsTimestamp, 
      "required": false, 
      "title": "Time when operation was started"
    }
  }, 
  "title": "Current backup operation status", 
  "type": "object"
}

CurrentRealizationStateBarrier (type) 

{
  "description": "The current global barrier number of the realized state", 
  "id": "CurrentRealizationStateBarrier", 
  "module_id": "RealizationStateBarrier", 
  "properties": {
    "current_barrier_number": {
      "description": "Gives the current global barrier number for NSX", 
      "readonly": true, 
      "required": true, 
      "type": "integer"
    }
  }, 
  "type": "object"
}

CustomPolicyLbPersistenceProfile (type) 

{
  "additionalProperties": false, 
  "description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a PolicyLbVirtualServer by binding a persistence profile to it.", 
  "extends": {
    "$ref": "PolicyLbPersistenceProfile
  }, 
  "id": "CustomPolicyLbPersistenceProfile", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "CustomPolicyLbPersistenceProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "persistence": {
      "description": "This field indicates the persistence method used for the PolicyLbVirtualServer. - COOKIE persistence allows related client connections, identified by the same cookie in HTTP requests [Refer to HTTP Cookie for details on HTTP cookies], to be redirected to the same server. Load balancer does not maintain any persistence table for cookie persistence. Instead, it encodes the necessary information in the HTTP cookie value sent to client and relies on the client to store it and send it back in subsequent related HTTP requests. Hence there is no limit on the number of cookie persistence entries that can be supported. - SOURCE_IP persistence ensures all connections from a client (identified by IP address) are sent to the same backend server for a specified period. - This object is not required and without creation of this object the virtual server persistence is disabled by default", 
      "enum": [
        "COOKIE", 
        "SOURCE_IP"
      ], 
      "required": true, 
      "title": "Persistence method used by PolicyLbVirtualServer(s)", 
      "type": "string"
    }, 
    "persistence_shared": {
      "default": false, 
      "description": "Persistence shared setting indicates that all PolicyLbVirtualServers that consume this PolicyLbPersistenceProfile should share the same persistence mechanism when enabled.  Meaning, persistence entries of a client accessing one virtual server will also affect the same client's connections to a different virtual server. For example, say there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to the same Group g1 consisting of two servers (s11:80 and s12:80). By default, each virtual server will have its own persistence table or cookie. So, in the earlier example, there will be two tables (vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client connects to vip1:80 and later connects to vip1:8080, the second connection may be sent to a different server than the first.  When persistence_shared is enabled, then the second connection will always connect to the same server as the original connection. For COOKIE persistence type, the same cookie will be shared by multiple virtual servers. For SOURCE_IP persistenct type, the persistence table will be shared across virtual servers.", 
      "required": false, 
      "title": "Persistence shared across PolicyLbVirtualServers", 
      "type": "boolean"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "L4PolicyLbPersistenceProfile", 
        "L7PolicyLbPersistenceProfile", 
        "CustomPolicyLbPersistenceProfile"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "PolicyLbPersistenceProflie for Custom type PolicyLbVirtualServer", 
  "type": "object"
}

CustomPolicyLbVirtualServer (type) 

{
  "additionalProperties": false, 
  "description": "Virtual server acts as a facade to an application, receives all client connections over a specified protocol and distributes them among the backend servers.  This custom type allows for more complex settings than the simplified PolicyLbVirtualServer types.  This object allows for complex configurations for PolicyLbVirtualServers of all types. All HTTP specific inputs will be rejected when combined with TPC or UDP protocols.", 
  "extends": {
    "$ref": "HttpPolicyLbVirtualServer
  }, 
  "id": "CustomPolicyLbVirtualServer", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "CustomPolicyLbVirtualServer"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "access_log_enabled": {
      "default": false, 
      "description": "If access log is enabled, all HTTP requests sent to an L7 virtual server are logged to the access log file. Both successful requests (backend server returns 2xx) and unsuccessful requests (backend server returns 4xx or 5xx) are logged to access log, if enabled.", 
      "required": false, 
      "title": "Access log enabled setting", 
      "type": "boolean"
    }, 
    "app_protocol": {
      "description": "As the custom type allows for more complex settings than the simplified PolicyLbVirtualServer types, also specify the desired protocol for receiving all client connections.", 
      "enum": [
        "TCP", 
        "UDP", 
        "HTTP", 
        "HTTPS"
      ], 
      "required": true, 
      "title": "Application protocol for receiving client connections", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "client_ssl_certificate_ids": {
      "description": "Client-side SSL profile binding allows multiple certificates, for different hostnames, to be bound to the same virtual server. The setting is used when load balancer acts as an SSL server and terminating the client SSL connection", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "ssl certificates", 
      "type": "array"
    }, 
    "client_ssl_settings": {
      "default": "HIGH_SECURE_111317", 
      "description": "Security settings representing various security settings when the VirtualServer acts as an SSL server - BASE_SECURE_111317 - MODERATE_SECURE_111317 - HIGH_SECURE_111317", 
      "enum": [
        "BASE_SECURE_111317", 
        "MODERATE_SECURE_111317", 
        "HIGH_SECURE_111317"
      ], 
      "required": false, 
      "title": "Security profile setting", 
      "type": "string"
    }, 
    "default_client_ssl_certificate_id": {
      "description": "The setting is used when load balancer acts as an SSL server and terminating the client SSL connection.  A default certificate should be specified which will be used if the server does not host multiple hostnames on the same IP address or if the client does not support SNI extension.", 
      "required": false, 
      "title": "ssl certificate", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "insert_client_ip_header": {
      "default": false, 
      "description": "Backend web servers typically log each request they handle along with the requesting client IP address. These logs are used for debugging, analytics and other such purposes. If the deployment topology requires enabling SNAT on the load balancer, then server will see the client as the SNAT IP which defeats the purpose of logging. To work around this issue, load balancer can be configured to insert XFF HTTP header with the original client IP address. Backend servers can then be configured to log the IP address in XFF header instead of the source IP address of the connection. If XFF header is not present in the incoming request, load balancer inserts a new XFF header with the client IP address.", 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "boolean"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "description": "Configures the IP address of the PolicyLbVirtualServer where it receives all client connections and distributes them among the backend servers.", 
      "required": true, 
      "title": "IP address of the PolicyLbVirtualServer"
    }, 
    "lb_persistence_profile": {
      "description": "Path to optional object that enables persistence on a virtual server allowing related client connections to be sent to the same backend server. Persistence is disabled by default.", 
      "required": false, 
      "title": "Persistence Profile used by PolicyLbVirtualServer", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "ports": {
      "description": "Ports contains a list of at least one port or port range such as \"80\", \"1234-1236\". Each port element in the list should be a single port or a single port range.", 
      "items": {
        "$ref": "PortElement
      }, 
      "required": true, 
      "title": "Virtual server port number(s) or port range(s)", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "TcpPolicyLbVirtualServer", 
        "UdpPolicyLbVirtualServer", 
        "HttpPolicyLbVirtualServer", 
        "HttpsPolicyLbVirtualServer", 
        "CustomPolicyLbVirtualServer"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "router_path": {
      "description": "Path to router type object that PolicyLbVirtualServer connects to. The only supported router object is Network.", 
      "required": true, 
      "title": "Path to router type object for PolicyLbVirtualServer", 
      "type": "string"
    }, 
    "server_auth_ca_certificate_ids": {
      "description": "To support client authentication (load balancer acting as a client authenticating to the backend server), server_ssl_certificate_id can be specified.  When supplied, the backend server certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified. This setting is only applicable for L7 protocols and will be rejected in combination with TCP or UDP.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "ssl certificate", 
      "type": "array"
    }, 
    "server_ssl_settings": {
      "default": "DISABLED", 
      "description": "Indicates whether to enable server side SSL.  Server side SSL will be enabled when a specific security setting is selected. The selected security setting or profile represents various configurations related to SSL when the VirtualServer acts as a client connecting over SSL to the backend server.  This setting is only applicable for L7 protocols and will be rejected in combination with TCP or UDP. - BASE_SECURE_111317 - MODERATE_SECURE_111317 - HIGH_SECURE_111317 - DISABLED", 
      "enum": [
        "BASE_SECURE_111317", 
        "MODERATE_SECURE_111317", 
        "HIGH_SECURE_111317", 
        "DISABLED"
      ], 
      "required": false, 
      "title": "Security profile setting", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "traffic_source": {
      "type": "string"
    }
  }, 
  "title": "PolicyLbVirtualServer handling connections over HTTP or HTTPS", 
  "type": "object"
}

CvxConnectionInfo (type) 

{
  "extends": {
    "$ref": "EnforcementPointConnectionInfo
  }, 
  "id": "CvxConnectionInfo", 
  "module_id": "PolicyEnforcementPointManagement", 
  "polymorphic-type-descriptor": {
    "type-identifier": "CvxConnectionInfo"
  }, 
  "properties": {
    "enforcement_point_address": {
      "description": "Value of this property could be hostname or ip. eg. For NSX-T manager running on default port the value can be \"10.192.1.1\", for NSX-T manager running on custom port value can be \"192.168.1.1:32789\". For NSX-T manager in VMC deployments value  can have url prefix eg. \"192.168.1.1:5480/nsxapi\"", 
      "required": true, 
      "title": "IP Address or hostname of the Enforcement point", 
      "type": "string"
    }, 
    "password": {
      "required": true, 
      "sensitive": true, 
      "title": "Password", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "NSXTConnectionInfo", 
        "NSXVConnectionInfo", 
        "CvxConnectionInfo"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "thumbprint": {
      "description": "Thumbprint of EnforcementPoint. sha-256 hash represented in lower case hex.", 
      "required": false, 
      "title": "Thumbprint of Enforcement Point", 
      "type": "string"
    }, 
    "username": {
      "required": true, 
      "sensitive": true, 
      "title": "UserName", 
      "type": "string"
    }
  }, 
  "title": "Credential info to connect to cvx enforcement type", 
  "type": "object"
}

DADMode (type) 

{
  "additionalProperties": false, 
  "description": "Duplicate address detection modes.", 
  "enum": [
    "LOOSE", 
    "STRICT"
  ], 
  "id": "DADMode", 
  "module_id": "Routing", 
  "title": "DAD Mode", 
  "type": "string"
}

DADProfile (type) 

{
  "additionalProperties": false, 
  "description": "Duplicate address detection profile.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "DADProfile", 
  "module_id": "Routing", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "dad_mode": {
      "$ref": "DADMode, 
      "default": "LOOSE", 
      "required": false, 
      "title": "DAD Mode"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ns_retries": {
      "default": 3, 
      "description": "Number of Neighbor solicitation packets generated before completing the Duplicate address detection process.", 
      "maximum": 10, 
      "minimum": 0, 
      "required": false, 
      "title": "NS retries count", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "wait_time": {
      "default": 1, 
      "description": "The time duration in seconds, to wait for Neighbor advertisement after sending the Neighbor solicitation message.", 
      "maximum": 60, 
      "minimum": 0, 
      "required": false, 
      "title": "Wait time", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

DADProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DADProfileListResult", 
  "module_id": "Routing", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "DADProfile
      }, 
      "required": true, 
      "title": "Paginated list of DADProfile", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

DADStatus (type) 

{
  "additionalProperties": false, 
  "description": "Duplicate address detection status for IP address on port.", 
  "enum": [
    "DUPLICATED", 
    "TENTATIVE", 
    "ASSIGNED", 
    "NOT_APPLICABLE", 
    "UNKNOWN"
  ], 
  "id": "DADStatus", 
  "module_id": "LogicalRouterPorts", 
  "title": "DAD Status", 
  "type": "string"
}

DHGroup (type) 

{
  "additionalProperties": false, 
  "description": "Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1024-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group. GROUP19 uses 256-bit random Elliptic Curve (ECP) group. GROUP20 uses 384-bit random ECP group. GROUP21 uses 521-bit random ECP group.", 
  "enum": [
    "GROUP2", 
    "GROUP5", 
    "GROUP14", 
    "GROUP15", 
    "GROUP16", 
    "GROUP19", 
    "GROUP20", 
    "GROUP21"
  ], 
  "id": "DHGroup", 
  "module_id": "IPSecVPN", 
  "title": "Diffie-Hellman groups", 
  "type": "string"
}

DNSForwarderStatisticsPerEnforcementPoint (type) 

{
  "abstract": true, 
  "description": "DNS forwarder statistics per enforcement point.", 
  "id": "DNSForwarderStatisticsPerEnforcementPoint", 
  "module_id": "PolicyDNSStatistics", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "enforcement_point_path": {
      "description": "Policy path referencing the enforcement point from where the statistics are fetched.", 
      "readonly": true, 
      "title": "Enforcement point path", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "NsxTDNSForwarderStatistics"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "DNS forwarder statistics per enforcement point", 
  "type": "object"
}

DNSForwarderStatusPerEnforcementPoint (type) 

{
  "abstract": true, 
  "description": "DNS forwarder status per enforcement point.", 
  "id": "DNSForwarderStatusPerEnforcementPoint", 
  "module_id": "PolicyDNSStatistics", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "enforcement_point_path": {
      "description": "Policy path referencing the enforcement point from where the status is fetched.", 
      "readonly": true, 
      "title": "Enforcement point path", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "NsxTDNSForwarderStatus"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "DNS forwarder status per enforcement point", 
  "type": "object"
}

DSAppliedToType (type) 

{
  "enum": [
    "NSGroup", 
    "LogicalSwitch", 
    "LogicalRouter", 
    "LogicalPort"
  ], 
  "id": "DSAppliedToType", 
  "module_id": "DistributedServices", 
  "title": "Resource type valid for use as AppliedTo filter in section API", 
  "type": "string"
}

DSExcludeList (type) 

{
  "abstract": true, 
  "description": "List of entities excluded for enforcing a service or a feature.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "DSExcludeList", 
  "module_id": "DistributedServices", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "member_count": {
      "description": "Total number of members present in Exclude List.", 
      "readonly": true, 
      "required": false, 
      "title": "Total Member Count", 
      "type": "integer"
    }, 
    "members": {
      "description": "List of members in Exclusion List", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 1000, 
      "readonly": false, 
      "required": true, 
      "title": "Member list", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Exclusion List", 
  "type": "object"
}

DSInsertParameters (type) 

{
  "abstract": true, 
  "id": "DSInsertParameters", 
  "module_id": "DistributedServices", 
  "properties": {
    "id": {
      "maxLength": 64, 
      "required": false, 
      "title": "Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'.", 
      "type": "string"
    }, 
    "operation": {
      "default": "insert_top", 
      "enum": [
        "insert_top", 
        "insert_bottom", 
        "insert_after", 
        "insert_before"
      ], 
      "required": false, 
      "title": "Operation", 
      "type": "string"
    }
  }, 
  "title": "Parameters to tell where rule/section need to be added. All the params take rule/section Id.", 
  "type": "object"
}

DSListRequestParameters (type) 

{
  "abstract": true, 
  "description": "Pagination and Filtering parameters to get only a subset of sections/rules.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "DSListRequestParameters", 
  "module_id": "DistributedServices", 
  "properties": {
    "applied_tos": {
      "description": "Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "AppliedTo's referenced by this section or section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "destinations": {
      "description": "The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "Destinations referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "filter_type": {
      "default": "FILTER", 
      "description": "Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria.", 
      "enum": [
        "FILTER", 
        "SEARCH"
      ], 
      "required": false, 
      "title": "Filter type", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "services": {
      "description": "Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "NSService referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "sources": {
      "description": "The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "Sources referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }
  }, 
  "title": "Parameters to filter list of sections/rules.", 
  "type": "object"
}

DSRule (type) 

{
  "abstract": true, 
  "extends": {
    "$ref": "EmbeddedResource
  }, 
  "id": "DSRule", 
  "module_id": "DistributedServices", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_owner": {
      "$ref": "OwnerResourceLink, 
      "readonly": true, 
      "title": "Owner of this resource"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "action": {
      "description": "Action enforced on the packets which matches the distributed service rule. Currently DS Layer supports below actions. ALLOW           - Forward any packet when a rule with this action gets a match (Used by Firewall). DROP            - Drop any packet when a rule with this action gets a match. Packets won't go further(Used by Firewall). REJECT          - Terminate TCP connection by sending TCP reset for a packet when a rule with this action gets a match (Used by Firewall). REDIRECT        - Redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DO_NOT_REDIRECT - Do not redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion).", 
      "enum": [
        "ALLOW", 
        "DROP", 
        "REJECT", 
        "REDIRECT", 
        "DO_NOT_REDIRECT"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Action", 
      "type": "string"
    }, 
    "applied_tos": {
      "description": "List of object where rule will be enforced. The section level field overrides this one. Null will be treated as any.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "AppliedTo List", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destinations": {
      "description": "List of the destinations. Null will be treated as any.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Destination List", 
      "type": "array"
    }, 
    "destinations_excluded": {
      "default": false, 
      "description": "Negation of the destination.", 
      "readonly": false, 
      "required": false, 
      "title": "Negation of destination", 
      "type": "boolean"
    }, 
    "direction": {
      "default": "IN_OUT", 
      "description": "Rule direction in case of stateless distributed service rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.", 
      "enum": [
        "IN", 
        "OUT", 
        "IN_OUT"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Rule direction", 
      "type": "string"
    }, 
    "disabled": {
      "default": false, 
      "description": "Flag to disable rule. Disabled will only be persisted but never provisioned/realized.", 
      "readonly": false, 
      "required": false, 
      "title": "Rule enable/disable flag", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "description": "Identifier of the resource", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "ip_protocol": {
      "default": "IPV4_IPV6", 
      "description": "Type of IP packet that should be matched while enforcing the rule.", 
      "enum": [
        "IPV4", 
        "IPV6", 
        "IPV4_IPV6"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "IPv4 vs IPv6 packet type", 
      "type": "string"
    }, 
    "is_default": {
      "description": "Flag to indicate whether rule is default.", 
      "readonly": true, 
      "required": false, 
      "title": "Default rule", 
      "type": "boolean"
    }, 
    "logged": {
      "default": false, 
      "description": "Flag to enable packet logging. Default is disabled.", 
      "readonly": false, 
      "required": false, 
      "title": "Enable logging flag", 
      "type": "boolean"
    }, 
    "notes": {
      "description": "User notes specific to the rule.", 
      "maxLength": 2048, 
      "readonly": false, 
      "required": false, 
      "title": "Notes", 
      "type": "string"
    }, 
    "priority": {
      "description": "Priority of the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Rule priority", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rule_tag": {
      "description": "User level field which will be printed in CLI and packet logs.", 
      "maxLength": 32, 
      "readonly": false, 
      "required": false, 
      "title": "Tag", 
      "type": "string"
    }, 
    "sources": {
      "description": "List of sources. Null will be treated as any.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Source List", 
      "type": "array"
    }, 
    "sources_excluded": {
      "default": false, 
      "description": "Negation of the source.", 
      "readonly": false, 
      "required": false, 
      "title": "Negation of source", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

DSRuleState (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Rule Realization State", 
  "extends": {
    "$ref": "ConfigurationState
  }, 
  "id": "DSRuleState", 
  "module_id": "DistributedServices", 
  "properties": {
    "details": {
      "items": {
        "$ref": "ConfigurationStateElement
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Array of configuration state of various sub systems", 
      "type": "array"
    }, 
    "failure_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code", 
      "type": "integer"
    }, 
    "failure_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message in case of failure", 
      "type": "string"
    }, 
    "revision_desired": {
      "description": "This attribute represents revision number of rule's desired state.", 
      "readonly": true, 
      "required": false, 
      "title": "Desired state revision number", 
      "type": "integer"
    }, 
    "state": {
      "description": "Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.", 
      "enum": [
        "pending", 
        "in_progress", 
        "success", 
        "failed", 
        "partial_success", 
        "orphaned", 
        "unknown", 
        "error", 
        "NOT_AVAILABLE", 
        "VM_DEPLOYMENT_QUEUED", 
        "VM_DEPLOYMENT_IN_PROGRESS", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_IN_PROGRESS", 
        "VM_POWER_ON_FAILED", 
        "REGISTRATION_PENDING", 
        "NODE_NOT_READY", 
        "NODE_READY", 
        "VM_POWER_OFF_IN_PROGRESS", 
        "VM_POWER_OFF_FAILED", 
        "VM_UNDEPLOY_IN_PROGRESS", 
        "VM_UNDEPLOY_FAILED", 
        "VM_UNDEPLOY_SUCCESSFUL", 
        "EDGE_CONFIG_ERROR", 
        "VM_DEPLOYMENT_RESTARTED", 
        "REGISTRATION_FAILED", 
        "TRANSPORT_NODE_SYNC_PENDING", 
        "TRANSPORT_NODE_CONFIGURATION_MISSING", 
        "EDGE_HARDWARE_NOT_SUPPORTED", 
        "MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED", 
        "TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER", 
        "TZ_ENDPOINTS_NOT_SPECIFIED", 
        "NO_PNIC_PREPARED_IN_EDGE", 
        "APPLIANCE_INTERNAL_ERROR", 
        "VTEP_DHCP_NOT_SUPPORTED", 
        "UNSUPPORTED_HOST_SWITCH_PROFILE", 
        "UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED", 
        "HOSTSWITCH_PROFILE_NOT_FOUND", 
        "LLDP_SEND_ENABLED_NOT_SUPPORTED", 
        "UNSUPPORTED_NAMED_TEAMING_POLICY", 
        "LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM", 
        "LACP_NOT_SUPPORTED_FOR_EDGE_VM", 
        "STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM", 
        "MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE", 
        "UNSUPPORTED_LACP_LB_ALGO_FOR_NODE", 
        "EDGE_NODE_VERSION_NOT_SUPPORTED", 
        "NO_PNIC_SPECIFIED_IN_TN", 
        "INVALID_PNIC_DEVICE_NAME", 
        "TRANSPORT_NODE_READY", 
        "VM_NETWORK_EDIT_PENDING", 
        "UNSUPPORTED_DEFAULT_TEAMING_POLICY", 
        "MPA_DISCONNECTED", 
        "VM_RENAME_PENDING", 
        "VM_CONFIG_EDIT_PENDING", 
        "VM_NETWORK_EDIT_FAILED", 
        "VM_RENAME_FAILED", 
        "VM_CONFIG_EDIT_FAILED", 
        "VM_CONFIG_DISCREPANCY", 
        "VM_NODE_REFRESH_FAILED", 
        "VM_PLACEMENT_REFRESH_FAILED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Overall state of desired configuration", 
      "type": "string"
    }
  }, 
  "title": "Rule Realization State", 
  "type": "object"
}

DSSection (type) 

{
  "abstract": true, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "DSSection", 
  "module_id": "DistributedServices", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "applied_tos": {
      "description": "List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "AppliedTo List", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_default": {
      "description": "It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.", 
      "readonly": true, 
      "required": false, 
      "title": "Default section flag", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rule_count": {
      "description": "Number of rules in this section.", 
      "readonly": true, 
      "required": false, 
      "title": "Rule count", 
      "type": "integer"
    }, 
    "section_type": {
      "description": "Type of the rules which a section can contain. Only homogeneous sections are supported.", 
      "enum": [
        "LAYER2", 
        "LAYER3", 
        "L3REDIRECT"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Section Type", 
      "type": "string"
    }, 
    "stateful": {
      "description": "Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.", 
      "readonly": false, 
      "required": true, 
      "title": "Stateful nature of the distributed service rules in the section.", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

DSSectionListResult (type) 

{
  "abstract": true, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DSSectionListResult", 
  "module_id": "DistributedServices", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

DSSectionQueryParameters (type) 

{
  "abstract": true, 
  "id": "DSSectionQueryParameters", 
  "module_id": "DistributedServices", 
  "properties": {
    "cascade": {
      "default": false, 
      "required": false, 
      "title": "Flag to cascade delete of this object to all it's child objects.", 
      "type": "boolean"
    }
  }, 
  "title": "Section query parameters", 
  "type": "object"
}

DSSectionState (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Section Realization Status", 
  "extends": {
    "$ref": "ConfigurationState
  }, 
  "id": "DSSectionState", 
  "module_id": "DistributedServices", 
  "properties": {
    "details": {
      "items": {
        "$ref": "ConfigurationStateElement
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Array of configuration state of various sub systems", 
      "type": "array"
    }, 
    "failure_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code", 
      "type": "integer"
    }, 
    "failure_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message in case of failure", 
      "type": "string"
    }, 
    "revision_desired": {
      "description": "This attribute represents revision number of section's desired state.", 
      "readonly": true, 
      "required": false, 
      "title": "Section's desired state revision number", 
      "type": "integer"
    }, 
    "state": {
      "description": "Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.", 
      "enum": [
        "pending", 
        "in_progress", 
        "success", 
        "failed", 
        "partial_success", 
        "orphaned", 
        "unknown", 
        "error", 
        "NOT_AVAILABLE", 
        "VM_DEPLOYMENT_QUEUED", 
        "VM_DEPLOYMENT_IN_PROGRESS", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_IN_PROGRESS", 
        "VM_POWER_ON_FAILED", 
        "REGISTRATION_PENDING", 
        "NODE_NOT_READY", 
        "NODE_READY", 
        "VM_POWER_OFF_IN_PROGRESS", 
        "VM_POWER_OFF_FAILED", 
        "VM_UNDEPLOY_IN_PROGRESS", 
        "VM_UNDEPLOY_FAILED", 
        "VM_UNDEPLOY_SUCCESSFUL", 
        "EDGE_CONFIG_ERROR", 
        "VM_DEPLOYMENT_RESTARTED", 
        "REGISTRATION_FAILED", 
        "TRANSPORT_NODE_SYNC_PENDING", 
        "TRANSPORT_NODE_CONFIGURATION_MISSING", 
        "EDGE_HARDWARE_NOT_SUPPORTED", 
        "MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED", 
        "TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER", 
        "TZ_ENDPOINTS_NOT_SPECIFIED", 
        "NO_PNIC_PREPARED_IN_EDGE", 
        "APPLIANCE_INTERNAL_ERROR", 
        "VTEP_DHCP_NOT_SUPPORTED", 
        "UNSUPPORTED_HOST_SWITCH_PROFILE", 
        "UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED", 
        "HOSTSWITCH_PROFILE_NOT_FOUND", 
        "LLDP_SEND_ENABLED_NOT_SUPPORTED", 
        "UNSUPPORTED_NAMED_TEAMING_POLICY", 
        "LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM", 
        "LACP_NOT_SUPPORTED_FOR_EDGE_VM", 
        "STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM", 
        "MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE", 
        "UNSUPPORTED_LACP_LB_ALGO_FOR_NODE", 
        "EDGE_NODE_VERSION_NOT_SUPPORTED", 
        "NO_PNIC_SPECIFIED_IN_TN", 
        "INVALID_PNIC_DEVICE_NAME", 
        "TRANSPORT_NODE_READY", 
        "VM_NETWORK_EDIT_PENDING", 
        "UNSUPPORTED_DEFAULT_TEAMING_POLICY", 
        "MPA_DISCONNECTED", 
        "VM_RENAME_PENDING", 
        "VM_CONFIG_EDIT_PENDING", 
        "VM_NETWORK_EDIT_FAILED", 
        "VM_RENAME_FAILED", 
        "VM_CONFIG_EDIT_FAILED", 
        "VM_CONFIG_DISCREPANCY", 
        "VM_NODE_REFRESH_FAILED", 
        "VM_PLACEMENT_REFRESH_FAILED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Overall state of desired configuration", 
      "type": "string"
    }
  }, 
  "title": "Section Realization State", 
  "type": "object"
}

DSService (type) 

{
  "abstract": true, 
  "extends": {
    "$ref": "ResourceReference
  }, 
  "id": "DSService", 
  "module_id": "DistributedServices", 
  "properties": {
    "is_valid": {
      "description": "Will be set to false if the referenced NSX resource has been deleted.", 
      "readonly": true, 
      "required": false, 
      "title": "Target validity", 
      "type": "boolean"
    }, 
    "service": {
      "$ref": "NSServiceElement, 
      "description": "Distributed Service API accepts raw protocol and ports as part of NS service element in Distributed Service Rule that describes traffic corresponding to an NSService.", 
      "readonly": false, 
      "required": false, 
      "title": "Distributed Service Network and Security Service element"
    }, 
    "target_display_name": {
      "description": "Display name of the NSX resource.", 
      "maxLength": 255, 
      "readonly": true, 
      "required": false, 
      "title": "Target display name", 
      "type": "string"
    }, 
    "target_id": {
      "description": "Identifier of the NSX resource.", 
      "maxLength": 64, 
      "readonly": false, 
      "required": false, 
      "title": "Target ID", 
      "type": "string"
    }, 
    "target_type": {
      "description": "Type of the NSX resource.", 
      "maxLength": 255, 
      "readonly": false, 
      "required": false, 
      "title": "Target type", 
      "type": "string"
    }
  }, 
  "type": "object"
}

DailyTelemetrySchedule (type) 

{
  "extends": {
    "$ref": "TelemetrySchedule
  }, 
  "id": "DailyTelemetrySchedule", 
  "module_id": "TelemetryConfig", 
  "polymorphic-type-descriptor": {
    "type-identifier": "DailyTelemetrySchedule"
  }, 
  "properties": {
    "frequency_type": {
      "description": "Specify one of DailyTelemetrySchedule, WeeklyTelemetrySchedule, or MonthlyTelemetrySchedule.", 
      "required": true, 
      "title": "Frequency at which data will be collected", 
      "type": "string"
    }, 
    "hour_of_day": {
      "description": "Hour at which data will be collected. Specify a value between 0 through 23.", 
      "maximum": 23, 
      "minimum": 0, 
      "required": true, 
      "title": "Hour at which data will be collected", 
      "type": "integer"
    }, 
    "minutes": {
      "default": 0, 
      "description": "Minute at which data will be collected. Specify a value between 0 through 59.", 
      "maximum": 59, 
      "minimum": 0, 
      "required": false, 
      "title": "Minute at which data will be collected", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

DataCounter (type) 

{
  "id": "DataCounter", 
  "module_id": "AggSvcL2Types", 
  "properties": {
    "dropped": {
      "required": false, 
      "title": "The dropped packets or bytes", 
      "type": "integer"
    }, 
    "multicast_broadcast": {
      "required": false, 
      "title": "The multicast and broadcast packets or bytes", 
      "type": "integer"
    }, 
    "total": {
      "required": true, 
      "title": "The total packets or bytes", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

DataSourceParameters (type) 

{
  "id": "DataSourceParameters", 
  "module_id": "Types", 
  "properties": {
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }
  }, 
  "type": "object"
}

DataSourceType (type) 

{
  "enum": [
    "realtime", 
    "cached"
  ], 
  "id": "DataSourceType", 
  "module_id": "Types", 
  "title": "Data source type.", 
  "type": "string"
}

DataTypeCollectionConfiguration (type) 

{
  "id": "DataTypeCollectionConfiguration", 
  "module_id": "AggSvcDataCollectionConfig", 
  "properties": {
    "collection_frequency": {
      "description": "The frequency in seconds at which data is collected", 
      "maximum": 86400, 
      "minimum": 15, 
      "required": true, 
      "title": "Data Collection Frequency In Seconds", 
      "type": "integer"
    }, 
    "data_type": {
      "description": "Defines the type of data being collected", 
      "enum": [
        "STATUS", 
        "STATISTICS"
      ], 
      "required": true, 
      "title": "Data type", 
      "type": "string"
    }
  }, 
  "title": "Data type collection configuration", 
  "type": "object"
}

Datasource (type) 

{
  "additionalProperties": false, 
  "description": "An instance of a datasource configuration.", 
  "id": "Datasource", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "display_name": {
      "description": "Name of a datasource instance.", 
      "maxLength": 255, 
      "required": true, 
      "title": "Datasource instance's display name", 
      "type": "string"
    }, 
    "urls": {
      "description": "Array of urls relative to the datasource configuration. For example, api/v1/fabric/nodes is a relative url of nsx-manager instance.", 
      "items": {
        "$ref": "UrlAlias
      }, 
      "required": true, 
      "title": "Array of relative urls and their aliases", 
      "type": "array"
    }
  }, 
  "title": "Datasource Instance", 
  "type": "object"
}

DatetimeUTC (type) 

{
  "description": "Datetime string in UTC in the RFC3339 format 'yyyy-mm-ddThh:mm:ssZ'", 
  "id": "DatetimeUTC", 
  "title": "Datetime string in UTC", 
  "type": "string"
}

DeleteRequestParameters (type) 

{
  "additionalProperties": {}, 
  "id": "DeleteRequestParameters", 
  "module_id": "Common", 
  "properties": {
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }
  }, 
  "title": "Parameters that affect how delete operations are processed", 
  "type": "object"
}

DeploymentConfig (type) 

{
  "additionalProperties": false, 
  "id": "DeploymentConfig", 
  "module_id": "FabricNode", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "placement_type"
  }, 
  "properties": {
    "placement_type": {
      "enum": [
        "VsphereDeploymentConfig"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "type": "object"
}

DeploymentTemplate (type) 

{
  "description": "Deployment Template holds the attributes specific to partner for which the service is created. These attributes are opaque to NSX.", 
  "id": "DeploymentTemplate", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "attributes": {
      "description": "List of attributes specific to a partner for which the service is created. There attributes are passed on to the partner appliance and is opaque to the NSX Manager.", 
      "items": {
        "$ref": "Attribute
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Deployment Template attributes", 
      "type": "array"
    }, 
    "name": {
      "description": "Deployment Template name.", 
      "readonly": false, 
      "required": false, 
      "title": "name", 
      "type": "string"
    }
  }, 
  "title": "Service Deployment Template", 
  "type": "object"
}

DeploymentZone (type) (Deprecated) 

{
  "deprecated": true, 
  "description": "Logical grouping of enforcement points. This is a deprecated type. DeploymentZone has been renamed to Site. Use Site.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "DeploymentZone", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enforcement_points": {
      "items": {
        "$ref": "EnforcementPoint
      }, 
      "required": false, 
      "title": "Logical grouping of enforcement points", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Deployment zone", 
  "type": "object"
}

DeploymentZoneListRequestParameters (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "DeploymentZone list request parameters. This is a deprecated type. DeploymentZone has been renamed to Site. Use SiteListRequestParameters.", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "DeploymentZoneListRequestParameters", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "DeploymentZone list request parameters", 
  "type": "object"
}

DeploymentZoneListResult (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Paged Collection of Deployment Zones. This is a deprecated type. DeploymentZone has been renamed to Site. Use SiteListResult.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DeploymentZoneListResult", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "DeploymentZone
      }, 
      "required": true, 
      "title": "Deployment Zones", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Deployment Zones", 
  "type": "object"
}

DestinationNsxApiEndpoint (type) 

{
  "additionalProperties": false, 
  "description": "Details about the destination NSX manager for the migration", 
  "id": "DestinationNsxApiEndpoint", 
  "module_id": "Migration", 
  "properties": {
    "destination_nsx_ip": {
      "description": "IP address or host name of the destination NSX manager to which the config will be migrated.", 
      "format": "hostname-or-ip", 
      "readonly": false, 
      "required": true, 
      "title": "Destination NSX IP ddress or host name", 
      "type": "string"
    }, 
    "destination_nsx_password": {
      "description": "Valid password for connecting to the destination NSX manager.", 
      "readonly": false, 
      "required": false, 
      "sensitive": true, 
      "title": "Password for destination NSX manager", 
      "type": "string"
    }, 
    "destination_nsx_port": {
      "default": 443, 
      "description": "Destination NSX manager port that will be used to apply details.", 
      "readonly": false, 
      "required": false, 
      "title": "Destination NSX manager port", 
      "type": "int"
    }, 
    "destination_nsx_username": {
      "description": "Valid username for connecting to the destination NSX manager.", 
      "readonly": false, 
      "required": false, 
      "title": "Username for destination NSX manager", 
      "type": "string"
    }
  }, 
  "title": "Destination NSX manager details", 
  "type": "object"
}

DetachClusterParameters (type) 

{
  "id": "DetachClusterParameters", 
  "properties": {
    "force": {
      "enum": [
        "true", 
        "false"
      ], 
      "type": "string"
    }, 
    "graceful-shutdown": {
      "default": "false", 
      "enum": [
        "true", 
        "false"
      ], 
      "required": false, 
      "type": "string"
    }, 
    "ignore-repository-ip-check": {
      "default": "false", 
      "enum": [
        "true", 
        "false"
      ], 
      "required": false, 
      "type": "string"
    }
  }, 
  "type": "object"
}

DfwFirewallConfiguration (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "FirewallConfiguration
  }, 
  "id": "DfwFirewallConfiguration", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "DfwFirewallConfiguration"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "disable_auto_drafts": {
      "default": false, 
      "description": "To disable auto drafts, set it to true. By default, auto drafts are enabled.", 
      "title": "Auto draft disable flag", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enable_firewall": {
      "default": true, 
      "description": "If set to true, Firewall is enabled.", 
      "title": "Firewall enable flag", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "idfw_enabled": {
      "default": false, 
      "description": "If set to true, identity firewall is enabled.", 
      "title": "Identity firewall enable flag", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "DfwFirewallConfiguration"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "DFW Firewall related configurations", 
  "type": "object"
}

DhGroup (type) 

{
  "additionalProperties": false, 
  "description": "Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1048-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group. GROUP19 uses 256-bit Random Elliptic Curve (ECP) group. GROUP20 uses 384-bit Random ECP group. GROUP21 uses 521-bit Random ECP group.", 
  "enum": [
    "GROUP2", 
    "GROUP5", 
    "GROUP14", 
    "GROUP15", 
    "GROUP16", 
    "GROUP19", 
    "GROUP20", 
    "GROUP21"
  ], 
  "id": "DhGroup", 
  "module_id": "PolicyIPSecVpn", 
  "title": "Diffie-Hellman groups", 
  "type": "string"
}

DhcpDeleteLeaseRequestParameters (type) 

{
  "additionalProperties": false, 
  "id": "DhcpDeleteLeaseRequestParameters", 
  "module_id": "Dhcp", 
  "properties": {
    "ip": {
      "$ref": "IPAddress, 
      "required": true
    }, 
    "mac": {
      "$ref": "MACAddress, 
      "required": true
    }
  }, 
  "type": "object"
}

DhcpFilter (type) 

{
  "id": "DhcpFilter", 
  "module_id": "SwitchSecuritySwitchingProfile", 
  "properties": {
    "client_block_enabled": {
      "readonly": false, 
      "required": true, 
      "title": "Indicates whether DHCP client blocking is enabled", 
      "type": "boolean"
    }, 
    "server_block_enabled": {
      "readonly": false, 
      "required": true, 
      "title": "Indicates whether DHCP server blocking is enabled", 
      "type": "boolean"
    }, 
    "v6_client_block_enabled": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Indiactes whether DHCP v6 client blocking is enabled", 
      "type": "boolean"
    }, 
    "v6_server_block_enabled": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Indiactes whether DHCP V6 server blocking is enabled", 
      "type": "boolean"
    }
  }, 
  "title": "DHCP filtering configuration", 
  "type": "object"
}

DhcpHeader (type) 

{
  "additionalProperties": false, 
  "id": "DhcpHeader", 
  "module_id": "Traceflow", 
  "properties": {
    "op_code": {
      "default": "BOOTREQUEST", 
      "description": "This is used to specify the general type of message. A client sending request to a server uses an op code of BOOTREQUEST, while a server replying uses an op code of BOOTREPLY.", 
      "enum": [
        "BOOTREQUEST", 
        "BOOTREPLY"
      ], 
      "required": false, 
      "title": "Message op code / message type", 
      "type": "string"
    }
  }, 
  "type": "object"
}

DhcpIpPool (type) 

{
  "additionalProperties": false, 
  "description": "DHCP ip-pool to define dynamic ip allocation ranges.", 
  "extends": {
    "$ref": "IpAllocationBase
  }, 
  "id": "DhcpIpPool", 
  "module_id": "Dhcp", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "allocation_ranges": {
      "description": "Ip-ranges to define dynamic ip allocation ranges.", 
      "items": {
        "$ref": "IpPoolRange
      }, 
      "required": true, 
      "title": "Ip-ranges", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "error_threshold": {
      "default": 100, 
      "description": "Error threshold. Alert will be raised if the pool usage reaches the given threshold.", 
      "maximum": 100, 
      "minimum": 80, 
      "required": false, 
      "title": "Error threshold, valid [80-100], default 100", 
      "type": "integer"
    }, 
    "gateway_ip": {
      "$ref": "IPAddress, 
      "description": "Gateway ip address of the allocation.", 
      "required": false, 
      "title": "Gateway ip"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "lease_time": {
      "default": 86400, 
      "description": "Lease time, in seconds, [60-(2^32-1)]. Default is 86400.", 
      "maximum": 4294967295, 
      "minimum": 60, 
      "required": false, 
      "title": "Lease time", 
      "type": "integer"
    }, 
    "options": {
      "$ref": "DhcpOptions, 
      "description": "If an option is defined at server level and not configred at ip-pool/static-binding level, the option will be inherited to ip-pool/static-binding. If both define a same-code option, the option defined at ip-pool/static-binding level take precedence over that defined at server level.", 
      "required": false, 
      "title": "DHCP options"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "warning_threshold": {
      "default": 80, 
      "description": "Warning threshold. Alert will be raised if the pool usage reaches the given threshold.", 
      "maximum": 80, 
      "minimum": 50, 
      "required": false, 
      "title": "Warning threshold, valid [50-80], default 80", 
      "type": "integer"
    }
  }, 
  "title": "DHCP ip-pool", 
  "type": "object"
}

DhcpIpPoolListResult (type) 

{
  "additionalProperties": false, 
  "description": "A paginated list of DHCP ip pools.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DhcpIpPoolListResult", 
  "module_id": "Dhcp", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "A paginated list of DHCP ip pools.", 
      "items": {
        "$ref": "DhcpIpPool
      }, 
      "required": true, 
      "title": "Paginated list of DHCP ip pools", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "A list of DHCP ip pools", 
  "type": "object"
}

DhcpIpPoolUsage (type) 

{
  "id": "DhcpIpPoolUsage", 
  "module_id": "AggSvcDhcp", 
  "properties": {
    "allocated_number": {
      "required": true, 
      "title": "allocated number. COULD BE INACCURATE, REFERENCE ONLY.", 
      "type": "integer"
    }, 
    "allocated_percentage": {
      "required": true, 
      "title": "allocated percentage. COULD BE INACCURATE, REFERENCE ONLY.", 
      "type": "integer"
    }, 
    "dhcp_ip_pool_id": {
      "required": true, 
      "title": "uuid of dhcp ip pool", 
      "type": "string"
    }, 
    "pool_size": {
      "required": true, 
      "title": "pool size", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

DhcpLeasePerIP (type) 

{
  "id": "DhcpLeasePerIP", 
  "module_id": "AggSvcDhcp", 
  "properties": {
    "expire_time": {
      "required": false, 
      "title": "expire time of the lease", 
      "type": "string"
    }, 
    "ip_address": {
      "required": true, 
      "title": "ip address of client", 
      "type": "string"
    }, 
    "lease_time": {
      "required": false, 
      "title": "lease time of the ip address, in seconds", 
      "type": "string"
    }, 
    "mac_address": {
      "required": true, 
      "title": "mac address of client", 
      "type": "string"
    }, 
    "start_time": {
      "required": true, 
      "title": "start time of lease", 
      "type": "string"
    }, 
    "subnet": {
      "required": false, 
      "title": "subnet of client network", 
      "type": "string"
    }
  }, 
  "type": "object"
}

DhcpLeaseRequestParameters (type) 

{
  "extends": {
    "$ref": "DataSourceParameters
  }, 
  "id": "DhcpLeaseRequestParameters", 
  "module_id": "AggSvcDhcp", 
  "properties": {
    "address": {
      "required": false, 
      "title": "can be an ip address, or an ip range, or a mac address", 
      "type": "string"
    }, 
    "pool_id": {
      "required": false, 
      "title": "The uuid of dhcp ip pool", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }
  }, 
  "type": "object"
}

DhcpLeases (type) 

{
  "id": "DhcpLeases", 
  "module_id": "AggSvcDhcp", 
  "properties": {
    "dhcp_server_id": {
      "required": false, 
      "title": "dhcp server uuid", 
      "type": "string"
    }, 
    "leases": {
      "items": {
        "$ref": "DhcpLeasePerIP
      }, 
      "maxItems": 65535, 
      "minItems": 0, 
      "required": false, 
      "title": "The lease info list of the server", 
      "type": "array"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "required": false, 
      "title": "timestamp of the lease info"
    }
  }, 
  "type": "object"
}

DhcpOption121 (type) 

{
  "additionalProperties": false, 
  "description": "DHCP option 121 to define classless static route.", 
  "id": "DhcpOption121", 
  "module_id": "Dhcp", 
  "properties": {
    "static_routes": {
      "description": "Classless static route of DHCP option 121.", 
      "items": {
        "$ref": "ClasslessStaticRoute
      }, 
      "maxItems": 27, 
      "minItems": 1, 
      "required": true, 
      "title": "DHCP classless static routes", 
      "type": "array"
    }
  }, 
  "title": "DHCP option 121", 
  "type": "object"
}

DhcpOptions (type) 

{
  "additionalProperties": false, 
  "description": "Define DHCP options of the DHCP service.", 
  "id": "DhcpOptions", 
  "module_id": "Dhcp", 
  "properties": {
    "option121": {
      "$ref": "DhcpOption121, 
      "description": "DHCP option 121 to define classless static routes.", 
      "required": false, 
      "title": "Option 121"
    }, 
    "others": {
      "description": "To define DHCP options other than option 121 in generic format.", 
      "items": {
        "$ref": "GenericDhcpOption
      }, 
      "maxItems": 255, 
      "minItems": 0, 
      "required": false, 
      "title": "Generic DHCP options other than option 121", 
      "type": "array"
    }
  }, 
  "title": "DHCP options", 
  "type": "object"
}

DhcpProfile (type) 

{
  "additionalProperties": false, 
  "description": "DHCP profile to specify edge cluster and members on which the dhcp server will run. A DhcpProfile can be referenced by different logical DHCP servers.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "DhcpProfile", 
  "module_id": "Dhcp", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "edge_cluster_id": {
      "description": "Edge cluster uuid on which the referencing logical DHCP server runs.", 
      "required": true, 
      "title": "Edge cluster uuid", 
      "type": "string"
    }, 
    "edge_cluster_member_indexes": {
      "description": "The Edge nodes on which the DHCP servers run. If none is provided, the NSX will auto-select two edge-nodes from the given edge cluster. If only one edge node is provided, the DHCP servers will run without HA support.", 
      "items": {
        "type": "integer"
      }, 
      "maxItems": 2, 
      "minItems": 0, 
      "required": false, 
      "title": "Edge node indexes", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "enable_standby_relocation": {
      "default": false, 
      "description": "Flag to enable the auto-relocation of standby DHCP Service in case of edge node failure. Only tier 1 and auto placed DHCP servers are considered for the relocation.", 
      "required": false, 
      "title": "Flag to enable standby DHCP server relocation", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "DHCP profile to specify edge cluster and members", 
  "type": "object"
}

DhcpProfileListResult (type) 

{
  "additionalProperties": false, 
  "description": "A paginated list of DHCP profiles.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DhcpProfileListResult", 
  "module_id": "Dhcp", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "A paginated list of logical DHCP profiles.", 
      "items": {
        "$ref": "DhcpProfile
      }, 
      "required": true, 
      "title": "Paginated list of DHCP profiles", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "A list of DHCP profiles", 
  "type": "object"
}

DhcpRelayConfig (type) 

{
  "additionalProperties": false, 
  "description": "DHCP relay configuration", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "DhcpRelayConfig", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "server_addresses": {
      "description": "DHCP server IP addresses for DHCP relay configuration. Both IPv4 and IPv6 addresses are supported.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "required": true, 
      "title": "DHCP relay addresses", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "DHCP relay configuration", 
  "type": "object"
}

DhcpRelayConfigListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DhcpRelayConfigListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "DhcpRelayConfig
      }, 
      "required": true, 
      "title": "DhcpRelayConfig results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of DhcpRelayConfigs", 
  "type": "object"
}

DhcpRelayProfile (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "DhcpRelayProfile", 
  "module_id": "DhcpRelay", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "server_addresses": {
      "items": {
        "$ref": "IPAddress
      }, 
      "required": true, 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

DhcpRelayProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DhcpRelayProfileListResult", 
  "module_id": "DhcpRelay", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "DhcpRelayProfile
      }, 
      "required": true, 
      "title": "Dhcp relay profile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

DhcpRelayService (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "DhcpRelayService", 
  "module_id": "DhcpRelay", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "dhcp_relay_profile_id": {
      "required": true, 
      "title": "dhcp relay profile referenced by the dhcp relay service", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

DhcpRelayServiceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DhcpRelayServiceListResult", 
  "module_id": "DhcpRelay", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "DhcpRelayService
      }, 
      "required": true, 
      "title": "Dhcp relay service list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

DhcpServerConfig (type) 

{
  "additionalProperties": false, 
  "description": "DHCP server configuration", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "DhcpServerConfig", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "edge_cluster_path": {
      "description": "Edge cluster path. Auto assigned if only one edge cluster is configured on enforcement-point.", 
      "required": false, 
      "title": "Edge cluster path", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "lease_time": {
      "default": 86400, 
      "description": "IP address lease time in seconds.", 
      "maximum": 4294967295, 
      "minimum": 60, 
      "required": false, 
      "title": "IP address lease time in seconds", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "server_address": {
      "description": "DHCP server address in CIDR format. Prefix length should be less than or equal to 30. DHCP server is deployed as DHCP relay service. IPv6 is not supported.", 
      "format": "ip-cidr-block", 
      "required": true, 
      "title": "DHCP server address in CIDR format", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "DHCP server configuration", 
  "type": "object"
}

DhcpServerConfigListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DhcpServerConfigListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "DhcpServerConfig
      }, 
      "required": true, 
      "title": "DhcpServerConfig results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of DhcpServerConfigs", 
  "type": "object"
}

DhcpServerStatus (type) 

{
  "id": "DhcpServerStatus", 
  "module_id": "AggSvcDhcp", 
  "properties": {
    "active_node": {
      "required": true, 
      "title": "uuid of active transport node", 
      "type": "string"
    }, 
    "error_message": {
      "required": false, 
      "title": "Error message, if available", 
      "type": "string"
    }, 
    "service_status": {
      "description": "UP means the dhcp service is working fine on both active transport-node and stand-by transport-node (if have), hence fail-over can work at this time if there is failure happens on one of the transport-node; DOWN means the dhcp service is down on both active transport-node and stand-by node (if have), hence the dhcp-service will not repsonse any dhcp request; Error means error happens on transport-node(s) or no status is reported from transport-node(s). The dhcp service may be working (or not working); NO_STANDBY means dhcp service is working in one of the transport node while not in the other transport-node (if have). Hence if the dhcp service in the working transport-node is down, fail-over will not happen and the dhcp service will go down.", 
      "enum": [
        "UP", 
        "DOWN", 
        "ERROR", 
        "NO_STANDBY"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "stand_by_node": {
      "required": false, 
      "title": "uuid of stand_by transport node. null if non-HA mode", 
      "type": "string"
    }
  }, 
  "type": "object"
}

DhcpStaticBinding (type) 

{
  "additionalProperties": false, 
  "description": "DHCP static binding to define a static ip allocation.", 
  "extends": {
    "$ref": "IpAllocationBase
  }, 
  "id": "DhcpStaticBinding", 
  "module_id": "Dhcp", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "gateway_ip": {
      "$ref": "IPAddress, 
      "description": "Gateway ip address of the allocation.", 
      "required": false, 
      "title": "Gateway ip"
    }, 
    "host_name": {
      "description": "The host name to be assigned to the host.", 
      "format": "hostname", 
      "required": false, 
      "title": "Host name", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "description": "The ip address to be assigned to the host.", 
      "required": true, 
      "title": "Ip addres"
    }, 
    "lease_time": {
      "default": 86400, 
      "description": "Lease time, in seconds, [60-(2^32-1)]. Default is 86400.", 
      "maximum": 4294967295, 
      "minimum": 60, 
      "required": false, 
      "title": "Lease time", 
      "type": "integer"
    }, 
    "mac_address": {
      "$ref": "MACAddress, 
      "description": "The MAC address of the host.", 
      "required": true, 
      "title": "MAC address"
    }, 
    "options": {
      "$ref": "DhcpOptions, 
      "description": "If an option is defined at server level and not configred at ip-pool/static-binding level, the option will be inherited to ip-pool/static-binding. If both define a same-code option, the option defined at ip-pool/static-binding level take precedence over that defined at server level.", 
      "required": false, 
      "title": "DHCP options"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "DHCP static binding", 
  "type": "object"
}

DhcpStaticBindingListResult (type) 

{
  "additionalProperties": false, 
  "description": "A paginated list of DHCP static bindings.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DhcpStaticBindingListResult", 
  "module_id": "Dhcp", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "A paginated list of DHCP static bindings.", 
      "items": {
        "$ref": "DhcpStaticBinding
      }, 
      "required": true, 
      "title": "Paginated list of DHCP static bindings", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "A list of DHCP static bindings", 
  "type": "object"
}

DhcpStatistics (type) 

{
  "id": "DhcpStatistics", 
  "module_id": "AggSvcDhcp", 
  "properties": {
    "acks": {
      "required": true, 
      "title": "The total number of DHCP ACK packets", 
      "type": "integer"
    }, 
    "declines": {
      "required": true, 
      "title": "The total number of DHCP DECLINE packets", 
      "type": "integer"
    }, 
    "dhcp_server_id": {
      "required": true, 
      "title": "dhcp server uuid", 
      "type": "string"
    }, 
    "discovers": {
      "required": true, 
      "title": "The total number of DHCP DISCOVER packets", 
      "type": "integer"
    }, 
    "errors": {
      "required": true, 
      "title": "The total number of DHCP errors", 
      "type": "integer"
    }, 
    "informs": {
      "required": true, 
      "title": "The total number of DHCP INFORM packets", 
      "type": "integer"
    }, 
    "ip_pool_stats": {
      "items": {
        "$ref": "DhcpIpPoolUsage
      }, 
      "required": false, 
      "title": "The DHCP ip pool usage statistics", 
      "type": "array"
    }, 
    "nacks": {
      "required": true, 
      "title": "The total number of DHCP NACK packets", 
      "type": "integer"
    }, 
    "offers": {
      "required": true, 
      "title": "The total number of DHCP OFFER packets", 
      "type": "integer"
    }, 
    "releases": {
      "required": true, 
      "title": "The total number of DHCP RELEASE packets", 
      "type": "integer"
    }, 
    "requests": {
      "required": true, 
      "title": "The total number of DHCP REQUEST packets", 
      "type": "integer"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "required": true, 
      "title": "timestamp of the statistics"
    }
  }, 
  "type": "object"
}

Dhcpv6Header (type) 

{
  "additionalProperties": false, 
  "id": "Dhcpv6Header", 
  "module_id": "Traceflow", 
  "properties": {
    "msg_type": {
      "default": "SOLICIT", 
      "description": "This is used to specify the DHCP v6 message. To request the assignment of one or more IPv6 addresses, a client first locates a DHCP server and then requests the assignment of addresses and other configuration information from the server. The client sends a Solicit message to the All_DHCP_Relay_Agents_and_Servers address to find available DHCP servers. Any server that can meet the client's requirements responds with an Advertise message. The client then chooses one of the servers and sends a Request message to the server asking for confirmed assignment of addresses and other configuration information. The server responds with a Reply message that contains the confirmed addresses and configuration. SOLICIT - A client sends a Solicit message to locate servers. ADVERTISE - A server sends and Advertise message to indicate that it is available. REQUEST - A client sends a Request message to request configuration parameters. REPLY - A server sends a Reply message containing assigned addresses and configuration parameters.", 
      "enum": [
        "SOLICIT", 
        "ADVERTISE", 
        "REQUEST", 
        "REPLY"
      ], 
      "required": false, 
      "title": "DHCP message type", 
      "type": "string"
    }
  }, 
  "type": "object"
}

DirectionType (type) 

{
  "default": "BIDIRECTIONAL", 
  "enum": [
    "INGRESS", 
    "EGRESS", 
    "BIDIRECTIONAL"
  ], 
  "id": "DirectionType", 
  "module_id": "PortMirroringSwitchingProfile", 
  "title": "port mirroring direction", 
  "type": "string"
}

DirectoryAdDomain (type) 

{
  "extends": {
    "$ref": "DirectoryDomain
  }, 
  "id": "DirectoryAdDomain", 
  "module_id": "DirectoryService", 
  "polymorphic-type-descriptor": {
    "type-identifier": "DirectoryAdDomain"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "base_distinguished_name": {
      "description": "Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.", 
      "required": true, 
      "title": "Directory domain base distinguished name", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ldap_servers": {
      "description": "Directory domain LDAP servers' information including host, name, port, protocol and so on.", 
      "items": {
        "$ref": "DirectoryLdapServer
      }, 
      "maxItems": 50, 
      "required": true, 
      "title": "LDAP server of directory domain", 
      "type": "array"
    }, 
    "name": {
      "description": "Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.", 
      "required": true, 
      "title": "Directory domain name", 
      "type": "string"
    }, 
    "netbios_name": {
      "description": "NetBIOS names can contain all alphanumeric characters except for the certain disallowed characters. Names can contain a period, but names cannot start with a period. NetBIOS is similar to DNS in that it can serve as a directory service, but more limited as it has no provisions for a name hierarchy and names are limited to 15 characters. The netbios name is case insensitive and is stored in upper case regardless of input case.", 
      "required": true, 
      "title": "Directory domain NETBIOS name", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Domain resource type comes from multiple sub-classes extending this base class. For example, DirectoryAdDomain is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.", 
      "required": true, 
      "title": "Directory domain resource type", 
      "type": "string"
    }, 
    "sync_settings": {
      "$ref": "DirectoryDomainSyncSettings, 
      "description": "Each domain sync settings can be changed using this object. It is not required since there are default values used if there is no specification for this object.", 
      "required": false, 
      "title": "Directory domain sync settings"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Active Directory Domain", 
  "type": "object"
}

DirectoryAdGroup (type) 

{
  "extends": {
    "$ref": "DirectoryGroup
  }, 
  "id": "DirectoryAdGroup", 
  "module_id": "DirectoryService", 
  "polymorphic-type-descriptor": {
    "type-identifier": "DirectoryAdGroup"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "distinguished_name": {
      "required": true, 
      "title": "Directory group distinguished name", 
      "type": "string"
    }, 
    "domain_id": {
      "description": "Domain ID this directory group belongs to.", 
      "required": true, 
      "title": "Domain id", 
      "type": "string"
    }, 
    "domain_name": {
      "description": "Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.", 
      "required": true, 
      "title": "Directory domain distinguished name", 
      "type": "string"
    }, 
    "domain_sync_node_id": {
      "description": "Domain sync node under which this directory group is located. We currently sync only from Root node and hence this attribute doesn't have a specific value set.", 
      "required": false, 
      "title": "Domain synchronization root node id", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "object_guid": {
      "description": "GUID is a 128-bit value that is unique not only in the enterprise but also across the world. GUIDs are assigned to every object created by Active Directory, not just User and Group objects.", 
      "required": true, 
      "title": "Active directory group object guid", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Directory group resource type comes from multiple sub-classes extending this base class. For example, DirectoryAdGroup is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.", 
      "required": true, 
      "title": "Directory group resource type for this domain", 
      "type": "string"
    }, 
    "secure_id": {
      "description": "A security identifier (SID) is a unique value of variable length used to identify a trustee. A SID consists of the following components - The revision level of the SID structure; A 48-bit identifier authority value that identifies the authority that issued the SID; A variable number of subauthority or relative identifier (RID) values that uniquely identify the trustee relative to the authority that issued the SID.", 
      "required": true, 
      "title": "Active directory group secure id", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

DirectoryDomain (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "DirectoryDomain", 
  "module_id": "DirectoryService", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ldap_servers": {
      "description": "Directory domain LDAP servers' information including host, name, port, protocol and so on.", 
      "items": {
        "$ref": "DirectoryLdapServer
      }, 
      "maxItems": 50, 
      "required": true, 
      "title": "LDAP server of directory domain", 
      "type": "array"
    }, 
    "name": {
      "description": "Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.", 
      "required": true, 
      "title": "Directory domain name", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Domain resource type comes from multiple sub-classes extending this base class. For example, DirectoryAdDomain is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.", 
      "required": true, 
      "title": "Directory domain resource type", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Directory Domain", 
  "type": "object"
}

DirectoryDomainListResults (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DirectoryDomainListResults", 
  "module_id": "DirectoryService", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "DirectoryDomain
      }, 
      "maxItems": 500, 
      "required": true, 
      "title": "List of Directory Domains", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of Directory Domain", 
  "type": "object"
}

DirectoryDomainSyncRequest (type) 

{
  "id": "DirectoryDomainSyncRequest", 
  "module_id": "DirectoryService", 
  "properties": {
    "action": {
      "description": "Sync type could be either FULL sync or DELTA sync. The full sync fetches all the objects under the configured sync nodes while delta sync will get the changed objects from previous sync time.", 
      "enum": [
        "FULL_SYNC", 
        "DELTA_SYNC", 
        "STOP_SYNC"
      ], 
      "required": true, 
      "title": "Sync type requested", 
      "type": "string"
    }, 
    "delay": {
      "default": 0, 
      "description": "The delay can be added to execute the sync action in the future.", 
      "minimum": 0, 
      "required": false, 
      "title": "Request to execute the sync with some delay in seconds", 
      "type": "integer"
    }
  }, 
  "title": "Directory domain synchronization request", 
  "type": "object"
}

DirectoryDomainSyncSettings (type) 

{
  "additionalProperties": false, 
  "id": "DirectoryDomainSyncSettings", 
  "module_id": "DirectoryService", 
  "properties": {
    "delta_sync_interval": {
      "default": 180, 
      "description": "Directory domain delta synchronization interval time between two delta sync in minutes.", 
      "maximum": 720, 
      "minimum": 5, 
      "required": false, 
      "title": "Delta synchronization inverval in minutes", 
      "type": "integer"
    }, 
    "full_sync_cron_expr": {
      "description": "Directory domain full synchronization schedule using cron expression. For example, cron expression \"0 0 12 ? * SUN *\" means full sync is scheduled every Sunday midnight. If this object is null, it means there is no background cron job running for full sync.", 
      "required": false, 
      "title": "Full synchronization cron expression", 
      "type": "string"
    }
  }, 
  "title": "Domain synchronization settings", 
  "type": "object"
}

DirectoryDomainSyncStats (type) 

{
  "id": "DirectoryDomainSyncStats", 
  "module_id": "DirectoryService", 
  "properties": {
    "avg_delta_sync_time": {
      "description": "All the historical delta sync are counted in calculating the average delta sync time in milliseconds.", 
      "readonly": true, 
      "required": false, 
      "title": "Average time spent for all historical delta sync", 
      "type": "integer"
    }, 
    "avg_full_sync_time": {
      "description": "All the historical full sync are counted in calculating the average full sync time in milliseconds.", 
      "readonly": true, 
      "required": false, 
      "title": "Average time spent for all historical full sync", 
      "type": "integer"
    }, 
    "current_state": {
      "description": "Current running state of the directory domain in synchronization life cycle. It could be one of the following three states.", 
      "enum": [
        "IDLE", 
        "FULL_SYNC", 
        "DELTA_SYNC"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Current state of directory domain sync context", 
      "type": "string"
    }, 
    "current_state_begin_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "Since what time the current state has begun. The time is expressed in millisecond epoch time.", 
      "readonly": true, 
      "required": true, 
      "title": "Current state elapsed time"
    }, 
    "num_delta_sync": {
      "description": "number of successful historical delta sync initiated either by system or by API request.", 
      "readonly": true, 
      "required": false, 
      "title": "Total number of successful delta sync", 
      "type": "integer"
    }, 
    "num_full_sync": {
      "description": "number of successful historical full sync initiated either by system or by API request.", 
      "readonly": true, 
      "required": false, 
      "title": "Total number of successful full sync", 
      "type": "integer"
    }, 
    "prev_sync_end_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "Directory domain previous sync ending time expressed in millisecond epoch time.", 
      "readonly": true, 
      "required": true, 
      "title": "Previous sync ended time"
    }, 
    "prev_sync_error": {
      "description": "Directory domain previous sync status error if last status was failure.", 
      "readonly": true, 
      "required": false, 
      "title": "Previous sync error", 
      "type": "string"
    }, 
    "prev_sync_status": {
      "description": "Directory domain previous sync status. It could be one of the following two states.", 
      "enum": [
        "SUCCESS", 
        "FAILURE", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Previous sync status", 
      "type": "string"
    }, 
    "prev_sync_type": {
      "description": "Directory domain previous sync type. It could be one of the following three states. Right after the directory domain is configured, this field is set to IDLE.", 
      "enum": [
        "IDLE", 
        "FULL_SYNC", 
        "DELTA_SYNC"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Previous sync type", 
      "type": "string"
    }
  }, 
  "title": "Directory domain synchronization statistics", 
  "type": "object"
}

DirectoryDomanDeleteRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DeleteRequestParameters
  }, 
  "id": "DirectoryDomanDeleteRequestParameters", 
  "module_id": "DirectoryService", 
  "properties": {
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }
  }, 
  "title": "Directory domain delete request parameters", 
  "type": "object"
}

DirectoryGroup (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "DirectoryGroup", 
  "module_id": "DirectoryService", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "distinguished_name": {
      "required": true, 
      "title": "Directory group distinguished name", 
      "type": "string"
    }, 
    "domain_id": {
      "description": "Domain ID this directory group belongs to.", 
      "required": true, 
      "title": "Domain id", 
      "type": "string"
    }, 
    "domain_name": {
      "description": "Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.", 
      "required": true, 
      "title": "Directory domain distinguished name", 
      "type": "string"
    }, 
    "domain_sync_node_id": {
      "description": "Domain sync node under which this directory group is located. We currently sync only from Root node and hence this attribute doesn't have a specific value set.", 
      "required": false, 
      "title": "Domain synchronization root node id", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Directory group resource type comes from multiple sub-classes extending this base class. For example, DirectoryAdGroup is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type.", 
      "required": true, 
      "title": "Directory group resource type for this domain", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

DirectoryGroupListResults (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DirectoryGroupListResults", 
  "module_id": "DirectoryService", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "DirectoryGroup
      }, 
      "required": true, 
      "title": "Directory group list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

DirectoryGroupMember (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "DirectoryGroupMember", 
  "module_id": "DirectoryService", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "group_distinguished_name": {
      "description": "Directory group distinguished name this group member belongs to.", 
      "required": true, 
      "title": "Group distinguished name", 
      "type": "string"
    }, 
    "group_id": {
      "description": "Directory group id this group member belongs to", 
      "required": true, 
      "title": "Group idnetifier", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "member_group_distinguished_name": {
      "description": "Directory group name this group member owns", 
      "required": true, 
      "title": "Member group distinguished name", 
      "type": "string"
    }, 
    "member_group_id": {
      "description": "Directory group id this group member owns", 
      "required": true, 
      "title": "Member group idnetifier", 
      "type": "string"
    }, 
    "nested": {
      "description": "Whether this member group is a directory member of the parent group speicified by group_id or a nested member group which parent group is also member group of the parent group speicified by group_id.", 
      "required": true, 
      "title": "Nesting flag", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

DirectoryGroupMemberListResults (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DirectoryGroupMemberListResults", 
  "module_id": "DirectoryService", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "DirectoryGroupMember
      }, 
      "required": true, 
      "title": "Directory group member list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

DirectoryLdapServer (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "DirectoryLdapServer", 
  "module_id": "DirectoryService", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "domain_name": {
      "description": "Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains.", 
      "required": false, 
      "title": "Directory domain name", 
      "type": "string"
    }, 
    "host": {
      "description": "Directory LDAP server DNS host name or ip address which is reachable by NSX manager to be connected and do object synchronization.", 
      "format": "ip-or-hostname", 
      "required": true, 
      "title": "LDAP server host name", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "password": {
      "description": "Directory LDAP server connection password.", 
      "required": false, 
      "sensitive": true, 
      "title": "LDAP server password", 
      "type": "string"
    }, 
    "port": {
      "default": 389, 
      "description": "Directory LDAP server connection TCP/UDP port.", 
      "max": 65535, 
      "min": 1, 
      "required": false, 
      "title": "LDAP server TCP/UDP port", 
      "type": "integer"
    }, 
    "protocol": {
      "default": "LDAP", 
      "description": "Directory LDAP server connection protocol which is either LDAP or LDAPS.", 
      "enum": [
        "LDAP", 
        "LDAPS"
      ], 
      "required": false, 
      "title": "LDAP server protocol", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "thumbprint": {
      "description": "Directory LDAP server certificate thumbprint used in secure LDAPS connection.", 
      "required": false, 
      "title": "LDAP server certificate thumbprint using SHA-256 algorithm", 
      "type": "string"
    }, 
    "username": {
      "description": "Directory LDAP server connection user name.", 
      "required": false, 
      "title": "LDAP server username", 
      "type": "string"
    }
  }, 
  "title": "LDAP server of directory domain", 
  "type": "object"
}

DirectoryLdapServerListResults (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DirectoryLdapServerListResults", 
  "module_id": "DirectoryService", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "DirectoryLdapServer
      }, 
      "maxItems": 50, 
      "required": true, 
      "title": "List of directory domain LDAP servers", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of directory domain LDAP servers", 
  "type": "object"
}

DirectoryLdapServerStatus (type) 

{
  "id": "DirectoryLdapServerStatus", 
  "module_id": "DirectoryService", 
  "properties": {
    "error_id": {
      "description": "Error ID of the directory LDAP server status maintained by the NSX directory service.", 
      "required": false, 
      "title": "Error ID of the directory LDAP server status", 
      "type": "integer"
    }, 
    "error_message": {
      "description": "Error message of the directory LDAP server status maintained by the NSX directory service.", 
      "required": false, 
      "title": "Error message of the directory LDAP server status", 
      "type": "string"
    }
  }, 
  "title": "Status LDAP server of directory domain", 
  "type": "object"
}

DirectoryLdapServerTestParameters (type) 

{
  "id": "DirectoryLdapServerTestParameters", 
  "module_id": "DirectoryService", 
  "properties": {
    "action": {
      "description": "Type of LDAP server test to perform.", 
      "enum": [
        "CONNECTIVITY"
      ], 
      "required": true, 
      "title": "LDAP server test requested", 
      "type": "string"
    }
  }, 
  "title": "Parameters for performing LDAP server test", 
  "type": "object"
}

DirectorySearchFilterValue (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "DirectorySearchFilterValue", 
  "module_id": "DirectoryService", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "filter_value": {
      "description": "Search filter value is a substring match pattern only which the target entity contains. It is case insentive and doesn't allow wildcard.", 
      "required": true, 
      "title": "Name search filter value", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Searching domain entities using a matching filter value", 
  "type": "object"
}

DiscoveredNode (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "DiscoveredNode", 
  "module_id": "InventoryCmObj", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "certificate": {
      "required": false, 
      "title": "Certificate of the discovered node", 
      "type": "string"
    }, 
    "cm_local_id": {
      "readonly": true, 
      "required": true, 
      "title": "Local Id of the discovered node in the Compute Manager", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "readonly": true, 
      "required": true, 
      "title": "External id of the discovered node, ex. a mo-ref from VC", 
      "type": "string"
    }, 
    "hardware_id": {
      "description": "Hardware Id is generated using system hardware info. It is used to retrieve fabric node of the esx.", 
      "readonly": true, 
      "required": false, 
      "title": "Hardware Id of the discovered node", 
      "type": "string"
    }, 
    "ip_addresses": {
      "items": {
        "$ref": "IPAddress
      }, 
      "readonly": true, 
      "required": true, 
      "title": "IP Addresses of the the discovered node.", 
      "type": "array"
    }, 
    "node_type": {
      "readonly": true, 
      "required": true, 
      "title": "Discovered Node type like Host", 
      "type": "string"
    }, 
    "origin_id": {
      "readonly": true, 
      "required": true, 
      "title": "Id of the compute manager from where this node was discovered", 
      "type": "string"
    }, 
    "origin_properties": {
      "items": {
        "$ref": "KeyValuePair
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Key-Value map of additional specific properties of discovered\nnode in the Compute Manager\n", 
      "type": "array"
    }, 
    "os_type": {
      "readonly": true, 
      "required": false, 
      "title": "OS type of the discovered node", 
      "type": "string"
    }, 
    "os_version": {
      "readonly": true, 
      "required": false, 
      "title": "OS version of the discovered node", 
      "type": "string"
    }, 
    "parent_compute_collection": {
      "readonly": true, 
      "required": false, 
      "title": "External id of the compute collection to which this node belongs", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "stateless": {
      "description": "The stateless property describes whether host persists its state across reboot or not. If state persists, value is set as false otherwise true.", 
      "readonly": true, 
      "required": false, 
      "title": "Specifies whether host is stateless", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

DiscoveredNodeInterfaceProperties (type) 

{
  "additionalProperties": false, 
  "description": "Network interface properties of discovered node", 
  "id": "DiscoveredNodeInterfaceProperties", 
  "module_id": "InventoryCmObj", 
  "properties": {
    "connected_switch": {
      "description": "Switch name which is connected to nic, switch can be opaque, proxyHostSwitch or virtual", 
      "title": "Connected switch", 
      "type": "string"
    }, 
    "interface_id": {
      "description": "Id of the network interface", 
      "title": "Interface ID", 
      "type": "string"
    }, 
    "physical_address": {
      "$ref": "MACAddress, 
      "description": "Mac address of the interface", 
      "title": "Interface MAC address"
    }
  }, 
  "title": "Discovered node network interface properties", 
  "type": "object"
}

DiscoveredNodeListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "DiscoveredNodeListRequestParameters", 
  "module_id": "InventoryCmObj", 
  "properties": {
    "cm_local_id": {
      "required": false, 
      "title": "Local Id of the discovered node in the Compute Manager", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "display_name": {
      "required": false, 
      "title": "Display name of discovered node", 
      "type": "string"
    }, 
    "external_id": {
      "required": false, 
      "title": "External id of the discovered node, ex. a mo-ref from VC", 
      "type": "string"
    }, 
    "has_parent": {
      "enum": [
        "true", 
        "false"
      ], 
      "required": false, 
      "title": "Discovered node has a parent compute collection or is a standalone host", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "ip_address": {
      "required": false, 
      "title": "IP address of the discovered node", 
      "type": "string"
    }, 
    "node_id": {
      "required": false, 
      "title": "Id of the fabric node created from the discovered node", 
      "type": "string"
    }, 
    "node_type": {
      "required": false, 
      "title": "Discovered Node type like HostNode", 
      "type": "string"
    }, 
    "origin_id": {
      "required": false, 
      "title": "Id of the compute manager from where this node was discovered", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "parent_compute_collection": {
      "required": false, 
      "title": "External id of the compute collection to which this node belongs", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Discovered Node list parameters", 
  "type": "object"
}

DiscoveredNodeListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DiscoveredNodeListResult", 
  "module_id": "InventoryCmObj", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "DiscoveredNode
      }, 
      "required": true, 
      "title": "Discovered Node list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Discovered Node list result", 
  "type": "object"
}

DiscoveredNodeNetworkInterfaces (type) 

{
  "description": "All the network interfaces of the discovered node", 
  "id": "DiscoveredNodeNetworkInterfaces", 
  "module_id": "InventoryCmObj", 
  "properties": {
    "discovered_node_id": {
      "description": "Id of the discovered node", 
      "required": true, 
      "title": "Discovered node Id", 
      "type": "string"
    }, 
    "network_interfaces": {
      "description": "Network interfaces of the node", 
      "items": {
        "$ref": "DiscoveredNodeInterfaceProperties
      }, 
      "required": false, 
      "title": "Discovered Node interfaces", 
      "type": "array"
    }
  }, 
  "title": "Discovered node network interfaces", 
  "type": "object"
}

DiscoveredResource (type) 

{
  "abstract": true, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "DiscoveredResource", 
  "module_id": "Common", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Base class for resources that are discovered and automatically updated", 
  "type": "object"
}

DiscoveryProfileBindingMap (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "DiscoveryProfileBindingMap", 
  "module_id": "PolicyDiscoveryProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Base Discovery Profile Binding Map", 
  "type": "object"
}

DistributedFloodProtectionProfile (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "FloodProtectionProfile
  }, 
  "id": "DistributedFloodProtectionProfile", 
  "module_id": "PolicyProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "DistributedFloodProtectionProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enable_rst_spoofing": {
      "default": false, 
      "description": "If set to true, rst spoofing will be enabled. Flag is used only for distributed firewall profiles.", 
      "readonly": false, 
      "title": "Flag to indicate rst spoofing is enabled", 
      "type": "boolean"
    }, 
    "enable_syncache": {
      "default": false, 
      "description": "If set to true, sync cache will be enabled. Flag is used only for distributed firewall profiles.", 
      "readonly": false, 
      "title": "Flag to indicate syncache is enabled", 
      "type": "boolean"
    }, 
    "icmp_active_flow_limit": {
      "description": "If this field is empty, firewall will not set a limit to active ICMP connections.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "title": "Active ICMP connections limit", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "other_active_conn_limit": {
      "description": "If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "title": "Timeout after first TN", 
      "type": "integer"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "FloodProtectionProfileResourceType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_half_open_conn_limit": {
      "description": "If this field is empty, firewall will not set a limit to half open TCP connections.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "title": "Active half open TCP connections limit", 
      "type": "integer"
    }, 
    "udp_active_flow_limit": {
      "description": "If this field is empty, firewall will not set a limit to active UDP connections.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "title": "Active UDP connections limit", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

DnsAnswer (type) 

{
  "additionalProperties": false, 
  "description": "The response for DNS nslookup.", 
  "id": "DnsAnswer", 
  "module_id": "DnsForwarder", 
  "properties": {
    "answers": {
      "description": "The answers of the query.", 
      "items": {
        "$ref": "DnsQueryAnswer
      }, 
      "maxItems": 256, 
      "minItems": 1, 
      "required": false, 
      "title": "The answers of the query.", 
      "type": "array"
    }, 
    "authoritative_answers": {
      "deprecated": true, 
      "description": "Authotitative answers of the query. This is a deprecated property, please use 'answers' instead.", 
      "items": {
        "$ref": "DnsQueryAnswer
      }, 
      "maxItems": 256, 
      "minItems": 1, 
      "required": false, 
      "title": "Authoritative answers", 
      "type": "array"
    }, 
    "dns_server": {
      "description": "Dns server ip address and port, format is \"ip address#port\".", 
      "required": true, 
      "title": "DNS server information", 
      "type": "string"
    }, 
    "edge_node_id": {
      "description": "ID of the edge node that performed the query.", 
      "required": true, 
      "title": "Edge node id", 
      "type": "string"
    }, 
    "non_authoritative_answers": {
      "deprecated": true, 
      "description": "Non-authotitative answers of the query. This is a deprecated property, please use 'answers' instead.", 
      "items": {
        "$ref": "DnsQueryAnswer
      }, 
      "maxItems": 256, 
      "minItems": 1, 
      "required": false, 
      "title": "Non authoritative answers", 
      "type": "array"
    }, 
    "raw_answer": {
      "description": "It can be NXDOMAIN or error message which is not consisted of authoritative_answer or non_authoritative_answer.", 
      "required": false, 
      "title": "Raw message returned from the DNS forwarder", 
      "type": "string"
    }, 
    "source_ip": {
      "$ref": "IPv4Address, 
      "description": "The source ip used in this lookup.", 
      "required": true, 
      "title": "The source ip used in this lookup"
    }
  }, 
  "title": "Answer of dns nslookup", 
  "type": "object"
}

DnsFailedQueries (type) 

{
  "additionalProperties": false, 
  "description": "The array of the failed DNS queries with entry count and timestamp on active and standby transport node.", 
  "id": "DnsFailedQueries", 
  "module_id": "DnsForwarder", 
  "properties": {
    "per_node_failed_queries": {
      "description": "The array of failed DNS queries on active and standby transport node. If there is no standby node, the failed queries on standby node will not be present.", 
      "items": {
        "$ref": "PerNodeDnsFailedQueries
      }, 
      "readonly": true, 
      "required": false, 
      "title": "The array of failed DNS queries on active and standby transport node", 
      "type": "array"
    }, 
    "timestamp": {
      "description": "Timestamp of the request, in YYYY-MM-DD HH:MM:SS.zzz format.", 
      "readonly": true, 
      "required": true, 
      "title": "Timestamp of the request", 
      "type": "string"
    }
  }, 
  "title": "The array of failed DNS queries for active and standby transport node", 
  "type": "object"
}

DnsFailedQuery (type) 

{
  "description": "The summary of the failed DNS query. The query result represents a full query chain from client VM to dns forwarder, and upstream server if no forwarder cache was hit.", 
  "id": "DnsFailedQuery", 
  "module_id": "DnsForwarder", 
  "properties": {
    "address": {
      "description": "The address be queried, can be a FQDN or an ip address.", 
      "required": false, 
      "title": "The adddress be queried", 
      "type": "string"
    }, 
    "client_ip": {
      "description": "The client host ip address from which the query was issued.", 
      "required": false, 
      "title": "The client host ip address from which the query was issued", 
      "type": "string"
    }, 
    "error_message": {
      "description": "The detailed error message of the failed query, if any.", 
      "required": false, 
      "title": "The error message of the failed query", 
      "type": "string"
    }, 
    "error_type": {
      "description": "The type of the query failure, e.g. NXDOMAIN, etc.", 
      "required": false, 
      "title": "The type of the failure", 
      "type": "string"
    }, 
    "forwarder_ip": {
      "description": "The DNS forwarder ip address to which the query was first received.", 
      "required": false, 
      "title": "The DNS forwarder ip address to which the query was first received", 
      "type": "string"
    }, 
    "record_type": {
      "description": "The record type be queried, e.g. A, CNAME, SOA, etc.", 
      "required": false, 
      "title": "The record type be queried", 
      "type": "string"
    }, 
    "source_ip": {
      "description": "The source ip address that is used to forward a query to an upstream server.", 
      "required": false, 
      "title": "The source ip address for forwarding query", 
      "type": "string"
    }, 
    "time_spent": {
      "description": "The time the query took before it got a failed answer, in ms.", 
      "required": false, 
      "title": "Time spent in the query, if applicable", 
      "type": "integer"
    }, 
    "timestamp": {
      "description": "Timestamp of the request, in YYYY-MM-DD HH:MM:SS.zzz format.", 
      "required": true, 
      "title": "Timestamp of the request", 
      "type": "string"
    }, 
    "upstream_server_ip": {
      "description": "The upstream server ip address to which the query was forwarded. If the query could not be serviced from the DNS forwarder cache, this property will contain the IP address of the DNS server that serviced the request. If the request was serviced from the cache, this property will be absent.", 
      "required": false, 
      "title": "The ip address to which the query was forwarded", 
      "type": "string"
    }
  }, 
  "title": "The failed DNS query", 
  "type": "object"
}

DnsFailedQueryRequestParameters (type) 

{
  "description": "To specify how many failed DNS queries will be returned.", 
  "id": "DnsFailedQueryRequestParameters", 
  "module_id": "DnsForwarder", 
  "properties": {
    "count": {
      "default": 100, 
      "description": "How many failed DNS queries should be returned.", 
      "maximum": 1000, 
      "minimum": 1, 
      "required": false, 
      "title": "The count of the failed DNS queries", 
      "type": "integer"
    }
  }, 
  "title": "The request parameters to get failed DNS queries", 
  "type": "object"
}

DnsForwarder (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "DnsForwarder", 
  "module_id": "DnsForwarder", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "cache_size": {
      "default": 1024, 
      "description": "One DNS answer cache entry will consume ~120 bytes. Hence 1 KB cache size can cache ~8 DNS answer entries, and the default 1024 KB cache size can hold ~8k DNS answer entries.", 
      "maximum": 16777216, 
      "minimum": 1, 
      "required": false, 
      "title": "Cache size in KB", 
      "type": "int"
    }, 
    "conditional_forwarders": {
      "description": "The conditional zone forwarders. During matching a zone forwarder, the DNS forwarder will use the conditional fowarder with the longest domain name that matches the query.", 
      "items": {
        "$ref": "ConditionalForwarderZone
      }, 
      "maxItems": 5, 
      "required": false, 
      "title": "Conditional zone forwarders", 
      "type": "array"
    }, 
    "default_forwarder": {
      "$ref": "ForwarderZone, 
      "description": "The default zone forwarder that catches all other domain names except those matched by conditional forwarder zone.", 
      "required": true, 
      "title": "Default zone forwarder"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "required": false, 
      "title": "Flag to enable/disable the forwarder", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "listener_ip": {
      "$ref": "IPv4Address, 
      "description": "The ip address the DNS forwarder listens on. It can be an ip address already owned by the logical-router uplink port or router-link, or a loopback port ip address. But it can not be a downlink port address. User needs to ensure the address is reachable via router or NAT from both client VMs and upstream servers. User will need to create Firewall rules if needed to allow such traffic on a Tier-1 or Tier-0.", 
      "required": true, 
      "title": "Listener ip address"
    }, 
    "log_level": {
      "default": "INFO", 
      "enum": [
        "DEBUG", 
        "INFO", 
        "WARNING", 
        "ERROR", 
        "FATAL"
      ], 
      "required": false, 
      "title": "Log level of the DNS forwarder", 
      "type": "string"
    }, 
    "logical_router_id": {
      "description": "Specify the LogicalRouter where the DnsForwarder runs. The HA mode of the hosting LogicalRouter must be Active/Standby.", 
      "required": true, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

DnsForwarderListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DnsForwarderListResult", 
  "module_id": "DnsForwarder", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "DnsForwarder
      }, 
      "required": true, 
      "title": "Paginated list of DNS forwarders", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

DnsForwarderStatistics (type) 

{
  "description": "The current statistics counters of the DNS forwarder including cache usages and query numbers per forwarders.", 
  "id": "DnsForwarderStatistics", 
  "module_id": "AggSvcDnsForwarder", 
  "properties": {
    "conditional_forwarder_statistics": {
      "items": {
        "$ref": "PerForwarderStatistics
      }, 
      "maxItems": 5, 
      "minItems": 0, 
      "readonly": true, 
      "required": false, 
      "title": "The statistics of conditional forwarders", 
      "type": "array"
    }, 
    "configured_cache_size": {
      "readonly": true, 
      "title": "The configured cache size, in kb", 
      "type": "integer"
    }, 
    "default_forwarder_statistics": {
      "$ref": "PerForwarderStatistics, 
      "readonly": true, 
      "title": "The statistics of default forwarder"
    }, 
    "error_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message, if available", 
      "type": "string"
    }, 
    "queries_answered_locally": {
      "readonly": true, 
      "title": "The totocal number of queries answered from local cache", 
      "type": "integer"
    }, 
    "queries_forwarded": {
      "readonly": true, 
      "title": "The total number of forwarded dns queries", 
      "type": "integer"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Time stamp of the current statistics, in ms"
    }, 
    "total_queries": {
      "readonly": true, 
      "title": "The total number of received dns queries", 
      "type": "integer"
    }, 
    "used_cache_statistics": {
      "items": {
        "$ref": "PerNodeUsedCacheStatistics
      }, 
      "maxItems": 2, 
      "minItems": 0, 
      "readonly": true, 
      "required": false, 
      "title": "The statistics of used cache", 
      "type": "array"
    }
  }, 
  "title": "Statistics counters of the DNS forwarder", 
  "type": "object"
}

DnsForwarderStatus (type) 

{
  "description": "The current runtime status of the DNS forwarder including the hosting transport nodes and forwarder service status.", 
  "id": "DnsForwarderStatus", 
  "module_id": "AggSvcDnsForwarder", 
  "properties": {
    "active_node": {
      "readonly": true, 
      "title": "Uuid of active transport node", 
      "type": "string"
    }, 
    "extra_message": {
      "readonly": true, 
      "required": false, 
      "title": "Extra message, if available", 
      "type": "string"
    }, 
    "standby_node": {
      "readonly": true, 
      "required": false, 
      "title": "Uuid of stand_by transport node. null if non-HA mode", 
      "type": "string"
    }, 
    "status": {
      "description": "UP means the DNS forwarder is working correctly on the active transport node and the stand-by transport node (if present). Failover will occur if either node goes down. DOWN means the DNS forwarder is down on both active transport node and standby node (if present). The DNS forwarder does not function in this situation. Error means there is some error on one or both transport node, or no status was reported from one or both transport nodes. The dns forwarder may be working (or not working). NO_BACKUP means dns forwarder is working in only one transport node, either because it is down on the standby node, or no standby is configured. An forwarder outage will occur if the active node goes down.", 
      "enum": [
        "UP", 
        "DOWN", 
        "ERROR", 
        "NO_BACKUP"
      ], 
      "readonly": true, 
      "type": "string"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Time stamp of the current status, in ms"
    }
  }, 
  "title": "The current runtime status of DNS forwarder", 
  "type": "object"
}

DnsHeader (type) 

{
  "additionalProperties": false, 
  "id": "DnsHeader", 
  "module_id": "Traceflow", 
  "properties": {
    "address": {
      "description": "This is used to define what is being asked or responded.", 
      "format": "hostname-or-ip", 
      "required": false, 
      "title": "Domain name/IP to query/response", 
      "type": "string"
    }, 
    "address_type": {
      "default": "V4", 
      "description": "This is used to specify the type of the address. V4 - The address provided is an IPv4 domain name/IP address, the Type in query or response will be A V6 - The address provided is an IPv6 domain name/IP address, the Type in query or response will be AAAA", 
      "enum": [
        "V4", 
        "V6"
      ], 
      "required": false, 
      "title": null, 
      "type": "string"
    }, 
    "message_type": {
      "default": "QUERY", 
      "enum": [
        "QUERY", 
        "RESPONSE"
      ], 
      "required": false, 
      "title": "Specifies the message type whether it is a query or a response.", 
      "type": "string"
    }
  }, 
  "type": "object"
}

DnsQueryAnswer (type) 

{
  "additionalProperties": false, 
  "id": "DnsQueryAnswer", 
  "module_id": "DnsForwarder", 
  "properties": {
    "address": {
      "description": "Can be resolved ip address.", 
      "required": false, 
      "title": "Matched ip address", 
      "type": "string"
    }, 
    "name": {
      "description": "Matched name of the given address.", 
      "required": false, 
      "title": "Matched name", 
      "type": "string"
    }, 
    "raw_string": {
      "description": "Unparsed answer string from raw_answer.", 
      "required": false, 
      "title": "Unparsed answer string", 
      "type": "string"
    }
  }, 
  "title": "Answer of nslookup", 
  "type": "object"
}

DnsSecurityProfile (type) 

{
  "additionalProperties": false, 
  "description": "Used to configure DNS security profile", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "DnsSecurityProfile", 
  "module_id": "PolicyProfile", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "ttl": {
      "default": 86400, 
      "description": "Time to live for DNS cache entry in seconds. Valid TTL values are between 3600 to 864000. However, this field accepts values between 0 through 864000. We define TTL type based on the value of TTL as follows: TTL 0 - cached entry never expires. TTL 1 to 3599 - invalid input and error is thrown TTL 3600 to 864000 - ttl is set to user input TTL field not set by user - TTL type is 'AUTO' and ttl value is set from DNS response packet.  User defined TTL value is used only when it is betweeen 3600 to 864000.", 
      "maximum": 864000, 
      "minimum": 0, 
      "required": false, 
      "title": "Time to live for DNS cache entry", 
      "type": "integer"
    }
  }, 
  "title": "DNS security profile", 
  "type": "object"
}

DnsSecurityProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "This entity will be used to establish association between DNS security profile and Group. With this entity, user can specify intent for applying DNS security profile profile to particular Group.", 
  "extends": {
    "$ref": "ProfileBindingMap
  }, 
  "id": "DnsSecurityProfileBindingMap", 
  "module_id": "PolicyFirewallDnsSecurityProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "profile_path": {
      "description": "PolicyPath of associated Profile", 
      "required": true, 
      "title": "Profile Path", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sequence_number": {
      "description": "Sequence number used to resolve conflicts betweeen two profiles applied on the same group. Lower sequence number takes higher precedence. Two binding maps applied to the same profile must have the same sequence number. User defined sequence numbers range from 1 through 100,000. System defined sequence numbers range from 100,001 through 200,000.", 
      "maximum": 100000, 
      "minimum": 1, 
      "requried": true, 
      "title": "Sequence number DNS Security Profile Binding Map", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Binding Map for DNS Security Profile", 
  "type": "object"
}

DnsSecurityProfileBindingMapListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "DnsSecurityProfileBindingMapListRequestParameters", 
  "module_id": "PolicyFirewallDnsSecurityProfileBinding", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "DNS Security Profile Binding Map List Request Parameters", 
  "type": "object"
}

DnsSecurityProfileBindingMapListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DnsSecurityProfileBindingMapListResult", 
  "module_id": "PolicyFirewallDnsSecurityProfileBinding", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "DnsSecurityProfileBindingMap
      }, 
      "requried": true, 
      "title": "DNS Security Profile Binding Map List Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of DNS Security Profile Binding Map", 
  "type": "object"
}

DnsSecurityProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DnsSecurityProfileListResult", 
  "module_id": "PolicyProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "DnsSecurityProfile
      }, 
      "required": true, 
      "title": "DnsSecurityProfile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of DnsSecurityProfile", 
  "type": "object"
}

DnsSettings (type) 

{
  "description": "Stores Azure gateway DNS settings like dns_mode and dns_list.", 
  "id": "DnsSettings", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "dns_list": {
      "description": "The is a list of nameserver ipv4 addresses that will be used by the public cloud gateway. DNS will use these nameserver(s) if the cloud_dns_mode is set to PRECONFIGURED.", 
      "items": {
        "format": "ipv4", 
        "type": "string"
      }, 
      "required": false, 
      "title": "List of nameserver(s)", 
      "type": "array"
    }, 
    "dns_mode": {
      "default": "DHCP", 
      "description": "DHCP: Obtain nameserver(s) from DHCP. PRECONFIGURED: User supplies list of nameserver(s). CLOUD: Use cloud provider DNS.", 
      "enum": [
        "DHCP", 
        "PRECONFIGURED", 
        "CLOUD"
      ], 
      "required": false, 
      "title": "DNS mode", 
      "type": "string"
    }
  }, 
  "title": "DNS settings", 
  "type": "object"
}

DnsTtlConfig (type) 

{
  "description": "Firewall to use TTL config to manage firewall cache to expire snooped FQDN entries from DNS response.", 
  "id": "DnsTtlConfig", 
  "module_id": "FirewallProfile", 
  "properties": {
    "dns_ttl_type": {
      "description": "TTL type to decide how to manage ttl.", 
      "enum": [
        "USE_TTL", 
        "AUTO", 
        "NEVER_EXPIRE"
      ], 
      "help_summary": "Use 'USE_TTL' to set custom ttl with the help of 'ttl' property.\nUse 'AUTO' to set ttl value from DNS response packet.\nUse 'NEVER_EXPIRE' to never expire cached entry.\n", 
      "required": true, 
      "title": "TTL type.", 
      "type": "string"
    }, 
    "ttl": {
      "default": 86400, 
      "description": "The number of seconds that snooped DNS responses are retained in the cache. Used only when dns_ttl_type is USE_TTL.", 
      "maximum": 864000, 
      "minimum": 3600, 
      "required": false, 
      "title": "DNS server TTL", 
      "type": "integer"
    }
  }, 
  "title": "DNS TTL config", 
  "type": "object"
}

Domain (type) 

{
  "additionalProperties": false, 
  "description": "Domain.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Domain", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Domain", 
  "type": "object"
}

DomainDeploymentMap (type) 

{
  "description": "Binding of domains to the enforcement point.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "DomainDeploymentMap", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enforcement_point_path": {
      "description": "Path of enforcement point on which domain will be deployed", 
      "required": true, 
      "title": "Absolute path of enforcement point", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Domain deployment map", 
  "type": "object"
}

DomainDeploymentMapListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "DomainDeploymentMap list request parameters", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "DomainDeploymentMapListRequestParameters", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "DomainDeploymentMap list request parameters", 
  "type": "object"
}

DomainDeploymentMapListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paged Collection of Domain Deployment map", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DomainDeploymentMapListResult", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "DomainDeploymentMap
      }, 
      "required": true, 
      "title": "Domain Deployment Map", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Domain Deployment map", 
  "type": "object"
}

DomainListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "DomainListRequestParameters", 
  "module_id": "Policy", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Domain list request parameters", 
  "type": "object"
}

DomainListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "DomainListResult", 
  "module_id": "Policy", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Domain
      }, 
      "required": true, 
      "title": "Domain list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Domains", 
  "type": "object"
}

DonutConfiguration (type) 

{
  "additionalProperties": false, 
  "description": "Represents configuration of a Donut", 
  "extends": {
    "$ref": "WidgetConfiguration
  }, 
  "id": "DonutConfiguration", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "polymorphic-type-descriptor": {
    "type-identifier": "DonutConfiguration"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "datasources": {
      "description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.", 
      "items": {
        "$ref": "Datasource
      }, 
      "minItems": 0, 
      "title": "Array of Datasource Instances with their relative urls", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_count": {
      "default": true, 
      "description": "If true, displays the count of entities in the donut", 
      "title": "Show or hide the count of entities", 
      "type": "boolean"
    }, 
    "display_name": {
      "description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.", 
      "maxLength": 255, 
      "title": "Widget Title", 
      "type": "string"
    }, 
    "drilldown_id": {
      "description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.", 
      "maxLength": 255, 
      "title": "Id of drilldown widget", 
      "type": "string"
    }, 
    "footer": {
      "$ref": "Footer
    }, 
    "icons": {
      "description": "Icons to be applied at dashboard for widgets and UI elements.", 
      "items": {
        "$ref": "Icon
      }, 
      "title": "Icons", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_drilldown": {
      "default": false, 
      "description": "Set to true if this widget should be used as a drilldown.", 
      "title": "Set as a drilldown widget", 
      "type": "boolean"
    }, 
    "label": {
      "$ref": "Label, 
      "description": "Displayed at the middle of the donut, by default. It labels the entities of donut.", 
      "title": "Label of the Donut Configuration"
    }, 
    "legend": {
      "$ref": "Legend, 
      "description": "Legend to be displayed. If legend is not needed, do not include it.", 
      "title": "Legend for the widget"
    }, 
    "navigation": {
      "description": "Hyperlink of the specified UI page that provides details.", 
      "maxLength": 1024, 
      "title": "Navigation to a specified UI page", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration and ContainerConfiguration.", 
      "enum": [
        "LabelValueConfiguration", 
        "DonutConfiguration", 
        "MultiWidgetConfiguration", 
        "ContainerConfiguration", 
        "StatsConfiguration", 
        "GridConfiguration", 
        "GraphConfiguration"
      ], 
      "maxLength": 255, 
      "readonly": true, 
      "required": true, 
      "title": "Widget visualization type", 
      "type": "string"
    }, 
    "sections": {
      "decription": "High level logical grouping of portions or segments of donut.", 
      "items": {
        "$ref": "DonutSection
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Sections", 
      "type": "array"
    }, 
    "shared": {
      "deprecated": true, 
      "description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.", 
      "title": "Visiblity of widgets to other users", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "weight": {
      "deprecated": true, 
      "description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.", 
      "title": "Weightage or placement of the widget or container", 
      "type": "int"
    }
  }, 
  "title": "Donut Configuration", 
  "type": "object"
}

DonutPart (type) 

{
  "additionalProperties": false, 
  "description": "Represents an entity or portion to be plotted on a donut or stats chart.", 
  "id": "DonutPart", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "drilldown_id": {
      "description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.", 
      "title": "Id of drilldown widget", 
      "type": "string"
    }, 
    "field": {
      "description": "A numerical value that represents the portion or entity of the donut or stats chart.", 
      "maxLength": 1024, 
      "required": true, 
      "title": "Value of the portion or entity of donut or stats chart", 
      "type": "string"
    }, 
    "label": {
      "$ref": "Label, 
      "description": "If a section 'template' holds this donut or stats part, then the label is auto-generated from the fetched field values after applying the template.", 
      "title": "Label of the portion or entity of donut or stats chart"
    }, 
    "navigation": {
      "description": "Hyperlink of the specified UI page that provides details. If drilldown_id is provided, then navigation cannot be used.", 
      "title": "Navigation to a specified UI page", 
      "type": "string"
    }, 
    "render_configuration": {
      "description": "Additional rendering or conditional evaluation of the field values to be performed, if any.", 
      "items": {
        "$ref": "RenderConfiguration
      }, 
      "minItems": 0, 
      "title": "Render Configuration", 
      "type": "array"
    }, 
    "tooltip": {
      "description": "Multi-line text to be shown on tooltip while hovering over the portion.", 
      "items": {
        "$ref": "Tooltip
      }, 
      "minItems": 0, 
      "title": "Multi-line tooltip", 
      "type": "array"
    }
  }, 
  "title": "Portion of a donut or stats chart", 
  "type": "object"
}

DonutSection (type) 

{
  "additionalProperties": false, 
  "description": "Represents high level logical grouping of portions or segments of a donut / stats chart.", 
  "id": "DonutSection", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "parts": {
      "description": "Array of portions or parts of the donut or stats chart.", 
      "items": {
        "$ref": "DonutPart
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Parts of a donut / stats chart", 
      "type": "array"
    }, 
    "row_list_field": {
      "description": "Field of the root of the api result set for forming parts.", 
      "maxLength": 1024, 
      "title": "Field from which parts of the donut or stats chart are formed", 
      "type": "string"
    }, 
    "template": {
      "default": false, 
      "description": "If true, the section will be appled as template for forming parts. Only one part will be formed from each element of 'row_list_field'.", 
      "title": "Template, if any, for automatically forming the donut or stats parts", 
      "type": "boolean"
    }
  }, 
  "title": "Section of a donut or stats chart", 
  "type": "object"
}

Dscp (type) 

{
  "description": "Dscp value is ignored in case of 'TRUSTED' DscpMode.", 
  "id": "Dscp", 
  "module_id": "QosSwitchingProfile", 
  "properties": {
    "mode": {
      "$ref": "DscpMode
    }, 
    "priority": {
      "default": 0, 
      "maximum": 63, 
      "minimum": 0, 
      "title": "Internal Forwarding Priority", 
      "type": "int"
    }
  }, 
  "required": true, 
  "title": "One of Quality-of-Service or Encapsulated-Remote-Switched-Port-Analyzer", 
  "type": "object"
}

DscpMode (type) 

{
  "default": "TRUSTED", 
  "enum": [
    "TRUSTED", 
    "UNTRUSTED"
  ], 
  "id": "DscpMode", 
  "module_id": "QosSwitchingProfile", 
  "title": "Trust settings", 
  "type": "string"
}

DscpTrustMode (type) 

{
  "default": "TRUSTED", 
  "description": "When you select the Trusted mode the inner header DSCP value is applied to the outer IP header for IP/IPv6 traffic. For non IP/IPv6 traffic, the outer IP header takes the default value.Untrusted mode is supported on overlay-based and VLAN-based logical port.", 
  "enum": [
    "TRUSTED", 
    "UNTRUSTED"
  ], 
  "id": "DscpTrustMode", 
  "module_id": "PolicyQoS", 
  "title": "Trust settings", 
  "type": "string"
}

DuplicateAddressBindingEntry (type) 

{
  "extends": {
    "$ref": "AddressBindingEntry
  }, 
  "id": "DuplicateAddressBindingEntry", 
  "module_id": "LogicalPort", 
  "properties": {
    "binding": {
      "$ref": "PacketAddressClassifier, 
      "title": "Combination of IP-MAC-VLAN binding"
    }, 
    "binding_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp at which the binding was discovered via snooping or manually specified by the user", 
      "title": "Timestamp of binding"
    }, 
    "conflicting_port": {
      "description": "Provides the ID of the port on which the same address bidning exists", 
      "required": false, 
      "title": "ID of logical port with the same address binding", 
      "type": "string"
    }, 
    "source": {
      "$ref": "AddressBindingSource, 
      "default": "UNKNOWN", 
      "description": "Source from which the address binding entry was obtained", 
      "title": "Address binding source"
    }
  }, 
  "title": "Duplicate address binding information", 
  "type": "object"
}

DuplicateIPDetection (type) 

{
  "id": "DuplicateIPDetection", 
  "module_id": "IpDiscoverySwitchingProfile", 
  "properties": {
    "duplicate_ip_detection_enabled": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Indicates whether duplicate IP detection should be enabled", 
      "type": "boolean"
    }
  }, 
  "title": "Duplicate IP detection and control", 
  "type": "object"
}

DuplicateIPDetectionOptions (type) 

{
  "additionalProperties": false, 
  "description": "Contains dupliacte IP detection related discovery options.", 
  "id": "DuplicateIPDetectionOptions", 
  "module_id": "PolicyIpDiscovery", 
  "properties": {
    "duplicate_ip_detection_enabled": {
      "default": false, 
      "description": "Indicates whether duplicate IP detection should be enabled", 
      "required": false, 
      "title": "Duplicate IP detection", 
      "type": "boolean"
    }
  }, 
  "title": "Controls duplicate IP detection options", 
  "type": "object"
}

EPActionForDnsForwarderRequestParameters (type) 

{
  "id": "EPActionForDnsForwarderRequestParameters", 
  "module_id": "PolicyDnsForwarder", 
  "properties": {
    "action": {
      "description": "The valid DNS forwarder actions to be performed on EP are, - clear_cache:       Clear the current cache of the dns forwarder from       specified enforcement point.", 
      "enum": [
        "clear_cache"
      ], 
      "required": true, 
      "title": "An action to be performed for DNS forwarder on EP", 
      "type": "string"
    }, 
    "enforcement_point_path": {
      "default": "/infra/sites/default/enforcement-points/default", 
      "description": "An enforcement point path, on which the action is to be performed. If not specified, default enforcement point path, /infra/sites/default/enforcement-points/default will be considered.", 
      "required": false, 
      "title": "An enforcement point path, on which the action is to be performed", 
      "type": "string"
    }
  }, 
  "type": "object"
}

EULAAcceptance (type) 

{
  "additionalProperties": false, 
  "description": "Indicate the status of End User License Agreement acceptance", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "EULAAcceptance", 
  "module_id": "EULA", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "acceptance": {
      "description": "Acceptance status of End User License Agreement", 
      "required": true, 
      "title": "End User License Agreement acceptance status", 
      "type": "boolean"
    }
  }, 
  "title": "EULA acceptance status", 
  "type": "object"
}

EULAContent (type) 

{
  "additionalProperties": false, 
  "description": "End User License Agreement content", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "EULAContent", 
  "module_id": "EULA", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "content": {
      "description": "Content of End User License Agreement", 
      "required": true, 
      "sensitive": true, 
      "title": "End User License Agreement content", 
      "type": "string"
    }
  }, 
  "title": "EULA content", 
  "type": "object"
}

EULAOutputFormatRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Indicate output format of End User License Agreement content", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "EULAOutputFormatRequestParameters", 
  "module_id": "EULA", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "value_format": {
      "title": "End User License Agreement content output format", 
      "type": "string"
    }
  }, 
  "type": "object"
}

EdgeCluster (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "EdgeCluster", 
  "module_id": "EdgeClusters", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "allocation_rules": {
      "description": "Set of allocation rules and respected action for auto placement of logical router, DHCP and MDProxy on edge cluster members.", 
      "items": {
        "$ref": "AllocationRule
      }, 
      "required": false, 
      "title": "Allocation rules for auto placement", 
      "type": "array"
    }, 
    "cluster_profile_bindings": {
      "items": {
        "$ref": "ClusterProfileTypeIdEntry
      }, 
      "required": false, 
      "title": "Edge cluster profile bindings", 
      "type": "array"
    }, 
    "deployment_type": {
      "$ref": "EdgeDeploymentType, 
      "description": "This field is a readonly field which shows the deployment_type of members. It returns UNKNOWN if there are no members, and returns VIRTUAL_MACHINE| PHYSICAL_MACHINE if all edge members are VIRTUAL_MACHINE|PHYSICAL_MACHINE. It returns HYBRID if the cluster contains edge members of both types VIRTUAL_MACHINE and PHYSICAL_MACHINE.", 
      "readonly": true, 
      "required": false, 
      "title": "Edge cluster deployment type"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "member_node_type": {
      "$ref": "EdgeClusterNodeType, 
      "description": "Edge cluster is homogenous collection of transport nodes. Hence all transport nodes of the cluster must be of same type. This readonly field shows the type of transport nodes.", 
      "readonly": true, 
      "required": false, 
      "title": "Node type of the cluster members"
    }, 
    "members": {
      "description": "EdgeCluster only supports homogeneous members. These member should be backed by either EdgeNode or PublicCloudGatewayNode. TransportNode type of these nodes should be the same. DeploymentType (VIRTUAL_MACHINE|PHYSICAL_MACHINE) of these EdgeNodes is recommended to be the same. EdgeCluster supports members of different deployment types.", 
      "items": {
        "$ref": "EdgeClusterMember
      }, 
      "required": false, 
      "title": "Edge cluster members", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

EdgeClusterAllocationStatus (type) 

{
  "additionalProperties": false, 
  "description": "Allocation details of cluster and its members. Contains information of the edge nodes present in cluster, active and standby services of each node, utilization details of configured sub-pools. These allocation details can be monitored by customers to trigger migration of certain service contexts to different edge nodes, to balance the utilization of edge node resources.", 
  "id": "EdgeClusterAllocationStatus", 
  "module_id": "EdgeClusters", 
  "properties": {
    "display_name": {
      "readonly": true, 
      "title": "Display name of the edge cluster", 
      "type": "string"
    }, 
    "id": {
      "description": "System allotted UUID of edge cluster.", 
      "readonly": true, 
      "title": "Unique identifier of edge cluster", 
      "type": "string"
    }, 
    "member_count": {
      "description": "Represents the number of edge nodes in the cluster.", 
      "readonly": true, 
      "title": "Count of edge nodes present in the cluster", 
      "type": "int"
    }, 
    "members": {
      "description": "Allocation details of edge nodes present in the cluster.", 
      "items": {
        "$ref": "EdgeMemberAllocationStatus
      }, 
      "readonly": true, 
      "title": "Allocation Status of edge nodes", 
      "type": "array"
    }
  }, 
  "title": "Allocationd details of edge cluster", 
  "type": "object"
}

EdgeClusterListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "EdgeClusterListResult", 
  "module_id": "EdgeClusters", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "EdgeCluster
      }, 
      "required": true, 
      "title": "Edge cluster list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

EdgeClusterMember (type) 

{
  "additionalProperties": false, 
  "id": "EdgeClusterMember", 
  "module_id": "EdgeClusters", 
  "properties": {
    "description": {
      "description": "description of edge cluster member", 
      "required": false, 
      "title": "description of edge cluster member", 
      "type": "string"
    }, 
    "display_name": {
      "description": "display name of edge cluster member", 
      "required": false, 
      "title": "display name of edge cluster member", 
      "type": "string"
    }, 
    "member_index": {
      "description": "System generated index for cluster member", 
      "readonly": true, 
      "required": false, 
      "title": "System generated index for cluster member", 
      "type": "int"
    }, 
    "transport_node_id": {
      "description": "Identifier of the transport node backed by an Edge node", 
      "required": true, 
      "title": "UUID of edge transport node", 
      "type": "string"
    }
  }, 
  "type": "object"
}

EdgeClusterMemberAllocationPool (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "id": "EdgeClusterMemberAllocationPool", 
  "module_id": "LogicalRouter", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "allocation_pool_type"
  }, 
  "properties": {
    "allocation_pool_type": {
      "$ref": "AllocationPoolType, 
      "required": true
    }
  }, 
  "type": "object"
}

EdgeClusterMemberAllocationProfile (type) 

{
  "additionalProperties": false, 
  "id": "EdgeClusterMemberAllocationProfile", 
  "module_id": "LogicalRouter", 
  "properties": {
    "allocation_pool": {
      "$ref": "EdgeClusterMemberAllocationPool, 
      "description": "Logical router allocation can be tracked for specific services and services may have their own hard limits and allocation sizes. For example load balancer pool should be specified if load balancer service will be attached to logical router.", 
      "required": false, 
      "title": "Edge Cluster Member Allocation Pool for logical router"
    }, 
    "enable_standby_relocation": {
      "default": false, 
      "description": "Flag to enable the auto-relocation of standby service router running on edge cluster and node associated with the logical router. Only dynamically allocated tier1 logical routers are considered for the relocation.", 
      "required": false, 
      "title": "Flag to enable standby service router relocation", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

EdgeClusterMemberStatus (type) 

{
  "id": "EdgeClusterMemberStatus", 
  "module_id": "AggSvcEdgeCluster", 
  "properties": {
    "status": {
      "enum": [
        "UP", 
        "DOWN", 
        "ADMIN_DOWN", 
        "PARTIALLY_DISCONNECTED", 
        "UNKNOWN"
      ], 
      "required": true, 
      "title": "Status of an edge node", 
      "type": "string"
    }, 
    "transport_node": {
      "$ref": "ResourceReference, 
      "description": "Transport node backed by an Edge node.", 
      "required": true, 
      "title": "UUID of edge transport node"
    }
  }, 
  "type": "object"
}

EdgeClusterMemberTransportNode (type) 

{
  "additionalProperties": false, 
  "id": "EdgeClusterMemberTransportNode", 
  "module_id": "EdgeClusters", 
  "properties": {
    "member_index": {
      "description": "System generated index for cluster member", 
      "required": true, 
      "title": "System generated index for cluster member", 
      "type": "int"
    }, 
    "transport_node_id": {
      "description": "Identifier of the transport node backed by an Edge node", 
      "required": true, 
      "title": "UUID of edge transport node", 
      "type": "string"
    }
  }, 
  "type": "object"
}

EdgeClusterNodeType (type) 

{
  "enum": [
    "EDGE_NODE", 
    "PUBLIC_CLOUD_GATEWAY_NODE", 
    "UNKNOWN"
  ], 
  "id": "EdgeClusterNodeType", 
  "module_id": "EdgeCommonTypes", 
  "title": "Supported edge cluster node type.", 
  "type": "string"
}

EdgeClusterState (type) 

{
  "extends": {
    "$ref": "ConfigurationState
  }, 
  "id": "EdgeClusterState", 
  "module_id": "EdgeClusters", 
  "properties": {
    "details": {
      "items": {
        "$ref": "ConfigurationStateElement
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Array of configuration state of various sub systems", 
      "type": "array"
    }, 
    "failure_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code", 
      "type": "integer"
    }, 
    "failure_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message in case of failure", 
      "type": "string"
    }, 
    "state": {
      "description": "Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.", 
      "enum": [
        "pending", 
        "in_progress", 
        "success", 
        "failed", 
        "partial_success", 
        "orphaned", 
        "unknown", 
        "error", 
        "NOT_AVAILABLE", 
        "VM_DEPLOYMENT_QUEUED", 
        "VM_DEPLOYMENT_IN_PROGRESS", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_IN_PROGRESS", 
        "VM_POWER_ON_FAILED", 
        "REGISTRATION_PENDING", 
        "NODE_NOT_READY", 
        "NODE_READY", 
        "VM_POWER_OFF_IN_PROGRESS", 
        "VM_POWER_OFF_FAILED", 
        "VM_UNDEPLOY_IN_PROGRESS", 
        "VM_UNDEPLOY_FAILED", 
        "VM_UNDEPLOY_SUCCESSFUL", 
        "EDGE_CONFIG_ERROR", 
        "VM_DEPLOYMENT_RESTARTED", 
        "REGISTRATION_FAILED", 
        "TRANSPORT_NODE_SYNC_PENDING", 
        "TRANSPORT_NODE_CONFIGURATION_MISSING", 
        "EDGE_HARDWARE_NOT_SUPPORTED", 
        "MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED", 
        "TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER", 
        "TZ_ENDPOINTS_NOT_SPECIFIED", 
        "NO_PNIC_PREPARED_IN_EDGE", 
        "APPLIANCE_INTERNAL_ERROR", 
        "VTEP_DHCP_NOT_SUPPORTED", 
        "UNSUPPORTED_HOST_SWITCH_PROFILE", 
        "UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED", 
        "HOSTSWITCH_PROFILE_NOT_FOUND", 
        "LLDP_SEND_ENABLED_NOT_SUPPORTED", 
        "UNSUPPORTED_NAMED_TEAMING_POLICY", 
        "LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM", 
        "LACP_NOT_SUPPORTED_FOR_EDGE_VM", 
        "STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM", 
        "MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE", 
        "UNSUPPORTED_LACP_LB_ALGO_FOR_NODE", 
        "EDGE_NODE_VERSION_NOT_SUPPORTED", 
        "NO_PNIC_SPECIFIED_IN_TN", 
        "INVALID_PNIC_DEVICE_NAME", 
        "TRANSPORT_NODE_READY", 
        "VM_NETWORK_EDIT_PENDING", 
        "UNSUPPORTED_DEFAULT_TEAMING_POLICY", 
        "MPA_DISCONNECTED", 
        "VM_RENAME_PENDING", 
        "VM_CONFIG_EDIT_PENDING", 
        "VM_NETWORK_EDIT_FAILED", 
        "VM_RENAME_FAILED", 
        "VM_CONFIG_EDIT_FAILED", 
        "VM_CONFIG_DISCREPANCY", 
        "VM_NODE_REFRESH_FAILED", 
        "VM_PLACEMENT_REFRESH_FAILED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Overall state of desired configuration", 
      "type": "string"
    }
  }, 
  "type": "object"
}

EdgeClusterStatus (type) 

{
  "id": "EdgeClusterStatus", 
  "module_id": "AggSvcEdgeCluster", 
  "properties": {
    "edge_cluster_id": {
      "description": "Id of the edge cluster whose status is being reported", 
      "required": true, 
      "title": "Edge cluster id", 
      "type": "string"
    }, 
    "edge_cluster_status": {
      "enum": [
        "UP", 
        "DOWN", 
        "DEGRADED", 
        "UNKNOWN"
      ], 
      "required": true, 
      "title": "Status of an edge node", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the cluster status was last updated", 
      "readonly": true, 
      "required": true, 
      "title": "Last updated timestamp"
    }, 
    "member_status": {
      "additionalProperties": false, 
      "items": {
        "$ref": "EdgeClusterMemberStatus
      }, 
      "readonly": true, 
      "title": "Per Edge Node Status", 
      "type": "array"
    }
  }, 
  "type": "object"
}

EdgeDeploymentType (type) 

{
  "enum": [
    "VIRTUAL_MACHINE", 
    "PHYSICAL_MACHINE", 
    "UNKNOWN"
  ], 
  "id": "EdgeDeploymentType", 
  "module_id": "EdgeCommonTypes", 
  "title": "Supported edge deployment type.", 
  "type": "string"
}

EdgeFormFactor (type) 

{
  "enum": [
    "SMALL", 
    "MEDIUM", 
    "LARGE"
  ], 
  "id": "EdgeFormFactor", 
  "module_id": "EdgeCommonTypes", 
  "title": "Supported edge form factor.", 
  "type": "string"
}

EdgeHighAvailabilityProfile (type) 

{
  "extends": {
    "$ref": "ClusterProfile
  }, 
  "id": "EdgeHighAvailabilityProfile", 
  "module_id": "EdgeHighAvailabilityProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "EdgeHighAvailabilityProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "bfd_allowed_hops": {
      "default": 255, 
      "maximum": 255, 
      "minimum": 1, 
      "required": false, 
      "title": "BFD allowed hops", 
      "type": "integer"
    }, 
    "bfd_declare_dead_multiple": {
      "default": 3, 
      "maximum": 16, 
      "minimum": 2, 
      "required": false, 
      "title": "Number of times a packet is missed before BFD declares the neighbor down.", 
      "type": "integer"
    }, 
    "bfd_probe_interval": {
      "default": 1000, 
      "maximum": 60000, 
      "minimum": 300, 
      "required": false, 
      "title": "the time interval (in millisec) between probe packets for heartbeat purpose", 
      "type": "integer"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "ClusterProfileType, 
      "help_summary": "The cluster profile type.", 
      "required": true
    }, 
    "standby_relocation_config": {
      "$ref": "StandbyRelocationConfig, 
      "required": false, 
      "title": "Standby service contexts relocation setting"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Profile for BFD HA cluster setting", 
  "type": "object"
}

EdgeMemberAllocationStatus (type) 

{
  "additionalProperties": false, 
  "id": "EdgeMemberAllocationStatus", 
  "module_id": "EdgeClusters", 
  "properties": {
    "allocated_services": {
      "description": "List of services allocated on the edge node.", 
      "items": {
        "$ref": "AllocatedService
      }, 
      "readonly": true, 
      "title": "Services allocated on edge node", 
      "type": "array"
    }, 
    "allocation_pools": {
      "description": "Allocation details of pools defined on the edge node.", 
      "items": {
        "$ref": "AllocationPool
      }, 
      "readonly": true, 
      "title": "Pool Allocation details", 
      "type": "array"
    }, 
    "member_index": {
      "description": "System generated index for transport node backed by edge node.", 
      "readonly": true, 
      "title": "System generated index for cluster member", 
      "type": "int"
    }, 
    "node_display_name": {
      "description": "Display name of edge cluster member. Defaults to ID if not set.", 
      "readonly": true, 
      "title": "Identifier to use when displaying cluster member in logs or GUI", 
      "type": "string"
    }, 
    "node_id": {
      "description": "System allotted UUID of edge node.", 
      "readonly": true, 
      "title": "Unique identifier of edge node", 
      "type": "string"
    }
  }, 
  "type": "object"
}

EdgeNode (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Node
  }, 
  "id": "EdgeNode", 
  "module_id": "FabricNode", 
  "polymorphic-type-descriptor": {
    "type-identifier": "EdgeNode"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "allocation_list": {
      "description": "List of logical router ids to which this edge node is allocated.", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Allocation list", 
      "type": "array"
    }, 
    "deployment_config": {
      "$ref": "EdgeNodeDeploymentConfig, 
      "description": "When this configuration is specified, edge fabric node of deployment_type VIRTUAL_MACHINE will be deployed and registered with MP.", 
      "required": false, 
      "title": "Config for automatic deployment of edge node virtual machine."
    }, 
    "deployment_type": {
      "$ref": "EdgeDeploymentType, 
      "readonly": true, 
      "required": false
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "discovered_ip_addresses": {
      "items": {
        "$ref": "IPAddress
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Discovered IP Addresses of the fabric node, version 4 or 6", 
      "type": "array"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "required": false, 
      "title": "ID of the Node maintained on the Node and used to recognize the Node", 
      "type": "string"
    }, 
    "fqdn": {
      "readonly": true, 
      "required": false, 
      "title": "Fully qualified domain name of the fabric node", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_addresses": {
      "description": "IP Addresses of the Node, version 4 or 6. This property is mandatory for all nodes except for automatic deployment of edge virtual machine node. For automatic deployment, the ip address from management_port_subnets property will be considered.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "required": false, 
      "title": "IP Addresses of the Node, version 4 or 6", 
      "type": "array"
    }, 
    "node_settings": {
      "$ref": "EdgeNodeSettings, 
      "description": "Reports the current configuration of the SSH, DHS, NTP and host name on this edge node. The deployment_config property is used during deployment and this counterpart property shows current values.", 
      "required": false, 
      "title": "Current configuration on edge node."
    }, 
    "resource_type": {
      "help_summary": "Possible values are 'HostNode', 'EdgeNode', 'PublicCloudGatewayNode'", 
      "required": true, 
      "title": "Fabric node type, for example 'HostNode', 'EdgeNode' or 'PublicCloudGatewayNode'", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

EdgeNodeDeploymentConfig (type) 

{
  "additionalProperties": false, 
  "id": "EdgeNodeDeploymentConfig", 
  "module_id": "FabricNode", 
  "properties": {
    "form_factor": {
      "$ref": "EdgeFormFactor, 
      "default": "MEDIUM", 
      "required": false
    }, 
    "node_user_settings": {
      "$ref": "NodeUserSettings, 
      "description": "Username and password settings for the node. Note - these settings will be honored only during node deployment. Post deployment, CLI must be used for changing the user settings, changes to these parameters will not have any effect.", 
      "required": true, 
      "title": "Node user settings"
    }, 
    "vm_deployment_config": {
      "$ref": "DeploymentConfig, 
      "required": true
    }
  }, 
  "type": "object"
}

EdgeNodeSettings (type) 

{
  "additionalProperties": false, 
  "description": "The settings are used during deployment and consequent update of an edge, unless indicated otherwise. The settings are preferred over the deprecated settings in VsphereDeploymentConfig. The settings reflect the current configuraton on an edge node. If the settings lag with actual state on the edge, these may be refreshed at NSX Manager using API POST api/v1/transport-nodes /&lt;transport-node-id&gt;?action=refresh_node_configuration&resource_type= EdgeNode", 
  "id": "EdgeNodeSettings", 
  "module_id": "FabricNode", 
  "properties": {
    "allow_ssh_root_login": {
      "default": false, 
      "description": "Allowing root SSH logins is not recommended for security reasons. Edit of this property is not supported when updating transport node. Use the CLI to change this property.", 
      "required": false, 
      "title": "Allow root SSH logins.", 
      "type": "boolean"
    }, 
    "dns_servers": {
      "description": "List of DNS servers.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "required": false, 
      "title": "DNS servers.", 
      "type": "array"
    }, 
    "enable_ssh": {
      "default": false, 
      "description": "Enabling SSH service is not recommended for security reasons.", 
      "required": false, 
      "title": "Enable SSH.", 
      "type": "boolean"
    }, 
    "hostname": {
      "pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*?$", 
      "required": false, 
      "title": "Host name or FQDN for edge node.", 
      "type": "string"
    }, 
    "ntp_servers": {
      "description": "List of NTP servers.", 
      "items": {
        "$ref": "HostnameOrIPv4Address
      }, 
      "required": false, 
      "title": "NTP servers.", 
      "type": "array"
    }, 
    "search_domains": {
      "description": "List of domain names that are used to complete unqualified host names.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Search domain names.", 
      "type": "array"
    }
  }, 
  "type": "object"
}

EdgeUpgradeStatus (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ComponentUpgradeStatus
  }, 
  "id": "EdgeUpgradeStatus", 
  "module_id": "Upgrade", 
  "properties": {
    "can_skip": {
      "readonly": true, 
      "required": false, 
      "title": "Can the upgrade of the remaining units in this component be skipped", 
      "type": "boolean"
    }, 
    "component_type": {
      "readonly": true, 
      "required": false, 
      "title": "Component type for the upgrade status", 
      "type": "string"
    }, 
    "current_version_node_summary": {
      "$ref": "NodeSummaryList, 
      "readonly": true, 
      "required": false, 
      "title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
    }, 
    "details": {
      "readonly": true, 
      "required": false, 
      "title": "Details about the upgrade status", 
      "type": "string"
    }, 
    "node_count_at_target_version": {
      "description": "Number of nodes of the type and at the component version", 
      "readonly": true, 
      "required": false, 
      "title": "Count of nodes at target component vrin", 
      "type": "int"
    }, 
    "percent_complete": {
      "readonly": true, 
      "required": true, 
      "title": "Indicator of upgrade progress in percentage", 
      "type": "number"
    }, 
    "pre_upgrade_status": {
      "$ref": "UpgradeChecksExecutionStatus, 
      "readonly": true, 
      "required": false, 
      "title": "Pre-upgrade status of the component-type"
    }, 
    "status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSING", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Upgrade status of component", 
      "type": "string"
    }, 
    "target_component_version": {
      "readonly": true, 
      "required": false, 
      "title": "Target component version", 
      "type": "string"
    }
  }, 
  "title": "Status of edge upgrade", 
  "type": "object"
}

EffectiveIPAddressMemberListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "EffectiveIPAddressMemberListResult", 
  "module_id": "NSGroup", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPElement
      }, 
      "required": true, 
      "title": "Paged Collection of effective ip addresses for the given NSGroup", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

EffectiveMemberResourceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "EffectiveMemberResourceListResult", 
  "module_id": "NSGroup", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ResourceReference, 
        "title": "effective members resource list results"
      }, 
      "required": true, 
      "title": "Paged Collection of resources which are the effective members of an NSGroup.", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

EffectiveMemberTypeListResult (type) 

{
  "additionalProperties": false, 
  "id": "EffectiveMemberTypeListResult", 
  "module_id": "NSGroup", 
  "properties": {
    "result_count": {
      "readonly": true, 
      "required": true, 
      "title": "Count of the member types in the results array", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NSGroupValidResourceType
      }, 
      "required": true, 
      "title": "Collection of member types for the given NSGroup", 
      "type": "array"
    }
  }, 
  "type": "object"
}

EffectiveProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "EffectiveProfileListResult", 
  "module_id": "ServiceConfig", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NSXProfileReference
      }, 
      "required": true, 
      "title": "Paged Collection of profiles which are applied to an Entity", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

EffectiveProfileRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "EffectiveProfileRequestParameters", 
  "module_id": "ServiceConfig", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "resource_id": {
      "required": true, 
      "title": "The resource for which the effective profiles are to be fetched", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "EffectiveProfileResourceType, 
      "required": true, 
      "title": "Type of the resource for which effective profiles are to be fetched"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

EffectiveProfileResourceType (type) 

{
  "description": "This enum defines the valid Resource types to be used in effective profiles API", 
  "enum": [
    "NSGroup", 
    "LogicalPort", 
    "VirtualMachine", 
    "TransportNode", 
    "LogicalRouter"
  ], 
  "id": "EffectiveProfileResourceType", 
  "module_id": "ServiceConfig", 
  "title": "Valid Resource type in effective profiles API", 
  "type": "string"
}

EgressRateLimiter (type) 

{
  "extends": {
    "$ref": "QoSBaseRateLimiter
  }, 
  "id": "EgressRateLimiter", 
  "module_id": "PolicyQoS", 
  "polymorphic-type-descriptor": {
    "type-identifier": "EgressRateLimiter"
  }, 
  "properties": {
    "average_bandwidth": {
      "default": 0, 
      "descrption": "Set custom average_bandwidth for the inbound network traffic\nfrom the VM to the logical network based on broadcast.\n", 
      "minimum": 0, 
      "title": "Average bandwidth in Mb/s", 
      "type": "int"
    }, 
    "burst_size": {
      "default": 0, 
      "descrption": "Set custom burst_size for the inbound network traffic\nfrom the VM to the logical network based on broadcast.\n", 
      "minimum": 0, 
      "title": "Burst size in bytes", 
      "type": "int"
    }, 
    "enabled": {
      "required": true, 
      "type": "boolean"
    }, 
    "peak_bandwidth": {
      "default": 0, 
      "descrption": "Set custom peak_bandwidth for the inbound network traffic\nfrom the VM to the logical network based on broadcast.\n", 
      "minimum": 0, 
      "title": "Peak bandwidth in Mb/s", 
      "type": "int"
    }, 
    "resource_type": {
      "default": "IngressRateLimiter", 
      "description": "Type rate limiter", 
      "enum": [
        "IngressRateLimiter", 
        "IngressBroadcastRateLimiter", 
        "EgressRateLimiter"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "A shaper that specifies egress rate properties in Mb/s", 
  "type": "object"
}

EgressRateShaper (type) 

{
  "extends": {
    "$ref": "QosBaseRateShaper
  }, 
  "id": "EgressRateShaper", 
  "module_id": "QosSwitchingProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "EgressRateShaper"
  }, 
  "properties": {
    "average_bandwidth_mbps": {
      "default": 0, 
      "minimum": 0, 
      "title": "Average bandwidth in Mb/s", 
      "type": "int"
    }, 
    "burst_size_bytes": {
      "default": 0, 
      "minimum": 0, 
      "title": "Burst size in bytes", 
      "type": "int"
    }, 
    "enabled": {
      "required": true, 
      "type": "boolean"
    }, 
    "peak_bandwidth_mbps": {
      "default": 0, 
      "minimum": 0, 
      "title": "Peak bandwidth in Mb/s", 
      "type": "int"
    }, 
    "resource_type": {
      "default": "IngressRateShaper", 
      "enum": [
        "IngressRateShaper", 
        "IngressBroadcastRateShaper", 
        "EgressRateShaper"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "A shaper that specifies egress rate properties in Mb/s", 
  "type": "object"
}

EmbeddedResource (type) 

{
  "abstract": true, 
  "extends": {
    "$ref": "RevisionedResource
  }, 
  "id": "EmbeddedResource", 
  "module_id": "Common", 
  "polymorphic-type-descriptor": {
    "property-name": "resource_type"
  }, 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_owner": {
      "$ref": "OwnerResourceLink, 
      "readonly": true, 
      "title": "Owner of this resource"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "description": "Identifier of the resource", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }
  }, 
  "title": "Base class for resources that are embedded in other resources", 
  "type": "object"
}

EncapsulationType (type) 

{
  "additionalProperties": false, 
  "description": "You can choose the encapsulation type of the mirroring, now we support GRE, ERSPAN II and ERSPAN III.", 
  "enum": [
    "GRE", 
    "ERSPAN_TWO", 
    "ERSPAN_THREE"
  ], 
  "id": "EncapsulationType", 
  "module_id": "PortMirroring", 
  "title": "Encapsulation type for L3PortMirrorSession", 
  "type": "string"
}

Endpoint (type) 

{
  "description": "An Endpoint object is part of HostSwitch configuration in TransportNode", 
  "id": "Endpoint", 
  "module_id": "TransportNode", 
  "properties": {
    "default_gateway": {
      "$ref": "IPAddress, 
      "readonly": true, 
      "title": "Gateway IP"
    }, 
    "device_name": {
      "readonly": true, 
      "title": "Name of the virtual tunnel endpoint", 
      "type": "string"
    }, 
    "ip": {
      "$ref": "IPAddress, 
      "description": "Depending upon the EndpointIpConfig used in HostSwitch, IP could be allocated either from DHCP (default) or from Static IP Pool.", 
      "readonly": true, 
      "title": "IP Address of this virtual tunnel endpoint"
    }, 
    "label": {
      "readonly": true, 
      "required": false, 
      "title": "Unique label for this Endpoint", 
      "type": "int"
    }, 
    "mac": {
      "$ref": "MACAddress, 
      "readonly": true, 
      "title": "MAC address"
    }, 
    "subnet_mask": {
      "$ref": "IPAddress, 
      "readonly": true, 
      "title": "Subnet mask"
    }
  }, 
  "title": "Tunnel endpoint configuration", 
  "type": "object"
}

EndpointPolicy (type) 

{
  "additionalProperties": false, 
  "description": "Ordered list of Endpoint Rules ordered by sequence number of the entries. The maximum number of policies is 25.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "EndpointPolicy", 
  "module_id": "PolicyGuestIntrospection", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "endpoint_rules": {
      "items": {
        "$ref": "EndpointRule
      }, 
      "required": false, 
      "title": "Endpoint Rules that are a part of this EndpointPolicy", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sequence_number": {
      "default": 0, 
      "description": "This field is used to resolve conflicts between maps across domains.", 
      "maximum": 499, 
      "minimum": 0, 
      "required": false, 
      "title": "Precedence to resolve conflicts across Domains", 
      "type": "int"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Contains ordered list of Endpoint Rules\n", 
  "type": "object"
}

EndpointPolicyListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "EndpointPolicyListRequestParameters", 
  "module_id": "PolicyGuestIntrospection", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "EndpointPolicy list request parameters", 
  "type": "object"
}

EndpointPolicyListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "EndpointPolicyListResult", 
  "module_id": "PolicyGuestIntrospection", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "EndpointPolicy
      }, 
      "required": true, 
      "title": "Guest Introspection Map list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Groups", 
  "type": "object"
}

EndpointRule (type) 

{
  "additionalProperties": false, 
  "description": "Endpoint Rule comes from user configuration. User configures Endpoint Rule to specify what services are applied on the groups.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "EndpointRule", 
  "module_id": "PolicyGuestIntrospection", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "groups": {
      "description": "We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 50, 
      "required": true, 
      "title": "group paths", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sequence_number": {
      "default": 0, 
      "description": "This field is used to resolve conflicts between multiple entries under EndpointPolicy. It will be system default value when not specified by user.", 
      "maximum": 499, 
      "minimum": 0, 
      "required": false, 
      "title": "Sequence number of this Entry", 
      "type": "int"
    }, 
    "service_profiles": {
      "description": "The policy paths of service profiles are listed here. It pecifies what services are applied on the group. Currently only one is allowed.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "required": true, 
      "title": "Names of service profiles", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Endpoint Rule for guest introspection.", 
  "type": "object"
}

EndpointRuleListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "EndpointRuleListRequestParameters", 
  "module_id": "PolicyGuestIntrospection", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Endpoint Rule list request parameters", 
  "type": "object"
}

EndpointRuleListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "EndpointRuleListResult", 
  "module_id": "PolicyGuestIntrospection", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "EndpointRule
      }, 
      "required": true, 
      "title": "Endpoint Rule list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Endpoint Rules", 
  "type": "object"
}

EnforcementPoint (type) 

{
  "description": "Represents endpoint where policy will be applied", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "EnforcementPoint", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "auto_enforce": {
      "default": true, 
      "description": "The flag, which suggests whether the policy objects will be enforced automatically on this enforcement point or not. Default value is true, means policy objects will automatically enforced on the Enforcement point and if it is false, in that case user can use the usual means for realization. i.e deployment maps.", 
      "title": "Flag to auto enforce the policy objects.", 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "connection_info": {
      "$ref": "EnforcementPointConnectionInfo, 
      "required": true, 
      "title": "Enforcement point connection info"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "version": {
      "readonly": true, 
      "title": "Version of the Enforcement point", 
      "type": "string"
    }
  }, 
  "title": "Represents endpoint where policy will be applied", 
  "type": "object"
}

EnforcementPointConnectionInfo (type) 

{
  "abstract": true, 
  "description": "Contains information required to connect to enforcement point", 
  "id": "EnforcementPointConnectionInfo", 
  "module_id": "PolicyEnforcementPointManagement", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "enforcement_point_address": {
      "description": "Value of this property could be hostname or ip. eg. For NSX-T manager running on default port the value can be \"10.192.1.1\", for NSX-T manager running on custom port value can be \"192.168.1.1:32789\". For NSX-T manager in VMC deployments value  can have url prefix eg. \"192.168.1.1:5480/nsxapi\"", 
      "required": true, 
      "title": "IP Address or hostname of the Enforcement point", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "NSXTConnectionInfo", 
        "NSXVConnectionInfo", 
        "CvxConnectionInfo"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "Enforcement point connection info", 
  "type": "object"
}

EnforcementPointListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "EnforcementPoint list request parameters", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "EnforcementPointListRequestParameters", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "EnforcementPoint list request parameters", 
  "type": "object"
}

EnforcementPointListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paged collection of enforcement points", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "EnforcementPointListResult", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "EnforcementPoint
      }, 
      "required": true, 
      "title": "EnforcementPoint list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of EnforcementPoints", 
  "type": "object"
}

EntityInstanceCountConstraintExpression (type) 

{
  "additionalProperties": false, 
  "description": "Represents the leaf level constraint to restrict the number instances of an entity type can be created. This is useful in restricting number of CGWs or MGWs or Providers that can created in a system.", 
  "extends": {
    "$ref": "ConstraintExpression
  }, 
  "id": "EntityInstanceCountConstraintExpression", 
  "module_id": "PolicyConstraints", 
  "polymorphic-type-descriptor": {
    "type-identifier": "EntityInstanceCountConstraintExpression"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "count": {
      "description": "Instance count.", 
      "required": true, 
      "title": "Instance count.", 
      "type": "integer"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "operator": {
      "required": true, 
      "title": "Operations supported '<' and '<='.", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "ValueConstraintExpression", 
        "RelatedAttributeConditionalExpression", 
        "EntityInstanceCountConstraintExpression", 
        "FieldSanityConstraintExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Represents the leaf level constraint to restrict the number instances of type.", 
  "type": "object"
}

EpochMsTimestamp (type) 

{
  "id": "EpochMsTimestamp", 
  "module_id": "Common", 
  "title": "Timestamp in milliseconds since epoch", 
  "type": "integer"
}

ErrorInfo (type) 

{
  "additionalProperties": false, 
  "id": "ErrorInfo", 
  "module_id": "InventoryCmObj", 
  "properties": {
    "error_message": {
      "readonly": true, 
      "required": true, 
      "title": "Error message", 
      "type": "string"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "required": true, 
      "title": "Timestamp when the error occurred"
    }
  }, 
  "title": "Error information", 
  "type": "object"
}

ErrorResolverInfo (type) 

{
  "additionalProperties": false, 
  "description": "Metadata related to a given error_id", 
  "id": "ErrorResolverInfo", 
  "module_id": "ErrorResolver", 
  "properties": {
    "error_id": {
      "required": true, 
      "title": "The error id for which metadata information is needed", 
      "type": "integer"
    }, 
    "resolver_present": {
      "required": true, 
      "title": "Indicates whether there is a resolver associated with the error or not", 
      "type": "boolean"
    }, 
    "user_metadata": {
      "$ref": "ErrorResolverUserMetadata, 
      "required": false, 
      "title": "User supplied metadata that might be required by the resolver"
    }
  }, 
  "type": "object"
}

ErrorResolverInfoList (type) 

{
  "additionalProperties": false, 
  "id": "ErrorResolverInfoList", 
  "module_id": "ErrorResolver", 
  "properties": {
    "results": {
      "items": {
        "$ref": "ErrorResolverInfo
      }, 
      "required": true, 
      "title": "ErrorResolverInfo list", 
      "type": "array"
    }
  }, 
  "title": "Collection of all registered ErrorResolverInfo", 
  "type": "object"
}

ErrorResolverMetadata (type) 

{
  "additionalProperties": false, 
  "description": "Error along with its metadata", 
  "id": "ErrorResolverMetadata", 
  "module_id": "ErrorResolver", 
  "properties": {
    "entity_id": {
      "required": true, 
      "title": "The entity/node UUID where the error has occurred.", 
      "type": "string"
    }, 
    "error_id": {
      "required": true, 
      "title": "The error id as reported by the entity where the error occurred.", 
      "type": "integer"
    }, 
    "system_metadata": {
      "$ref": "ErrorResolverSystemMetadata, 
      "required": false, 
      "title": "This can come from some external system like syslog collector"
    }, 
    "user_metadata": {
      "$ref": "ErrorResolverUserMetadata, 
      "required": false, 
      "title": "User supplied metadata that might be required by the resolver"
    }
  }, 
  "type": "object"
}

ErrorResolverMetadataList (type) 

{
  "additionalProperties": false, 
  "description": "List of errors with their metadata", 
  "id": "ErrorResolverMetadataList", 
  "module_id": "ErrorResolver", 
  "properties": {
    "errors": {
      "items": {
        "$ref": "ErrorResolverMetadata
      }, 
      "required": true, 
      "title": "List of errors with their corresponding metadata.", 
      "type": "array"
    }
  }, 
  "type": "object"
}

ErrorResolverSystemMetadata (type) 

{
  "additionalProperties": false, 
  "description": "Metadata fetched from an external system like Syslog or LogInsight.", 
  "id": "ErrorResolverSystemMetadata", 
  "module_id": "ErrorResolver", 
  "properties": {
    "value": {
      "required": false, 
      "title": "The value fetched from another system", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ErrorResolverUserInputData (type) 

{
  "additionalProperties": false, 
  "description": "Corresponds to one property entered by the user", 
  "id": "ErrorResolverUserInputData", 
  "module_id": "ErrorResolver", 
  "properties": {
    "data_type": {
      "enum": [
        "TEXT", 
        "NUMBER", 
        "PASSWORD"
      ], 
      "required": true, 
      "title": "The datatype of the given property. Useful for data validation", 
      "type": "string"
    }, 
    "property_name": {
      "required": true, 
      "title": "Name of the property supplied by the user", 
      "type": "string"
    }, 
    "property_value": {
      "required": false, 
      "title": "The value associated with the above property", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ErrorResolverUserMetadata (type) 

{
  "additionalProperties": false, 
  "description": "User supplied metadata needed for resolving errors", 
  "id": "ErrorResolverUserMetadata", 
  "module_id": "ErrorResolver", 
  "properties": {
    "user_input_list": {
      "items": {
        "$ref": "ErrorResolverUserInputData
      }, 
      "required": false, 
      "title": "List of user supplied input data.", 
      "type": "array"
    }
  }, 
  "type": "object"
}

EsxGlobalOpaqueConfig (type) 

{
  "extends": {
    "$ref": "GlobalConfigs
  }, 
  "id": "EsxGlobalOpaqueConfig", 
  "module_id": "GlobalConfigs", 
  "polymorphic-type-descriptor": {
    "type-identifier": "EsxGlobalOpaqueConfig"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "opaque_config": {
      "items": {
        "$ref": "KeyValuePair
      }, 
      "required": true, 
      "title": "A list of global opaque configuration for ESX hosts.", 
      "type": "array"
    }, 
    "resource_type": {
      "$ref": "GlobalConfigType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "ESX global opaque configuration", 
  "type": "object"
}

EtherTypeNSService (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "NSServiceElement
  }, 
  "id": "EtherTypeNSService", 
  "module_id": "Types", 
  "polymorphic-type-descriptor": {
    "type-identifier": "EtherTypeNSService"
  }, 
  "properties": {
    "ether_type": {
      "required": true, 
      "title": "Type of the encapsulated protocol", 
      "type": "integer"
    }, 
    "resource_type": {
      "enum": [
        "EtherTypeNSService", 
        "IPProtocolNSService", 
        "IGMPTypeNSService", 
        "ICMPTypeNSService", 
        "ALGTypeNSService", 
        "L4PortSetNSService"
      ], 
      "required": true, 
      "title": "The specific type of NSServiceElement", 
      "type": "string"
    }
  }, 
  "title": "An NSService element that represents an ethertype protocol", 
  "type": "object"
}

EtherTypeServiceEntry (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ServiceEntry
  }, 
  "id": "EtherTypeServiceEntry", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "EtherTypeServiceEntry"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "ether_type": {
      "required": true, 
      "title": "Type of the encapsulated protocol", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "IPProtocolServiceEntry", 
        "IGMPTypeServiceEntry", 
        "ICMPTypeServiceEntry", 
        "ALGTypeServiceEntry", 
        "L4PortSetServiceEntry", 
        "EtherTypeServiceEntry"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "A ServiceEntry that represents an ethertype protocol", 
  "type": "object"
}

EthernetHeader (type) 

{
  "additionalProperties": false, 
  "id": "EthernetHeader", 
  "module_id": "Traceflow", 
  "properties": {
    "dst_mac": {
      "description": "The destination MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.", 
      "required": false, 
      "title": "Destination MAC address of the Ethernet header", 
      "type": "string"
    }, 
    "eth_type": {
      "default": 2048, 
      "description": "This field defaults to IPv4.", 
      "maximum": 65535, 
      "minimum": 1, 
      "required": false, 
      "title": "The value of the type field to be put into the Ethernet header", 
      "type": "integer"
    }, 
    "src_mac": {
      "description": "The source MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.", 
      "required": false, 
      "title": "Source MAC address of the Ethernet header", 
      "type": "string"
    }
  }, 
  "type": "object"
}

Evaluation (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Criterion Evaluation is the basic logical condition to evaluate whether the event could be potentially met.", 
  "id": "Evaluation", 
  "module_id": "PolicyReaction", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "resource_type": {
      "description": "Criterion Evaluation resource type.", 
      "enum": [
        "SourceFieldEvaluation"
      ], 
      "required": true, 
      "title": "Resource Type", 
      "type": "string"
    }
  }, 
  "title": "Criterion Evaluation", 
  "type": "object"
}

Event (type) 

{
  "additionalProperties": false, 
  "description": "The Event is the criterion or criteria applied to the source and, when met, prompt Policy to run the action. All Reaction Events are constructed with reference to the object, the \"source\", that is logically deemed to be the object upon which the Event in question initially occurred upon. Some example events include: - New object was created. - Change in realization state. - Specific API is called.", 
  "id": "Event", 
  "module_id": "PolicyReaction", 
  "properties": {
    "criteria": {
      "description": "Criteria applied to the source and, if satisfied, would trigger the action. Criteria is composed of criterions. In order for the Criteria to be met, only one of the criterion must be fulfilled (implicit OR).", 
      "items": {
        "$ref": "Criterion
      }, 
      "title": "Event Criteria", 
      "type": "array"
    }, 
    "source": {
      "$ref": "Source, 
      "description": "Source that is logically deemed to be the \"object\" upon which the Event in question initially occurred upon.", 
      "required": true, 
      "title": "Event Source"
    }
  }, 
  "title": "Reaction Event", 
  "type": "object"
}

ExcludeList (type) 

{
  "description": "List of entities where Distributed Firewall will not be enforced. Exclusion List can contain NSGroup(s) or LogicalPort(s) or LogicalSwitch(es) to exclude Distributed Firewall enforcement.", 
  "extends": {
    "$ref": "DSExcludeList
  }, 
  "id": "ExcludeList", 
  "module_id": "ExcludeList", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "member_count": {
      "description": "Total number of members present in Exclude List.", 
      "readonly": true, 
      "required": false, 
      "title": "Total Member Count", 
      "type": "integer"
    }, 
    "members": {
      "description": "List of members in Exclusion List", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 1000, 
      "readonly": false, 
      "required": true, 
      "title": "Member list", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Exclusion List", 
  "type": "object"
}

ExcludeListRequestParams (type) 

{
  "id": "ExcludeListRequestParams", 
  "module_id": "ExcludeList", 
  "properties": {
    "deep_check": {
      "default": false, 
      "description": "Deep check all parents of requested object_id if any of them is in exclude list. If found, makes requested entity as excluded.", 
      "required": false, 
      "title": "Check all parents", 
      "type": "boolean"
    }, 
    "object_id": {
      "maxLength": 64, 
      "required": true, 
      "title": "identifier of the object", 
      "type": "string"
    }, 
    "object_type": {
      "$ref": "ExcludeMemberType, 
      "description": "Used if requested for deep_check. Type allows ability to find its association and parent entities.", 
      "required": false, 
      "title": "Type of the object"
    }
  }, 
  "title": "Parameters for filtering the exclude list", 
  "type": "object"
}

ExcludeMemberType (type) 

{
  "description": "Enum of supported excluded member types.", 
  "enum": [
    "NSGroup", 
    "LogicalPort", 
    "LogicalSwitch"
  ], 
  "id": "ExcludeMemberType", 
  "module_id": "ExcludeList", 
  "readonly": true, 
  "required": false, 
  "title": "Object type of an entity", 
  "type": "string"
}

Expression (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "All the nodes of the expression extend from this abstract class. This is present for extensibility.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Expression", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "Condition", 
        "ConjunctionOperator", 
        "NestedExpression", 
        "IPAddressExpression", 
        "MACAddressExpression", 
        "ExternalIDExpression", 
        "PathExpression", 
        "IdentityGroupExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Base class for each node of the expression", 
  "type": "object"
}

ExternalIDExpression (type) 

{
  "additionalProperties": false, 
  "description": "Represents external ID expressions in the form of an array, to support addition of objects like virtual interfaces and virtual machines to a group.", 
  "extends": {
    "$ref": "Expression
  }, 
  "id": "ExternalIDExpression", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ExternalIDExpression"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_ids": {
      "description": "This array can consist of one or more external IDs for the specified member type.", 
      "items": {
        "type": "string"
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Array of external IDs for the specified member type", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "member_type": {
      "enum": [
        "VirtualMachine", 
        "VirtualNetworkInterface"
      ], 
      "required": true, 
      "title": "External ID member type", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "Condition", 
        "ConjunctionOperator", 
        "NestedExpression", 
        "IPAddressExpression", 
        "MACAddressExpression", 
        "ExternalIDExpression", 
        "PathExpression", 
        "IdentityGroupExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "External ID expression node", 
  "type": "object"
}

ExtraConfig (type) 

{
  "description": "Extra config is intended for supporting vendor specific configuration on the data path, it can be set as key value string pairs on either logical switch or logical port. If it was set on logical switch, it will be inherited automatically by logical ports in it. Also logical port setting will override logical switch setting if specific key was dual set on both logical switch and logical port.", 
  "id": "ExtraConfig", 
  "module_id": "Switching", 
  "properties": {
    "config_pair": {
      "$ref": "KeyValuePair, 
      "required": true, 
      "title": "Key value pair in string for the configuration"
    }
  }, 
  "title": "Vendor specific configuration on logical switch or logical port", 
  "type": "object"
}

ExtraConfigHostSwitchProfile (type) 

{
  "extends": {
    "$ref": "BaseHostSwitchProfile
  }, 
  "id": "ExtraConfigHostSwitchProfile", 
  "module_id": "ExtraConfigHostSwitchProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ExtraConfigHostSwitchProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "extra_configs": {
      "items": {
        "$ref": "ExtraConfig
      }, 
      "required": false, 
      "title": "list of extra configs", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "required_capabilities": {
      "help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "resource_type": {
      "$ref": "HostSwitchProfileType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Profile for extra configs in host switch", 
  "type": "object"
}

FIPSGlobalConfig (type) 

{
  "additionalProperties": false, 
  "description": "Global configuration", 
  "id": "FIPSGlobalConfig", 
  "module_id": "Policy", 
  "properties": {
    "lb_fips_enabled": {
      "default": false, 
      "description": "When this flag is set to true FIPS mode will be set on ssl encryptions of load balancer feature.", 
      "required": false, 
      "title": "A flag to turn on or turn off the FIPS compliance of load balancer feature.", 
      "type": "boolean"
    }
  }, 
  "title": "Global configuration", 
  "type": "object"
}

FailedNodeSupportBundleResult (type) 

{
  "additionalProperties": false, 
  "id": "FailedNodeSupportBundleResult", 
  "properties": {
    "error_code": {
      "readonly": true, 
      "required": true, 
      "title": "Error code", 
      "type": "string"
    }, 
    "error_message": {
      "readonly": true, 
      "required": true, 
      "title": "Error message", 
      "type": "string"
    }, 
    "node_display_name": {
      "readonly": true, 
      "required": true, 
      "title": "Display name of node", 
      "type": "string"
    }, 
    "node_id": {
      "readonly": true, 
      "required": true, 
      "title": "UUID of node", 
      "type": "string"
    }
  }, 
  "type": "object"
}

FailureDomain (type) 

{
  "additionalProperties": false, 
  "description": "Failure Domain is engineered to be isolated from failures in other failure domains, and to provide inexpensive, low-latency network connectivity to other failure domains in the same region. We support failure domain only on edge transport node. Like you can consider one rack as one failure domain and place active-standby contexts like logical router, DHCP and MDProxy in two different failure domains (racks). So failure of a single rack (FD) does not impact any services and other rack (FD) will continue to handle traffic. Initially system creates one default failure domain. For any edge transport node, if failure domains is not given, it will be mapped to default system generated failure domain. You can't update preferred_active_edge_services flag for system generated default failure domain. It will be unset which means that failure domain can be used for both active and standby allocation.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "FailureDomain", 
  "module_id": "FailureDomain", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "preferred_active_edge_services": {
      "description": "Set preference for edge transport node failure domain which will be considered while doing auto placement of logical router, DHCP and MDProxy on edge node. true: For preemptive failover mode, active edge cluster member       allocation preferes this failure domain. false: For preemptive failover mode, standby edge cluster member       allocation preferes this failure domain. Default will be unset. It means no explicit preference.", 
      "required": false, 
      "title": "Set preference for failure domain", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Failure Domain for edge transport node", 
  "type": "object"
}

FailureDomainListResult (type) 

{
  "additionalProperties": false, 
  "description": "It will have list of failure domains which also includes system generated failure domain.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "FailureDomainListResult", 
  "module_id": "FailureDomain", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of all failure domains including system generated default failure domain", 
      "items": {
        "$ref": "FailureDomain
      }, 
      "required": true, 
      "title": "Failure Domain Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Failure Domain queries result", 
  "type": "object"
}

FeaturePermission (type) 

{
  "id": "FeaturePermission", 
  "module_id": "AAA", 
  "properties": {
    "feature": {
      "readonly": true, 
      "required": true, 
      "title": "Feature Name", 
      "type": "string"
    }, 
    "permission": {
      "enum": [
        "crud", 
        "read", 
        "execute", 
        "none"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Permission", 
      "type": "string"
    }
  }, 
  "title": "Feature Permission", 
  "type": "object"
}

FeaturePermissionRequestParameters (type) 

{
  "additionalProperties": false, 
  "id": "FeaturePermissionRequestParameters", 
  "module_id": "PolicyAuthz", 
  "properties": {
    "feature_name": {
      "required": true, 
      "title": "Feature name", 
      "type": "string"
    }, 
    "object_path": {
      "required": true, 
      "title": "Exact object Policy path", 
      "type": "string"
    }
  }, 
  "title": "RBAC Objects qualifier", 
  "type": "object"
}

FeatureStackCollectionConfiguration (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "FeatureStackCollectionConfiguration", 
  "module_id": "AggSvcDataCollectionConfig", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "client_type_collection_configurations": {
      "description": "The set of client type data collection configurations", 
      "items": {
        "$ref": "ClientTypeCollectionConfiguration
      }, 
      "title": "Client type collection configurations", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "feature_stack_name": {
      "description": "The name of the feature stack", 
      "required": true, 
      "title": "Feature stack name", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "HPM feature stack data collection frequency configuration", 
  "type": "object"
}

FeatureStackCollectionConfigurationList (type) 

{
  "id": "FeatureStackCollectionConfigurationList", 
  "module_id": "AggSvcDataCollectionConfig", 
  "properties": {
    "results": {
      "description": "The complete set of feature stack data collection configurations", 
      "items": {
        "$ref": "FeatureStackCollectionConfiguration
      }, 
      "readonly": true, 
      "title": "Feature stack configurations", 
      "type": "array"
    }
  }, 
  "title": "Feature stack collection configuration list result", 
  "type": "object"
}

FeatureUsage (type) 

{
  "description": "feature usage result item", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "FeatureUsage", 
  "module_id": "License", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "capacity_usage": {
      "items": {
        "$ref": "CapacityUsage
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Capacity Usage List", 
      "type": "array"
    }, 
    "feature": {
      "readonly": true, 
      "title": "name of the feature", 
      "type": "string"
    }
  }, 
  "type": "object"
}

FeatureUsageCsvRecord (type) 

{
  "extends": {
    "$ref": "CsvRecord
  }, 
  "id": "FeatureUsageCsvRecord", 
  "module_id": "License", 
  "properties": {
    "ccu_usage_count": {
      "readonly": true, 
      "title": "count of number of concurrent users", 
      "type": "integer"
    }, 
    "core_usage_count": {
      "readonly": true, 
      "title": "Number of CPU cores used by this feature", 
      "type": "integer"
    }, 
    "cpu_usage_count": {
      "readonly": true, 
      "title": "count of number of cpu sockets used by this feature", 
      "type": "integer"
    }, 
    "feature": {
      "readonly": true, 
      "title": "name of the feature", 
      "type": "string"
    }, 
    "vcpu_usage_count": {
      "readonly": true, 
      "title": "count of number of vcpus of public cloud VMs", 
      "type": "integer"
    }, 
    "vm_usage_count": {
      "readonly": true, 
      "title": "count of number of vms used by this feature", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

FeatureUsageList (type) 

{
  "description": "list of feature usage items", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "FeatureUsageList", 
  "module_id": "License", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "feature_usage_info": {
      "items": {
        "$ref": "FeatureUsage
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Feature Usage List", 
      "type": "array"
    }
  }, 
  "type": "object"
}

FeatureUsageListInCsvFormat (type) 

{
  "extends": {
    "$ref": "CsvListResult
  }, 
  "id": "FeatureUsageListInCsvFormat", 
  "module_id": "License", 
  "properties": {
    "file_name": {
      "description": "File name set by HTTP server if API  returns CSV result as a file.", 
      "required": false, 
      "title": "File name", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "results": {
      "items": {
        "$ref": "FeatureUsageCsvRecord
      }, 
      "required": false, 
      "type": "array"
    }
  }, 
  "type": "object"
}

FeedbackListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "FeedbackListRequestParameters", 
  "module_id": "Migration", 
  "properties": {
    "category": {
      "readonly": false, 
      "required": false, 
      "title": "Category on which feedback request should be filtered", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "hash": {
      "readonly": false, 
      "required": false, 
      "title": "Hash based on which feedback request should be filtered", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "state": {
      "default": "ALL", 
      "enum": [
        "ALL", 
        "RESOLVED", 
        "UNRESOLVED"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Filter based on current state of the feedback request", 
      "type": "string"
    }, 
    "sub_category": {
      "readonly": false, 
      "required": false, 
      "title": "Sub category based on which feedback request should be filtered", 
      "type": "string"
    }
  }, 
  "type": "object"
}

FieldSanityConstraintExpression (type) 

{
  "additionalProperties": false, 
  "description": "Represents the field value constraint to constrain specified field value based on defined sanity checks. Example - For DNS.upstream_servers, all the IP addresses must either be public or private.   {     \"target\": {       \"target_resource_type\": \"DnsForwarderZone\",       \"attribute\": \"upstreamServers\",       \"path_prefix\": \"/infra/dns-forwarder-zones/\"      },      \"constraint_expression\": {        \"resource_type\": \"FieldSanityConstraintExpression\",        \"operator\": \"OR\",        \"checks\": [\"ALL_PUBLIC_IPS\", \"ALL_PRIVATE_IPS\"]      }   }", 
  "extends": {
    "$ref": "ConstraintExpression
  }, 
  "id": "FieldSanityConstraintExpression", 
  "module_id": "PolicyConstraints", 
  "polymorphic-type-descriptor": {
    "type-identifier": "FieldSanityConstraintExpression"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "checks": {
      "description": "List of sanity checks.", 
      "items": {
        "enum": [
          "ALL_PUBLIC_IPS", 
          "ALL_PRIVATE_IPS"
        ], 
        "type": "string"
      }, 
      "required": true, 
      "title": "Array of sanity checks to be performed on field value", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "operator": {
      "enum": [
        "OR", 
        "AND"
      ], 
      "required": true, 
      "title": "A conditional operator", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "ValueConstraintExpression", 
        "RelatedAttributeConditionalExpression", 
        "EntityInstanceCountConstraintExpression", 
        "FieldSanityConstraintExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Represents the field value sanity constraint", 
  "type": "object"
}

FieldSetting (type) 

{
  "additionalProperties": false, 
  "description": "Field Setting.", 
  "id": "FieldSetting", 
  "module_id": "PolicyReaction", 
  "properties": {
    "field_pointer": {
      "description": "Field Pointer.", 
      "required": true, 
      "title": "Field Pointer", 
      "type": "string"
    }, 
    "value": {
      "$ref": "FieldSettingValue, 
      "description": "Value that the field must be set to.", 
      "required": true, 
      "title": "Value"
    }
  }, 
  "title": "FieldSetting", 
  "type": "object"
}

FieldSettingValue (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Field Setting Value.", 
  "id": "FieldSettingValue", 
  "module_id": "PolicyReaction", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "resource_type": {
      "description": "Field Setting Value resource type.", 
      "enum": [
        "ConstantFieldValue"
      ], 
      "required": true, 
      "title": "Resource Type", 
      "type": "string"
    }
  }, 
  "title": "Field Setting Value", 
  "type": "object"
}

FieldsPacketData (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PacketData
  }, 
  "id": "FieldsPacketData", 
  "module_id": "Traceflow", 
  "polymorphic-type-descriptor": {
    "type-identifier": "FieldsPacketData"
  }, 
  "properties": {
    "arp_header": {
      "$ref": "ArpHeader, 
      "required": false, 
      "title": "The ARP header"
    }, 
    "eth_header": {
      "$ref": "EthernetHeader, 
      "required": false, 
      "title": "The ethernet header"
    }, 
    "frame_size": {
      "default": 128, 
      "description": "If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message.  The frame will be zero padded to the requested size.", 
      "maximum": 1000, 
      "minimum": 60, 
      "required": false, 
      "title": "Requested total size of the (logical) packet in bytes", 
      "type": "integer"
    }, 
    "ip_header": {
      "$ref": "Ipv4Header, 
      "required": false, 
      "title": "The IPv4 header"
    }, 
    "ipv6_header": {
      "$ref": "Ipv6Header, 
      "required": false, 
      "title": "The IPv6 header"
    }, 
    "payload": {
      "description": "Up to 1000 bytes of payload may be supplied (with a base64-encoded length of 1336 bytes.) Additional bytes of traceflow metadata will be appended to the payload. The payload contains any data the user wants to put after the transport header.", 
      "maxLength": 1336, 
      "required": false, 
      "title": "RFC3548 compatible base64-encoded payload", 
      "type": "string"
    }, 
    "resource_type": {
      "default": "FieldsPacketData", 
      "enum": [
        "BinaryPacketData", 
        "FieldsPacketData"
      ], 
      "required": true, 
      "title": "Packet configuration", 
      "type": "string"
    }, 
    "routed": {
      "required": false, 
      "title": "A flag, when set true, indicates that the traceflow packet is of L3 routing.", 
      "type": "boolean"
    }, 
    "transport_header": {
      "$ref": "TransportProtocolHeader, 
      "description": "This field contains a protocol that is above IP. It is not restricted to the 'transport' defined by the OSI model (e.g., ICMP is supported).", 
      "required": false, 
      "title": "The transport header"
    }, 
    "transport_type": {
      "default": "UNICAST", 
      "enum": [
        "BROADCAST", 
        "UNICAST", 
        "MULTICAST", 
        "UNKNOWN"
      ], 
      "required": false, 
      "title": "transport type of the traceflow packet", 
      "type": "string"
    }
  }, 
  "type": "object"
}

FileProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "FileProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "created_epoch_ms": {
      "required": true, 
      "title": "File creation time in epoch milliseconds", 
      "type": "integer"
    }, 
    "modified_epoch_ms": {
      "required": true, 
      "title": "File modification time in epoch milliseconds", 
      "type": "integer"
    }, 
    "name": {
      "pattern": "^[^/]+$", 
      "required": true, 
      "title": "File name", 
      "type": "string"
    }, 
    "size": {
      "required": true, 
      "title": "Size of the file in bytes", 
      "type": "integer"
    }
  }, 
  "title": "File properties", 
  "type": "object"
}

FilePropertiesListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "FilePropertiesListResult", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "FileProperties
      }, 
      "required": true, 
      "title": "File property results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "File properties query results", 
  "type": "object"
}

FileThumbprint (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "FileThumbprint", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "name": {
      "pattern": "^[^/]+$", 
      "required": true, 
      "title": "File name", 
      "type": "string"
    }, 
    "sha1": {
      "required": true, 
      "title": "File's SHA1 thumbprint", 
      "type": "string"
    }, 
    "sha256": {
      "required": true, 
      "title": "File's SHA256 thumbprint", 
      "type": "string"
    }
  }, 
  "title": "File thumbprint", 
  "type": "object"
}

FileTransferAuthenticationScheme (type) 

{
  "additionalProperties": false, 
  "id": "FileTransferAuthenticationScheme", 
  "module_id": "BackupConfiguration", 
  "properties": {
    "password": {
      "sensitive": true, 
      "title": "Password to authenticate with", 
      "type": "string"
    }, 
    "scheme_name": {
      "enum": [
        "PASSWORD"
      ], 
      "required": true, 
      "title": "Authentication scheme name", 
      "type": "string"
    }, 
    "username": {
      "pattern": "^([a-zA-Z][a-zA-Z0-9-.]*[a-zA-Z]\\\\\\){0,1}\\w[\\w.-]+$", 
      "required": true, 
      "title": "User name to authenticate with", 
      "type": "string"
    }
  }, 
  "title": "Remote server authentication details", 
  "type": "object"
}

FileTransferProtocol (type) 

{
  "additionalProperties": false, 
  "id": "FileTransferProtocol", 
  "module_id": "BackupConfiguration", 
  "properties": {
    "authentication_scheme": {
      "$ref": "FileTransferAuthenticationScheme, 
      "required": true, 
      "title": "Scheme to authenticate if required"
    }, 
    "protocol_name": {
      "default": "sftp", 
      "enum": [
        "sftp"
      ], 
      "required": true, 
      "title": "Protocol name", 
      "type": "string"
    }, 
    "ssh_fingerprint": {
      "description": "The expected SSH fingerprint of the server. If the server's fingerprint does not match this fingerprint, the connection will be terminated.  Only ECDSA fingerprints hashed with SHA256 are supported. To obtain the host's ssh fingerprint, you should connect via some method other than SSH to obtain this information. You can use one of these commands to view the key's fingerprint: 1. ssh-keygen -l -E sha256 -f ssh_host_ecdsa_key.pub 2. awk '{print $2}' ssh_host_ecdsa_key.pub | base64 -d | sha256sum -b |    sed 's/ .*$//' | xxd -r -p | base64 | sed 's/.//44g' |    awk '{print \"SHA256:\"$1}'", 
      "pattern": "^SHA256:.*$", 
      "required": true, 
      "title": "SSH fingerprint of server", 
      "type": "string", 
      "validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.fingerprint_pattern.message"
    }
  }, 
  "title": "Protocol to transfer backup file to remote server", 
  "type": "object"
}

Filter (type) 

{
  "id": "Filter", 
  "module_id": "AggSvcL2Types", 
  "properties": {
    "name": {
      "required": true, 
      "title": "The name of the filter.", 
      "type": "string"
    }, 
    "value": {
      "required": true, 
      "title": "The value of the filter.", 
      "type": "string"
    }
  }, 
  "type": "object"
}

FipsGlobalConfig (type) 

{
  "description": "Policy api will overwrite the fipsGlobalConfig set using MP api. Always use https://<policyIp>/policy/api/v1/infra/global-config to update fips configuration.", 
  "extends": {
    "$ref": "GlobalConfigs
  }, 
  "id": "FipsGlobalConfig", 
  "module_id": "GlobalConfigs", 
  "polymorphic-type-descriptor": {
    "type-identifier": "FipsGlobalConfig"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "lb_fips_enabled": {
      "default": false, 
      "description": "When this flag is set to true FIPS mode will be set on ssl encryptions of load balancer feature.", 
      "title": "A flag to turn on or turn off the FIPS compliance of load balancer feature.", 
      "type": "boolean"
    }, 
    "resource_type": {
      "$ref": "GlobalConfigType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "NSX global configs for FIPS compliance settings", 
  "type": "object"
}

FireWallServiceAssociationListResult (type) 

{
  "extends": {
    "$ref": "ServiceAssociationListResult
  }, 
  "id": "FireWallServiceAssociationListResult", 
  "module_id": "GroupingObjectsProviders", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Firewall rule list result with pagination support.", 
      "items": {
        "$ref": "FirewallRule
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Firewall rule list result", 
      "type": "array"
    }, 
    "service_type": {
      "enum": [
        "FireWallServiceAssociationListResult", 
        "IpfixServiceAssociationListResult"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

FirewallCategory (type) 

{
  "description": "Statistic category for the type of rules in a section, like Layer2 Distributed Firewall, Layer3 DFW.", 
  "enum": [
    "L2DFW", 
    "L3DFW", 
    "L3BRIDGEPORTFW", 
    "L3LOGICALROUTERFW"
  ], 
  "id": "FirewallCategory", 
  "module_id": "Firewall", 
  "readonly": true, 
  "required": false, 
  "title": "Firewall Category", 
  "type": "string"
}

FirewallConfiguration (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "FirewallConfiguration", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "disable_auto_drafts": {
      "default": false, 
      "description": "To disable auto drafts, set it to true. By default, auto drafts are enabled.", 
      "title": "Auto draft disable flag", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enable_firewall": {
      "default": true, 
      "description": "If set to true, Firewall is enabled.", 
      "title": "Firewall enable flag", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "DfwFirewallConfiguration"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Firewall related configurations", 
  "type": "object"
}

FirewallContextType (type) 

{
  "description": "Types of firewall contexts.", 
  "enum": [
    "transport_nodes", 
    "logical_routers"
  ], 
  "id": "FirewallContextType", 
  "module_id": "FirewallStatus", 
  "title": "Firewall Context Type", 
  "type": "string"
}

FirewallCpuMemThresholdsProfile (type) 

{
  "description": "A profile holding CPU and memory threshold configuration.", 
  "extends": {
    "$ref": "BaseFirewallProfile
  }, 
  "id": "FirewallCpuMemThresholdsProfile", 
  "module_id": "FirewallProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "FirewallCpuMemThresholdsProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "cpu_threshold_percentage": {
      "default": 90, 
      "description": "CPU utilization threshold percentage to monitor and report for distributed firewall.", 
      "maximum": 100, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "CPU utilization threshold percentage", 
      "type": "integer"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "mem_threshold_percentage": {
      "default": 90, 
      "description": "Heap memory threshold percentage to monitor and report for distributed firewall.", 
      "maximum": 100, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Heap memory threshold utilization percentage", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "Resource type to use as profile type", 
      "enum": [
        "FirewallSessionTimerProfile", 
        "FirewallCpuMemThresholdsProfile", 
        "FirewallFloodProtectionProfile", 
        "FirewallDnsProfile"
      ], 
      "help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile'\n", 
      "required": true, 
      "title": "Resource type to use as profile type.", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Firewall CPU and memory threshold profile", 
  "type": "object"
}

FirewallDnsProfile (type) 

{
  "description": "A profile holding DNS configuration which allows firewall to use DNS response packets and manage firewall cache. e.g. TTL used to expire snooped entries from cache.", 
  "extends": {
    "$ref": "BaseFirewallProfile
  }, 
  "id": "FirewallDnsProfile", 
  "module_id": "FirewallProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "FirewallDnsProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "dns_ttl_config": {
      "$ref": "DnsTtlConfig, 
      "description": "Firewall to use TTL config to manage firewall cache to expire snooped FQDN entries from DNS response.", 
      "required": false, 
      "title": "DNS TTL config"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Resource type to use as profile type", 
      "enum": [
        "FirewallSessionTimerProfile", 
        "FirewallCpuMemThresholdsProfile", 
        "FirewallFloodProtectionProfile", 
        "FirewallDnsProfile"
      ], 
      "help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile'\n", 
      "required": true, 
      "title": "Resource type to use as profile type.", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Firewall DNS profile", 
  "type": "object"
}

FirewallFloodProtectionProfile (type) 

{
  "description": "A profile holding protection configuration for SYN flood, UDP flood, ICMP flood and other flood attack.", 
  "extends": {
    "$ref": "BaseFirewallProfile
  }, 
  "id": "FirewallFloodProtectionProfile", 
  "module_id": "FirewallProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "FirewallFloodProtectionProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enable_rst_spoofing": {
      "default": false, 
      "description": "The flag to indicate RST spoofing is enabled or not. This option does not apply to EDGE components. This can be enabled only if syncache is enabled.", 
      "readonly": false, 
      "title": "Flag to indicate RST spoofing is enabled or not", 
      "type": "boolean"
    }, 
    "enable_syncache": {
      "default": false, 
      "description": "The flag to indicate syncache is enabled or not. This option does not apply to EDGE components.", 
      "readonly": false, 
      "title": "Flag to indicate syncache is enabled or not", 
      "type": "boolean"
    }, 
    "icmp_active_flow_limit": {
      "description": "The maximum limit of active icmp connections. If this property is omitted, or set to null, then there is no limit on active icmp connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (10,000) on the specific components.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "readonly": false, 
      "title": "Maximum limit of active icmp connections", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "other_active_conn_limit": {
      "description": "The maximum limit of other active connections besides udp, icmp and half open tcp connections. If this property is omitted, or set to null, then there is no limit on other active connections besides udp, icmp and tcp half open connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (10,000) on the specific components.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "readonly": false, 
      "title": "Maximum limit of other active connections besides udp, icmp and tcp half open connections", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "Resource type to use as profile type", 
      "enum": [
        "FirewallSessionTimerProfile", 
        "FirewallCpuMemThresholdsProfile", 
        "FirewallFloodProtectionProfile", 
        "FirewallDnsProfile"
      ], 
      "help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile'\n", 
      "required": true, 
      "title": "Resource type to use as profile type.", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_half_open_conn_limit": {
      "description": "The maximum limit of tcp half open connections. If this property is omitted, or set to null, then there is no limit on active tcp half open connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (1,000,000) on the specific components.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "readonly": false, 
      "title": "Maximum limit of half open tcp connections", 
      "type": "integer"
    }, 
    "udp_active_flow_limit": {
      "description": "The maximum limit of active udp connections. If this property is omitted, or set to null, then there is no limit on active udp connections for those components if it's applied to ESX components (such as segment, segment port, virtual machine, etc); on the other side, if it's applied to EDGE components (such as, gateway), it will be set to default limit (100,000) on the specific component.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "readonly": false, 
      "title": "Maximum limit of active udp connections", 
      "type": "integer"
    }
  }, 
  "title": "Firewall flood protection profile", 
  "type": "object"
}

FirewallGlobalConfig (type) 

{
  "extends": {
    "$ref": "GlobalConfigs
  }, 
  "id": "FirewallGlobalConfig", 
  "module_id": "GlobalConfigs", 
  "polymorphic-type-descriptor": {
    "type-identifier": "FirewallGlobalConfig"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "global_addrset_mode_enabled": {
      "default": true, 
      "description": "When this flag is set to true, global address set is enabled in Distributed Firewall.", 
      "title": "A flag to indicate if global address set is enabled in DFW", 
      "type": "boolean"
    }, 
    "global_fastpath_mode_enabled": {
      "default": true, 
      "description": "When this flag is set to true, fast path searching is enabled in Distributed Firewall.", 
      "title": "A flag to indicate if fast path searching is enabled in DFW", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "GlobalConfigType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "NSX global configs for Distributed Firewall", 
  "type": "object"
}

FirewallInsertParameters (type) 

{
  "extends": {
    "$ref": "DSInsertParameters
  }, 
  "id": "FirewallInsertParameters", 
  "module_id": "Firewall", 
  "properties": {
    "id": {
      "maxLength": 64, 
      "required": false, 
      "title": "Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'.", 
      "type": "string"
    }, 
    "operation": {
      "default": "insert_top", 
      "enum": [
        "insert_top", 
        "insert_bottom", 
        "insert_after", 
        "insert_before"
      ], 
      "required": false, 
      "title": "Operation", 
      "type": "string"
    }
  }, 
  "title": "Parameters to tell where rule/section need to be added. All the params take rule/section Id.", 
  "type": "object"
}

FirewallListRequestParameters (type) 

{
  "description": "Pagination and Filtering parameters to get only a subset of sections/rules.", 
  "extends": {
    "$ref": "DSListRequestParameters
  }, 
  "id": "FirewallListRequestParameters", 
  "module_id": "Firewall", 
  "properties": {
    "applied_tos": {
      "description": "Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "AppliedTo's referenced by this section or section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "context_profiles": {
      "description": "The context profile value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.", 
      "title": "Limits results to sections having rules with specific Context Profiles.", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "deep_search": {
      "default": false, 
      "description": "This parameter allows firewall API to search and filter results when references in appliedtos are either directly used in rule/section or indirectly in another container which is used in rule/section. Currently param support is only for LogicalPort. Ignores search_invalid_references to reduce heavy check.", 
      "required": false, 
      "title": "Toggle to search with direct or indirect references.", 
      "type": "boolean"
    }, 
    "destinations": {
      "description": "The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "Destinations referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "extended_sources": {
      "description": "The extended source value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.", 
      "title": "Limits results to sections having rules with specific Extended Sources.", 
      "type": "string"
    }, 
    "filter_type": {
      "default": "FILTER", 
      "description": "Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria.", 
      "enum": [
        "FILTER", 
        "SEARCH"
      ], 
      "required": false, 
      "title": "Filter type", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "search_invalid_references": {
      "default": false, 
      "description": "Used in conjunction with filter_type to find invalid i.e. non nonexistent references in given criteria (sources, destinations, extended sources, services, context profiles, applied_tos).", 
      "required": false, 
      "title": "Return invalid references in results.", 
      "type": "boolean"
    }, 
    "services": {
      "description": "Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "NSService referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "sources": {
      "description": "The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "Sources referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }
  }, 
  "title": "Parameters to filter list of sections/rules.", 
  "type": "object"
}

FirewallProfileListParameters (type) 

{
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "FirewallProfileListParameters", 
  "module_id": "FirewallProfile", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "Profile resource type", 
      "readonly": false, 
      "required": true, 
      "title": "Profile resource type", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

FirewallProfileListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "FirewallProfileListResult", 
  "module_id": "FirewallProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of firewall profiles.", 
      "items": {
        "$ref": "BaseFirewallProfile
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of the firewall profiles", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

FirewallRule (type) 

{
  "extends": {
    "$ref": "DSRule
  }, 
  "id": "FirewallRule", 
  "module_id": "Firewall", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_owner": {
      "$ref": "OwnerResourceLink, 
      "readonly": true, 
      "title": "Owner of this resource"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "action": {
      "description": "Action enforced on the packets which matches the distributed service rule. Currently DS Layer supports below actions. ALLOW           - Forward any packet when a rule with this action gets a match (Used by Firewall). DROP            - Drop any packet when a rule with this action gets a match. Packets won't go further(Used by Firewall). REJECT          - Terminate TCP connection by sending TCP reset for a packet when a rule with this action gets a match (Used by Firewall). REDIRECT        - Redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DO_NOT_REDIRECT - Do not redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion).", 
      "enum": [
        "ALLOW", 
        "DROP", 
        "REJECT", 
        "REDIRECT", 
        "DO_NOT_REDIRECT"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Action", 
      "type": "string"
    }, 
    "applied_tos": {
      "description": "List of object where rule will be enforced. The section level field overrides this one. Null will be treated as any.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "AppliedTo List", 
      "type": "array"
    }, 
    "context_profiles": {
      "description": "NS Profile object which accepts attributes and sub-attributes of various network services (ex. L7 AppId, domain name, encryption algorithm) as key value pairs.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "title": "Context Profiles", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destinations": {
      "description": "List of the destinations. Null will be treated as any.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Destination List", 
      "type": "array"
    }, 
    "destinations_excluded": {
      "default": false, 
      "description": "Negation of the destination.", 
      "readonly": false, 
      "required": false, 
      "title": "Negation of destination", 
      "type": "boolean"
    }, 
    "direction": {
      "default": "IN_OUT", 
      "description": "Rule direction in case of stateless distributed service rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.", 
      "enum": [
        "IN", 
        "OUT", 
        "IN_OUT"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Rule direction", 
      "type": "string"
    }, 
    "disabled": {
      "default": false, 
      "description": "Flag to disable rule. Disabled will only be persisted but never provisioned/realized.", 
      "readonly": false, 
      "required": false, 
      "title": "Rule enable/disable flag", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "extended_sources": {
      "description": "List of NSGroups that have end point attributes like AD Groups(SID), process name, process hash etc. For Flash release, only NSGroups containing AD Groups are supported.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "title": "Extended Sources", 
      "type": "array"
    }, 
    "id": {
      "description": "Identifier of the resource", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "ip_protocol": {
      "default": "IPV4_IPV6", 
      "description": "Type of IP packet that should be matched while enforcing the rule.", 
      "enum": [
        "IPV4", 
        "IPV6", 
        "IPV4_IPV6"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "IPv4 vs IPv6 packet type", 
      "type": "string"
    }, 
    "is_default": {
      "description": "Flag to indicate whether rule is default.", 
      "readonly": true, 
      "required": false, 
      "title": "Default rule", 
      "type": "boolean"
    }, 
    "logged": {
      "default": false, 
      "description": "Flag to enable packet logging. Default is disabled.", 
      "readonly": false, 
      "required": false, 
      "title": "Enable logging flag", 
      "type": "boolean"
    }, 
    "notes": {
      "description": "User notes specific to the rule.", 
      "maxLength": 2048, 
      "readonly": false, 
      "required": false, 
      "title": "Notes", 
      "type": "string"
    }, 
    "priority": {
      "description": "Priority of the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Rule priority", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rule_tag": {
      "description": "User level field which will be printed in CLI and packet logs.", 
      "maxLength": 32, 
      "readonly": false, 
      "required": false, 
      "title": "Tag", 
      "type": "string"
    }, 
    "section_id": {
      "description": "Section Id of the section to which this rule belongs to.", 
      "readonly": true, 
      "required": false, 
      "title": "Section Id", 
      "type": "string"
    }, 
    "services": {
      "description": "List of the services. Null will be treated as any.", 
      "items": {
        "$ref": "FirewallService
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Service List", 
      "type": "array"
    }, 
    "sources": {
      "description": "List of sources. Null will be treated as any.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Source List", 
      "type": "array"
    }, 
    "sources_excluded": {
      "default": false, 
      "description": "Negation of the source.", 
      "readonly": false, 
      "required": false, 
      "title": "Negation of source", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

FirewallRuleList (type) 

{
  "id": "FirewallRuleList", 
  "module_id": "Firewall", 
  "properties": {
    "rules": {
      "description": "List of firewall rules in the section. Only homogenous rules are supported.", 
      "items": {
        "$ref": "FirewallRule
      }, 
      "maxItems": 1000, 
      "required": true, 
      "title": "List of the firewall rules", 
      "type": "array"
    }
  }, 
  "type": "object"
}

FirewallRuleListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "FirewallRuleListResult", 
  "module_id": "Firewall", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Firewall rule list result with pagination support.", 
      "items": {
        "$ref": "FirewallRule
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Firewall rule list result", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

FirewallSection (type) 

{
  "extends": {
    "$ref": "DSSection
  }, 
  "id": "FirewallSection", 
  "module_id": "Firewall", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "applied_tos": {
      "description": "List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "AppliedTo List", 
      "type": "array"
    }, 
    "autoplumbed": {
      "default": false, 
      "description": "This flag indicates whether it is an auto-plumbed section that is associated to a LogicalRouter. Auto-plumbed sections are system owned and cannot be updated via the API.", 
      "readonly": true, 
      "required": false, 
      "title": "Tells if a section is auto-plumbed or not", 
      "type": "boolean"
    }, 
    "comments": {
      "description": "Comments for section lock/unlock.", 
      "readonly": true, 
      "required": false, 
      "title": "Section lock/unlock comments", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enforced_on": {
      "description": "This attribute represents enforcement point of firewall section. For example, firewall section enforced on logical port with attachment type bridge endpoint will have 'BRIDGEENDPOINT' value, firewall section enforced on logical router will have 'LOGICALROUTER' value and rest have 'VIF' value.", 
      "readonly": true, 
      "required": false, 
      "title": "Firewall Section Enforcement type", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_default": {
      "description": "It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.", 
      "readonly": true, 
      "required": false, 
      "title": "Default section flag", 
      "type": "boolean"
    }, 
    "lock_modified_by": {
      "description": "ID of the user who last modified the lock for the section.", 
      "readonly": true, 
      "required": false, 
      "title": "Lock modified by user", 
      "type": "string"
    }, 
    "lock_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "Section locked/unlocked time in epoch milliseconds.", 
      "readonly": true, 
      "required": false, 
      "title": "Section locked/unlocked time"
    }, 
    "locked": {
      "default": false, 
      "description": "Section is locked/unlocked.", 
      "readonly": true, 
      "required": false, 
      "title": "Section Locked", 
      "type": "boolean"
    }, 
    "priority": {
      "description": "Priority of current section with respect to other sections. In case the field is empty, the list section api should be used to get section priority.", 
      "readonly": true, 
      "required": false, 
      "title": "Section priority", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rule_count": {
      "description": "Number of rules in this section.", 
      "readonly": true, 
      "required": false, 
      "title": "Rule count", 
      "type": "integer"
    }, 
    "section_type": {
      "description": "Type of the rules which a section can contain. Only homogeneous sections are supported.", 
      "enum": [
        "LAYER2", 
        "LAYER3", 
        "L3REDIRECT"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Section Type", 
      "type": "string"
    }, 
    "stateful": {
      "description": "Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.", 
      "readonly": false, 
      "required": true, 
      "title": "Stateful nature of the distributed service rules in the section.", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_strict": {
      "default": false, 
      "description": "If TCP strict is enabled on a section and a packet matches rule in it, the following check will be performed. If the packet does not belong to an existing session, the kernel will check to see if the SYN flag of the packet is set. If it is not, then it will drop the packet.", 
      "required": false, 
      "title": "TCP Strict", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

FirewallSectionFilterParameters (type) 

{
  "description": "Pagination and Filtering parameters to get only a subset of sections.", 
  "extends": {
    "$ref": "FirewallListRequestParameters
  }, 
  "id": "FirewallSectionFilterParameters", 
  "module_id": "Firewall", 
  "properties": {
    "applied_tos": {
      "description": "Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "AppliedTo's referenced by this section or section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "context_profiles": {
      "description": "The context profile value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.", 
      "title": "Limits results to sections having rules with specific Context Profiles.", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "deep_search": {
      "default": false, 
      "description": "This parameter allows firewall API to search and filter results when references in appliedtos are either directly used in rule/section or indirectly in another container which is used in rule/section. Currently param support is only for LogicalPort. Ignores search_invalid_references to reduce heavy check.", 
      "required": false, 
      "title": "Toggle to search with direct or indirect references.", 
      "type": "boolean"
    }, 
    "destinations": {
      "description": "The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "Destinations referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "enforced_on": {
      "$ref": "AttachmentTypeQueryString, 
      "description": "Used to filter out results based on enforcement point of the section. If this parameter is BRIDGEENDPOINT, then return firewall sections enfored on logical port with attachment type bridgeendpoint. For LOGICALROUTER, then firewall sections enforced on Logical Router are returned. For VIF, other firewall sections are returned. Other values are not supported.", 
      "required": false, 
      "title": "Limit result to sections having a specific kind of enforcement point"
    }, 
    "exclude_applied_to_type": {
      "$ref": "DSAppliedToType, 
      "description": "Used to filter out sections not having a specified AppliedTo target type. This parameter cannot be used along with include_applied_to_type parameter. Section filter only takes a single value for this param.", 
      "required": false, 
      "title": "Limit result to sections not having a specific AppliedTo type"
    }, 
    "extended_sources": {
      "description": "The extended source value in Firewall Rules (used for filtering the list). Single value is supported in current release. Multiple comma delmited values may be supported in future releases.", 
      "title": "Limits results to sections having rules with specific Extended Sources.", 
      "type": "string"
    }, 
    "filter_type": {
      "default": "FILTER", 
      "description": "Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria.", 
      "enum": [
        "FILTER", 
        "SEARCH"
      ], 
      "required": false, 
      "title": "Filter type", 
      "type": "string"
    }, 
    "include_applied_to_type": {
      "$ref": "DSAppliedToType, 
      "description": "Used to filter out results based on target type of a section's AppliedTo. Only sections with matching target type in its applied to will be returned. This parameter cannot be used along with exclude_applied_to_type parameter.Section filter only takes a single value for this param.", 
      "required": false, 
      "title": "Limit result to sections having a specific AppliedTo type"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "locked": {
      "description": "Used to filter out locked or unlocked sections.", 
      "required": false, 
      "title": "Limit results to sections which are locked/unlocked", 
      "type": "boolean"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "search_invalid_references": {
      "default": false, 
      "description": "Used in conjunction with filter_type to find invalid i.e. non nonexistent references in given criteria (sources, destinations, extended sources, services, context profiles, applied_tos).", 
      "required": false, 
      "title": "Return invalid references in results.", 
      "type": "boolean"
    }, 
    "search_scope": {
      "description": "This parameter can be used to limit the search scope to certain firewalls. It can be the value of an appliedTo of a bridge port firewall or an edge firewal. Results will include sections only from that bridge port firewall or edge firewall. For example, if the identifier of a bridge port is given, the search result will only contain the sections of that bridge port firewall. If the identifier of logical router is given, the search result will only contain the sections of that edge firewall.", 
      "required": false, 
      "title": "Limit result to sections of a specific enforcement point", 
      "type": "string"
    }, 
    "services": {
      "description": "Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "NSService referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "sources": {
      "description": "The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "Sources referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "type": {
      "default": "LAYER3", 
      "description": "Section Type with values layer2 or layer3", 
      "enum": [
        "LAYER2", 
        "LAYER3"
      ], 
      "required": false, 
      "title": "Section Type", 
      "type": "string"
    }
  }, 
  "title": "Parameters to filter section from list of sections", 
  "type": "object"
}

FirewallSectionListResult (type) 

{
  "extends": {
    "$ref": "DSSectionListResult
  }, 
  "id": "FirewallSectionListResult", 
  "module_id": "Firewall", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of the firewall sections. The list has to be homogenous.", 
      "items": {
        "$ref": "FirewallSection
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Section list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

FirewallSectionLock (type) 

{
  "id": "FirewallSectionLock", 
  "module_id": "Firewall", 
  "properties": {
    "comments": {
      "description": "Comments for section lock/unlock.", 
      "maxLength": 4096, 
      "minLength": 4, 
      "readonly": false, 
      "required": true, 
      "title": "Comments", 
      "type": "string"
    }, 
    "section_revision": {
      "description": "Revision of the section.", 
      "readonly": false, 
      "required": true, 
      "title": "Section revision", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

FirewallSectionRuleList (type) 

{
  "extends": {
    "$ref": "FirewallSection
  }, 
  "id": "FirewallSectionRuleList", 
  "module_id": "Firewall", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "applied_tos": {
      "description": "List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "AppliedTo List", 
      "type": "array"
    }, 
    "autoplumbed": {
      "default": false, 
      "description": "This flag indicates whether it is an auto-plumbed section that is associated to a LogicalRouter. Auto-plumbed sections are system owned and cannot be updated via the API.", 
      "readonly": true, 
      "required": false, 
      "title": "Tells if a section is auto-plumbed or not", 
      "type": "boolean"
    }, 
    "comments": {
      "description": "Comments for section lock/unlock.", 
      "readonly": true, 
      "required": false, 
      "title": "Section lock/unlock comments", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enforced_on": {
      "description": "This attribute represents enforcement point of firewall section. For example, firewall section enforced on logical port with attachment type bridge endpoint will have 'BRIDGEENDPOINT' value, firewall section enforced on logical router will have 'LOGICALROUTER' value and rest have 'VIF' value.", 
      "readonly": true, 
      "required": false, 
      "title": "Firewall Section Enforcement type", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_default": {
      "description": "It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.", 
      "readonly": true, 
      "required": false, 
      "title": "Default section flag", 
      "type": "boolean"
    }, 
    "lock_modified_by": {
      "description": "ID of the user who last modified the lock for the section.", 
      "readonly": true, 
      "required": false, 
      "title": "Lock modified by user", 
      "type": "string"
    }, 
    "lock_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "Section locked/unlocked time in epoch milliseconds.", 
      "readonly": true, 
      "required": false, 
      "title": "Section locked/unlocked time"
    }, 
    "locked": {
      "default": false, 
      "description": "Section is locked/unlocked.", 
      "readonly": true, 
      "required": false, 
      "title": "Section Locked", 
      "type": "boolean"
    }, 
    "priority": {
      "description": "Priority of current section with respect to other sections. In case the field is empty, the list section api should be used to get section priority.", 
      "readonly": true, 
      "required": false, 
      "title": "Section priority", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rule_count": {
      "description": "Number of rules in this section.", 
      "readonly": true, 
      "required": false, 
      "title": "Rule count", 
      "type": "integer"
    }, 
    "rules": {
      "description": "List of firewall rules in the section. Only homogenous rules are supported.", 
      "items": {
        "$ref": "FirewallRule
      }, 
      "maxItems": 1000, 
      "readonly": false, 
      "required": true, 
      "title": "List of the firewall rules", 
      "type": "array"
    }, 
    "section_type": {
      "description": "Type of the rules which a section can contain. Only homogeneous sections are supported.", 
      "enum": [
        "LAYER2", 
        "LAYER3", 
        "L3REDIRECT"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Section Type", 
      "type": "string"
    }, 
    "stateful": {
      "description": "Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.", 
      "readonly": false, 
      "required": true, 
      "title": "Stateful nature of the distributed service rules in the section.", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_strict": {
      "default": false, 
      "description": "If TCP strict is enabled on a section and a packet matches rule in it, the following check will be performed. If the packet does not belong to an existing session, the kernel will check to see if the SYN flag of the packet is set. If it is not, then it will drop the packet.", 
      "required": false, 
      "title": "TCP Strict", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

FirewallSectionState (type) 

{
  "extends": {
    "$ref": "DSSectionState
  }, 
  "id": "FirewallSectionState", 
  "module_id": "Firewall", 
  "properties": {
    "details": {
      "items": {
        "$ref": "ConfigurationStateElement
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Array of configuration state of various sub systems", 
      "type": "array"
    }, 
    "failure_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code", 
      "type": "integer"
    }, 
    "failure_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message in case of failure", 
      "type": "string"
    }, 
    "pending_change_list": {
      "description": "Pending changes to be realized.", 
      "items": {
        "$ref": "PendingChange
      }, 
      "maxItems": 100, 
      "required": true, 
      "title": "List of pending changes", 
      "type": "array"
    }, 
    "revision_desired": {
      "description": "This attribute represents revision number of section's desired state.", 
      "readonly": true, 
      "required": false, 
      "title": "Section's desired state revision number", 
      "type": "integer"
    }, 
    "state": {
      "description": "Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.", 
      "enum": [
        "pending", 
        "in_progress", 
        "success", 
        "failed", 
        "partial_success", 
        "orphaned", 
        "unknown", 
        "error", 
        "NOT_AVAILABLE", 
        "VM_DEPLOYMENT_QUEUED", 
        "VM_DEPLOYMENT_IN_PROGRESS", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_IN_PROGRESS", 
        "VM_POWER_ON_FAILED", 
        "REGISTRATION_PENDING", 
        "NODE_NOT_READY", 
        "NODE_READY", 
        "VM_POWER_OFF_IN_PROGRESS", 
        "VM_POWER_OFF_FAILED", 
        "VM_UNDEPLOY_IN_PROGRESS", 
        "VM_UNDEPLOY_FAILED", 
        "VM_UNDEPLOY_SUCCESSFUL", 
        "EDGE_CONFIG_ERROR", 
        "VM_DEPLOYMENT_RESTARTED", 
        "REGISTRATION_FAILED", 
        "TRANSPORT_NODE_SYNC_PENDING", 
        "TRANSPORT_NODE_CONFIGURATION_MISSING", 
        "EDGE_HARDWARE_NOT_SUPPORTED", 
        "MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED", 
        "TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER", 
        "TZ_ENDPOINTS_NOT_SPECIFIED", 
        "NO_PNIC_PREPARED_IN_EDGE", 
        "APPLIANCE_INTERNAL_ERROR", 
        "VTEP_DHCP_NOT_SUPPORTED", 
        "UNSUPPORTED_HOST_SWITCH_PROFILE", 
        "UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED", 
        "HOSTSWITCH_PROFILE_NOT_FOUND", 
        "LLDP_SEND_ENABLED_NOT_SUPPORTED", 
        "UNSUPPORTED_NAMED_TEAMING_POLICY", 
        "LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM", 
        "LACP_NOT_SUPPORTED_FOR_EDGE_VM", 
        "STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM", 
        "MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE", 
        "UNSUPPORTED_LACP_LB_ALGO_FOR_NODE", 
        "EDGE_NODE_VERSION_NOT_SUPPORTED", 
        "NO_PNIC_SPECIFIED_IN_TN", 
        "INVALID_PNIC_DEVICE_NAME", 
        "TRANSPORT_NODE_READY", 
        "VM_NETWORK_EDIT_PENDING", 
        "UNSUPPORTED_DEFAULT_TEAMING_POLICY", 
        "MPA_DISCONNECTED", 
        "VM_RENAME_PENDING", 
        "VM_CONFIG_EDIT_PENDING", 
        "VM_NETWORK_EDIT_FAILED", 
        "VM_RENAME_FAILED", 
        "VM_CONFIG_EDIT_FAILED", 
        "VM_CONFIG_DISCREPANCY", 
        "VM_NODE_REFRESH_FAILED", 
        "VM_PLACEMENT_REFRESH_FAILED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Overall state of desired configuration", 
      "type": "string"
    }
  }, 
  "type": "object"
}

FirewallSectionsSummary (type) 

{
  "extends": {
    "$ref": "Resource
  }, 
  "id": "FirewallSectionsSummary", 
  "module_id": "FirewallSummary", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "rule_count": {
      "description": "Total number of rules in the section.", 
      "readonly": true, 
      "required": false, 
      "title": "Rule count", 
      "type": "integer"
    }, 
    "section_count": {
      "description": "Total number of sections for the section type.", 
      "readonly": true, 
      "required": false, 
      "title": "Section count", 
      "type": "integer"
    }, 
    "section_type": {
      "$ref": "FirewallCategory, 
      "description": "Type of rules which a section can contain.", 
      "readonly": true, 
      "required": false, 
      "title": "Section Type"
    }
  }, 
  "type": "object"
}

FirewallSectionsSummaryList (type) 

{
  "id": "FirewallSectionsSummaryList", 
  "module_id": "FirewallSummary", 
  "properties": {
    "last_compute_time": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp of the last computation, in epoch milliseconds."
    }, 
    "sections_summary": {
      "description": "List of firewall sections summary.", 
      "items": {
        "$ref": "FirewallSectionsSummary
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of the firewall sections summary", 
      "type": "array"
    }
  }, 
  "type": "object"
}

FirewallService (type) 

{
  "extends": {
    "$ref": "DSService
  }, 
  "id": "FirewallService", 
  "module_id": "Firewall", 
  "properties": {
    "is_valid": {
      "description": "Will be set to false if the referenced NSX resource has been deleted.", 
      "readonly": true, 
      "required": false, 
      "title": "Target validity", 
      "type": "boolean"
    }, 
    "service": {
      "$ref": "NSServiceElement, 
      "description": "Distributed Service API accepts raw protocol and ports as part of NS service element in Distributed Service Rule that describes traffic corresponding to an NSService.", 
      "readonly": false, 
      "required": false, 
      "title": "Distributed Service Network and Security Service element"
    }, 
    "target_display_name": {
      "description": "Display name of the NSX resource.", 
      "maxLength": 255, 
      "readonly": true, 
      "required": false, 
      "title": "Target display name", 
      "type": "string"
    }, 
    "target_id": {
      "description": "Identifier of the NSX resource.", 
      "maxLength": 64, 
      "readonly": false, 
      "required": false, 
      "title": "Target ID", 
      "type": "string"
    }, 
    "target_type": {
      "description": "Type of the NSX resource.", 
      "maxLength": 255, 
      "readonly": false, 
      "required": false, 
      "title": "Target type", 
      "type": "string"
    }
  }, 
  "type": "object"
}

FirewallSessionTimerProfile (type) 

{
  "description": "A profile holding TCP, UDP and ICMP session timeout configuration.", 
  "extends": {
    "$ref": "BaseFirewallProfile
  }, 
  "id": "FirewallSessionTimerProfile", 
  "module_id": "FirewallProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "FirewallSessionTimerProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "icmp_error_reply": {
      "default": 10, 
      "description": "The timeout value for the connection after an ICMP error came back in response to an ICMP packet.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Timeout after ICMP error", 
      "type": "integer"
    }, 
    "icmp_first_packet": {
      "default": 20, 
      "description": "The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new ICMP flow.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "First packet connection timeout", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Resource type to use as profile type", 
      "enum": [
        "FirewallSessionTimerProfile", 
        "FirewallCpuMemThresholdsProfile", 
        "FirewallFloodProtectionProfile", 
        "FirewallDnsProfile"
      ], 
      "help_summary": "Possible values are 'FirewallSessionTimerProfile',\n'FirewallCpuMemThresholdsProfile',\n'FirewallFloodProtectionProfile'\n", 
      "required": true, 
      "title": "Resource type to use as profile type.", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_closed": {
      "default": 20, 
      "description": "The timeout value of connection in seconds after one endpoint sends an RST.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Timeout after RST", 
      "type": "integer"
    }, 
    "tcp_closing": {
      "default": 120, 
      "description": "The timeout value of connection in seconds after the first FIN has been sent.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Timeout after first TN", 
      "type": "integer"
    }, 
    "tcp_established": {
      "default": 43200, 
      "description": "The timeout value of connection in seconds once the connection has become fully established.", 
      "maximum": 4320000, 
      "minimum": 120, 
      "readonly": false, 
      "required": true, 
      "title": "Connection timeout", 
      "type": "integer"
    }, 
    "tcp_finwait": {
      "default": 45, 
      "description": "The timeout value of connection in seconds after both FINs have been exchanged and connection is closed.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Timeout after FINs exchanged", 
      "type": "integer"
    }, 
    "tcp_first_packet": {
      "default": 120, 
      "description": "The timeout value of connection in seconds after the first packet has been sent.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Connection timout after first packet", 
      "type": "integer"
    }, 
    "tcp_opening": {
      "default": 30, 
      "description": "The timeout value of connection in seconds after a second packet has been transferred.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Connection timout after second packet", 
      "type": "integer"
    }, 
    "udp_first_packet": {
      "default": 60, 
      "description": "The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new UDP flow.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Connection timout after first packet", 
      "type": "integer"
    }, 
    "udp_multiple": {
      "default": 60, 
      "description": "The timeout value of connection in seconds if both hosts have sent packets.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Timeout after hosts sent packet", 
      "type": "integer"
    }, 
    "udp_single": {
      "default": 30, 
      "description": "The timeout value of connection in seconds if the source host sends more than one packet but the destination host has never sent one back.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Connection timeout for destination", 
      "type": "integer"
    }
  }, 
  "title": "Firewall Session timeout profile", 
  "type": "object"
}

FirewallStats (type) 

{
  "extends": {
    "$ref": "Resource
  }, 
  "id": "FirewallStats", 
  "module_id": "FirewallStatsRule", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "byte_count": {
      "description": "Aggregated number of bytes processed by the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Bytes count", 
      "type": "integer"
    }, 
    "hit_count": {
      "description": "Aggregated number of hits received by the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Hits count", 
      "type": "integer"
    }, 
    "max_popularity_index": {
      "description": "Maximum value of popularity index of all firewall rules of the type. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.", 
      "readonly": true, 
      "required": false, 
      "title": "The maximum popularity index", 
      "type": "integer"
    }, 
    "max_session_count": {
      "description": "Maximum value of sessions count of all firewall rules of the type. This is aggregated statistic which are computed with lower frequency compared to generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.", 
      "readonly": true, 
      "required": false, 
      "title": "Maximum sessions count", 
      "type": "integer"
    }, 
    "packet_count": {
      "description": "Aggregated number of packets processed by the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Packets count", 
      "type": "integer"
    }, 
    "popularity_index": {
      "description": "This is calculated by sessions count divided by age of the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "The index of the popularity of firewall rule", 
      "type": "integer"
    }, 
    "rule_id": {
      "description": "Rule Identifier of the Firewall rule. This is a globally unique number.", 
      "readonly": true, 
      "required": false, 
      "title": "Firewall rule Id", 
      "type": "string"
    }, 
    "session_count": {
      "description": "Aggregated number of sessions processed by the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Sessions count", 
      "type": "integer"
    }, 
    "total_session_count": {
      "description": "Aggregated number of sessions processed by the all firewall rules. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.", 
      "readonly": true, 
      "required": false, 
      "title": "Total sessions count", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

FirewallStatsList (type) 

{
  "id": "FirewallStatsList", 
  "module_id": "FirewallStatsRule", 
  "properties": {
    "result_count": {
      "description": "Total count for firewall rule statistics in results set", 
      "readonly": true, 
      "required": true, 
      "title": "Firewall rules stats count", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of rule statistics", 
      "items": {
        "$ref": "FirewallStats
      }, 
      "maxItems": 1000, 
      "readonly": true, 
      "required": false, 
      "title": "Firewall rules stats", 
      "type": "array"
    }, 
    "section_id": {
      "description": "Corresponding firewall section identifier for list of rule statistics", 
      "readonly": true, 
      "required": true, 
      "title": "Firewall section ID", 
      "type": "string"
    }
  }, 
  "type": "object"
}

FirewallStatus (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "FirewallStatus", 
  "module_id": "FirewallStatus", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "context": {
      "$ref": "FirewallContextType, 
      "description": "Types of firewall contexts.", 
      "readonly": false, 
      "required": true, 
      "title": "Firewall Context Type"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "global_status": {
      "$ref": "FirewallStatusType, 
      "description": "Firewall status for a fabric entity or in global context where firewall is supported.", 
      "readonly": false, 
      "required": true, 
      "title": "Firewall Status Type"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "target_statuses": {
      "description": "List of firewall status on various target logical resources. This will override the global status of corresponding firewall context (e.g it will override the gloabal status of logical_routers).", 
      "items": {
        "$ref": "TargetResourceStatus
      }, 
      "readonly": false, 
      "required": false, 
      "title": "List of target resource status", 
      "type": "array"
    }
  }, 
  "title": "Firewall Status Response", 
  "type": "object"
}

FirewallStatusListResult (type) 

{
  "description": "List of firewall statuses for a context or all context", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "FirewallStatusListResult", 
  "module_id": "FirewallStatus", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "FirewallStatus
      }, 
      "readonly": true, 
      "required": true, 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Firewall Statuses", 
  "type": "object"
}

FirewallStatusType (type) 

{
  "description": "Types of firewall statuses representing state of DFW for a context type (e.g. transport_nodes).", 
  "enum": [
    "DISABLED", 
    "ENABLED"
  ], 
  "id": "FirewallStatusType", 
  "module_id": "FirewallStatus", 
  "title": "Firewall Status Type", 
  "type": "string"
}

FloodProtectionProfile (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "A profile holding TCP, UDP and ICMP and other protcol connection limits.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "FloodProtectionProfile", 
  "module_id": "PolicyProfile", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "icmp_active_flow_limit": {
      "description": "If this field is empty, firewall will not set a limit to active ICMP connections.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "title": "Active ICMP connections limit", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "other_active_conn_limit": {
      "description": "If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "title": "Timeout after first TN", 
      "type": "integer"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "FloodProtectionProfileResourceType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_half_open_conn_limit": {
      "description": "If this field is empty, firewall will not set a limit to half open TCP connections.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "title": "Active half open TCP connections limit", 
      "type": "integer"
    }, 
    "udp_active_flow_limit": {
      "description": "If this field is empty, firewall will not set a limit to active UDP connections.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "title": "Active UDP connections limit", 
      "type": "integer"
    }
  }, 
  "title": "Flood Protection profile", 
  "type": "object"
}

FloodProtectionProfileBindingListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "FloodProtectionProfileBindingListResult", 
  "module_id": "PolicyProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "FloodProtectionProfileBindingMap
      }, 
      "required": true, 
      "title": "Flood protection profile binding maps list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of flood protection profile binding maps", 
  "type": "object"
}

FloodProtectionProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "This entity will be used to establish association between Flood Protection profile and Logical Routers.", 
  "extends": {
    "$ref": "ProfileBindingMap
  }, 
  "id": "FloodProtectionProfileBindingMap", 
  "module_id": "PolicyProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "FloodProtectionProfileBindingMap"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "profile_path": {
      "description": "PolicyPath of associated Profile", 
      "required": true, 
      "title": "Profile Path", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Policy Flood Protection Profile binding map", 
  "type": "object"
}

FloodProtectionProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "FloodProtectionProfileListRequestParameters", 
  "module_id": "PolicyProfile", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Flood Protection profile list request parameters", 
  "type": "object"
}

FloodProtectionProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "FloodProtectionProfileListResult", 
  "module_id": "PolicyProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "FloodProtectionProfile
      }, 
      "required": true, 
      "title": "Flood protection profile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of flood protection profiles", 
  "type": "object"
}

FloodProtectionProfileResourceType (type) 

{
  "additionalProperties": false, 
  "description": "GatewayFloodProtectionProfile is used for all Tier0 and Tier1 gateways. DistributedFloodProtectionProfile is used for all Transport Nodes.", 
  "enum": [
    "GatewayFloodProtectionProfile", 
    "DistributedFloodProtectionProfile"
  ], 
  "id": "FloodProtectionProfileResourceType", 
  "module_id": "PolicyProfile", 
  "title": "Resource types of flood protection profiles", 
  "type": "string"
}

Footer (type) 

{
  "additionalProperties": false, 
  "description": "Footer of a widget that provides additional information or allows an action such as clickable url for navigation. An example usage of footer is provided under 'example_request' section of 'CreateWidgetConfiguration' API.", 
  "id": "Footer", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "actions": {
      "description": "Action to be performed at the footer of a widget. An action at the footer can be simple text description or a hyperlink to a UI page. Action allows a clickable url for navigation. An example usage of footer action is provided under 'example_request' section of 'CreateWidgetConfiguration' API.", 
      "items": {
        "$ref": "FooterAction
      }, 
      "minItems": 0, 
      "title": "Footer Actions", 
      "type": "array"
    }, 
    "condition": {
      "description": "If the condition is met then the footer will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.", 
      "maxLength": 1024, 
      "title": "Expression for evaluating condition", 
      "type": "string"
    }
  }, 
  "title": "Widget Footer", 
  "type": "object"
}

FooterAction (type) 

{
  "additionalProperties": false, 
  "description": "Action specified at the footer of a widget to provide additional information or to provide a clickable url for navigation. An example usage of footer action is provided under the 'example_request' section of 'CreateWidgetConfiguration' API.", 
  "id": "FooterAction", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "dock_to_container_footer": {
      "default": true, 
      "description": "If true, the footer will appear in the underlying container that holds the widget.", 
      "title": "Dock the footer at container", 
      "type": "boolean"
    }, 
    "label": {
      "$ref": "Label, 
      "description": "Label to be displayed against the footer action.", 
      "required": true, 
      "title": "Label for action"
    }, 
    "url": {
      "description": "Hyperlink to the UI page that provides details of action.", 
      "maxLength": 1024, 
      "title": "Clickable hyperlink, if any", 
      "type": "string"
    }
  }, 
  "title": "Widget Footer Action", 
  "type": "object"
}

ForceRevisionCheckRequestParameter (type) 

{
  "description": "Forces revision check before updating", 
  "id": "ForceRevisionCheckRequestParameter", 
  "module_id": "Policy", 
  "properties": {
    "enforce_revision_check": {
      "default": false, 
      "description": "If this is set to true, each child object in the request needs to have _revision property set correctly. System will honor the revision numbers while updating the resources.", 
      "readonly": false, 
      "required": false, 
      "title": "Force revision check", 
      "type": "boolean"
    }
  }, 
  "title": "Parameter to enforce revision check before updating objects", 
  "type": "object"
}

ForwarderZone (type) 

{
  "additionalProperties": false, 
  "id": "ForwarderZone", 
  "module_id": "DnsForwarder", 
  "properties": {
    "source_ip": {
      "$ref": "IPv4Address, 
      "description": "The source ip used by the fowarder of the zone. If no source ip specified, the ip address of listener of the DNS forwarder will be used.", 
      "required": false, 
      "title": "Source ip of the forwarder"
    }, 
    "upstream_servers": {
      "description": "Ip address of the upstream DNS servers the DNS forwarder accesses.", 
      "items": {
        "$ref": "IPv4Address
      }, 
      "maxItems": 3, 
      "minItems": 1, 
      "required": true, 
      "title": "Ips of upsteam DNS servers", 
      "type": "array"
    }
  }, 
  "type": "object"
}

ForwardingPolicy (type) 

{
  "additionalProperties": false, 
  "description": "Contains ordered list of forwarding rules that determine when to forward traffic to / from the underlay for accessing cloud native services.", 
  "extends": {
    "$ref": "Policy
  }, 
  "id": "ForwardingPolicy", 
  "module_id": "PolicyForwarding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "category": {
      "description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.", 
      "required": false, 
      "title": "A way to classify a security policy, if needed.", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "comments": {
      "description": "Comments for security policy lock/unlock.", 
      "readonly": false, 
      "required": false, 
      "title": "SecurityPolicy lock/unlock comments", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "lock_modified_by": {
      "description": "ID of the user who last modified the lock for the secruity policy.", 
      "readonly": true, 
      "required": false, 
      "title": "User who locked the security policy", 
      "type": "string"
    }, 
    "lock_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "SecurityPolicy locked/unlocked time in epoch milliseconds.", 
      "readonly": true, 
      "required": false, 
      "title": "SecuirtyPolicy locked/unlocked time"
    }, 
    "locked": {
      "default": false, 
      "description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.", 
      "required": false, 
      "title": "Lock a security policy", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rules": {
      "items": {
        "$ref": "ForwardingRule
      }, 
      "required": false, 
      "title": "Rules that are a part of this ForwardingPolicy", 
      "type": "array"
    }, 
    "scope": {
      "description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security policies.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "type": "array"
    }, 
    "sequence_number": {
      "description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy.", 
      "minimum": 0, 
      "title": "Sequence number to resolve conflicts across Domains", 
      "type": "int"
    }, 
    "stateful": {
      "description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.", 
      "readonly": false, 
      "required": false, 
      "title": "Stateful nature of the entries within this security policy.", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_strict": {
      "description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies.", 
      "readonly": false, 
      "required": false, 
      "title": "Enforce strict tcp handshake before allowing data packets", 
      "type": "boolean"
    }
  }, 
  "title": "Forwarding Policy\n", 
  "type": "object"
}

ForwardingPolicyListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListResult
  }, 
  "id": "ForwardingPolicyListResult", 
  "module_id": "PolicyForwarding", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ForwardingPolicy
      }, 
      "required": true, 
      "title": "ForwardingPolicy list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of ForwardingPolicy objects", 
  "type": "object"
}

ForwardingRule (type) 

{
  "additionalProperties": false, 
  "description": "Forwarding rule that determine how to forward traffic from a VM. Traffic from VM can either be routed via Overlay or Underlay when VM is on hybrid port. Additionally NAT can be performed for VM or container on overlay to route traffic to/from underlay ROUTE_TO_UNDERLAY - Access a service on underlay space from a VM connected to hybrid port. Eg access to AWS S3 on AWS underlay ROUTE_TO_OVERLAY -  Access a service on overlay space from a VM connected to hybrid port. ROUTE_FROM_UNDERLAY - Access a service hosted on a VM (that is connected to hybrid port) from underlay space. Eg access from AWS ELB to VM ROUTE_FROM_OVERLAY - Access a  service hosted on a VM (that is connected to hybrid port) from overlay space NAT_FROM_UNDERLAY - Access a service on overlay VM/container from underlay space using DNAT from underlay IP to overlay IP NAT_TO_UNDERLAY - Access an underlay service from a VM/container on overlay space using SNAT from overlay IP to underlay IP", 
  "extends": {
    "$ref": "BaseRule
  }, 
  "id": "ForwardingRule", 
  "module_id": "PolicyForwarding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "action": {
      "description": "The action to be applied to all the services", 
      "enum": [
        "ROUTE_TO_UNDERLAY", 
        "ROUTE_TO_OVERLAY", 
        "ROUTE_FROM_UNDERLAY", 
        "ROUTE_FROM_OVERLAY", 
        "NAT_FROM_UNDERLAY", 
        "NAT_TO_UNDERLAY"
      ], 
      "required": false, 
      "title": "Action", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destination_groups": {
      "description": "We need paths as duplicate names may exist for groups under different domains.In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Destination group paths", 
      "type": "array"
    }, 
    "destinations_excluded": {
      "default": false, 
      "description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups", 
      "readonly": false, 
      "required": false, 
      "title": "Negation of destination groups", 
      "type": "boolean"
    }, 
    "direction": {
      "default": "IN_OUT", 
      "description": "Define direction of traffic.", 
      "enum": [
        "IN", 
        "OUT", 
        "IN_OUT"
      ], 
      "required": false, 
      "title": "Direction", 
      "type": "string"
    }, 
    "disabled": {
      "default": false, 
      "description": "Flag to disable the rule. Default is enabled.", 
      "readonly": false, 
      "required": false, 
      "title": "Flag to disable the rule", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_protocol": {
      "description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.", 
      "enum": [
        "IPV4", 
        "IPV6", 
        "IPV4_IPV6"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "IPv4 vs IPv6 packet type", 
      "type": "string"
    }, 
    "logged": {
      "default": false, 
      "description": "Flag to enable packet logging. Default is disabled.", 
      "readonly": false, 
      "required": false, 
      "title": "Enable logging flag", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "notes": {
      "description": "Text for additional notes on changes.", 
      "maxLength": 2048, 
      "readonly": false, 
      "required": false, 
      "title": "Text for additional notes on changes", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "profiles": {
      "description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Layer 7 service profiles", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "scope": {
      "description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "type": "array"
    }, 
    "sequence_number": {
      "description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain", 
      "minimum": 0, 
      "required": false, 
      "title": "Sequence number of the this Rule", 
      "type": "int"
    }, 
    "services": {
      "description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Names of services", 
      "type": "array"
    }, 
    "source_groups": {
      "description": "We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Source group paths", 
      "type": "array"
    }, 
    "sources_excluded": {
      "default": false, 
      "description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups", 
      "readonly": false, 
      "required": false, 
      "title": "Negation of source groups", 
      "type": "boolean"
    }, 
    "tag": {
      "description": "User level field which will be printed in CLI and packet logs.", 
      "required": false, 
      "title": "Tag applied on the rule", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Forwarding rule", 
  "type": "object"
}

ForwardingRuleListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "RuleListRequestParameters
  }, 
  "id": "ForwardingRuleListRequestParameters", 
  "module_id": "PolicyForwarding", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "ForwardingRule list request parameters", 
  "type": "object"
}

ForwardingRuleListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "BaseRuleListResult
  }, 
  "id": "ForwardingRuleListResult", 
  "module_id": "PolicyForwarding", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ForwardingRule
      }, 
      "required": true, 
      "title": "Rule list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of ForwardingRules", 
  "type": "object"
}

GatewayConfig (type) 

{
  "additionalProperties": false, 
  "description": "Stores gateway configuration like nsx_manager_connection, default_quarantine_policy_enabled and is_ha_enabled.", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "GatewayConfig", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cloud_fallback_security_group_id": {
      "description": "Id of security group where the VMs should be moved after last gateway undeployed.", 
      "required": false, 
      "title": "Id of cloud security group", 
      "type": "string"
    }, 
    "default_quarantine_policy_enabled": {
      "default": false, 
      "required": false, 
      "title": "Flag to identify if default quarantine policy is enabled", 
      "type": "boolean"
    }, 
    "dns_settings": {
      "$ref": "DnsSettings, 
      "description": "Settings related to Cloud gateway DNS configuration. This determines DNS configuration based on dns_mode.", 
      "title": "DNS settings"
    }, 
    "is_ha_enabled": {
      "required": false, 
      "title": "Flag to identify if HA is enabled", 
      "type": "boolean"
    }, 
    "managed_without_agents": {
      "default": false, 
      "description": "This flag determines if this virtual private cloud is managed with or without NSX agents. This flag is applicable only for this network. If this virtual private cloud is being managed without NSX agents, quarantine state and threat state will be NOT_APPLICABLE for all the virtual machines under it.", 
      "required": false, 
      "title": "Managed Without NSX Agents", 
      "type": "boolean"
    }, 
    "nsx_manager_connection": {
      "description": "Determines if connection to NSX Manager is via public IP or private IP", 
      "enum": [
        "PUBLIC_IP", 
        "PRIVATE_IP"
      ], 
      "required": false, 
      "title": "NSX Manager connection", 
      "type": "string"
    }, 
    "proxy_server_profile": {
      "description": "Id of the proxy server profile, corresponding proxy settings will be applied while deploying the gateway.", 
      "required": false, 
      "title": "Id of the proxy server profile", 
      "type": "string"
    }, 
    "target_disk_size": {
      "description": "This is the target disk size of the PCG appliance in GB. Based on this an additional disk is attached to the PCG appliance, if required. The supported size is 191 GB and this property should only be modified post upgrade for exisiting PCG appliances.", 
      "required": false, 
      "title": "Target Disk Size", 
      "type": "integer"
    }, 
    "vpn_service_enabled": {
      "default": true, 
      "description": "Flag that will enable or disable inter-operation between NSX and non-NSX services via VPN.", 
      "required": false, 
      "title": "Flag to enable or disable inter-operation with services via VPN", 
      "type": "boolean"
    }
  }, 
  "title": "Gateway configuration", 
  "type": "object"
}

GatewayConfigOperationStatus (type) 

{
  "additionalProperties": false, 
  "id": "GatewayConfigOperationStatus", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "attaching_disks_status": {
      "description": "This property provides the status of attaching disks gateway configuration operation.", 
      "enum": [
        "IN_PROGRESS", 
        "SUCCESSFUL", 
        "FAILED"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Status of attaching disks gateway configuration operation", 
      "type": "string"
    }, 
    "error_code": {
      "description": "Error code for gateway configuration operation failure.", 
      "readonly": true, 
      "required": false, 
      "title": "Error code for gateway configuration operation failure", 
      "type": "integer"
    }, 
    "error_message": {
      "description": "Error message for gateway configuration operation failure.", 
      "readonly": true, 
      "required": false, 
      "title": "Error message for gateway configuration operation failure", 
      "type": "string"
    }
  }, 
  "type": "object"
}

GatewayFloodProtectionProfile (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "FloodProtectionProfile
  }, 
  "id": "GatewayFloodProtectionProfile", 
  "module_id": "PolicyProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "GatewayFloodProtectionProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "icmp_active_flow_limit": {
      "description": "If this field is empty, firewall will not set a limit to active ICMP connections.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "title": "Active ICMP connections limit", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "other_active_conn_limit": {
      "description": "If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "title": "Timeout after first TN", 
      "type": "integer"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "FloodProtectionProfileResourceType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_half_open_conn_limit": {
      "description": "If this field is empty, firewall will not set a limit to half open TCP connections.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "title": "Active half open TCP connections limit", 
      "type": "integer"
    }, 
    "udp_active_flow_limit": {
      "description": "If this field is empty, firewall will not set a limit to active UDP connections.", 
      "maximum": 1000000, 
      "minimum": 1, 
      "title": "Active UDP connections limit", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

GatewayInstanceStatus (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about gateway instance status", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "GatewayInstanceStatus", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "configuration_operation_status": {
      "$ref": "GatewayConfigOperationStatus, 
      "description": "This property provides a consolidated status of supported gateway configuration operations.", 
      "readonly": true, 
      "required": false, 
      "title": "Status of different gateway configuration operations", 
      "type": "object"
    }, 
    "deployment_step": {
      "enum": [
        "VALIDATING_ENVIRONMENT", 
        "COPYING_IMAGE", 
        "CREATING_SECURITY_GROUPS", 
        "LAUNCHING_GATEWAY", 
        "CREATING_NETWORK_INTERFACES", 
        "ATTACHING_NETWORK_INTERFACES", 
        "ATTACHING_SECURITY_GROUPS", 
        "CONFIGURING_GATEWAY", 
        "CREATING_LOGICAL_NETWORK_CONSTRUCTS", 
        "DEPLOYMENT_SUCCESSFUL", 
        "DEPLOYMENT_FAILED", 
        "UNCONFIGURING_GATEWAY", 
        "RELEASING_EIPS", 
        "TERMINATING_GATEWAY", 
        "DELETING_SECURITY_GROUPS", 
        "DELETING_CLOUD_RESOURCES", 
        "UNDEPLOYMENT_SUCCESSFUL", 
        "UNDEPLOYMENT_FAILED", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Different states of gateway deployment", 
      "type": "string"
    }, 
    "error_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code for gateway operation failure", 
      "type": "integer"
    }, 
    "error_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message for gateway operation failure", 
      "type": "string"
    }, 
    "gateway_ha_index": {
      "required": false, 
      "title": "Index of HA that indicates whether gateway is primary or secondary.\nIf index is 0, then it is primary gateway. Else secondary gateway.\n", 
      "type": "integer"
    }, 
    "gateway_instance_id": {
      "required": false, 
      "title": "ID of the gateway instance", 
      "type": "string"
    }, 
    "gateway_lcp_connectivity_status": {
      "description": "Status of connectivity between NSX controller and public cloud gateway.", 
      "enum": [
        "UP", 
        "DOWN", 
        "DEGRADED", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Gateway to NSX Controller connectivity status", 
      "type": "string"
    }, 
    "gateway_mpa_connectivity_status": {
      "description": "Status of connectivity between NSX manager and public cloud gateway.", 
      "enum": [
        "UP", 
        "DOWN", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Gateway to NSX Manager connectivity status", 
      "type": "string"
    }, 
    "gateway_name": {
      "required": false, 
      "title": "Name of the gateway instance", 
      "type": "string"
    }, 
    "gateway_node_id": {
      "required": false, 
      "title": "NSX Node ID of the public cloud gateway", 
      "type": "string"
    }, 
    "gateway_status": {
      "enum": [
        "UP", 
        "DOWN", 
        "DEPLOYING", 
        "NOT_AVAILABLE", 
        "UNDEPLOYING"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Gateway instance status", 
      "type": "string"
    }, 
    "gateway_tn_id": {
      "required": false, 
      "title": "NSX transport node id of the public cloud gateway", 
      "type": "string"
    }, 
    "is_gateway_active": {
      "readonly": true, 
      "required": false, 
      "title": "Flag to identify if this is an active gateway", 
      "type": "boolean"
    }, 
    "private_ip": {
      "readonly": true, 
      "required": false, 
      "title": "Private IP address of the virtual machine", 
      "type": "string"
    }, 
    "public_ip": {
      "readonly": true, 
      "required": false, 
      "title": "Public IP address of the virtual machine", 
      "type": "string"
    }, 
    "vpn_private_ip": {
      "description": "Private IP address of the virtual machine for VPN", 
      "readonly": true, 
      "required": false, 
      "title": "VPN Private IP address", 
      "type": "string"
    }
  }, 
  "title": "Gateway instance status", 
  "type": "object"
}

GatewayPolicy (type) 

{
  "extends": {
    "$ref": "Policy
  }, 
  "id": "GatewayPolicy", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "category": {
      "description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.", 
      "required": false, 
      "title": "A way to classify a security policy, if needed.", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "comments": {
      "description": "Comments for security policy lock/unlock.", 
      "readonly": false, 
      "required": false, 
      "title": "SecurityPolicy lock/unlock comments", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "lock_modified_by": {
      "description": "ID of the user who last modified the lock for the secruity policy.", 
      "readonly": true, 
      "required": false, 
      "title": "User who locked the security policy", 
      "type": "string"
    }, 
    "lock_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "SecurityPolicy locked/unlocked time in epoch milliseconds.", 
      "readonly": true, 
      "required": false, 
      "title": "SecuirtyPolicy locked/unlocked time"
    }, 
    "locked": {
      "default": false, 
      "description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.", 
      "required": false, 
      "title": "Lock a security policy", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rules": {
      "items": {
        "$ref": "Rule
      }, 
      "required": false, 
      "title": "Rules that are a part of this SecurityPolicy", 
      "type": "array"
    }, 
    "scope": {
      "description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security policies.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "type": "array"
    }, 
    "sequence_number": {
      "description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy.", 
      "minimum": 0, 
      "title": "Sequence number to resolve conflicts across Domains", 
      "type": "int"
    }, 
    "stateful": {
      "description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.", 
      "readonly": false, 
      "required": false, 
      "title": "Stateful nature of the entries within this security policy.", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_strict": {
      "description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies.", 
      "readonly": false, 
      "required": false, 
      "title": "Enforce strict tcp handshake before allowing data packets", 
      "type": "boolean"
    }
  }, 
  "title": "Contains ordered list of Rules for GatewayPolicy", 
  "type": "object"
}

GatewayPolicyListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListResult
  }, 
  "id": "GatewayPolicyListResult", 
  "module_id": "Policy", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "GatewayPolicy
      }, 
      "required": true, 
      "title": "GatewayPolicy list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of gateway policies", 
  "type": "object"
}

GatewayPublicIp (type) 

{
  "additionalProperties": false, 
  "description": "Stores gateway public IP settings like ip_allocation_mode and ip_address.", 
  "id": "GatewayPublicIp", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "ip_allocation_mode": {
      "default": "ALLOCATE_NEW", 
      "description": "ALLOCATE_NEW: Allocate new public IP. USE_EXISTING: Use cloud provider public IP. DONT_ALLOCATE: Don't allocate any public IP.", 
      "enum": [
        "ALLOCATE_NEW", 
        "USE_EXISTING", 
        "DONT_ALLOCATE"
      ], 
      "title": "IP Allocation Mode", 
      "type": "string"
    }, 
    "public_ip": {
      "description": "Stores IP address from the Azure public IP service. The IP address will be used ip_allocation_mode is set to USE_EXISTING.", 
      "format": "ipv4", 
      "required": false, 
      "title": "Public IP Address", 
      "type": "string"
    }
  }, 
  "title": "Gateway Public IP Information", 
  "type": "object"
}

GatewayStats (type) 

{
  "additionalProperties": false, 
  "id": "GatewayStats", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "deploying": {
      "description": "The number of gateways with status DEPLOYING.", 
      "readonly": true, 
      "required": false, 
      "title": "Gateways with status DEPLOYING", 
      "type": "integer"
    }, 
    "down": {
      "description": "The number of gateways with status DOWN.", 
      "readonly": true, 
      "required": false, 
      "title": "Gateways with status DOWN", 
      "type": "integer"
    }, 
    "up": {
      "description": "The number of gateways with status UP.", 
      "readonly": true, 
      "required": false, 
      "title": "Gateways with status UP", 
      "type": "integer"
    }
  }, 
  "title": "Gateway statistics", 
  "type": "object"
}

GenericDhcpOption (type) 

{
  "additionalProperties": false, 
  "description": "Define DHCP options other than option 121.", 
  "id": "GenericDhcpOption", 
  "module_id": "Dhcp", 
  "properties": {
    "code": {
      "description": "Code of the dhcp option.", 
      "maximum": 255, 
      "minimum": 0, 
      "required": true, 
      "title": "DHCP option code, [0-255]", 
      "type": "integer"
    }, 
    "values": {
      "description": "Value of the option.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 10, 
      "minItems": 1, 
      "required": true, 
      "title": "DHCP option value", 
      "type": "array"
    }
  }, 
  "title": "Generic DHCP option", 
  "type": "object"
}

GenericPolicyRealizedResource (type) 

{
  "description": "Represents realized entity", 
  "extends": {
    "$ref": "PolicyRealizedResource
  }, 
  "id": "GenericPolicyRealizedResource", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "entity_type": {
      "readonly": true, 
      "title": "Type of realized entity", 
      "type": "string"
    }, 
    "extended_attributes": {
      "items": {
        "$ref": "AttributeVal
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Collection of type specific properties", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_paths": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "title": "Collection of intent paths", 
      "type": "array"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Generic realized entity", 
  "type": "object"
}

GenericPolicyRealizedResourceListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "GenericPolicyRealizedResource list request parameters", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "GenericPolicyRealizedResourceListRequestParameters", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "GenericPolicyRealizedResource list request parameters", 
  "type": "object"
}

GenericPolicyRealizedResourceListResult (type) 

{
  "additionalProperties": false, 
  "description": "GenericPolicyRealizedResource list result", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "GenericPolicyRealizedResourceListResult", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of realized resources", 
      "items": {
        "$ref": "GenericPolicyRealizedResource
      }, 
      "required": false, 
      "title": "Paged Collection of GenericPolicyRealizedResources", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "GenericPolicyRealizedResource list result", 
  "type": "object"
}

GetCertParameter (type) 

{
  "additionalProperties": false, 
  "id": "GetCertParameter", 
  "module_id": "CertificateManager", 
  "properties": {
    "details": {
      "default": false, 
      "required": false, 
      "title": "whether to expand the pem data and show all its details", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

GiServiceProfile (type) 

{
  "description": "GI Specific service profile", 
  "extends": {
    "$ref": "BaseServiceProfile
  }, 
  "id": "GiServiceProfile", 
  "module_id": "ServiceInsertionCommonTypes", 
  "polymorphic-type-descriptor": {
    "type-identifier": "GiServiceProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Service Profile type, for example 'GiServiceProfile', 'ServiceInsertionServiceProfile'", 
      "required": true, 
      "title": "Service Profile Resource type.", 
      "type": "string"
    }, 
    "service_id": {
      "description": "The service to which the service profile belongs.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Id", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "vendor_template_id": {
      "description": "ID of the vendor template, created by partner while registering the service.", 
      "readonly": false, 
      "required": true, 
      "title": "Vendor template Id", 
      "type": "string"
    }, 
    "vendor_template_key": {
      "description": "Different VMs in data center can have Different protection levels as specified by administrator in the policy. The identifier for the policy with which the partner appliance identifies this policy. This identifier will be passed to the partner appliance at runtime to specify which protection level is applicable for the VM being protected.", 
      "readonly": true, 
      "required": false, 
      "title": "Vendor template key", 
      "type": "string"
    }
  }, 
  "title": "GI sepcific Service Profile", 
  "type": "object"
}

GlobalCollectionConfiguration (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "GlobalCollectionConfiguration", 
  "module_id": "AggSvcDataCollectionConfig", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "aggregated_data_collection_frequency": {
      "description": "The frequency in seconds at which data, which is subject to the aggregation function, is collected.", 
      "maximum": 86400, 
      "minimum": 60, 
      "required": true, 
      "title": "Aggregated Data Collection Frequency In Seconds", 
      "type": "integer"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_data_collection_enabled": {
      "description": "Indicates whether data collection required by the aggregation service is enabled.  If false, no aggregation service data will be collected.  Changing this property will not affect the existing data collection frequency settings.", 
      "required": true, 
      "title": "Is data collection enabled", 
      "type": "boolean"
    }, 
    "modified_feature_stack_collection_configurations": {
      "$ref": "FeatureStackCollectionConfigurationList, 
      "description": "The list of the locally modified feature stack data collection frequency settings.  If all feature stack data collection configurations are set to their default values, this list will be empty.", 
      "readonly": true, 
      "title": "Modified feature stack collection configurations"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

GlobalConfig (type) 

{
  "additionalProperties": false, 
  "description": "Global configuration", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "GlobalConfig", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fips": {
      "$ref": "FIPSGlobalConfig, 
      "description": "Contains the FIPSGlobalConfig object.", 
      "required": false, 
      "title": "FIPS enabled config"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "mtu": {
      "description": "Maximum transmission unit (MTU) specifies the size of the largest packet that a network protocol can transmit.", 
      "minimum": 1280, 
      "required": false, 
      "title": "MTU size", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Global configuration", 
  "type": "object"
}

GlobalConfigType (type) 

{
  "enum": [
    "SwitchingGlobalConfig", 
    "RoutingGlobalConfig", 
    "OperationCollectorGlobalConfig", 
    "FirewallGlobalConfig", 
    "EsxGlobalOpaqueConfig", 
    "SecurityGlobalConfig", 
    "FipsGlobalConfig"
  ], 
  "id": "GlobalConfigType", 
  "module_id": "GlobalConfigs", 
  "title": "Valid Global configuration types", 
  "type": "string"
}

GlobalConfigs (type) 

{
  "abstract": true, 
  "description": "The GlobalConfigs is the base class for global configurations for different types in a NSX domain.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "GlobalConfigs", 
  "module_id": "GlobalConfigs", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "GlobalConfigType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Abstract base type for Global configurations of different types", 
  "type": "object"
}

GlobalConfigsListResult (type) 

{
  "description": "A list of global configurations grouped by their types", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "GlobalConfigsListResult", 
  "module_id": "GlobalConfigs", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "GlobalConfigs
      }, 
      "required": false, 
      "title": "Domain specific global configuration.", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Global configurations query result", 
  "type": "object"
}

GlobalRestoreStatus (type) 

{
  "id": "GlobalRestoreStatus", 
  "module_id": "ClusterRestore", 
  "properties": {
    "description": {
      "readonly": true, 
      "required": true, 
      "title": "A description of the restore status", 
      "type": "string"
    }, 
    "value": {
      "enum": [
        "INITIAL", 
        "SUCCESS", 
        "FAILED", 
        "RUNNING", 
        "SUSPENDED_BY_USER", 
        "SUSPENDED_FOR_USER_ACTION", 
        "SUSPENDED", 
        "ABORTED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Global rolled-up restore status value", 
      "type": "string"
    }
  }, 
  "title": "Overall restore process status", 
  "type": "object"
}

GracefulRestartConfig (type) 

{
  "additionalProperties": false, 
  "description": "BGP Graceful Restart configuration parameters", 
  "id": "GracefulRestartConfig", 
  "module_id": "Routing", 
  "properties": {
    "graceful_restart_mode": {
      "$ref": "GracefulRestartMode, 
      "default": "HELPER_ONLY", 
      "description": "BGP Graceful Restart mode", 
      "required": false, 
      "title": "Graceful Restart Mode"
    }, 
    "graceful_restart_timer": {
      "$ref": "GracefulRestartTimer, 
      "description": "Graceful Restart timers configuration", 
      "required": false, 
      "title": "Graceful Restart Timer"
    }
  }, 
  "title": "BGP Graceful Restart Configuration", 
  "type": "object"
}

GracefulRestartMode (type) 

{
  "additionalProperties": false, 
  "description": "BGP Graceful Restart modes. DISABLE Disables Graceful Restart capability. HELPER_ONLY Enables as Helper only in Graceful Restart mechanism. GR_AND_HELPER Enables Graceful Restart capability along with HELPER mode.", 
  "enum": [
    "DISABLE", 
    "HELPER_ONLY", 
    "GR_AND_HELPER"
  ], 
  "id": "GracefulRestartMode", 
  "module_id": "Routing", 
  "type": "string"
}

GracefulRestartTimer (type) 

{
  "additionalProperties": false, 
  "description": "BGP Graceful Restart timers configuration", 
  "id": "GracefulRestartTimer", 
  "module_id": "Routing", 
  "properties": {
    "restart_timer": {
      "default": 180, 
      "description": "Maximum time BGP speaker will take for the BGP session to be re-established after a restart. Ranges from 1 sec to 3600 sec. This can be used to speed up routing convergence by its peer in case that the BGP speaker does not come back after a restart. If the session does not get re-established within the \"Restart Time\" that the Restarting Speaker advertised previously, the Receiving Speaker will delete all the stale routes from that peer.", 
      "maximum": 3600, 
      "minimum": 1, 
      "required": false, 
      "title": "Restart Timer", 
      "type": "integer"
    }, 
    "stale_timer": {
      "default": 600, 
      "description": "Maximum time before stale routes are removed from the RIB when the local BGP process restarts. Ranges from 1 sec to 3600 sec.", 
      "maximum": 3600, 
      "minimum": 1, 
      "required": false, 
      "title": "Stale Timer", 
      "type": "integer"
    }
  }, 
  "title": "BGP Graceful Restart Timer", 
  "type": "object"
}

GraphConfiguration (type) 

{
  "additionalProperties": false, 
  "description": "Represents configuration of a graph widget", 
  "extends": {
    "$ref": "WidgetConfiguration
  }, 
  "id": "GraphConfiguration", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "polymorphic-type-descriptor": {
    "type-identifier": "GraphConfiguration"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "axes": {
      "$ref": "Axes, 
      "desription": "Represents the Axes of a graph. If axes is not specified, labels are not applied to the axes.", 
      "title": "Axes of a graph"
    }, 
    "datasources": {
      "description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.", 
      "items": {
        "$ref": "Datasource
      }, 
      "minItems": 0, 
      "title": "Array of Datasource Instances with their relative urls", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.", 
      "maxLength": 255, 
      "title": "Widget Title", 
      "type": "string"
    }, 
    "display_x_value": {
      "default": false, 
      "description": "If true, value of a point is shown as label on X axis. If false, value of point is not shown as label on X axis. false can be useful in situations where there are too many points and showing the X value as label can clutter the X axis.", 
      "title": "Show or hide the value of a point on X axis", 
      "type": "boolean"
    }, 
    "drilldown_id": {
      "description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.", 
      "maxLength": 255, 
      "title": "Id of drilldown widget", 
      "type": "string"
    }, 
    "footer": {
      "$ref": "Footer
    }, 
    "graphs": {
      "decription": "Array of graphs to be plotted on the Axes. If more than 1 graph needs to be shown on the same axes, each graph will be distinguished by its color and legend.", 
      "items": {
        "$ref": "GraphDefinition
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Graphs", 
      "type": "array"
    }, 
    "icons": {
      "description": "Icons to be applied at dashboard for widgets and UI elements.", 
      "items": {
        "$ref": "Icon
      }, 
      "title": "Icons", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_drilldown": {
      "default": false, 
      "description": "Set to true if this widget should be used as a drilldown.", 
      "title": "Set as a drilldown widget", 
      "type": "boolean"
    }, 
    "legend": {
      "$ref": "Legend, 
      "description": "Legend to be displayed. If legend is not needed, do not include it.", 
      "title": "Legend for the widget"
    }, 
    "navigation": {
      "description": "Hyperlink of the specified UI page that provides details.", 
      "title": "Navigation to a specified UI page", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration and ContainerConfiguration.", 
      "enum": [
        "LabelValueConfiguration", 
        "DonutConfiguration", 
        "MultiWidgetConfiguration", 
        "ContainerConfiguration", 
        "StatsConfiguration", 
        "GridConfiguration", 
        "GraphConfiguration"
      ], 
      "maxLength": 255, 
      "readonly": true, 
      "required": true, 
      "title": "Widget visualization type", 
      "type": "string"
    }, 
    "shared": {
      "deprecated": true, 
      "description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.", 
      "title": "Visiblity of widgets to other users", 
      "type": "boolean"
    }, 
    "sub_type": {
      "default": "BAR_GRAPH", 
      "description": "Describes the the type of graph. LINE_GRAPH shows a line graph chart BAR_GRAPH shows a simple bar graph chart STACKED_BAR_GRAPH shows a stacked bar graph chart", 
      "enum": [
        "LINE_GRAPH", 
        "BAR_GRAPH", 
        "STACKED_BAR_GRAPH"
      ], 
      "title": "Subtype of a graph", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "weight": {
      "deprecated": true, 
      "description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.", 
      "title": "Weightage or placement of the widget or container", 
      "type": "int"
    }
  }, 
  "title": "Graph Configuration", 
  "type": "object"
}

GraphDefinition (type) 

{
  "additionalProperties": false, 
  "description": "Defines a graph", 
  "id": "GraphDefinition", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "label": {
      "$ref": "Label, 
      "description": "Describes the graph. It labels the entities of graph. If the label is not provided then it is not shown for a graph. For example, for a single graph, the title of widget can describe the graph and a label may not be necessary to be shown.", 
      "title": "Label of a graph"
    }, 
    "point_definition": {
      "$ref": "PointDefinition, 
      "description": "Defines the points of a graph.", 
      "required": true, 
      "title": "Definition for points of a graph"
    }, 
    "render_configuration": {
      "description": "Additional rendering or conditional evaluation of the field values to be performed, if any.", 
      "items": {
        "$ref": "RenderConfiguration
      }, 
      "minItems": 0, 
      "title": "Render Configuration", 
      "type": "array"
    }
  }, 
  "title": "Definition of a graph", 
  "type": "object"
}

GridConfiguration (type) 

{
  "additionalProperties": false, 
  "description": "Represents configuration of a Grid or Table widget.", 
  "extends": {
    "$ref": "WidgetConfiguration
  }, 
  "id": "GridConfiguration", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "polymorphic-type-descriptor": {
    "type-identifier": "GridConfiguration"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "columns": {
      "description": "Array of columns of a Grid widget", 
      "items": {
        "$ref": "ColumnItem
      }, 
      "required": true, 
      "title": "Columns", 
      "type": "array"
    }, 
    "datasources": {
      "description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.", 
      "items": {
        "$ref": "Datasource
      }, 
      "minItems": 0, 
      "title": "Array of Datasource Instances with their relative urls", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.", 
      "maxLength": 255, 
      "title": "Widget Title", 
      "type": "string"
    }, 
    "drilldown_id": {
      "description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.", 
      "maxLength": 255, 
      "title": "Id of drilldown widget", 
      "type": "string"
    }, 
    "footer": {
      "$ref": "Footer
    }, 
    "icons": {
      "description": "Icons to be applied at dashboard for widgets and UI elements.", 
      "items": {
        "$ref": "Icon
      }, 
      "title": "Icons", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_drilldown": {
      "default": false, 
      "description": "Set to true if this widget should be used as a drilldown.", 
      "title": "Set as a drilldown widget", 
      "type": "boolean"
    }, 
    "legend": {
      "$ref": "Legend, 
      "description": "Legend to be displayed. If legend is not needed, do not include it.", 
      "title": "Legend for the widget"
    }, 
    "page_size": {
      "default": 30, 
      "description": "Number of records per page. page_size will be effective only when the urls provided in the datasource support paging.", 
      "title": "Page Size", 
      "type": "int"
    }, 
    "resource_type": {
      "description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration and ContainerConfiguration.", 
      "enum": [
        "LabelValueConfiguration", 
        "DonutConfiguration", 
        "MultiWidgetConfiguration", 
        "ContainerConfiguration", 
        "StatsConfiguration", 
        "GridConfiguration", 
        "GraphConfiguration"
      ], 
      "maxLength": 255, 
      "readonly": true, 
      "required": true, 
      "title": "Widget visualization type", 
      "type": "string"
    }, 
    "row_list_fields": {
      "description": "Rows of grid or table are formed from the list of objects returned by a row list field.", 
      "items": {
        "$ref": "RowListField
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "List of fields from which rows are formed", 
      "type": "array"
    }, 
    "shared": {
      "deprecated": true, 
      "description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.", 
      "title": "Visiblity of widgets to other users", 
      "type": "boolean"
    }, 
    "span": {
      "default": 2, 
      "description": "Represents the horizontal span of the Grid.", 
      "title": "Horizontal width of grid widget", 
      "type": "int"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "weight": {
      "deprecated": true, 
      "description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.", 
      "title": "Weightage or placement of the widget or container", 
      "type": "int"
    }
  }, 
  "title": "Grid Configuration", 
  "type": "object"
}

Group (type) 

{
  "additionalProperties": false, 
  "description": "Group.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Group", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "expression": {
      "description": "The expression list must follow below criteria:   1. A non-empty expression list, must be of odd size. In a list, with   indices starting from 0, all non-conjunction expressions must be at   even indices, separated by a conjunction expression at odd   indices.   2. The total of ConditionExpression and NestedExpression in a list   should not exceed 5.   3. The total of IPAddressExpression, MACAddressExpression, external   IDs in an ExternalIDExpression and paths in a PathExpression must not exceed   500.   4. Each expression must be a valid Expression. See the definition of   the Expression type for more information.", 
      "items": {
        "$ref": "Expression
      }, 
      "required": false, 
      "title": "Expression", 
      "type": "array"
    }, 
    "extended_expression": {
      "description": "Extended Expression allows additional higher level context to be specified for grouping criteria. (e.g. user AD group) This field allow users to specified user context as the source of a firewall rule for IDFW feature. Current version only support a single IdentityGroupExpression. In the future, this might expand to support other conjunction and non-conjunction expression.  The extended expression list must follow below criteria: 1. Contains a single IdentityGroupExpression. No conjunction expression is supported. 2. No other non-conjunction expression is supported, except for IdentityGroupExpression. 3. Each expression must be a valid Expression. See the definition of the Expression type for more information. 4. Extended expression are implicitly AND with expression. 5. No nesting can be supported if this value is used. 6. If a Group is using extended expression, this group must be the only member in the source field of an communication map.", 
      "items": {
        "$ref": "Expression
      }, 
      "maxItems": 1, 
      "required": false, 
      "title": "Extended Expression", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "IN_PROGRESS", 
        "SUCCESS", 
        "FAILURE"
      ], 
      "required": false, 
      "title": "Realization state of this group", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Group", 
  "type": "object"
}

GroupDeleteRequestParameters (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "extends": {
    "$ref": "DeleteRequestParameters
  }, 
  "id": "GroupDeleteRequestParameters", 
  "module_id": "Policy", 
  "properties": {
    "fail_if_subtree_exists": {
      "default": false, 
      "description": "Check if the group sub-tree has any entities. These primarily include the binding maps that point to various profiles. If this flag is passed as true, the group delete fails if any binding maps exist in the group sub-tree. By default, this flag is false, which means that the group is deleted along with the group sub-tree.", 
      "title": "Do not delete if the group subtree has any entities", 
      "type": "boolean"
    }, 
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }
  }, 
  "title": "Group delete request parameters", 
  "type": "object"
}

GroupInfo (type) 

{
  "description": "GroupInfo contains information about a particular Group used in Redirection Rules. It also contains information about policy path, if the group is created from Policy.", 
  "id": "GroupInfo", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "group": {
      "$ref": "ResourceReference, 
      "description": "Group Data.", 
      "readonly": true, 
      "required": false, 
      "title": "Group"
    }, 
    "group_policy_path": {
      "description": "Policy path of a particular Group.", 
      "readonly": true, 
      "required": false, 
      "title": "Policy path of Group", 
      "type": "string"
    }
  }, 
  "title": "GroupInfo", 
  "type": "object"
}

GroupListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "GroupListRequestParameters", 
  "module_id": "Policy", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Group list request parameters", 
  "type": "object"
}

GroupListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "GroupListResult", 
  "module_id": "Policy", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Group
      }, 
      "required": true, 
      "title": "Group list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Groups", 
  "type": "object"
}

GroupMemberTagsList (type) 

{
  "additionalProperties": false, 
  "description": "Collection of tags used in a policy group for a particular member type", 
  "id": "GroupMemberTagsList", 
  "module_id": "PolicyGroupRealization", 
  "properties": {
    "member_type": {
      "required": true, 
      "title": "Member type for which we will list the tags", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "type": "string"
      }, 
      "required": true, 
      "title": "List of tags for the member type", 
      "type": "array"
    }
  }, 
  "title": "Group tags list for a particular member type", 
  "type": "object"
}

GroupMonitoringProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "This entity will be used to establish association between monitoring profile and Group. Using this entity, you can specify intent for applying monitoring profile to particular Group. Group with membership criteria vm only supported as source group. Port mirroring is only supported on group with five vms.", 
  "extends": {
    "$ref": "MonitoringProfileBindingMap
  }, 
  "id": "GroupMonitoringProfileBindingMap", 
  "module_id": "PolicyMonitoringProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipfix_dfw_profile_path": {
      "description": "PolicyPath of associated IPFIX DFW Profile", 
      "required": false, 
      "title": "IPFIX DFW Profile Path", 
      "type": "string"
    }, 
    "ipfix_l2_profile_path": {
      "description": "PolicyPath of associated IPFIX L2 Profile", 
      "required": false, 
      "title": "IPFIX L2 Profile Path", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "port_mirroring_profile_path": {
      "description": "PolicyPath of associated Port Mirroring Profile", 
      "required": false, 
      "title": "Port Mirroring Profile Path", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Group Monitoring Profile binding map", 
  "type": "object"
}

GroupMonitoringProfileBindingMapListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "GroupMonitoringProfileBindingMapListRequestParameters", 
  "module_id": "PolicyMonitoringProfileBinding", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Group Monitoring Profile Binding Map list request parameters", 
  "type": "object"
}

GroupMonitoringProfileBindingMapListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "GroupMonitoringProfileBindingMapListResult", 
  "module_id": "PolicyMonitoringProfileBinding", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "GroupMonitoringProfileBindingMap
      }, 
      "required": true, 
      "title": "Group Monitoring Profile Binding Map list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Group Monitoring Profile Binding Maps", 
  "type": "object"
}

GroupStatusListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "GroupStatusListRequestParameters", 
  "module_id": "Upgrade", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "has_errors": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Flag to indicate whether to return only upgrade units with errors", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

GroupTagsList (type) 

{
  "additionalProperties": false, 
  "description": "Collection of tags used in a policy group listed per member type", 
  "id": "GroupTagsList", 
  "module_id": "PolicyGroupRealization", 
  "properties": {
    "results": {
      "items": {
        "$ref": "GroupMemberTagsList
      }, 
      "required": true, 
      "title": "Collection of tags used in a policy group listed per member type", 
      "type": "array"
    }
  }, 
  "title": "Group tags list listed per member type", 
  "type": "object"
}

GroupedMigrationFeedbackRequest (type) 

{
  "additionalProperties": false, 
  "description": "Detailed feedback requests from the migration tool where user input is required.", 
  "id": "GroupedMigrationFeedbackRequest", 
  "module_id": "Migration", 
  "properties": {
    "accepted_actions": {
      "description": "List of acceptable actions for this feedback request.", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Acceptable actions for this feedback request", 
      "type": "array"
    }, 
    "accepted_value_type": {
      "description": "Data type of the items listed in acceptable values list.", 
      "readonly": true, 
      "required": true, 
      "title": "Data type of the items listed in acceptable values", 
      "type": "string"
    }, 
    "accepted_values": {
      "description": "List of acceptable values for this feedback request.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Acceptable values for this feedback request", 
      "type": "array"
    }, 
    "hash": {
      "description": "Identify a feedback request type across objects. This can be used to group together objects with similar feedback request and resolve them in one go.", 
      "readonly": true, 
      "required": false, 
      "title": "Identifier for a feedback request type", 
      "type": "string"
    }, 
    "message": {
      "description": "Detailed feedback request with options.", 
      "readonly": true, 
      "required": true, 
      "title": "Content of feedback request", 
      "type": "string"
    }, 
    "multi_value": {
      "description": "Indicates if multiple values can be selected as response from the list of acceptable value.", 
      "readonly": true, 
      "required": true, 
      "title": "Indicates if multiple values can be selected as response", 
      "type": "boolean"
    }, 
    "objects": {
      "items": {
        "$ref": "SummaryMigrationFeedbackRequest
      }, 
      "readonly": false, 
      "required": true, 
      "title": "Collection of feedback requests of a given type", 
      "type": "array"
    }, 
    "resolved": {
      "description": "Indicates if a valid response already exist for all feedback requests in this group.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates if all feedback requests in this group are resolved", 
      "type": "boolean"
    }, 
    "sub_vertical": {
      "description": "Functional sub-area that this query falls into.", 
      "readonly": true, 
      "required": true, 
      "title": "Functional sub-area for the feedback query", 
      "type": "string"
    }, 
    "suggested_action": {
      "description": "The suggested action to resolve this feedback request.", 
      "readonly": true, 
      "required": true, 
      "title": "Suggested action for this feedback request", 
      "type": "string"
    }, 
    "suggested_value": {
      "description": "The suggested value to resolve this feedback request.", 
      "readonly": true, 
      "required": true, 
      "title": "Suggested value for this feedback request", 
      "type": "string"
    }, 
    "vertical": {
      "description": "Functional area that this query falls into.", 
      "readonly": true, 
      "required": true, 
      "title": "Functional area for the feedback query", 
      "type": "string"
    }
  }, 
  "title": "Grouped Feedback detail required for Migration", 
  "type": "object"
}

GroupedMigrationFeedbackRequestListResult (type) 

{
  "additionalProperties": false, 
  "description": "Groups of detailed feedback requests from the migration tool where user input is required.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "GroupedMigrationFeedbackRequestListResult", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "GroupedMigrationFeedbackRequest
      }, 
      "readonly": false, 
      "required": true, 
      "title": "Paged Collection of groups of feedback requests", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "groups of feedback required for Migration", 
  "type": "object"
}

GuestInfo (type) 

{
  "additionalProperties": false, 
  "description": "Guest virtual machine details include OS name and computer name of guest VM.", 
  "id": "GuestInfo", 
  "module_id": "Inventory", 
  "properties": {
    "computer_name": {
      "description": "Computer name of guest virtual machine, which is set inside guest OS. Currently this is supported for guests on ESXi that have VMware Tools installed.", 
      "readonly": true, 
      "required": false, 
      "title": "Computer name", 
      "type": "string"
    }, 
    "os_name": {
      "description": "OS name of guest virtual machine. Currently this is supported for guests on ESXi that have VMware Tools installed.", 
      "readonly": true, 
      "required": false, 
      "title": "OS name", 
      "type": "string"
    }
  }, 
  "title": "Guest virtual machine details", 
  "type": "object"
}

HaVipConfig (type) 

{
  "additionalProperties": false, 
  "id": "HaVipConfig", 
  "module_id": "LogicalRouter", 
  "properties": {
    "enabled": {
      "default": true, 
      "required": false, 
      "title": "Flag to enable this ha vip config.", 
      "type": "boolean"
    }, 
    "ha_vip_subnets": {
      "description": "Array of IP address subnets which will be used as floating IP addresses. | Note - this configuration is applicable only for Active-Standby LogicalRouter. | For Active-Active LogicalRouter this configuration will be rejected.", 
      "items": {
        "$ref": "VIPSubnet
      }, 
      "maxItems": 2, 
      "minItems": 1, 
      "required": true, 
      "title": "Floating IP address subnets", 
      "type": "array"
    }, 
    "redundant_uplink_port_ids": {
      "description": "Identifiers of logical router uplink ports which are to be paired to provide | redundancy. Floating IP will be owned by one of these uplink ports (depending upon | which node is Active).", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 2, 
      "minItems": 2, 
      "required": true, 
      "title": "Identifiers of uplink ports for providing redundancy", 
      "type": "array"
    }
  }, 
  "type": "object"
}

HealthCheckResult (type) 

{
  "description": "Result of health check .", 
  "id": "HealthCheckResult", 
  "module_id": "HealthCheck", 
  "properties": {
    "results_per_transport_node": {
      "description": "List of health check results on specific transport node", 
      "items": {
        "$ref": "HealthCheckResultPerTransportNode
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Health Check Results Per Transport Node", 
      "type": "array"
    }, 
    "vlan_mtu_status": {
      "$ref": "VlanMtuHealthCheckResultStatus, 
      "readonly": true
    }
  }, 
  "title": "Health Check Result", 
  "type": "object"
}

HealthCheckResultOnHostSwitch (type) 

{
  "description": "Health check result on specific host switch of specific transport node.", 
  "id": "HealthCheckResultOnHostSwitch", 
  "module_id": "HealthCheck", 
  "properties": {
    "host_switch_name": {
      "description": "Name of the host switch.", 
      "readonly": true, 
      "title": "Host Switch Name", 
      "type": "string"
    }, 
    "results_per_uplink": {
      "description": "List of health check results per uplink on current host switch of specific transport node.", 
      "items": {
        "$ref": "HealthCheckResultPerUplink
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Health Check Results Per uplink", 
      "type": "array"
    }
  }, 
  "title": "Health Check Result On Host Switch", 
  "type": "object"
}

HealthCheckResultPerTransportNode (type) 

{
  "description": "Health check result on specific transport node", 
  "id": "HealthCheckResultPerTransportNode", 
  "module_id": "HealthCheck", 
  "properties": {
    "result_on_host_switch": {
      "$ref": "HealthCheckResultOnHostSwitch, 
      "readonly": true
    }, 
    "transport_node_id": {
      "description": "ID of the Transport Node.", 
      "readonly": true, 
      "title": "Transport Node ID", 
      "type": "string"
    }
  }, 
  "title": "Health Check Result Per Transport Node", 
  "type": "object"
}

HealthCheckResultPerUplink (type) 

{
  "description": "Health check result for specific uplink.", 
  "id": "HealthCheckResultPerUplink", 
  "module_id": "HealthCheck", 
  "properties": {
    "mtu_disallowed": {
      "description": "List of VLAN ID ranges which are allowed by VLAN settings but may be disallowed by MTU settings.", 
      "items": {
        "$ref": "HealthCheckVlanRange
      }, 
      "readonly": true, 
      "required": false, 
      "title": "MTU Disallowed", 
      "type": "array"
    }, 
    "uplink_name": {
      "description": "Name of the uplink.", 
      "readonly": true, 
      "title": "Uplink Name", 
      "type": "string"
    }, 
    "vlan_and_mtu_allowed": {
      "description": "List of VLAN ID ranges which are allowed by VLAN and MTU settings.", 
      "items": {
        "$ref": "HealthCheckVlanRange
      }, 
      "readonly": true, 
      "required": false, 
      "title": "VLAN and MTU Allowed", 
      "type": "array"
    }, 
    "vlan_disallowed": {
      "description": "List of VLAN ID ranges which may be disallowed by VLAN settings.", 
      "items": {
        "$ref": "HealthCheckVlanRange
      }, 
      "readonly": true, 
      "required": false, 
      "title": "VLAN Disallowed", 
      "type": "array"
    }
  }, 
  "title": "Health Check Result Per Uplink", 
  "type": "object"
}

HealthCheckSpecVlans (type) 

{
  "description": "HealthCheckSpecVlan is used for specifying VLAN ID ranges for healthcheck.", 
  "id": "HealthCheckSpecVlans", 
  "module_id": "HealthCheck", 
  "properties": {
    "vlan_ranges": {
      "items": {
        "$ref": "HealthCheckVlanRange
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "VLAN ID ranges", 
      "type": "array"
    }
  }, 
  "title": "VLAN Range Specification", 
  "type": "object"
}

HealthCheckVlanRange (type) 

{
  "id": "HealthCheckVlanRange", 
  "module_id": "HealthCheck", 
  "properties": {
    "end": {
      "$ref": "VlanID, 
      "required": true
    }, 
    "start": {
      "$ref": "VlanID, 
      "required": true
    }
  }, 
  "title": "VLAN ID range", 
  "type": "object"
}

HeatMapTransportNodesAggregateStatus (type) 

{
  "additionalProperties": false, 
  "id": "HeatMapTransportNodesAggregateStatus", 
  "module_id": "Heatmap", 
  "properties": {
    "degraded_count": {
      "title": "Number of transport nodes that are degraded", 
      "type": "int"
    }, 
    "down_count": {
      "title": "Number of transport nodes that are down", 
      "type": "int"
    }, 
    "unknown_count": {
      "title": "Number of transport nodes with unknown status", 
      "type": "int"
    }, 
    "up_count": {
      "title": "Number of transport nodes that are up", 
      "type": "int"
    }
  }, 
  "type": "object"
}

HeatMapTransportZoneStatus (type) 

{
  "additionalProperties": false, 
  "id": "HeatMapTransportZoneStatus", 
  "module_id": "Heatmap", 
  "properties": {
    "degraded_count": {
      "title": "Number of transport nodes that are degraded", 
      "type": "int"
    }, 
    "down_count": {
      "title": "Number of transport nodes that are down", 
      "type": "int"
    }, 
    "unknown_count": {
      "title": "Number of transport nodes with unknown status", 
      "type": "int"
    }, 
    "up_count": {
      "title": "Number of transport nodes that are up", 
      "type": "int"
    }
  }, 
  "type": "object"
}

HostInfraTrafficType (type) 

{
  "description": "The traffic_name specifies the infrastructure traffic type and it must be one of the following system-defined types: FAULT_TOLERANCE is traffic for failover and recovery. HBR is traffic for Host based replication. ISCSI is traffic for Internet Small Computer System Interface. MANAGEMENT is traffic for host management. NFS is traffic related to file transfer in network file system. VDP is traffic for vSphere data protection. VIRTUAL_MACHINE is traffic generated by virtual machines. VMOTION is traffic for computing resource migration. VSAN is traffic generated by virtual storage area network. The dynamic_res_pool_name provides a name for the resource pool. It can be any arbitrary string. Either traffic_name or dynamic_res_pool_name must be set. If both are specified or omitted, an error will be returned.", 
  "id": "HostInfraTrafficType", 
  "module_id": "NiocProfile", 
  "nsx_feature": "Nioc", 
  "properties": {
    "dynamic_res_pool_name": {
      "required": false, 
      "title": "Dynamic resource pool traffic name", 
      "type": "string"
    }, 
    "traffic_name": {
      "enum": [
        "FAULT_TOLERANCE", 
        "HBR", 
        "ISCSI", 
        "MANAGEMENT", 
        "NFS", 
        "VDP", 
        "VIRTUAL_MACHINE", 
        "VMOTION", 
        "VSAN"
      ], 
      "required": false, 
      "title": "Traffic types", 
      "type": "string"
    }
  }, 
  "title": "Enumerate all types of traffic", 
  "type": "object"
}

HostNode (type) 

{
  "additionalProperties": false, 
  "description": "Host node", 
  "extends": {
    "$ref": "Node
  }, 
  "id": "HostNode", 
  "module_id": "FabricNode", 
  "polymorphic-type-descriptor": {
    "type-identifier": "HostNode"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "discovered_ip_addresses": {
      "items": {
        "$ref": "IPAddress
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Discovered IP Addresses of the fabric node, version 4 or 6", 
      "type": "array"
    }, 
    "discovered_node_id": {
      "description": "Id of discovered node which was converted to create this node", 
      "readonly": true, 
      "required": false, 
      "title": "Discovered node id", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "required": false, 
      "title": "ID of the Node maintained on the Node and used to recognize the Node", 
      "type": "string"
    }, 
    "fqdn": {
      "readonly": true, 
      "required": false, 
      "title": "Fully qualified domain name of the fabric node", 
      "type": "string"
    }, 
    "host_credential": {
      "$ref": "HostNodeLoginCredential, 
      "description": "Login credentials for the host. It is mandatory to provide credentials while adding host to MP to create transport node.", 
      "required": false, 
      "title": "Host login credentials"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_addresses": {
      "description": "IP Addresses of the Node, version 4 or 6. This property is mandatory for all nodes except for automatic deployment of edge virtual machine node. For automatic deployment, the ip address from management_port_subnets property will be considered.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "required": false, 
      "title": "IP Addresses of the Node, version 4 or 6", 
      "type": "array"
    }, 
    "maintenance_mode_state": {
      "description": "Indicates host node's maintenance mode state. The state is ENTERING when a task to put the host in maintenance-mode is in progress.", 
      "enum": [
        "OFF", 
        "ENTERING", 
        "ON"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Maintenance mode state", 
      "type": "string"
    }, 
    "managed_by_server": {
      "description": "The id of the vCenter server managing the ESXi type HostNode", 
      "readonly": true, 
      "required": false, 
      "title": "Id of vCenter server managing the HostNode", 
      "type": "string"
    }, 
    "os_type": {
      "description": "Hypervisor type, for example ESXi or RHEL KVM", 
      "enum": [
        "ESXI", 
        "RHELKVM", 
        "RHELSERVER", 
        "RHELCONTAINER", 
        "UBUNTUKVM", 
        "UBUNTUSERVER", 
        "HYPERV", 
        "CENTOSKVM", 
        "CENTOSSERVER", 
        "CENTOSCONTAINER", 
        "SLESKVM", 
        "SLESSERVER"
      ], 
      "required": true, 
      "title": "Hypervisor OS type", 
      "type": "string"
    }, 
    "os_version": {
      "description": "Version of the hypervisor operating system", 
      "required": false, 
      "title": "Hypervisor OS version", 
      "type": "string"
    }, 
    "resource_type": {
      "help_summary": "Possible values are 'HostNode', 'EdgeNode', 'PublicCloudGatewayNode'", 
      "required": true, 
      "title": "Fabric node type, for example 'HostNode', 'EdgeNode' or 'PublicCloudGatewayNode'", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Host node", 
  "type": "object"
}

HostNodeDeleteParameters (type) 

{
  "additionalProperties": false, 
  "id": "HostNodeDeleteParameters", 
  "module_id": "FabricNode", 
  "properties": {
    "unprepare_host": {
      "default": true, 
      "required": false, 
      "title": "Delete a host and uninstall NSX components", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

HostNodeLoginCredential (type) 

{
  "additionalProperties": false, 
  "id": "HostNodeLoginCredential", 
  "module_id": "FabricNode", 
  "properties": {
    "password": {
      "required": false, 
      "sensitive": true, 
      "title": "The authentication password of the host node", 
      "type": "string"
    }, 
    "thumbprint": {
      "description": "For ESXi hosts, the thumbprint of the ESXi management service. For KVM hosts, the SSH key fingerprint. If thumbprint is not provided then connection to host may not be established and API call will fail.", 
      "required": false, 
      "title": "ESXi thumbprint or SSH key fingerprint of the host node", 
      "type": "string"
    }, 
    "username": {
      "required": false, 
      "title": "The username of the account on the host node", 
      "type": "string"
    }
  }, 
  "title": "The credentials to login into the host node", 
  "type": "object"
}

HostNodeStatus (type) 

{
  "id": "HostNodeStatus", 
  "module_id": "ComputeCollectionDeployment", 
  "properties": {
    "config_status": {
      "description": "Gives details of state of desired configuration. This property is available only if Tranport Node exists for the host. Following are the supported values pending  - Transport Node configuration status is pending in_progress - Transport Node configuration status is in progress success - Transport Node configuration status is successful failed - Transport Node configuration status is failed partial_success - Transport Node configuration status is partial success orphaned - Transport Node configuration status is orphaned unknown - Transport Node configuration status is unknown error - Error occured during Transport Node configuration", 
      "enum": [
        "pending", 
        "in_progress", 
        "success", 
        "failed", 
        "partial_success", 
        "orphaned", 
        "unknown", 
        "error"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Configuration status of host node", 
      "type": "string"
    }, 
    "deployment_status": {
      "description": "This specifies the current nsx install status for host node. Following are the supported values INSTALL_IN_PROGRESS - NSX installation is in progress on the host INSTALL_FAILED - NSX installation failed on the host INSTALL_SUCCESSFUL - NSX installation successful on the host UNINSTALL_IN_PROGRESS - NSX uninstallation in progress on the host UNINSTALL_FAILED - NSX uninstallation failed on the host UNINSTALL_SUCCESSFUL - NSX uninstallation successful on the host UNINSTALL_SCHEDULED - NSX uninstallation is scheduled on the host UPGRADE_IN_PROGRESS - NSX upgrade is in progress on the host UPGRADE_FAILED - NSX upgrade failed on the host DEPLOYMENT_QUEUED - Deployment is queued on the DEPLOYMENT_IN_PROGRESS - Deployment is in progress DEPLOYMENT_FAILED - Deployment is failed DEPLOYMENT_SUCCESSFUL - Deployment is successful UNDEPLOYMENT_QUEUED - Undeployment is queued UNDEPLOYMENT_IN_PROGRESS - Undeployment is in progress UNDEPLOYMENT_FAILED - Undeployment failed UNDEPLOYMENT_SUCCESSFUL - Undeployment is successful UPGRADE_QUEUED - Upgrade is queued HOST_DISCONNECTED - Host is disconnected POWERED_OFF - Host is powered off", 
      "enum": [
        "INSTALL_IN_PROGRESS", 
        "INSTALL_FAILED", 
        "INSTALL_SUCCESSFUL", 
        "UNINSTALL_IN_PROGRESS", 
        "UNINSTALL_FAILED", 
        "UNINSTALL_SUCCESSFUL", 
        "UNINSTALL_SCHEDULED", 
        "UPGRADE_IN_PROGRESS", 
        "UPGRADE_FAILED", 
        "DEPLOYMENT_QUEUED", 
        "DEPLOYMENT_IN_PROGRESS", 
        "DEPLOYMENT_FAILED", 
        "DEPLOYMENT_SUCCESSFUL", 
        "UNDEPLOYMENT_QUEUED", 
        "UNDEPLOYMENT_IN_PROGRESS", 
        "UNDEPLOYMENT_FAILED", 
        "UNDEPLOYMENT_SUCCESSFUL", 
        "UPGRADE_QUEUED", 
        "HOST_DISCONNECTED", 
        "POWERED_OFF"
      ], 
      "readonly": true, 
      "title": "Deployment progress status of host node", 
      "type": "string"
    }, 
    "node_id": {
      "readonly": true, 
      "title": "Unique Id of the host node", 
      "type": "string"
    }
  }, 
  "title": "Host Node Status", 
  "type": "object"
}

HostNodeStatusListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "HostNodeStatusListResult", 
  "module_id": "ComputeCollectionDeployment", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "HostNodeStatus
      }, 
      "readonly": true, 
      "required": false, 
      "title": "HostNodeStatus Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "HostNodeStatus queries result", 
  "type": "object"
}

HostProfileNetworkMigrationSpec (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "This specification should be used to define which VMK adapters need to be migrated to NSX logical switches from VC network switches. Migrations specified here should match with those from associated Host Profiles from VC. Mismatch will result in migration failures. This specification only supports migration vmkernal adapters to NSX logical switches. Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.", 
  "extends": {
    "$ref": "NetworkMigrationSpec
  }, 
  "id": "HostProfileNetworkMigrationSpec", 
  "module_id": "TransportNode", 
  "nsx_feature": "HostProfileSupport", 
  "polymorphic-type-descriptor": {
    "type-identifier": "HostProfileNetworkMigrationSpec"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "network_mappings": {
      "description": "Based on provided mappings, VMkernal adapters will be migrated to mentioned logical switch. Without mappings specification doesn't make any sense, hence minium one mapping should be specified. Assuming some sane value of 10 maximum migrations which will be supported by any single specification.", 
      "items": {
        "$ref": "VmkToLogicalSwitchMapping
      }, 
      "maxItems": 10, 
      "minItems": 1, 
      "title": "List of VMkernal adapters to logical switch mappings.", 
      "type": "array"
    }, 
    "resource_type": {
      "$ref": "NetworkMigrationSpecType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Specification for network migrations related with Host Profiles.", 
  "type": "object"
}

HostSwitch (type) 

{
  "id": "HostSwitch", 
  "module_id": "TransportNode", 
  "properties": {
    "host_switch_name": {
      "default": "nsxDefaultHostSwitch", 
      "description": "If this name is unset or empty then the default host switch name will be used. The name must be unique among all host switches specified in a given Transport Node; unset name, empty name and the default host switch name are considered the same in terms of uniqueness.", 
      "required": false, 
      "title": "HostSwitch name. This name will be used to reference this HostSwitch.", 
      "type": "string"
    }, 
    "host_switch_profile_ids": {
      "description": "HostSwitch profiles bound to this HostSwitch. If a profile ID is not provided for any HostSwitchProfileType that is supported by the Transport Node, the corresponding default profile will be bound to the HostSwitch.", 
      "items": {
        "$ref": "HostSwitchProfileTypeIdEntry
      }, 
      "required": false, 
      "title": "Id's of HostSwitch profiles to be associated with this HostSwitch.", 
      "type": "array"
    }, 
    "pnics": {
      "items": {
        "$ref": "Pnic
      }, 
      "required": false, 
      "title": "Physical NICs connected to the host switch", 
      "type": "array"
    }, 
    "static_ip_pool_id": {
      "deprecated": true, 
      "description": "ID of configured Static IP Pool. If specified allocate IP for Endpoints from Pool. Else assume IP will be assigned for Endpoints from DHCP. This field is deprecated, use ip_assignment_spec field instead.", 
      "required": false, 
      "title": "ID of already configured Static IP Pool.", 
      "type": "string"
    }
  }, 
  "title": "Host Switch specification", 
  "type": "object"
}

HostSwitchProfileListParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "HostSwitchProfileListParameters", 
  "module_id": "BaseHostSwitchProfile", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "hostswitch_profile_type": {
      "$ref": "HostSwitchProfileType, 
      "required": false, 
      "title": "Type of host switch profile"
    }, 
    "include_system_owned": {
      "default": false, 
      "required": false, 
      "title": "Whether the list result contains system resources", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "uplink_teaming_policy_name": {
      "description": "If populated, only UplinkHostSwitchProfiles with the specified uplink teaming policy name are returned. Otherwise, any HostSwitchProfile can be returned.", 
      "required": false, 
      "title": "The host switch profile's uplink teaming policy name", 
      "type": "string"
    }
  }, 
  "title": "HostSwitchProfile List Parameters", 
  "type": "object"
}

HostSwitchProfileType (type) 

{
  "enum": [
    "UplinkHostSwitchProfile", 
    "LldpHostSwitchProfile", 
    "NiocProfile", 
    "ExtraConfigHostSwitchProfile"
  ], 
  "id": "HostSwitchProfileType", 
  "module_id": "BaseHostSwitchProfile", 
  "title": "Supported HostSwitch profiles.", 
  "type": "string"
}

HostSwitchProfileTypeIdEntry (type) 

{
  "id": "HostSwitchProfileTypeIdEntry", 
  "module_id": "BaseHostSwitchProfile", 
  "properties": {
    "key": {
      "$ref": "HostSwitchProfileType
    }, 
    "value": {
      "description": "key value", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }
  }, 
  "type": "object"
}

HostSwitchProfilesListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "HostSwitchProfilesListResult", 
  "module_id": "BaseHostSwitchProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "BaseHostSwitchProfile
      }, 
      "readonly": true, 
      "required": false, 
      "title": "HostSwitch Profile Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "HostSwitch Profile queries result", 
  "type": "object"
}

HostSwitchSpec (type) 

{
  "abstract": true, 
  "description": "The HostSwitchSpec is the base class for standard and preconfigured host switch specifications.", 
  "id": "HostSwitchSpec", 
  "module_id": "TransportNode", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "resource_type": {
      "enum": [
        "StandardHostSwitchSpec", 
        "PreconfiguredHostSwitchSpec"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "Abstract base type for transport node host switch specification", 
  "type": "object"
}

HostSwitchState (type) 

{
  "id": "HostSwitchState", 
  "module_id": "TransportNode", 
  "properties": {
    "endpoints": {
      "items": {
        "$ref": "Endpoint
      }, 
      "readonly": true, 
      "title": "List of virtual tunnel endpoints which are configured on this switch", 
      "type": "array"
    }, 
    "host_switch_id": {
      "readonly": true, 
      "title": "External ID of the HostSwitch", 
      "type": "string"
    }, 
    "host_switch_name": {
      "description": "The name must be unique among all host switches specified in a given Transport Node.", 
      "readonly": true, 
      "title": "HostSwitch name. This name will be used to reference this HostSwitch.", 
      "type": "string"
    }, 
    "transport_zone_ids": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "title": "List of Ids of TransportZones this HostSwitch belongs to", 
      "type": "array"
    }
  }, 
  "title": "Host Switch State", 
  "type": "object"
}

HostUpgradeStatus (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ComponentUpgradeStatus
  }, 
  "id": "HostUpgradeStatus", 
  "module_id": "Upgrade", 
  "properties": {
    "can_skip": {
      "readonly": true, 
      "required": false, 
      "title": "Can the upgrade of the remaining units in this component be skipped", 
      "type": "boolean"
    }, 
    "component_type": {
      "readonly": true, 
      "required": false, 
      "title": "Component type for the upgrade status", 
      "type": "string"
    }, 
    "current_version_node_summary": {
      "$ref": "NodeSummaryList, 
      "readonly": true, 
      "required": false, 
      "title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
    }, 
    "details": {
      "readonly": true, 
      "required": false, 
      "title": "Details about the upgrade status", 
      "type": "string"
    }, 
    "node_count_at_target_version": {
      "description": "Number of nodes of the type and at the component version", 
      "readonly": true, 
      "required": false, 
      "title": "Count of nodes at target component vrin", 
      "type": "int"
    }, 
    "percent_complete": {
      "readonly": true, 
      "required": true, 
      "title": "Indicator of upgrade progress in percentage", 
      "type": "number"
    }, 
    "pre_upgrade_status": {
      "$ref": "UpgradeChecksExecutionStatus, 
      "readonly": true, 
      "required": false, 
      "title": "Pre-upgrade status of the component-type"
    }, 
    "status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSING", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Upgrade status of component", 
      "type": "string"
    }, 
    "target_component_version": {
      "readonly": true, 
      "required": false, 
      "title": "Target component version", 
      "type": "string"
    }
  }, 
  "title": "Status of host upgrade", 
  "type": "object"
}

HostedEntityInfo (type) 

{
  "id": "HostedEntityInfo", 
  "module_id": "ClusterManagement", 
  "properties": {
    "entity_type": {
      "description": "The type of entity hosted could be MP, CCP, VMC App etc.", 
      "readonly": true, 
      "required": true, 
      "title": "Type of entity", 
      "type": "string"
    }, 
    "entity_uuid": {
      "readonly": true, 
      "required": true, 
      "title": "Unique identifier of entity", 
      "type": "string"
    }
  }, 
  "type": "object"
}

HostnameOrIPv4Address (type) 

{
  "format": "hostname-or-ipv4", 
  "id": "HostnameOrIPv4Address", 
  "module_id": "Common", 
  "title": "Hostname or IPv4 address", 
  "type": "string"
}

HostnameOrIPv4AddressOrEmptyString (type) 

{
  "id": "HostnameOrIPv4AddressOrEmptyString", 
  "maxLength": 255, 
  "module_id": "Common", 
  "pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\\.?$|^$", 
  "title": "Hostname or IPv4 address", 
  "type": "string"
}

HttpPolicyLbMonitorProfile (type) 

{
  "additionalProperties": false, 
  "description": "Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the PolicyLbRule object. This represents active health monitoring over HTTP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
  "extends": {
    "$ref": "PolicyLbMonitorProfile
  }, 
  "id": "HttpPolicyLbMonitorProfile", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "HttpPolicyLbMonitorProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.", 
      "required": false, 
      "title": "Monitor fall count for active healthchecks", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.", 
      "required": false, 
      "title": "Monitor interval in seconds for active healthchecks", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "monitor_port": {
      "description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Monitor port for active healthchecks", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "TcpPolicyLbMonitorProfile", 
        "UdpPolicyLbMonitorProfile", 
        "IcmpPolicyLbMonitorProfile", 
        "HttpPolicyLbMonitorProfile", 
        "HttpsPolicyLbMonitorProfile"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "rise_count": {
      "default": 3, 
      "description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.", 
      "required": false, 
      "title": "Monitor rise count for active healthchecks", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "description": "Timeout specified in seconds.  After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
      "required": false, 
      "title": "Monitor timeout in seconds for active healthchecks", 
      "type": "integer"
    }, 
    "url": {
      "default": "/", 
      "description": "For HTTP active healthchecks, the HTTP request url sent can be customized and can include query parameters.", 
      "required": false, 
      "title": "Customized HTTP request url for active health checks", 
      "type": "string"
    }
  }, 
  "title": "PolicyLbMonitorProfile for active health checks over HTTP", 
  "type": "object"
}

HttpPolicyLbVirtualServer (type) 

{
  "additionalProperties": false, 
  "description": "Virtual server acts as a facade to an application, receives all client connections over HTTP and distributes them among the backend servers.", 
  "extends": {
    "$ref": "PolicyLbVirtualServer
  }, 
  "id": "HttpPolicyLbVirtualServer", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "HttpPolicyLbVirtualServer"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "access_log_enabled": {
      "default": false, 
      "description": "If access log is enabled, all HTTP requests sent to an L7 virtual server are logged to the access log file. Both successful requests (backend server returns 2xx) and unsuccessful requests (backend server returns 4xx or 5xx) are logged to access log, if enabled.", 
      "required": false, 
      "title": "Access log enabled setting", 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "insert_client_ip_header": {
      "default": false, 
      "description": "Backend web servers typically log each request they handle along with the requesting client IP address. These logs are used for debugging, analytics and other such purposes. If the deployment topology requires enabling SNAT on the load balancer, then server will see the client as the SNAT IP which defeats the purpose of logging. To work around this issue, load balancer can be configured to insert XFF HTTP header with the original client IP address. Backend servers can then be configured to log the IP address in XFF header instead of the source IP address of the connection. If XFF header is not present in the incoming request, load balancer inserts a new XFF header with the client IP address.", 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "boolean"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "description": "Configures the IP address of the PolicyLbVirtualServer where it receives all client connections and distributes them among the backend servers.", 
      "required": true, 
      "title": "IP address of the PolicyLbVirtualServer"
    }, 
    "lb_persistence_profile": {
      "description": "Path to optional object that enables persistence on a virtual server allowing related client connections to be sent to the same backend server. Persistence is disabled by default.", 
      "required": false, 
      "title": "Persistence Profile used by PolicyLbVirtualServer", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "ports": {
      "description": "Ports contains a list of at least one port or port range such as \"80\", \"1234-1236\". Each port element in the list should be a single port or a single port range.", 
      "items": {
        "$ref": "PortElement
      }, 
      "required": true, 
      "title": "Virtual server port number(s) or port range(s)", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "TcpPolicyLbVirtualServer", 
        "UdpPolicyLbVirtualServer", 
        "HttpPolicyLbVirtualServer", 
        "HttpsPolicyLbVirtualServer", 
        "CustomPolicyLbVirtualServer"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "router_path": {
      "description": "Path to router type object that PolicyLbVirtualServer connects to. The only supported router object is Network.", 
      "required": true, 
      "title": "Path to router type object for PolicyLbVirtualServer", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "traffic_source": {
      "type": "string"
    }
  }, 
  "title": "PolicyLbVirtualServer handling connections over HTTP", 
  "type": "object"
}

HttpProtocol (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Protocol
  }, 
  "id": "HttpProtocol", 
  "polymorphic-type-descriptor": {
    "type-identifier": "http"
  }, 
  "properties": {
    "authentication_scheme": {
      "$ref": "BasicAuthenticationScheme, 
      "title": "Scheme to authenticate if required"
    }, 
    "name": {
      "enum": [
        "http", 
        "https", 
        "scp", 
        "sftp"
      ], 
      "required": true, 
      "title": "Protocol name", 
      "type": "string"
    }
  }, 
  "type": "object"
}

HttpRequestMethodType (type) 

{
  "additionalProperties": false, 
  "enum": [
    "GET", 
    "OPTIONS", 
    "POST", 
    "HEAD", 
    "PUT"
  ], 
  "id": "HttpRequestMethodType", 
  "module_id": "LoadBalancer", 
  "title": "http monitor method", 
  "type": "string"
}

HttpRequestVersionType (type) 

{
  "additionalProperties": false, 
  "enum": [
    "HTTP_VERSION_1_0", 
    "HTTP_VERSION_1_1", 
    "HTTP_VERSION_2_0"
  ], 
  "id": "HttpRequestVersionType", 
  "module_id": "LoadBalancer", 
  "title": "http request version", 
  "type": "string"
}

HttpServiceProperties (type) 

{
  "additionalProperties": false, 
  "id": "HttpServiceProperties", 
  "properties": {
    "certificate": {
      "$ref": "Certificate, 
      "readonly": true, 
      "required": true
    }, 
    "cipher_suites": {
      "items": {
        "$ref": "CipherSuite
      }, 
      "minItems": 1, 
      "title": "Cipher suites used to secure contents of connection", 
      "type": "array"
    }, 
    "client_api_concurrency_limit": {
      "default": 40, 
      "description": "The maximum number of concurrent API requests that will be serviced for a given authenticated client.  If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0.", 
      "minimum": 0, 
      "title": "Client API rate limit in calls", 
      "type": "integer"
    }, 
    "client_api_rate_limit": {
      "default": 100, 
      "description": "The maximum number of API requests that will be serviced per second for a given authenticated client.  If more API requests are received than can be serviced, a 429 Too Many Requests HTTP response will be returned. To disable API rate limiting, set this value to 0.", 
      "minimum": 0, 
      "title": "Client API rate limit in calls per second", 
      "type": "integer"
    }, 
    "connection_timeout": {
      "maximum": 2147483647, 
      "minimum": 0, 
      "title": "NSX connection timeout, set to 0 to configure no timeout", 
      "type": "integer"
    }, 
    "global_api_concurrency_limit": {
      "default": 100, 
      "description": "The maximum number of concurrent API requests that will be serviced. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client.  To disable API concurrency limiting, set this value to 0.", 
      "minimum": 0, 
      "title": "Global API rate limit in calls", 
      "type": "integer"
    }, 
    "protocol_versions": {
      "items": {
        "$ref": "ProtocolVersion
      }, 
      "minItems": 1, 
      "title": "TLS protocol versions", 
      "type": "array"
    }, 
    "redirect_host": {
      "$ref": "HostnameOrIPv4AddressOrEmptyString, 
      "default": "", 
      "title": "Host name or IP address to use for redirect location headers, or empty string to derive from current request"
    }, 
    "session_timeout": {
      "maximum": 2147483647, 
      "minimum": 0, 
      "title": "NSX session inactivity timeout, set to 0 to configure no timeout", 
      "type": "integer"
    }
  }, 
  "title": "HTTP Service properties", 
  "type": "object"
}

HttpsPolicyLbMonitorProfile (type) 

{
  "additionalProperties": false, 
  "description": "Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the PolicyLbRule object. This represents active health monitoring over HTTPS. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
  "extends": {
    "$ref": "HttpPolicyLbMonitorProfile
  }, 
  "id": "HttpsPolicyLbMonitorProfile", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "HttpsPolicyLbMonitorProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.", 
      "required": false, 
      "title": "Monitor fall count for active healthchecks", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.", 
      "required": false, 
      "title": "Monitor interval in seconds for active healthchecks", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "monitor_port": {
      "description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Monitor port for active healthchecks", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "TcpPolicyLbMonitorProfile", 
        "UdpPolicyLbMonitorProfile", 
        "IcmpPolicyLbMonitorProfile", 
        "HttpPolicyLbMonitorProfile", 
        "HttpsPolicyLbMonitorProfile"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "rise_count": {
      "default": 3, 
      "description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.", 
      "required": false, 
      "title": "Monitor rise count for active healthchecks", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "description": "Timeout specified in seconds.  After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
      "required": false, 
      "title": "Monitor timeout in seconds for active healthchecks", 
      "type": "integer"
    }, 
    "url": {
      "default": "/", 
      "description": "For HTTP active healthchecks, the HTTP request url sent can be customized and can include query parameters.", 
      "required": false, 
      "title": "Customized HTTP request url for active health checks", 
      "type": "string"
    }
  }, 
  "title": "PolicyLbMonitorProfile for active health checks over HTTPS", 
  "type": "object"
}

HttpsPolicyLbVirtualServer (type) 

{
  "additionalProperties": false, 
  "description": "Virtual server acts as a facade to an application, receives all client connections over HTTPS and distributes them among the backend servers.", 
  "extends": {
    "$ref": "HttpPolicyLbVirtualServer
  }, 
  "id": "HttpsPolicyLbVirtualServer", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "HttpsPolicyLbVirtualServer"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "access_log_enabled": {
      "default": false, 
      "description": "If access log is enabled, all HTTP requests sent to an L7 virtual server are logged to the access log file. Both successful requests (backend server returns 2xx) and unsuccessful requests (backend server returns 4xx or 5xx) are logged to access log, if enabled.", 
      "required": false, 
      "title": "Access log enabled setting", 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "client_ssl_certificate_ids": {
      "description": "Client-side SSL profile binding allows multiple certificates, for different hostnames, to be bound to the same virtual server. The setting is used when load balancer acts as an SSL server and terminating the client SSL connection", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "ssl certificates", 
      "type": "array"
    }, 
    "client_ssl_settings": {
      "default": "HIGH_SECURE_111317", 
      "description": "Security settings representing various security settings when the VirtualServer acts as an SSL server - BASE_SECURE_111317 - MODERATE_SECURE_111317 - HIGH_SECURE_111317", 
      "enum": [
        "BASE_SECURE_111317", 
        "MODERATE_SECURE_111317", 
        "HIGH_SECURE_111317"
      ], 
      "required": false, 
      "title": "Security profile setting", 
      "type": "string"
    }, 
    "default_client_ssl_certificate_id": {
      "description": "The setting is used when load balancer acts as an SSL server and terminating the client SSL connection.  A default certificate should be specified which will be used if the server does not host multiple hostnames on the same IP address or if the client does not support SNI extension.", 
      "required": true, 
      "title": "ssl certificate", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "insert_client_ip_header": {
      "default": false, 
      "description": "Backend web servers typically log each request they handle along with the requesting client IP address. These logs are used for debugging, analytics and other such purposes. If the deployment topology requires enabling SNAT on the load balancer, then server will see the client as the SNAT IP which defeats the purpose of logging. To work around this issue, load balancer can be configured to insert XFF HTTP header with the original client IP address. Backend servers can then be configured to log the IP address in XFF header instead of the source IP address of the connection. If XFF header is not present in the incoming request, load balancer inserts a new XFF header with the client IP address.", 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "boolean"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "description": "Configures the IP address of the PolicyLbVirtualServer where it receives all client connections and distributes them among the backend servers.", 
      "required": true, 
      "title": "IP address of the PolicyLbVirtualServer"
    }, 
    "lb_persistence_profile": {
      "description": "Path to optional object that enables persistence on a virtual server allowing related client connections to be sent to the same backend server. Persistence is disabled by default.", 
      "required": false, 
      "title": "Persistence Profile used by PolicyLbVirtualServer", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "ports": {
      "description": "Ports contains a list of at least one port or port range such as \"80\", \"1234-1236\". Each port element in the list should be a single port or a single port range.", 
      "items": {
        "$ref": "PortElement
      }, 
      "required": true, 
      "title": "Virtual server port number(s) or port range(s)", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "TcpPolicyLbVirtualServer", 
        "UdpPolicyLbVirtualServer", 
        "HttpPolicyLbVirtualServer", 
        "HttpsPolicyLbVirtualServer", 
        "CustomPolicyLbVirtualServer"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "router_path": {
      "description": "Path to router type object that PolicyLbVirtualServer connects to. The only supported router object is Network.", 
      "required": true, 
      "title": "Path to router type object for PolicyLbVirtualServer", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "traffic_source": {
      "type": "string"
    }
  }, 
  "title": "PolicyLbVirtualServer handling connections over HTTPS", 
  "type": "object"
}

HttpsProtocol (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Protocol
  }, 
  "id": "HttpsProtocol", 
  "polymorphic-type-descriptor": {
    "type-identifier": "https"
  }, 
  "properties": {
    "authentication_scheme": {
      "$ref": "BasicAuthenticationScheme, 
      "title": "Scheme to authenticate if required"
    }, 
    "name": {
      "enum": [
        "http", 
        "https", 
        "scp", 
        "sftp"
      ], 
      "required": true, 
      "title": "Protocol name", 
      "type": "string"
    }, 
    "sha256_thumbprint": {
      "required": true, 
      "title": "SSL thumbprint of server", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ICMPTypeNSService (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "NSServiceElement
  }, 
  "id": "ICMPTypeNSService", 
  "module_id": "Types", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ICMPTypeNSService"
  }, 
  "properties": {
    "icmp_code": {
      "required": false, 
      "title": "ICMP message code", 
      "type": "integer"
    }, 
    "icmp_type": {
      "required": false, 
      "title": "ICMP message type", 
      "type": "integer"
    }, 
    "protocol": {
      "enum": [
        "ICMPv4", 
        "ICMPv6"
      ], 
      "required": true, 
      "title": "ICMP protocol type", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "EtherTypeNSService", 
        "IPProtocolNSService", 
        "IGMPTypeNSService", 
        "ICMPTypeNSService", 
        "ALGTypeNSService", 
        "L4PortSetNSService"
      ], 
      "required": true, 
      "title": "The specific type of NSServiceElement", 
      "type": "string"
    }
  }, 
  "title": "A NSService that represents IPv4 or IPv6 ICMP protocol", 
  "type": "object"
}

ICMPTypeServiceEntry (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ServiceEntry
  }, 
  "id": "ICMPTypeServiceEntry", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ICMPTypeServiceEntry"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "icmp_code": {
      "maximum": 255, 
      "minimum": 0, 
      "required": false, 
      "title": "ICMP message code", 
      "type": "integer"
    }, 
    "icmp_type": {
      "maximum": 255, 
      "minimum": 0, 
      "required": false, 
      "title": "ICMP message type", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "protocol": {
      "enum": [
        "ICMPv4", 
        "ICMPv6"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "IPProtocolServiceEntry", 
        "IGMPTypeServiceEntry", 
        "ICMPTypeServiceEntry", 
        "ALGTypeServiceEntry", 
        "L4PortSetServiceEntry", 
        "EtherTypeServiceEntry"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "A ServiceEntry that represents IPv4 or IPv6 ICMP protocol", 
  "type": "object"
}

IGMPTypeNSService (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "NSServiceElement
  }, 
  "id": "IGMPTypeNSService", 
  "module_id": "Types", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IGMPTypeNSService"
  }, 
  "properties": {
    "resource_type": {
      "enum": [
        "EtherTypeNSService", 
        "IPProtocolNSService", 
        "IGMPTypeNSService", 
        "ICMPTypeNSService", 
        "ALGTypeNSService", 
        "L4PortSetNSService"
      ], 
      "required": true, 
      "title": "The specific type of NSServiceElement", 
      "type": "string"
    }
  }, 
  "title": "A NSService that represents IGMP protocol", 
  "type": "object"
}

IGMPTypeServiceEntry (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ServiceEntry
  }, 
  "id": "IGMPTypeServiceEntry", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IGMPTypeServiceEntry"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "IPProtocolServiceEntry", 
        "IGMPTypeServiceEntry", 
        "ICMPTypeServiceEntry", 
        "ALGTypeServiceEntry", 
        "L4PortSetServiceEntry", 
        "EtherTypeServiceEntry"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "A ServiceEntry that represents IGMP protocol", 
  "type": "object"
}

IKEDigestAlgorithm (type) 

{
  "additionalProperties": false, 
  "description": "The IKEDigestAlgorithms are used to verify message integrity during IKE negotiation. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.", 
  "enum": [
    "SHA1", 
    "SHA2_256", 
    "SHA2_384", 
    "SHA2_512"
  ], 
  "id": "IKEDigestAlgorithm", 
  "module_id": "IPSecVPN", 
  "title": "Digest Algorithms used in IKE negotiations", 
  "type": "string"
}

IKEEncryptionAlgorithm (type) 

{
  "additionalProperties": false, 
  "description": "IKEEncryption algorithms are used to ensure confidentiality of the messages exchanged during IKE negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode(GCM) and is used to provide both confidentiality and data origin authentication. AES_GCM composed of two separate functions one for encryption(AES) and one for authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only. AES_GCM_128 uses 128-bit keys. AES_GCM_192 uses 192-bit keys. AES_GCM_256 uses 256-bit keys.", 
  "enum": [
    "AES_128", 
    "AES_256", 
    "AES_GCM_128", 
    "AES_GCM_192", 
    "AES_GCM_256"
  ], 
  "id": "IKEEncryptionAlgorithm", 
  "module_id": "IPSecVPN", 
  "title": "Encryption algorithms used in IKE", 
  "type": "string"
}

IPAddress (type) 

{
  "format": "ip", 
  "id": "IPAddress", 
  "module_id": "Common", 
  "title": "IPv4 or IPv6 address", 
  "type": "string"
}

IPAddressElement (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "RevisionedResource
  }, 
  "id": "IPAddressElement", 
  "module_id": "IPSet", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "ip_address": {
      "$ref": "IPElement, 
      "required": true
    }
  }, 
  "title": "IP Address", 
  "type": "object"
}

IPAddressElementListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPAddressElementListResult", 
  "module_id": "IPSet", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPAddressElement
      }, 
      "required": true, 
      "title": "IP address element list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Collection of IP address elements", 
  "type": "object"
}

IPAddressExpression (type) 

{
  "additionalProperties": false, 
  "description": "Represents IP address expressions in the form of an array, to support addition of IP addresses in a group.", 
  "extends": {
    "$ref": "Expression
  }, 
  "id": "IPAddressExpression", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IPAddressExpression"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_addresses": {
      "description": "This array can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed. Supported list of formats are, \"192.168.1.1\", \"192.168.1.1-192.168.1.100\", \"192.168.0.0/24\", \"fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:318c/64\".", 
      "items": {
        "$ref": "IPElement
      }, 
      "maxItems": 4000, 
      "minItems": 1, 
      "required": true, 
      "title": "Array of IP addresses", 
      "type": "array"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "Condition", 
        "ConjunctionOperator", 
        "NestedExpression", 
        "IPAddressExpression", 
        "MACAddressExpression", 
        "ExternalIDExpression", 
        "PathExpression", 
        "IdentityGroupExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IP address expression node", 
  "type": "object"
}

IPAddressPortPair (type) 

{
  "additionalProperties": false, 
  "description": "IP Address and Port information", 
  "id": "IPAddressPortPair", 
  "module_id": "TempPolicyLoadBalancer", 
  "properties": {
    "ip_address": {
      "$ref": "IPAddress, 
      "description": "The IPAddress to be combined with Port for defining specific access point.", 
      "required": true, 
      "title": "IPAddress for IPAddressPort combination"
    }, 
    "port": {
      "description": "The port to be combined with IPAddress for defining a specific access point.", 
      "maximum": 65535, 
      "minimum": 0, 
      "title": "The port for IPAddressPort combination", 
      "type": "int"
    }
  }, 
  "title": "IP Address and Port information", 
  "type": "object"
}

IPAddresses (type) 

{
  "id": "IPAddresses", 
  "module_id": "PortMirroring", 
  "properties": {
    "ip_addresses": {
      "description": "The IP addresses in the form of IP Address, IP Range, CIDR, used as source IPs or destination IPs of filters.", 
      "items": {
        "$ref": "IPElement
      }, 
      "minItems": 1, 
      "required": false, 
      "title": "IPs of the filter", 
      "type": "array"
    }
  }, 
  "type": "object"
}

IPCIDRBlock (type) 

{
  "format": "ip-cidr-block", 
  "id": "IPCIDRBlock", 
  "module_id": "Common", 
  "title": "IPv4 or IPv6 CIDR Block", 
  "type": "string"
}

IPDiscoveryProfile (type) 

{
  "additionalProperties": false, 
  "description": "Using this profile to configure different options of IP Discovery", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IPDiscoveryProfile", 
  "module_id": "PolicyIpDiscovery", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "arp_nd_binding_timeout": {
      "default": 10, 
      "description": "This property controls the ARP and ND cache timeout period. It is recommended that this property be greater than the ARP/ND cache timeout on the VM.", 
      "maximum": 120, 
      "minimum": 5, 
      "required": false, 
      "title": "ARP and ND cache timeout (in minutes)", 
      "type": "int"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "duplicate_ip_detection": {
      "$ref": "DuplicateIPDetectionOptions, 
      "description": "Duplicate IP detection is used to determine if there is any IP conflict with any other port on the same logical switch. If a conflict is detected, then the IP is marked as a duplicate on the port where the IP was discovered last. The duplicate IP will not be added to the realized address binings for the port and hence will not be used in DFW rules or other security configurations for the port.rt.", 
      "readonly": false, 
      "required": false, 
      "title": "Duplicate IP Dection Options"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_v4_discovery_options": {
      "$ref": "IPv4DiscoveryOptions, 
      "description": "Indicates IPv4 Discovery options", 
      "required": false, 
      "title": "IPv4 Discovery options"
    }, 
    "ip_v6_discovery_options": {
      "$ref": "IPv6DiscoveryOptions, 
      "description": "Indicates IPv6 Discovery options", 
      "required": false, 
      "title": "IPv6 Discovery options"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tofu_enabled": {
      "default": true, 
      "description": "Indicates whether \"Trust on First Use(TOFU)\" paradigm is enabled.", 
      "required": false, 
      "title": "Is TOFU enabled or not", 
      "type": "boolean"
    }
  }, 
  "search_dsl_name": [
    "ip discovery segment profile"
  ], 
  "title": "IP Discovery Profile", 
  "type": "object"
}

IPDiscoveryProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "IPDiscoveryProfileListRequestParameters", 
  "module_id": "PolicyIpDiscovery", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IP Discovery Profile request parameters", 
  "type": "object"
}

IPDiscoveryProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPDiscoveryProfileListResult", 
  "module_id": "PolicyIpDiscovery", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPDiscoveryProfile
      }, 
      "required": true, 
      "title": "IP Discovery profile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of IP Discovery Profiles", 
  "type": "object"
}

IPElement (type) 

{
  "description": "IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are \"192.168.1.1\", \"192.168.1.1-192.168.1.100\", \"192.168.0.0/24\", \"fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:318c/64\"", 
  "format": "address-or-block-or-range", 
  "id": "IPElement", 
  "module_id": "Common", 
  "title": "IP address, range, or subnet", 
  "type": "string"
}

IPElementList (type) 

{
  "description": "IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are \"192.168.1.1\", \"192.168.1.1-192.168.1.100\", \"192.168.0.0/24\", \"fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:318c/64\"", 
  "format": "list-of-address-or-block-or-range", 
  "id": "IPElementList", 
  "module_id": "Common", 
  "title": "List of IP address, range, or subnet", 
  "type": "string"
}

IPFIXDFWCollector (type) 

{
  "additionalProperties": false, 
  "description": "IPFIX DFW data will be collected on collector Host IP and Port address should be provided for collector.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IPFIXDFWCollector", 
  "module_id": "PolicyIPFIXDFW", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "collector_ip_address": {
      "$ref": "IPAddress, 
      "description": "IP address for the IPFIX DFW collector. IP addresses such as 0.0.0.0, 127.0.0.1, 255.255.255.255 are invalid.", 
      "required": true, 
      "title": "IP address"
    }, 
    "collector_port": {
      "description": "Port for the IPFIX DFW collector.", 
      "required": true, 
      "title": "Port", 
      "type": "int"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IPFIX DFW Collector", 
  "type": "object"
}

IPFIXDFWCollectorProfile (type) 

{
  "additionalProperties": false, 
  "description": "IPFIX data for the NSX distributed firewall will be sent to the specified IPFIX collectors.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IPFIXDFWCollectorProfile", 
  "module_id": "PolicyIPFIXDFW", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipfix_dfw_collectors": {
      "description": "It accepts Multiple Collectors.", 
      "items": {
        "$ref": "IPFIXDFWCollector
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "IPFIX DFW Collectors.", 
      "type": "array"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IPFIX DFW Collector Profile", 
  "type": "object"
}

IPFIXDFWCollectorProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "IPFIXDFWCollectorProfileListRequestParameters", 
  "module_id": "PolicyIPFIXDFW", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IPFIX DFW Collector Profile request parameters", 
  "type": "object"
}

IPFIXDFWCollectorProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPFIXDFWCollectorProfileListResult", 
  "module_id": "PolicyIPFIXDFW", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPFIXDFWCollectorProfile
      }, 
      "required": true, 
      "title": "IPFIX DFW Collection Instances list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of IPFIX DFW Collector Profile", 
  "type": "object"
}

IPFIXDFWProfile (type) 

{
  "additionalProperties": false, 
  "description": "IPFIX packets from source will be sent to IPFIX DFW collector.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IPFIXDFWProfile", 
  "module_id": "PolicyIPFIXDFW", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "active_flow_export_timeout": {
      "default": 1, 
      "description": "For long standing active flows, IPFIX records will be sent per timeout period in minutes.", 
      "maximum": 60, 
      "minimum": 1, 
      "required": true, 
      "title": "Active timeout (Minutes)", 
      "type": "int"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipfix_dfw_collector_profile_path": {
      "description": "Policy path for IPFIX collector profiles. IPFIX data from these logical segments will be sent to all specified IPFIX collectors.", 
      "required": true, 
      "title": "IPFIX collector Paths", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "observation_domain_id": {
      "default": 0, 
      "description": "An identifier that is unique to the exporting process and used to meter the flows.", 
      "maximum": 65536, 
      "minimum": 0, 
      "required": false, 
      "title": "Observation domain ID", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "priority": {
      "default": 0, 
      "description": "This priority field is used to resolve conflicts in Segment Ports which are covered by more than one IPFIX profiles. The IPFIX exporter will send records to Collectors in highest priority profile (lowest number) only.", 
      "maximum": 32000, 
      "minimum": 0, 
      "required": false, 
      "title": "Config Priority", 
      "type": "int"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IPFIX DFW Profile", 
  "type": "object"
}

IPFIXDFWProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "IPFIXDFWProfileListRequestParameters", 
  "module_id": "PolicyIPFIXDFW", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IPFIX DFW Profile request parameters", 
  "type": "object"
}

IPFIXDFWProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPFIXDFWProfileListResult", 
  "module_id": "PolicyIPFIXDFW", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPFIXDFWProfile
      }, 
      "required": true, 
      "title": "IPFIX DFW Profile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of IPFIX DFW Profile", 
  "type": "object"
}

IPFIXL2Collector (type) 

{
  "additionalProperties": false, 
  "description": "IPFIX packets will be collected on collector. IP and port address should be provided for collector.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IPFIXL2Collector", 
  "module_id": "PolicyIPFIXSwitch", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "collector_ip_address": {
      "$ref": "IPAddress, 
      "description": "IP address for the IPFIX L2 collector. IP addresses such as 0.0.0.0, 127.0.0.1, 255.255.255.255 are invalid.", 
      "required": true, 
      "title": "IP address"
    }, 
    "collector_port": {
      "default": 4739, 
      "description": "Port number for the IPFIX L2 collector.", 
      "maximum": 65535, 
      "minimum": 0, 
      "title": "Port", 
      "type": "int"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IPFIX L2 Collector", 
  "type": "object"
}

IPFIXL2CollectorProfile (type) 

{
  "additionalProperties": false, 
  "description": "IPFIX L2 data will be collected on collectors.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IPFIXL2CollectorProfile", 
  "module_id": "PolicyIPFIXSwitch", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipfix_l2_collectors": {
      "description": "It accepts Multiple Collector objects.", 
      "items": {
        "$ref": "IPFIXL2Collector
      }, 
      "maxItems": 4, 
      "minItems": 1, 
      "required": true, 
      "title": "It accepts Multiple Collector objects.", 
      "type": "array"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IPFIX L2 Collector Profile", 
  "type": "object"
}

IPFIXL2CollectorProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "IPFIXL2CollectorProfileListRequestParameters", 
  "module_id": "PolicyIPFIXSwitch", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IPFIX collector profile request parameters", 
  "type": "object"
}

IPFIXL2CollectorProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPFIXL2CollectorProfileListResult", 
  "module_id": "PolicyIPFIXSwitch", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPFIXL2CollectorProfile
      }, 
      "required": true, 
      "title": "IPFIX collector Profile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged list of IPFIX collector profiles.", 
  "type": "object"
}

IPFIXL2Profile (type) 

{
  "additionalProperties": false, 
  "description": "IPFIX data from source logical segment, port, group will be forwarded to IPFIX collector.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IPFIXL2Profile", 
  "module_id": "PolicyIPFIXSwitch", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "active_timeout": {
      "default": 300, 
      "description": "The time in seconds after a flow is expired even if more packets matching this flow are received by the cache.", 
      "maximum": 3600, 
      "minimum": 60, 
      "title": "Active timeout", 
      "type": "int"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "export_overlay_flow": {
      "default": true, 
      "description": "This property controls whether overlay flow info is included in the sample result.", 
      "required": false, 
      "title": "Export overlay Flow", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "idle_timeout": {
      "default": 300, 
      "description": "The time in seconds after a flow is expired if no more packets matching this flow are received by the cache.", 
      "maximum": 3600, 
      "minimum": 60, 
      "required": false, 
      "title": "Idle timeout", 
      "type": "int"
    }, 
    "ipfix_collector_profile_path": {
      "description": "Policy path for IPFIX collector profile. User can specify only one IPFIX collector.", 
      "required": true, 
      "title": "IPFIX collector Path", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "max_flows": {
      "default": 16384, 
      "description": "The maximum number of flow entries in each exporter flow cache.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Max flows", 
      "type": "integer"
    }, 
    "observation_domain_id": {
      "default": 0, 
      "description": "An identifier that is unique to the exporting process and used to meter the flows.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Observation domain ID", 
      "type": "integer"
    }, 
    "packet_sample_probability": {
      "default": 0.1, 
      "description": "The probability in percentage that a packet is sampled, in range 0-100. The probability is equal for every packet.", 
      "exclusiveMinimum": true, 
      "maximum": 100, 
      "minimum": 0, 
      "required": true, 
      "title": "Packet sample probability", 
      "type": "number"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "priority": {
      "default": 0, 
      "description": "This priority field is used to resolve conflicts in Segment Ports which are covered by more than one IPFIX profiles. The IPFIX exporter will send records to Collectors in highest priority profile (lowest number) only.", 
      "maximum": 32000, 
      "minimum": 0, 
      "required": false, 
      "title": "Config Priority", 
      "type": "int"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IPFIX L2 Profile", 
  "type": "object"
}

IPFIXL2ProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "IPFIXL2ProfileListRequestParameters", 
  "module_id": "PolicyIPFIXSwitch", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IPFIX L2 Profile request parameters", 
  "type": "object"
}

IPFIXL2ProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPFIXL2ProfileListResult", 
  "module_id": "PolicyIPFIXSwitch", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPFIXL2Profile
      }, 
      "required": true, 
      "title": "IPFIX L2 Profile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of IPFIX L2 Profile", 
  "type": "object"
}

IPInfo (type) 

{
  "id": "IPInfo", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "ip_addresses": {
      "items": {
        "$ref": "IPv4Address
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "IPv4 Addresses", 
      "type": "array"
    }, 
    "prefix_length": {
      "maximum": 32, 
      "minimum": 1, 
      "required": true, 
      "title": "Subnet Prefix Length", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

IPMemberAction (type) 

{
  "additionalProperties": false, 
  "id": "IPMemberAction", 
  "module_id": "IPSet", 
  "properties": {
    "action": {
      "enum": [
        "add_ip", 
        "remove_ip"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Specifies addition or removal action", 
      "type": "string"
    }
  }, 
  "type": "object"
}

IPMirrorDestination (type) 

{
  "extends": {
    "$ref": "MirrorDestination
  }, 
  "id": "IPMirrorDestination", 
  "module_id": "PortMirroring", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IPMirrorDestination"
  }, 
  "properties": {
    "destination_ips": {
      "description": "The destination IPs of the mirror packet will be sent to.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "maxItems": 3, 
      "minItems": 1, 
      "required": true, 
      "title": "List of destination IP addresses", 
      "type": "array"
    }, 
    "encapsulation_type": {
      "$ref": "EncapsulationType, 
      "default": "GRE", 
      "description": "You can choose GRE, ERSPAN II or ERSPAN III.", 
      "required": true, 
      "title": "IPMirrorDestination encapsulation type"
    }, 
    "erspan_id": {
      "description": "Used by physical switch for the mirror traffic forwarding. Must be provided and only effective when encapsulation type is ERSPAN type II or type III.", 
      "maximum": 1023, 
      "minimum": 0, 
      "required": false, 
      "title": "ERSPAN session id", 
      "type": "int"
    }, 
    "gre_key": {
      "description": "User-configurable 32-bit key only for GRE", 
      "required": false, 
      "title": "GRE encapsulation key", 
      "type": "int"
    }, 
    "resource_type": {
      "$ref": "MirrorDestinationResourceType, 
      "help_summary": "Possible values are 'LogicalPortMirrorDestination'", 
      "required": true
    }
  }, 
  "type": "object"
}

IPPrefixList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IPPrefixList", 
  "module_id": "Routing", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logical_router_id": {
      "readonly": true, 
      "required": false, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "prefixes": {
      "items": {
        "$ref": "PrefixConfig
      }, 
      "maxItems": 1330000, 
      "minItems": 1, 
      "required": true, 
      "title": "Ordered list of PrefixConfig", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

IPPrefixListListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPPrefixListListResult", 
  "module_id": "Routing", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPPrefixList
      }, 
      "required": true, 
      "title": "Paginated list of IPPrefixLists", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

IPProtocolNSService (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "NSServiceElement
  }, 
  "id": "IPProtocolNSService", 
  "module_id": "Types", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IPProtocolNSService"
  }, 
  "properties": {
    "protocol_number": {
      "required": true, 
      "title": "The IP protocol number", 
      "type": "integer"
    }, 
    "resource_type": {
      "enum": [
        "EtherTypeNSService", 
        "IPProtocolNSService", 
        "IGMPTypeNSService", 
        "ICMPTypeNSService", 
        "ALGTypeNSService", 
        "L4PortSetNSService"
      ], 
      "required": true, 
      "title": "The specific type of NSServiceElement", 
      "type": "string"
    }
  }, 
  "title": "An NSService element that represents an IP protocol", 
  "type": "object"
}

IPProtocolServiceEntry (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ServiceEntry
  }, 
  "id": "IPProtocolServiceEntry", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IPProtocolServiceEntry"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "protocol_number": {
      "maximum": 255, 
      "minimum": 0, 
      "required": true, 
      "type": "integer"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "IPProtocolServiceEntry", 
        "IGMPTypeServiceEntry", 
        "ICMPTypeServiceEntry", 
        "ALGTypeServiceEntry", 
        "L4PortSetServiceEntry", 
        "EtherTypeServiceEntry"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "A ServiceEntry that represents an IP protocol", 
  "type": "object"
}

IPSecDigestAlgorithm (type) 

{
  "additionalProperties": false, 
  "description": "The IPSecDigestAlgorithms are used to verify message integrity during IPSec VPN tunnel establishment. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.", 
  "enum": [
    "SHA1", 
    "SHA2_256", 
    "SHA2_384", 
    "SHA2_512"
  ], 
  "id": "IPSecDigestAlgorithm", 
  "module_id": "PolicyIPSecVpn", 
  "title": "Digest Algorithms used in IPSec tunnel establishment", 
  "type": "string"
}

IPSecEncryptionAlgorithm (type) 

{
  "additionalProperties": false, 
  "description": "IPSecEncryptionAlgorithms are used to ensure confidentiality of the messages exchanged during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode (GCM) and is used to provide both confidentiality and data origin authentication. NO_ENCRYPTION_AUTH_AES_GMAC_* enables authentication on input data without encyption. Digest algorithm should be empty for this option.", 
  "enum": [
    "AES_128", 
    "AES_256", 
    "AES_GCM_128", 
    "AES_GCM_192", 
    "AES_GCM_256", 
    "NO_ENCRYPTION_AUTH_AES_GMAC_128", 
    "NO_ENCRYPTION_AUTH_AES_GMAC_192", 
    "NO_ENCRYPTION_AUTH_AES_GMAC_256", 
    "NO_ENCRYPTION"
  ], 
  "id": "IPSecEncryptionAlgorithm", 
  "module_id": "PolicyIPSecVpn", 
  "title": "Encryption algorithm used in IPSec tunnel", 
  "type": "string"
}

IPSecVPNDPDProfile (type) 

{
  "additionalProperties": false, 
  "description": "Dead peer detection (DPD) is a method that allows detection of unreachable internet key excahnge (IKE) peers. Any changes affects all IPSec VPN sessions consuming this profile.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IPSecVPNDPDProfile", 
  "module_id": "IPSecVPN", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "dpd_probe_interval": {
      "default": 60, 
      "description": "DPD probe interval defines a periodic interval for DPD probes.", 
      "maximum": 360, 
      "minimum": 3, 
      "title": "DPD probe interval in seconds", 
      "type": "integer"
    }, 
    "enabled": {
      "default": true, 
      "description": "If true, enable dead peer detection.", 
      "title": "Enable dead peer detection (DPD)", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Dead peer detection (DPD) profile", 
  "type": "object"
}

IPSecVPNDPDProfileListResult (type) 

{
  "additionalProperties": false, 
  "description": "List all the dead peer detection (DPD) profiles.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPSecVPNDPDProfileListResult", 
  "module_id": "IPSecVPN", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPSecVPNDPDProfile
      }, 
      "required": true, 
      "title": "IPSec DPD Profile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List dead peer detection (DPD) profiles", 
  "type": "object"
}

IPSecVPNIKEProfile (type) 

{
  "additionalProperties": false, 
  "description": "IKE Profile is a reusable profile that captures IKE phase one negotiation parameters. Any changes affects all IPSec VPN sessions consuming this profile.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IPSecVPNIKEProfile", 
  "module_id": "IPSecVPN", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "dh_groups": {
      "description": "Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.", 
      "items": {
        "$ref": "DHGroup
      }, 
      "title": "DH group", 
      "type": "array"
    }, 
    "digest_algorithms": {
      "description": "Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. Default is SHA2_256.", 
      "items": {
        "$ref": "IKEDigestAlgorithm
      }, 
      "title": "Algorithm for message hash", 
      "type": "array"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "encryption_algorithms": {
      "description": "Encryption algorithm is used during Internet Key Exchange(IKE) negotiation. Default is AES_128.", 
      "items": {
        "$ref": "IKEEncryptionAlgorithm
      }, 
      "title": "Encryption algorithm for IKE", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ike_version": {
      "default": "IKE_V2", 
      "description": "IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.", 
      "enum": [
        "IKE_V1", 
        "IKE_V2", 
        "IKE_FLEX"
      ], 
      "title": "IKE version", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sa_life_time": {
      "default": 86400, 
      "description": "Life time for security association. Default is 86400 seconds (1 day).", 
      "maximum": 31536000, 
      "minimum": 21600, 
      "title": "Security association (SA) life time", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Internet key exchange (IKE) profile", 
  "type": "object"
}

IPSecVPNIKEProfileListResult (type) 

{
  "additionalProperties": false, 
  "description": "List all the IKE profiles.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPSecVPNIKEProfileListResult", 
  "module_id": "IPSecVPN", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPSecVPNIKEProfile
      }, 
      "required": true, 
      "title": "IKE Profile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List IKE profiles", 
  "type": "object"
}

IPSecVPNIKEServiceSummary (type) 

{
  "additionalProperties": false, 
  "description": "Summarized view of all IPSec VPN sessions for a specified service.", 
  "extends": {
    "$ref": "IPSecVPNSessionSummary
  }, 
  "id": "IPSecVPNIKEServiceSummary", 
  "module_id": "VPNStatistics", 
  "properties": {
    "aggregate_traffic_counters": {
      "$ref": "IPSecVPNTrafficCounters, 
      "description": "Aggregate traffic statistics across all selected sessions.", 
      "title": "Traffic summary"
    }, 
    "display_name": {
      "description": "VPN service display name.", 
      "readonly": true, 
      "title": "Display name", 
      "type": "string"
    }, 
    "ipsec_vpn_service_id": {
      "description": "UUID for a vpn service.", 
      "readonly": true, 
      "title": "Service identifier", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "readonly": true, 
      "title": "Last updated timestamp"
    }, 
    "logical_router_id": {
      "description": "Logical router identifier associated with vpn service.", 
      "readonly": true, 
      "title": "Logical router identifier", 
      "type": "string"
    }, 
    "session_summary": {
      "$ref": "IPsecVPNIKESessionSummary, 
      "description": "Session summary for number of total, established, failed and degraded IPSec VPN sessions.", 
      "readonly": true, 
      "title": "Session summary"
    }, 
    "traffic_summary_per_session": {
      "description": "Traffic summary per session.", 
      "items": {
        "$ref": "IPSecVPNSessionTrafficSummary
      }, 
      "title": "Traffic summary", 
      "type": "array"
    }
  }, 
  "title": "IPSec VPN IKE service summary", 
  "type": "object"
}

IPSecVPNIKESessionStatus (type) 

{
  "additionalProperties": false, 
  "description": "Status for IPSec VPN IKE session UP, DOWN, NEGOTIATING and fail reason if IKE session is down.", 
  "id": "IPSecVPNIKESessionStatus", 
  "module_id": "VPNStatistics", 
  "properties": {
    "fail_reason": {
      "description": "Reason for failure.", 
      "readonly": true, 
      "title": "Fail reason", 
      "type": "string"
    }, 
    "ike_session_state": {
      "description": "IKE session service status UP, DOWN and NEGOTIATING.", 
      "enum": [
        "UP", 
        "DOWN", 
        "NEGOTIATING"
      ], 
      "readonly": true, 
      "title": "IKE session state", 
      "type": "string"
    }
  }, 
  "title": "IKE session status", 
  "type": "object"
}

IPSecVPNIKETrafficStatistics (type) 

{
  "additionalProperties": false, 
  "description": "Traffic statistics for IPSec VPN IKE session. Note - Not supported in this release.", 
  "id": "IPSecVPNIKETrafficStatistics", 
  "module_id": "VPNStatistics", 
  "properties": {
    "bytes_in": {
      "description": "Number of bytes in.", 
      "readonly": true, 
      "title": "Bytes in", 
      "type": "integer"
    }, 
    "bytes_out": {
      "description": "Number of bytes out.", 
      "readonly": true, 
      "title": "Bytes out", 
      "type": "integer"
    }, 
    "fail_count": {
      "description": "Fail count.", 
      "readonly": true, 
      "title": "Fail count", 
      "type": "integer"
    }, 
    "packets_in": {
      "description": "Number of packets in.", 
      "readonly": true, 
      "title": "Packets in", 
      "type": "integer"
    }, 
    "packets_out": {
      "description": "Number of packets out.", 
      "readonly": true, 
      "title": "Packets out", 
      "type": "integer"
    }
  }, 
  "title": "IPSec VPN IKE traffic statistics", 
  "type": "object"
}

IPSecVPNLocalEndpoint (type) 

{
  "additionalProperties": false, 
  "description": "Local endpoint represents a logical router on which tunnel needs to be terminated.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IPSecVPNLocalEndpoint", 
  "module_id": "IPSecVPN", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "certificate_id": {
      "description": "Site certificate identifier.", 
      "title": "Certificate Id", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipsec_vpn_service_id": {
      "$ref": "ResourceReference, 
      "description": "VPN Service id.", 
      "required": true, 
      "title": "VPN Service id"
    }, 
    "local_address": {
      "$ref": "IPv4Address, 
      "description": "IPV4 Address for local endpoint.", 
      "required": true, 
      "title": "IPV4 Address for local endpoint"
    }, 
    "local_id": {
      "description": "Local identifier.", 
      "title": "Local identifier", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "trust_ca_ids": {
      "description": "Certificate authority (CA) identifier list to verify peer certificates.", 
      "items": {
        "type": "string"
      }, 
      "title": "Certificate authority (CA) identifiers", 
      "type": "array"
    }, 
    "trust_crl_ids": {
      "description": "Certificate revocation list (CRL) identifier list of peer certificates.", 
      "items": {
        "type": "string"
      }, 
      "title": "Certificate revocation list (CRL) Identifiers", 
      "type": "array"
    }
  }, 
  "title": "IPSec VPN Local Endpoint", 
  "type": "object"
}

IPSecVPNLocalEndpointListParameters (type) 

{
  "additionalProperties": false, 
  "description": "Parameters to get the filtered list of IPSec VPN local endpoints. Both filter parameters can be provided as they are not mutually exclusive.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "IPSecVPNLocalEndpointListParameters", 
  "module_id": "IPSecVPN", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "ipsec_vpn_service_id": {
      "description": "All the local endpoints configured with the specified VPN Service id will be included in the result.", 
      "required": false, 
      "title": "Id of the IPSec VPN service", 
      "type": "string"
    }, 
    "logical_router_id": {
      "description": "All the local endpoints belonging to the specified logical router id will be included in the result.", 
      "required": false, 
      "title": "Id of logical router", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List parameters for IPSec VPN local endpoints", 
  "type": "object"
}

IPSecVPNLocalEndpointListResult (type) 

{
  "additionalProperties": false, 
  "description": "List all the local endpoints.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPSecVPNLocalEndpointListResult", 
  "module_id": "IPSecVPN", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPSecVPNLocalEndpoint
      }, 
      "required": true, 
      "title": "IPSec local endpoint list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List local endpoints", 
  "type": "object"
}

IPSecVPNPeerEndpoint (type) 

{
  "additionalProperties": false, 
  "description": "IPSec VPN Peer Endpoint covers configuration to be applied locally to establish a session with remote endpoint on peer site.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IPSecVPNPeerEndpoint", 
  "module_id": "IPSecVPN", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "authentication_mode": {
      "default": "PSK", 
      "description": "Authentication mode used for the peer authentication. For PSK (Pre Shared Key) authentication mode, 'psk' property is mandatory and for the CERTIFICATE authentication mode, 'peer_id' property is mandatory.", 
      "enum": [
        "PSK", 
        "CERTIFICATE"
      ], 
      "title": "Authentication Mode", 
      "type": "string"
    }, 
    "connection_initiation_mode": {
      "default": "INITIATOR", 
      "description": "Connection initiation mode used by local endpoint to establish ike connection with peer endpoint. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.", 
      "enum": [
        "INITIATOR", 
        "RESPOND_ONLY", 
        "ON_DEMAND"
      ], 
      "title": "Connection initiation mode", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "dpd_profile_id": {
      "description": "Dead peer detection (DPD) profile id. Default will be set according to system default policy.", 
      "title": "Dead peer detection (DPD) profile id", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ike_profile_id": {
      "description": "IKE profile id to be used. Default will be set according to system default policy.", 
      "title": "Internet key exchange (IKE) profile id", 
      "type": "string"
    }, 
    "ipsec_tunnel_profile_id": {
      "description": "Tunnel profile id to be used. By default it will point to system default profile.", 
      "title": "IPSec tunnel profile id", 
      "type": "string"
    }, 
    "peer_address": {
      "description": "IPV4 address of peer endpoint on remote site.", 
      "required": true, 
      "title": "IPV4 address of peer endpoint on remote site.", 
      "type": "string"
    }, 
    "peer_id": {
      "description": "Peer identifier.", 
      "required": true, 
      "title": "Peer id", 
      "type": "string"
    }, 
    "psk": {
      "description": "IPSec Pre-shared key. Maximum length of this field is 128 characters.", 
      "sensitive": true, 
      "title": "Pre-shared key", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IPSec VPN Peer Endpoint", 
  "type": "object"
}

IPSecVPNPeerEndpointListResult (type) 

{
  "additionalProperties": false, 
  "description": "List all the peer endpoints.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPSecVPNPeerEndpointListResult", 
  "module_id": "IPSecVPN", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPSecVPNPeerEndpoint
      }, 
      "required": true, 
      "title": "IPSec Peer endpoint list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List peer endpoints", 
  "type": "object"
}

IPSecVPNPolicyRule (type) 

{
  "additionalProperties": false, 
  "description": "For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy's match criteria.", 
  "extends": {
    "$ref": "EmbeddedResource
  }, 
  "id": "IPSecVPNPolicyRule", 
  "module_id": "IPSecVPN", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_owner": {
      "$ref": "OwnerResourceLink, 
      "readonly": true, 
      "title": "Owner of this resource"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "action": {
      "default": "PROTECT", 
      "description": "PROTECT - Protect rules are defined per policy based IPSec VPN session. BYPASS - Bypass rules are defined per IPSec VPN service and affects all policy based IPSec VPN sessions. Bypass rules are prioritized over protect rules.", 
      "enum": [
        "PROTECT", 
        "BYPASS"
      ], 
      "readonly": true, 
      "title": "Action to be applied", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destinations": {
      "description": "List of peer subnets.", 
      "items": {
        "$ref": "IPSecVPNPolicySubnet
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Destination list", 
      "type": "array"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "A flag to enable/disable the policy rule.", 
      "title": "Enabled flag", 
      "type": "boolean"
    }, 
    "id": {
      "description": "Unique policy id.", 
      "title": "Unique policy id", 
      "type": "string"
    }, 
    "logged": {
      "default": false, 
      "description": "A flag to enable/disable the logging for the policy rule.", 
      "title": "Logging flag", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sources": {
      "description": "List of local subnets.", 
      "items": {
        "$ref": "IPSecVPNPolicySubnet
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Source list", 
      "type": "array"
    }
  }, 
  "title": "IPSec VPN policy rules", 
  "type": "object"
}

IPSecVPNPolicySubnet (type) 

{
  "additionalProperties": false, 
  "description": "Used to specify the local/peer subnets in IPSec VPN Policy rule.", 
  "id": "IPSecVPNPolicySubnet", 
  "module_id": "IPSecVPN", 
  "properties": {
    "subnet": {
      "$ref": "IPv4CIDRBlock, 
      "description": "Subnet used in policy rule.", 
      "required": true, 
      "title": "Peer or local subnet"
    }
  }, 
  "title": "Subnet for IPSec Policy based VPN", 
  "type": "object"
}

IPSecVPNPolicyTrafficStatistics (type) 

{
  "additionalProperties": false, 
  "description": "IPSec VPN policy traffic statistics", 
  "id": "IPSecVPNPolicyTrafficStatistics", 
  "module_id": "VPNStatistics", 
  "properties": {
    "aggregate_traffic_counters": {
      "$ref": "IPSecVPNTrafficCounters, 
      "description": "Aggregate traffic statistics across all ipsec tunnels.", 
      "readonly": true, 
      "title": "Traffic summary"
    }, 
    "policy_id": {
      "description": "Policy Identifier.", 
      "readonly": true, 
      "title": "Policy Identifier", 
      "type": "string"
    }, 
    "tunnel_port_id": {
      "description": "Tunnel port identifier.", 
      "readonly": true, 
      "title": "Tunnel port identifier", 
      "type": "string"
    }, 
    "tunnel_statistics": {
      "description": "Tunnel statistics.", 
      "items": {
        "$ref": "IPSecVPNTunnelTrafficStatistics
      }, 
      "readonly": true, 
      "title": "Tunnel statistics", 
      "type": "array"
    }
  }, 
  "title": "IPSec VPN policy traffic statistics", 
  "type": "object"
}

IPSecVPNService (type) 

{
  "additionalProperties": false, 
  "description": "Create and manage IPSec VPN service for given logical router.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IPSecVPNService", 
  "module_id": "IPSecVPN", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "bypass_rules": {
      "description": "Bypass policy rules are configured using VPN service. Bypass rules always have higher priority over protect rules and they affect all policy based vpn sessions associated with the IPSec VPN service. Protect rules are defined per policy based vpn session.", 
      "items": {
        "$ref": "IPSecVPNPolicyRule
      }, 
      "required": false, 
      "title": "Bypass Policy rules", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "If true, enable VPN services for given logical router.", 
      "title": "Enable virtual private network (VPN) service", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ike_log_level": {
      "default": "INFO", 
      "description": "Log level for internet key exchange (IKE).", 
      "enum": [
        "DEBUG", 
        "INFO", 
        "WARN", 
        "ERROR", 
        "EMERGENCY"
      ], 
      "title": "Internet key exchange (IKE) log level", 
      "type": "string"
    }, 
    "logical_router_id": {
      "description": "Logical router id.", 
      "required": true, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IPSec VPN service", 
  "type": "object"
}

IPSecVPNServiceListResult (type) 

{
  "additionalProperties": false, 
  "description": "List all the IPSec VPN services.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPSecVPNServiceListResult", 
  "module_id": "IPSecVPN", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPSecVPNService
      }, 
      "required": true, 
      "title": "IPSec VPN serivce list result", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List IPSec VPN services", 
  "type": "object"
}

IPSecVPNSession (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "VPN session defines connection between local and peer endpoint. Untill VPN session is defined configuration is not realized.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IPSecVPNSession", 
  "module_id": "IPSecVPN", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Enable/Disable IPSec VPN session.", 
      "title": "Enable/Disable IPSec VPN session", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipsec_vpn_service_id": {
      "description": "Identifier of VPN Service linked with local endpoint.", 
      "readonly": true, 
      "title": "IPSec VPN service identifier", 
      "type": "string"
    }, 
    "local_endpoint_id": {
      "description": "Local endpoint identifier.", 
      "required": true, 
      "title": "Local endpoint identifier", 
      "type": "string"
    }, 
    "peer_endpoint_id": {
      "description": "Peer endpoint identifier.", 
      "required": true, 
      "title": "Peer endpoint identifier", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "IPSecVPNSessionResourceType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_mss_clamping": {
      "$ref": "TcpMssClamping, 
      "required": false
    }
  }, 
  "title": "IPSec VPN session", 
  "type": "object"
}

IPSecVPNSessionListParameters (type) 

{
  "additionalProperties": false, 
  "description": "Parameters to get filtered list of IPSec VPN Sessions. The filter parameters are not mutually exclusive and can be used together.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "IPSecVPNSessionListParameters", 
  "module_id": "IPSecVPN", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "ipsec_vpn_service_id": {
      "description": "All the IPSec VPN sessions configured with the specified VPN Service id will be included in the result.", 
      "required": false, 
      "title": "Id of the IPSec VPN service", 
      "type": "string"
    }, 
    "logical_router_id": {
      "description": "All the VPN sessions belonging to the specified logical router id will be included in the result.", 
      "required": false, 
      "title": "Id of logical router", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "session_type": {
      "$ref": "IPSecVPNSessionResourceType, 
      "description": "All the IPSec VPN sessions of specified type will be included in the result.", 
      "required": false, 
      "title": "Type of the vpn session"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List parameters for IPSec VPN Sessions", 
  "type": "object"
}

IPSecVPNSessionListResult (type) 

{
  "additionalProperties": false, 
  "description": "List all the IPSec VPN sessions.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPSecVPNSessionListResult", 
  "module_id": "IPSecVPN", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPSecVPNSession
      }, 
      "required": true, 
      "title": "IPSec VPN sessions list result", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List IPSec VPN sessions", 
  "type": "object"
}

IPSecVPNSessionResourceType (type) 

{
  "additionalProperties": false, 
  "description": "A Policy Based VPN requires to define protect rules that match   local and peer subnets. IPSec security associations is   negotiated for each pair of local and peer subnet. A Route Based VPN is more flexible, more powerful and recommended over   policy based VPN. IP Tunnel port is created and all traffic routed via   tunnel port is protected. Routes can be configured statically   or can be learned through BGP. A route based VPN is must for establishing   redundant VPN session to remote site.", 
  "enum": [
    "PolicyBasedIPSecVPNSession", 
    "RouteBasedIPSecVPNSession"
  ], 
  "id": "IPSecVPNSessionResourceType", 
  "module_id": "IPSecVPN", 
  "title": "Resource types of IPsec VPN session", 
  "type": "string"
}

IPSecVPNSessionState (type) 

{
  "extends": {
    "$ref": "ConfigurationState
  }, 
  "id": "IPSecVPNSessionState", 
  "module_id": "IPSecVPN", 
  "properties": {
    "details": {
      "items": {
        "$ref": "ConfigurationStateElement
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Array of configuration state of various sub systems", 
      "type": "array"
    }, 
    "failure_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code", 
      "type": "integer"
    }, 
    "failure_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message in case of failure", 
      "type": "string"
    }, 
    "state": {
      "description": "Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.", 
      "enum": [
        "pending", 
        "in_progress", 
        "success", 
        "failed", 
        "partial_success", 
        "orphaned", 
        "unknown", 
        "error", 
        "NOT_AVAILABLE", 
        "VM_DEPLOYMENT_QUEUED", 
        "VM_DEPLOYMENT_IN_PROGRESS", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_IN_PROGRESS", 
        "VM_POWER_ON_FAILED", 
        "REGISTRATION_PENDING", 
        "NODE_NOT_READY", 
        "NODE_READY", 
        "VM_POWER_OFF_IN_PROGRESS", 
        "VM_POWER_OFF_FAILED", 
        "VM_UNDEPLOY_IN_PROGRESS", 
        "VM_UNDEPLOY_FAILED", 
        "VM_UNDEPLOY_SUCCESSFUL", 
        "EDGE_CONFIG_ERROR", 
        "VM_DEPLOYMENT_RESTARTED", 
        "REGISTRATION_FAILED", 
        "TRANSPORT_NODE_SYNC_PENDING", 
        "TRANSPORT_NODE_CONFIGURATION_MISSING", 
        "EDGE_HARDWARE_NOT_SUPPORTED", 
        "MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED", 
        "TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER", 
        "TZ_ENDPOINTS_NOT_SPECIFIED", 
        "NO_PNIC_PREPARED_IN_EDGE", 
        "APPLIANCE_INTERNAL_ERROR", 
        "VTEP_DHCP_NOT_SUPPORTED", 
        "UNSUPPORTED_HOST_SWITCH_PROFILE", 
        "UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED", 
        "HOSTSWITCH_PROFILE_NOT_FOUND", 
        "LLDP_SEND_ENABLED_NOT_SUPPORTED", 
        "UNSUPPORTED_NAMED_TEAMING_POLICY", 
        "LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM", 
        "LACP_NOT_SUPPORTED_FOR_EDGE_VM", 
        "STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM", 
        "MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE", 
        "UNSUPPORTED_LACP_LB_ALGO_FOR_NODE", 
        "EDGE_NODE_VERSION_NOT_SUPPORTED", 
        "NO_PNIC_SPECIFIED_IN_TN", 
        "INVALID_PNIC_DEVICE_NAME", 
        "TRANSPORT_NODE_READY", 
        "VM_NETWORK_EDIT_PENDING", 
        "UNSUPPORTED_DEFAULT_TEAMING_POLICY", 
        "MPA_DISCONNECTED", 
        "VM_RENAME_PENDING", 
        "VM_CONFIG_EDIT_PENDING", 
        "VM_NETWORK_EDIT_FAILED", 
        "VM_RENAME_FAILED", 
        "VM_CONFIG_EDIT_FAILED", 
        "VM_CONFIG_DISCREPANCY", 
        "VM_NODE_REFRESH_FAILED", 
        "VM_PLACEMENT_REFRESH_FAILED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Overall state of desired configuration", 
      "type": "string"
    }
  }, 
  "type": "object"
}

IPSecVPNSessionStatistics (type) 

{
  "additionalProperties": false, 
  "description": "Session statistics gives aggregated statistics of all policies for all the tunnels.", 
  "id": "IPSecVPNSessionStatistics", 
  "module_id": "VPNStatistics", 
  "properties": {
    "aggregate_traffic_counters": {
      "$ref": "IPSecVPNTrafficCounters, 
      "description": "Aggregate traffic statistics across all ipsec tunnels.", 
      "readonly": true, 
      "title": "Traffic summary"
    }, 
    "display_name": {
      "description": "Display name of vpn session.", 
      "readonly": true, 
      "title": "Display name", 
      "type": "string"
    }, 
    "ike_status": {
      "$ref": "IPSecVPNIKESessionStatus, 
      "description": "Status for IPSec VPN IKE session UP/DOWN and fail reason if IKE session is down.", 
      "readonly": true, 
      "title": "IKE status summary"
    }, 
    "ike_traffic_statistics": {
      "$ref": "IPSecVPNIKETrafficStatistics, 
      "description": "Traffic statistics for IPSec VPN IKE session. Note - Not supported in this release.", 
      "readonly": true, 
      "title": "IKE traffic statistics"
    }, 
    "ipsec_vpn_session_id": {
      "description": "UUID of vpn session.", 
      "readonly": true, 
      "title": "Session identifier", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "readonly": true, 
      "title": "Last updated timestamp"
    }, 
    "partial_stats": {
      "description": "Partial statistics if true specifies that the statistics are only from active node.", 
      "readonly": true, 
      "title": "Partial Statistics", 
      "type": "boolean"
    }, 
    "policy_statistics": {
      "description": "Gives aggregate traffic statistics across all ipsec tunnels and individual tunnel statistics.", 
      "items": {
        "$ref": "IPSecVPNPolicyTrafficStatistics
      }, 
      "readonly": true, 
      "title": "IPSec policy statistics", 
      "type": "array"
    }
  }, 
  "title": "IPSec VPN session statistics", 
  "type": "object"
}

IPSecVPNSessionStatus (type) 

{
  "additionalProperties": false, 
  "description": "IKE session traffic summary provides IKE session status and aggregate of traffic across all tunnel.", 
  "id": "IPSecVPNSessionStatus", 
  "module_id": "VPNStatistics", 
  "properties": {
    "aggregate_traffic_counters": {
      "$ref": "IPSecVPNTrafficCounters, 
      "description": "Aggregate traffic statistics across all ipsec tunnels.", 
      "readonly": true, 
      "title": "Traffic summary"
    }, 
    "display_name": {
      "description": "Display name of vpn session.", 
      "readonly": true, 
      "title": "Display name", 
      "type": "string"
    }, 
    "failed_tunnels": {
      "description": "Number of failed tunnels.", 
      "readonly": true, 
      "title": "Failed tunnels", 
      "type": "integer"
    }, 
    "ike_status": {
      "$ref": "IPSecVPNIKESessionStatus, 
      "description": "Status for IPSec VPN IKE session UP/DOWN and fail reason if IKE session is down.", 
      "readonly": true, 
      "title": "IKE status"
    }, 
    "ipsec_vpn_session_id": {
      "description": "UUID of vpn session.", 
      "readonly": true, 
      "title": "Session identifier", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "readonly": true, 
      "title": "Last updated timestamp"
    }, 
    "negotiated_tunnels": {
      "description": "Number of negotiated tunnels.", 
      "readonly": true, 
      "title": "Negotiated tunnels", 
      "type": "integer"
    }, 
    "session_status": {
      "description": "Gives session status consolidated using IKE status and tunnel status. It can be UP, DOWN, DEGRADED. If IKE and all tunnels are UP status will be UP, if all down it will be DOWN, otherwise it will be DEGRADED.", 
      "enum": [
        "UP", 
        "DOWN", 
        "DEGRADED"
      ], 
      "readonly": true, 
      "title": "Session status", 
      "type": "string"
    }, 
    "total_tunnels": {
      "description": "Total number of tunnels.", 
      "readonly": true, 
      "title": "Total tunnels", 
      "type": "integer"
    }
  }, 
  "title": "IKE session traffic summary", 
  "type": "object"
}

IPSecVPNSessionSummary (type) 

{
  "additionalProperties": false, 
  "description": "Summarized view of all selected IPSec VPN sessions.", 
  "id": "IPSecVPNSessionSummary", 
  "module_id": "VPNStatistics", 
  "properties": {
    "aggregate_traffic_counters": {
      "$ref": "IPSecVPNTrafficCounters, 
      "description": "Aggregate traffic statistics across all selected sessions.", 
      "title": "Traffic summary"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "readonly": true, 
      "title": "Last updated timestamp"
    }, 
    "session_summary": {
      "$ref": "IPsecVPNIKESessionSummary, 
      "description": "Session summary for number of total, established, failed and degraded IPSec VPN sessions.", 
      "readonly": true, 
      "title": "Session summary"
    }, 
    "traffic_summary_per_session": {
      "description": "Traffic summary per session.", 
      "items": {
        "$ref": "IPSecVPNSessionTrafficSummary
      }, 
      "title": "Traffic summary", 
      "type": "array"
    }
  }, 
  "title": "IPSec VPN session summary", 
  "type": "object"
}

IPSecVPNSessionTrafficSummary (type) 

{
  "additionalProperties": false, 
  "description": "IPSec VPN session traffic summary.", 
  "id": "IPSecVPNSessionTrafficSummary", 
  "module_id": "VPNStatistics", 
  "properties": {
    "ipsec_vpn_session": {
      "$ref": "ResourceReference, 
      "description": "VPN Session.", 
      "readonly": true, 
      "title": "VPN session"
    }, 
    "traffic_counters": {
      "$ref": "IPSecVPNTrafficCounters, 
      "description": "Traffic stastics.", 
      "readonly": true, 
      "title": "Traffic stastics"
    }
  }, 
  "title": "IPSec VPN session traffic summary", 
  "type": "object"
}

IPSecVPNTrafficCounters (type) 

{
  "additionalProperties": false, 
  "description": "Traffic counters for IPSec VPN session.", 
  "id": "IPSecVPNTrafficCounters", 
  "module_id": "VPNStatistics", 
  "properties": {
    "bytes_in": {
      "description": "Total number of bytes recevied.", 
      "readonly": true, 
      "title": "Bytes in", 
      "type": "integer"
    }, 
    "bytes_out": {
      "description": "Total number of bytes sent.", 
      "readonly": true, 
      "title": "Bytes out", 
      "type": "integer"
    }, 
    "dropped_packets_in": {
      "description": "Total number of incoming packets dropped on inbound security association.", 
      "readonly": true, 
      "title": "Dropped incoming packets", 
      "type": "integer"
    }, 
    "dropped_packets_out": {
      "description": "Total number of outgoing packets dropped on outbound security association.", 
      "readonly": true, 
      "title": "Dropped outgoing packets", 
      "type": "integer"
    }, 
    "packets_in": {
      "description": "Total number of packets received.", 
      "readonly": true, 
      "title": "Packets in", 
      "type": "integer"
    }, 
    "packets_out": {
      "description": "Total number of packets sent.", 
      "readonly": true, 
      "title": "Packets out", 
      "type": "integer"
    }
  }, 
  "title": "IPSec VPN traffic counters", 
  "type": "object"
}

IPSecVPNTransportStatus (type) 

{
  "additionalProperties": false, 
  "description": "Provides IPSec VPN session status.", 
  "extends": {
    "$ref": "L2VPNTransportTunnelStatus
  }, 
  "id": "IPSecVPNTransportStatus", 
  "module_id": "L2VPNStatistics", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IPSecVPNTransportStatus"
  }, 
  "properties": {
    "resource_type": {
      "$ref": "TransportTunnelResourceType, 
      "required": true
    }, 
    "status": {
      "$ref": "IPSecVPNSessionStatus, 
      "description": "VPN session status provides IKE session status and aggregate of traffic across all tunnel.", 
      "readonly": true, 
      "title": "IPSec vpn session status"
    }, 
    "tunnel_id": {
      "$ref": "ResourceReference, 
      "description": "Transport tunnel id.", 
      "readonly": true, 
      "title": "Transport tunnel id"
    }
  }, 
  "title": "VPN Session status", 
  "type": "object"
}

IPSecVPNTunnelProfile (type) 

{
  "additionalProperties": false, 
  "description": "IPSec VPN tunnel profile is a reusable profile that captures phase two negotiation parameters and tunnel properties. Any changes affects all IPSec VPN sessions consuming this profile.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IPSecVPNTunnelProfile", 
  "module_id": "IPSecVPN", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "df_policy": {
      "default": "COPY", 
      "description": "Defragmentation policy helps to handle defragmentation bit present in the inner packet. COPY copies the defragmentation bit from the inner IP packet into the outer packet. CLEAR ignores the defragmentation bit present in the inner packet.", 
      "enum": [
        "COPY", 
        "CLEAR"
      ], 
      "title": "Policy for handling defragmentation bit", 
      "type": "string"
    }, 
    "dh_groups": {
      "description": "Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.", 
      "items": {
        "$ref": "DHGroup
      }, 
      "title": "DH group", 
      "type": "array"
    }, 
    "digest_algorithms": {
      "description": "Algorithm to be used for message digest. Default digest algorithm is implicitly covered by default encryption algorithm \"AES_GCM_128\".", 
      "items": {
        "$ref": "TunnelDigestAlgorithm
      }, 
      "title": "Algorithm for message hash", 
      "type": "array"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enable_perfect_forward_secrecy": {
      "default": true, 
      "description": "If true, perfect forward secrecy (PFS) is enabled.", 
      "title": "Enable perfect forward secrecy", 
      "type": "boolean"
    }, 
    "encapsulation_mode": {
      "default": "TUNNEL_MODE", 
      "description": "Encapsulation Mode to be used for encryption of packet. Tunnel mode protects internal routing information by encrypting IP header of original packet.", 
      "enum": [
        "TUNNEL_MODE"
      ], 
      "readonly": true, 
      "title": "Encapsulation Mode", 
      "type": "string"
    }, 
    "encryption_algorithms": {
      "description": "Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.", 
      "items": {
        "$ref": "TunnelEncryptionAlgorithm
      }, 
      "title": "Encryption algorithm to use in tunnel establishement", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sa_life_time": {
      "default": 3600, 
      "description": "SA life time specifies the expiry time of security association. Default is 3600 seconds.", 
      "maximum": 31536000, 
      "minimum": 900, 
      "title": "Security association (SA) life time", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transform_protocol": {
      "default": "ESP", 
      "description": "IPSec transform specifies IPSec security protocol.", 
      "enum": [
        "ESP"
      ], 
      "readonly": true, 
      "title": "Tunnel protocol", 
      "type": "string"
    }
  }, 
  "title": "IPSec VPN tunnel profile", 
  "type": "object"
}

IPSecVPNTunnelProfileListResult (type) 

{
  "additionalProperties": false, 
  "description": "List all the tunnel profiles.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPSecVPNTunnelProfileListResult", 
  "module_id": "IPSecVPN", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPSecVPNTunnelProfile
      }, 
      "required": true, 
      "title": "IPSec Tunnel Profile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List tunnel profiles", 
  "type": "object"
}

IPSecVPNTunnelTrafficStatistics (type) 

{
  "additionalProperties": false, 
  "description": "IPSec VPN tunnel traffic statistics.", 
  "id": "IPSecVPNTunnelTrafficStatistics", 
  "module_id": "VPNStatistics", 
  "properties": {
    "bytes_in": {
      "description": "Total number of incoming bytes on inbound Security association (SA).", 
      "readonly": true, 
      "title": "Bytes in", 
      "type": "integer"
    }, 
    "bytes_out": {
      "description": "Total number of outgoing bytes on outbound Security association (SA).", 
      "readonly": true, 
      "title": "Bytes out", 
      "type": "integer"
    }, 
    "decryption_failures": {
      "description": "Total number of packets dropped due to decryption failures.", 
      "readonly": true, 
      "title": "Decryption failures", 
      "type": "integer"
    }, 
    "dropped_packets_in": {
      "description": "Total number of incoming packets dropped on inbound security association.", 
      "readonly": true, 
      "title": "Dropped incoming packets", 
      "type": "integer"
    }, 
    "dropped_packets_out": {
      "description": "Total number of outgoing packets dropped on outbound security association.", 
      "readonly": true, 
      "title": "Dropped outgoing packets", 
      "type": "integer"
    }, 
    "encryption_failures": {
      "description": "Total number of packets dropped because of failure in encryption.", 
      "readonly": true, 
      "title": "Encryption failures", 
      "type": "integer"
    }, 
    "integrity_failures": {
      "description": "Total number of packets dropped due to integrity failures.", 
      "readonly": true, 
      "title": "Integrity failures", 
      "type": "integer"
    }, 
    "local_subnet": {
      "description": "Local subnet to which a tunnel belongs.", 
      "readonly": true, 
      "title": "Local subnet", 
      "type": "string"
    }, 
    "nomatching_policy_errors": {
      "description": "Number of packets dropped because of no matching policy is available.", 
      "readonly": true, 
      "title": "Nomatching Policy errors", 
      "type": "integer"
    }, 
    "packets_in": {
      "description": "Total number of incoming packets on inbound Security association (SA).", 
      "readonly": true, 
      "title": "Packets in", 
      "type": "integer"
    }, 
    "packets_out": {
      "description": "Total number of outgoing packets on outbound Security association (SA).", 
      "readonly": true, 
      "title": "Packets out", 
      "type": "integer"
    }, 
    "packets_receive_other_error": {
      "description": "Total number of incoming packets dropped on inbound Security association (SA)(misc).", 
      "readonly": true, 
      "title": "Packets receive other error", 
      "type": "integer"
    }, 
    "packets_sent_other_error": {
      "description": "Total number of packets dropped while sending for any reason.", 
      "readonly": true, 
      "title": "Packets sent other error", 
      "type": "integer"
    }, 
    "peer_subnet": {
      "description": "Peer subnet to which a tunnel belongs.", 
      "readonly": true, 
      "title": "Peer subnet", 
      "type": "string"
    }, 
    "replay_errors": {
      "description": "Total number of packets dropped due to replay check on that Security association (SA).", 
      "readonly": true, 
      "title": "Replay errors", 
      "type": "integer"
    }, 
    "sa_mismatch_errors_in": {
      "description": "Totoal number of security association (SA) mismatch errors on incoming packets.", 
      "readonly": true, 
      "title": "Security association (SA) mismatch errors on incoming packets", 
      "type": "integer"
    }, 
    "sa_mismatch_errors_out": {
      "description": "Totoal number of security association (SA) mismatch errors on outgoing packets.", 
      "readonly": true, 
      "title": "Security association (SA) mismatch errors on outgoing packets", 
      "type": "integer"
    }, 
    "seq_number_overflow_error": {
      "description": "Total number of packets dropped while sending due to overflow in sequence number.", 
      "readonly": true, 
      "title": "Sequence number overflow error", 
      "type": "integer"
    }, 
    "tunnel_down_reason": {
      "description": "Gives the detailed reason about the tunnel when it is down. If tunnel is UP tunnel down reason will be empty.", 
      "readonly": true, 
      "title": "Tunnel down reason", 
      "type": "string"
    }, 
    "tunnel_status": {
      "description": "Specifies the status of tunnel. If all the SA (Security association) are negotiated then tunnels status will be UP. If negotiation fails for the SAs status will be DOWN, if SAs are in negotiating phase tunnels status will be NEGOTIATING.", 
      "enum": [
        "UP", 
        "DOWN", 
        "NEGOTIATING"
      ], 
      "readonly": true, 
      "title": "Tunnel Status", 
      "type": "string"
    }
  }, 
  "title": "IPSec VPN tunnel traffic statistics", 
  "type": "object"
}

IPSecVpnDpdProfile (type) 

{
  "additionalProperties": false, 
  "description": "Dead peer detection (DPD) is a method that allows detection of unreachable internet key excahnge (IKE) peers. Any changes affects all IPSec VPN sessions consuming this profile.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IPSecVpnDpdProfile", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "dpd_probe_interval": {
      "default": 60, 
      "description": "DPD probe interval defines a periodic interval for DPD probes.", 
      "maximum": 360, 
      "minimum": 3, 
      "title": "DPD probe interval in seconds", 
      "type": "integer"
    }, 
    "enabled": {
      "default": true, 
      "description": "If true, enable dead peer detection.", 
      "title": "Enable dead peer detection (DPD)", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Dead peer detection (DPD) profile", 
  "type": "object"
}

IPSecVpnDpdProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Request parameters to get filtered list of IPSecVpnDpdProfile.", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "IPSecVpnDpdProfileListRequestParameters", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IPSecVpnDpdProfile list request parameters", 
  "type": "object"
}

IPSecVpnDpdProfileListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paged Collection of IPSecVpnDpdProfile.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPSecVpnDpdProfileListResult", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "IPSecVpnDpdProfile list results.", 
      "items": {
        "$ref": "IPSecVpnDpdProfile
      }, 
      "required": true, 
      "title": "IPSecVpnDpdProfile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of IPSecVpnDpdProfile", 
  "type": "object"
}

IPSecVpnIkeProfile (type) 

{
  "additionalProperties": false, 
  "description": "IKE Profile is a reusable profile that captures IKE phase one negotiation parameters. Any changes affects all IPSec VPN sessions consuming this profile.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IPSecVpnIkeProfile", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "dh_groups": {
      "description": "Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.", 
      "items": {
        "$ref": "DhGroup
      }, 
      "title": "DH group", 
      "type": "array"
    }, 
    "digest_algorithms": {
      "description": "Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. Default is SHA2_256.", 
      "items": {
        "$ref": "IkeDigestAlgorithm
      }, 
      "title": "Algorithm for message hash", 
      "type": "array"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "encryption_algorithms": {
      "description": "Encryption algorithm is used during Internet Key Exchange(IKE) negotiation. Default is AES_128.", 
      "items": {
        "$ref": "IkeEncryptionAlgorithm
      }, 
      "title": "Encryption algorithm for IKE", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ike_version": {
      "default": "IKE_V2", 
      "description": "IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.", 
      "enum": [
        "IKE_V1", 
        "IKE_V2", 
        "IKE_FLEX"
      ], 
      "title": "IKE version", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sa_life_time": {
      "default": 86400, 
      "description": "Life time for security association. Default is 86400 seconds (1 day).", 
      "maximum": 31536000, 
      "minimum": 21600, 
      "title": "Security association (SA) life time", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Internet key exchange (IKE) profile", 
  "type": "object"
}

IPSecVpnIkeProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Request parameters to get filtered list of IPSecVpnIkeProfile.", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "IPSecVpnIkeProfileListRequestParameters", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IPSecVpnIkeProfile list request parameters", 
  "type": "object"
}

IPSecVpnIkeProfileListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paged Collection of IPSecVpnIkeProfile.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPSecVpnIkeProfileListResult", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "IPSecVpnIkeProfile list results.", 
      "items": {
        "$ref": "IPSecVpnIkeProfile
      }, 
      "required": true, 
      "title": "IPSecVpnIkeProfile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of IPSecVpnIkeProfile", 
  "type": "object"
}

IPSecVpnIkeSessionStatus (type) 

{
  "additionalProperties": false, 
  "description": "Status for IPSec VPN Ike session UP, DOWN, NEGOTIATING and fail reason if Ike session is down.", 
  "id": "IPSecVpnIkeSessionStatus", 
  "module_id": "PolicyVPNStatistics", 
  "properties": {
    "fail_reason": {
      "description": "Reason for failure.", 
      "readonly": true, 
      "title": "Fail reason", 
      "type": "string"
    }, 
    "ike_session_state": {
      "description": "Ike session service status UP, DOWN and NEGOTIATING.", 
      "enum": [
        "UP", 
        "DOWN", 
        "NEGOTIATING"
      ], 
      "readonly": true, 
      "title": "Ike session state", 
      "type": "string"
    }
  }, 
  "title": "Ike session status", 
  "type": "object"
}

IPSecVpnIkeTrafficStatistics (type) 

{
  "additionalProperties": false, 
  "description": "Traffic statistics for IPSec VPN Ike session. Note - Not supported in this release.", 
  "id": "IPSecVpnIkeTrafficStatistics", 
  "module_id": "PolicyVPNStatistics", 
  "properties": {
    "bytes_in": {
      "description": "Number of bytes in.", 
      "readonly": true, 
      "title": "Bytes in", 
      "type": "integer"
    }, 
    "bytes_out": {
      "description": "Number of bytes out.", 
      "readonly": true, 
      "title": "Bytes out", 
      "type": "integer"
    }, 
    "fail_count": {
      "description": "Fail count.", 
      "readonly": true, 
      "title": "Fail count", 
      "type": "integer"
    }, 
    "packets_in": {
      "description": "Number of packets in.", 
      "readonly": true, 
      "title": "Packets in", 
      "type": "integer"
    }, 
    "packets_out": {
      "description": "Number of packets out.", 
      "readonly": true, 
      "title": "Packets out", 
      "type": "integer"
    }
  }, 
  "title": "IPSec VPN Ike traffic statistics", 
  "type": "object"
}

IPSecVpnLocalEndpoint (type) 

{
  "additionalProperties": false, 
  "description": "Local endpoint represents a tier-0/tier-1 on which tunnel needs to be terminated.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IPSecVpnLocalEndpoint", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "certificate_path": {
      "description": "Policy path referencing site certificate.", 
      "title": "Certificate path", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "local_address": {
      "$ref": "IPv4Address, 
      "description": "IPV4 Address of local endpoint.", 
      "required": true, 
      "title": "IPV4 Address of local endpoint"
    }, 
    "local_id": {
      "description": "Local identifier.", 
      "title": "Local identifier", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "trust_ca_paths": {
      "description": "List of policy paths referencing certificate authority (CA) to verify peer certificates.", 
      "items": {
        "type": "string"
      }, 
      "title": "Certificate authority (CA) paths", 
      "type": "array"
    }, 
    "trust_crl_paths": {
      "description": "List of policy paths referencing certificate revocation list (CRL) to peer certificates.", 
      "items": {
        "type": "string"
      }, 
      "title": "Certificate revocation list (CRL) paths", 
      "type": "array"
    }
  }, 
  "title": "IPSec VPN Local Endpoint", 
  "type": "object"
}

IPSecVpnLocalEndpointListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Request parameters to get filtered list of IPSecVpnLocalEndpoint.", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "IPSecVpnLocalEndpointListRequestParameters", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IPSecVpnLocalEndpoint list request parameters", 
  "type": "object"
}

IPSecVpnLocalEndpointListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paged Collection of IPSecVpnLocalEndpoint.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPSecVpnLocalEndpointListResult", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "IPSecVpnLocalEndpoint list results.", 
      "items": {
        "$ref": "IPSecVpnLocalEndpoint
      }, 
      "required": true, 
      "title": "IPSecVpnLocalEndpoint list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of IPSecVpnLocalEndpoint", 
  "type": "object"
}

IPSecVpnRule (type) 

{
  "additionalProperties": false, 
  "description": "For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy\u2019s match criteria.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IPSecVpnRule", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "action": {
      "default": "PROTECT", 
      "description": "PROTECT - Protect rules are defined per policy based IPSec VPN session. BYPASS - Bypass rules are defined per IPSec VPN service and affects all policy based IPSec VPN sessions. Bypass rules are prioritized over protect rules.", 
      "enum": [
        "PROTECT", 
        "BYPASS"
      ], 
      "readonly": true, 
      "title": "Action to be applied", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destinations": {
      "description": "List of peer subnets. Specifying no value is interpreted as 0.0.0.0/0.", 
      "items": {
        "$ref": "IPSecVpnSubnet
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Destination list", 
      "type": "array"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "A flag to enable/disable the rule.", 
      "title": "Enabled flag", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logged": {
      "default": false, 
      "description": "A flag to enable/disable the logging for the rule.", 
      "title": "Logging flag", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sequence_number": {
      "description": "A sequence number is used to give a priority to an IPSecVpnRule.", 
      "minimum": 0, 
      "required": false, 
      "title": "Sequence number of the IPSecVpnRule", 
      "type": "int"
    }, 
    "sources": {
      "description": "List of local subnets. Specifying no value is interpreted as 0.0.0.0/0.", 
      "items": {
        "$ref": "IPSecVpnSubnet
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Source list", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IPSec VPN Rule", 
  "type": "object"
}

IPSecVpnService (type) 

{
  "additionalProperties": false, 
  "description": "Create and manage IPSec VPN service for given locale service.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IPSecVpnService", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "bypass_rules": {
      "description": "Bypass policy rules are configured using VPN service. Bypass rules always have higher priority over protect rules and they affect all policy based vpn sessions associated with the IPSec VPN service. Protect rules are defined per policy based vpn session.", 
      "items": {
        "$ref": "IPSecVpnRule
      }, 
      "required": false, 
      "title": "Bypass Policy rules", 
      "type": "array"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "If true, enable VPN services for given locale service.", 
      "title": "Enable virtual private network (VPN) service", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ike_log_level": {
      "default": "INFO", 
      "description": "Log level for internet key exchange (IKE).", 
      "enum": [
        "DEBUG", 
        "INFO", 
        "WARN", 
        "ERROR", 
        "EMERGENCY"
      ], 
      "title": "Internet key exchange (IKE) log level", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IPSec VPN service", 
  "type": "object"
}

IPSecVpnServiceListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Request parameters to get filtered list of IPSecVpnService.", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "IPSecVpnServiceListRequestParameters", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IPSecVpnService list request parameters", 
  "type": "object"
}

IPSecVpnServiceListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paged Collection of IPSecVpnService.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPSecVpnServiceListResult", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "IPSecVpnService list results.", 
      "items": {
        "$ref": "IPSecVpnService
      }, 
      "required": true, 
      "title": "IPSecVpnService list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of IPSecVpnService", 
  "type": "object"
}

IPSecVpnSession (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "VPN session defines connection between local and peer endpoint. Until VPN session is defined configuration is not realized.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IPSecVpnSession", 
  "module_id": "PolicyIPSecVpn", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "authentication_mode": {
      "default": "PSK", 
      "description": "Peer authentication mode. PSK - In this mode a secret key shared between local and peer sites is to be used for authentication. The secret key can be a string with a maximum length of 128 characters. CERTIFICATE - In this mode a certificate defined at the global level is to be used for authentication.", 
      "enum": [
        "PSK", 
        "CERTIFICATE"
      ], 
      "title": "Authentication Mode", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "compliance_suite": {
      "description": "Compliance suite.", 
      "enum": [
        "CNSA", 
        "SUITE_B_GCM_128", 
        "SUITE_B_GCM_256", 
        "PRIME", 
        "FOUNDATION", 
        "FIPS", 
        "NONE"
      ], 
      "title": "Compliance suite", 
      "type": "string"
    }, 
    "connection_initiation_mode": {
      "default": "INITIATOR", 
      "description": "Connection initiation mode used by local endpoint to establish ike connection with peer site. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.", 
      "enum": [
        "INITIATOR", 
        "RESPOND_ONLY", 
        "ON_DEMAND"
      ], 
      "title": "Connection initiation mode", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "dpd_profile_path": {
      "description": "Policy path referencing Dead Peer Detection (DPD) profile. Default is set to system default profile.", 
      "title": "Dead peer detection (DPD) profile path", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Enable/Disable IPSec VPN session.", 
      "title": "Enable/Disable IPSec VPN session", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ike_profile_path": {
      "description": "Policy path referencing IKE profile to be used. Default is set according to system default profile.", 
      "title": "Internet key exchange (IKE) profile path", 
      "type": "string"
    }, 
    "local_endpoint_path": {
      "description": "Policy path referencing Local endpoint.", 
      "required": true, 
      "title": "Local endpoint path", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "peer_address": {
      "description": "Public IPV4 address of the remote device terminating the VPN connection.", 
      "required": true, 
      "title": "IPV4 address of peer endpoint on remote site", 
      "type": "string"
    }, 
    "peer_id": {
      "description": "Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer.", 
      "required": true, 
      "title": "Peer id", 
      "type": "string"
    }, 
    "psk": {
      "description": "IPSec Pre-shared key. Maximum length of this field is 128 characters.", 
      "sensitive": true, 
      "title": "Pre-shared key", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "IPSecVpnSessionResourceType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_mss_clamping": {
      "$ref": "TcpMaximumSegmentSizeClamping, 
      "description": "TCP Maximum Segment Size Clamping Direction and Value.", 
      "title": "TCP MSS Clamping"
    }, 
    "tunnel_profile_path": {
      "description": "Policy path referencing Tunnel profile to be used. Default is set to system default profile.", 
      "title": "IPSec tunnel profile path", 
      "type": "string"
    }
  }, 
  "title": "IPSec VPN session", 
  "type": "object"
}

IPSecVpnSessionListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Request parameters to get filtered list of IPSecVpnSession.", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "IPSecVpnSessionListRequestParameters", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IPSecVpnSession list request parameters", 
  "type": "object"
}

IPSecVpnSessionListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paged Collection of IPSecVpnSession.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPSecVpnSessionListResult", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "IPSecVpnSession list results.", 
      "items": {
        "$ref": "IPSecVpnSession
      }, 
      "required": true, 
      "title": "IPSecVpnSession list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of IPSecVpnSession", 
  "type": "object"
}

IPSecVpnSessionResourceType (type) 

{
  "additionalProperties": false, 
  "description": "A Policy Based VPN requires to define protect rules that match   local and peer subnets. IPSec security associations is   negotiated for each pair of local and peer subnet. A Route Based VPN is more flexible, more powerful and recommended over   policy based VPN. IP Tunnel port is created and all traffic routed via   tunnel port is protected. Routes can be configured statically   or can be learned through BGP. A route based VPN is must for establishing   redundant VPN session to remote site.", 
  "enum": [
    "PolicyBasedIPSecVpnSession", 
    "RouteBasedIPSecVpnSession"
  ], 
  "id": "IPSecVpnSessionResourceType", 
  "module_id": "PolicyIPSecVpn", 
  "title": "Resource types of IPsec VPN session", 
  "type": "string"
}

IPSecVpnSessionStatisticsNsxT (type) 

{
  "additionalProperties": false, 
  "description": "IPSec VPN session statistics represents statistics on an NSX-T type of enforcement point. It gives aggregated statistics of all policies for all the tunnels.", 
  "extends": {
    "$ref": "IPSecVpnSessionStatisticsPerEP
  }, 
  "id": "IPSecVpnSessionStatisticsNsxT", 
  "module_id": "PolicyVpnStats", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IPSecVpnSessionStatisticsNsxT"
  }, 
  "properties": {
    "aggregate_traffic_counters": {
      "$ref": "IPSecVpnTrafficCounters, 
      "description": "Aggregate traffic statistics across all ipsec tunnels.", 
      "readonly": true, 
      "title": "Traffic summary"
    }, 
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "ike_status": {
      "$ref": "IPSecVpnIkeSessionStatus, 
      "description": "Status for IPSec VPN Ike session UP/DOWN and fail reason if Ike session is down.", 
      "readonly": true, 
      "title": "Ike status summary"
    }, 
    "ike_traffic_statistics": {
      "$ref": "IPSecVpnIkeTrafficStatistics, 
      "description": "Traffic statistics for IPSec VPN Ike session.", 
      "readonly": true, 
      "title": "Ike traffic statistics"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "readonly": true, 
      "title": "Last updated timestamp"
    }, 
    "policy_statistics": {
      "description": "Gives aggregate traffic statistics across all ipsec tunnels and individual tunnel statistics.", 
      "items": {
        "$ref": "IpSecVpnPolicyTrafficStatistics
      }, 
      "readonly": true, 
      "title": "IPSec policy statistics", 
      "type": "array"
    }, 
    "resource_type": {
      "enum": [
        "IPSecVpnSessionStatisticsNsxT"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "IPSec VPN session statistics", 
  "type": "object"
}

IPSecVpnSessionStatisticsPerEP (type) 

{
  "abstract": true, 
  "description": "IPSec VPN Session Statistics Per Enforcement Point.", 
  "extends": {
    "$ref": "PolicyRuntimeInfoPerEP
  }, 
  "id": "IPSecVpnSessionStatisticsPerEP", 
  "module_id": "PolicyVpnStats", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "IPSecVpnSessionStatisticsNsxT"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "IPSec VPN Session Statistics Per Enforcement Point", 
  "type": "object"
}

IPSecVpnSessionStatusNsxT (type) 

{
  "additionalProperties": false, 
  "description": "IPSec VPN Session Status represents status on an NSX-T type of enforcement point.", 
  "extends": {
    "$ref": "IPSecVpnSessionStatusPerEP
  }, 
  "id": "IPSecVpnSessionStatusNsxT", 
  "module_id": "PolicyVpnStats", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IPSecVpnSessionStatisticsNsxT"
  }, 
  "properties": {
    "aggregate_traffic_counters": {
      "$ref": "IPSecVpnTrafficCounters, 
      "description": "Aggregate traffic statistics across all ipsec tunnels.", 
      "readonly": true, 
      "title": "Traffic summary"
    }, 
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "failed_tunnels": {
      "description": "Number of failed tunnels.", 
      "readonly": true, 
      "title": "Failed tunnels", 
      "type": "integer"
    }, 
    "ike_status": {
      "$ref": "IPSecVpnIkeSessionStatus, 
      "description": "Status for IPSec VPN IKE session UP/DOWN and fail reason if IKE session is down.", 
      "readonly": true, 
      "title": "IKE status"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "readonly": true, 
      "title": "Last updated timestamp"
    }, 
    "negotiated_tunnels": {
      "description": "Number of negotiated tunnels.", 
      "readonly": true, 
      "title": "Negotiated tunnels", 
      "type": "integer"
    }, 
    "resource_type": {
      "enum": [
        "IPSecVpnSessionStatusNsxT"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Gives session status consolidated using IKE status and tunnel status. It can be UP, DOWN, DEGRADED. If IKE and all tunnels are UP status will be UP, if all down it will be DOWN, otherwise it will be DEGRADED.", 
      "enum": [
        "UP", 
        "DOWN", 
        "DEGRADED"
      ], 
      "readonly": true, 
      "title": "Session Runtime Status", 
      "type": "string"
    }, 
    "total_tunnels": {
      "description": "Total number of tunnels.", 
      "readonly": true, 
      "title": "Total tunnels", 
      "type": "integer"
    }
  }, 
  "title": "IPSec VPN session traffic summary", 
  "type": "object"
}

IPSecVpnSessionStatusPerEP (type) 

{
  "abstract": true, 
  "description": "IPSec VPN Session Status Per Enforcement Point.", 
  "extends": {
    "$ref": "PolicyRuntimeInfoPerEP
  }, 
  "id": "IPSecVpnSessionStatusPerEP", 
  "module_id": "PolicyVpnStats", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "IPSecVpnSessionStatusNsxT"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "IPSec VPN Session Status Per Enforcement Point", 
  "type": "object"
}

IPSecVpnSubnet (type) 

{
  "additionalProperties": false, 
  "description": "Used to specify the local/peer subnets in IPSec VPN rule.", 
  "id": "IPSecVpnSubnet", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "subnet": {
      "$ref": "IPv4CIDRBlock, 
      "description": "Subnet used in policy rule.", 
      "required": true, 
      "title": "Peer or local subnet"
    }
  }, 
  "title": "Subnet for IPSec Policy based VPN", 
  "type": "object"
}

IPSecVpnTrafficCounters (type) 

{
  "additionalProperties": false, 
  "description": "Traffic counters for IPSec VPN session.", 
  "id": "IPSecVpnTrafficCounters", 
  "module_id": "PolicyVPNStatistics", 
  "properties": {
    "bytes_in": {
      "description": "Total number of bytes recevied.", 
      "readonly": true, 
      "title": "Bytes in", 
      "type": "integer"
    }, 
    "bytes_out": {
      "description": "Total number of bytes sent.", 
      "readonly": true, 
      "title": "Bytes out", 
      "type": "integer"
    }, 
    "dropped_packets_in": {
      "description": "Total number of incoming packets dropped on inbound security association.", 
      "readonly": true, 
      "title": "Dropped incoming packets", 
      "type": "integer"
    }, 
    "dropped_packets_out": {
      "description": "Total number of outgoing packets dropped on outbound security association.", 
      "readonly": true, 
      "title": "Dropped outgoing packets", 
      "type": "integer"
    }, 
    "packets_in": {
      "description": "Total number of packets received.", 
      "readonly": true, 
      "title": "Packets in", 
      "type": "integer"
    }, 
    "packets_out": {
      "description": "Total number of packets sent.", 
      "readonly": true, 
      "title": "Packets out", 
      "type": "integer"
    }
  }, 
  "title": "IPSec VPN traffic counters", 
  "type": "object"
}

IPSecVpnTransportStatus (type) 

{
  "additionalProperties": false, 
  "description": "Provides IPSec VPN session status.", 
  "extends": {
    "$ref": "L2VPNSessionTransportTunnelStatus
  }, 
  "id": "IPSecVpnTransportStatus", 
  "module_id": "PolicyVpnStats", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IPSecVpnTransportStatus"
  }, 
  "properties": {
    "resource_type": {
      "enum": [
        "IPSecVpnTransportStatus"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "session_status": {
      "$ref": "IPSecVpnSessionStatusNsxT, 
      "readonly": true, 
      "title": "IPSec VPN Session status"
    }, 
    "transport_tunnel_path": {
      "description": "Policy path referencing Transport Tunnel.", 
      "readonly": true, 
      "title": "Policy path referencing Transport Tunnel", 
      "type": "string"
    }
  }, 
  "title": "IPSec VPN Session status", 
  "type": "object"
}

IPSecVpnTunnelInterface (type) 

{
  "additionalProperties": false, 
  "description": "IP tunnel interface configuration.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IPSecVpnTunnelInterface", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_subnets": {
      "description": "IP Tunnel interface (commonly referred as VTI) subnet.", 
      "items": {
        "$ref": "TunnelInterfaceIPSubnet
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "IP Tunnel interface subnet", 
      "type": "array"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IP tunnel interface configuration", 
  "type": "object"
}

IPSecVpnTunnelProfile (type) 

{
  "additionalProperties": false, 
  "description": "IPSec VPN tunnel profile is a reusable profile that captures phase two negotiation parameters and IPSec tunnel properties. Any changes affects all IPSec VPN sessions consuming this profile.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IPSecVpnTunnelProfile", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "df_policy": {
      "default": "COPY", 
      "description": "Defragmentation policy helps to handle defragmentation bit present in the inner packet. COPY copies the defragmentation bit from the inner IP packet into the outer packet. CLEAR ignores the defragmentation bit present in the inner packet.", 
      "enum": [
        "COPY", 
        "CLEAR"
      ], 
      "title": "Policy for handling defragmentation bit", 
      "type": "string"
    }, 
    "dh_groups": {
      "description": "Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.", 
      "items": {
        "$ref": "DhGroup
      }, 
      "title": "Dh group", 
      "type": "array"
    }, 
    "digest_algorithms": {
      "description": "Algorithm to be used for message digest. Default digest algorithm is implicitly covered by default encryption algorithm \"AES_GCM_128\".", 
      "items": {
        "$ref": "IPSecDigestAlgorithm
      }, 
      "title": "Algorithm for message hash", 
      "type": "array"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enable_perfect_forward_secrecy": {
      "default": true, 
      "description": "If true, perfect forward secrecy (PFS) is enabled.", 
      "title": "Enable perfect forward secrecy", 
      "type": "boolean"
    }, 
    "encryption_algorithms": {
      "description": "Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.", 
      "items": {
        "$ref": "IPSecEncryptionAlgorithm
      }, 
      "title": "Encryption algorithm to use in IPSec tunnel establishement", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sa_life_time": {
      "default": 3600, 
      "description": "SA life time specifies the expiry time of security association. Default is 3600 seconds.", 
      "maximum": 31536000, 
      "minimum": 900, 
      "title": "Security association (SA) life time", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IPSec VPN tunnel profile", 
  "type": "object"
}

IPSecVpnTunnelProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Request parameters to get filtered list of IPSecVpnTunnelProfile.", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "IPSecVpnTunnelProfileListRequestParameters", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IPSecVpnTunnelProfile list request parameters", 
  "type": "object"
}

IPSecVpnTunnelProfileListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paged Collection of IPSecVpnTunnelProfile.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPSecVpnTunnelProfileListResult", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "IPSecVpnTunnelProfile list results.", 
      "items": {
        "$ref": "IPSecVpnTunnelProfile
      }, 
      "required": true, 
      "title": "IPSecVpnTunnelProfile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of IPSecVpnTunnelProfile", 
  "type": "object"
}

IPSet (type) 

{
  "additionalProperties": false, 
  "description": "IPSet is used to group individual IP addresses, range of IP addresses or subnets. An IPSet is a homogeneous group of IP addresses, either of type IPv4 or of type IPv6. IPSets can be used as source or destination in firewall rules. These can also be used as members of NSGroups.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IPSet", 
  "module_id": "IPSet", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_addresses": {
      "items": {
        "$ref": "IPElement
      }, 
      "maxItems": 4000, 
      "required": false, 
      "title": "IP addresses", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Set of one or more IP addresses", 
  "type": "object"
}

IPSetDeleteRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DeleteRequestParameters
  }, 
  "id": "IPSetDeleteRequestParameters", 
  "module_id": "IPSet", 
  "properties": {
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }
  }, 
  "title": "IPSet delete request parameters", 
  "type": "object"
}

IPSetListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "IPSetListRequestParameters", 
  "module_id": "IPSet", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IPSet list request parameters", 
  "type": "object"
}

IPSetListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IPSetListResult", 
  "module_id": "IPSet", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPSet
      }, 
      "required": true, 
      "title": "IPSet list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of IPSets", 
  "type": "object"
}

IPSubnet (type) 

{
  "additionalProperties": false, 
  "id": "IPSubnet", 
  "module_id": "LogicalRouterPorts", 
  "properties": {
    "ip_addresses": {
      "description": "All IP addresses, some of which  may be automatically configured. When updating this field, the payload may contain only the IP addresses that should be changed, or may contain the IP addresses to change as well as the automatically assigned addresses. Currently, only one updatable address and one system-maintained address are supported. Currently, the system-maintained address supported is Extended Unique Identifier(EUI)-64 address. EUI-64 address is generated by the system only when user configured ip-subnet has prefix length less than or equal to 64.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "maxItems": 2, 
      "minItems": 1, 
      "required": true, 
      "title": "IP Addresses", 
      "type": "array"
    }, 
    "prefix_length": {
      "maximum": 128, 
      "minimum": 1, 
      "required": true, 
      "title": "Subnet Prefix Length", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

IPsecVPNIKESessionSummary (type) 

{
  "additionalProperties": false, 
  "description": "IPSec VPN session status summary, gives total, failed, degraded and established IPSec VPN sessions.", 
  "id": "IPsecVPNIKESessionSummary", 
  "module_id": "VPNStatistics", 
  "properties": {
    "degraded_sessions": {
      "description": "Number of degraded sessions.", 
      "readonly": true, 
      "title": "Degraded sessions", 
      "type": "integer"
    }, 
    "established_sessions": {
      "description": "Number of established sessions.", 
      "readonly": true, 
      "title": "Established sessions", 
      "type": "integer"
    }, 
    "failed_sessions": {
      "description": "Number of failed sessions.", 
      "readonly": true, 
      "title": "Failed sessions", 
      "type": "integer"
    }, 
    "total_sessions": {
      "description": "Total sessions configured.", 
      "readonly": true, 
      "title": "Total sessions", 
      "type": "integer"
    }
  }, 
  "title": "IPSec VPN session status summary", 
  "type": "object"
}

IPv4Address (type) 

{
  "format": "ipv4", 
  "id": "IPv4Address", 
  "module_id": "Common", 
  "title": "IPv4 address", 
  "type": "string"
}

IPv4AddressProperties (type) 

{
  "additionalProperties": false, 
  "id": "IPv4AddressProperties", 
  "properties": {
    "ip_address": {
      "pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$", 
      "title": "Interface IPv4 address", 
      "type": "string"
    }, 
    "netmask": {
      "pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$", 
      "title": "Interface netmask", 
      "type": "string"
    }
  }, 
  "title": "IPv4 address properties", 
  "type": "object"
}

IPv4CIDRBlock (type) 

{
  "format": "ipv4-cidr-block", 
  "id": "IPv4CIDRBlock", 
  "module_id": "Common", 
  "title": "IPv4 CIDR Block", 
  "type": "string"
}

IPv4DhcpServer (type) 

{
  "additionalProperties": false, 
  "description": "DHCP server to support IPv4 DHCP service. Properties defined at DHCP server level can be overridden by ip-pool or static-binding level properties.", 
  "id": "IPv4DhcpServer", 
  "module_id": "Dhcp", 
  "properties": {
    "dhcp_server_ip": {
      "$ref": "IPv4CIDRBlock, 
      "description": "DHCP server ip in CIDR format.", 
      "required": true, 
      "title": "DHCP server ip in CIDR format"
    }, 
    "dns_nameservers": {
      "description": "Primary and secondary DNS server address to assign host. They can be overridden by ip-pool or static-binding level property.", 
      "items": {
        "$ref": "IPv4Address
      }, 
      "maxItems": 2, 
      "minItems": 0, 
      "required": false, 
      "title": "DNS ips", 
      "type": "array"
    }, 
    "domain_name": {
      "description": "Host name or prefix to be assigned to host. It can be overridden by ip-pool or static-binding level property.", 
      "format": "hostname", 
      "required": false, 
      "title": "Domain name", 
      "type": "string"
    }, 
    "gateway_ip": {
      "$ref": "IPv4Address, 
      "description": "Gateway ip to be assigned to host. It can be overridden by ip-pool or static-binding level property.", 
      "required": false, 
      "title": "Gateway ip"
    }, 
    "monitor_ippool_usage": {
      "default": false, 
      "description": "Enable or disable monitoring of DHCP ip-pools usage. When enabled, system events are generated when pool usage exceeds the configured thresholds. System events can be viewed in REST API /api/v2/hpm/alarms", 
      "required": false, 
      "title": "Enable/disable monitoring DHCP ip-pool usage", 
      "type": "boolean"
    }, 
    "options": {
      "$ref": "DhcpOptions, 
      "description": "Defines the default options for all ip-pools and static-bindings of this server. These options will be ignored if options are defined for ip-pools or static-bindings.", 
      "required": false, 
      "title": "DHCP options"
    }
  }, 
  "title": "DHCP server to support IPv4 DHCP service", 
  "type": "object"
}

IPv4DiscoveryOptions (type) 

{
  "additionalProperties": false, 
  "description": "Contains IPv4 related discovery options.", 
  "id": "IPv4DiscoveryOptions", 
  "module_id": "PolicyIpDiscovery", 
  "properties": {
    "arp_snooping_config": {
      "$ref": "ArpSnoopingConfig, 
      "description": "Indicates ARP snooping options", 
      "required": false, 
      "title": "ARP snooping configuration"
    }, 
    "dhcp_snooping_enabled": {
      "default": true, 
      "description": "Indicates whether DHCP snooping is enabled", 
      "required": false, 
      "title": "Is DHCP snooping enabled or not", 
      "type": "boolean"
    }, 
    "vmtools_enabled": {
      "default": true, 
      "description": "Indicates whether fetching IP using vm-tools is enabled. This option is only supported on ESX where vm-tools is installed.", 
      "required": false, 
      "title": "Is VM tools enabled or not", 
      "type": "boolean"
    }
  }, 
  "title": "IPv4 discovery options", 
  "type": "object"
}

IPv6Address (type) 

{
  "format": "ipv6", 
  "id": "IPv6Address", 
  "module_id": "Common", 
  "title": "IPv6 address", 
  "type": "string"
}

IPv6CIDRBlock (type) 

{
  "format": "ipv6-cidr-block", 
  "id": "IPv6CIDRBlock", 
  "module_id": "Common", 
  "title": "IPv6 CIDR Block", 
  "type": "string"
}

IPv6DADStatus (type) 

{
  "additionalProperties": false, 
  "id": "IPv6DADStatus", 
  "module_id": "LogicalRouterPorts", 
  "properties": {
    "ip_address": {
      "$ref": "IPAddress, 
      "description": "IP address on the port for which DAD status is reported.", 
      "readonly": true, 
      "required": false, 
      "title": "IP address"
    }, 
    "status": {
      "$ref": "DADStatus, 
      "description": "DAD status for IP address on the port.", 
      "readonly": true, 
      "required": false, 
      "title": "DAD Status"
    }, 
    "transport_node": {
      "description": "Array of transport node id on which DAD status is reported for given IP address.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Transport node", 
      "type": "array"
    }
  }, 
  "title": "IPv6 DAD status", 
  "type": "object"
}

IPv6DiscoveryOptions (type) 

{
  "additionalProperties": false, 
  "description": "Contains IPv6 related discovery options.", 
  "id": "IPv6DiscoveryOptions", 
  "module_id": "PolicyIpDiscovery", 
  "properties": {
    "dhcp_snooping_v6_enabled": {
      "default": false, 
      "description": "Enable this method will snoop the DHCPv6 message transaction which a VM makes with a DHCPv6 server. From the transaction, we learn the IPv6 addresses assigned by the DHCPv6 server to this VM along with its lease time.", 
      "required": false, 
      "title": "Is DHCP snoping v6 enabled or not", 
      "type": "boolean"
    }, 
    "nd_snooping_config": {
      "$ref": "NdSnoopingConfig, 
      "description": "Indicates ND snooping options", 
      "required": false, 
      "title": "ND snooping configuration"
    }, 
    "vmtools_v6_enabled": {
      "default": false, 
      "description": "Enable this method will learn the IPv6 addresses which are configured on interfaces of a VM with the help of the VMTools software.", 
      "required": false, 
      "type": "boolean"
    }
  }, 
  "title": "IPv6 discovery options", 
  "type": "object"
}

IPv6Profiles (type) 

{
  "additionalProperties": false, 
  "id": "IPv6Profiles", 
  "module_id": "LogicalRouter", 
  "properties": {
    "dad_profile_id": {
      "description": "Identifier of Duplicate Address Detection profile. DAD profile has various configurations related to duplicate address detection. If no profile is associated manually to the router, then the system defined default DAD profile will be automatically applied.", 
      "required": false, 
      "title": "DAD profile identifier", 
      "type": "string"
    }, 
    "ndra_profile_id": {
      "description": "Identifier of Neighbor Discovery Router Advertisement profile. NDRA profile has various configurations required for router advertisement. If no profile is associated manually to the router, then the system defined default NDRA profile will be automatically applied.", 
      "required": false, 
      "title": "NDRA profile identifier", 
      "type": "string"
    }
  }, 
  "type": "object"
}

IPv6Status (type) 

{
  "additionalProperties": false, 
  "id": "IPv6Status", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "dad_statuses": {
      "description": "Array of DAD status which contains DAD information for IP addresses on the interface.", 
      "items": {
        "$ref": "IPv6DADStatus
      }, 
      "readonly": true, 
      "title": "IPv6 DAD status", 
      "type": "array"
    }, 
    "interface_id": {
      "description": "Policy path or realization ID of interface for which IPv6 DAD status is returned.", 
      "title": "Policy path or realization ID of interface", 
      "type": "string"
    }
  }, 
  "title": "IPv6 status", 
  "type": "object"
}

IcmpEchoRequestHeader (type) 

{
  "additionalProperties": false, 
  "id": "IcmpEchoRequestHeader", 
  "module_id": "Traceflow", 
  "properties": {
    "id": {
      "default": 0, 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "ICMP id", 
      "type": "integer"
    }, 
    "sequence": {
      "default": 0, 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "ICMP sequence number", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

IcmpPolicyLbMonitorProfile (type) 

{
  "additionalProperties": false, 
  "description": "Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the PolicyLbRule object. This represents active health monitoring over ICMP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healt hchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
  "extends": {
    "$ref": "PolicyLbMonitorProfile
  }, 
  "id": "IcmpPolicyLbMonitorProfile", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IcmpPolicyLbMonitorProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.", 
      "required": false, 
      "title": "Monitor fall count for active healthchecks", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.", 
      "required": false, 
      "title": "Monitor interval in seconds for active healthchecks", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "monitor_port": {
      "description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Monitor port for active healthchecks", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "TcpPolicyLbMonitorProfile", 
        "UdpPolicyLbMonitorProfile", 
        "IcmpPolicyLbMonitorProfile", 
        "HttpPolicyLbMonitorProfile", 
        "HttpsPolicyLbMonitorProfile"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "rise_count": {
      "default": 3, 
      "description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.", 
      "required": false, 
      "title": "Monitor rise count for active healthchecks", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "description": "Timeout specified in seconds.  After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
      "required": false, 
      "title": "Monitor timeout in seconds for active healthchecks", 
      "type": "integer"
    }
  }, 
  "title": "PolicyLbMonitorProfile for active health checks over ICMP", 
  "type": "object"
}

Icon (type) 

{
  "additionalProperties": false, 
  "description": "Icon to be applied at dashboard for widgets and UI elements.", 
  "id": "Icon", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "placement": {
      "default": "PRE", 
      "description": "If specified as PRE, the icon appears before the UI element. If set as POST, the icon appears after the UI element.", 
      "enum": [
        "PRE", 
        "POST"
      ], 
      "title": "Position at which to display icon, if any", 
      "type": "string"
    }, 
    "tooltip": {
      "description": "Multi-line text to be shown on tooltip while hovering over the icon.", 
      "items": {
        "$ref": "Tooltip
      }, 
      "title": "Multi-line tooltip", 
      "type": "array"
    }, 
    "type": {
      "description": "Icon will be rendered based on its type. For example, if ERROR is chosen, then icon representing error will be rendered.", 
      "enum": [
        "ERROR", 
        "WARNING", 
        "INFO", 
        "INPROGRESS", 
        "SUCCESS", 
        "DETAIL", 
        "NOT_AVAILABLE", 
        "SECURITY", 
        "NETWORKING", 
        "LOAD_BALANCER", 
        "VPN", 
        "DOMAIN", 
        "GROUP", 
        "DISTRIBUTED_FIREWALL", 
        "NETWORKING_TIER0", 
        "NETWORKING_TIER1", 
        "SEGMENT", 
        "SYSTEM", 
        "SYSTEM_FABRIC", 
        "SYSTEM_BACKUPRESTORE", 
        "INVENTORY_GROUPS", 
        "SECURITY_DFW"
      ], 
      "title": "Type of icon", 
      "type": "string"
    }
  }, 
  "title": "Icon", 
  "type": "object"
}

IdentityGroupExpression (type) 

{
  "additionalProperties": false, 
  "description": "Represents a list of identity group (Ad group SID) expressions.", 
  "extends": {
    "$ref": "Expression
  }, 
  "id": "IdentityGroupExpression", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IdentityGroupExpression"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "identity_groups": {
      "description": "This array consists of set of identity group object. All members within this array are implicitly OR'ed together.", 
      "items": {
        "$ref": "IdentityGroupInfo
      }, 
      "maxItems": 500, 
      "minItems": 1, 
      "required": true, 
      "title": "Array of identity group", 
      "type": "array"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "Condition", 
        "ConjunctionOperator", 
        "NestedExpression", 
        "IPAddressExpression", 
        "MACAddressExpression", 
        "ExternalIDExpression", 
        "PathExpression", 
        "IdentityGroupExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IdentityGroup expression node", 
  "type": "object"
}

IdentityGroupInfo (type) 

{
  "id": "IdentityGroupInfo", 
  "module_id": "PolicyIdentity", 
  "properties": {
    "distinguished_name": {
      "description": "Each LDAP object is uniquely identified by its distinguished name (DN). A DN is a sequence of relative distinguished names (RDN) connected by commas. e.g. CN=Larry Cole,CN=admin,DC=corp,DC=acme,DC=com. A valid fully qualified distinguished name should be provided to include specific groups else the create / update realization of the Group containing an invalid/ partial DN will fail. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.", 
      "required": true, 
      "title": "LDAP distinguished name", 
      "type": "string"
    }, 
    "domain_base_distinguished_name": {
      "description": "This is the base distinguished name for the domain where this particular group resides. (e.g. dc=example,dc=com) Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.", 
      "required": true, 
      "title": "Identity (Directory) domain base distinguished name", 
      "type": "string"
    }, 
    "sid": {
      "description": "A security identifier (SID) is a unique value of variable length used to identify a trustee. A SID consists of the following components: The revision level of the SID structure; A 48-bit identifier authority value that identifies the authority that issued the SID; A variable number of subauthority or relative identifier (RID) values that uniquely identify the trustee relative to the authority that issued the SID. This field is only populated for Microsoft Active Directory identity store.", 
      "required": false, 
      "title": "Identity (Directory) Group SID (security identifier)", 
      "type": "string"
    }
  }, 
  "title": "Identity (Directory) group", 
  "type": "object"
}

IdfwComputeCollectionCondition (type) 

{
  "description": "Status of the Identity Firewall enabled Compute collection.", 
  "id": "IdfwComputeCollectionCondition", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "status": {
      "enum": [
        "UNKNOWN", 
        "UP", 
        "DOWN", 
        "DFW_DISABLED", 
        "IDFW_DISABLED"
      ], 
      "required": true, 
      "title": "IDFW enabled Compute collection status.", 
      "type": "string"
    }, 
    "status_detail": {
      "description": "Status of the Compute collection.", 
      "required": false, 
      "title": "Compute collection status.", 
      "type": "string"
    }
  }, 
  "title": "IDFW Compute collection status.", 
  "type": "object"
}

IdfwComputeCollectionListResult (type) 

{
  "description": "List of compute collection ids and status connected to VC.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IdfwComputeCollectionListResult", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of IDFW compute collection Ids and status connected to VC.", 
      "items": {
        "$ref": "IdfwComputeCollectionStatus
      }, 
      "required": true, 
      "title": "List of IDFW ComputeCollection.", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of IDFW enabled compute collections connected to VC", 
  "type": "object"
}

IdfwComputeCollectionStatus (type) 

{
  "description": "compute collection ID and status connected to VC.", 
  "id": "IdfwComputeCollectionStatus", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "compute_collection_id": {
      "description": "IDFW compute collection ID connected to VC.", 
      "required": true, 
      "title": "IDFW compute collection ID.", 
      "type": "string"
    }, 
    "compute_collection_status": {
      "description": "IDFW enabled compute collection status.", 
      "items": {
        "$ref": "IdfwComputeCollectionCondition
      }, 
      "title": "Compute collection status.", 
      "type": "array"
    }
  }, 
  "title": "IDFW compute collection ID and status.", 
  "type": "object"
}

IdfwDirGroupUserSessionMapping (type) 

{
  "additionalProperties": false, 
  "description": "Identity Firewall NSGorup to user mapping to link DirGroup to user session data.", 
  "id": "IdfwDirGroupUserSessionMapping", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "dir_group_id": {
      "description": "Directory Group ID.", 
      "readonly": true, 
      "required": true, 
      "title": "Directory Group ID", 
      "type": "string"
    }, 
    "user_id": {
      "description": "User ID.", 
      "readonly": true, 
      "required": true, 
      "title": "User ID", 
      "type": "string"
    }
  }, 
  "title": "Identity Firewall NSGorup to user mapping to link DirGroup to user session data", 
  "type": "object"
}

IdfwEnabledComputeCollection (type) 

{
  "additionalProperties": false, 
  "description": "Compute collection enabled for Identity Firewall where login events will be collected.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IdfwEnabledComputeCollection", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "compute_collection_id": {
      "description": "Compute collection ID.", 
      "required": true, 
      "title": "Compute collection ID", 
      "type": "string"
    }, 
    "compute_collection_name": {
      "description": "Compute collection name.", 
      "title": "Compute collection name", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "description": "Compute collection enabled status (true=Enabled / false=Disabled).", 
      "required": true, 
      "title": "Enabled/disabled", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Identity Firewall enabled compute collection", 
  "type": "object"
}

IdfwEnabledComputeCollectionListResult (type) 

{
  "additionalProperties": false, 
  "description": "List of compute collections enabled for IDFW where login events will be collected.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IdfwEnabledComputeCollectionListResult", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of IDFW Enabled Compute Collections.", 
      "items": {
        "$ref": "IdfwEnabledComputeCollection
      }, 
      "required": true, 
      "title": "List of IDFW Enabled Compute Collections", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Identity Firewall enabled compute collection list", 
  "type": "object"
}

IdfwMasterSwitchSetting (type) 

{
  "description": "Identity Firewall master switch setting.  This setting enables or disables Identity Firewall feature across the system.  It affects compute collections, hypervisor and virtual machines.  This operation is expensive and also has big impact and implication on system perforamce.", 
  "id": "IdfwMasterSwitchSetting", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "idfw_master_switch_enabled": {
      "description": "IDFW master switch (true=Enabled / false=Disabled).", 
      "required": true, 
      "title": "IDFW master switch", 
      "type": "boolean"
    }
  }, 
  "title": "Identity Firewall master switch setting", 
  "type": "object"
}

IdfwNsgroupVmDetailListResult (type) 

{
  "additionalProperties": false, 
  "description": "Identity Firewall user login/session data for a single NSGroup.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IdfwNsgroupVmDetailListResult", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "ns_group_id": {
      "readonly": true, 
      "required": true, 
      "title": "NSGroup ID", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IdfwVmDetail
      }, 
      "required": true, 
      "title": "List of user login/session data for a single VM", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Identity Firewall user login/session data for a single NSGroup", 
  "type": "object"
}

IdfwStandaloneHostsSwitchSetting (type) 

{
  "description": "Identity Firewall standalone hosts switch setting. This setting enables or disables Identity Firewall feature on all standalone hosts.", 
  "id": "IdfwStandaloneHostsSwitchSetting", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "standalone_hosts_enabled": {
      "description": "IDFW standalone hosts switch (true=Enabled / false=Disabled).", 
      "required": true, 
      "title": "IDFW standalone hosts switch", 
      "type": "boolean"
    }
  }, 
  "title": "Identity Firewall standalone hosts switch setting", 
  "type": "object"
}

IdfwSystemStats (type) 

{
  "additionalProperties": false, 
  "description": "Identity Firewall statistics data.", 
  "id": "IdfwSystemStats", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "num_concurrent_users": {
      "description": "Number of concurrent logged on users (across VDI & RDSH).  Multiple logins by the same user is counted as 1.", 
      "required": true, 
      "title": "Number of concurrent logged on users (across VDI & RDSH)", 
      "type": "int"
    }, 
    "num_user_sessions": {
      "description": "Number of active user sessions/logins in IDFW enabled compute collections (including both UP and DOWN hosts).  N sessions/logins by the same user is counted as n.", 
      "required": true, 
      "title": "Number of active user sessions/logins", 
      "type": "int"
    }
  }, 
  "title": "Identity Firewall statistics data", 
  "type": "object"
}

IdfwTransportNodeCondition (type) 

{
  "description": "Status of the Identity Firewall Compute Collection's transport node.", 
  "id": "IdfwTransportNodeCondition", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "status": {
      "description": "Transport node status for IDFW compute collection.", 
      "enum": [
        "UNKNOWN", 
        "UP", 
        "DOWN", 
        "NOT_PREPARED", 
        "IDFW_COMPONENT_NOT_INSTALLED", 
        "DFW_DISABLED", 
        "IDFW_DISABLED"
      ], 
      "required": true, 
      "title": "IDFW TransportNode status.", 
      "type": "string"
    }, 
    "status_detail": {
      "description": "IDFW Compute collection's transport node condition.", 
      "required": false, 
      "title": "IDFW transport node condition.", 
      "type": "string"
    }
  }, 
  "title": "IDFW transport node status.", 
  "type": "object"
}

IdfwTransportNodeStatus (type) 

{
  "description": "ID and status of the Identity Firewall enabled Compute collection's transport node.", 
  "id": "IdfwTransportNodeStatus", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "transport_node_id": {
      "description": "TransportNode ID of the Identity Firewall enabled Compute collection's transport node.", 
      "required": true, 
      "title": "IDFW TransportNode ID.", 
      "type": "string"
    }, 
    "transport_node_status": {
      "description": "Status of the IDFW transport node.", 
      "items": {
        "$ref": "IdfwTransportNodeCondition
      }, 
      "required": true, 
      "title": "IDFW TransportNode status.", 
      "type": "array"
    }
  }, 
  "title": "IDFW transport node ID and status.", 
  "type": "object"
}

IdfwTransportNodeStatusListResult (type) 

{
  "description": "Status of the Identity Firewall enabled Compute collection transport nodes.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IdfwTransportNodeStatusListResult", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of transport node ids and  status for idfw enabled Compute collection.", 
      "items": {
        "$ref": "IdfwTransportNodeStatus
      }, 
      "required": true, 
      "title": "IDFW enabled Compute collection transport node list.", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IDFW enabled Compute collection transport node and status list.", 
  "type": "object"
}

IdfwUserSessionData (type) 

{
  "additionalProperties": false, 
  "description": "Identity Firewall user session data on a client machine (typically a VM). Multiple entries for the same user can be returned if the user logins to multiple sessions on the same VM.", 
  "id": "IdfwUserSessionData", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "domain_name": {
      "description": "AD Domain of user.", 
      "required": true, 
      "title": "AD Domain", 
      "type": "string"
    }, 
    "id": {
      "description": "Identifier of user session data.", 
      "readonly": true, 
      "required": false, 
      "title": "User session data Identifier", 
      "type": "string"
    }, 
    "login_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "Login time.", 
      "required": true, 
      "title": "Login time"
    }, 
    "logout_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "Logout time if applicable.  An active user session has no logout time. Non-active user session is stored (up to last 5 most recent entries) per VM and per user.", 
      "required": false, 
      "title": "Logout time if applicable"
    }, 
    "user_id": {
      "description": "AD user ID (may not exist).", 
      "readonly": true, 
      "required": false, 
      "title": "AD user ID (may not exist)", 
      "type": "string"
    }, 
    "user_name": {
      "description": "AD user name.", 
      "required": true, 
      "title": "AD user name", 
      "type": "string"
    }, 
    "user_session_id": {
      "description": "User session ID.  This also indicates whether this is VDI / RDSH.", 
      "required": true, 
      "title": "User session ID", 
      "type": "int"
    }, 
    "vm_ext_id": {
      "description": "Virtual machine (external ID or BIOS UUID) where login/logout events occurred.", 
      "readonly": true, 
      "required": true, 
      "title": "Virtual machine external ID or BIOS UUID", 
      "type": "string"
    }
  }, 
  "title": "Identity Firewall user session data on client machine", 
  "type": "object"
}

IdfwUserSessionDataAndMappings (type) 

{
  "additionalProperties": false, 
  "description": "Identity Firewall user session data list and Directory Group to user mappings.", 
  "id": "IdfwUserSessionDataAndMappings", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "active_user_sessions": {
      "items": {
        "$ref": "IdfwUserSessionData
      }, 
      "required": true, 
      "title": "Active user session data list", 
      "type": "array"
    }, 
    "archived_user_sessions": {
      "items": {
        "$ref": "IdfwUserSessionData
      }, 
      "required": true, 
      "title": "Archived user session data list", 
      "type": "array"
    }, 
    "dir_group_to_user_session_data_mappings": {
      "items": {
        "$ref": "IdfwDirGroupUserSessionMapping
      }, 
      "required": true, 
      "title": "Directory Group to user session data mappings", 
      "type": "array"
    }
  }, 
  "title": "Identity Firewall user session data list and Directory Group to user mappings", 
  "type": "object"
}

IdfwUserStats (type) 

{
  "additionalProperties": false, 
  "description": "Identity Firewall user login/session data for a single user.", 
  "id": "IdfwUserStats", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "active_sessions": {
      "items": {
        "$ref": "IdfwUserSessionData
      }, 
      "required": true, 
      "title": "List of active (still logged in) user login/sessions data (no limit)", 
      "type": "array"
    }, 
    "archived_sessions": {
      "description": "Optional list of up to 5 most recent archived (previously logged in) user login/session data.", 
      "items": {
        "$ref": "IdfwUserSessionData
      }, 
      "required": false, 
      "title": "List of archived (previously logged in) user login/session data", 
      "type": "array"
    }, 
    "user_id": {
      "readonly": true, 
      "required": true, 
      "title": "AD user Identifier (String ID)", 
      "type": "string"
    }
  }, 
  "title": "Identity Firewall user login/session data for a single user", 
  "type": "object"
}

IdfwVirtualMachineCondition (type) 

{
  "description": "Status of the Identity Firewall compute collection's VM.", 
  "id": "IdfwVirtualMachineCondition", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "status": {
      "enum": [
        "UNKNOWN", 
        "UP", 
        "DOWN", 
        "VM_TOOLS_NOT_INSTALLED", 
        "IDFW_NOT_SUPPORTED", 
        "DFW_DISABLED", 
        "IDFW_DISABLED"
      ], 
      "required": true, 
      "title": "VM IDFW Status.", 
      "type": "string"
    }, 
    "status_detail": {
      "description": "IDFW compute collection's VM condition.", 
      "required": false, 
      "title": "IDFW VM condition.", 
      "type": "string"
    }
  }, 
  "title": "IDFW VM Status.", 
  "type": "object"
}

IdfwVirtualMachineStatus (type) 

{
  "description": "ID and status of the VM on Identity Firewall compute collection.", 
  "id": "IdfwVirtualMachineStatus", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "vm_id": {
      "description": "VM ID of the VM on Identity Firewall compute collection.", 
      "required": true, 
      "title": "IDFW Virtual Machine ID.", 
      "type": "string"
    }, 
    "vm_status": {
      "description": "Status of the Identity Firewall compute collection's Virtual Machine.", 
      "items": {
        "$ref": "IdfwVirtualMachineCondition
      }, 
      "required": true, 
      "title": "IDFW VM status.", 
      "type": "array"
    }
  }, 
  "title": "IDFW VM ID and status.", 
  "type": "object"
}

IdfwVirtualMachineStatusListResult (type) 

{
  "description": "VM ID and status of the Identity Firewall Compute collection.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IdfwVirtualMachineStatusListResult", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of VM's on Identity Firewall Compute collection.", 
      "items": {
        "$ref": "IdfwVirtualMachineStatus
      }, 
      "required": true, 
      "title": "IDFW Virtual machine list.", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IDFW VM ID and status.", 
  "type": "object"
}

IdfwVmDetail (type) 

{
  "additionalProperties": false, 
  "description": "Identity Firewall user login/session data for a single VM", 
  "id": "IdfwVmDetail", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "last_login_user_session": {
      "$ref": "ResourceReference, 
      "description": "Record of the last logged in user session (if exists).", 
      "required": false, 
      "title": "Last logged in user and time (if exists)"
    }, 
    "user_sessions": {
      "description": "List of user session data.", 
      "items": {
        "$ref": "IdfwUserSessionData
      }, 
      "required": true, 
      "title": "List of user session data", 
      "type": "array"
    }, 
    "vm_ext_id": {
      "description": "Virtual machine (external ID or BIOS UUID) where login/logout event occurred.", 
      "required": true, 
      "title": "Virtual machine external ID or BIOS UUID", 
      "type": "string"
    }, 
    "vm_ip_addresses": {
      "description": "List of client machine IP addresses.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Client VM IP addresses", 
      "type": "array"
    }
  }, 
  "title": "Identity Firewall user login/session data for a single VM", 
  "type": "object"
}

IdfwVmStats (type) 

{
  "additionalProperties": false, 
  "description": "Identity Firewall user login/session data for a single VM.", 
  "id": "IdfwVmStats", 
  "module_id": "IdentityFirewall", 
  "properties": {
    "active_sessions": {
      "items": {
        "$ref": "IdfwUserSessionData
      }, 
      "required": true, 
      "title": "List of active (still logged in) user login/sessions data (no limit)", 
      "type": "array"
    }, 
    "archived_sessions": {
      "description": "Optional list of up to 5 most recent archived (previously logged in) user login/session data.", 
      "items": {
        "$ref": "IdfwUserSessionData
      }, 
      "required": false, 
      "title": "Optional list of archived (previously logged in) user login/session data (maximum 5)", 
      "type": "array"
    }, 
    "vm_ext_id": {
      "description": "Virtual machine (external ID or BIOS UUID) where login/logout event occurred.", 
      "required": true, 
      "title": "Virtual machine external ID or BIOS UUID", 
      "type": "string"
    }
  }, 
  "title": "Identity Firewall user login/session data for a single VM", 
  "type": "object"
}

IkeDigestAlgorithm (type) 

{
  "additionalProperties": false, 
  "description": "The IkeDigestAlgorithms are used to verify message integrity during Ike negotiation. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.", 
  "enum": [
    "SHA1", 
    "SHA2_256", 
    "SHA2_384", 
    "SHA2_512"
  ], 
  "id": "IkeDigestAlgorithm", 
  "module_id": "PolicyIPSecVpn", 
  "title": "Digest Algorithms used in IKE negotiations", 
  "type": "string"
}

IkeEncryptionAlgorithm (type) 

{
  "additionalProperties": false, 
  "description": "IKEEncryption algorithms are used to ensure confidentiality of the messages exchanged during IKE negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode(GCM) and is used to provide both confidentiality and data origin authentication. AES_GCM composed of two separate functions one for encryption(AES) and one for authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only. AES_GCM_128 uses 128-bit keys. AES_GCM_192 uses 192-bit keys. AES_GCM_256 uses 256-bit keys.", 
  "enum": [
    "AES_128", 
    "AES_256", 
    "AES_GCM_128", 
    "AES_GCM_192", 
    "AES_GCM_256"
  ], 
  "id": "IkeEncryptionAlgorithm", 
  "module_id": "PolicyIPSecVpn", 
  "title": "Encryption algorithms used in IKE", 
  "type": "string"
}

IncludedFieldsParameters (type) 

{
  "additionalProperties": false, 
  "id": "IncludedFieldsParameters", 
  "module_id": "Common", 
  "properties": {
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }
  }, 
  "title": "A list of fields to include in query results", 
  "type": "object"
}

Infra (type) 

{
  "additionalProperties": false, 
  "description": "Infra space related policy.", 
  "extends": {
    "$ref": "AbstractSpace
  }, 
  "id": "Infra", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "connectivity_strategy": {
      "description": "This field indicates the default connectivity policy for the infra or tenant space WHITELIST - Adds a default drop rule. Administrator can then use \"allow\" rules (aka whitelist) to allow traffic between groups BLACKLIST - Adds a default allow rule. Admin can then use \"drop\" rules (aka blacklist) to block traffic between groups WHITELIST_ENABLE_LOGGING - Whitelising with logging enabled BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled NONE - No default rules are added.", 
      "enum": [
        "WHITELIST", 
        "BLACKLIST", 
        "WHITELIST_ENABLE_LOGGING", 
        "BLACKLIST_ENABLE_LOGGING", 
        "NONE"
      ], 
      "required": false, 
      "title": "Connectivity strategy used by this tenant", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "domains": {
      "description": "This field is used while creating or updating the infra space.", 
      "items": {
        "$ref": "Domain
      }, 
      "required": false, 
      "title": "Domains for infra", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Infra", 
  "type": "object"
}

IngressBroadcastRateLimiter (type) 

{
  "extends": {
    "$ref": "QoSBaseRateLimiter
  }, 
  "id": "IngressBroadcastRateLimiter", 
  "module_id": "PolicyQoS", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IngressBroadcastRateLimiter"
  }, 
  "properties": {
    "average_bandwidth": {
      "default": 0, 
      "descrption": "Set custom average_bandwidth for the outbound network traffic\nfrom the VM to the logical network based on broadcast.\n", 
      "minimum": 0, 
      "title": "Average bandwidth in kb/s", 
      "type": "int"
    }, 
    "burst_size": {
      "default": 0, 
      "descrition": "Set custom burst_size for the outbound network traffic\nfrom the VM to the logical network based on broadcast.\n", 
      "minimum": 0, 
      "title": "Burst size in bytes", 
      "type": "int"
    }, 
    "enabled": {
      "required": true, 
      "type": "boolean"
    }, 
    "peak_bandwidth": {
      "default": 0, 
      "desription": "Set custom peak_bandwidth for the outbound network traffic\nfrom the VM to the logical network based on broadcast.\n", 
      "minimum": 0, 
      "title": "Peak bandwidth in kb/s", 
      "type": "int"
    }, 
    "resource_type": {
      "default": "IngressRateLimiter", 
      "description": "Type rate limiter", 
      "enum": [
        "IngressRateLimiter", 
        "IngressBroadcastRateLimiter", 
        "EgressRateLimiter"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "A shaper that specifies ingress rate properties in kb/s", 
  "type": "object"
}

IngressBroadcastRateShaper (type) 

{
  "extends": {
    "$ref": "QosBaseRateShaper
  }, 
  "id": "IngressBroadcastRateShaper", 
  "module_id": "QosSwitchingProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IngressBroadcastRateShaper"
  }, 
  "properties": {
    "average_bandwidth_kbps": {
      "default": 0, 
      "minimum": 0, 
      "title": "Average bandwidth in kb/s", 
      "type": "int"
    }, 
    "burst_size_bytes": {
      "default": 0, 
      "minimum": 0, 
      "title": "Burst size in bytes", 
      "type": "int"
    }, 
    "enabled": {
      "required": true, 
      "type": "boolean"
    }, 
    "peak_bandwidth_kbps": {
      "default": 0, 
      "minimum": 0, 
      "title": "Peak bandwidth in kb/s", 
      "type": "int"
    }, 
    "resource_type": {
      "default": "IngressRateShaper", 
      "enum": [
        "IngressRateShaper", 
        "IngressBroadcastRateShaper", 
        "EgressRateShaper"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "A shaper that specifies ingress rate properties in kb/s", 
  "type": "object"
}

IngressRateLimiter (type) 

{
  "extends": {
    "$ref": "QoSBaseRateLimiter
  }, 
  "id": "IngressRateLimiter", 
  "module_id": "PolicyQoS", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IngressRateLimiter"
  }, 
  "properties": {
    "average_bandwidth": {
      "default": 0, 
      "description": "You can use the average bandwidth to reduce network congestion.", 
      "minimum": 0, 
      "title": "Average bandwidth in Mb/s", 
      "type": "int"
    }, 
    "burst_size": {
      "default": 0, 
      "description": "The burst duration is set in the burst size setting.", 
      "minimum": 0, 
      "title": "Burst size in bytes", 
      "type": "int"
    }, 
    "enabled": {
      "required": true, 
      "type": "boolean"
    }, 
    "peak_bandwidth": {
      "default": 0, 
      "description": "The peak bandwidth rate is used to support burst traffic.", 
      "minimum": 0, 
      "title": "Peak bandwidth in Mb/s", 
      "type": "int"
    }, 
    "resource_type": {
      "default": "IngressRateLimiter", 
      "description": "Type rate limiter", 
      "enum": [
        "IngressRateLimiter", 
        "IngressBroadcastRateLimiter", 
        "EgressRateLimiter"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "A shaper that specifies ingress rate properties in Mb/s", 
  "type": "object"
}

IngressRateShaper (type) 

{
  "extends": {
    "$ref": "QosBaseRateShaper
  }, 
  "id": "IngressRateShaper", 
  "module_id": "QosSwitchingProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IngressRateShaper"
  }, 
  "properties": {
    "average_bandwidth_mbps": {
      "default": 0, 
      "minimum": 0, 
      "title": "Average bandwidth in Mb/s", 
      "type": "int"
    }, 
    "burst_size_bytes": {
      "default": 0, 
      "minimum": 0, 
      "title": "Burst size in bytes", 
      "type": "int"
    }, 
    "enabled": {
      "required": true, 
      "type": "boolean"
    }, 
    "peak_bandwidth_mbps": {
      "default": 0, 
      "minimum": 0, 
      "title": "Peak bandwidth in Mb/s", 
      "type": "int"
    }, 
    "resource_type": {
      "default": "IngressRateShaper", 
      "enum": [
        "IngressRateShaper", 
        "IngressBroadcastRateShaper", 
        "EgressRateShaper"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "A shaper that specifies ingress rate properties in Mb/s", 
  "type": "object"
}

InitiateClusterRestoreRequest (type) 

{
  "id": "InitiateClusterRestoreRequest", 
  "module_id": "ClusterRestore", 
  "properties": {
    "ip_address": {
      "format": "hostname-or-ip", 
      "readonly": true, 
      "required": false, 
      "title": "IP address or FQDN of the node from which the backup was taken", 
      "type": "string"
    }, 
    "node_id": {
      "readonly": true, 
      "required": true, 
      "title": "Unique id of the backed-up configuration from which\nthe appliance will be restored\n", 
      "type": "string"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "required": true, 
      "title": "Timestamp of the backed-up configuration from which\nthe appliance will be restored\n"
    }
  }, 
  "type": "object"
}

Injection (type) 

{
  "additionalProperties": false, 
  "description": "Injection holding a key and a corresponding value.", 
  "id": "Injection", 
  "module_id": "PolicyReaction", 
  "properties": {
    "key": {
      "description": "Injection key.", 
      "required": true, 
      "title": "Key", 
      "type": "string"
    }, 
    "value": {
      "$ref": "InjectionValue, 
      "description": "Injection value.", 
      "required": true, 
      "title": "Value"
    }
  }, 
  "title": "Injection", 
  "type": "object"
}

InjectionValue (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Injection Value.", 
  "id": "InjectionValue", 
  "module_id": "PolicyReaction", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "resource_type": {
      "description": "Injection Value resource type.", 
      "enum": [
        "UnaryOperationBasedInjectionValue"
      ], 
      "required": true, 
      "title": "Resource Type", 
      "type": "string"
    }
  }, 
  "title": "Injection Value", 
  "type": "object"
}

InstallUpgradeServiceProperties (type) 

{
  "additionalProperties": false, 
  "id": "InstallUpgradeServiceProperties", 
  "properties": {
    "enabled": {
      "required": true, 
      "title": "True if service enabled; otherwise, false", 
      "type": "boolean"
    }, 
    "enabled_on": {
      "readonly": true, 
      "title": "IP of manager on which install-upgrade is enabled", 
      "type": "string"
    }
  }, 
  "title": "install-upgrade service properties", 
  "type": "object"
}

InstalledAppsParameters (type) 

{
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "InstalledAppsParameters", 
  "module_id": "AppDiscovery", 
  "properties": {
    "app_profile_id": {
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "vm_id": {
      "type": "string"
    }
  }, 
  "type": "object"
}

InstanceDeploymentConfig (type) 

{
  "description": "The Instance Deployment Config contains settings that is applied during install time.", 
  "id": "InstanceDeploymentConfig", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "compute_id": {
      "description": "Resource Pool or Compute Id.", 
      "readonly": false, 
      "required": true, 
      "title": "compute id", 
      "type": "string"
    }, 
    "context_id": {
      "description": "Context Id or VCenter Id.", 
      "readonly": false, 
      "required": true, 
      "title": "Context Id", 
      "type": "string"
    }, 
    "host_id": {
      "description": "The service VM will be deployed on the specified host in the specified server within the cluster if host_id is specified. Note: You must ensure that storage and specified networks are accessible by this host.", 
      "readonly": false, 
      "required": false, 
      "title": "Host id", 
      "type": "string"
    }, 
    "storage_id": {
      "description": "Storage Id.", 
      "readonly": false, 
      "required": true, 
      "title": "storage id", 
      "type": "string"
    }, 
    "vm_nic_infos": {
      "description": "List of NIC information for VMs", 
      "items": {
        "$ref": "VmNicInfo
      }, 
      "maxItems": 2, 
      "minItems": 1, 
      "readonly": false, 
      "required": true, 
      "title": "List of VM NIC information", 
      "type": "array"
    }
  }, 
  "title": "Instance Deployment Config", 
  "type": "object"
}

InstanceEndpoint (type) 

{
  "description": "An InstanceEndpoint belongs to one ServiceInstance and represents a redirection target for a Rule. For Example - It can be an L3 Destination. Service Attachments is required for a InstanceEndpoint of type LOGICAL, and deployed_to if its a VIRTUAL InstanceEndpoint.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "InstanceEndpoint", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "endpoint_type": {
      "default": "LOGICAL", 
      "description": "LOGICAL - It must be created with a ServiceAttachment and identifies a destination connected to the Service Port of the ServiceAttachment, through the ServiceAttachment's Logical Switch. VIRTUAL - It represents a L3 destination the router can route to but does not provide any further information about its location in the network. Virtual InstanceEndpoints are used for redirection targets that are not connected to Service Ports, such as the next-hop routers on the Edge uplinks.", 
      "enum": [
        "LOGICAL", 
        "VIRTUAL"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Instance Endpoint Type", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "link_ids": {
      "description": "Link Ids are mandatory for VIRTUAL Instance Endpoint. Even though VIRTUAL, the Instance Endpoint should be connected/accessible through an NSX object. The link id is this NSX object id. Example - For North-South Service Insertion, this is the LogicalRouter Id through which the targetIp/L3 destination accessible.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "readonly": false, 
      "required": false, 
      "title": "Link Id list", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "service_attachments": {
      "description": "Id(s) of the Service Attachment where this enndpoint is connected to. Service Attachment is mandatory for LOGICAL Instance Endpoint.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "readonly": false, 
      "required": false, 
      "title": "Service Attachment list", 
      "type": "array"
    }, 
    "service_instance_id": {
      "description": "The Service instancee with which the instance endpoint is associated.", 
      "readonly": true, 
      "required": false, 
      "title": "Service instance Id", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "target_ips": {
      "description": "Target IPs on an interface of the Service Instance.", 
      "items": {
        "$ref": "IPInfo
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "Target IPs", 
      "type": "array"
    }
  }, 
  "title": "EndPoint of an Instance", 
  "type": "object"
}

InstanceEndpointListResult (type) 

{
  "description": "List of instance endpoints.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "InstanceEndpointListResult", 
  "module_id": "ServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of instance endpoints.", 
      "items": {
        "$ref": "InstanceEndpoint
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Instance End Point list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Instance Endpoint List", 
  "type": "object"
}

InstanceRuntime (type) 

{
  "description": "A Service Runtime is the runtime entity associated with ever Service-VM deployed.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "InstanceRuntime", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "deployment_status": {
      "description": "Service-Instance Runtime deployment status of the Service-VM. It shows the latest status during the process of deployment, redeploy, upgrade, and un-deployment of VM.", 
      "enum": [
        "DEPLOYMENT_IN_PROGRESS", 
        "DEPLOYMENT_FAILED", 
        "DEPLOYMENT_SUCCESSFUL", 
        "UPGRADE_IN_PROGRESS", 
        "UPGRADE_FAILED", 
        "UNDEPLOYMENT_IN_PROGRESS", 
        "UNDEPLOYMENT_FAILED", 
        "UNDEPLOYMENT_SUCCESSFUL", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Instance Runtime deployment status", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "error_message": {
      "description": "Error message for the Service Instance Runtime if any.", 
      "readonly": true, 
      "required": false, 
      "title": "Error Message", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "maintenance_mode": {
      "description": "The maintenance mode indicates whether the corresponding service VM is in maintenance mode. The service VM will not be used to service new requests if it is in maintenance mode.", 
      "enum": [
        "OFF", 
        "ENTERING", 
        "ON", 
        "EXITING"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Instance Runtime maintenance mode", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "runtime_health_status_by_partner": {
      "description": "Service-Instance runtime health status set by partner to indicate whether the service is running properly or not.", 
      "enum": [
        "HEALTHY", 
        "STOPPED", 
        "NOT_RESPONDING"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Instance runtime health status set by partner", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Service-Instance Runtime status of the deployed Service-VM.", 
      "enum": [
        "IN_SERVICE", 
        "OUT_OF_SERVICE", 
        "NEEDS_ATTENTION", 
        "NOT_AVAILABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Instance Runtime Status", 
      "type": "string"
    }, 
    "service_instance_id": {
      "description": "Id of an instantiation of a registered service.", 
      "readonly": true, 
      "required": false, 
      "title": "Service instance id", 
      "type": "string"
    }, 
    "service_vm_id": {
      "description": "Service-VM/SVM id of deployed virtual-machine.", 
      "readonly": true, 
      "required": false, 
      "title": "Service VM id", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "unhealthy_reason": {
      "description": "Reason provided by partner for the service being unhealthy. This could be due to various reasons such as connectivity lost as an example.", 
      "readonly": true, 
      "required": false, 
      "title": "Reason for service status when unhealthy", 
      "type": "string"
    }, 
    "vm_nic_info": {
      "$ref": "VmNicInfo, 
      "readonly": true, 
      "required": false, 
      "title": "VM NIC info"
    }
  }, 
  "title": "Runtime of a Service-Instance.", 
  "type": "object"
}

InstanceRuntimeListResult (type) 

{
  "additionalProperties": false, 
  "description": "Result of List of InstanceRuntimes", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "InstanceRuntimeListResult", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of existing InstanceRuntimes in database", 
      "items": {
        "$ref": "InstanceRuntime
      }, 
      "required": true, 
      "title": "Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "InstanceRuntime list result", 
  "type": "object"
}

InstanceRuntimeStatistic (type) 

{
  "description": "Statistics for data NICs on an instance runtime", 
  "id": "InstanceRuntimeStatistic", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "interface_statistics": {
      "description": "List of statistics for all data NICs on a runtime.", 
      "items": {
        "$ref": "RuntimeInterfaceStatistics
      }, 
      "readonly": true, 
      "title": "List of statistics for all NICs", 
      "type": "array"
    }, 
    "primary_runtime_stats": {
      "description": "Specifies whether statistics are for primary runtime.", 
      "readonly": true, 
      "title": "Specifies whether statistics are for primary", 
      "type": "boolean"
    }, 
    "runtime_id": {
      "description": "Id of the instance runtime", 
      "readonly": true, 
      "title": "Id of the instance runtime", 
      "type": "string"
    }, 
    "runtime_name": {
      "description": "Name of the instance runtime", 
      "readonly": true, 
      "title": "Name of the instance runtime", 
      "type": "string"
    }
  }, 
  "title": "Instance runtime statistic", 
  "type": "object"
}

InstanceStats (type) 

{
  "additionalProperties": false, 
  "description": "Stores statistics of the instances like MANAGED and UNMANAGED instances.", 
  "id": "InstanceStats", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "error": {
      "description": "The number of instances with status ERROR.", 
      "readonly": true, 
      "required": false, 
      "title": "Error Instances", 
      "type": "integer"
    }, 
    "managed": {
      "description": "The number of instances with status MANAGED.", 
      "readonly": true, 
      "required": false, 
      "title": "Managed Instances", 
      "type": "integer"
    }, 
    "powered_off": {
      "description": "The number of instances with status POWERED OFF.", 
      "readonly": true, 
      "required": false, 
      "title": "Powered Off Instances", 
      "type": "integer"
    }, 
    "total": {
      "description": "The total number of instances.", 
      "readonly": true, 
      "required": false, 
      "title": "Total number of instances", 
      "type": "integer"
    }, 
    "unmanaged": {
      "description": "The number of instances with status UNMANAGED.", 
      "readonly": true, 
      "required": false, 
      "title": "Unmanaged Instances", 
      "type": "integer"
    }, 
    "vcpus": {
      "description": "The number of virtual CPUs.", 
      "readonly": true, 
      "required": false, 
      "title": "Virtual CPUs", 
      "type": "integer"
    }
  }, 
  "title": "Instance statistics", 
  "type": "object"
}

InstructionInfo (type) 

{
  "id": "InstructionInfo", 
  "module_id": "ClusterRestore", 
  "properties": {
    "actions": {
      "description": "A list of actions that are to be applied to resources", 
      "help_detail": "This attribute lists actions that are to be applied to the resources\nreferenced in the \"resources\" attribute. There is an m x n relationship\nbetween these actions and resources.\n", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Actions list", 
      "type": "array"
    }, 
    "fields": {
      "description": "A list of fields that are displayable to users in a table", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Displayable fields", 
      "type": "array"
    }, 
    "id": {
      "readonly": true, 
      "required": true, 
      "title": "UUID of the instruction", 
      "type": "string"
    }, 
    "name": {
      "readonly": true, 
      "required": true, 
      "title": "Instruction name", 
      "type": "string"
    }
  }, 
  "title": "Details of the instructions displayed during restore process", 
  "type": "object"
}

IntelligenceBrokerEndpointInfo (type) 

{
  "description": "An endpoint to connect to NSX-Intelligence broker. Either FQDN or IP address can be used in the endpoint info.", 
  "id": "IntelligenceBrokerEndpointInfo", 
  "module_id": "NsxIntelligenceHostConfiguration", 
  "properties": {
    "address": {
      "description": "The IP address or the full qualified domain name of broker.", 
      "format": "ip-or-hostname", 
      "required": true, 
      "title": "Broker address", 
      "type": "string"
    }, 
    "port": {
      "description": "The port number where the broker is listening to.", 
      "maximum": 65535, 
      "minimum": 1, 
      "required": true, 
      "title": "Broker port number", 
      "type": "integer"
    }
  }, 
  "title": "NSX-Intelligence broker endpoint", 
  "type": "object"
}

IntelligenceClusterNodeVMDeletionParameters (type) 

{
  "description": "Parameters for deletion of a NSX-Intelligence cluster node VM.", 
  "id": "IntelligenceClusterNodeVMDeletionParameters", 
  "module_id": "NsxIntelligenceDeployment", 
  "properties": {
    "force_delete": {
      "description": "If true, the VM will be undeployed even if it cannot be removed from its cluster.", 
      "title": "Delete by force", 
      "type": "boolean"
    }
  }, 
  "title": "Parameters for DeleteAutoDeployedIntelligenceClusterNodeVM", 
  "type": "object"
}

IntelligenceClusterNodeVMDeploymentConfig (type) 

{
  "description": "Contains info used to configure the VM on deployment", 
  "id": "IntelligenceClusterNodeVMDeploymentConfig", 
  "module_id": "NsxIntelligenceDeployment", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "placement_type"
  }, 
  "properties": {
    "placement_type": {
      "description": "Specifies the config for the platform through which to deploy the VM", 
      "enum": [
        "IntelligenceVsphereClusterNodeVMDeploymentConfig"
      ], 
      "required": true, 
      "title": "Type of deployment", 
      "type": "string"
    }
  }, 
  "title": "Configuration for deploying NSX-Intelligence cluster node VM", 
  "type": "object"
}

IntelligenceClusterNodeVMDeploymentRequest (type) 

{
  "additionalProperties": false, 
  "description": "Contains the deployment information for a NSX-Intelligence node VM.", 
  "id": "IntelligenceClusterNodeVMDeploymentRequest", 
  "module_id": "NsxIntelligenceDeployment", 
  "properties": {
    "deployment_config": {
      "$ref": "IntelligenceClusterNodeVMDeploymentConfig, 
      "description": "Info needed to configure a NSX-Intelligence cluster node VM at deployment for a specific platform.", 
      "required": true, 
      "title": "Deployment config for NSX-Intelligence cluster node VM"
    }, 
    "form_factor": {
      "$ref": "IntelligenceClusterNodeVMFormFactor, 
      "default": "SMALL", 
      "description": "Specifies the desired \"size\" of the VM", 
      "required": false, 
      "title": "Form factor for NSX-Intelligence VMs"
    }, 
    "user_settings": {
      "$ref": "NodeUserSettings, 
      "description": "Username and password settings for the NSX-Intelligence node VM. Passwords must be at least 12 characters in length and contain at least one lowercase, one uppercase, one numerical, and one special character. Note: These settings will be honored only during VM deployment. Post-deployment, CLI must be used for changing the user settings and changes to these parameters will not have any effect.", 
      "required": true, 
      "sensitive": true, 
      "title": "User settings for the VM"
    }, 
    "vm_id": {
      "description": "ID of the VM maintained internally. Note: This is automatically generated and cannot be modified.", 
      "readonly": true, 
      "required": false, 
      "title": "ID of VM used to recognize it", 
      "type": "string"
    }
  }, 
  "title": "Info for NSX-Intelligence node deployment request", 
  "type": "object"
}

IntelligenceClusterNodeVMDeploymentRequestList (type) 

{
  "additionalProperties": false, 
  "description": "List of IntelligenceClusterNodeVMDeploymentRequests", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IntelligenceClusterNodeVMDeploymentRequestList", 
  "module_id": "NsxIntelligenceDeployment", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of existing IntelligenceClusterNodeVMDeploymentRequests", 
      "items": {
        "$ref": "IntelligenceClusterNodeVMDeploymentRequest
      }, 
      "required": true, 
      "title": "Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IntelligenceClusterNodeVMDeploymentRequest list", 
  "type": "object"
}

IntelligenceClusterNodeVMDeploymentStatusReport (type) 

{
  "description": "Contains up-to-date information relating to an auto-deployed VM, including its status and (potentially) an error message.", 
  "id": "IntelligenceClusterNodeVMDeploymentStatusReport", 
  "module_id": "NsxIntelligenceDeployment", 
  "properties": {
    "failure_code": {
      "description": "In case of auto-deployment-related failure, the code for the error will be stored here.", 
      "required": false, 
      "title": "Error code for failure", 
      "type": "integer"
    }, 
    "failure_message": {
      "description": "In case of auto-deployment-related failure, an error message will be stored here.", 
      "required": false, 
      "title": "Error message for failure", 
      "type": "string"
    }, 
    "status": {
      "description": "Status of the addition or deletion of an auto-deployed NSX-Intelligence cluster node VM.", 
      "enum": [
        "NOT_AVAILABLE", 
        "VM_DEPLOYMENT_QUEUED", 
        "VM_DEPLOYMENT_IN_PROGRESS", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_IN_PROGRESS", 
        "VM_POWER_ON_FAILED", 
        "VM_POWER_ON_SUCCESSFUL", 
        "VM_REGISTRATION_FAILED", 
        "VM_WAITING_TO_COME_ONLINE", 
        "VM_ONLINE_FAILED", 
        "VM_POWER_OFF_IN_PROGRESS", 
        "VM_POWER_OFF_FAILED", 
        "WAITING_TO_UNDEPLOY_VM", 
        "VM_UNDEPLOY_IN_PROGRESS", 
        "VM_UNDEPLOY_FAILED", 
        "VM_UNDEPLOY_SUCCESSFUL", 
        "UNKNOWN_STATE"
      ], 
      "required": true, 
      "title": "Auto-deployed VM's deployment status", 
      "type": "string"
    }
  }, 
  "title": "Report of a VM's deployment status", 
  "type": "object"
}

IntelligenceClusterNodeVMFormFactor (type) 

{
  "description": "Specifies the desired \"size\" of the VM. Affects number of virtual CPUs and/or memory size given to the new cluster node VM.", 
  "enum": [
    "SMALL", 
    "LARGE"
  ], 
  "id": "IntelligenceClusterNodeVMFormFactor", 
  "module_id": "NsxIntelligenceDeployment", 
  "title": "Supported VM form factor for NSX-Intelligence cluster nodes", 
  "type": "string"
}

IntelligenceFlowPrivateIpPrefixInfo (type) 

{
  "description": "An IP prefix to mark the private network that NSX-Intelligence network flow is collected from.", 
  "id": "IntelligenceFlowPrivateIpPrefixInfo", 
  "module_id": "NsxIntelligenceHostConfiguration", 
  "properties": {
    "address": {
      "$ref": "IPAddress, 
      "description": "The prefix of IP address that marks the range of private network.", 
      "required": true, 
      "title": "IP address"
    }, 
    "address_type": {
      "description": "The type of IP address.", 
      "enum": [
        "IPV4", 
        "IPV6"
      ], 
      "required": true, 
      "title": "IP address type", 
      "type": "string"
    }, 
    "prefix_length": {
      "description": "The length of IP address prefix that marks the range of private network.", 
      "maximum": 128, 
      "minimum": 1, 
      "required": true, 
      "title": "IP prefix length", 
      "type": "integer"
    }
  }, 
  "title": "NSX-Intelligence flow private IP prefix", 
  "type": "object"
}

IntelligenceHostConfigurationInfo (type) 

{
  "description": "NSX-Intelligence configuration that can be applied to host nodes.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IntelligenceHostConfigurationInfo", 
  "module_id": "NsxIntelligenceHostConfiguration", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "broker_bootstrap_servers": {
      "description": "List of NSX-Intelligence broker endpoints that host nodes contact initially.", 
      "items": {
        "$ref": "IntelligenceBrokerEndpointInfo
      }, 
      "required": false, 
      "title": "List of NSX-Intelligence broker endpoints", 
      "type": "array"
    }, 
    "broker_certificate": {
      "description": "A broker certificate to verify the identity of brokers.", 
      "required": false, 
      "title": "Broker certificate", 
      "type": "string"
    }, 
    "broker_truststore": {
      "description": "A truststore to establish the trust between NSX and NSX-Intelligence brokers.", 
      "required": false, 
      "title": "Broker truststore", 
      "type": "string"
    }, 
    "context_data_collection_interval": {
      "description": "Interval in minute of reporting VM guest context data to NSX-Intelligence.", 
      "maximum": 1440, 
      "mininum": 1, 
      "required": false, 
      "title": "VM guest context data collection interval", 
      "type": "integer"
    }, 
    "context_process_hashes": {
      "description": "List of hashes of processes to collect context data. Empty implies all processes.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "List of hashes of processes to collect context data", 
      "type": "array"
    }, 
    "context_process_names": {
      "description": "List of processes to collect context data. Empty implies all processes.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "List of processes to collect context data", 
      "type": "array"
    }, 
    "context_user_sids": {
      "description": "List of windows user sid to collect context data. Empty implies all users.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "List of windows user sid to collect context data", 
      "type": "array"
    }, 
    "context_user_uids": {
      "description": "List of linux user uid to collect context data. Empty implies all users.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "List of linux user uid to collect context data", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enable_data_collection": {
      "description": "Enable NSX-Intelligence data collection in host nodes.", 
      "required": false, 
      "title": "Enable data collection", 
      "type": "boolean"
    }, 
    "flow_data_collection_interval": {
      "description": "Interval in minute of reporting network flow data to NSX-Intelligence.", 
      "maximum": 1440, 
      "minimum": 1, 
      "required": false, 
      "title": "Network flow data collection interval", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "max_active_flow_count": {
      "description": "Maximum active network flow to collect in collection interval.", 
      "maximum": 5000000, 
      "minimum": 1, 
      "required": false, 
      "title": "Maximum active network flow", 
      "type": "integer"
    }, 
    "max_inactive_flow_count": {
      "description": "Maximum inactive network flow to collect in collection interval.", 
      "maximum": 5000000, 
      "minimum": 1, 
      "required": false, 
      "title": "Maximum inactive network flow", 
      "type": "integer"
    }, 
    "private_ip_prefix": {
      "description": "List of private IP prefix that NSX-Intelligence network flow is collected from.", 
      "items": {
        "$ref": "IntelligenceFlowPrivateIpPrefixInfo
      }, 
      "required": false, 
      "title": "List of private IP prefix", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "NSX-Intelligence host configuration", 
  "type": "object"
}

IntelligenceVsphereClusterNodeVMDeploymentConfig (type) 

{
  "description": "The Vsphere deployment configuration determines where to deploy the NSX-Intelligence cluster node VM through a vCenter server. It contains settings that are applied during install time. If using DHCP, the following fields must be left unset - dns_servers, management_port_subnets, and default_gateway_addresses", 
  "extends": {
    "$ref": "IntelligenceClusterNodeVMDeploymentConfig
  }, 
  "id": "IntelligenceVsphereClusterNodeVMDeploymentConfig", 
  "module_id": "NsxIntelligenceDeployment", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IntelligenceVsphereClusterNodeVMDeploymentConfig"
  }, 
  "properties": {
    "allow_ssh_root_login": {
      "default": false, 
      "description": "If true, the root user will be allowed to log into the VM. Allowing root SSH logins is not recommended for security reasons.", 
      "required": false, 
      "title": "Allow root SSH logins.", 
      "type": "boolean"
    }, 
    "compute_id": {
      "description": "The NSX-Intelligence cluster node VM will be deployed on the specified cluster or resourcepool for specified VC server.", 
      "required": true, 
      "title": "Cluster identifier or resourcepool identifier", 
      "type": "string"
    }, 
    "default_gateway_addresses": {
      "description": "The default gateway for the VM to be deployed must be specified if all the other VMs it communicates with are not in the same subnet. Do not specify this field and management_port_subnets to use DHCP. Note: only single IPv4 default gateway address is supported and it must belong to management network. IMPORTANT: VMs deployed using DHCP are currently not supported, so this parameter should be specified.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": false, 
      "title": "Default gateway for the VM", 
      "type": "array"
    }, 
    "display_name": {
      "description": "Desired display name for NSX-Intelligence VM to be deployed", 
      "required": false, 
      "title": "NSX-Intelligence VM display name", 
      "type": "string"
    }, 
    "dns_servers": {
      "description": "List of DNS servers. If DHCP is used, the default DNS servers associated with the DHCP server will be used instead. Required if using static IP.", 
      "items": {
        "$ref": "IPv4Address
      }, 
      "minItems": 1, 
      "required": false, 
      "title": "DNS servers.", 
      "type": "array"
    }, 
    "enable_ssh": {
      "default": false, 
      "description": "If true, the SSH service will automatically be started on the VM. Enabling SSH service is not recommended for security reasons.", 
      "required": false, 
      "title": "Enable SSH.", 
      "type": "boolean"
    }, 
    "host_id": {
      "description": "The NSX-Intelligence cluster node VM will be deployed on the specified host in the specified VC server within the cluster if host_id is specified. Note: User must ensure that storage and specified networks are accessible by this host.", 
      "required": false, 
      "title": "Host identifier", 
      "type": "string"
    }, 
    "hostname": {
      "description": "Desired host name/FQDN for the VM to be deployed", 
      "pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*?$", 
      "required": true, 
      "title": "Host name or FQDN for the VM", 
      "type": "string"
    }, 
    "management_network_id": {
      "description": "Distributed portgroup identifier to which the management vnic of NSX-Intelligence cluster node VM will be connected.", 
      "required": true, 
      "title": "Portgroup identifier for management network connectivity", 
      "type": "string"
    }, 
    "management_port_subnets": {
      "description": "IP Address and subnet configuration for the management port. Do not specify this field and default_gateway_addresses to use DHCP. Note: only one IPv4 address is supported for the management port. IMPORTANT: VMs deployed using DHCP are currently not supported, so this parameter should be specified.", 
      "items": {
        "$ref": "IPSubnet
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": false, 
      "title": "Port subnets for management port", 
      "type": "array"
    }, 
    "ntp_servers": {
      "description": "List of NTP servers. To use hostnames, a DNS server must be defined. If not using DHCP, a DNS server should be specified under dns_servers.", 
      "items": {
        "$ref": "HostnameOrIPv4Address
      }, 
      "required": false, 
      "title": "NTP servers.", 
      "type": "array"
    }, 
    "ovf_url": {
      "description": "The NSX-Intelligence cluster node VM OVF URL to download and install the OVF file.", 
      "required": true, 
      "title": "URL of the ovf file to deploy", 
      "type": "string"
    }, 
    "placement_type": {
      "description": "Specifies the config for the platform through which to deploy the VM", 
      "enum": [
        "IntelligenceVsphereClusterNodeVMDeploymentConfig"
      ], 
      "required": true, 
      "title": "Type of deployment", 
      "type": "string"
    }, 
    "storage_id": {
      "description": "The NSX-Intelligence cluster node VM will be deployed on the specified datastore in the specified VC server. User must ensure that storage is accessible by the specified cluster/host.", 
      "required": true, 
      "title": "Storage/datastore identifier", 
      "type": "string"
    }, 
    "vc_id": {
      "description": "The VC-specific identifiers will be resolved on this VC, so all other identifiers specified in the config must belong to this vCenter server.", 
      "required": true, 
      "title": "Vsphere compute identifier for identifying VC server", 
      "type": "string"
    }
  }, 
  "title": "Deployment config on the Vsphere platform", 
  "type": "object"
}

IntentEnforcementPointListRequestParams (type) 

{
  "additionalProperties": false, 
  "description": "List request parameters containing intent path and enforcement point path", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "IntentEnforcementPointListRequestParams", 
  "module_id": "PolicyGroupRealization", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "enforcement_point_path": {
      "description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered", 
      "required": false, 
      "title": "String Path of the enforcement point", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "intent_path": {
      "required": true, 
      "title": "String path of the intent object", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List request parameters containing intent path and enforcement point path", 
  "type": "object"
}

IntentPathRequestParameter (type) 

{
  "description": "Intent path for which state/realized entities would be fetched.", 
  "id": "IntentPathRequestParameter", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F", 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }
  }, 
  "title": "Parameter to filter realized entities by intent path", 
  "type": "object"
}

IntentRuntimeRequestParameters (type) 

{
  "description": "Request parameters that represents a an intent path.", 
  "id": "IntentRuntimeRequestParameters", 
  "module_id": "PolicyBaseStatistics", 
  "properties": {
    "intent_path": {
      "description": "Policy Path referencing an intent object.", 
      "required": true, 
      "title": "Policy Path of the intent object", 
      "type": "string"
    }
  }, 
  "title": "Request Parameters for Intent Runtime Information", 
  "type": "object"
}

IntentStatusRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Request parameters that represents a binding between an intent path and whether the enforcement point specific status shall be retrieved from the enforcement point or not. A request can be parameterized with this pair and will be evaluated as follows: - <intent_path>: the request is evaluated on all enforcement points for the given intent with no enforced statuses' details returned. - <intent_path, include_enforced_status=true>: the request is evaluated on all enforcement points for the given intent with enforced statuses' details returned.", 
  "extends": {
    "$ref": "IntentRuntimeRequestParameters
  }, 
  "id": "IntentStatusRequestParameters", 
  "module_id": "PolicyRealizationStatus", 
  "properties": {
    "include_enforced_status": {
      "default": false, 
      "description": "Flag conveying whether to include detailed view of the enforcement point specific status or not.", 
      "title": "Include Enforced Status Flag", 
      "type": "boolean"
    }, 
    "intent_path": {
      "description": "Policy Path referencing an intent object.", 
      "required": true, 
      "title": "Policy Path of the intent object", 
      "type": "string"
    }
  }, 
  "title": "Request Parameters for Intent Status Information", 
  "type": "object"
}

InterSRRoutingConfig (type) 

{
  "id": "InterSRRoutingConfig", 
  "module_id": "Routing", 
  "properties": {
    "enabled": {
      "default": true, 
      "description": "While creation of BGP config this flag will be set to - true for Tier0 logical router with Active-Active high-availability mode - false for Tier0 logical router with Active-Standby high-availanility mode. User can change this value while updating inter-sr config.", 
      "required": false, 
      "title": "Flag to enable inter SR IBGP", 
      "type": "boolean"
    }
  }, 
  "title": "Inter SR IBGP configuration", 
  "type": "object"
}

InterfaceNeighborProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "InterfaceNeighborProperties", 
  "module_id": "Lldp", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ifindex": {
      "display": {
        "order": 3
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Interface index", 
      "type": "integer"
    }, 
    "mac": {
      "display": {
        "order": 2
      }, 
      "pattern": "^[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}$", 
      "readonly": true, 
      "required": true, 
      "title": "Interface MAC address", 
      "type": "string"
    }, 
    "name": {
      "display": {
        "order": 1
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Interface Name", 
      "type": "string"
    }, 
    "neighbors": {
      "display": {
        "order": 4
      }, 
      "items": {
        "$ref": "NeighborProperties
      }, 
      "readonly": true, 
      "title": "Neighbor properties", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Interface neighbor properties", 
  "type": "object"
}

InterfaceNeighborPropertyListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "InterfaceNeighborPropertyListResult", 
  "module_id": "Lldp", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "InterfaceNeighborProperties
      }, 
      "title": "Interface neighbor property results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Interface neighbor property query results", 
  "type": "object"
}

InterfaceSubnet (type) 

{
  "additionalProperties": false, 
  "id": "InterfaceSubnet", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "ip_addresses": {
      "items": {
        "$ref": "IPAddress
      }, 
      "required": true, 
      "title": "IP addresses assigned to interface", 
      "type": "array"
    }, 
    "prefix_len": {
      "maximum": 128, 
      "minimum": 1, 
      "required": true, 
      "title": "Subnet prefix length", 
      "type": "int"
    }
  }, 
  "title": "Subnet specification for interface connectivity", 
  "type": "object"
}

IntervalBackupSchedule (type) 

{
  "extends": {
    "$ref": "BackupSchedule
  }, 
  "id": "IntervalBackupSchedule", 
  "module_id": "BackupConfiguration", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IntervalBackupSchedule"
  }, 
  "properties": {
    "resource_type": {
      "enum": [
        "WeeklyBackupSchedule", 
        "IntervalBackupSchedule"
      ], 
      "required": true, 
      "title": "Schedule type", 
      "type": "string"
    }, 
    "seconds_between_backups": {
      "default": 3600, 
      "maximum": 86400, 
      "minimum": 300, 
      "title": "Time interval in seconds between two consecutive automated backups", 
      "type": "integer"
    }
  }, 
  "title": "Schedule to specify the interval time at which automated backups need to be taken", 
  "type": "object"
}

InventoryConfig (type) 

{
  "additionalProperties": false, 
  "id": "InventoryConfig", 
  "module_id": "Inventory", 
  "properties": {
    "compute_managers_soft_limit": {
      "description": "Soft limit on number of compute managers, which can be added, beyond which, addition of compute managers will result in warning getting logged", 
      "readonly": false, 
      "required": true, 
      "title": "Soft limit on number of compute managers", 
      "type": "int"
    }
  }, 
  "type": "object"
}

IpAddressAllocation (type) 

{
  "additionalProperties": false, 
  "description": "Allocation parameters for the IP address (e.g. specific IP address) can be specified. Tags, display_name and description attributes are not supported in this release.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IpAddressAllocation", 
  "module_id": "PolicyIpam", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "allocation_ip": {
      "$ref": "IPAddress, 
      "readonly": true, 
      "title": "Address that is allocated from pool"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Parameters for IP allocation", 
  "type": "object"
}

IpAddressAllocationListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IpAddressAllocationListResult", 
  "module_id": "PolicyIpam", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IpAddressAllocation
      }, 
      "title": "List of IpAddressAllocations", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of IP address allocations", 
  "type": "object"
}

IpAddressBlock (type) 

{
  "additionalProperties": false, 
  "description": "A block of IP addresses defined by a start address and a mask/prefix (network CIDR). An IP block is typically large & allocated to a tenant for automated consumption. An IP block is always a contiguous address space, for example 192.0.0.1/8. An IP block can be further subdivided into subnets called IP block subnets. These IP block subnets can be added to IP pools and used for IP allocation.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IpAddressBlock", 
  "module_id": "PolicyIpam", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "cidr": {
      "description": "Represents a network address and the prefix length which will be associated with a layer-2 broadcast domain. Support only IPv4 CIDR.", 
      "format": "ipv4-cidr-block", 
      "required": true, 
      "title": "A contiguous IP address space represented by network address and prefix length", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IP address space represented by network address and prefix", 
  "type": "object"
}

IpAddressBlockListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IpAddressBlockListResult", 
  "module_id": "PolicyIpam", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IpAddressBlock
      }, 
      "required": true, 
      "title": "IpAddressBlock list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of IpAddressBlocks", 
  "type": "object"
}

IpAddressInfo (type) 

{
  "additionalProperties": false, 
  "id": "IpAddressInfo", 
  "module_id": "Inventory", 
  "properties": {
    "ip_addresses": {
      "items": {
        "$ref": "IPAddress
      }, 
      "readonly": true, 
      "required": true, 
      "title": "IP Addresses of the the virtual network interface, as discovered in the source.", 
      "type": "array"
    }, 
    "source": {
      "enum": [
        "VM_TOOLS"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Source of the ipaddress information.", 
      "type": "string"
    }
  }, 
  "title": "Ipaddress information of the fabric node.", 
  "type": "object"
}

IpAddressPool (type) 

{
  "additionalProperties": false, 
  "description": "IpAddressPool is a collection of subnets. The subnets can either be derived from an IpBlock or specified by the user. User can request for IP addresses to be allocated from a pool. When an IP is requested from a pool, the IP that is returned can come from any subnet that belongs to the pool.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IpAddressPool", 
  "module_id": "PolicyIpam", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "A collection of IP subnets", 
  "type": "object"
}

IpAddressPoolBlockSubnet (type) 

{
  "additionalProperties": false, 
  "description": "This type of subnet allows user to dynamically carve a subnet out of a preconfigured IpAddressBlock. The user must specify the size of the subnet and the IpAddressBlock from which the subnet is to be derived. If the required amount of IP adress space is available in the specified IpAddressBlock, the system automatically configures subnet range.", 
  "extends": {
    "$ref": "IpAddressPoolSubnet
  }, 
  "id": "IpAddressPoolBlockSubnet", 
  "module_id": "PolicyIpam", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IpAddressPoolBlockSubnet"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "auto_assign_gateway": {
      "default": true, 
      "description": "If this property is set to true, the first IP in the range will be reserved for gateway.", 
      "title": "Indicate whether default gateway is to be reserved from the range", 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_block_path": {
      "required": true, 
      "title": "The path of the IpAddressBlock from which the subnet is to be created.", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "IpAddressPoolSubnetType, 
      "description": "Specifies whether the IpAddressPoolSubnet is to be carved out of a IpAddressBlock or will be specified by the user", 
      "required": true, 
      "title": "Represents the type of IpAddressPoolSubnet"
    }, 
    "size": {
      "description": "The size parameter is required for subnet creation. It must be specified during creation but cannot be changed later.", 
      "required": true, 
      "title": "Represents the size or number of IP addresses in the subnet", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IpAddressPoolSubnet dynamically carved out of a IpAddressBlock", 
  "type": "object"
}

IpAddressPoolListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IpAddressPoolListResult", 
  "module_id": "PolicyIpam", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IpAddressPool
      }, 
      "required": true, 
      "title": "IpAddressPool list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of IpAddressPools", 
  "type": "object"
}

IpAddressPoolStaticSubnet (type) 

{
  "additionalProperties": false, 
  "description": "This type of subnet is statically configured by the user. The user provides the range details and the gateway for the subnet.", 
  "extends": {
    "$ref": "IpAddressPoolSubnet
  }, 
  "id": "IpAddressPoolStaticSubnet", 
  "module_id": "PolicyIpam", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IpAddressPoolStaticSubnet"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "allocation_ranges": {
      "items": {
        "$ref": "IpPoolRange
      }, 
      "required": true, 
      "title": "A collection of IPv4 or IPv6 IP Pool Ranges.", 
      "type": "array"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "cidr": {
      "required": true, 
      "title": "Subnet representation is a network address and prefix length", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "dns_nameservers": {
      "items": {
        "$ref": "IPAddress
      }, 
      "maxItems": 3, 
      "title": "The collection of upto 3 DNS servers for the subnet.", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "dns_suffix": {
      "format": "hostname", 
      "title": "The DNS suffix for the DNS server.", 
      "type": "string"
    }, 
    "gateway_ip": {
      "$ref": "IPAddress, 
      "title": "The default gateway address on a layer-3 router."
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "IpAddressPoolSubnetType, 
      "description": "Specifies whether the IpAddressPoolSubnet is to be carved out of a IpAddressBlock or will be specified by the user", 
      "required": true, 
      "title": "Represents the type of IpAddressPoolSubnet"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IpAddressPoolSubnet statically configured by a user", 
  "type": "object"
}

IpAddressPoolSubnet (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "IpAddressPoolSubnet can either be carved out of a PolicyBlock or statically specified by the user. In the first case where the subnet is carved out of a IpAddressBlock, the user must specify the ID of the block from which this subnet is to be derived. This block must be pre-created. The subnet range is auto populated by the system. In the second case, the user configures the subnet range directly. No IpAddressBlock is required.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "IpAddressPoolSubnet", 
  "module_id": "PolicyIpam", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "IpAddressPoolSubnetType, 
      "description": "Specifies whether the IpAddressPoolSubnet is to be carved out of a IpAddressBlock or will be specified by the user", 
      "required": true, 
      "title": "Represents the type of IpAddressPoolSubnet"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Abstract class for IpSubnet in a IpAddressPool", 
  "type": "object"
}

IpAddressPoolSubnetListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IpAddressPoolSubnetListResult", 
  "module_id": "PolicyIpam", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IpAddressPoolSubnet
      }, 
      "required": true, 
      "title": "IP Pool subnet list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

IpAddressPoolSubnetType (type) 

{
  "additionalProperties": false, 
  "description": "IpAddressPoolSubnet can either be carved out of a PolicyBlock or statically specified. A subnet to be carved out of a IpAddressBlock is of type IpAddressPoolBlockSubnet A subnet statically specified by the user is of type IpAddressPoolStaticSubnet", 
  "enum": [
    "IpAddressPoolBlockSubnet", 
    "IpAddressPoolStaticSubnet"
  ], 
  "id": "IpAddressPoolSubnetType", 
  "module_id": "PolicyIpam", 
  "title": "Type of IpAddressPoolSubnet", 
  "type": "string"
}

IpAllocationBase (type) 

{
  "additionalProperties": false, 
  "description": "Base type of ip-allocation extended by ip pool and static binding.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IpAllocationBase", 
  "module_id": "Dhcp", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "gateway_ip": {
      "$ref": "IPAddress, 
      "description": "Gateway ip address of the allocation.", 
      "required": false, 
      "title": "Gateway ip"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "lease_time": {
      "default": 86400, 
      "description": "Lease time, in seconds, [60-(2^32-1)]. Default is 86400.", 
      "maximum": 4294967295, 
      "minimum": 60, 
      "required": false, 
      "title": "Lease time", 
      "type": "integer"
    }, 
    "options": {
      "$ref": "DhcpOptions, 
      "description": "If an option is defined at server level and not configred at ip-pool/static-binding level, the option will be inherited to ip-pool/static-binding. If both define a same-code option, the option defined at ip-pool/static-binding level take precedence over that defined at server level.", 
      "required": false, 
      "title": "DHCP options"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Base type of ip-allocation", 
  "type": "object"
}

IpAssignmentSpec (type) 

{
  "abstract": true, 
  "id": "IpAssignmentSpec", 
  "module_id": "TransportNode", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "resource_type": {
      "enum": [
        "StaticIpPoolSpec", 
        "StaticIpListSpec", 
        "AssignedByDhcp", 
        "StaticIpMacListSpec"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "Abstract base type for specification of IPs to be used with host switch virtual tunnel endpoints", 
  "type": "object"
}

IpBlock (type) 

{
  "additionalProperties": false, 
  "description": "A block of IPv4 addresses defined by a start address and a mask/prefix (network CIDR). An IP block is typically large & allocated to a tenant for automated consumption. An IP block is always a contiguous address space, for example 192.0.0.1/8. An IP block can be further subdivided into subnets called IP block subnets. These IP block subnets can later be added to IP pools and used for IP allocation. An IP pool is typically a collection of subnets that are often not a contiguous address space. Clients are allocated IP addresses only from IP pools. Sample Structure Diagram IpBlock_VMware 192.0.0.1/8 ======================================================================= /                          ___________________________________________/________ /  IpBlockSubnet_Finance  ( IpBlockSubnet_Eng1   IpBlockSubnet_Eng2   /        ) /  192.168.0.1/16         (   192.170.1.1/16      192.180.1.1/24      /        ) IpPool_Eng /                         (___________________________________________/________) /                                                                     / =======================================================================", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IpBlock", 
  "module_id": "Ipam", 
  "nsx_feature": "Container", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "cidr": {
      "format": "ipv4-cidr-block", 
      "required": true, 
      "title": "Represents network address and the prefix length which will be associated with a layer-2 broadcast domain", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

IpBlockListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IpBlockListResult", 
  "module_id": "Ipam", 
  "nsx_feature": "Container", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IpBlock
      }, 
      "required": true, 
      "title": "IP block list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

IpBlockSubnet (type) 

{
  "additionalProperties": false, 
  "description": "A set of IPv4 addresses defined by a start address and a mask/prefix which will typically be associated with a layer-2 broadcast domain.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IpBlockSubnet", 
  "module_id": "Ipam", 
  "nsx_feature": "Container", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "allocation_ranges": {
      "items": {
        "$ref": "IpPoolRange
      }, 
      "readonly": true, 
      "title": "A collection of IPv4 IP ranges used for IP allocation.", 
      "type": "array"
    }, 
    "block_id": {
      "readonly": false, 
      "required": true, 
      "title": "Block id for which the subnet is created.", 
      "type": "string"
    }, 
    "cidr": {
      "format": "ipv4-cidr-block", 
      "readonly": true, 
      "title": "Represents network address and the prefix length which will be associated with a layer-2 broadcast domain", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "size": {
      "required": true, 
      "title": "Represents the size or number of ip addresses in the subnet", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

IpBlockSubnetListRequestParameters (type) 

{
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "IpBlockSubnetListRequestParameters", 
  "module_id": "Ipam", 
  "nsx_feature": "Container", 
  "properties": {
    "block_id": {
      "required": false, 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

IpBlockSubnetListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IpBlockSubnetListResult", 
  "module_id": "Ipam", 
  "nsx_feature": "Container", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IpBlockSubnet
      }, 
      "required": true, 
      "title": "IP block subnet list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

IpDiscoverySwitchingProfile (type) 

{
  "extends": {
    "$ref": "BaseSwitchingProfile
  }, 
  "id": "IpDiscoverySwitchingProfile", 
  "module_id": "IpDiscoverySwitchingProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IpDiscoverySwitchingProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "arp_bindings_limit": {
      "default": 1, 
      "description": "Indicates the number of arp snooped IP addresses to be remembered per LogicalPort. Decreasing this value, will retain the latest bindings from the existing list of address bindings. Increasing this value will retain existing bindings and also learn any new address bindings discovered on the port until the new limit is reached. This limit only applies to IPv4 addresses and is independent of the nd_bindings_limit used for IPv6 snooping.", 
      "maximum": 256, 
      "minimum": 1, 
      "title": "Number of IP addresses to be snooped via ARP snooping", 
      "type": "int"
    }, 
    "arp_nd_binding_timeout": {
      "default": 10, 
      "description": "This property controls the ARP and ND cache timeout period.It is recommended that this property be greater than the ARP/ND cache timeout on the VM.", 
      "maximum": 120, 
      "minimum": 5, 
      "readonly": false, 
      "required": false, 
      "title": "ARP and ND cache timeout (in minutes)", 
      "type": "int"
    }, 
    "arp_snooping_enabled": {
      "default": true, 
      "display": {
        "order": 1
      }, 
      "readonly": false, 
      "required": false, 
      "title": "Indicates whether ARP snooping is enabled", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "dhcp_snooping_enabled": {
      "default": true, 
      "display": {
        "order": 2
      }, 
      "readonly": false, 
      "required": false, 
      "title": "Indicates whether DHCP snooping is enabled", 
      "type": "boolean"
    }, 
    "dhcpv6_snooping_enabled": {
      "default": false, 
      "description": "This option is the IPv6 equivalent of DHCP snooping.", 
      "readonly": false, 
      "required": false, 
      "title": "Indicates if stateful DHCPv6 snooping is enabled", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "duplicate_ip_detection": {
      "$ref": "DuplicateIPDetection, 
      "description": "Duplicate IP detection is used to determine if there is any IP conflict with any other port on the same logical switch. If a conflict is detected, then the IP is marked as a duplicate on the port where the IP was discovered last. The duplicate IP will not be added to the realized address binings for the port and hence will not be used in DFW rules or other security configurations for the port.", 
      "readonly": false, 
      "required": false, 
      "title": "Controls whether duplicate IP detection should be enabled"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "nd_bindings_limit": {
      "default": 3, 
      "description": "Indicates the number of neighbor-discovery snooped IP addresses to be remembered per LogicalPort. Decreasing this value, will retain the latest bindings from the existing list of address bindings. Increasing this value will retain existing bindings and also learn any new address bindings discovered on the port until the new limit is reached. This limit only applies to IPv6 addresses and is independent of the arp_bindings_limit used for IPv4 snooping.", 
      "maximum": 15, 
      "minimum": 2, 
      "title": "Number of IP addresses to be snooped via neighbor-discovery(ND) snooping", 
      "type": "int"
    }, 
    "nd_snooping_enabled": {
      "default": false, 
      "description": "This option is the IPv6 equivalent of ARP snooping.", 
      "readonly": false, 
      "required": false, 
      "title": "Indicates if neighbor discovery snooping is enabled", 
      "type": "boolean"
    }, 
    "required_capabilities": {
      "help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "resource_type": {
      "help_summary": "Possible values are 'QosSwitchingProfile', 'PortMirroringSwitchingProfile',\n'IpDiscoverySwitchingProfile', 'MacManagementSwitchingProfile', 'SpoofGuardSwitchingProfile' and 'SwitchSecuritySwitchingProfile'\n'PortMirroringSwitchingProfile' is deprecated, please turn to\n\"Troubleshooting And Monitoring: Portmirroring\" and use\nPortMirroringSession API for port mirror function.\n", 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "trust_on_first_use_enabled": {
      "default": true, 
      "description": "ARP snooping being inherently susceptible to ARP spoofing, uses a turst-on-fisrt-use (TOFU) paradigm where only the first IP address discovered via ARP snooping is trusted. The remaining are ignored. In order to allow for more flexibility, we allow the user to configure how many ARP snooped address bindings should be trusted for the lifetime of the logical port. This is controlled by the arp_bindings_limit property in the IP Discovery profile. We refer to this extension of TOFU as N-TOFU. However, if TOFU is disabled, then N ARP snooped IP addresses will be trusted until they are timed out, where N is configured by arp_bindings_limit.", 
      "readonly": false, 
      "required": false, 
      "title": "Controls whether trust-on-first-use should be enabled", 
      "type": "boolean"
    }, 
    "vm_tools_enabled": {
      "default": true, 
      "description": "This option is only supported on ESX where vm-tools is installed.", 
      "display": {
        "order": 3
      }, 
      "readonly": false, 
      "required": false, 
      "title": "Indicates whether fetching IP using vm-tools is enabled", 
      "type": "boolean"
    }, 
    "vm_tools_v6_enabled": {
      "default": false, 
      "description": "This option is only supported on ESX where vm-tools is installed.", 
      "readonly": false, 
      "required": false, 
      "title": "Indicates whether fetching IPv6 addresses using vm-tools is enabled", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

IpMacPair (type) 

{
  "id": "IpMacPair", 
  "module_id": "TransportNode", 
  "properties": {
    "ip": {
      "$ref": "IPAddress, 
      "readonly": false, 
      "required": true, 
      "title": "IP address"
    }, 
    "mac": {
      "$ref": "MACAddress, 
      "readonly": false, 
      "required": false, 
      "title": "MAC address"
    }
  }, 
  "title": "IP and MAC pair.", 
  "type": "object"
}

IpMappingsListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "These paramaters will be used to filter the list of IP allocation mappings. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "IpMappingsListRequestParameters", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "cloud_account_id": {
      "description": "ID of the Cloud Account in which the IPs are allocated.", 
      "required": false, 
      "title": "Cloud Account ID", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "display_name": {
      "description": "Name of IP Mappings.", 
      "required": false, 
      "title": "Name of IP Mappings", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "ip_allocation_type": {
      "default": "PAS", 
      "description": "Based on the type, IP allocation will be done accordingly. Legal values are PAS and NAT.", 
      "enum": [
        "PAS", 
        "NAT"
      ], 
      "required": false, 
      "title": "IP allocation type", 
      "type": "string"
    }, 
    "mapping_id": {
      "description": "ID of the mapping returned in IP allocation request.", 
      "required": false, 
      "title": "Mapping ID", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

IpPool (type) 

{
  "additionalProperties": false, 
  "description": "A collection of one or more IPv4 or IPv6 subnets or ranges that are often not a contiguous address space. Clients are allocated IPs from an IP pool. Often used when a client that consumes addresses exhausts an initial subnet or range and needs to be expanded but the adjoining address space is not available as it has been allocated to a different client.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IpPool", 
  "module_id": "Ipam", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "pool_usage": {
      "$ref": "PoolUsage, 
      "readonly": true, 
      "title": "Pool usage statistics"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "subnets": {
      "description": "Subnets can be IPv4 or IPv6 and they should not overlap. The maximum number will not exceed 5 subnets.", 
      "items": {
        "$ref": "IpPoolSubnet
      }, 
      "maxItems": 5, 
      "title": "The collection of one or more subnet objects in a pool", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

IpPoolDeleteRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DeleteRequestParameters
  }, 
  "id": "IpPoolDeleteRequestParameters", 
  "module_id": "Ipam", 
  "properties": {
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }
  }, 
  "title": "IpPool delete request parameters", 
  "type": "object"
}

IpPoolListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IpPoolListResult", 
  "module_id": "Ipam", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IpPool
      }, 
      "required": true, 
      "title": "IP pool list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

IpPoolRange (type) 

{
  "additionalProperties": false, 
  "description": "A set of IPv4 or IPv6 addresses defined by a start and end address.", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "IpPoolRange", 
  "module_id": "Ipam", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "end": {
      "$ref": "IPAddress, 
      "required": true, 
      "title": "The end IP Address of the IP Range."
    }, 
    "start": {
      "$ref": "IPAddress, 
      "required": true, 
      "title": "The start IP Address of the IP Range."
    }
  }, 
  "type": "object"
}

IpPoolSubnet (type) 

{
  "additionalProperties": false, 
  "description": "A set of IPv4 or IPv6 addresses defined by a network CIDR.", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "IpPoolSubnet", 
  "module_id": "Ipam", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "allocation_ranges": {
      "items": {
        "$ref": "IpPoolRange
      }, 
      "required": true, 
      "title": "A collection of IPv4 or IPv6 IP Pool Ranges.", 
      "type": "array"
    }, 
    "cidr": {
      "required": true, 
      "title": "Represents network address and the prefix length which will be associated with a layer-2 broadcast domain", 
      "type": "string"
    }, 
    "dns_nameservers": {
      "items": {
        "$ref": "IPAddress
      }, 
      "maxItems": 3, 
      "title": "The collection of upto 3 DNS servers for the subnet.", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "dns_suffix": {
      "format": "hostname", 
      "title": "The DNS suffix for the DNS server.", 
      "type": "string"
    }, 
    "gateway_ip": {
      "$ref": "IPAddress, 
      "title": "The default gateway address on a layer-3 router."
    }
  }, 
  "type": "object"
}

IpSecVpnPolicyTrafficStatistics (type) 

{
  "additionalProperties": false, 
  "description": "IPSec VPN policy traffic statistics", 
  "id": "IpSecVpnPolicyTrafficStatistics", 
  "module_id": "PolicyVpnStats", 
  "properties": {
    "aggregate_traffic_counters": {
      "$ref": "IPSecVpnTrafficCounters, 
      "description": "Aggregate traffic statistics across all IPSec tunnels.", 
      "readonly": true, 
      "title": "Traffic summary"
    }, 
    "rule_path": {
      "description": "Policy path referencing the IPSec VPN Rule.", 
      "readonly": true, 
      "title": "IPSec VPN Rule path", 
      "type": "string"
    }, 
    "tunnel_interface_path": {
      "description": "Policy path referencing the IPSec VPN Tunnel Interface.", 
      "readonly": true, 
      "title": "IPSec VPN Tunnel Interface path", 
      "type": "string"
    }, 
    "tunnel_statistics": {
      "description": "Tunnel statistics.", 
      "items": {
        "$ref": "IpSecVpnTunnelTrafficStatistics
      }, 
      "readonly": true, 
      "title": "Tunnel statistics", 
      "type": "array"
    }
  }, 
  "title": "IPSec VPN policy traffic statistics", 
  "type": "object"
}

IpSecVpnTunnelTrafficStatistics (type) 

{
  "additionalProperties": false, 
  "description": "IPSec VPN tunnel traffic statistics.", 
  "id": "IpSecVpnTunnelTrafficStatistics", 
  "module_id": "PolicyVpnStats", 
  "properties": {
    "bytes_in": {
      "description": "Total number of incoming bytes on inbound Security association.", 
      "readonly": true, 
      "title": "Bytes in", 
      "type": "integer"
    }, 
    "bytes_out": {
      "description": "Total number of outgoing bytes on outbound Security association.", 
      "readonly": true, 
      "title": "Bytes out", 
      "type": "integer"
    }, 
    "decryption_failures": {
      "description": "Total number of packets dropped due to decryption failures.", 
      "readonly": true, 
      "title": "Decryption failures", 
      "type": "integer"
    }, 
    "dropped_packets_in": {
      "description": "Total number of incoming packets dropped on inbound security association.", 
      "readonly": true, 
      "title": "Dropped incoming packets", 
      "type": "integer"
    }, 
    "dropped_packets_out": {
      "description": "Total number of outgoing packets dropped on outbound security association.", 
      "readonly": true, 
      "title": "Dropped outgoing packets", 
      "type": "integer"
    }, 
    "encryption_failures": {
      "description": "Total number of packets dropped because of failure in encryption.", 
      "readonly": true, 
      "title": "Encryption failures", 
      "type": "integer"
    }, 
    "integrity_failures": {
      "description": "Total number of packets dropped due to integrity failures.", 
      "readonly": true, 
      "title": "Integrity failures", 
      "type": "integer"
    }, 
    "local_subnet": {
      "description": "Tunnel local subnet in IPv4 CIDR Block format.", 
      "readonly": true, 
      "title": "Local subnet", 
      "type": "string"
    }, 
    "nomatching_policy_errors": {
      "description": "Number of packets dropped because of no matching policy is available.", 
      "readonly": true, 
      "title": "Nomatching Policy errors", 
      "type": "integer"
    }, 
    "packets_in": {
      "description": "Total number of incoming packets on inbound Security association.", 
      "readonly": true, 
      "title": "Packets in", 
      "type": "integer"
    }, 
    "packets_out": {
      "description": "Total number of outgoing packets on outbound Security association.", 
      "readonly": true, 
      "title": "Packets out", 
      "type": "integer"
    }, 
    "packets_received_other_error": {
      "description": "Total number of incoming packets dropped on inbound Security association.", 
      "readonly": true, 
      "title": "Packets received other error", 
      "type": "integer"
    }, 
    "packets_sent_other_error": {
      "description": "Total number of packets dropped while sending for any reason.", 
      "readonly": true, 
      "title": "Packets sent other error", 
      "type": "integer"
    }, 
    "peer_subnet": {
      "description": "Tunnel peer subnet in IPv4 CIDR Block format.", 
      "readonly": true, 
      "title": "Peer subnet", 
      "type": "string"
    }, 
    "replay_errors": {
      "description": "Total number of packets dropped due to replay check on that Security association.", 
      "readonly": true, 
      "title": "Replay errors", 
      "type": "integer"
    }, 
    "sa_mismatch_errors_in": {
      "description": "Totoal number of security association mismatch errors on incoming packets.", 
      "readonly": true, 
      "title": "Security association mismatch errors on incoming packets.", 
      "type": "integer"
    }, 
    "sa_mismatch_errors_out": {
      "description": "Totoal number of security association mismatch errors on outgoing packets.", 
      "readonly": true, 
      "title": "Security association mismatch errors on outgoing packets", 
      "type": "integer"
    }, 
    "seq_number_overflow_error": {
      "description": "Total number of packets dropped while sending due to overflow in sequence number.", 
      "readonly": true, 
      "title": "Sequence number overflow error", 
      "type": "integer"
    }, 
    "tunnel_down_reason": {
      "description": "Gives the detailed reason about the tunnel when it is down. If tunnel is UP tunnel down reason will be empty.", 
      "readonly": true, 
      "title": "Tunnel down reason", 
      "type": "string"
    }, 
    "tunnel_status": {
      "description": "Specifies the status of tunnel, if it is UP/DOWN.", 
      "enum": [
        "UP", 
        "DOWN"
      ], 
      "readonly": true, 
      "title": "Tunnel Status", 
      "type": "string"
    }
  }, 
  "title": "IPSec VPN tunnel traffic statistics", 
  "type": "object"
}

IpfixCollector (type) 

{
  "id": "IpfixCollector", 
  "module_id": "Ipfix", 
  "properties": {
    "collector_ip_address": {
      "$ref": "IPAddress, 
      "required": true, 
      "title": "IP address for the IPFIX collector"
    }, 
    "collector_port": {
      "default": 4739, 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Port for the IPFIX collector", 
      "type": "int"
    }
  }, 
  "type": "object"
}

IpfixCollectorConfig (type) 

{
  "description": "This managed entity contains a set of IPFIX collectors.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IpfixCollectorConfig", 
  "module_id": "Ipfix", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "collectors": {
      "items": {
        "$ref": "IpfixCollector
      }, 
      "maxItems": 4, 
      "minItems": 1, 
      "required": true, 
      "title": "IPFIX Collectors", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

IpfixCollectorConfigListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IpfixCollectorConfigListResult", 
  "module_id": "Ipfix", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IpfixCollectorConfig
      }, 
      "readonly": true, 
      "required": false, 
      "title": "IPFIX Collector Config", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of IPFIX Collector Configs", 
  "type": "object"
}

IpfixCollectorUpmProfile (type) 

{
  "description": "The configuration for Internet protocol flow information export (IPFIX) collector. It should be referenced in other IPFIX profile as a collecor config. The IPFIX exporter will send records to these collectors.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IpfixCollectorUpmProfile", 
  "module_id": "UpmIpfixCollector", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "collectors": {
      "items": {
        "$ref": "IpfixCollector
      }, 
      "maxItems": 4, 
      "minItems": 1, 
      "required": true, 
      "title": "IPFIX Collector Set", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "IpfixCollectorUpmProfileType, 
      "readonly": false, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IPFIX Collector Profile", 
  "type": "object"
}

IpfixCollectorUpmProfileListParameters (type) 

{
  "description": "Query parameters for IPFIX collector profile list", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "IpfixCollectorUpmProfileListParameters", 
  "module_id": "UpmIpfixCollector", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "profile_types": {
      "description": "An English comma-separated list of profile types. Enumerated value in IpfixCollectorUpmProfileType can be listed here as a filter param.", 
      "required": false, 
      "title": "IPFIX Collector Profile Type List", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IPFIX Collector Profile List Parameters", 
  "type": "object"
}

IpfixCollectorUpmProfileListResult (type) 

{
  "description": "IPFIX collector profile list result for query with profile list parameters", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IpfixCollectorUpmProfileListResult", 
  "module_id": "UpmIpfixCollector", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IpfixCollectorUpmProfile
      }, 
      "readonly": true, 
      "required": false, 
      "title": "IPFIX Collector Profile List", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of IPFIX Collector Profiles", 
  "type": "object"
}

IpfixCollectorUpmProfileType (type) 

{
  "description": "All IPFIX collector profile types.", 
  "enum": [
    "IpfixCollectorUpmProfile"
  ], 
  "id": "IpfixCollectorUpmProfileType", 
  "module_id": "UpmIpfixCollector", 
  "title": "IPFIX Collector Profile Types", 
  "type": "string"
}

IpfixConfig (type) 

{
  "abstract": true, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IpfixConfig", 
  "module_id": "Ipfix", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "applied_tos": {
      "description": "List of objects where the IPFIX Config will be enabled.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "AppliedTo List", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "IpfixConfigType, 
      "readonly": false, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IPFIX Config base representation", 
  "type": "object"
}

IpfixConfigListParameters (type) 

{
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "IpfixConfigListParameters", 
  "module_id": "Ipfix", 
  "properties": {
    "applied_to": {
      "description": "An applied to UUID working as listing condition", 
      "required": false, 
      "title": "Applied To", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "ipfix_config_type": {
      "$ref": "IpfixConfigType, 
      "required": false, 
      "title": "Type of IPFIX Config"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IPFIX Config List Parameters", 
  "type": "object"
}

IpfixConfigListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IpfixConfigListResult", 
  "module_id": "Ipfix", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IpfixConfig
      }, 
      "readonly": true, 
      "required": false, 
      "title": "IPFIX Config", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of IPFIX Config", 
  "type": "object"
}

IpfixConfigType (type) 

{
  "enum": [
    "IpfixSwitchConfig", 
    "IpfixDfwConfig"
  ], 
  "id": "IpfixConfigType", 
  "module_id": "Ipfix", 
  "title": "Supported IPFIX Config Types.", 
  "type": "string"
}

IpfixDfwConfig (type) 

{
  "description": "It defines IPFIX DFW Configuration.", 
  "extends": {
    "$ref": "IpfixConfig
  }, 
  "id": "IpfixDfwConfig", 
  "module_id": "Ipfix", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IpfixDfwConfig"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "active_flow_export_timeout": {
      "default": 1, 
      "description": "For long standing active flows, IPFIX records will be sent per timeout period", 
      "maximum": 60, 
      "minimum": 1, 
      "required": false, 
      "title": "Active flow export timeout (minutes)", 
      "type": "integer"
    }, 
    "applied_tos": {
      "description": "List of objects where the IPFIX Config will be enabled.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "AppliedTo List", 
      "type": "array"
    }, 
    "collector": {
      "description": "Each IPFIX DFW config can have its own collector config.", 
      "required": true, 
      "title": "UUID of IPFIX DFW Collector Config", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "observation_domain_id": {
      "description": "An identifier that is unique to the exporting process and used to meter the Flows.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": true, 
      "title": "Observation domain ID", 
      "type": "integer"
    }, 
    "priority": {
      "default": 0, 
      "description": "This priority field is used to resolve conflicts in Logical Ports which are covered by more than one IPFIX profiles. The IPFIX exporter will send records to Collectors in highest priority profile (lowest number) only.", 
      "maximum": 65536, 
      "minimum": 0, 
      "required": true, 
      "title": "Config Priority", 
      "type": "integer"
    }, 
    "resource_type": {
      "$ref": "IpfixConfigType, 
      "readonly": false, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "template_parameters": {
      "$ref": "IpfixDfwTemplateParameters, 
      "description": "An object that indicates whether each corresponding template parameter is required or not.", 
      "required": false, 
      "title": "Template Parameters"
    }
  }, 
  "title": "IPFIX Config for the DFW Module", 
  "type": "object"
}

IpfixDfwTemplateParameters (type) 

{
  "description": "This entity represents the flow parameters which are exported.", 
  "id": "IpfixDfwTemplateParameters", 
  "module_id": "Ipfix", 
  "properties": {
    "destination_address": {
      "default": true, 
      "description": "The destination IP address of a monitored network flow.", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "destination_transport_port": {
      "default": true, 
      "description": "The destination transport port of a monitored network flow.", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "firewall_event": {
      "default": true, 
      "description": "Five valid values are allowed: 1. Flow Created. 2. Flow Deleted. 3. Flow Denied. 4. Flow Alert (not used in DropKick implementation). 5. Flow Update.", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "flow_direction": {
      "default": true, 
      "description": "Two valid values are allowed: 1. 0x00: igress flow to VM. 2. 0x01: egress flow from VM.", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "flow_end": {
      "default": true, 
      "description": "The absolute timestamp (seconds) of the last packet of this flow.", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "flow_start": {
      "default": true, 
      "description": "The absolute timestamp (seconds) of the first packet of this flow.", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "icmp_code": {
      "default": true, 
      "description": "Code of the IPv4 ICMP message.", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "octet_delta_count": {
      "default": true, 
      "description": "The number of octets since the previous report (if any) in incoming packets for this flow at the observation point. The number of octets include IP header(s) and payload.", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "packet_delta_count": {
      "default": true, 
      "description": "The number of incoming packets since the previous report (if any) for this flow at the observation point.", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "protocol_identifier": {
      "default": true, 
      "description": "The value of the protocol number in the IP packet header.", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "rule_id": {
      "default": true, 
      "description": "Firewall rule Id - enterprise specific Information Element that uniquely identifies firewall rule.", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "source_address": {
      "default": true, 
      "description": "The source IP address of a monitored network flow.", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "source_icmp_type": {
      "default": true, 
      "description": "Type of the IPv4 ICMP message.", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "source_transport_port": {
      "default": true, 
      "description": "The source transport port of a monitored network flow.", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "vif_uuid": {
      "default": true, 
      "description": "VIF UUID - enterprise specific Information Element that uniquely identifies VIF.", 
      "readonly": true, 
      "type": "boolean"
    }
  }, 
  "title": "IPFIX DFW Template Parameters", 
  "type": "object"
}

IpfixObsPointConfig (type) (Deprecated) 

{
  "deprecated": true, 
  "description": "IpfixObsPointConfig (i.e. global switch IPFIX config) is deprecated. Please use IpfixSwitchUpmProfile & IpfixCollectorUpmProfile instead. With them, switch IPFIX profile can be applied to specific entities, such as logical switch, logical port and so on.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IpfixObsPointConfig", 
  "module_id": "Ipfix", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "active_timeout": {
      "default": 300, 
      "description": "The time in seconds after a Flow is expired even if more packets matching this Flow are received by the cache.", 
      "maximum": 3600, 
      "minimum": 60, 
      "required": false, 
      "title": "Active timeout", 
      "type": "int"
    }, 
    "collectors": {
      "items": {
        "$ref": "IpfixCollector
      }, 
      "required": false, 
      "title": "List of IPFIX collectors", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "required": true, 
      "title": "Enabled status of IPFIX export", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "idle_timeout": {
      "default": 300, 
      "description": "The time in seconds after a Flow is expired if no more packets matching this Flow are received by the cache.", 
      "maximum": 3600, 
      "minimum": 60, 
      "required": false, 
      "title": "Idle timeout", 
      "type": "int"
    }, 
    "max_flows": {
      "default": 16384, 
      "description": "The maximum number of flow entries in each exporter flow cache.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Max flows", 
      "type": "integer"
    }, 
    "observation_domain_id": {
      "default": 0, 
      "description": "An identifier that is unique to the exporting process and used to meter the Flows.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Observation domain ID", 
      "type": "integer"
    }, 
    "packet_sample_probability": {
      "default": 0.1, 
      "description": "The probability in percentage that a packet is sampled. The value should be  in range (0,100] and can only have three decimal places at most. The probability  is equal for every packet.", 
      "exclusiveMinimum": true, 
      "maximum": 100, 
      "minimum": 0, 
      "required": false, 
      "title": "Packet sample probability", 
      "type": "number"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Logical IPFIX observation point", 
  "type": "object"
}

IpfixObsPointsListResult (type) (Deprecated) 

{
  "deprecated": true, 
  "description": "This is deprecated. Please use UpmProfileListResult instead.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IpfixObsPointsListResult", 
  "module_id": "Ipfix", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IpfixObsPointConfig
      }, 
      "title": "IPFIX observation points", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of logical IPFIX observation points", 
  "type": "object"
}

IpfixServiceAssociationListResult (type) 

{
  "extends": {
    "$ref": "ServiceAssociationListResult
  }, 
  "id": "IpfixServiceAssociationListResult", 
  "module_id": "GroupingObjectsProviders", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Ipfix config list result with pagination support.", 
      "items": {
        "$ref": "IpfixConfig
      }, 
      "readonly": true, 
      "required": true, 
      "title": "IpfixConfig list result", 
      "type": "array"
    }, 
    "service_type": {
      "enum": [
        "FireWallServiceAssociationListResult", 
        "IpfixServiceAssociationListResult"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

IpfixSwitchConfig (type) (Deprecated) 

{
  "deprecated": true, 
  "description": "This is deprecated. Please use IpfixSwitchUpmProfile instead which can specify its own collectors and observation ID.", 
  "extends": {
    "$ref": "IpfixConfig
  }, 
  "id": "IpfixSwitchConfig", 
  "module_id": "Ipfix", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IpfixSwitchConfig"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "active_timeout": {
      "default": 300, 
      "description": "The time in seconds after a Flow is expired even if more packets matching this Flow are received by the cache.", 
      "maximum": 3600, 
      "minimum": 60, 
      "required": false, 
      "title": "Active timeout", 
      "type": "int"
    }, 
    "applied_tos": {
      "description": "List of objects where the IPFIX Config will be enabled.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "AppliedTo List", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "idle_timeout": {
      "default": 300, 
      "description": "The time in seconds after a Flow is expired if no more packets matching this Flow are received by the cache.", 
      "maximum": 3600, 
      "minimum": 60, 
      "required": false, 
      "title": "Idle timeout", 
      "type": "int"
    }, 
    "max_flows": {
      "default": 16384, 
      "description": "The maximum number of flow entries in each exporter flow cache.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Max flows", 
      "type": "integer"
    }, 
    "packet_sample_probability": {
      "default": 0.1, 
      "description": "The probability in percentage that a packet is sampled. The value should be  in range (0,100] and can only have three decimal places at most. The probability  is equal for every packet.", 
      "exclusiveMinimum": true, 
      "maximum": 100, 
      "minimum": 0, 
      "required": false, 
      "title": "Packet sample probability", 
      "type": "number"
    }, 
    "resource_type": {
      "$ref": "IpfixConfigType, 
      "readonly": false, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "IPFIX Config for the Switching Module", 
  "type": "object"
}

IpfixSwitchUpmProfile (type) 

{
  "description": "The configuration for Internet protocol flow information export (IPFIX) and would be enabled on the switching module to collect flow information.", 
  "extends": {
    "$ref": "IpfixUpmProfile
  }, 
  "id": "IpfixSwitchUpmProfile", 
  "module_id": "UpmIpfix", 
  "polymorphic-type-descriptor": {
    "type-identifier": "IpfixSwitchUpmProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "active_timeout": {
      "default": 300, 
      "description": "The time in seconds after a flow is expired even if more packets matching this Flow are received by the cache.", 
      "maximum": 3600, 
      "minimum": 60, 
      "required": false, 
      "title": "Active Timeout", 
      "type": "int"
    }, 
    "applied_tos": {
      "$ref": "AppliedTos, 
      "description": "Entities where the IPFIX profile will be enabled on. Maximum entity count of all types is 128.", 
      "required": false, 
      "title": "Entitys Applied with Profile"
    }, 
    "collector_profile": {
      "description": "Each IPFIX switching profile can have its own collector profile.", 
      "required": true, 
      "title": "UUID of IPFIX Collector Profile", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "export_overlay_flow": {
      "default": true, 
      "description": "It controls whether sample result includes overlay flow info.", 
      "required": false, 
      "title": "Export Overlay Flow", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "idle_timeout": {
      "default": 300, 
      "description": "The time in seconds after a flow is expired if no more packets matching this flow are received by the cache.", 
      "maximum": 3600, 
      "minimum": 60, 
      "required": false, 
      "title": "Idle Timeout", 
      "type": "int"
    }, 
    "max_flows": {
      "default": 16384, 
      "description": "The maximum number of flow entries in each exporter flow cache.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Max Flows", 
      "type": "integer"
    }, 
    "observation_domain_id": {
      "description": "An identifier that is unique to the exporting process and used to meter the Flows.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": true, 
      "title": "Observation Domain ID", 
      "type": "integer"
    }, 
    "packet_sample_probability": {
      "default": 0.1, 
      "description": "The probability in percentage that a packet is sampled. The value should be  in range (0,100] and can only have three decimal places at most. The probability  is equal for every packet.", 
      "exclusiveMinimum": true, 
      "maximum": 100, 
      "minimum": 0, 
      "required": false, 
      "title": "Packet Sample Probability", 
      "type": "number"
    }, 
    "priority": {
      "description": "This priority field is used to resolve conflicts in logical ports/switch  which inherit multiple switch IPFIX profiles from NSGroups.  Override rule is : for multiple profiles inherited from NSGroups, the one with highest priority (lowest number) overrides others; the profile directly applied to logical switch overrides profiles inherited from NSGroup; the profile directly applied to logical port overides profiles inherited from logical switch and/or nsgroup;  The IPFIX exporter will send records to collectors of final effective profile only.", 
      "maximum": 65536, 
      "minimum": 0, 
      "required": true, 
      "title": "Profile Priority", 
      "type": "int"
    }, 
    "resource_type": {
      "$ref": "IpfixUpmProfileType, 
      "readonly": false, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Switching IPFIX Profile", 
  "type": "object"
}

IpfixUpmProfile (type) 

{
  "abstract": true, 
  "description": "Parent profile of all IPFIX profiles.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "IpfixUpmProfile", 
  "module_id": "UpmIpfix", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "IpfixUpmProfileType, 
      "readonly": false, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Base IPFIX Profile", 
  "type": "object"
}

IpfixUpmProfileListParameters (type) 

{
  "description": "Query parameters for IPFIX profile list", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "IpfixUpmProfileListParameters", 
  "module_id": "UpmIpfix", 
  "properties": {
    "applied_to_entity_id": {
      "description": "The entity ID works as a filter param. Entity ID and entity type should be both provided or not at a query.", 
      "readonly": false, 
      "required": false, 
      "title": "ID of Entity Applied with Profile", 
      "type": "string"
    }, 
    "applied_to_entity_type": {
      "$ref": "UpmEntityType, 
      "description": "The entity type works as a filter param. Enumerated value in UpmEntityType could be used here. Entity ID and entity type should be both provided or not at a query.", 
      "readonly": false, 
      "required": false, 
      "title": "Type of Entity Applied with Profile"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "profile_types": {
      "description": "An English comma-separated list of profile types. Enumerated value in IpfixUpmProfileType could be listed here as a filter param.", 
      "required": false, 
      "title": "IPFIX Profile Type List", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "IPFIX Profile List Parameters", 
  "type": "object"
}

IpfixUpmProfileListResult (type) 

{
  "description": "IPFIX profile list result for query with list parameters", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "IpfixUpmProfileListResult", 
  "module_id": "UpmIpfix", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IpfixUpmProfile
      }, 
      "readonly": true, 
      "required": false, 
      "title": "IPFIX Profile List", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of IPFIX Profiles", 
  "type": "object"
}

IpfixUpmProfileType (type) 

{
  "description": "All IPFIX profile types.", 
  "enum": [
    "IpfixSwitchUpmProfile"
  ], 
  "id": "IpfixUpmProfileType", 
  "module_id": "UpmIpfix", 
  "title": "IPFIX Profile Types", 
  "type": "string"
}

Ipv4Header (type) 

{
  "additionalProperties": false, 
  "id": "Ipv4Header", 
  "module_id": "Traceflow", 
  "properties": {
    "dst_ip": {
      "$ref": "IPv4Address, 
      "required": false, 
      "title": "The destination ip address."
    }, 
    "flags": {
      "default": 0, 
      "maximum": 8, 
      "minimum": 0, 
      "required": false, 
      "title": "IP flags", 
      "type": "integer"
    }, 
    "protocol": {
      "default": 1, 
      "maximum": 255, 
      "minimum": 0, 
      "required": false, 
      "title": "IP protocol - defaults to ICMP", 
      "type": "integer"
    }, 
    "src_ip": {
      "$ref": "IPv4Address, 
      "required": false, 
      "title": "The source ip address."
    }, 
    "src_subnet_prefix_len": {
      "description": "This is used together with src_ip to calculate dst_ip for broadcast when dst_ip is not given; not used in all other cases.", 
      "maximum": 32, 
      "minimum": 1, 
      "required": false, 
      "title": "source subnet prefix length.", 
      "type": "integer"
    }, 
    "ttl": {
      "default": 64, 
      "maximum": 255, 
      "minimum": 0, 
      "required": false, 
      "title": "Time to live (ttl)", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

Ipv6DadProfile (type) 

{
  "additionalProperties": false, 
  "description": "Duplicate address detection profile.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Ipv6DadProfile", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "dad_mode": {
      "$ref": "DADMode, 
      "default": "LOOSE", 
      "required": false, 
      "title": "DAD Mode"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "ns_retries": {
      "default": 3, 
      "description": "Number of Neighbor solicitation packets generated before completing the Duplicate address detection process.", 
      "maximum": 10, 
      "minimum": 0, 
      "required": false, 
      "title": "NS retries count", 
      "type": "integer"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "wait_time": {
      "default": 1, 
      "description": "The time duration in seconds, to wait for Neighbor advertisement after sending the Neighbor solicitation message.", 
      "maximum": 60, 
      "minimum": 0, 
      "required": false, 
      "title": "Wait time", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

Ipv6DadProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "Ipv6DadProfileListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Ipv6DadProfile
      }, 
      "required": true, 
      "title": "Paginated list of Ipv6DadProfile", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

Ipv6Header (type) 

{
  "id": "Ipv6Header", 
  "module_id": "Traceflow", 
  "properties": {
    "dst_ip": {
      "$ref": "IPv6Address, 
      "required": false, 
      "title": "The destination ip address."
    }, 
    "hop_limit": {
      "default": 64, 
      "description": "Decremented by 1 by each node that forwards the packets. The packet is discarded if Hop Limit is decremented to zero.", 
      "maximum": 255, 
      "minimum": 0, 
      "required": false, 
      "title": "hop limit", 
      "type": "integer"
    }, 
    "next_header": {
      "default": 58, 
      "maximum": 255, 
      "minimum": 0, 
      "required": false, 
      "title": "Identifies the type of header immediately following the IPv6 header.", 
      "type": "integer"
    }, 
    "src_ip": {
      "$ref": "IPv6Address, 
      "required": false, 
      "title": "The source ip address."
    }
  }, 
  "type": "object"
}

Ipv6NdraProfile (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Ipv6NdraProfile", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "dns_config": {
      "$ref": "RaDNSConfig, 
      "required": false, 
      "title": "DNS Configurations"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "ra_config": {
      "$ref": "RAConfig, 
      "required": true, 
      "title": "RA Configuration"
    }, 
    "ra_mode": {
      "$ref": "RAMode, 
      "default": "SLAAC_DNS_THROUGH_RA", 
      "required": true, 
      "title": "RA Mode"
    }, 
    "reachable_timer": {
      "default": 0, 
      "description": "Neighbour reachable time duration in milliseconds. A value of 0 means unspecified.", 
      "maximum": 3600000, 
      "minimum": 0, 
      "required": false, 
      "title": "Reachable timer", 
      "type": "integer"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "retransmit_interval": {
      "default": 1000, 
      "description": "The time, in milliseconds, between retransmitted neighbour solicitation messages. A value of 0 means unspecified.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Retransmission interval", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

Ipv6NdraProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "Ipv6NdraProfileListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Ipv6NdraProfile
      }, 
      "required": true, 
      "title": "Paginated list of Ipv6NdraProfile", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

JoinClusterParameters (type) 

{
  "additionalProperties": false, 
  "description": "To join a new node to the NSX cluster, issue a JoinCluster API on the new node. The JoinCluster API takes this object as a parameter. Provide the ID of the NSX cluster you want the new node to join and the IP address of one of the nodes already in that cluster. The Cluster Boot Manager running on the new node will then add the new node to the NSX cluster by making a AttachClusterNode REST API call on the node that is already part of the cluster. In order to make a REST API call to the node in the cluster, the Cluster Boot Manager will need username and password of a priviledged user on the node in the cluster. In place of a username and password, Cluster Boot Manager could also use a OAuth token provided. The Cluster Boot Manager needs either the username and password or the OAuth token to make the REST call but not both.", 
  "id": "JoinClusterParameters", 
  "properties": {
    "certficate_sha256_thumbprint": {
      "required": true, 
      "title": "SHA256 Thumbprint of the API certificate of the cluster node", 
      "type": "string"
    }, 
    "cluster_id": {
      "required": true, 
      "title": "UUID of the cluster to join", 
      "type": "string"
    }, 
    "ip_address": {
      "required": true, 
      "title": "IP address of a node already part of the cluster to join", 
      "type": "string"
    }, 
    "password": {
      "required": false, 
      "sensitive": true, 
      "title": "Password of the user on the cluster node", 
      "type": "string"
    }, 
    "port": {
      "default": 443, 
      "maximum": 65535, 
      "minimum": 1, 
      "required": false, 
      "title": "API port on the cluster node", 
      "type": "integer"
    }, 
    "token": {
      "required": false, 
      "sensitive": true, 
      "title": "Limited time OAuth token instead of the username/password", 
      "type": "string"
    }, 
    "username": {
      "required": false, 
      "title": "Username on the cluster node", 
      "type": "string"
    }
  }, 
  "title": "Parameters needed for this node to join the NSX cluster", 
  "type": "object"
}

KeySize (type) 

{
  "id": "KeySize", 
  "module_id": "CertificateManager", 
  "title": "Crypto key size", 
  "type": "integer"
}

KeyValue (type) 

{
  "additionalProperties": false, 
  "id": "KeyValue", 
  "module_id": "CertificateManager", 
  "properties": {
    "key": {
      "description": "key name", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "value": {
      "description": "key value", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }
  }, 
  "type": "object"
}

KeyValuePair (type) 

{
  "additionalProperties": false, 
  "id": "KeyValuePair", 
  "module_id": "Common", 
  "properties": {
    "key": {
      "maxLength": 255, 
      "readonly": false, 
      "required": true, 
      "title": "Key", 
      "type": "string"
    }, 
    "value": {
      "maxLength": 255, 
      "readonly": false, 
      "required": true, 
      "title": "Value", 
      "type": "string"
    }
  }, 
  "title": "An arbitrary key-value pair", 
  "type": "object"
}

KnownHostParameter (type) 

{
  "additionalProperties": false, 
  "id": "KnownHostParameter", 
  "properties": {
    "host": {
      "$ref": "HostnameOrIPv4Address, 
      "required": true, 
      "title": "Known host hostname or IP address"
    }, 
    "port": {
      "default": 22, 
      "maximum": 65535, 
      "minimum": 1, 
      "title": "Known host port", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

L2Extension (type) 

{
  "additionalProperties": false, 
  "id": "L2Extension", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "l2vpn_path": {
      "deprecated": true, 
      "description": "This property has been deprecated. Please use the property l2vpn_paths for setting the paths of associated L2 VPN session. This property will continue to work as expected to provide backwards compatibility. However, when both l2vpn_path and l2vpn_paths properties are specified, only l2vpn_paths is used.", 
      "required": false, 
      "title": "Policy path of associated L2 VPN session", 
      "type": "string"
    }, 
    "l2vpn_paths": {
      "description": "Policy paths corresponding to the associated L2 VPN sessions", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Policy paths of associated L2 VPN sessions", 
      "type": "array"
    }, 
    "tunnel_id": {
      "maximum": 4093, 
      "minimum": 1, 
      "required": false, 
      "title": "Tunnel ID", 
      "type": "int"
    }
  }, 
  "title": "Segment specific L2 VPN configuration", 
  "type": "object"
}

L2L3RuntimeRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "L2L3RuntimeRequestParameters", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "edge_path": {
      "description": "Policy path of edge node. Edge should be member of enforcement point.", 
      "title": "Policy path of edge node", 
      "type": "string"
    }, 
    "enforcement_point_path": {
      "description": "Enforcement point path.", 
      "title": "String Path of the enforcement point", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "L2 L3 connectivity runtime status request parameters", 
  "type": "object"
}

L2VPNPerLSTrafficStatistics (type) 

{
  "additionalProperties": false, 
  "description": "Traffic statistics for a logical switch.", 
  "id": "L2VPNPerLSTrafficStatistics", 
  "module_id": "L2VPNStatistics", 
  "properties": {
    "bum_bytes_in": {
      "description": "Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) bytes.", 
      "readonly": true, 
      "title": "Broadcast, Unknown unicast and Multicast (BUM) bytes in", 
      "type": "integer"
    }, 
    "bum_bytes_out": {
      "description": "Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) bytes.", 
      "readonly": true, 
      "title": "Broadcast, Unknown unicast and Multicast (BUM) bytes out", 
      "type": "integer"
    }, 
    "bum_packets_in": {
      "description": "Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) packets.", 
      "readonly": true, 
      "title": "Broadcast, Unknown unicast and Multicast (BUM) packets in", 
      "type": "integer"
    }, 
    "bum_packets_out": {
      "description": "Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) packets.", 
      "readonly": true, 
      "title": "Broadcast, Unknown unicast and Multicast (BUM) packets out", 
      "type": "integer"
    }, 
    "bytes_in": {
      "description": "Total number of incoming bytes.", 
      "readonly": true, 
      "title": "Bytes in", 
      "type": "integer"
    }, 
    "bytes_out": {
      "description": "Total number of outgoing bytes.", 
      "readonly": true, 
      "title": "Bytes out", 
      "type": "integer"
    }, 
    "logical_switch": {
      "$ref": "ResourceReference, 
      "description": "Logical switch", 
      "readonly": true, 
      "title": "Logical switch"
    }, 
    "packets_in": {
      "description": "Total number of incoming packets.", 
      "readonly": true, 
      "title": "Packets in", 
      "type": "integer"
    }, 
    "packets_out": {
      "description": "Total number of outgoing packets.", 
      "readonly": true, 
      "title": "Packets out", 
      "type": "integer"
    }, 
    "packets_receive_error": {
      "description": "Total number of incoming packets dropped.", 
      "readonly": true, 
      "title": "Packets recieved error", 
      "type": "integer"
    }, 
    "packets_sent_error": {
      "description": "Total number of packets dropped while sending for any reason.", 
      "readonly": true, 
      "title": "Packets sent error", 
      "type": "integer"
    }
  }, 
  "title": "Traffic statistics per logical switch", 
  "type": "object"
}

L2VPNService (type) 

{
  "additionalProperties": false, 
  "description": "L2VPN Service defines if service running as server or client. It also defines all the common properties for the multiple L2VPN Sessions associated with this service.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "L2VPNService", 
  "module_id": "PolicyLayer2VPN", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enable_hub": {
      "default": false, 
      "description": "This property applies only in SERVER mode. If set to true, traffic from any client will be replicated to all other clients. If set to false, traffic received from clients is only replicated to the local VPN endpoint.", 
      "required": false, 
      "title": "Enable spoke to spoke (client) forwarding via hub (server)", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "mode": {
      "default": "SERVER", 
      "description": "Specify an L2VPN service mode as SERVER or CLIENT.", 
      "enum": [
        "SERVER", 
        "CLIENT"
      ], 
      "title": "L2VPN Service Mode", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "L2VPN Service", 
  "type": "object"
}

L2VPNServiceListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "L2VPNServiceListRequestParameters", 
  "module_id": "PolicyLayer2VPN", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "L2VPNService list request parameters", 
  "type": "object"
}

L2VPNServiceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "L2VPNServiceListResult", 
  "module_id": "PolicyLayer2VPN", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "L2VPNService
      }, 
      "required": true, 
      "title": "L2VPNService list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of L2VPNServices", 
  "type": "object"
}

L2VPNSession (type) 

{
  "additionalProperties": false, 
  "description": "Defines the tunnel local and peer addresses along with multiple tansport tunnels for redundancy. L2VPNSession belongs to only one L2VPNService.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "L2VPNSession", 
  "module_id": "PolicyLayer2VPN", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Enable to extend all the associated segments.", 
      "required": false, 
      "title": "Enable L2VPN session", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_tunnels": {
      "description": "List of transport tunnels for redundancy.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "List of transport tunnels", 
      "type": "array"
    }, 
    "tunnel_encapsulation": {
      "$ref": "L2VPNTunnelEncapsulation, 
      "description": "Tunnel encapsulation config. This property only applies in CLIENT mode. It is auto-populated from the L2VPNSessionData.", 
      "readonly": true, 
      "required": false, 
      "title": "Tunnel encapsulation config"
    }
  }, 
  "title": "L2VPN Session", 
  "type": "object"
}

L2VPNSessionData (type) 

{
  "additionalProperties": false, 
  "description": "L2VPN Session Data represents meta data necessary to create the L2VPN Session. It is represented by an array of peer code for each tunnel.", 
  "id": "L2VPNSessionData", 
  "module_id": "PolicyLayer2VPN", 
  "properties": {
    "description": {
      "maxLength": 1024, 
      "title": "Description of L2VPN Session", 
      "type": "string"
    }, 
    "display_name": {
      "description": "Defaults to id if not set.", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying L2VPN Session", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Enable to extend all the associated segments.", 
      "required": false, 
      "title": "Enable L2VPN session", 
      "type": "boolean"
    }, 
    "transport_tunnels": {
      "description": "List of L2VPN transport tunnel data.", 
      "items": {
        "$ref": "L2VPNSessionTransportTunnelData
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "title": "List of L2VPN Transport Tunnel Data", 
      "type": "array"
    }
  }, 
  "title": "L2VPN Session Data", 
  "type": "object"
}

L2VPNSessionListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "L2VPNSessionListRequestParameters", 
  "module_id": "PolicyLayer2VPN", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "L2VPNSession list request parameters", 
  "type": "object"
}

L2VPNSessionListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "L2VPNSessionListResult", 
  "module_id": "PolicyLayer2VPN", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "L2VPNSession
      }, 
      "required": true, 
      "title": "L2VPNSession list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of L2VPNSession", 
  "type": "object"
}

L2VPNSessionPeerConfigNsxT (type) 

{
  "additionalProperties": false, 
  "description": "L2VPNSessionPeerCodes represents an array of peer code for each tunnel. The peer code is necessary to configure the remote end of the tunnel. Currently only stand-along/unmanaged edge is supported on the remote end of the tunnel.", 
  "extends": {
    "$ref": "L2VPNSessionPeerConfigPerEP
  }, 
  "id": "L2VPNSessionPeerConfigNsxT", 
  "module_id": "PolicyLayer2VPN", 
  "polymorphic-type-descriptor": {
    "type-identifier": "L2VPNSessionPeerConfigNsxT"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "peer_codes": {
      "description": "List of peer codes per transport tunnel.", 
      "items": {
        "$ref": "L2VPNSessionTransportTunnelPeerCode
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "readonly": true, 
      "title": "List of peer codes", 
      "type": "array"
    }, 
    "resource_type": {
      "enum": [
        "L2VPNSessionPeerConfigNsxT"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "Peer code to configure the other side of the tunnel", 
  "type": "object"
}

L2VPNSessionPeerConfigPerEP (type) 

{
  "abstract": true, 
  "description": "Peer config per Enforcement Point to configure the other side of the tunnel.", 
  "extends": {
    "$ref": "PolicyRuntimeInfoPerEP
  }, 
  "id": "L2VPNSessionPeerConfigPerEP", 
  "module_id": "PolicyLayer2VPN", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "L2VPNSessionPeerConfigNsxT"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "Peer config per Enforcement Point", 
  "type": "object"
}

L2VPNSessionRemoteMacs (type) 

{
  "additionalProperties": false, 
  "description": "Remote MAC addresses for all logical switches for a L2VPN session.", 
  "id": "L2VPNSessionRemoteMacs", 
  "module_id": "L2VPNStatistics", 
  "properties": {
    "display_name": {
      "description": "L2VPN display name.", 
      "readonly": true, 
      "title": "Display name", 
      "type": "string"
    }, 
    "remote_mac_addresses": {
      "description": "List MAC addresses for all logical switch for a particular L2VPN session.", 
      "items": {
        "$ref": "L2VPNSessionRemoteMacsForLS
      }, 
      "readonly": true, 
      "title": "Remote MAC addresses for all logical switches", 
      "type": "array"
    }, 
    "session_id": {
      "description": "L2VPN session identifier.", 
      "readonly": true, 
      "title": "Session identifier", 
      "type": "string"
    }
  }, 
  "title": "Remote MAC addresses list", 
  "type": "object"
}

L2VPNSessionRemoteMacsForLS (type) 

{
  "additionalProperties": false, 
  "description": "Remote MAC addresses for logical switch.", 
  "id": "L2VPNSessionRemoteMacsForLS", 
  "module_id": "L2VPNStatistics", 
  "properties": {
    "logical_switch": {
      "$ref": "ResourceReference, 
      "description": "Logical switch.", 
      "readonly": true, 
      "title": "Logical switch"
    }, 
    "remote_mac_addresses": {
      "description": "Mac addresses.", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "title": "Mac addresses", 
      "type": "array"
    }
  }, 
  "title": "Remote MAC addresses for logical switch", 
  "type": "object"
}

L2VPNSessionStatistics (type) 

{
  "additionalProperties": false, 
  "description": "Session statistics gives VPN session status and traffic statistics per logical switch.", 
  "id": "L2VPNSessionStatistics", 
  "module_id": "L2VPNStatistics", 
  "properties": {
    "display_name": {
      "description": "L2VPN display name.", 
      "readonly": true, 
      "title": "Display name", 
      "type": "string"
    }, 
    "partial_stats": {
      "description": "Partial statistics is set to true if onle active node responds while standby does not. In case of both nodes responded statistics will be summed and partial stats will be false. If cluster has only active node, partial statistics will always be false.", 
      "readonly": true, 
      "title": "Partial Statistics", 
      "type": "boolean"
    }, 
    "session_id": {
      "description": "Session identifier for L2VPN.", 
      "readonly": true, 
      "title": "L2VPN session id", 
      "type": "string"
    }, 
    "tap_traffic_counters": {
      "description": "Tunnel port traffic counters.", 
      "items": {
        "$ref": "L2VPNTapTrafficStatistics
      }, 
      "readonly": true, 
      "title": "Tunnel port traffic counters", 
      "type": "array"
    }, 
    "traffic_statistics_per_logical_switch": {
      "description": "Traffic statistics per logical switch.", 
      "items": {
        "$ref": "L2VPNPerLSTrafficStatistics
      }, 
      "readonly": true, 
      "title": "Traffic statistics per logical switch", 
      "type": "array"
    }
  }, 
  "title": "L2VPN session statistics", 
  "type": "object"
}

L2VPNSessionStatisticsNsxT (type) 

{
  "additionalProperties": false, 
  "description": "L2VPN session statistics gives session status and traffic statistics per segment.", 
  "extends": {
    "$ref": "L2VPNSessionStatisticsPerEP
  }, 
  "id": "L2VPNSessionStatisticsNsxT", 
  "module_id": "PolicyVpnStats", 
  "polymorphic-type-descriptor": {
    "type-identifier": "L2VPNSessionStatisticsNsxT"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "L2VPNSessionStatisticsNsxT"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tap_traffic_counters": {
      "description": "Tunnel port traffic counters.", 
      "items": {
        "$ref": "L2VPNTapStatistics
      }, 
      "readonly": true, 
      "title": "Tunnel port traffic counters", 
      "type": "array"
    }, 
    "traffic_statistics_per_segment": {
      "description": "Traffic statistics per segment.", 
      "items": {
        "$ref": "L2VPNTrafficStatisticsPerSegment
      }, 
      "readonly": true, 
      "title": "Traffic statistics per segment", 
      "type": "array"
    }
  }, 
  "title": "L2VPN session statistics", 
  "type": "object"
}

L2VPNSessionStatisticsPerEP (type) 

{
  "abstract": true, 
  "description": "L2VPN Session Statistics Per Enforcement Point.", 
  "extends": {
    "$ref": "PolicyRuntimeInfoPerEP
  }, 
  "id": "L2VPNSessionStatisticsPerEP", 
  "module_id": "PolicyVpnStats", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "L2VPNSessionStatisticsNsxT"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "L2VPN Session Statistics Per Enforcement Point", 
  "type": "object"
}

L2VPNSessionStatus (type) 

{
  "additionalProperties": false, 
  "description": "L2VPN session status.", 
  "id": "L2VPNSessionStatus", 
  "module_id": "L2VPNStatistics", 
  "properties": {
    "display_name": {
      "description": "L2VPN display name.", 
      "readonly": true, 
      "title": "Display name", 
      "type": "string"
    }, 
    "session_id": {
      "description": "L2VPN session identifier.", 
      "readonly": true, 
      "title": "Session identifier", 
      "type": "string"
    }, 
    "status": {
      "description": "L2 VPN session status, specifies UP/DOWN.", 
      "enum": [
        "UP", 
        "DOWN"
      ], 
      "readonly": true, 
      "title": "L2 VPN session status", 
      "type": "string"
    }, 
    "transport_tunnels": {
      "description": "Transport tunnels status.", 
      "items": {
        "$ref": "L2VPNTransportTunnelStatus
      }, 
      "readonly": true, 
      "title": "Transport tunnels status", 
      "type": "array"
    }
  }, 
  "title": "L2VPN Session Status", 
  "type": "object"
}

L2VPNSessionStatusNsxT (type) 

{
  "additionalProperties": false, 
  "description": "L2VPN Session Status represents status on an NSX-T type of enforcement point.", 
  "extends": {
    "$ref": "L2VPNSessionStatusPerEP
  }, 
  "id": "L2VPNSessionStatusNsxT", 
  "module_id": "PolicyVpnStats", 
  "polymorphic-type-descriptor": {
    "type-identifier": "L2VPNSessionStatusNsxT"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "L2VPNSessionStatusNsxT"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "L2 VPN session status, specifies UP/DOWN.", 
      "enum": [
        "UP", 
        "DOWN"
      ], 
      "readonly": true, 
      "title": "L2 VPN session status", 
      "type": "string"
    }, 
    "transport_tunnels": {
      "description": "Transport tunnels status.", 
      "items": {
        "$ref": "L2VPNSessionTransportTunnelStatus
      }, 
      "readonly": true, 
      "title": "Transport tunnels status", 
      "type": "array"
    }
  }, 
  "title": "L2VPN session status summary", 
  "type": "object"
}

L2VPNSessionStatusPerEP (type) 

{
  "abstract": true, 
  "description": "L2VPN Session Status Per Enforcement Point.", 
  "extends": {
    "$ref": "PolicyRuntimeInfoPerEP
  }, 
  "id": "L2VPNSessionStatusPerEP", 
  "module_id": "PolicyVpnStats", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "L2VPNSessionStatusNsxT"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "L2VPN Session Status Per Enforcement Point", 
  "type": "object"
}

L2VPNSessionSummary (type) 

{
  "additionalProperties": false, 
  "description": "List summary of L2VPN sessions.", 
  "id": "L2VPNSessionSummary", 
  "module_id": "L2VPNStatistics", 
  "properties": {
    "established_l2vpn_sessions": {
      "description": "Number of established L2VPN sessions. L2VPN session is established when all the tunnels are up.", 
      "readonly": true, 
      "title": "Established L2VPN sessions", 
      "type": "integer"
    }, 
    "failed_l2vpn_sessions": {
      "description": "Number of failed L2VPN sessions. L2VPN session is failed when all the tunnels are down.", 
      "readonly": true, 
      "title": "Failed L2VPN sessions", 
      "type": "integer"
    }, 
    "total_l2vpn_sessions": {
      "description": "Total L2VPN sessions configured.", 
      "readonly": true, 
      "title": "Total L2VPN sessions", 
      "type": "integer"
    }
  }, 
  "title": "L2VPN session status summary", 
  "type": "object"
}

L2VPNSessionTransportTunnelData (type) 

{
  "additionalProperties": false, 
  "description": "L2VPN Session Transport Tunnel Data uses a peer code which has all the information to create the transport tunnel.", 
  "id": "L2VPNSessionTransportTunnelData", 
  "module_id": "PolicyLayer2VPN", 
  "properties": {
    "local_address": {
      "$ref": "IPv4Address, 
      "description": "IPv4 Address of local endpoint.", 
      "required": true, 
      "title": "IPv4 Address of local endpoint"
    }, 
    "peer_address": {
      "$ref": "IPv4Address, 
      "description": "IPv4 Address of Peer endpoint on remote site.", 
      "required": true, 
      "title": "IPv4 Address of Peer endpoint"
    }, 
    "peer_code": {
      "description": "Peer code represents a base64 encoded string which has all the configuration for tunnel. E.g local/peer ips and protocol, encryption algorithm, etc. Peer code also contains PSK; be careful when sharing or storing it.", 
      "required": false, 
      "sensitive": true, 
      "title": "Peer code for the transport tunnel", 
      "type": "string"
    }
  }, 
  "title": "L2VPN Session Transport Tunnel Data", 
  "type": "object"
}

L2VPNSessionTransportTunnelPeerCode (type) 

{
  "additionalProperties": false, 
  "description": "L2VPN transport tunnel peer code.", 
  "id": "L2VPNSessionTransportTunnelPeerCode", 
  "module_id": "PolicyLayer2VPN", 
  "properties": {
    "peer_code": {
      "description": "Peer code represents a base64 encoded string which has all the configuration for tunnel. E.g local/peer ips and protocol, encryption algorithm, etc. Peer code also contains PSK; be careful when sharing or storing it.", 
      "readonly": true, 
      "title": "Peer code for the transport tunnel", 
      "type": "string"
    }, 
    "transport_tunnel_path": {
      "readonly": true, 
      "title": "Policy Path referencing the transport tunnel.", 
      "type": "string"
    }
  }, 
  "title": "L2VPN Transport Tunnel Peer Code", 
  "type": "object"
}

L2VPNSessionTransportTunnelStatus (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Transport tunnel status.", 
  "id": "L2VPNSessionTransportTunnelStatus", 
  "module_id": "PolicyVpnStats", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "resource_type": {
      "enum": [
        "IPSecVpnTransportStatus"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "transport_tunnel_path": {
      "description": "Policy path referencing Transport Tunnel.", 
      "readonly": true, 
      "title": "Policy path referencing Transport Tunnel", 
      "type": "string"
    }
  }, 
  "title": "Transport tunnel status", 
  "type": "object"
}

L2VPNTapStatistics (type) 

{
  "additionalProperties": false, 
  "description": "TAP (Terminal access point) traffic statistics for L2VPN.", 
  "id": "L2VPNTapStatistics", 
  "module_id": "PolicyVpnStats", 
  "properties": {
    "bytes_in": {
      "description": "Total number of incoming bytes.", 
      "readonly": true, 
      "title": "Bytes in", 
      "type": "integer"
    }, 
    "bytes_out": {
      "description": "Total number of outgoing bytes.", 
      "readonly": true, 
      "title": "Bytes out", 
      "type": "integer"
    }, 
    "packets_in": {
      "description": "Total number of incoming packets.", 
      "readonly": true, 
      "title": "Packets in", 
      "type": "integer"
    }, 
    "packets_out": {
      "description": "Total number of outgoing packets.", 
      "readonly": true, 
      "title": "Packets out", 
      "type": "integer"
    }, 
    "packets_receive_error": {
      "description": "Total number of incoming packets dropped.", 
      "readonly": true, 
      "title": "packets recieved error", 
      "type": "integer"
    }, 
    "packets_sent_error": {
      "description": "Total number of packets dropped while sending for any reason.", 
      "readonly": true, 
      "title": "Packets sent error", 
      "type": "integer"
    }
  }, 
  "title": "L2VPN TAP (Terminal access point) traffic statistics", 
  "type": "object"
}

L2VPNTapTrafficStatistics (type) 

{
  "additionalProperties": false, 
  "description": "TAP (Terminal access point) traffic statistics for L2VPN.", 
  "id": "L2VPNTapTrafficStatistics", 
  "module_id": "L2VPNStatistics", 
  "properties": {
    "bytes_in": {
      "description": "Total number of incoming bytes.", 
      "readonly": true, 
      "title": "Bytes in", 
      "type": "integer"
    }, 
    "bytes_out": {
      "description": "Total number of outgoing bytes.", 
      "readonly": true, 
      "title": "Bytes out", 
      "type": "integer"
    }, 
    "packets_in": {
      "description": "Total number of incoming packets.", 
      "readonly": true, 
      "title": "Packets in", 
      "type": "integer"
    }, 
    "packets_out": {
      "description": "Total number of outgoing packets.", 
      "readonly": true, 
      "title": "Packets out", 
      "type": "integer"
    }, 
    "packets_receive_error": {
      "description": "Total number of incoming packets dropped.", 
      "readonly": true, 
      "title": "packets recieved error", 
      "type": "integer"
    }, 
    "packets_sent_error": {
      "description": "Total number of packets dropped while sending for any reason.", 
      "readonly": true, 
      "title": "Packets sent error", 
      "type": "integer"
    }
  }, 
  "title": "L2VPN TAP (Terminal access point) traffic statistics", 
  "type": "object"
}

L2VPNTrafficStatisticsPerSegment (type) 

{
  "additionalProperties": false, 
  "description": "Traffic statistics for a segment.", 
  "id": "L2VPNTrafficStatisticsPerSegment", 
  "module_id": "PolicyVpnStats", 
  "properties": {
    "bum_bytes_in": {
      "description": "Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) bytes.", 
      "readonly": true, 
      "title": "Broadcast, Unknown unicast and Multicast (BUM) bytes in", 
      "type": "integer"
    }, 
    "bum_bytes_out": {
      "description": "Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) bytes.", 
      "readonly": true, 
      "title": "Broadcast, Unknown unicast and Multicast (BUM) bytes out", 
      "type": "integer"
    }, 
    "bum_packets_in": {
      "description": "Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) packets.", 
      "readonly": true, 
      "title": "Broadcast, Unknown unicast and Multicast (BUM) packets in", 
      "type": "integer"
    }, 
    "bum_packets_out": {
      "description": "Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) packets.", 
      "readonly": true, 
      "title": "Broadcast, Unknown unicast and Multicast (BUM) packets out", 
      "type": "integer"
    }, 
    "bytes_in": {
      "description": "Total number of incoming bytes.", 
      "readonly": true, 
      "title": "Bytes in", 
      "type": "integer"
    }, 
    "bytes_out": {
      "description": "Total number of outgoing bytes.", 
      "readonly": true, 
      "title": "Bytes out", 
      "type": "integer"
    }, 
    "packets_in": {
      "description": "Total number of incoming packets.", 
      "readonly": true, 
      "title": "Packets in", 
      "type": "integer"
    }, 
    "packets_out": {
      "description": "Total number of outgoing packets.", 
      "readonly": true, 
      "title": "Packets out", 
      "type": "integer"
    }, 
    "packets_receive_error": {
      "description": "Total number of incoming packets dropped.", 
      "readonly": true, 
      "title": "Packets received error", 
      "type": "integer"
    }, 
    "packets_sent_error": {
      "description": "Total number of packets dropped while sending for any reason.", 
      "readonly": true, 
      "title": "Packets sent error", 
      "type": "integer"
    }, 
    "segment_path": {
      "description": "Policy path referencing the segment on which stats are gathered.", 
      "readonly": true, 
      "title": "Segment Path", 
      "type": "string"
    }
  }, 
  "title": "Traffic statistics per segment", 
  "type": "object"
}

L2VPNTransportTunnelStatus (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Transport tunnel status.", 
  "id": "L2VPNTransportTunnelStatus", 
  "module_id": "L2VPNStatistics", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "resource_type": {
      "$ref": "TransportTunnelResourceType, 
      "required": true
    }, 
    "tunnel_id": {
      "$ref": "ResourceReference, 
      "description": "Transport tunnel id.", 
      "readonly": true, 
      "title": "Transport tunnel id"
    }
  }, 
  "title": "Transport tunnel status", 
  "type": "object"
}

L2VPNTunnelEncapsulation (type) 

{
  "additionalProperties": false, 
  "description": "L2VPN tunnel encapsulation config.", 
  "id": "L2VPNTunnelEncapsulation", 
  "module_id": "PolicyLayer2VPN", 
  "properties": {
    "local_endpoint_address": {
      "$ref": "IPv4Address, 
      "description": "IP Address of the local tunnel port. This property only applies in CLIENT mode.", 
      "readonly": true, 
      "required": false, 
      "title": "IP Address of the tunnel port"
    }, 
    "peer_endpoint_address": {
      "$ref": "IPv4Address, 
      "description": "IP Address of the peer tunnel port. This property only applies in CLIENT mode.", 
      "readonly": true, 
      "required": false, 
      "title": "IP Address of the peer tunnel port"
    }, 
    "protocol": {
      "default": "GRE", 
      "description": "Encapsulation protocol used by the tunnel.", 
      "enum": [
        "GRE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Encapsulation protocol", 
      "type": "string"
    }
  }, 
  "title": "L2VPN Tunnel Encapsulation", 
  "type": "object"
}

L2Vpn (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Contains information necessary to configure L2Vpn.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "L2Vpn", 
  "module_id": "PolicyL2Vpn", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Enable to extend all the associated segments.", 
      "required": false, 
      "title": "Enable L2Vpn", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_tunnels": {
      "description": "List of paths referencing transport tunnels.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "List of paths referencing transport tunnels", 
      "type": "array"
    }
  }, 
  "title": "L2 Virtual Private Network Configuration", 
  "type": "object"
}

L2VpnAttachmentContext (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "AttachmentContext
  }, 
  "id": "L2VpnAttachmentContext", 
  "module_id": "LogicalPort", 
  "polymorphic-type-descriptor": {
    "type-identifier": "L2VpnAttachmentContext"
  }, 
  "properties": {
    "allocate_addresses": {
      "enum": [
        "IpPool", 
        "MacPool", 
        "Both", 
        "None"
      ], 
      "required": false, 
      "title": "A flag to indicate whether to allocate addresses from allocation\n    pools bound to the parent logical switch.\n", 
      "type": "string"
    }, 
    "resource_type": {
      "help_summary": "Possible values are 'VifAttachmentContext' or 'L2VpnAttachmentContext'\n", 
      "required": true, 
      "title": "Used to identify which concrete class it is", 
      "type": "string"
    }, 
    "tunnel_id": {
      "maximum": 4093, 
      "minimum": 1, 
      "required": true, 
      "title": "Tunnel Id to uniquely identify the extension.", 
      "type": "int"
    }
  }, 
  "type": "object"
}

L2VpnContext (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "L2Vpn Context provides meta-data information about the parent Tier-0.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "L2VpnContext", 
  "module_id": "PolicyL2Vpn", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enable_hub": {
      "default": false, 
      "description": "If enabled, the tier-0 acts as a Hub and replicates traffic received from peer to all other peers. If disabled, the tier-0 acts as a Spoke and replicates only the local.", 
      "title": "Enable to act as hub", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "L2Vpn Context", 
  "type": "object"
}

L2VpnService (type) 

{
  "additionalProperties": false, 
  "description": "Defines if service running as server or client Also defines all the common properties for the multiple L2VpnSessions associated with this service.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "L2VpnService", 
  "module_id": "L2VPN", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enable_full_mesh": {
      "default": false, 
      "deprecated": true, 
      "description": "Full mesh topology auto disables traffic replication between connected peers. However, this property is deprecated. Please refer enable_hub property instead to control client to client forwarding via the server. The value of enable_full_mesh will not be used anymore. If enable_hub is not provided explicitly, the default value of it will be used.", 
      "required": false, 
      "title": "Enable full mesh topology", 
      "type": "boolean"
    }, 
    "enable_hub": {
      "default": false, 
      "description": "This property only applies in SERVER mode. If set to true, traffic from any client will be replicated to all other clients. If set to false, traffic received from clients is only replicated to the local VPN endpoint.", 
      "required": false, 
      "title": "Enable client to client forwarding via server", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logical_router_id": {
      "description": "Logical router id", 
      "required": true, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "logical_tap_ip_pool": {
      "description": "IP Pool to allocate local and peer endpoint IPs for L2VpnSession logical Tap.", 
      "items": {
        "$ref": "IPv4CIDRBlock
      }, 
      "required": false, 
      "title": "IP Pool for Logical Taps", 
      "type": "array"
    }, 
    "mode": {
      "default": "SERVER", 
      "description": "Specify an L2VPN service mode as SERVER or CLIENT. L2VPN service in SERVER mode requires user to configure L2VPN session explicitly. L2VPN service in CLIENT mode can use peercode generated from SERVER to configure L2VPN session.", 
      "enum": [
        "SERVER", 
        "CLIENT"
      ], 
      "required": false, 
      "title": "L2VPN Service Mode", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "L2VPN Service", 
  "type": "object"
}

L2VpnServiceListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paginated list all the L2VPN services.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "L2VpnServiceListResult", 
  "module_id": "L2VPN", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "L2VpnService
      }, 
      "required": true, 
      "title": "L2VPN serivce list result", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List all L2VPN services", 
  "type": "object"
}

L2VpnSession (type) 

{
  "additionalProperties": false, 
  "description": "Defines the tunnel local and peer addresses along with the multiple tansport tunnels for redundancy. L2VpnSession belongs on to only one L2VpnService.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "L2VpnSession", 
  "module_id": "L2VPN", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Enable to extend all the associated logical switches.", 
      "required": false, 
      "title": "Enable L2VPN session", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "l2vpn_service_id": {
      "description": "L2VPN service id", 
      "required": true, 
      "title": "L2VPN service id", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_tunnels": {
      "description": "List of transport tunnels for redundancy.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "List of transport tunnels", 
      "type": "array"
    }, 
    "tunnel_encapsulation": {
      "$ref": "L2VpnTunnelEncapsulation, 
      "description": "Tunnel encapsulation config. For hub, this property should not be provided as it will be auto-generated. For spoke, this property must be provided.", 
      "required": false, 
      "title": "Tunnel encapsulation config"
    }
  }, 
  "title": "L2VPN Session", 
  "type": "object"
}

L2VpnSessionListParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "L2VpnSessionListParameters", 
  "module_id": "L2VPN", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "l2vpn_service_id": {
      "description": "If provided, only sessions associated with the given L2Vpn service will be returned", 
      "required": false, 
      "title": "Id of the L2Vpn Service", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "L2VPNSession list parameters", 
  "type": "object"
}

L2VpnSessionListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paginated list all the L2VPN sessions", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "L2VpnSessionListResult", 
  "module_id": "L2VPN", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "L2VpnSession
      }, 
      "required": true, 
      "title": "L2VPN sessions list result", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List all L2VPN sessions", 
  "type": "object"
}

L2VpnSessionPeerCodes (type) 

{
  "additionalProperties": false, 
  "description": "Get the peer_code for each tunnel to paste on the remote end of the tunnel. Currently only stand-along/unmanaged edge is supported on the remote end of the tunnel.", 
  "id": "L2VpnSessionPeerCodes", 
  "module_id": "L2VPN", 
  "properties": {
    "peer_codes": {
      "description": "List of peer codes per transport tunnel.", 
      "items": {
        "$ref": "L2VpnTunnelPeerCode
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "List of peer codes", 
      "type": "array"
    }
  }, 
  "title": "Peer code to configure the other side of the tunnel", 
  "type": "object"
}

L2VpnTunnelEncapsulation (type) 

{
  "additionalProperties": false, 
  "description": "L2VPN tunnel encapsulation config", 
  "id": "L2VpnTunnelEncapsulation", 
  "module_id": "L2VPN", 
  "properties": {
    "local_endpoint_ip": {
      "$ref": "IPv4Address, 
      "description": "IP Address of the tunnel port. For hub, the IP is allocated from L2VpnService logical_tap_ip_pool. All sessions on same L2VpnService get the same local_endpoint_ip. For spoke, the IP must be provided.", 
      "required": false, 
      "title": "IP Address of the tunnel port"
    }, 
    "peer_endpoint_ip": {
      "$ref": "IPv4Address, 
      "description": "IP Address of the peer tunnel port. For hub, the IP is allocated from L2VpnService logical_tap_ip_pool. For spoke, the IP must be provided.", 
      "required": false, 
      "title": "IP Address of the peer tunnel port"
    }, 
    "protocol": {
      "default": "GRE", 
      "description": "Encapsulation protocol used by the tunnel", 
      "enum": [
        "GRE"
      ], 
      "required": false, 
      "title": "Encapsulation protocol", 
      "type": "string"
    }
  }, 
  "title": "L2VPN tunnel encapsulation config", 
  "type": "object"
}

L2VpnTunnelPeerCode (type) 

{
  "additionalProperties": false, 
  "description": "L2Vpn tunnel peer code", 
  "id": "L2VpnTunnelPeerCode", 
  "module_id": "L2VPN", 
  "properties": {
    "peer_code": {
      "description": "Copy this code to paste on the remote end of the tunnel. This is a base64 encoded string which has all the configuration for tunnel. E.g tap device local/peer ips and protocol, encryption algorithm, etc. The peer code also contains a pre-shared key; be careful when sharing or storing it.", 
      "required": true, 
      "title": "Peer code for the tunnel", 
      "type": "string"
    }, 
    "transport_tunnel": {
      "$ref": "ResourceReference, 
      "required": true, 
      "title": "Transport tunnel"
    }
  }, 
  "title": "L2Vpn tunnel peer code", 
  "type": "object"
}

L3Vpn (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Contains information necessary to configure IPSec VPN.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "L3Vpn", 
  "module_id": "PolicyL3Vpn", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "dh_groups": {
      "description": "Diffie-Hellman group to be used if PFS is enabled. Default group is GROUP14.", 
      "items": {
        "$ref": "PolicyDHGroup
      }, 
      "maxItems": 1, 
      "title": "DH group", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enable_perfect_forward_secrecy": {
      "default": true, 
      "description": "If true, perfect forward secrecy (PFS) is enabled.", 
      "title": "Enable perfect forward secrecy", 
      "type": "boolean"
    }, 
    "enabled": {
      "default": true, 
      "description": "Flag to enable L3Vpn. Default is enabled.", 
      "title": "Enable L3Vpn", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ike_digest_algorithms": {
      "description": "Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. Default is SHA2_256.", 
      "items": {
        "$ref": "PolicyIKEDigestAlgorithm
      }, 
      "maxItems": 1, 
      "title": "Digest Algorithm for IKE", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "ike_encryption_algorithms": {
      "description": "Algorithm to be used during Internet Key Exchange(IKE) negotiation. Default is AES_128.", 
      "items": {
        "$ref": "PolicyIKEEncryptionAlgorithm
      }, 
      "maxItems": 1, 
      "title": "Encryption algorithm for IKE", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "ike_version": {
      "$ref": "PolicyIKEVersion, 
      "default": "IKE_V2", 
      "description": "IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.", 
      "title": "IKE version"
    }, 
    "l3vpn_session": {
      "$ref": "L3VpnSession, 
      "required": true, 
      "title": "L3Vpn Session"
    }, 
    "local_address": {
      "$ref": "IPv4Address, 
      "required": true, 
      "title": "IPv4 address of local gateway"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "passphrases": {
      "description": "List of IPSec pre-shared keys used for IPSec authentication. If not specified, the older passphrase values are retained if there are any.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "sensitive": true, 
      "title": "List of IPSec pre-shared keys", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "remote_private_address": {
      "description": "This field is used to resolve conflicts in case of a remote site being behind NAT as remote public ip address is not enough. If it is not the case the remote public address should be provided here. If not provided, the value of this field is set to remote_public_address.", 
      "title": "Identifier of the remote site", 
      "type": "string"
    }, 
    "remote_public_address": {
      "$ref": "IPv4Address, 
      "required": true, 
      "title": "Public IPv4 address of remote gateway"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tunnel_digest_algorithms": {
      "description": "Algorithm to be used for message digest during tunnel establishment. Default algorithm is empty.", 
      "items": {
        "$ref": "PolicyTunnelDigestAlgorithm
      }, 
      "maxItems": 1, 
      "title": "Digest Algorithm for Tunnel Establishment", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "tunnel_encryption_algorithms": {
      "description": "Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.", 
      "items": {
        "$ref": "PolicyTunnelEncryptionAlgorithm
      }, 
      "maxItems": 1, 
      "title": "Encryption algorithm for Tunnel Establishement", 
      "type": "array", 
      "uniqueItems": true
    }
  }, 
  "title": "L3 Virtual Private Network Configuration", 
  "type": "object"
}

L3VpnContext (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "L3Vpn Context provides the configuration context that different L3Vpns can consume.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "L3VpnContext", 
  "module_id": "PolicyL3Vpn", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "available_local_addresses": {
      "description": "Local gateway IPv4 addresses available for configuration of each L3Vpn.", 
      "items": {
        "$ref": "PolicyIPAddressInfo
      }, 
      "title": "IPv4 addresses of the local gateway", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "bypass_rules": {
      "description": "Bypass L3Vpn rules that will be shared across L3Vpns. Only Bypass action is supported on these L3Vpn rules.", 
      "items": {
        "$ref": "L3VpnRule
      }, 
      "title": "List of Bypass L3VpnRules", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "If true, enable L3Vpn Service for given tier-0. Enabling/disabling this service affects all L3Vpns under the given tier-0.", 
      "title": "Enable L3 Virtual Private Network (VPN) service", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ike_log_level": {
      "default": "INFO", 
      "description": "Log level for internet key exchange (IKE).", 
      "enum": [
        "DEBUG", 
        "INFO", 
        "WARN", 
        "ERROR", 
        "EMERGENCY"
      ], 
      "title": "Internet key exchange (IKE) log level", 
      "type": "string"
    }, 
    "label": {
      "description": "Policy path referencing Label. A label is used as a mechanism to group route-based L3Vpns in order to apply edge firewall rules on members' VTIs.", 
      "required": false, 
      "title": "Policy path referencing Label", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "L3Vpn Context", 
  "type": "object"
}

L3VpnRule (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "For policy-based L3Vpn sessions, a rule specifies as its action the vpn tunnel to be used for transit traffic that meets the rule's match criteria.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "L3VpnRule", 
  "module_id": "PolicyL3Vpn", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "action": {
      "default": "PROTECT", 
      "description": "Action to exchange data with or without protection. PROTECT - Allows to exchange data with ipsec protection. Protect rules are defined per L3Vpn. BYPASS - Allows to exchange data without ipsec protection. Bypass rules are defined per L3VpnContext and affects all policy based L3Vpns. Bypass rules are prioritized over protect rules.", 
      "enum": [
        "PROTECT", 
        "BYPASS"
      ], 
      "title": "Action to apply to the traffic transiting through the L3Vpn", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destinations": {
      "description": "List of remote subnets used in policy-based L3Vpn.", 
      "items": {
        "$ref": "L3VpnSubnet
      }, 
      "maxItems": 128, 
      "minItems": 1, 
      "required": true, 
      "title": "List of remote subnets", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sequence_number": {
      "description": "This field is used to resolve conflicts between multiple L3VpnRules associated with a single L3Vpn or L3VpnContext.", 
      "required": false, 
      "title": "Sequence number of the L3VpnRule", 
      "type": "int"
    }, 
    "sources": {
      "description": "List of local subnets used in policy-based L3Vpn.", 
      "items": {
        "$ref": "L3VpnSubnet
      }, 
      "maxItems": 128, 
      "minItems": 1, 
      "required": true, 
      "title": "List of local subnets", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "L3Vpn Rule", 
  "type": "object"
}

L3VpnSession (type) (Deprecated) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Contains information about L3Vpn session.", 
  "id": "L3VpnSession", 
  "module_id": "PolicyL3Vpn", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "resource_type": {
      "$ref": "L3VpnSessionResourceType, 
      "required": true
    }
  }, 
  "title": "L3Vpn Session", 
  "type": "object"
}

L3VpnSessionResourceType (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "- A Policy Based L3Vpn is a configuration in which protect rules to match local and remote subnet needs to be defined. Tunnel is established for each pair of local and remote subnet defined in protect rules. - A Route Based L3Vpn is more flexible, more powerful and recommended over policy based. IP Tunnel subnet is created and all traffic routed through tunnel subnet (commonly known as VTI) is sent over tunnel. Routes can be learned through BGP. A route based L3Vpn is required when using redundant L3Vpn.", 
  "enum": [
    "PolicyBasedL3VpnSession", 
    "RouteBasedL3VpnSession"
  ], 
  "id": "L3VpnSessionResourceType", 
  "module_id": "PolicyL3Vpn", 
  "title": "Resource type of L3Vpn Session", 
  "type": "string"
}

L3VpnSubnet (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Used to specify subnets in L3Vpn rule.", 
  "id": "L3VpnSubnet", 
  "module_id": "PolicyL3Vpn", 
  "properties": {
    "subnet": {
      "$ref": "IPv4CIDRBlock, 
      "description": "Subnet used in L3Vpn Rule.", 
      "required": true, 
      "title": "Subnet"
    }
  }, 
  "title": "Subnet used in L3Vpn Rule", 
  "type": "object"
}

L4PolicyLbPersistenceProfile (type) 

{
  "additionalProperties": false, 
  "description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a PolicyLbVirtualServer by binding a persistence profile to it.", 
  "extends": {
    "$ref": "PolicyLbPersistenceProfile
  }, 
  "id": "L4PolicyLbPersistenceProfile", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "L4PolicyLbPersistenceProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "persistence": {
      "default": "SOURCE_IP", 
      "description": "This field indicates the persistence method used for the PolicyLbVirtualServer. - SOURCE_IP persistence ensures all connections from a client (identified by IP address) are sent to the same backend server for a specified period. - This object is not required and persistence is disabled by default", 
      "enum": [
        "SOURCE_IP"
      ], 
      "required": false, 
      "title": "Persistence method used by PolicyLbVirtualServer(s)", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "L4PolicyLbPersistenceProfile", 
        "L7PolicyLbPersistenceProfile", 
        "CustomPolicyLbPersistenceProfile"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "PolicyLbPersistenceProflie for L4 type PolicyLbVirtualServer", 
  "type": "object"
}

L4PortSetNSService (type) 

{
  "additionalProperties": false, 
  "description": "L4PortSet can be specified in comma separated notation of parts. Parts of a L4PortSet includes single integer or range of port in hyphen notation. Example of a PortSet: \"22, 33-70, 44\".", 
  "extends": {
    "$ref": "NSServiceElement
  }, 
  "id": "L4PortSetNSService", 
  "module_id": "Types", 
  "polymorphic-type-descriptor": {
    "type-identifier": "L4PortSetNSService"
  }, 
  "properties": {
    "destination_ports": {
      "items": {
        "$ref": "PortElement
      }, 
      "maxItems": 15, 
      "required": false, 
      "title": "Destination ports", 
      "type": "array"
    }, 
    "l4_protocol": {
      "enum": [
        "TCP", 
        "UDP"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "EtherTypeNSService", 
        "IPProtocolNSService", 
        "IGMPTypeNSService", 
        "ICMPTypeNSService", 
        "ALGTypeNSService", 
        "L4PortSetNSService"
      ], 
      "required": true, 
      "title": "The specific type of NSServiceElement", 
      "type": "string"
    }, 
    "source_ports": {
      "items": {
        "$ref": "PortElement
      }, 
      "maxItems": 15, 
      "required": false, 
      "title": "Source ports", 
      "type": "array"
    }
  }, 
  "title": "An NSService element that represents TCP or UDP protocol", 
  "type": "object"
}

L4PortSetServiceEntry (type) 

{
  "additionalProperties": false, 
  "description": "L4PortSet can be specified in comma separated notation of parts. Parts of a L4PortSet includes single integer or range of port in hyphen notation. Example of a PortSet: \"22, 33-70, 44\".", 
  "extends": {
    "$ref": "ServiceEntry
  }, 
  "id": "L4PortSetServiceEntry", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "L4PortSetServiceEntry"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destination_ports": {
      "items": {
        "$ref": "PortElement
      }, 
      "maxItems": 15, 
      "required": false, 
      "type": "array"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "l4_protocol": {
      "enum": [
        "TCP", 
        "UDP"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "IPProtocolServiceEntry", 
        "IGMPTypeServiceEntry", 
        "ICMPTypeServiceEntry", 
        "ALGTypeServiceEntry", 
        "L4PortSetServiceEntry", 
        "EtherTypeServiceEntry"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "source_ports": {
      "items": {
        "$ref": "PortElement
      }, 
      "maxItems": 15, 
      "required": false, 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "An ServiceEntry that represents TCP or UDP protocol", 
  "type": "object"
}

L7PolicyLbPersistenceProfile (type) 

{
  "description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a PolicyLbVirtualServer by binding a persistence profile to it.", 
  "extends": {
    "$ref": "PolicyLbPersistenceProfile
  }, 
  "id": "L7PolicyLbPersistenceProfile", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "L7PolicyLbPersistenceProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "persistence": {
      "default": "COOKIE", 
      "description": "This field indicates the persistence method used for the PolicyLbVirtualServer. - COOKIE persistence allows related client connections, identified by the same cookie in HTTP requests [Refer to HTTP Cookie for details on HTTP cookies], to be redirected to the same server. Load balancer does not maintain any persistence table for cookie persistence. Instead, it encodes the necessary information in the HTTP cookie value sent to client and relies on the client to store it and send it back in subsequent related HTTP requests. Hence there is no limit on the number of cookie persistence entries that can be supported. - This object is not required and persistence is disabled by default", 
      "enum": [
        "COOKIE"
      ], 
      "required": false, 
      "title": "Persistence method used by PolicyLbVirtualServer(s)", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "L4PolicyLbPersistenceProfile", 
        "L7PolicyLbPersistenceProfile", 
        "CustomPolicyLbPersistenceProfile"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "PolicyLbPersistenceProflie for L7 type PolicyLbVirtualServer", 
  "type": "object"
}

LBActiveMonitor (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "All the active types of LBMonitorProfile extend from this abstract class. This is present for extensibility.", 
  "extends": {
    "$ref": "LBMonitorProfile
  }, 
  "id": "LBActiveMonitor", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBActiveMonitor"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor fall count for active healthchecks", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor interval in seconds for active healthchecks", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "monitor_port": {
      "description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Monitor port for active healthchecks", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LBMonitorProfileType, 
      "required": true
    }, 
    "rise_count": {
      "default": 3, 
      "description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor rise count for active healthchecks", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "description": "Timeout specified in seconds.  After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor timeout in seconds for active healthchecks", 
      "type": "integer"
    }
  }, 
  "title": "Base class for each type of active LBMonitorProfile", 
  "type": "object"
}

LBAppProfile (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "App profile.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "LBAppProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LBApplicationProfileType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "App profile", 
  "type": "object"
}

LBAppProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LBAppProfileListResult", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LBAppProfile
      }, 
      "required": true, 
      "title": "LBAppProfile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of LBAppProfile", 
  "type": "object"
}

LBApplicationProfileType (type) 

{
  "additionalProperties": false, 
  "description": "An application profile can be bound to a virtual server to specify the application protocol characteristics. It is used to influence how load balancing is performed. Currently, three types of application profiles are supported: LBFastTCPProfile, LBFastUDPProfile and LBHttpProfile. LBFastTCPProfile or LBFastUDPProfile is typically used when the application is using a custom protocol or a standard protocol not supported by the load balancer. It is also used in cases where the user only wants L4 load balancing mainly because L4 load balancing has much higher performance and scalability, and/or supports connection mirroring. LBHttpProfile is used for both HTTP and HTTPS applications. Though application rules, if bound to the virtual server, can be used to accomplish the same goal, LBHttpProfile is intended to simplify enabling certain common use cases.", 
  "enum": [
    "LBHttpProfile", 
    "LBFastTcpProfile", 
    "LBFastUdpProfile"
  ], 
  "id": "LBApplicationProfileType", 
  "module_id": "PolicyLoadBalancer", 
  "title": "Application profile type", 
  "type": "string"
}

LBClientCertificateIssuerDnCondition (type) 

{
  "additionalProperties": false, 
  "description": "Match condition for client certficate issuer DN.", 
  "id": "LBClientCertificateIssuerDnCondition", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing issuer DN value.", 
      "required": false, 
      "title": "A case sensitive flag for issuer DN comparing", 
      "type": "boolean"
    }, 
    "issuer_dn": {
      "description": "Value of issuer DN.", 
      "required": true, 
      "title": "Value of issuer DN", 
      "type": "string"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "description": "Match type of issuer DN.", 
      "required": false, 
      "title": "Match type of issuer DN"
    }
  }, 
  "title": "Match condition for client certficate issuer DN", 
  "type": "object"
}

LBClientCertificateSubjectDnCondition (type) 

{
  "additionalProperties": false, 
  "description": "Match condition for client certficate subject DN.", 
  "id": "LBClientCertificateSubjectDnCondition", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing subject DN value.", 
      "required": false, 
      "title": "A case sensitive flag for subject DN comparing", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "description": "Match type of subject DN.", 
      "required": false, 
      "title": "Match type of subject DN"
    }, 
    "subject_dn": {
      "description": "Value of subject DN.", 
      "required": true, 
      "title": "Value of subject DN", 
      "type": "string"
    }
  }, 
  "title": "Match condition for client certficate subject DN", 
  "type": "object"
}

LBClientSslProfile (type) 

{
  "additionalProperties": false, 
  "description": "Client SSL profile.", 
  "extends": {
    "$ref": "LBSslProfile
  }, 
  "id": "LBClientSslProfile", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "cipher_group_label": {
      "$ref": "SslCipherGroup, 
      "description": "It is a label of cipher group which is mostly consumed by GUI.", 
      "required": false, 
      "title": "Label of cipher group"
    }, 
    "ciphers": {
      "description": "Supported SSL cipher list to client side.", 
      "items": {
        "$ref": "SslCipher
      }, 
      "required": false, 
      "title": "Supported SSL cipher list to client side", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_fips": {
      "description": "This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant..", 
      "readonly": true, 
      "title": "FIPS compliance of ciphers and protocols", 
      "type": "boolean"
    }, 
    "is_secure": {
      "description": "This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.", 
      "readonly": true, 
      "title": "Secure/Insecure SSL profile flag", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "prefer_server_ciphers": {
      "default": true, 
      "description": "During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference.", 
      "required": false, 
      "title": "Prefer server ciphers flag", 
      "type": "boolean"
    }, 
    "protocols": {
      "description": "SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.", 
      "items": {
        "$ref": "SslProtocol
      }, 
      "required": false, 
      "title": "Supported SSL protocol list to client side", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "session_cache_enabled": {
      "default": true, 
      "description": "SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake.", 
      "required": false, 
      "title": "Session cache enable/disable flag", 
      "type": "boolean"
    }, 
    "session_cache_timeout": {
      "default": 300, 
      "description": "Session cache timeout specifies how long the SSL session parameters are held on to and can be reused.", 
      "maximum": 86400, 
      "minimum": 1, 
      "required": false, 
      "title": "SSL session cache timeout value", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Client SSL profile", 
  "type": "object"
}

LBClientSslProfileBinding (type) 

{
  "additionalProperties": false, 
  "description": "Client SSL profile binding.", 
  "id": "LBClientSslProfileBinding", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "certificate_chain_depth": {
      "default": 3, 
      "description": "Authentication depth is used to set the verification depth in the client certificates chain.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "The maximum traversal depth of client certificate chain", 
      "type": "integer"
    }, 
    "client_auth": {
      "$ref": "ClientAuthType, 
      "default": "IGNORE", 
      "description": "Client authentication mode.", 
      "required": false, 
      "title": "Client authentication mode"
    }, 
    "client_auth_ca_paths": {
      "description": "If client auth type is REQUIRED, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "CA path list to verify client certificate", 
      "type": "array"
    }, 
    "client_auth_crl_paths": {
      "description": "A Certificate Revocation List (CRL) can be specified in the client-side SSL profile binding to disallow compromised client certificates.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "CRL path list to verify client certificate", 
      "type": "array"
    }, 
    "default_certificate_path": {
      "description": "A default certificate should be specified which will be used if the server does not host multiple hostnames on the same IP address or if the client does not support SNI extension.", 
      "required": true, 
      "title": "Default service certificate identifier", 
      "type": "string"
    }, 
    "sni_certificate_paths": {
      "description": "Client-side SSL profile binding allows multiple certificates, for different hostnames, to be bound to the same virtual server.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "SNI certificate path list", 
      "type": "array"
    }, 
    "ssl_profile_path": {
      "description": "Client SSL profile defines reusable, application-independent client side SSL properties.", 
      "required": false, 
      "title": "Client SSL profile path", 
      "type": "string"
    }
  }, 
  "title": "Client SSL profile binding", 
  "type": "object"
}

LBClientSslProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LBClientSslProfileListResult", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LBClientSslProfile
      }, 
      "required": true, 
      "title": "Paginated list of load balancer client SSL profiles", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LBCookiePersistenceProfile (type) 

{
  "additionalProperties": false, 
  "description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it.", 
  "extends": {
    "$ref": "LBPersistenceProfile
  }, 
  "id": "LBCookiePersistenceProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBCookiePersistenceProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "cookie_domain": {
      "description": "HTTP cookie domain could be configured, only available for insert mode.", 
      "required": false, 
      "title": "Cookie domain", 
      "type": "string"
    }, 
    "cookie_fallback": {
      "default": true, 
      "description": "If fallback is true, once the cookie points to a server that is down (i.e. admin state DISABLED or healthcheck state is DOWN), then a new server is selected by default to handle that request. If fallback is false, it will cause the request to be rejected if cookie points to a server.", 
      "required": false, 
      "title": "Cookie persistence fallback", 
      "type": "boolean"
    }, 
    "cookie_garble": {
      "default": true, 
      "description": "If garble is set to true, cookie value (server IP and port) would be encrypted. If garble is set to false, cookie value would be plain text.", 
      "required": false, 
      "title": "Cookie persistence garble", 
      "type": "boolean"
    }, 
    "cookie_mode": {
      "$ref": "CookiePersistenceModeType, 
      "default": "INSERT", 
      "description": "Cookie persistence mode.", 
      "required": false, 
      "title": "Cookie persistence mode"
    }, 
    "cookie_name": {
      "default": "NSXLB", 
      "description": "Cookie name.", 
      "required": false, 
      "title": "Cookie name", 
      "type": "string"
    }, 
    "cookie_path": {
      "description": "HTTP cookie path could be set, only available for insert mode.", 
      "required": false, 
      "title": "Cookie path", 
      "type": "string"
    }, 
    "cookie_time": {
      "$ref": "LBCookieTime, 
      "description": "Both session cookie and persistence cookie are supported, if not specified, it's a session cookie. It expires when the browser is closed.", 
      "required": false, 
      "title": "Cookie time setting"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "persistence_shared": {
      "default": false, 
      "description": "Persistence shared setting indicates that all LBVirtualServers that consume this LBPersistenceProfile should share the same persistence mechanism when enabled.  Meaning, persistence entries of a client accessing one virtual server will also affect the same client's connections to a different virtual server. For example, say there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to the same Group g1 consisting of two servers (s11:80 and s12:80). By default, each virtual server will have its own persistence table or cookie. So, in the earlier example, there will be two tables (vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client connects to vip1:80 and later connects to vip1:8080, the second connection may be sent to a different server than the first.  When persistence_shared is enabled, then the second connection will always connect to the same server as the original connection. For COOKIE persistence type, the same cookie will be shared by multiple virtual servers. For SOURCE_IP persistence type, the persistence table will be shared across virtual servers. For GENERIC persistence type, the persistence table will be shared across virtual servers which consume the same persistence profile in LBRule actions.", 
      "required": false, 
      "title": "Persistence shared across LBVirtualServers", 
      "type": "boolean"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The resource_type property identifies persistence profile type.", 
      "enum": [
        "LBSourceIpPersistenceProfile", 
        "LBCookiePersistenceProfile", 
        "LBGenericPersistenceProfile"
      ], 
      "required": true, 
      "title": "Persistence profile type", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "LBPersistenceProflie using Cookies for L7 LBVirtualServer", 
  "type": "object"
}

LBCookieTime (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Cookie time.", 
  "id": "LBCookieTime", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "type"
  }, 
  "properties": {
    "type": {
      "$ref": "LBCookieTimeType, 
      "required": true
    }
  }, 
  "title": "Cookie time", 
  "type": "object"
}

LBCookieTimeType (type) 

{
  "additionalProperties": false, 
  "description": "Both session cookie and persistence cookie are supported, Use LbSessionCookieTime for session cookie time setting, Use LbPersistenceCookieTime for persistence cookie time setting", 
  "enum": [
    "LBSessionCookieTime", 
    "LBPersistenceCookieTime"
  ], 
  "id": "LBCookieTimeType", 
  "module_id": "PolicyLoadBalancer", 
  "title": "CookieTime type", 
  "type": "string"
}

LBEdgeNodeUsage (type) 

{
  "additionalProperties": false, 
  "description": "The capacity contains basic information and load balancer entity usages and capacity for the given edge node.", 
  "extends": {
    "$ref": "LBNodeUsage
  }, 
  "id": "LBEdgeNodeUsage", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBEdgeNodeUsage"
  }, 
  "properties": {
    "current_large_load_balancer_count": {
      "description": "The count of large load balancer services configured on the node.", 
      "readonly": true, 
      "title": "The current large load balancer count", 
      "type": "integer"
    }, 
    "current_load_balancer_credits": {
      "description": "The current load balancer credits means the current credits used on the node. For example, configuring a medium load balancer on a node consumes 10 credits. If there are 2 medium instances configured on a node, the current credit number is 2 * 10 = 20.", 
      "readonly": true, 
      "title": "Current load balancer credits", 
      "type": "integer"
    }, 
    "current_medium_load_balancer_count": {
      "description": "The count of medium load balancer services configured on the node.", 
      "readonly": true, 
      "title": "The current medium load balancer count", 
      "type": "integer"
    }, 
    "current_pool_count": {
      "description": "The count of pools configured on the node.", 
      "readonly": true, 
      "title": "The current pool count.", 
      "type": "integer"
    }, 
    "current_pool_member_count": {
      "description": "The count of pool members configured on the node.", 
      "readonly": true, 
      "title": "The current pool member count", 
      "type": "integer"
    }, 
    "current_small_load_balancer_count": {
      "description": "The count of small load balancer services configured on the node.", 
      "readonly": true, 
      "title": "The current small load balancer count", 
      "type": "integer"
    }, 
    "current_virtual_server_count": {
      "description": "The count of virtual servers configured on the node.", 
      "readonly": true, 
      "title": "The current virtual server count", 
      "type": "integer"
    }, 
    "edge_cluster_path": {
      "description": "The path of edge cluster which contains the edge node.", 
      "readonly": true, 
      "title": "The path of edge cluster", 
      "type": "string"
    }, 
    "form_factor": {
      "description": "The form factor of the given edge node.", 
      "enum": [
        "SMALL_VIRTUAL_MACHINE", 
        "MEDIUM_VIRTUAL_MACHINE", 
        "LARGE_VIRTUAL_MACHINE", 
        "PHYSICAL_MACHINE"
      ], 
      "readonly": true, 
      "title": "The form factor of the given edge node", 
      "type": "string"
    }, 
    "load_balancer_credit_capacity": {
      "description": "The load balancer credit capacity means the maximum credits which can be used for load balancer configuration for the given edge node.", 
      "readonly": true, 
      "title": "Load balancer credit capacity", 
      "type": "integer"
    }, 
    "node_path": {
      "description": "The property identifies the node path for load balancer node usage. For example, node_path=/infra/sites/default/enforcement-points/default /edge-clusters/85175e0b-4d74-461d-83e1-f3b785adef9c/edge-nodes /86e077c0-449f-11e9-87c8-02004eb37029.", 
      "required": true, 
      "title": "The node path for load balancer node usage", 
      "type": "string"
    }, 
    "pool_member_capacity": {
      "description": "Pool member capacity means maximum number of pool members which can be configured on the given edge node.", 
      "readonly": true, 
      "title": "The pool member capacity", 
      "type": "integer"
    }, 
    "remaining_large_load_balancer_count": {
      "description": "The remaining count of large load balancer services which can be configured on the given edge node.", 
      "readonly": true, 
      "title": "The remaining large load balancer count", 
      "type": "integer"
    }, 
    "remaining_medium_load_balancer_count": {
      "description": "The remaining count of medium load balancer services which can be configured on the given edge node.", 
      "readonly": true, 
      "title": "The remaining medium load balancer count", 
      "type": "integer"
    }, 
    "remaining_small_load_balancer_count": {
      "description": "The remaining count of small load balancer services which can be configured on the given edge node.", 
      "readonly": true, 
      "title": "The remaining small load balancer count", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The property identifies the load balancer node usage type.", 
      "required": true, 
      "title": "Type of load balancer node usage", 
      "type": "string"
    }, 
    "severity": {
      "$ref": "LBUsageSeverity, 
      "description": "The severity calculation is based on current credit usage percentage of load balancer for one node.", 
      "readonly": true, 
      "title": "LB usage severity"
    }, 
    "usage_percentage": {
      "description": "The usage percentage of one edge node for load balancer.", 
      "readonly": true, 
      "title": "Usage percentage", 
      "type": "number"
    }
  }, 
  "title": "The load balancer usage for an edge node", 
  "type": "object"
}

LBFastTcpProfile (type) 

{
  "additionalProperties": false, 
  "description": "Fast TCP profile.", 
  "extends": {
    "$ref": "LBAppProfile
  }, 
  "id": "LBFastTcpProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBFastTcpProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "close_timeout": {
      "default": 8, 
      "description": "It is used to specify how long a closing TCP connection (both FINs received or a RST is received) should be kept for this application before cleaning up the connection.", 
      "maximum": 60, 
      "minimum": 1, 
      "required": false, 
      "title": "TCP connection idle timeout in seconds", 
      "type": "integer"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "ha_flow_mirroring_enabled": {
      "default": false, 
      "description": "If flow mirroring is enabled, all the flows to the bounded virtual server are mirrored to the standby node.", 
      "required": false, 
      "title": "Flow mirroring enabled flag", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "idle_timeout": {
      "default": 1800, 
      "description": "It is used to configure how long an idle TCP connection in ESTABLISHED state should be kept for this application before cleaning up.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "TCP connection idle timeout in seconds", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LBApplicationProfileType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Fast TCP profile", 
  "type": "object"
}

LBFastUdpProfile (type) 

{
  "additionalProperties": false, 
  "description": "Fast UDP profile.", 
  "extends": {
    "$ref": "LBAppProfile
  }, 
  "id": "LBFastUdpProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBFastUdpProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "flow_mirroring_enabled": {
      "default": false, 
      "description": "If flow mirroring is enabled, all the flows to the bounded virtual server are mirrored to the standby node.", 
      "required": false, 
      "title": "Flow mirroring enabled flag", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "idle_timeout": {
      "default": 300, 
      "description": "Though UDP is a connectionless protocol, for the purposes of load balancing, all UDP packets with the same flow signature (source and destination IP/ports and IP protocol) received within the idle timeout period are considered to belong to the same connection and are sent to the same backend server. If no packets are received for idle timeout period, the connection (association between flow signature and the selected server) is cleaned up.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "UDP idle timeout in seconds", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LBApplicationProfileType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Fast UDP profile", 
  "type": "object"
}

LBGenericPersistenceProfile (type) 

{
  "additionalProperties": false, 
  "description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it. LBGenericPersistenceProfile cannot be attached to virtual server directly, it can be specified in LB rule actions. In HTTP forwarding phase, the profile can be specified in LBVariablePersistenceOnAction. In HTTP response rewriting phase, the profile can be specified in LBVariablePersistenceLearnAction.", 
  "extends": {
    "$ref": "LBPersistenceProfile
  }, 
  "id": "LBGenericPersistenceProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBGenericPersistenceProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "ha_persistence_mirroring_enabled": {
      "default": false, 
      "description": "The mirroring enabled flag is to synchronize persistence entries. Persistence entries are not synchronized to the HA peer by default.", 
      "required": false, 
      "title": "Mirroring enabled flag", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "persistence_shared": {
      "default": false, 
      "description": "Persistence shared setting indicates that all LBVirtualServers that consume this LBPersistenceProfile should share the same persistence mechanism when enabled.  Meaning, persistence entries of a client accessing one virtual server will also affect the same client's connections to a different virtual server. For example, say there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to the same Group g1 consisting of two servers (s11:80 and s12:80). By default, each virtual server will have its own persistence table or cookie. So, in the earlier example, there will be two tables (vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client connects to vip1:80 and later connects to vip1:8080, the second connection may be sent to a different server than the first.  When persistence_shared is enabled, then the second connection will always connect to the same server as the original connection. For COOKIE persistence type, the same cookie will be shared by multiple virtual servers. For SOURCE_IP persistence type, the persistence table will be shared across virtual servers. For GENERIC persistence type, the persistence table will be shared across virtual servers which consume the same persistence profile in LBRule actions.", 
      "required": false, 
      "title": "Persistence shared across LBVirtualServers", 
      "type": "boolean"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The resource_type property identifies persistence profile type.", 
      "enum": [
        "LBSourceIpPersistenceProfile", 
        "LBCookiePersistenceProfile", 
        "LBGenericPersistenceProfile"
      ], 
      "required": true, 
      "title": "Persistence profile type", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 300, 
      "description": "When all connections complete (reference count reaches 0), persistence entry timer is started with the expiration time.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Persistence entry expiration time in seconds", 
      "type": "integer"
    }
  }, 
  "title": "LB generic persistence profile", 
  "type": "object"
}

LBHttpMonitorProfile (type) 

{
  "additionalProperties": false, 
  "description": "Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over HTTP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
  "extends": {
    "$ref": "LBActiveMonitor
  }, 
  "id": "LBHttpMonitorProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpMonitorProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor fall count for active healthchecks", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor interval in seconds for active healthchecks", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "monitor_port": {
      "description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Monitor port for active healthchecks", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "request_body": {
      "description": "String to send as part of HTTP health check request body. Valid only for certain HTTP methods like POST.", 
      "required": false, 
      "title": "HTTP health check request body", 
      "type": "string"
    }, 
    "request_headers": {
      "description": "Array of HTTP request headers.", 
      "items": {
        "$ref": "LbHttpRequestHeader
      }, 
      "required": false, 
      "title": "Array of HTTP request headers", 
      "type": "array"
    }, 
    "request_method": {
      "$ref": "HttpRequestMethodType, 
      "default": "GET", 
      "description": "The health check method for HTTP monitor type.", 
      "required": false, 
      "title": "The health check method for HTTP monitor type"
    }, 
    "request_url": {
      "default": "/", 
      "description": "For HTTP active healthchecks, the HTTP request url sent can be customized and can include query parameters.", 
      "required": false, 
      "title": "Customized HTTP request url for active health checks", 
      "type": "string"
    }, 
    "request_version": {
      "$ref": "HttpRequestVersionType, 
      "default": "HTTP_VERSION_1_1", 
      "description": "HTTP request version.", 
      "required": false, 
      "title": "HTTP request version"
    }, 
    "resource_type": {
      "$ref": "LBMonitorProfileType, 
      "required": true
    }, 
    "response_body": {
      "description": "If HTTP response body match string (regular expressions not supported) is specified (using LBHttpMonitor.response_body) then the healthcheck HTTP response body is matched against the specified string and server is considered healthy only if there is a match. If the response body string is not specified, HTTP healthcheck is considered successful if the HTTP response status code is 2xx, but it can be configured to accept other status codes as successful.", 
      "required": false, 
      "title": "Response body to match", 
      "type": "string"
    }, 
    "response_status_codes": {
      "description": "The HTTP response status code should be a valid HTTP status code.", 
      "items": {
        "type": "int"
      }, 
      "maxItems": 64, 
      "required": false, 
      "title": "Array of single HTTP response status codes", 
      "type": "array"
    }, 
    "rise_count": {
      "default": 3, 
      "description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor rise count for active healthchecks", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "description": "Timeout specified in seconds.  After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor timeout in seconds for active healthchecks", 
      "type": "integer"
    }
  }, 
  "title": "LBMonitorProfile for active health checks over HTTP", 
  "type": "object"
}

LBHttpProfile (type) 

{
  "additionalProperties": false, 
  "description": "Http profile.", 
  "extends": {
    "$ref": "LBAppProfile
  }, 
  "id": "LBHttpProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "http_redirect_to": {
      "description": "If a website is temporarily down or has moved, incoming requests for that virtual server can be temporarily redirected to a URL.", 
      "required": false, 
      "title": "Http redirect static URL", 
      "type": "string"
    }, 
    "http_redirect_to_https": {
      "default": false, 
      "description": "Certain secure applications may want to force communication over SSL, but instead of rejecting non-SSL connections, they may choose to redirect the client automatically to use SSL.", 
      "required": false, 
      "title": "Flag to indicate whether enable HTTP-HTTPS redirect", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "idle_timeout": {
      "default": 15, 
      "description": "It is used to specify the HTTP application idle timeout, it means that how long the load balancer will keep the connection idle to wait for the client to send the next keep-alive request. It is not a TCP socket setting.", 
      "maximum": 5400, 
      "minimum": 1, 
      "required": false, 
      "title": "HTTP application idle timeout in seconds", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "ntlm": {
      "default": false, 
      "description": "NTLM is an authentication protocol that can be used over HTTP. If the flag is set to true, LB will use NTLM challenge/response methodology.", 
      "required": false, 
      "title": "NTLM support flag", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "request_body_size": {
      "description": "If it is not specified, it means that request body size is unlimited.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Maximum size of the buffer used to store HTTP request body", 
      "type": "integer"
    }, 
    "request_header_size": {
      "default": 1024, 
      "description": "A request with header larger than request_header_size will be processed as best effort whereas a request with header below this specified size is guaranteed to be processed.", 
      "maximum": 65536, 
      "minimum": 1, 
      "required": false, 
      "title": "Maximum size of the buffer used to store HTTP request headers", 
      "type": "integer"
    }, 
    "resource_type": {
      "$ref": "LBApplicationProfileType, 
      "required": true
    }, 
    "response_header_size": {
      "default": 4096, 
      "description": "A response with header larger than response_header_size will be dropped.", 
      "maximum": 65536, 
      "minimum": 1, 
      "required": false, 
      "title": "Maximum size of the buffer used to store HTTP response headers", 
      "type": "integer"
    }, 
    "response_timeout": {
      "default": 60, 
      "description": "If server doesn\u2019t send any packet within this time, the connection is closed.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Maximum server idle time in seconds", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "x_forwarded_for": {
      "$ref": "LBXForwardedForType, 
      "description": "Insert or replace x_forwarded_for.", 
      "required": false, 
      "title": "Insert or replace x_forwarded_for"
    }
  }, 
  "title": "Http profile", 
  "type": "object"
}

LBHttpRedirectAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to redirect HTTP request messages to a new URL. The reply_status value specified in this action is used as the status code of HTTP response message which is sent back to client (Normally a browser). The HTTP status code for redirection is 3xx, for example, 301, 302, 303, 307, etc. The redirect_url is the new URL that the HTTP request message is redirected to. Normally browser will send another HTTP request to the new URL after receiving a redirection response message. Captured variables and built-in variables can be used in redirect_url field. For example, to redirect all HTTP requests to HTTPS requests for a virtual server. We create an LBRule without any conditions, add an LBHttpRedirectAction to the rule. Set the redirect_url field of the LBHttpRedirectAction to:   https://$_host$_request_uri And set redirect_status to \"302\", which means found. This rule will redirect all HTTP requests to HTTPS server port on the same host.", 
  "extends": {
    "$ref": "LBRuleAction
  }, 
  "id": "LBHttpRedirectAction", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpRedirectAction"
  }, 
  "properties": {
    "redirect_status": {
      "description": "HTTP response status code.", 
      "required": true, 
      "title": "HTTP response status code", 
      "type": "string"
    }, 
    "redirect_url": {
      "description": "The URL that the HTTP request is redirected to.", 
      "required": true, 
      "title": "The URL that the HTTP request is redirected to", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LBRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Action to redirect HTTP request messages", 
  "type": "object"
}

LBHttpRejectAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to reject HTTP request messages. The specified reply_status value is used as the status code for the corresponding HTTP response message which is sent back to client (Normally a browser) indicating the reason it was rejected. Reference official HTTP status code list for your specific HTTP version to set the reply_status properly. LBHttpRejectAction does not support variables.", 
  "extends": {
    "$ref": "LBRuleAction
  }, 
  "id": "LBHttpRejectAction", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpRejectAction"
  }, 
  "properties": {
    "reply_message": {
      "description": "Response message.", 
      "required": false, 
      "title": "Response message", 
      "type": "string"
    }, 
    "reply_status": {
      "description": "HTTP response status code.", 
      "required": true, 
      "title": "HTTP response status code", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LBRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Action to reject HTTP request messages", 
  "type": "object"
}

LBHttpRequestBodyCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match the message body of an HTTP request. Typically, only HTTP POST, PATCH, or PUT requests have request body. The match_type field defines how body_value field is used to match the body of HTTP requests.", 
  "extends": {
    "$ref": "LBRuleCondition
  }, 
  "id": "LBHttpRequestBodyCondition", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpRequestBodyCondition"
  }, 
  "properties": {
    "body_value": {
      "required": true, 
      "title": "HTTP request body", 
      "type": "string"
    }, 
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing HTTP body value.", 
      "required": false, 
      "title": "A case sensitive flag for HTTP body comparing", 
      "type": "boolean"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "required": false, 
      "title": "Match type of HTTP body"
    }, 
    "type": {
      "$ref": "LBRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Condition to match content of HTTP request message body", 
  "type": "object"
}

LBHttpRequestCookieCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match HTTP request messages by cookie which is a specific type of HTTP header. The match_type and case_sensitive define how to compare cookie value.", 
  "extends": {
    "$ref": "LBRuleCondition
  }, 
  "id": "LBHttpRequestCookieCondition", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpRequestCookieCondition"
  }, 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing cookie value.", 
      "required": false, 
      "title": "A case sensitive flag for cookie value comparing", 
      "type": "boolean"
    }, 
    "cookie_name": {
      "description": "Cookie name.", 
      "required": true, 
      "title": "Name of cookie", 
      "type": "string"
    }, 
    "cookie_value": {
      "description": "Cookie value.", 
      "required": true, 
      "title": "Value of cookie", 
      "type": "string"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "description": "Match type of cookie value.", 
      "required": false, 
      "title": "Match type of cookie value"
    }, 
    "type": {
      "$ref": "LBRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Condition to match HTTP request cookie", 
  "type": "object"
}

LBHttpRequestHeaderCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match HTTP request messages by HTTP header fields. HTTP header fields are components of the header section of HTTP request and response messages. They define the operating parameters of an HTTP transaction. For example, Cookie, Authorization, User-Agent, etc. One condition can be used to match one header field, to match multiple header fields, multiple conditions must be specified. The match_type field defines how header_value field is used to match HTTP requests. The header_name field does not support match types.", 
  "extends": {
    "$ref": "LBRuleCondition
  }, 
  "id": "LBHttpRequestHeaderCondition", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpRequestHeaderCondition"
  }, 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing HTTP header value.", 
      "required": false, 
      "title": "A case sensitive flag for HTTP header value comparing", 
      "type": "boolean"
    }, 
    "header_name": {
      "default": "Host", 
      "required": false, 
      "title": "Name of HTTP header", 
      "type": "string"
    }, 
    "header_value": {
      "required": true, 
      "title": "Value of HTTP header", 
      "type": "string"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "required": false, 
      "title": "Match type of HTTP header value"
    }, 
    "type": {
      "$ref": "LBRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Condition to match HTTP request header", 
  "type": "object"
}

LBHttpRequestHeaderDeleteAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to delete header fields of HTTP request messages at HTTP_REQUEST_REWRITE phase. One action can be used to delete all headers with same header name. To delete headers with different header names, multiple actions must be defined.", 
  "extends": {
    "$ref": "LBRuleAction
  }, 
  "id": "LBHttpRequestHeaderDeleteAction", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpRequestHeaderDeleteAction"
  }, 
  "properties": {
    "header_name": {
      "description": "Name of a header field of HTTP request message.", 
      "required": true, 
      "title": "Name of a header field of HTTP request message", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LBRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Action to delete HTTP request header fields", 
  "type": "object"
}

LBHttpRequestHeaderRewriteAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to rewrite header fields of matched HTTP request messages to specified new values. One action can be used to rewrite one header field. To rewrite multiple header fields, multiple actions must be defined. Captured variables and built-in variables can be used in the header_value field, header_name field does not support variables.", 
  "extends": {
    "$ref": "LBRuleAction
  }, 
  "id": "LBHttpRequestHeaderRewriteAction", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpRequestHeaderRewriteAction"
  }, 
  "properties": {
    "header_name": {
      "description": "Name of HTTP request header.", 
      "required": true, 
      "title": "Name of HTTP request header", 
      "type": "string"
    }, 
    "header_value": {
      "description": "Value of HTTP request header.", 
      "required": true, 
      "title": "Value of HTTP request header", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LBRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Action to rewrite header fields of HTTP request messages", 
  "type": "object"
}

LBHttpRequestMethodCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match method of HTTP requests. If the method of an HTTP request is same as the method specified in this condition, the HTTP request match this condition. For example, if the method field is set to GET in this condition, any HTTP request with GET method matches the condition.", 
  "extends": {
    "$ref": "LBRuleCondition
  }, 
  "id": "LBHttpRequestMethodCondition", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpRequestMethodCondition"
  }, 
  "properties": {
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "method": {
      "$ref": "HttpRequestMethodType, 
      "required": true, 
      "title": "Type of HTTP request method"
    }, 
    "type": {
      "$ref": "LBRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Condition to match method of HTTP request messages", 
  "type": "object"
}

LBHttpRequestUriArgumentsCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match URI arguments aka query string of Http request messages, for example, in URI http://exaple.com?foo=1&bar=2, the \"foo=1&bar=2\" is the query string containing URI arguments. In an URI scheme, query string is indicated by the first question mark (\"?\") character and terminated by a number sign (\"#\") character or by the end of the URI. The uri_arguments field can be specified as a regular expression(Set match_type to REGEX). For example, \"foo=(?&lt;x&gt;\\d+)\". It matches HTTP requests whose URI arguments containing \"foo\", the value of foo contains only digits. And the value of foo is captured as $x which can be used in LBRuleAction fields which support variables.", 
  "extends": {
    "$ref": "LBRuleCondition
  }, 
  "id": "LBHttpRequestUriArgumentsCondition", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpRequestUriArgumentsCondition"
  }, 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing URI arguments.", 
      "required": false, 
      "title": "A case sensitive flag for URI arguments comparing", 
      "type": "boolean"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "required": false, 
      "title": "Match type of URI arguments"
    }, 
    "type": {
      "$ref": "LBRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }, 
    "uri_arguments": {
      "description": "URI arguments, aka query string of URI.", 
      "required": true, 
      "title": "URI arguments", 
      "type": "string"
    }
  }, 
  "title": "Condition to match URI arguments of HTTP requests", 
  "type": "object"
}

LBHttpRequestUriCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match URIs(Uniform Resource Identifier) of HTTP request messages. The URI field can be specified as a regular expression. If an HTTP request message is requesting an URI which matches specified regular expression, it matches the condition. The syntax of whole URI looks like this: scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment] This condition matches only the path part of entire URI. When match_type field is specified as REGEX, the uri field is used as a regular expression to match URI path of HTTP requests. For example, to match any URI that has \"/image/\" or \"/images/\", uri field can be specified as: \"/image[s]?/\". Named capturing groups can be used in the uri field to capture substrings of matched URIs and store them in variables for use in LBRuleAction. For example, specify uri field as: \"/news/(?&lt;year&gt;\\d+)/(?&lt;month&gt;\\d+)/(?&lt;article&gt;.*)\" If the URI path is /articles/news/2017/06/xyz.html, then substring \"2017\" is captured in variable year, \"06\" is captured in variable month, and \"xyz.html\" is captured in variable article. These variables can then be used in an LBRuleAction field which supports variables, such as uri field of LBHttpRequestUriRewriteAction. For example, set the uri field of LBHttpRequestUriRewriteAction as: \"/articles/news/$year-$month-$article\" Then the URI path /articles/news/2017/06/xyz.html is rewritten to: \"/articles/news/2017-06-xyz.html\"", 
  "extends": {
    "$ref": "LBRuleCondition
  }, 
  "id": "LBHttpRequestUriCondition", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpRequestUriCondition"
  }, 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing URI.", 
      "required": false, 
      "title": "A case sensitive flag for URI comparing", 
      "type": "boolean"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "required": false, 
      "title": "Match type of URI"
    }, 
    "type": {
      "$ref": "LBRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }, 
    "uri": {
      "required": true, 
      "title": "A string used to identify resource", 
      "type": "string"
    }
  }, 
  "title": "Condition to match URIs of HTTP request messages", 
  "type": "object"
}

LBHttpRequestUriRewriteAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to rewrite URIs in matched HTTP request messages. Specify the uri and uri_arguments fields in this condition to rewrite the matched HTTP request message's URI and URI arguments to the new values. Full URI scheme of HTTP messages have following syntax: scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment] The uri field of this action is used to rewrite the /path part in above scheme. And the uri_arguments field is used to rewrite the query part. Captured variables and built-in variables can be used in the uri and uri_arguments fields. Check the example in LBRuleAction to see how to use variables in this action.", 
  "extends": {
    "$ref": "LBRuleAction
  }, 
  "id": "LBHttpRequestUriRewriteAction", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpRequestUriRewriteAction"
  }, 
  "properties": {
    "type": {
      "$ref": "LBRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }, 
    "uri": {
      "description": "URI of HTTP request.", 
      "required": true, 
      "title": "URI of HTTP request", 
      "type": "string"
    }, 
    "uri_arguments": {
      "description": "Query string of URI, typically contains key value pairs, for example: foo1=bar1&foo2=bar2.", 
      "required": false, 
      "title": "URI arguments", 
      "type": "string"
    }
  }, 
  "title": "Action to rewrite HTTP request URIs.", 
  "type": "object"
}

LBHttpRequestVersionCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match the HTTP protocol version of the HTTP request messages.", 
  "extends": {
    "$ref": "LBRuleCondition
  }, 
  "id": "LBHttpRequestVersionCondition", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpRequestVersionCondition"
  }, 
  "properties": {
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "type": {
      "$ref": "LBRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }, 
    "version": {
      "$ref": "HttpRequestVersionType, 
      "required": true, 
      "title": "HTTP version"
    }
  }, 
  "title": "Condition to match HTTP protocol version of HTTP requests", 
  "type": "object"
}

LBHttpResponseHeaderCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match HTTP response messages from backend servers by HTTP header fields. HTTP header fields are components of the header section of HTTP request and response messages. They define the operating parameters of an HTTP transaction. For example, Cookie, Authorization, User-Agent, etc. One condition can be used to match one header field, to match multiple header fields, multiple conditions must be specified. The match_type field defines how header_value field is used to match HTTP responses. The header_name field does not support match types.", 
  "extends": {
    "$ref": "LBRuleCondition
  }, 
  "id": "LBHttpResponseHeaderCondition", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpResponseHeaderCondition"
  }, 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing HTTP header value.", 
      "required": false, 
      "title": "A case sensitive flag for HTTP header value comparing", 
      "type": "boolean"
    }, 
    "header_name": {
      "required": true, 
      "title": "Name of HTTP header field", 
      "type": "string"
    }, 
    "header_value": {
      "required": true, 
      "title": "Value of HTTP header field", 
      "type": "string"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "required": false, 
      "title": "Match type of HTTP header value"
    }, 
    "type": {
      "$ref": "LBRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Condition to match a header field of HTTP response", 
  "type": "object"
}

LBHttpResponseHeaderDeleteAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to delete header fields of HTTP response messages at HTTP_RESPONSE_REWRITE phase. One action can be used to delete allgi headers with same header name. To delete headers with different header names, multiple actions must be defined.", 
  "extends": {
    "$ref": "LBRuleAction
  }, 
  "id": "LBHttpResponseHeaderDeleteAction", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpResponseHeaderDeleteAction"
  }, 
  "properties": {
    "header_name": {
      "description": "Name of a header field of HTTP response message.", 
      "required": true, 
      "title": "Name of a header field of HTTP response message", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LBRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Action to delete HTTP response header fields", 
  "type": "object"
}

LBHttpResponseHeaderRewriteAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to rewrite header fields of HTTP response messages to specified new values at HTTP_RESPONSE_REWRITE phase. One action can be used to rewrite one header field. To rewrite multiple header fields, multiple actions must be defined. Captured variables and built-in variables can be used in the header_value field, header_name field does not support variables.", 
  "extends": {
    "$ref": "LBRuleAction
  }, 
  "id": "LBHttpResponseHeaderRewriteAction", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpResponseHeaderRewriteAction"
  }, 
  "properties": {
    "header_name": {
      "description": "Name of a header field of HTTP request message.", 
      "required": true, 
      "title": "Name of a header field of HTTP request message", 
      "type": "string"
    }, 
    "header_value": {
      "description": "Value of header field", 
      "required": true, 
      "title": "Value of header field", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LBRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Action to rewrite HTTP response header fields", 
  "type": "object"
}

LBHttpSslCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match SSL handshake and SSL connection at all phases.If multiple properties are configured, the rule is considered a match when all the configured properties are matched.", 
  "extends": {
    "$ref": "LBRuleCondition
  }, 
  "id": "LBHttpSslCondition", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpSslCondition"
  }, 
  "properties": {
    "client_certificate_issuer_dn": {
      "$ref": "LBClientCertificateIssuerDnCondition, 
      "description": "The issuer DN match condition of the client certificate for an established SSL connection.", 
      "required": false, 
      "title": "The issuer DN match condition of the client certificate"
    }, 
    "client_certificate_subject_dn": {
      "$ref": "LBClientCertificateSubjectDnCondition, 
      "description": "The subject DN match condition of the client certificate for an established SSL connection.", 
      "required": false, 
      "title": "The subject DN match condition of the client certificate"
    }, 
    "client_supported_ssl_ciphers": {
      "description": "Cipher list which supported by client.", 
      "items": {
        "$ref": "SslCipher
      }, 
      "required": false, 
      "title": "Cipher list which supported by client", 
      "type": "array"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "session_reused": {
      "$ref": "LbSslSessionReusedType, 
      "default": "IGNORE", 
      "description": "The type of SSL session reused.", 
      "required": false, 
      "title": "The type of SSL session reused"
    }, 
    "type": {
      "$ref": "LBRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }, 
    "used_protocol": {
      "$ref": "SslProtocol, 
      "description": "Protocol of an established SSL connection.", 
      "required": false, 
      "title": "Protocol of an established SSL connection"
    }, 
    "used_ssl_cipher": {
      "$ref": "SslCipher, 
      "description": "Cipher used for an established SSL connection.", 
      "required": false, 
      "title": "Cipher used for an established SSL connection"
    }
  }, 
  "title": "Condition to match SSL handshake and SSL connection", 
  "type": "object"
}

LBHttpsMonitorProfile (type) 

{
  "additionalProperties": false, 
  "description": "Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over HTTPS. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
  "extends": {
    "$ref": "LBActiveMonitor
  }, 
  "id": "LBHttpsMonitorProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBHttpsMonitorProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor fall count for active healthchecks", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor interval in seconds for active healthchecks", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "monitor_port": {
      "description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Monitor port for active healthchecks", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "request_body": {
      "description": "String to send as part of HTTP health check request body. Valid only for certain HTTP methods like POST.", 
      "required": false, 
      "title": "HTTP health check request body", 
      "type": "string"
    }, 
    "request_headers": {
      "description": "Array of HTTP request headers.", 
      "items": {
        "$ref": "LbHttpRequestHeader
      }, 
      "required": false, 
      "title": "Array of HTTP request headers", 
      "type": "array"
    }, 
    "request_method": {
      "$ref": "HttpRequestMethodType, 
      "default": "GET", 
      "description": "The health check method for HTTP monitor type.", 
      "required": false, 
      "title": "The health check method for HTTP monitor type"
    }, 
    "request_url": {
      "default": "/", 
      "description": "For HTTPS active healthchecks, the HTTPS request url sent can be customized and can include query parameters.", 
      "required": false, 
      "title": "Customized HTTPS request url for active health checks", 
      "type": "string"
    }, 
    "request_version": {
      "$ref": "HttpRequestVersionType, 
      "default": "HTTP_VERSION_1_1", 
      "description": "HTTP request version.", 
      "required": false, 
      "title": "HTTP request version"
    }, 
    "resource_type": {
      "$ref": "LBMonitorProfileType, 
      "required": true
    }, 
    "response_body": {
      "description": "If HTTP response body match string (regular expressions not supported) is specified (using LBHttpMonitor.response_body) then the healthcheck HTTP response body is matched against the specified string and server is considered healthy only if there is a match. If the response body string is not specified, HTTP healthcheck is considered successful if the HTTP response status code is 2xx, but it can be configured to accept other status codes as successful.", 
      "required": false, 
      "title": "Response body to match", 
      "type": "string"
    }, 
    "response_status_codes": {
      "description": "The HTTP response status code should be a valid HTTP status code.", 
      "items": {
        "type": "int"
      }, 
      "maxItems": 64, 
      "required": false, 
      "title": "Array of single HTTP response status codes", 
      "type": "array"
    }, 
    "rise_count": {
      "default": 3, 
      "description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor rise count for active healthchecks", 
      "type": "integer"
    }, 
    "server_ssl_profile_binding": {
      "$ref": "LBServerSslProfileBinding, 
      "description": "The setting is used when the monitor acts as an SSL client and establishing a connection to the backend server.", 
      "required": false, 
      "title": "Pool side SSL binding setting"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "description": "Timeout specified in seconds.  After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor timeout in seconds for active healthchecks", 
      "type": "integer"
    }
  }, 
  "title": "LBMonitorProfile for active health checks over HTTPS", 
  "type": "object"
}

LBIcmpMonitorProfile (type) 

{
  "additionalProperties": false, 
  "description": "Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over ICMP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healt hchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
  "extends": {
    "$ref": "LBActiveMonitor
  }, 
  "id": "LBIcmpMonitorProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBIcmpMonitorProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "data_length": {
      "default": 56, 
      "maximum": 65507, 
      "minimum": 0, 
      "required": false, 
      "title": "The data size (in byte) of the ICMP healthcheck packet", 
      "type": "integer"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor fall count for active healthchecks", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor interval in seconds for active healthchecks", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "monitor_port": {
      "description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Monitor port for active healthchecks", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LBMonitorProfileType, 
      "required": true
    }, 
    "rise_count": {
      "default": 3, 
      "description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor rise count for active healthchecks", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "description": "Timeout specified in seconds.  After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor timeout in seconds for active healthchecks", 
      "type": "integer"
    }
  }, 
  "title": "LBMonitorProfile for active health checks over ICMP", 
  "type": "object"
}

LBIpHeaderCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match IP header fields of HTTP messages. Currently, only the source IP address is supported. IP addresses can be expressed as a single IP address like 10.1.1.1, or a range of IP addresses like 10.1.1.101-10.1.1.160. Both IPv4 and IPv6 addresses are supported.", 
  "extends": {
    "$ref": "LBRuleCondition
  }, 
  "id": "LBIpHeaderCondition", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBIpHeaderCondition"
  }, 
  "properties": {
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "source_address": {
      "$ref": "IPElement, 
      "required": true, 
      "title": "Source IP address of HTTP message"
    }, 
    "type": {
      "$ref": "LBRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Condition to match IP header fields", 
  "type": "object"
}

LBMonitorProfile (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "LBMonitorProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LBMonitorProfileType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LBMonitorProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LBMonitorProfileListResult", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LBMonitorProfile
      }, 
      "required": true, 
      "title": "LBMonitorProfile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of LBMonitorProfiles", 
  "type": "object"
}

LBMonitorProfileType (type) 

{
  "description": "There are two types of healthchecks: active and passive. Passive healthchecks depend on failures in actual client traffic (e.g. RST from server in response to a client connection) to detect that the server or the application is down. In case of active healthchecks, load balancer itself initiates new connections (or sends ICMP ping) to the servers periodically to check their health, completely independent of any data traffic. Currently, active health monitors are supported for HTTP, HTTPS, TCP, UDP and ICMP protocols.", 
  "enum": [
    "LBTcpMonitorProfile", 
    "LBUdpMonitorProfile", 
    "LBIcmpMonitorProfile", 
    "LBHttpMonitorProfile", 
    "LBHttpsMonitorProfile", 
    "LBPassiveMonitorProfile"
  ], 
  "id": "LBMonitorProfileType", 
  "module_id": "PolicyLoadBalancer", 
  "title": "Monitor type", 
  "type": "string"
}

LBNodeCountPerSeverity (type) 

{
  "additionalProperties": false, 
  "description": "The node count for specific load balancer usage severity.", 
  "id": "LBNodeCountPerSeverity", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "node_count": {
      "description": "Node count for specific serverity.", 
      "readonly": true, 
      "title": "Node count for specific serverity", 
      "type": "integer"
    }, 
    "severity": {
      "$ref": "LBUsageSeverity, 
      "description": "The severity calculation is based on current credit usage percentage of load balancer for one node.", 
      "readonly": true, 
      "title": "LB usage severity"
    }
  }, 
  "title": "The node count for specific severity", 
  "type": "object"
}

LBNodeUsage (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Node usage for load balancer contains basic information and LB entity usages and capacity for the given node. Only edge node is supported.", 
  "id": "LBNodeUsage", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "node_path": {
      "description": "The property identifies the node path for load balancer node usage. For example, node_path=/infra/sites/default/enforcement-points/default /edge-clusters/85175e0b-4d74-461d-83e1-f3b785adef9c/edge-nodes /86e077c0-449f-11e9-87c8-02004eb37029.", 
      "required": true, 
      "title": "The node path for load balancer node usage", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The property identifies the load balancer node usage type.", 
      "required": true, 
      "title": "Type of load balancer node usage", 
      "type": "string"
    }
  }, 
  "title": "Node usage for load balancer", 
  "type": "object"
}

LBNodeUsageRequestParameters (type) 

{
  "additionalProperties": false, 
  "id": "LBNodeUsageRequestParameters", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "node_path": {
      "description": "The property identifies the node path for load balancer node usage. For example, ?node_path=/infra/sites/default/enforcement-points/default /edge-clusters/85175e0b-4d74-461d-83e1-f3b785adef9c/edge-nodes /86e077c0-449f-11e9-87c8-02004eb37029.", 
      "required": true, 
      "title": "The node path for load balancer node usage", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LBNodeUsageSummary (type) 

{
  "additionalProperties": false, 
  "description": "The load balancer node usage summary for all nodes from specific enforcement point. Only edge node is supported. The summary contains all edge nodes which are configured in edge clusters.", 
  "extends": {
    "$ref": "PolicyRuntimeInfoPerEP
  }, 
  "id": "LBNodeUsageSummary", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "current_load_balancer_credits": {
      "description": "Current load balancer credits in use for all nodes. For example, configuring a medium load balancer on a node consumes 10 credits. If there are 2 medium instances configured, the current load balancer credit number is 2 * 10 = 20.", 
      "readonly": true, 
      "title": "Current load balancer credits", 
      "type": "integer"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "load_balancer_credit_capacity": {
      "description": "The load balancer credit capacity means the maximum credits which can be used for load balancer service configuration for all nodes.", 
      "readonly": true, 
      "title": "Load balancer credit capacity", 
      "type": "integer"
    }, 
    "node_counts": {
      "description": "The property identifies array of node count for each severity.", 
      "items": {
        "$ref": "LBNodeCountPerSeverity
      }, 
      "readonly": true, 
      "title": "Array of node count for each severity", 
      "type": "array"
    }, 
    "node_usages": {
      "description": "The property identifies all LB node usages. By default, it is not included in response. It exists when parameter ?include_usages=true.", 
      "items": {
        "$ref": "LBNodeUsage
      }, 
      "readonly": true, 
      "title": "LB node usages", 
      "type": "array"
    }, 
    "severity": {
      "$ref": "LBUsageSeverity, 
      "description": "The severity calculation is based on overall credit usage percentage of load balancer for all nodes.", 
      "readonly": true, 
      "title": "LB usage severity"
    }, 
    "usage_percentage": {
      "description": "The overall credit usage percentage of all nodes for load balancer.", 
      "readonly": true, 
      "title": "Usage percentage", 
      "type": "number"
    }
  }, 
  "title": "LB node usage summary for all nodes", 
  "type": "object"
}

LBNodeUsageSummaryRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LBUsageSummaryRequestParameters
  }, 
  "id": "LBNodeUsageSummaryRequestParameters", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "enforcement_point_path": {
      "description": "Specify enforcement point path.", 
      "required": false, 
      "title": "enforcement point path", 
      "type": "string"
    }, 
    "include_usages": {
      "description": "Specify whether to include usages in response.", 
      "required": false, 
      "title": "Whether to include usages", 
      "type": "boolean"
    }
  }, 
  "title": "Load balancer node usage summary request parameters", 
  "type": "object"
}

LBPassiveMonitorProfile (type) 

{
  "additionalProperties": false, 
  "description": "The passive type of LBMonitorProfile.", 
  "extends": {
    "$ref": "LBMonitorProfile
  }, 
  "id": "LBPassiveMonitorProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBPassiveMonitorProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "max_fails": {
      "default": 5, 
      "description": "When the consecutive failures reach this value, then the member is considered temporarily unavailable for a configurable period", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Number of consecutive connection failures", 
      "type": "integer"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LBMonitorProfileType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 5, 
      "description": "After this timeout period, the member is tried again for a new connection to see if it is available.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Timeout in seconds before it is selected again for a new connection", 
      "type": "integer"
    }
  }, 
  "title": "Base class for each type of active LBMonitorProfile", 
  "type": "object"
}

LBPersistenceCookieTime (type) 

{
  "additionalProperties": false, 
  "description": "Persistence cookie time.", 
  "extends": {
    "$ref": "LBCookieTime
  }, 
  "id": "LBPersistenceCookieTime", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBPersistenceCookieTime"
  }, 
  "properties": {
    "cookie_max_idle": {
      "description": "HTTP cookie max-age to expire cookie, only available for insert mode.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": true, 
      "title": "Persistence cookie max idle time in seconds", 
      "type": "integer"
    }, 
    "type": {
      "$ref": "LBCookieTimeType, 
      "required": true
    }
  }, 
  "title": "Persistence cookie time", 
  "type": "object"
}

LBPersistenceProfile (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it. LBGenericPersistenceProfile cannot be attached to LBVirtualServer directly, it can be specified in LBVariablePersistenceOnAction or LBVariablePersistenceLearnAction in LBRule. If a user attaches a LBGenericPersistenceProfile directly to a virtual server, the operation is rejected.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "LBPersistenceProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "persistence_shared": {
      "default": false, 
      "description": "Persistence shared setting indicates that all LBVirtualServers that consume this LBPersistenceProfile should share the same persistence mechanism when enabled.  Meaning, persistence entries of a client accessing one virtual server will also affect the same client's connections to a different virtual server. For example, say there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to the same Group g1 consisting of two servers (s11:80 and s12:80). By default, each virtual server will have its own persistence table or cookie. So, in the earlier example, there will be two tables (vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client connects to vip1:80 and later connects to vip1:8080, the second connection may be sent to a different server than the first.  When persistence_shared is enabled, then the second connection will always connect to the same server as the original connection. For COOKIE persistence type, the same cookie will be shared by multiple virtual servers. For SOURCE_IP persistence type, the persistence table will be shared across virtual servers. For GENERIC persistence type, the persistence table will be shared across virtual servers which consume the same persistence profile in LBRule actions.", 
      "required": false, 
      "title": "Persistence shared across LBVirtualServers", 
      "type": "boolean"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The resource_type property identifies persistence profile type.", 
      "enum": [
        "LBSourceIpPersistenceProfile", 
        "LBCookiePersistenceProfile", 
        "LBGenericPersistenceProfile"
      ], 
      "required": true, 
      "title": "Persistence profile type", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Contains the information related to load balancer persistence options", 
  "type": "object"
}

LBPersistenceProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LBPersistenceProfileListResult", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LBPersistenceProfile
      }, 
      "required": true, 
      "title": "LBPersistenceProfile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of LBPersistenceProfiles", 
  "type": "object"
}

LBPool (type) 

{
  "additionalProperties": false, 
  "description": "Defining access of a Group from a LBVirtualServer and binding to LBMonitorProfile.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "LBPool", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "active_monitor_paths": {
      "description": "In case of active healthchecks, load balancer itself initiates new connections (or sends ICMP ping) to the servers periodically to check their health, completely independent of any data traffic. Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the pool. Currently, only one active health monitor can be configured per server pool.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "required": false, 
      "title": "Active monitor path list", 
      "type": "array"
    }, 
    "algorithm": {
      "default": "ROUND_ROBIN", 
      "description": "Load Balancing algorithm chooses a server for each new connection by going through the list of servers in the pool. Currently, following load balancing algorithms are supported with ROUND_ROBIN as the default. ROUND_ROBIN means that a server is selected in a round-robin fashion. The weight would be ignored even if it is configured. WEIGHTED_ROUND_ROBIN means that a server is selected in a weighted round-robin fashion. Default weight of 1 is used if weight is not configured. LEAST_CONNECTION means that a server is selected when it has the least number of connections. The weight would be ignored even if it is configured. Slow start would be enabled by default. WEIGHTED_LEAST_CONNECTION means that a server is selected in a weighted least connection fashion. Default weight of 1 is used if weight is not configured. Slow start would be enabled by default. IP_HASH means that consistent hash is performed on the source IP address of the incoming connection. This ensures that the same client IP address will always reach the same server as long as no server goes down or up. It may be used on the Internet to provide a best-effort stickiness to clients which refuse session cookies.", 
      "enum": [
        "ROUND_ROBIN", 
        "WEIGHTED_ROUND_ROBIN", 
        "LEAST_CONNECTION", 
        "WEIGHTED_LEAST_CONNECTION", 
        "IP_HASH"
      ], 
      "required": false, 
      "title": "Load balancing algorithm", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "member_group": {
      "$ref": "LBPoolMemberGroup, 
      "description": "Load balancer pool support grouping object as dynamic pool members. When member group is defined, members setting should not be specified.", 
      "required": false, 
      "title": "Load balancer member setting with grouping object"
    }, 
    "members": {
      "description": "Server pool consists of one or more pool members. Each pool member is identified, typically, by an IP address and a port.", 
      "items": {
        "$ref": "LBPoolMember
      }, 
      "required": false, 
      "title": "Load balancer pool members", 
      "type": "array"
    }, 
    "min_active_members": {
      "default": 1, 
      "description": "A pool is considered active if there are at least certain minimum number of members.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Minimum number of active pool members to consider pool as active", 
      "type": "integer"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "passive_monitor_path": {
      "description": "Passive healthchecks are disabled by default and can be enabled by attaching a passive health monitor to a server pool. Each time a client connection to a pool member fails, its failed count is incremented. For pools bound to L7 virtual servers, a connection is considered to be failed and failed count is incremented if any TCP connection errors (e.g. TCP RST or failure to send data) or SSL handshake failures occur. For pools bound to L4 virtual servers, if no response is received to a TCP SYN sent to the pool member or if a TCP RST is received in response to a TCP SYN, then the pool member is considered to have failed and the failed count is incremented.", 
      "required": false, 
      "title": "Passive monitor path", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "snat_translation": {
      "$ref": "LBSnatTranslation, 
      "description": "Depending on the topology, Source NAT (SNAT) may be required to ensure traffic from the server destined to the client is received by the load balancer. SNAT can be enabled per pool. If SNAT is not enabled for a pool, then load balancer uses the client IP and port (spoofing) while establishing connections to the servers. This is referred to as no-SNAT or TRANSPARENT mode.  By default Source NAT is enabled as LBSnatAutoMap.", 
      "required": false, 
      "title": "Snat translation configuration"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_multiplexing_enabled": {
      "default": false, 
      "description": "TCP multiplexing allows the same TCP connection between load balancer and the backend server to be used for sending multiple client requests from different client TCP connections.", 
      "required": false, 
      "title": "TCP multiplexing enable flag", 
      "type": "boolean"
    }, 
    "tcp_multiplexing_number": {
      "default": 6, 
      "description": "The maximum number of TCP connections per pool that are idly kept alive for sending future client requests.", 
      "maximum": 2147483647, 
      "minimum": 0, 
      "required": false, 
      "title": "Maximum number of TCP connections for multiplexing", 
      "type": "integer"
    }
  }, 
  "title": "Defining access a Group from a LBVirtualServer and binding to LBMonitorProfile", 
  "type": "object"
}

LBPoolListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paged Collection of LBPool.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LBPoolListResult", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "LBPool list results.", 
      "items": {
        "$ref": "LBPool
      }, 
      "required": true, 
      "title": "LBPool list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of LBPool", 
  "type": "object"
}

LBPoolMember (type) 

{
  "additionalProperties": false, 
  "description": "Pool member.", 
  "id": "LBPoolMember", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "admin_state": {
      "$ref": "PoolMemberAdminStateType, 
      "default": "ENABLED", 
      "description": "Member admin state.", 
      "required": false, 
      "title": "Member admin state"
    }, 
    "backup_member": {
      "default": false, 
      "description": "Backup servers are typically configured with a sorry page indicating to the user that the application is currently unavailable. While the pool is active (a specified minimum number of pool members are active) BACKUP members are skipped during server selection. When the pool is inactive, incoming connections are sent to only the BACKUP member(s).", 
      "required": false, 
      "title": "Determine whether the pool member is for backup usage", 
      "type": "boolean"
    }, 
    "display_name": {
      "description": "Pool member name.", 
      "required": false, 
      "title": "Pool member name", 
      "type": "string"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "description": "Pool member IP address.", 
      "required": true, 
      "title": "Pool member IP address"
    }, 
    "max_concurrent_connections": {
      "description": "To ensure members are not overloaded, connections to a member can be capped by the load balancer. When a member reaches this limit, it is skipped during server selection. If it is not specified, it means that connections are unlimited.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Maximum concurrent connection number", 
      "type": "integer"
    }, 
    "port": {
      "$ref": "PortElement, 
      "description": "If port is specified, all connections will be sent to this port. Only single port is supported. If unset, the same port the client connected to will be used, it could be overrode by default_pool_member_port setting in virtual server. The port should not specified for port range case.", 
      "required": false, 
      "title": "Pool member port number"
    }, 
    "weight": {
      "default": 1, 
      "description": "Pool member weight is used for WEIGHTED_ROUND_ROBIN balancing algorithm. The weight value would be ignored in other algorithms.", 
      "maximum": 256, 
      "minimum": 1, 
      "required": false, 
      "title": "Pool member weight", 
      "type": "integer"
    }
  }, 
  "title": "Pool member", 
  "type": "object"
}

LBPoolMemberGroup (type) 

{
  "additionalProperties": false, 
  "description": "Pool member group.", 
  "id": "LBPoolMemberGroup", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "customized_members": {
      "description": "The list is used to show the customized pool member settings. User can only user pool member action API to update the admin state for a specific IP address.", 
      "items": {
        "$ref": "PoolMemberSetting
      }, 
      "readonly": false, 
      "title": "List of customized pool member settings", 
      "type": "array"
    }, 
    "group_path": {
      "description": "Load balancer pool support Group as dynamic pool members. The IP list of the Group would be used as pool member IP setting.", 
      "required": true, 
      "title": "Grouping object path", 
      "type": "string"
    }, 
    "ip_revision_filter": {
      "default": "IPV4", 
      "description": "Ip revision filter is used to filter IPv4 or IPv6 addresses from the grouping object. If the filter is not specified, both IPv4 and IPv6 addresses would be used as server IPs. The link local and loopback addresses would be always filtered out.", 
      "enum": [
        "IPV4", 
        "IPV6", 
        "IPV4_IPV6"
      ], 
      "required": false, 
      "title": "Filter of ipv4 or ipv6 address of grouping object IP list", 
      "type": "string"
    }, 
    "max_ip_list_size": {
      "description": "The size is used to define the maximum number of grouping object IP address list. These IP addresses would be used as pool members. If the grouping object includes more than certain number of IP addresses, the redundant parts would be ignored and those IP addresses would not be treated as pool members. If the size is not specified, one member is budgeted for this dynamic pool so that the pool has at least one member even if some other dynamic pools grow beyond the capacity of load balancer service. Other members are picked according to available dynamic capacity. The unused members would be set to DISABLED so that the load balancer system itself is not overloaded during runtime.", 
      "maximum": 2147483647, 
      "minimum": 0, 
      "required": false, 
      "title": "Maximum number of grouping object IP address list", 
      "type": "integer"
    }, 
    "port": {
      "description": "If port is specified, all connections will be sent to this port. If unset, the same port the client connected to will be used, it could be overridden by default_pool_member_ports setting in virtual server. The port should not specified for multiple ports case.", 
      "maximum": 65535, 
      "minimum": 1, 
      "required": false, 
      "title": "Pool member port for all IP addresses of the grouping object", 
      "type": "int"
    }
  }, 
  "title": "Pool member group", 
  "type": "object"
}

LBPoolMemberStatistics (type) 

{
  "id": "LBPoolMemberStatistics", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "ip_address": {
      "$ref": "IPAddress, 
      "description": "Pool member IP address.", 
      "readonly": true, 
      "title": "Pool member IP address"
    }, 
    "port": {
      "$ref": "PortElement, 
      "description": "The port is configured in pool member. For virtual server port range case, pool member port must be null.", 
      "readonly": true, 
      "title": "Pool member port"
    }, 
    "statistics": {
      "$ref": "LBStatisticsCounter, 
      "description": "Pool member statistics counter.", 
      "readonly": true, 
      "title": "Pool member statistics counter"
    }
  }, 
  "type": "object"
}

LBPoolMemberStatus (type) 

{
  "id": "LBPoolMemberStatus", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "failure_cause": {
      "description": "The healthcheck failure cause when status is DOWN.", 
      "readonly": true, 
      "title": "The healthcheck failure cause when status is DOWN", 
      "type": "string"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "description": "Pool member IP address.", 
      "readonly": true, 
      "title": "Pool member IP address"
    }, 
    "last_check_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the monitor status was last checked.", 
      "readonly": true, 
      "title": "Timestamp when the monitor status was last checked"
    }, 
    "last_state_change_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the monitor status was last changed.", 
      "readonly": true, 
      "title": "Timestamp when the monitor status was last changed"
    }, 
    "port": {
      "$ref": "PortElement, 
      "description": "The port is configured in pool member. For virtual server port range case, pool member port must be null.", 
      "readonly": true, 
      "title": "Pool member port"
    }, 
    "status": {
      "description": "UP means that pool member is enabled and monitors have marked the pool member as UP. If the pool member has no monitor configured, it would be treated as UP. DOWN means that pool member is enabled and monitors have marked the pool member as DOWN. DISABLED means that admin state of pool member is set to DISABLED. GRACEFUL_DISABLED means that admin state of pool member is set to GRACEFUL_DISABLED. UNUSED means that the pool member is not used when the IP list size of member group exceeds the maximum setting. The remaining IP addresses would not be used as available backend servers, hence mark the status as UNUSED.", 
      "enum": [
        "UP", 
        "DOWN", 
        "DISABLED", 
        "GRACEFUL_DISABLED", 
        "UNUSED"
      ], 
      "readonly": true, 
      "title": "Pool member status", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LBPoolStatistics (type) 

{
  "extends": {
    "$ref": "LBPoolStatisticsPerEP
  }, 
  "id": "LBPoolStatistics", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBPoolStatistics"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "readonly": true, 
      "title": "Timestamp when the data was last updated"
    }, 
    "members": {
      "description": "Statistics of load balancer pool members.", 
      "items": {
        "$ref": "LBPoolMemberStatistics
      }, 
      "readonly": true, 
      "title": "Statistics of load balancer pool members", 
      "type": "array"
    }, 
    "pool_path": {
      "description": "Load balancer pool object path.", 
      "readonly": true, 
      "title": "Load balancer pool object path", 
      "type": "string"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "statistics": {
      "$ref": "LBStatisticsCounter, 
      "description": "Virtual server statistics counter.", 
      "readonly": true, 
      "title": "Virtual server statistics counter"
    }
  }, 
  "type": "object"
}

LBPoolStatisticsPerEP (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyRuntimeInfoPerEP
  }, 
  "id": "LBPoolStatisticsPerEP", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "LBPoolStatistics on specific Enforcement Point", 
  "type": "object"
}

LBPoolStatus (type) 

{
  "extends": {
    "$ref": "LBPoolStatusPerEP
  }, 
  "id": "LBPoolStatus", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBPoolStatus"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "readonly": true, 
      "title": "Timestamp when the data was last updated"
    }, 
    "members": {
      "description": "Status of load balancer pool members.", 
      "items": {
        "$ref": "LBPoolMemberStatus
      }, 
      "readonly": true, 
      "title": "Status of load balancer pool members", 
      "type": "array"
    }, 
    "pool_path": {
      "description": "Load balancer pool object path.", 
      "readonly": true, 
      "title": "Load balancer pool object path", 
      "type": "string"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "status": {
      "description": "UP means that all primary members are in UP status. PARTIALLY_UP means that some(not all) primary members are in UP status, the number of these active members is larger or equal to certain number(min_active_members) which is defined in LBPool. When there are no backup members which are in the UP status, the number(min_active_members) would be ignored. PRIMARY_DOWN means that less than certain(min_active_members) primary members are in UP status but backup members are in UP status, connections to this pool would be dispatched to backup members. DOWN means that all primary and backup members are DOWN. DETACHED means that the pool is not bound to any virtual server. UNKOWN means that no status reported from transport-nodes. The associated load balancer service may be working(or not working).", 
      "enum": [
        "UP", 
        "PARTIALLY_UP", 
        "PRIMARY_DOWN", 
        "DOWN", 
        "DETACHED", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "title": "Virtual server status", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LBPoolStatusPerEP (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyRuntimeInfoPerEP
  }, 
  "id": "LBPoolStatusPerEP", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "LBPoolStatus on specific Enforcement Point", 
  "type": "object"
}

LBRule (type) 

{
  "additionalProperties": false, 
  "description": "Binding of a LBPool and Group to a LBVirtualServer used to route application traffic passing through load balancers. LBRule uses match conditions to match application traffic passing through a LBVirtualServer using HTTP or HTTPS. Can bind multiple LBVirtualServers to a Group. Each LBRule consists of two optional match conditions, each match contidion defines a criterion for application traffic.  If no match conditions are specified, then the LBRule will always match and it is used typically to define default rules. If more than one match condition is specified, then matching strategy determines if all conditions should match or any one condition should match for the LBRule to be considered a match.  A match indicates that the LBVirtualServer should route the request to the Group (parent of LBRule).", 
  "id": "LBRule", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "actions": {
      "description": "A list of actions to be executed at specified phase when load balancer rule matches. The actions are used to manipulate application traffic, such as rewrite URI of HTTP messages, redirect HTTP messages, etc.", 
      "items": {
        "$ref": "LBRuleAction
      }, 
      "maxItems": 60, 
      "required": true, 
      "title": "Actions to be executed", 
      "type": "array"
    }, 
    "display_name": {
      "description": "A display name useful for identifying an LBRule.", 
      "required": false, 
      "title": "Display name for LBRule", 
      "type": "string"
    }, 
    "match_conditions": {
      "description": "A list of match conditions used to match application traffic. Multiple match conditions can be specified in one load balancer rule, each match condition defines a criterion to match application traffic. If no match conditions are specified, then the load balancer rule will always match and it is used typically to define default rules. If more than one match condition is specified, then match strategy determines if all conditions should match or any one condition should match for the load balancer rule to considered a match.", 
      "items": {
        "$ref": "LBRuleCondition
      }, 
      "maxItems": 60, 
      "required": false, 
      "title": "Conditions to match application traffic", 
      "type": "array"
    }, 
    "match_strategy": {
      "default": "ANY", 
      "description": "If more than one match condition is specified, then matching strategy determines if all conditions should match or any one condition should match for the LB Rule to be considered a match. - ALL indicates that both host_match and path_match must match for this LBRule to be considered a match. - ANY indicates that either host_match or patch match may match for this LBRule to be considered a match.", 
      "enum": [
        "ALL", 
        "ANY"
      ], 
      "required": false, 
      "title": "Match strategy for determining match of multiple conditions", 
      "type": "string"
    }, 
    "phase": {
      "default": "HTTP_FORWARDING", 
      "description": "Each load balancer rule is used at a specific phase of load balancer processing. Currently three phases are supported, HTTP_REQUEST_REWRITE, HTTP_FORWARDING and HTTP_RESPONSE_REWRITE. When an HTTP request message is received by load balancer, all HTTP_REQUEST_REWRITE rules, if present are executed in the order they are applied to virtual server. And then if HTTP_FORWARDING rules present, only first matching rule's action is executed, remaining rules are not checked. HTTP_FORWARDING rules can have only one action. If the request is forwarded to a backend server and the response goes back to load balancer, all HTTP_RESPONSE_REWRITE rules, if present, are executed in the order they are applied to the virtual server.", 
      "enum": [
        "HTTP_REQUEST_REWRITE", 
        "HTTP_FORWARDING", 
        "HTTP_RESPONSE_REWRITE"
      ], 
      "required": false, 
      "title": "Load balancer processing phase", 
      "type": "string"
    }
  }, 
  "title": "Binding of a LBPool and Group to a LBVirtualServer", 
  "type": "object"
}

LBRuleAction (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Load balancer rule actions are used to manipulate application traffic. Currently load balancer rules can be used at three load balancer processing phases. Each phase has its own supported type of actions. Supported actions in HTTP_REQUST_REWRITE phase are:   LBHttpRequestUriRewriteAction   LBHttpRequestHeaderRewriteAction   LBHttpRequestHeaderDeleteAction   LBVariableAssignmentAction Supported actions in HTTP_FORWARDING phase are:   LBHttpRejectAction   LBHttpRedirectAction   LBSelectPoolAction   LBVariablePersistenceOnAction Supported action in HTTP_RESPONSE_REWRITE phase is:   LBHttpResponseHeaderRewriteAction   LBHttpResponseHeaderDeleteAction   LBVariablePersistenceLearnAction  If the match type of an LBRuleCondition field is specified as REGEX and named capturing groups are used in the specified regular expression. The groups can be used as variables in LBRuleAction fields. For example, define a rule with LBHttpRequestUriCondition as match condition and LBHttpRequestUriRewriteAction as action. Set match_type field of LBHttpRequestUriCondition to REGEX, and set uri field to   \"/news/(?&lt;year&gt;\\d+)/(?&lt;month&gt;\\d+)/(?&lt;article&gt;.*)\". Set uri field of LBHttpRequestUriRewriteAction to:   \"/news/$year-$month/$article\" In uri field of LBHttpRequestUriCondition, the (?&lt;year&gt;\\d+), (?&lt;month&gt;\\d+) and (?&lt;article&gt;.*) are named capturing groups, they define variables named $year, $month and $article respectively. The defined variables are used in LBHttpRequestUriRewriteAction. For a matched HTTP request with URI \"/news/2017/06/xyz.html\", the substring \"2017\" is captured in variable $year, \"06\" is captured in variable $month, and \"xyz.html\" is captured in variable $article. The LBHttpRequestUriRewriteAction will rewrite the URI to:   \"/news/2017-06/xyz.html\" A set of built-in variables can be used in LBRuleAction as well. The name of built-in variables start with underscore, the name of user defined variables is not allowed to start with underscore. Following are some of the built-in variables:   $_scheme: Reference the scheme part of matched HTTP messages, could be \"http\" or \"https\".   $_host: Host of matched HTTP messages, for example \"www.example.com\".   $_server_port: Port part of URI, it is also the port of the server which accepted a request. Default port is 80 for http and 443 for https.   $_uri: The URI path, for example \"/products/sample.html\".   $_request_uri: Full original request URI with arguments, for example,     \"/products/sample.html?a=b&c=d\".   $_args: URI arguments, for instance \"a=b&c=d\"   $_is_args: \"?\" if a request has URI arguments, or an empty string otherwise. For the full list of built-in variables, please reference the NSX-T Administrator's Guide.", 
  "id": "LBRuleAction", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "type"
  }, 
  "properties": {
    "type": {
      "$ref": "LBRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Load balancer rule action", 
  "type": "object"
}

LBRuleActionType (type) 

{
  "additionalProperties": false, 
  "description": "Types of load balancer rule actions.", 
  "enum": [
    "LBSelectPoolAction", 
    "LBHttpRequestUriRewriteAction", 
    "LBHttpRequestHeaderRewriteAction", 
    "LBHttpRejectAction", 
    "LBHttpRedirectAction", 
    "LBHttpResponseHeaderRewriteAction", 
    "LBHttpRequestHeaderDeleteAction", 
    "LBHttpResponseHeaderDeleteAction", 
    "LBVariableAssignmentAction", 
    "LBVariablePersistenceOnAction", 
    "LBVariablePersistenceLearnAction"
  ], 
  "id": "LBRuleActionType", 
  "module_id": "PolicyLoadBalancer", 
  "title": "Types of load balancer rule actions", 
  "type": "string"
}

LBRuleCondition (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Match conditions are used to match application traffic passing through load balancers. Multiple match conditions can be specified in one load balancer rule, each match condition defines a criterion for application traffic. If inverse field is set to true, the match result of the condition is inverted. If more than one match condition is specified, match strategy determines if all conditions should match or any one condition should match for the load balancer rule to be considered a match. Currently only HTTP messages are supported by load balancer rules. Each load balancer rule is used at a specific phase of load balancer processing. Currently three phases are supported, HTTP_REQUEST_REWRITE, HTTP_FORWARDING and HTTP_RESPONSE_REWRITE. Each phase supports certain types of match conditions, supported match conditions in HTTP_REQUEST_REWRITE phase are: LBHttpRequestMethodCondition LBHttpRequestUriCondition LBHttpRequestUriArgumentsCondition LBHttpRequestVersionCondition LBHttpRequestHeaderCondition LBHttpRequestCookieCondition LBHttpRequestBodyCondition LBTcpHeaderCondition LBIpHeaderCondition LBVariableCondition LBHttpSslCondition Supported match conditions in HTTP_FORWARDING phase are: LBHttpRequestMethodCondition LBHttpRequestUriCondition LBHttpRequestUriArgumentsCondition LBHttpRequestVersionCondition LBHttpRequestHeaderCondition LBHttpRequestCookieCondition LBHttpRequestBodyCondition LBTcpHeaderCondition LBIpHeaderCondition LBVariableCondition LBHttpSslCondition Supported match conditions in HTTP_RESPONSE_REWRITE phase are: LBHttpResponseHeaderCondition LBHttpRequestMethodCondition LBHttpRequestUriCondition LBHttpRequestUriArgumentsCondition LBHttpRequestVersionCondition LBHttpRequestHeaderCondition LBHttpRequestCookieCondition LBTcpHeaderCondition LBIpHeaderCondition LBVariableCondition LBHttpSslCondition", 
  "id": "LBRuleCondition", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "type"
  }, 
  "properties": {
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "type": {
      "$ref": "LBRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Match condition of load balancer rule", 
  "type": "object"
}

LBRuleConditionType (type) 

{
  "additionalProperties": false, 
  "description": "Type of load balancer rule match condition.", 
  "enum": [
    "LBHttpRequestUriCondition", 
    "LBHttpRequestHeaderCondition", 
    "LBHttpRequestMethodCondition", 
    "LBHttpRequestUriArgumentsCondition", 
    "LBHttpRequestVersionCondition", 
    "LBHttpRequestCookieCondition", 
    "LBHttpRequestBodyCondition", 
    "LBHttpResponseHeaderCondition", 
    "LBTcpHeaderCondition", 
    "LBIpHeaderCondition", 
    "LBVariableCondition", 
    "LBHttpSslCondition"
  ], 
  "id": "LBRuleConditionType", 
  "module_id": "PolicyLoadBalancer", 
  "title": "Type of load balancer rule match condition", 
  "type": "string"
}

LBSelectPoolAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to select a pool for matched HTTP request messages. The pool is specified by path. The matched HTTP request messages are forwarded to the specified pool.", 
  "extends": {
    "$ref": "LBRuleAction
  }, 
  "id": "LBSelectPoolAction", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBSelectPoolAction"
  }, 
  "properties": {
    "pool_id": {
      "description": "Path of load balancer pool.", 
      "required": true, 
      "title": "Path of load balancer pool", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LBRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Action to select a pool for HTTP request messages", 
  "type": "object"
}

LBServerAuthType (type) 

{
  "additionalProperties": false, 
  "description": "Server authentication could be AUTO_APPLY, REQUIRED or IGNORE, it is used to specify if the server certificate presented to the load balancer during handshake should be actually validated or not. Validation is automatic by default when server_auth_ca_certificate_paths are configured and IGNORED when they are not configured. If validation is REQUIRED, then to be accepted, server certificate must be signed by one of the trusted CAs whose self signed certificates are specified in the same server-side SSL profile binding.", 
  "enum": [
    "REQUIRED", 
    "IGNORE", 
    "AUTO_APPLY"
  ], 
  "id": "LBServerAuthType", 
  "module_id": "PolicyLoadBalancer", 
  "title": "server authentication mode", 
  "type": "string"
}

LBServerSslProfile (type) 

{
  "additionalProperties": false, 
  "description": "Server SSL profile.", 
  "extends": {
    "$ref": "LBSslProfile
  }, 
  "id": "LBServerSslProfile", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "cipher_group_label": {
      "$ref": "SslCipherGroup, 
      "description": "It is a label of cipher group which is mostly consumed by GUI.", 
      "required": false, 
      "title": "Label of cipher group"
    }, 
    "ciphers": {
      "description": "Supported SSL cipher list to client side.", 
      "items": {
        "$ref": "SslCipher
      }, 
      "required": false, 
      "title": "Supported SSL cipher list to client side", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_fips": {
      "description": "This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant.", 
      "readonly": true, 
      "title": "FIPS compliance of ciphers and protocols", 
      "type": "boolean"
    }, 
    "is_secure": {
      "description": "This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.", 
      "readonly": true, 
      "title": "Secure/Insecure SSL profile flag", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "protocols": {
      "description": "SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.", 
      "items": {
        "$ref": "SslProtocol
      }, 
      "required": false, 
      "title": "Supported SSL protocol list to client side", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "session_cache_enabled": {
      "default": true, 
      "description": "SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake.", 
      "required": false, 
      "title": "Session cache enable/disable falg", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Server SSL profile", 
  "type": "object"
}

LBServerSslProfileBinding (type) 

{
  "additionalProperties": false, 
  "description": "Server SSL profile binding.", 
  "id": "LBServerSslProfileBinding", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "certificate_chain_depth": {
      "default": 3, 
      "description": "Authentication depth is used to set the verification depth in the server certificates chain.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "The maximum traversal depth of server certificate chain", 
      "type": "integer"
    }, 
    "client_certificate_path": {
      "description": "To support client authentication (load balancer acting as a client authenticating to the backend server), client certificate can be specified in the server-side SSL profile binding", 
      "required": false, 
      "title": "Client certificate path", 
      "type": "string"
    }, 
    "server_auth": {
      "$ref": "LBServerAuthType, 
      "default": "AUTO_APPLY", 
      "description": "Server authentication mode.", 
      "title": "Server authentication mode"
    }, 
    "server_auth_ca_paths": {
      "description": "If server auth type is REQUIRED, server certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "CA path list to verify server certificate", 
      "type": "array"
    }, 
    "server_auth_crl_paths": {
      "description": "A Certificate Revocation List (CRL) can be specified in the server-side SSL profile binding to disallow compromised server certificates.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "CRL path list to verify server certificate", 
      "type": "array"
    }, 
    "ssl_profile_path": {
      "description": "Server SSL profile defines reusable, application-independent server side SSL properties.", 
      "required": false, 
      "title": "Server SSL profile path", 
      "type": "string"
    }
  }, 
  "title": "Server SSL profile binding", 
  "type": "object"
}

LBServerSslProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LBServerSslProfileListResult", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LBServerSslProfile
      }, 
      "required": true, 
      "title": "Paginated list of load balancer server SSL profiles", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LBService (type) 

{
  "additionalProperties": false, 
  "description": "Loadbalancer Service.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "LBService", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "access_log_enabled": {
      "default": false, 
      "deprecated": true, 
      "details": "This is a deprecated property, please use 'access_log_enabled' in\nLBVirtualServer. If both virtual server and load balancer service have\nthe setting, the setting in virtual server layer would override it and\ntake effect.\nIf access log is enabled, all HTTP requests sent to a L7 virtual server\nare logged to the access log file. L4 virtual server connections are\nnot currently logged to the access log.\n", 
      "required": false, 
      "title": "Flag to enable access log", 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "connectivity_path": {
      "description": "LBS could be instantiated (or created) on the Tier-1, etc. For now, only the Tier-1 object is supported.", 
      "required": false, 
      "title": "The connectivity target used to instantiate the LBService", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Flag to enable the load balancer service.", 
      "required": false, 
      "title": "Flag to enable the load balancer service", 
      "type": "boolean"
    }, 
    "error_log_level": {
      "$ref": "LbLogLevel, 
      "default": "INFO", 
      "description": "Load balancer engine writes information about encountered issues of different severity levels to the error log. This setting is used to define the severity level of the error log.", 
      "required": false, 
      "title": "Error log level of load balancer service"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "size": {
      "$ref": "LbServiceSize, 
      "default": "SMALL", 
      "description": "Load balancer service size.", 
      "required": false, 
      "title": "Load balancer service size"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Loadbalancer Service", 
  "type": "object"
}

LBServiceCountPerSeverity (type) 

{
  "additionalProperties": false, 
  "description": "The service count for specific load balancer usage severity.", 
  "id": "LBServiceCountPerSeverity", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "service_count": {
      "description": "Service count for specific serverity.", 
      "readonly": true, 
      "title": "Service count for specific serverity", 
      "type": "integer"
    }, 
    "severity": {
      "$ref": "LBUsageSeverity, 
      "description": "The severity calculation is based on current usage percentage for one load balancer service.", 
      "readonly": true, 
      "title": "LB usage severity"
    }
  }, 
  "title": "The service count for specific severity", 
  "type": "object"
}

LBServiceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LBServiceListResult", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LBService
      }, 
      "required": true, 
      "title": "LBService list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of LBServices", 
  "type": "object"
}

LBServiceStatistics (type) 

{
  "extends": {
    "$ref": "LBServiceStatisticsPerEP
  }, 
  "id": "LBServiceStatistics", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBServiceStatistics"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "readonly": true, 
      "title": "Timestamp when the data was last updated"
    }, 
    "pools": {
      "description": "Statistics of load balancer pools", 
      "items": {
        "$ref": "LBPoolStatistics
      }, 
      "readonly": true, 
      "title": "Statistics of load balancer pools", 
      "type": "array"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "service_path": {
      "description": "load balancer service identifier.", 
      "readonly": true, 
      "title": "load balancer service identifier", 
      "type": "string"
    }, 
    "statistics": {
      "$ref": "LBServiceStatisticsCounter, 
      "description": "Load balancer service statistics counter.", 
      "readonly": true, 
      "title": "Load balancer service statistics counter"
    }, 
    "virtual_servers": {
      "description": "Statistics of load balancer virtual servers.", 
      "items": {
        "$ref": "LBVirtualServerStatistics
      }, 
      "readonly": true, 
      "title": "Statistics of load balancer virtual servers", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LBServiceStatisticsCounter (type) 

{
  "id": "LBServiceStatisticsCounter", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "l4_current_session_rate": {
      "description": "The average number of l4 current sessions per second, the number is averaged over the last 5 one-second intervals.", 
      "readonly": true, 
      "title": "average number of l4 current sessions per second", 
      "type": "number"
    }, 
    "l4_current_sessions": {
      "description": "Number of l4 current sessions.", 
      "readonly": true, 
      "title": "Number of l4 current sessions", 
      "type": "integer"
    }, 
    "l4_max_sessions": {
      "description": "L4 max sessions is used to show the peak L4 max session data since load balancer starts to provide service.", 
      "readonly": true, 
      "title": "Number of l4 maximum sessions", 
      "type": "integer"
    }, 
    "l4_total_sessions": {
      "description": "Number of l4 total sessions.", 
      "readonly": true, 
      "title": "Number of l4 total sessions", 
      "type": "integer"
    }, 
    "l7_current_session_rate": {
      "description": "The average number of l7 current requests per second, the number is averaged over the last 5 one-second intervals.", 
      "readonly": true, 
      "title": "averabe number of l7 current requests per second", 
      "type": "number"
    }, 
    "l7_current_sessions": {
      "description": "Number of l7 current sessions.", 
      "readonly": true, 
      "title": "Number of l7 current sessions", 
      "type": "integer"
    }, 
    "l7_max_sessions": {
      "description": "L7 max sessions is used to show the peak L7 max session data since load balancer starts to provide service.", 
      "readonly": true, 
      "title": "Number of l7 maximum sessions", 
      "type": "integer"
    }, 
    "l7_total_sessions": {
      "description": "Number of l7 total sessions.", 
      "readonly": true, 
      "title": "Number of l7 total sessions", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LBServiceStatisticsPerEP (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyRuntimeInfoPerEP
  }, 
  "id": "LBServiceStatisticsPerEP", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "LBServiceStatistics on specific Enforcement Point", 
  "type": "object"
}

LBServiceStatus (type) 

{
  "extends": {
    "$ref": "LBServiceStatusPerEP
  }, 
  "id": "LBServiceStatus", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBServiceStatus"
  }, 
  "properties": {
    "active_transport_nodes": {
      "description": "Ids of load balancer service related active transport nodes.", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "title": "Ids of load balancer service related active transport nodes", 
      "type": "array"
    }, 
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "cpu_usage": {
      "description": "Cpu usage in percentage.", 
      "readonly": true, 
      "title": "Cpu usage in percentage", 
      "type": "integer"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "error_message": {
      "description": "Error message, if available.", 
      "readonly": true, 
      "title": "Error message, if available", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "readonly": true, 
      "title": "Timestamp when the data was last updated"
    }, 
    "memory_usage": {
      "description": "Memory usage in percentage.", 
      "readonly": true, 
      "title": "Memory usage in percentage", 
      "type": "integer"
    }, 
    "pools": {
      "description": "status of load balancer pools.", 
      "items": {
        "$ref": "LBPoolStatus
      }, 
      "readonly": true, 
      "title": "status of load balancer pools", 
      "type": "array"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "service_path": {
      "description": "Load balancer service object path.", 
      "readonly": true, 
      "title": "Load balancer service object path", 
      "type": "string"
    }, 
    "service_status": {
      "description": "UP means the load balancer service is working fine on both transport-nodes(if have); DOWN means the load balancer service is down on both transport-nodes (if have), hence the load balancer will not respond to any requests; ERROR means error happens on transport-node(s) or no status is reported from transport-node(s). The load balancer service may be working (or not working); NO_STANDBY means load balancer service is working in one of the transport node while not in the other transport-node (if have). Hence if the load balancer service in the working transport-node goes down, the load balancer service will go down; DETACHED means that the load balancer service has no attachment setting and is not instantiated in any transport nodes; DISABLED means that admin state of load balancer service is DISABLED; UNKNOWN means that no status reported from transport-nodes.The load balancer service may be working(or not working).", 
      "enum": [
        "UP", 
        "DOWN", 
        "ERROR", 
        "NO_STANDBY", 
        "DETACHED", 
        "DISABLED", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "title": "Status of load balancer service", 
      "type": "string"
    }, 
    "standby_transport_nodes": {
      "description": "Ids of load balancer service related standby transport nodes.", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "title": "Ids of load balancer service related standby transport nodes", 
      "type": "array"
    }, 
    "virtual_servers": {
      "description": "status of load balancer virtual servers.", 
      "items": {
        "$ref": "LBVirtualServerStatus
      }, 
      "readonly": true, 
      "title": "status of load balancer virtual servers", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LBServiceStatusPerEP (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyRuntimeInfoPerEP
  }, 
  "id": "LBServiceStatusPerEP", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "LBServiceStatus on specific Enforcement Point", 
  "type": "object"
}

LBServiceUsage (type) 

{
  "additionalProperties": false, 
  "description": "Describes the capacity and current usage of virtual servers, pools and pool members for the given load balancer service.", 
  "extends": {
    "$ref": "LBServiceUsagePerEP
  }, 
  "id": "LBServiceUsage", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBServiceUsage"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "current_pool_count": {
      "description": "The current number of pools which has been configured in the given load balancer service.", 
      "readonly": true, 
      "title": "The current number of pools", 
      "type": "integer"
    }, 
    "current_pool_member_count": {
      "description": "The current number of pool members which has been configured in the given load balancer service.", 
      "readonly": true, 
      "title": "The current number of pool members", 
      "type": "integer"
    }, 
    "current_virtual_server_count": {
      "description": "The current number of virtual servers which has been configured in the given load balancer service.", 
      "readonly": true, 
      "title": "The current number of virtual servers", 
      "type": "integer"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "title": "Timestamp when the data was last updated."
    }, 
    "pool_capacity": {
      "description": "Pool capacity means maximum number of pools which could be configured in the given load balancer service.", 
      "readonly": true, 
      "title": "The capacity of pools", 
      "type": "integer"
    }, 
    "pool_member_capacity": {
      "description": "Pool member capacity means maximum number of pool members which could be configured in the given load balancer service.", 
      "readonly": true, 
      "title": "The capacity of pool members", 
      "type": "integer"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "service_path": {
      "description": "LBService object path.", 
      "readonly": true, 
      "title": "LBService object path", 
      "type": "string"
    }, 
    "service_size": {
      "$ref": "LbServiceSize, 
      "description": "The size of load balancer service.", 
      "readonly": true, 
      "title": "The size of load balancer service"
    }, 
    "severity": {
      "$ref": "LBUsageSeverity, 
      "description": "The severity calculation is based on the largest usage percentage from virtual servers, pools and pool members for one load balancer service.", 
      "readonly": true, 
      "title": "LB usage severity"
    }, 
    "usage_percentage": {
      "description": "The usage percentage is the largest usage percentage from virtual servers, pools and pool members for the load balancer service.", 
      "readonly": true, 
      "title": "Usage percentage", 
      "type": "number"
    }, 
    "virtual_server_capacity": {
      "description": "Virtual server capacity means maximum number of virtual servers which could be configured in the given load balancer service.", 
      "readonly": true, 
      "title": "The capacity of virtual servers", 
      "type": "integer"
    }
  }, 
  "title": "The usage information of the load balancer service", 
  "type": "object"
}

LBServiceUsagePerEP (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyRuntimeInfoPerEP
  }, 
  "id": "LBServiceUsagePerEP", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "LBServiceUsage on specific Enforcement Point", 
  "type": "object"
}

LBServiceUsageSummary (type) 

{
  "additionalProperties": false, 
  "description": "Describes usage summary of virtual servers, pools and pool members for all load balancer services.", 
  "id": "LBServiceUsageSummary", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "current_pool_count": {
      "description": "The current count of pools configured for all load balancer services.", 
      "readonly": true, 
      "title": "The current pool count", 
      "type": "integer"
    }, 
    "current_pool_member_count": {
      "description": "The current count of pool members configured for all load balancer services.", 
      "readonly": true, 
      "title": "The current pool member count", 
      "type": "integer"
    }, 
    "current_virtual_server_count": {
      "description": "The current count of virtual servers configured for all load balancer services.", 
      "readonly": true, 
      "title": "The current virtual server count", 
      "type": "integer"
    }, 
    "pool_capacity": {
      "description": "Pool capacity means maximum number of pools which can be configured for all load balancer services.", 
      "readonly": true, 
      "title": "The capacity of pools", 
      "type": "integer"
    }, 
    "pool_member_capacity": {
      "description": "Pool capacity means maximum number of pool members which can be configured for all load balancer services.", 
      "readonly": true, 
      "title": "The capacity of pool members", 
      "type": "integer"
    }, 
    "pool_member_severity": {
      "$ref": "LBUsageSeverity, 
      "description": "The severity calculation is based on the overall usage percentage of pool members for all load balancer services.", 
      "readonly": true, 
      "title": "LB usage severity"
    }, 
    "pool_member_usage_percentage": {
      "description": "Overall pool member usage percentage for all load balancer services.", 
      "readonly": true, 
      "title": "Pool member usage percentage", 
      "type": "number"
    }, 
    "pool_severity": {
      "$ref": "LBUsageSeverity, 
      "description": "The severity calculation is based on the overall usage percentage of pools for all load balancer services.", 
      "readonly": true, 
      "title": "LB usage severity"
    }, 
    "pool_usage_percentage": {
      "description": "Overall pool usage percentage for all load balancer services.", 
      "readonly": true, 
      "title": "Pool usage percentage", 
      "type": "number"
    }, 
    "service_counts": {
      "description": "The service count for each load balancer usage severity.", 
      "items": {
        "$ref": "LBServiceCountPerSeverity
      }, 
      "readonly": true, 
      "title": "LB service count for each severity", 
      "type": "array"
    }, 
    "service_usages": {
      "description": "The property identifies all lb service usages. By default, it is not included in response. It exists when parameter ?include_usages=true.", 
      "items": {
        "$ref": "LBServiceUsage
      }, 
      "readonly": true, 
      "title": "LB service usages", 
      "type": "array"
    }, 
    "virtual_server_capacity": {
      "description": "Virtual server capacity means maximum number of virtual servers which can be configured for all load balancer services.", 
      "readonly": true, 
      "title": "The capacity of virtual servers", 
      "type": "integer"
    }, 
    "virtual_server_severity": {
      "$ref": "LBUsageSeverity, 
      "description": "The severity calculation is based on the overall usage percentage of virtual servers for all load balancer services.", 
      "readonly": true, 
      "title": "LB usage severity"
    }, 
    "virtual_server_usage_percentage": {
      "description": "Overall virtual server usage percentage for all load balancer services.", 
      "readonly": true, 
      "title": "Virtual server usage percentage", 
      "type": "number"
    }
  }, 
  "title": "The usage summary for all load balancer services", 
  "type": "object"
}

LBSessionCookieTime (type) 

{
  "additionalProperties": false, 
  "description": "Session cookie time.", 
  "extends": {
    "$ref": "LBCookieTime
  }, 
  "id": "LBSessionCookieTime", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBSessionCookieTime"
  }, 
  "properties": {
    "cookie_max_idle": {
      "description": "Instead of using HTTP Cookie max-age and relying on client to expire the cookie, max idle time and/or max lifetime of the cookie can be used. Max idle time, if configured, specifies the maximum interval the cookie is valid for from the last time it was seen in a request. It is available for insert mode.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Session cookie max idle time in seconds", 
      "type": "integer"
    }, 
    "cookie_max_life": {
      "description": "Max life time, if configured, specifies the maximum interval the cookie is valid for from the first time the cookie was seen in a request. It is available for insert mode.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Session cookie max lifetime in seconds", 
      "type": "integer"
    }, 
    "type": {
      "$ref": "LBCookieTimeType, 
      "required": true
    }
  }, 
  "title": "Session cookie time", 
  "type": "object"
}

LBSnatAutoMap (type) 

{
  "additionalProperties": false, 
  "description": "Snat auto map.", 
  "extends": {
    "$ref": "LBSnatTranslation
  }, 
  "id": "LBSnatAutoMap", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBSnatAutoMap"
  }, 
  "properties": {
    "type": {
      "$ref": "LBSnatTranslationType, 
      "description": "Snat translation type.", 
      "required": true, 
      "title": "Snat translation type"
    }
  }, 
  "title": "Snat auto map", 
  "type": "object"
}

LBSnatDisabled (type) 

{
  "additionalProperties": false, 
  "description": "Snat disabled.", 
  "extends": {
    "$ref": "LBSnatTranslation
  }, 
  "id": "LBSnatDisabled", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBSnatDisabled"
  }, 
  "properties": {
    "type": {
      "$ref": "LBSnatTranslationType, 
      "description": "Snat translation type.", 
      "required": true, 
      "title": "Snat translation type"
    }
  }, 
  "title": "Snat disabled", 
  "type": "object"
}

LBSnatIpElement (type) 

{
  "additionalProperties": false, 
  "description": "Snat Ip element.", 
  "id": "LBSnatIpElement", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "ip_address": {
      "$ref": "IPElement, 
      "description": "Ip address or ip range such as 1.1.1.1 or 1.1.1.101-1.1.1.160.", 
      "required": true, 
      "title": "Ip address or ip range"
    }, 
    "prefix_length": {
      "description": "Subnet prefix length should be not specified if there is only one single IP address or IP range.", 
      "required": false, 
      "title": "Subnet prefix length", 
      "type": "integer"
    }
  }, 
  "title": "Snat Ip element", 
  "type": "object"
}

LBSnatIpPool (type) 

{
  "additionalProperties": false, 
  "description": "Snat Ip pool.", 
  "extends": {
    "$ref": "LBSnatTranslation
  }, 
  "id": "LBSnatIpPool", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBSnatIpPool"
  }, 
  "properties": {
    "ip_addresses": {
      "description": "Currently, only one single IP address or IP range is supported. If an IP range is specified, the range may contain no more than 64 IP addresses.", 
      "items": {
        "$ref": "LBSnatIpElement
      }, 
      "maxItems": 1, 
      "required": true, 
      "title": "List of Ip address or ip range", 
      "type": "array"
    }, 
    "type": {
      "$ref": "LBSnatTranslationType, 
      "description": "Snat translation type.", 
      "required": true, 
      "title": "Snat translation type"
    }
  }, 
  "title": "Snat Ip pool", 
  "type": "object"
}

LBSnatTranslation (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Snat Translation.", 
  "id": "LBSnatTranslation", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "type"
  }, 
  "properties": {
    "type": {
      "$ref": "LBSnatTranslationType, 
      "description": "Snat translation type.", 
      "required": true, 
      "title": "Snat translation type"
    }
  }, 
  "title": "Snat Translation", 
  "type": "object"
}

LBSnatTranslationType (type) 

{
  "additionalProperties": false, 
  "description": "Load balancers may need to perform SNAT to ensure reverse traffic from the server can be received and processed by them. There are three modes: LBSnatAutoMap uses the load balancer interface IP and an ephemeral port as the source IP and port of the server side connection. LBSnatIpPool allows user to specify one or more IP addresses along with their subnet masks that should be used for SNAT while connecting to any of the servers in the pool. LBSnatDisabled disables Source NAT. This is referred to as no-SNAT or TRANSPARENT mode.", 
  "enum": [
    "LBSnatAutoMap", 
    "LBSnatIpPool", 
    "LBSnatDisabled"
  ], 
  "id": "LBSnatTranslationType", 
  "module_id": "PolicyLoadBalancer", 
  "title": "Snat translation type", 
  "type": "string"
}

LBSourceIpPersistenceProfile (type) 

{
  "additionalProperties": false, 
  "description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it.", 
  "extends": {
    "$ref": "LBPersistenceProfile
  }, 
  "id": "LBSourceIpPersistenceProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBSourceIpPersistenceProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "ha_persistence_mirroring_enabled": {
      "default": false, 
      "description": "Persistence entries are not synchronized to the HA peer by default.", 
      "required": false, 
      "title": "Mirroring enabled flag to synchronize persistence entries", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "persistence_shared": {
      "default": false, 
      "description": "Persistence shared setting indicates that all LBVirtualServers that consume this LBPersistenceProfile should share the same persistence mechanism when enabled.  Meaning, persistence entries of a client accessing one virtual server will also affect the same client's connections to a different virtual server. For example, say there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to the same Group g1 consisting of two servers (s11:80 and s12:80). By default, each virtual server will have its own persistence table or cookie. So, in the earlier example, there will be two tables (vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client connects to vip1:80 and later connects to vip1:8080, the second connection may be sent to a different server than the first.  When persistence_shared is enabled, then the second connection will always connect to the same server as the original connection. For COOKIE persistence type, the same cookie will be shared by multiple virtual servers. For SOURCE_IP persistence type, the persistence table will be shared across virtual servers. For GENERIC persistence type, the persistence table will be shared across virtual servers which consume the same persistence profile in LBRule actions.", 
      "required": false, 
      "title": "Persistence shared across LBVirtualServers", 
      "type": "boolean"
    }, 
    "purge": {
      "$ref": "SourceIpPersistencePurge, 
      "default": "FULL", 
      "description": "Persistence purge setting.", 
      "required": false, 
      "title": "Persistence purge setting"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The resource_type property identifies persistence profile type.", 
      "enum": [
        "LBSourceIpPersistenceProfile", 
        "LBCookiePersistenceProfile", 
        "LBGenericPersistenceProfile"
      ], 
      "required": true, 
      "title": "Persistence profile type", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 300, 
      "description": "When all connections complete (reference count reaches 0), persistence entry timer is started with the expiration time.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Persistence entry expiration time in seconds", 
      "type": "integer"
    }
  }, 
  "title": "LBPersistenceProflie using SourceIP", 
  "type": "object"
}

LBSslProfile (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Load balancer abstract SSL profile.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "LBSslProfile", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Load balancer abstract SSL profile", 
  "type": "object"
}

LBStatisticsCounter (type) 

{
  "id": "LBStatisticsCounter", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "bytes_in": {
      "description": "Number of bytes in.", 
      "readonly": true, 
      "title": "Number of bytes in", 
      "type": "integer"
    }, 
    "bytes_in_rate": {
      "description": "The average number of inbound bytes per second, the number is averaged over the last 5 one-second intervals.", 
      "readonly": true, 
      "title": "average number of inbound bytes per second", 
      "type": "number"
    }, 
    "bytes_out": {
      "description": "Number of bytes out.", 
      "readonly": true, 
      "title": "Number of bytes out", 
      "type": "integer"
    }, 
    "bytes_out_rate": {
      "description": "The average number of outbound bytes per second, the number is averaged over the last 5 one-second intervals.", 
      "readonly": true, 
      "title": "average number of outbound bytes per second", 
      "type": "number"
    }, 
    "current_session_rate": {
      "description": "The average number of current sessions per second, the number is averaged over the last 5 one-second intervals.", 
      "readonly": true, 
      "title": "average number of current sessions per second", 
      "type": "number"
    }, 
    "current_sessions": {
      "description": "Number of current sessions.", 
      "readonly": true, 
      "title": "Number of current sessions", 
      "type": "integer"
    }, 
    "http_request_rate": {
      "description": "The average number of http requests per second, the number is averaged over the last 5 one-second intervals.", 
      "readonly": true, 
      "title": "averabe number of http requests per second", 
      "type": "number"
    }, 
    "http_requests": {
      "description": "The total number of http requests.", 
      "readonly": true, 
      "title": "The total number of http requests.", 
      "type": "integer"
    }, 
    "max_sessions": {
      "description": "Number of maximum sessions.", 
      "readonly": true, 
      "title": "Number of maximum sessions", 
      "type": "integer"
    }, 
    "packets_in": {
      "description": "Number of packets in.", 
      "readonly": true, 
      "title": "Number of packets in", 
      "type": "integer"
    }, 
    "packets_in_rate": {
      "description": "The average number of inbound packets per second, the number is averaged over the last 5 one-second intervals.", 
      "readonly": true, 
      "title": "average number of inbound packets per second", 
      "type": "number"
    }, 
    "packets_out": {
      "description": "Number of packets out.", 
      "readonly": true, 
      "title": "Number of packets out", 
      "type": "integer"
    }, 
    "packets_out_rate": {
      "description": "The average number of outbound packets per second, the number is averaged over the last 5 one-second intervals.", 
      "readonly": true, 
      "title": "average number of outbound packets per second", 
      "type": "number"
    }, 
    "source_ip_persistence_entry_size": {
      "description": "Number of source IP persistence entries", 
      "readonly": true, 
      "title": "Number of source IP persistence entries", 
      "type": "integer"
    }, 
    "total_sessions": {
      "description": "Number of total sessions.", 
      "readonly": true, 
      "title": "Number of total sessions", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LBTcpHeaderCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match TCP header fields of HTTP messages. Currently, only the TCP source port is supported. Ports can be expressed as a single port number like 80, or a port range like 1024-1030.", 
  "extends": {
    "$ref": "LBRuleCondition
  }, 
  "id": "LBTcpHeaderCondition", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBTcpHeaderCondition"
  }, 
  "properties": {
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "source_port": {
      "$ref": "PortElement, 
      "required": true, 
      "title": "TCP source port of HTTP message"
    }, 
    "type": {
      "$ref": "LBRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Condition to match TCP header fields", 
  "type": "object"
}

LBTcpMonitorProfile (type) 

{
  "additionalProperties": false, 
  "description": "Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over TCP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified  number of consecutive successful healthchecks (rise_count) will bring  the member back to UP state. After a healthcheck is initiated, if it  does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
  "extends": {
    "$ref": "LBActiveMonitor
  }, 
  "id": "LBTcpMonitorProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBTcpMonitorProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor fall count for active healthchecks", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor interval in seconds for active healthchecks", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "monitor_port": {
      "description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Monitor port for active healthchecks", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "receive": {
      "description": "Expected data, if specified, can be anywhere in the response and it has to be a string, regular expressions are not supported.", 
      "required": false, 
      "title": "Expected data received from server", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LBMonitorProfileType, 
      "required": true
    }, 
    "rise_count": {
      "default": 3, 
      "description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor rise count for active healthchecks", 
      "type": "integer"
    }, 
    "send": {
      "description": "If both send and receive are not specified, then just a TCP connection is established (3-way handshake) to validate server is healthy, no data is sent.", 
      "required": false, 
      "title": "Data to send", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "description": "Timeout specified in seconds.  After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor timeout in seconds for active healthchecks", 
      "type": "integer"
    }
  }, 
  "title": "LBMonitorProfile for active health checks over TCP", 
  "type": "object"
}

LBUdpMonitorProfile (type) 

{
  "additionalProperties": false, 
  "description": "Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over UDP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
  "extends": {
    "$ref": "LBActiveMonitor
  }, 
  "id": "LBUdpMonitorProfile", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBUdpMonitorProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor fall count for active healthchecks", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor interval in seconds for active healthchecks", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "monitor_port": {
      "description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Monitor port for active healthchecks", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "receive": {
      "description": "Expected data, can be anywhere in the response and it has to be a string, regular expressions are not supported. UDP healthcheck is considered failed if there is no server response within the timeout period.", 
      "required": true, 
      "title": "Expected data received from server", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LBMonitorProfileType, 
      "required": true
    }, 
    "rise_count": {
      "default": 3, 
      "description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor rise count for active healthchecks", 
      "type": "integer"
    }, 
    "send": {
      "description": "The data to be sent to the monitored server.", 
      "required": true, 
      "title": "Data to send", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "description": "Timeout specified in seconds.  After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Monitor timeout in seconds for active healthchecks", 
      "type": "integer"
    }
  }, 
  "title": "LBMonitorProfile for active health checks over UDP", 
  "type": "object"
}

LBUsageSeverity (type) 

{
  "additionalProperties": false, 
  "description": "Severity is calculated from usage percentage: GREEN means the current usage percentage is less than 60%. ORANGE means the current usage percentage is less than 80% and larger than or equal to 60%. RED means the current usage percentage is larger than or equal to 80%.", 
  "enum": [
    "GREEN", 
    "ORANGE", 
    "RED"
  ], 
  "id": "LBUsageSeverity", 
  "module_id": "PolicyLBStatistics", 
  "title": "Load balancer usage severity", 
  "type": "string"
}

LBUsageSummaryRequestParameters (type) 

{
  "additionalProperties": false, 
  "id": "LBUsageSummaryRequestParameters", 
  "module_id": "PolicyLBStatistics", 
  "properties": {
    "include_usages": {
      "description": "Specify whether to include usages in response.", 
      "required": false, 
      "title": "Whether to include usages", 
      "type": "boolean"
    }
  }, 
  "title": "Load balancer usage summary request parameters", 
  "type": "object"
}

LBVariableAssignmentAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to create a new variable and assign value to it. One action can be used to create one variable. To create multiple variables, multiple actions must be defined. The variables can be used by LBVariableCondition, etc.", 
  "extends": {
    "$ref": "LBRuleAction
  }, 
  "id": "LBVariableAssignmentAction", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBVariableAssignmentAction"
  }, 
  "properties": {
    "type": {
      "$ref": "LBRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }, 
    "variable_name": {
      "description": "Name of the variable to be assigned.", 
      "required": true, 
      "title": "Name of the variable to be assigned", 
      "type": "string"
    }, 
    "variable_value": {
      "description": "Value of variable.", 
      "required": true, 
      "title": "Value of variable", 
      "type": "string"
    }
  }, 
  "title": "Action to create variable and assign value to it", 
  "type": "object"
}

LBVariableCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match variable's name and value at all phases. The variables could be captured from REGEX or assigned by LBVariableAssignmentAction or system embedded variable. Varialbe_name and variable_value should be matched at the same time.", 
  "extends": {
    "$ref": "LBRuleCondition
  }, 
  "id": "LBVariableCondition", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBVariableCondition"
  }, 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing variable value.", 
      "required": false, 
      "title": "A case sensitive flag for variable value comparing", 
      "type": "boolean"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "required": false, 
      "title": "Match type of variable value"
    }, 
    "type": {
      "$ref": "LBRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }, 
    "variable_name": {
      "required": true, 
      "title": "Name of the variable to be matched", 
      "type": "string"
    }, 
    "variable_value": {
      "required": true, 
      "title": "Value of variable to be matched", 
      "type": "string"
    }
  }, 
  "title": "Condition to match IP header fields", 
  "type": "object"
}

LBVariablePersistenceLearnAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is performed in HTTP response rewrite phase. It is used to learn the value of variable from the HTTP response, and insert an entry into the persistence table if the entry doesn't exist.", 
  "extends": {
    "$ref": "LBRuleAction
  }, 
  "id": "LBVariablePersistenceLearnAction", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBVariablePersistenceLearnAction"
  }, 
  "properties": {
    "persistence_profile_path": {
      "description": "If the persistence profile path is not specified, a default persistence table is created per virtual server. Currently, only LBGenericPersistenceProfile is supported.", 
      "required": false, 
      "title": "Path to LBPersistenceProfile", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LBRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }, 
    "variable_hash_enabled": {
      "default": false, 
      "description": "The property is used to enable a hash operation for variable value when composing the persistence key.", 
      "required": false, 
      "title": "Whether to enable a hash operation for variable value", 
      "type": "boolean"
    }, 
    "variable_name": {
      "description": "The property is the name of variable to be learnt. It is used to identify which variable's value is learnt from HTTP response. The variable can be a built-in variable such as \"_cookie_JSESSIONID\", a customized variable defined in LBVariableAssignmentAction or a captured variable in regular expression such as \"article\". For the full list of built-in variables, please reference the NSX-T Administrator's Guide.", 
      "required": true, 
      "title": "Variable name", 
      "type": "string"
    }
  }, 
  "title": "Action to learn the variable value", 
  "type": "object"
}

LBVariablePersistenceOnAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is performed in HTTP forwarding phase. It is used to inspect the variable of HTTP request, and look up the persistence entry with its value and pool uuid as key. If the persistence entry is found, the HTTP request is forwarded to the recorded backend server according to the persistence entry. If the persistence entry is not found, a new entry is created in the table after backend server is selected.", 
  "extends": {
    "$ref": "LBRuleAction
  }, 
  "id": "LBVariablePersistenceOnAction", 
  "module_id": "PolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBVariablePersistenceOnAction"
  }, 
  "properties": {
    "persistence_profile_path": {
      "description": "If the persistence profile path is not specified, a default persistence table is created per virtual server. Currently, only LBGenericPersistenceProfile is supported.", 
      "required": false, 
      "title": "Path to LBPersistenceProfile", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LBRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }, 
    "variable_hash_enabled": {
      "default": false, 
      "description": "The property is used to enable a hash operation for variable value when composing the persistence key.", 
      "required": false, 
      "title": "Whether to enable a hash operation for variable value", 
      "type": "boolean"
    }, 
    "variable_name": {
      "description": "The property is the name of variable to be used. It specifies which variable's value of a HTTP Request will be used in the key of persistence entry. The variable can be a built-in variable such as \"_cookie_JSESSIONID\", a customized variable defined in LBVariableAssignmentAction or a captured variable in regular expression such as \"article\". For the full list of built-in variables, please reference the NSX-T Administrator's Guide.", 
      "required": true, 
      "title": "Variable name", 
      "type": "string"
    }
  }, 
  "title": "Action to persist the variable value", 
  "type": "object"
}

LBVirtualServer (type) 

{
  "additionalProperties": false, 
  "description": "All the types of LBVirtualServer extend from this abstract class. This is present for extensibility.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "LBVirtualServer", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "access_log_enabled": {
      "default": false, 
      "description": "If access log is enabled, all HTTP requests sent to an L7 virtual server are logged to the access log file. Both successful requests (backend server returns 2xx) and unsuccessful requests (backend server returns 4xx or 5xx) are logged to access log, if enabled.", 
      "required": false, 
      "title": "Access log enabled setting", 
      "type": "boolean"
    }, 
    "application_profile_path": {
      "description": "The application profile defines the application protocol characteristics. It is used to influence how load balancing is performed. Currently, LBFastTCPProfile, LBFastUDPProfile and LBHttpProfile, etc are supported.", 
      "required": true, 
      "title": "Application profile path", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "client_ssl_profile_binding": {
      "$ref": "LBClientSslProfileBinding, 
      "description": "The setting is used when load balancer acts as an SSL server and terminating the client SSL connection", 
      "required": false, 
      "title": "Virtual server side SSL binding setting"
    }, 
    "default_pool_member_ports": {
      "description": "Default pool member ports when member port is not defined.", 
      "items": {
        "$ref": "PortElement
      }, 
      "maxItems": 14, 
      "required": false, 
      "title": "Default pool member ports when member port is not defined.", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Flag to enable the load balancer virtual server.", 
      "required": false, 
      "title": "whether the virtual server is enabled", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "description": "Configures the IP address of the LBVirtualServer where it receives all client connections and distributes them among the backend servers.", 
      "required": true, 
      "title": "IP address of the LBVirtualServer"
    }, 
    "lb_persistence_profile_path": {
      "description": "Path to optional object that enables persistence on a virtual server allowing related client connections to be sent to the same backend server. Persistence is disabled by default.", 
      "required": false, 
      "title": "Persistence Profile used by LBVirtualServer", 
      "type": "string"
    }, 
    "lb_service_path": {
      "description": "virtual servers can be associated to LBService(which is similar to physical/virtual load balancer), LB virtual servers, pools and other entities could be defined independently, the LBService identifier list here would be used to maintain the relationship of LBService and other LB entities.", 
      "required": false, 
      "title": "Path to LBService object for LBVirtualServer", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "max_concurrent_connections": {
      "description": "To ensure one virtual server does not over consume resources, affecting other applications hosted on the same LBS, connections to a virtual server can be capped. If it is not specified, it means that connections are unlimited.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Maximum concurrent connection number", 
      "type": "integer"
    }, 
    "max_new_connection_rate": {
      "description": "To ensure one virtual server does not over consume resources, connections to a member can be rate limited. If it is not specified, it means that connection rate is unlimited.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Maximum new connection rate in connections per second", 
      "type": "integer"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "pool_path": {
      "description": "The server pool(LBPool) contains backend servers. Server pool consists of one or more servers, also referred to as pool members, that are similarly configured and are running the same application.", 
      "required": false, 
      "title": "Default server pool path", 
      "type": "string"
    }, 
    "ports": {
      "description": "Ports contains a list of at least one port or port range such as \"80\", \"1234-1236\". Each port element in the list should be a single port or a single port range.", 
      "items": {
        "$ref": "PortElement
      }, 
      "required": true, 
      "title": "Virtual server port number(s) or port range(s)", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rules": {
      "description": "Load balancer rules allow customization of load balancing behavior using match/action rules. Currently, load balancer rules are supported for only layer 7 virtual servers with LBHttpProfile.", 
      "items": {
        "$ref": "LBRule
      }, 
      "maxItems": 512, 
      "required": false, 
      "title": "List of load balancer rules", 
      "type": "array"
    }, 
    "server_ssl_profile_binding": {
      "$ref": "LBServerSslProfileBinding, 
      "description": "The setting is used when load balancer acts as an SSL client and establishing a connection to the backend server.", 
      "required": false, 
      "title": "Pool side SSL binding setting"
    }, 
    "sorry_pool_path": {
      "description": "When load balancer can not select a backend server to serve the request in default pool or pool in rules, the request would be served by sorry server pool.", 
      "required": false, 
      "title": "Sorry server pool path", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Base class for each type of LBVirtualServer", 
  "type": "object"
}

LBVirtualServerListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LBVirtualServerListResult", 
  "module_id": "PolicyLoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LBVirtualServer
      }, 
      "required": true, 
      "title": "LBVirtualServer list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of LBVirtualServers", 
  "type": "object"
}

LBVirtualServerStatistics (type) 

{
  "extends": {
    "$ref": "LBVirtualServerStatisticsPerEP
  }, 
  "id": "LBVirtualServerStatistics", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBVirtualServerStatistics"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "readonly": true, 
      "title": "Timestamp when the data was last updated"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "statistics": {
      "$ref": "LBStatisticsCounter, 
      "description": "Virtual server statistics counter.", 
      "readonly": true, 
      "title": "Virtual server statistics counter"
    }, 
    "virtual_server_path": {
      "description": "load balancer virtual server object path.", 
      "readonly": true, 
      "title": "load balancer virtual server object path", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LBVirtualServerStatisticsPerEP (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyRuntimeInfoPerEP
  }, 
  "id": "LBVirtualServerStatisticsPerEP", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "LBVirtualServerStatistics on specific Enforcement Point", 
  "type": "object"
}

LBVirtualServerStatus (type) 

{
  "extends": {
    "$ref": "LBVirtualServerStatusPerEP
  }, 
  "id": "LBVirtualServerStatus", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LBVirtualServerStatus"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "readonly": true, 
      "title": "Timestamp when the data was last updated."
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }, 
    "status": {
      "description": "UP means that all primary members in default pool are in UP status. For L7 virtual server, if there is no default pool, the virtual server would be treated as UP. PARTIALLY_UP means that some(not all) primary members in default pool are in UP status. The size of these active primary members should be larger than or equal to the certain number(min_active_members) which is defined in LBPool. When there are no backup members which are in the UP status, the number(min_active_members) would be ignored. PRIMARY_DOWN means that less than certain(min_active_members) primary members in default pool are in UP status but backup members are in UP status, the connections would be dispatched to backup members. DOWN means that all primary and backup members are in DOWN status. DETACHED means that the virtual server is not bound to any service. DISABLED means that the admin state of the virtual server is disabled. UNKOWN means that no status reported from transport-nodes. The associated load balancer service may be working(or not working).", 
      "enum": [
        "UP", 
        "PARTIALLY_UP", 
        "PRIMARY_DOWN", 
        "DOWN", 
        "DETACHED", 
        "DISABLED", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "title": "Virtual server status", 
      "type": "string"
    }, 
    "virtual_server_path": {
      "description": "load balancer virtual server object path.", 
      "readonly": true, 
      "title": "load balancer virtual server object path", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LBVirtualServerStatusPerEP (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyRuntimeInfoPerEP
  }, 
  "id": "LBVirtualServerStatusPerEP", 
  "module_id": "PolicyLBStatistics", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "resource_type": {
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "LBVirtualServerStatus on specific Enforcement Point", 
  "type": "object"
}

LBXForwardedForType (type) 

{
  "additionalProperties": false, 
  "description": "X-forwarded-for type.", 
  "enum": [
    "INSERT", 
    "REPLACE"
  ], 
  "id": "LBXForwardedForType", 
  "module_id": "PolicyLoadBalancer", 
  "title": "X-forwarded-for type", 
  "type": "string"
}

Label (type) 

{
  "additionalProperties": false, 
  "description": "Label that will be displayed for a UI element.", 
  "id": "Label", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "condition": {
      "description": "If the condition is met then the label will be applied. Examples of expression syntax are provided under example_request section of CreateWidgetConfiguration API.", 
      "maxLength": 1024, 
      "title": "Expression for evaluating condition", 
      "type": "string"
    }, 
    "hover": {
      "default": false, 
      "description": "If true, displays the label only on hover", 
      "title": "Show label only on hover", 
      "type": "boolean"
    }, 
    "icons": {
      "description": "Icons to be applied at dashboard for the label", 
      "items": {
        "$ref": "Icon
      }, 
      "minItems": 0, 
      "title": "Icons", 
      "type": "array"
    }, 
    "navigation": {
      "description": "Hyperlink of the specified UI page that provides details.", 
      "maxLength": 1024, 
      "title": "Navigation to a specified UI page", 
      "type": "string"
    }, 
    "text": {
      "description": "Text to be displayed at the label.", 
      "maxLength": 255, 
      "required": true, 
      "title": "Label text", 
      "type": "string"
    }
  }, 
  "title": "Label", 
  "type": "object"
}

LabelValueConfiguration (type) 

{
  "additionalProperties": false, 
  "description": "Represents a Label-Value widget configuration", 
  "extends": {
    "$ref": "WidgetConfiguration
  }, 
  "id": "LabelValueConfiguration", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LabelValueConfiguration"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "datasources": {
      "description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.", 
      "items": {
        "$ref": "Datasource
      }, 
      "minItems": 0, 
      "title": "Array of Datasource Instances with their relative urls", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.", 
      "maxLength": 255, 
      "title": "Widget Title", 
      "type": "string"
    }, 
    "drilldown_id": {
      "description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.", 
      "maxLength": 255, 
      "title": "Id of drilldown widget", 
      "type": "string"
    }, 
    "footer": {
      "$ref": "Footer
    }, 
    "icons": {
      "description": "Icons to be applied at dashboard for widgets and UI elements.", 
      "items": {
        "$ref": "Icon
      }, 
      "title": "Icons", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_drilldown": {
      "default": false, 
      "description": "Set to true if this widget should be used as a drilldown.", 
      "title": "Set as a drilldown widget", 
      "type": "boolean"
    }, 
    "layout": {
      "$ref": "Layout, 
      "description": "Layout of properties can be vertical or grid. If layout is not specified a default vertical layout is applied.", 
      "title": "Layout of properties inside widget"
    }, 
    "legend": {
      "$ref": "Legend, 
      "description": "Legend to be displayed. If legend is not needed, do not include it.", 
      "title": "Legend for the widget"
    }, 
    "navigation": {
      "description": "Hyperlink of the specified UI page that provides details.", 
      "maxLength": 1024, 
      "title": "Navigation to a specified UI page", 
      "type": "string"
    }, 
    "properties": {
      "description": "An array of label-value properties.", 
      "items": {
        "$ref": "PropertyItem
      }, 
      "required": true, 
      "title": "Rows", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration and ContainerConfiguration.", 
      "enum": [
        "LabelValueConfiguration", 
        "DonutConfiguration", 
        "MultiWidgetConfiguration", 
        "ContainerConfiguration", 
        "StatsConfiguration", 
        "GridConfiguration", 
        "GraphConfiguration"
      ], 
      "maxLength": 255, 
      "readonly": true, 
      "required": true, 
      "title": "Widget visualization type", 
      "type": "string"
    }, 
    "shared": {
      "deprecated": true, 
      "description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.", 
      "title": "Visiblity of widgets to other users", 
      "type": "boolean"
    }, 
    "sub_type": {
      "description": "A sub-type of LabelValueConfiguration. If sub-type is not specified the parent type is rendered. For VERTICALLY_ALIGNED sub_type, the value is placed below the label.", 
      "enum": [
        "VERTICALLY_ALIGNED"
      ], 
      "title": "Sub-type of the LabelValueConfiguration", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "weight": {
      "deprecated": true, 
      "description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.", 
      "title": "Weightage or placement of the widget or container", 
      "type": "int"
    }
  }, 
  "title": "Label Value Dashboard Widget Configuration", 
  "type": "object"
}

Lag (type) 

{
  "id": "Lag", 
  "module_id": "UplinkHostSwitchProfile", 
  "properties": {
    "id": {
      "readonly": true, 
      "required": false, 
      "title": "unique id", 
      "type": "string"
    }, 
    "load_balance_algorithm": {
      "enum": [
        "SRCMAC", 
        "DESTMAC", 
        "SRCDESTMAC", 
        "SRCDESTIPVLAN", 
        "SRCDESTMACIPPORT"
      ], 
      "required": true, 
      "title": "LACP load balance Algorithm", 
      "type": "string"
    }, 
    "mode": {
      "enum": [
        "ACTIVE", 
        "PASSIVE"
      ], 
      "required": true, 
      "title": "LACP group mode", 
      "type": "string"
    }, 
    "name": {
      "help_summary": "the max length of the name is 47-byte in UTF-8 encoding", 
      "required": true, 
      "title": "Lag name", 
      "type": "string"
    }, 
    "number_of_uplinks": {
      "maximum": 32, 
      "minimum": 2, 
      "required": true, 
      "title": "number of uplinks", 
      "type": "int"
    }, 
    "timeout_type": {
      "default": "SLOW", 
      "enum": [
        "SLOW", 
        "FAST"
      ], 
      "required": false, 
      "title": "LACP timeout type", 
      "type": "string"
    }, 
    "uplinks": {
      "items": {
        "$ref": "Uplink
      }, 
      "maxItems": 32, 
      "readonly": true, 
      "required": false, 
      "title": "uplink names", 
      "type": "array"
    }
  }, 
  "title": "LACP group", 
  "type": "object"
}

Layout (type) 

{
  "additionalProperties": false, 
  "description": "Represents layout of a container or widget", 
  "id": "Layout", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "properties": {
      "$ref": "LayoutProperties
    }, 
    "type": {
      "default": "HORIZONTAL", 
      "description": "Describes layout of a container or widget. Layout describes how individual widgets are placed inside the container. For example, if HORIZONTAL is chosen widgets are placed side by side inside the container. If VERTICAL is chosen then widgets are placed one below the other. If GRID is chosen then the container or widget display area is divided into a grid of m rows and n columns, as specified in the properties, and the widgets are placed inside the grid.", 
      "enum": [
        "HORIZONTAL", 
        "VERTICAL", 
        "GRID"
      ], 
      "title": "Type of layout of a container or widget", 
      "type": "string"
    }
  }, 
  "title": "Layout of a container or widget", 
  "type": "object"
}

LayoutProperties (type) 

{
  "additionalProperties": false, 
  "description": "Properties of the layout of a container or widget", 
  "id": "LayoutProperties", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "num_columns": {
      "description": "Describes the number of columns of grid layout of a container or widget. This property is applicable for grid layout only.", 
      "title": "Number of columns of grid", 
      "type": "int"
    }, 
    "num_rows": {
      "description": "Describes the number of rows of grid layout of a container or widget. This property is applicable for grid layout only.", 
      "title": "Number of rows of grid", 
      "type": "int"
    }
  }, 
  "title": "Layout properties of a container or widget", 
  "type": "object"
}

LbActiveMonitor (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbMonitor
  }, 
  "id": "LbActiveMonitor", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "num of consecutive checks must fail before marking it down", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "the frequency at which the system issues the monitor check (in second)", 
      "type": "integer"
    }, 
    "monitor_port": {
      "$ref": "PortElement, 
      "description": "If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.", 
      "required": false, 
      "title": "port which is used for healthcheck"
    }, 
    "resource_type": {
      "$ref": "MonitorType, 
      "required": true
    }, 
    "rise_count": {
      "default": 3, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "num of consecutive checks must pass before marking it up", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "the number of seconds the target has in which to respond to the monitor\nrequest\n", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LbAppProfile (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "LbAppProfile", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "ApplicationProfileType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LbAppProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "LbAppProfileListRequestParameters", 
  "module_id": "LoadBalancer", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "type": {
      "$ref": "ApplicationProfileType, 
      "description": "Specify this type parameter to retrieve a list of load balancer application profiles of specified type.", 
      "required": false, 
      "title": "Load balancer application profile type"
    }
  }, 
  "type": "object"
}

LbAppProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LbAppProfileListResult", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LbAppProfile
      }, 
      "required": true, 
      "title": "paginated list of load balancer application profiles", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbClientCertificateIssuerDnCondition (type) 

{
  "id": "LbClientCertificateIssuerDnCondition", 
  "module_id": "LoadBalancer", 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing issuer DN value.", 
      "required": false, 
      "title": "A case sensitive flag for issuer DN comparing", 
      "type": "boolean"
    }, 
    "issuer_dn": {
      "required": true, 
      "title": "Value of issuer DN", 
      "type": "string"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "required": false, 
      "title": "Match type of issuer DN"
    }
  }, 
  "title": "Match condition for client certficate issuer DN", 
  "type": "object"
}

LbClientCertificateSubjectDnCondition (type) 

{
  "id": "LbClientCertificateSubjectDnCondition", 
  "module_id": "LoadBalancer", 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing subject DN value.", 
      "required": false, 
      "title": "A case sensitive flag for subject DN comparing", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "required": false, 
      "title": "Match type of subject DN"
    }, 
    "subject_dn": {
      "required": true, 
      "title": "Value of subject DN", 
      "type": "string"
    }
  }, 
  "title": "Match condition for client certficate subject DN", 
  "type": "object"
}

LbClientSslProfile (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbSslProfile
  }, 
  "id": "LbClientSslProfile", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "cipher_group_label": {
      "$ref": "SslCipherGroup, 
      "description": "It is a label of cipher group which is mostly consumed by GUI.", 
      "required": false, 
      "title": "Label of cipher group"
    }, 
    "ciphers": {
      "items": {
        "$ref": "SslCipher
      }, 
      "required": false, 
      "title": "supported SSL cipher list to client side", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_fips": {
      "description": "This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant..", 
      "readonly": true, 
      "title": "FIPS compliance of ciphers and protocols", 
      "type": "boolean"
    }, 
    "is_secure": {
      "description": "This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.", 
      "readonly": true, 
      "title": "Secure/Insecure SSL profile flag", 
      "type": "boolean"
    }, 
    "prefer_server_ciphers": {
      "default": true, 
      "description": "During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference.", 
      "required": false, 
      "title": "prefer server ciphers flag", 
      "type": "boolean"
    }, 
    "protocols": {
      "description": "SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.", 
      "items": {
        "$ref": "SslProtocol
      }, 
      "required": false, 
      "title": "supported SSL protocol list to client side", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "session_cache_enabled": {
      "default": true, 
      "description": "SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake.", 
      "required": false, 
      "title": "session cache enable/disable flag", 
      "type": "boolean"
    }, 
    "session_cache_timeout": {
      "default": 300, 
      "description": "Session cache timeout specifies how long the SSL session parameters are held on to and can be reused.", 
      "maximum": 86400, 
      "minimum": 1, 
      "required": false, 
      "title": "SSL session cache timeout value", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LbClientSslProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LbClientSslProfileListResult", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LbClientSslProfile
      }, 
      "required": true, 
      "title": "paginated list of load balancer client SSL profiles", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbCookiePersistenceProfile (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbPersistenceProfile
  }, 
  "id": "LbCookiePersistenceProfile", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbCookiePersistenceProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "cookie_domain": {
      "description": "HTTP cookie domain could be configured, only available for insert mode.", 
      "required": false, 
      "title": "cookie domain", 
      "type": "string"
    }, 
    "cookie_fallback": {
      "default": true, 
      "description": "If fallback is true, once the cookie points to a server that is down (i.e. admin state DISABLED or healthcheck state is DOWN), then a new server is selected by default to handle that request. If fallback is false, it will cause the request to be rejected if cookie points to a server", 
      "required": false, 
      "title": "cookie persistence fallback", 
      "type": "boolean"
    }, 
    "cookie_garble": {
      "default": true, 
      "description": "If garble is set to true, cookie value (server IP and port) would be encrypted. If garble is set to false, cookie value would be plain text.", 
      "required": false, 
      "title": "cookie persistence garble", 
      "type": "boolean"
    }, 
    "cookie_mode": {
      "$ref": "CookiePersistenceModeType, 
      "default": "INSERT", 
      "required": false, 
      "title": "cookie persistence mode"
    }, 
    "cookie_name": {
      "required": true, 
      "title": "cookie name", 
      "type": "string"
    }, 
    "cookie_path": {
      "description": "HTTP cookie path could be set, only available for insert mode.", 
      "required": false, 
      "title": "cookie path", 
      "type": "string"
    }, 
    "cookie_time": {
      "$ref": "LbCookieTime, 
      "description": "Both session cookie and persistence cookie are supported, if not specified, it's a session cookie. It expires when the browser is closed.", 
      "required": false, 
      "title": "cookie time setting"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "persistence_shared": {
      "default": false, 
      "description": "The persistence shared flag identifies whether the persistence table is shared among virtual-servers referring this profile. If persistence shared flag is not set in the cookie persistence profile bound to a virtual server, it defaults to cookie persistence that is private to each virtual server and is qualified by the pool. This is accomplished by load balancer inserting a cookie with name in the format &lt;name&gt;.&lt;virtual_server_id&gt;.&lt;pool_id&gt;. If persistence shared flag is set in the cookie persistence profile, in cookie insert mode, cookie persistence could be shared across multiple virtual servers that are bound to the same pools. The cookie name would be changed to &lt;name&gt;.&lt;profile-id&gt;.&lt;pool-id&gt;. If persistence shared flag is not set in the sourceIp persistence profile bound to a virtual server, each virtual server that the profile is bound to maintains its own private persistence table. If persistence shared flag is set in the sourceIp persistence profile, all virtual servers the profile is bound to share the same persistence table. If persistence shared flag is not set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using both virtual server ID and profile ID. If persistence shared flag is set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using profile ID. It means that virtual servers which consume the same profile in the LbRule with this flag enabled are sharing the same persistence table.", 
      "required": false, 
      "title": "Persistence shared flag", 
      "type": "boolean"
    }, 
    "resource_type": {
      "$ref": "PersistenceProfileType, 
      "description": "The resource_type property identifies persistence profile type.", 
      "required": true, 
      "title": "Persistence profile type"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LbCookieTime (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "id": "LbCookieTime", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "type"
  }, 
  "properties": {
    "type": {
      "$ref": "CookieTimeType, 
      "required": true
    }
  }, 
  "type": "object"
}

LbEdgeNodeUsage (type) 

{
  "additionalProperties": false, 
  "description": "The capacity contains basic information and load balancer entity usages and capacity for the given edge node.", 
  "extends": {
    "$ref": "LbNodeUsage
  }, 
  "id": "LbEdgeNodeUsage", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbEdgeNodeUsage"
  }, 
  "properties": {
    "current_credit_number": {
      "description": "The current credit number reflects the current usage on the node. For example, configuring a medium load balancer on a node consumes 10 credits. If there are 2 medium instances configured on a node, the current credit number is 2 * 10 = 20.", 
      "readonly": true, 
      "title": "Current credit number", 
      "type": "integer"
    }, 
    "current_large_load_balancer_services": {
      "description": "The number of large load balancer services configured on the node.", 
      "readonly": true, 
      "title": "The current number of large load balancer services", 
      "type": "integer"
    }, 
    "current_medium_load_balancer_services": {
      "description": "The number of medium load balancer services configured on the node.", 
      "readonly": true, 
      "title": "The current number of medium load balancer services", 
      "type": "integer"
    }, 
    "current_pool_members": {
      "description": "The number of pool members configured on the node.", 
      "readonly": true, 
      "title": "The current number of pool members", 
      "type": "integer"
    }, 
    "current_pools": {
      "description": "The number of pools configured on the node.", 
      "readonly": true, 
      "title": "The current number of pools", 
      "type": "integer"
    }, 
    "current_small_load_balancer_services": {
      "description": "The number of small load balancer services configured on the node.", 
      "readonly": true, 
      "title": "The current number of small load balancer services", 
      "type": "integer"
    }, 
    "current_virtual_servers": {
      "description": "The number of virtual servers configured on the node.", 
      "readonly": true, 
      "title": "The current number of virtual servers", 
      "type": "integer"
    }, 
    "edge_cluster_id": {
      "description": "The ID of edge cluster which contains the edge node.", 
      "readonly": true, 
      "title": "The ID of edge cluster", 
      "type": "string"
    }, 
    "form_factor": {
      "description": "The form factor of the given edge node.", 
      "enum": [
        "SMALL_VIRTUAL_MACHINE", 
        "MEDIUM_VIRTUAL_MACHINE", 
        "LARGE_VIRTUAL_MACHINE", 
        "PHYSICAL_MACHINE"
      ], 
      "readonly": true, 
      "title": "The form factor of the given edge node", 
      "type": "string"
    }, 
    "node_id": {
      "description": "The property identifies the node UUID for load balancer node usage.", 
      "required": true, 
      "title": "The UUID of the node for load balancer node usage", 
      "type": "string"
    }, 
    "remaining_credit_number": {
      "description": "The remaining credit number is the remaining credits that can be used for load balancer service configuration. For example, an edge node with form factor LARGE_VIRTUAL_MACHINE has 40 credits, and a medium load balancer instance costs 10 credits. If there are currently 3 medium instances configured, the remaining credit number is 40 - (3 * 10) = 10.", 
      "readonly": true, 
      "title": "Remaining credit number", 
      "type": "integer"
    }, 
    "remaining_large_load_balancer_services": {
      "description": "The remaining number of large load balancer services which could be configured on the given edge node.", 
      "readonly": true, 
      "title": "The remaining number of large load balancer services", 
      "type": "integer"
    }, 
    "remaining_medium_load_balancer_services": {
      "description": "The remaining number of medium load balancer services which could be configured on the given edge node.", 
      "readonly": true, 
      "title": "The remaining number of medium load balancer services", 
      "type": "integer"
    }, 
    "remaining_pool_members": {
      "description": "The remaining number of pool members which could be configured on the given edge node.", 
      "readonly": true, 
      "title": "The remaining number of pool members", 
      "type": "integer"
    }, 
    "remaining_small_load_balancer_services": {
      "description": "The remaining number of small load balancer services which could be configured on the given edge node.", 
      "readonly": true, 
      "title": "The remaining number of small load balancer services", 
      "type": "integer"
    }, 
    "severity": {
      "$ref": "LbUsageSeverity, 
      "description": "The severity calculation is based on current credit usage percentage of load balancer for one node.", 
      "readonly": true, 
      "title": "LB usage severity"
    }, 
    "type": {
      "$ref": "LbNodeUsageType, 
      "description": "The property identifies the load balancer node usage type.", 
      "required": true, 
      "title": "Type of load balancer node usage"
    }, 
    "usage_percentage": {
      "description": "The usage percentage of one edge node for the load balancer services.", 
      "readonly": true, 
      "title": "Usage percentage", 
      "type": "number"
    }
  }, 
  "title": "The load balancer usage for an edge node", 
  "type": "object"
}

LbFastTcpProfile (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbAppProfile
  }, 
  "id": "LbFastTcpProfile", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbFastTcpProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "close_timeout": {
      "default": 8, 
      "description": "It is used to specify how long a closing TCP connection (both FINs received or a RST is received) should be kept for this application before cleaning up the connection.", 
      "maximum": 60, 
      "minimum": 1, 
      "required": false, 
      "title": "TCP connection idle timeout in seconds", 
      "type": "integer"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "ha_flow_mirroring_enabled": {
      "default": false, 
      "description": "If flow mirroring is enabled, all the flows to the bounded virtual server are mirrored to the standby node.", 
      "required": false, 
      "title": "flow mirroring enabled flag", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "idle_timeout": {
      "default": 1800, 
      "description": "It is used to configure how long an idle TCP connection in ESTABLISHED state should be kept for this application before cleaning up.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "TCP connection idle timeout in seconds", 
      "type": "integer"
    }, 
    "resource_type": {
      "$ref": "ApplicationProfileType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LbFastUdpProfile (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbAppProfile
  }, 
  "id": "LbFastUdpProfile", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbFastUdpProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "flow_mirroring_enabled": {
      "default": false, 
      "description": "If flow mirroring is enabled, all the flows to the bounded virtual server are mirrored to the standby node.", 
      "required": false, 
      "title": "flow mirroring enabled flag", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "idle_timeout": {
      "default": 300, 
      "description": "Though UDP is a connectionless protocol, for the purposes of load balancing, all UDP packets with the same flow signature (source and destination IP/ports and IP protocol) received within the idle timeout period are considered to belong to the same connection and are sent to the same backend server. If no packets are received for idle timeout period, the connection (association between flow signature and the selected server) is cleaned up.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "UDP idle timeout in seconds", 
      "type": "integer"
    }, 
    "resource_type": {
      "$ref": "ApplicationProfileType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LbGenericPersistenceProfile (type) 

{
  "additionalProperties": false, 
  "description": "The profile is used to define the persistence entry expiration time, mirroring enabled flag to synchronize persistence entries, persistence shared flag for the associated virtual servers. The profile cannot be attached to virtual server directly, it can be only consumed by LB rule action. In HTTP forwarding phase, LBVariablePersistenceOnAction can be used to consume LbGenericPersistenceProfile. In HTTP response rewriting phase, LBVariablePersistenceLearnAction is used instead.", 
  "extends": {
    "$ref": "LbPersistenceProfile
  }, 
  "id": "LbGenericPersistenceProfile", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbGenericPersistenceProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "ha_persistence_mirroring_enabled": {
      "default": false, 
      "description": "The mirroring enabled flag is to synchronize persistence entries. Persistence entries are not synchronized to the HA peer by default.", 
      "required": false, 
      "title": "Mirroring enabled flag", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "persistence_shared": {
      "default": false, 
      "description": "The persistence shared flag identifies whether the persistence table is shared among virtual-servers referring this profile. If persistence shared flag is not set in the cookie persistence profile bound to a virtual server, it defaults to cookie persistence that is private to each virtual server and is qualified by the pool. This is accomplished by load balancer inserting a cookie with name in the format &lt;name&gt;.&lt;virtual_server_id&gt;.&lt;pool_id&gt;. If persistence shared flag is set in the cookie persistence profile, in cookie insert mode, cookie persistence could be shared across multiple virtual servers that are bound to the same pools. The cookie name would be changed to &lt;name&gt;.&lt;profile-id&gt;.&lt;pool-id&gt;. If persistence shared flag is not set in the sourceIp persistence profile bound to a virtual server, each virtual server that the profile is bound to maintains its own private persistence table. If persistence shared flag is set in the sourceIp persistence profile, all virtual servers the profile is bound to share the same persistence table. If persistence shared flag is not set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using both virtual server ID and profile ID. If persistence shared flag is set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using profile ID. It means that virtual servers which consume the same profile in the LbRule with this flag enabled are sharing the same persistence table.", 
      "required": false, 
      "title": "Persistence shared flag", 
      "type": "boolean"
    }, 
    "resource_type": {
      "$ref": "PersistenceProfileType, 
      "description": "The resource_type property identifies persistence profile type.", 
      "required": true, 
      "title": "Persistence profile type"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 300, 
      "description": "When all connections complete (reference count reaches 0), persistence entry timer is started with the expiration time.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Persistence entry expiration time in seconds", 
      "type": "integer"
    }
  }, 
  "title": "LB generic persistence profile", 
  "type": "object"
}

LbHttpMonitor (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbActiveMonitor
  }, 
  "id": "LbHttpMonitor", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpMonitor"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "num of consecutive checks must fail before marking it down", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "the frequency at which the system issues the monitor check (in second)", 
      "type": "integer"
    }, 
    "monitor_port": {
      "$ref": "PortElement, 
      "description": "If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.", 
      "required": false, 
      "title": "port which is used for healthcheck"
    }, 
    "request_body": {
      "required": false, 
      "title": "String to send as part of HTTP health check request body. Valid only\nfor certain HTTP methods like POST.\n", 
      "type": "string"
    }, 
    "request_headers": {
      "items": {
        "$ref": "LbHttpRequestHeader
      }, 
      "required": false, 
      "title": "Array of HTTP request headers", 
      "type": "array"
    }, 
    "request_method": {
      "$ref": "HttpRequestMethodType, 
      "default": "GET", 
      "required": false, 
      "title": "the health check method for HTTP monitor type"
    }, 
    "request_url": {
      "required": false, 
      "title": "URL used for HTTP monitor", 
      "type": "string"
    }, 
    "request_version": {
      "$ref": "HttpRequestVersionType, 
      "default": "HTTP_VERSION_1_1", 
      "required": false, 
      "title": "HTTP request version"
    }, 
    "resource_type": {
      "$ref": "MonitorType, 
      "required": true
    }, 
    "response_body": {
      "description": "If HTTP response body match string (regular expressions not supported) is specified (using LbHttpMonitor.response_body) then the healthcheck HTTP response body is matched against the specified string and server is considered healthy only if there is a match. If the response body string is not specified, HTTP healthcheck is considered successful if the HTTP response status code is 2xx, but it can be configured to accept other status codes as successful.", 
      "required": false, 
      "title": "response body to match", 
      "type": "string"
    }, 
    "response_status_codes": {
      "description": "The HTTP response status code should be a valid HTTP status code.", 
      "items": {
        "type": "int"
      }, 
      "maxItems": 64, 
      "required": false, 
      "title": "Array of single HTTP response status codes", 
      "type": "array"
    }, 
    "rise_count": {
      "default": 3, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "num of consecutive checks must pass before marking it up", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "the number of seconds the target has in which to respond to the monitor\nrequest\n", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LbHttpProfile (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbAppProfile
  }, 
  "id": "LbHttpProfile", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "http_redirect_to": {
      "description": "If a website is temporarily down or has moved, incoming requests for that virtual server can be temporarily redirected to a URL", 
      "required": false, 
      "title": "http redirect static URL", 
      "type": "string"
    }, 
    "http_redirect_to_https": {
      "default": false, 
      "description": "Certain secure applications may want to force communication over SSL, but instead of rejecting non-SSL connections, they may choose to redirect the client automatically to use SSL.", 
      "required": false, 
      "title": "flag to indicate whether enable HTTP-HTTPS redirect", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "idle_timeout": {
      "default": 15, 
      "description": "It is used to specify the HTTP application idle timeout, it means that how long the load balancer will keep the connection idle to wait for the client to send the next keep-alive request. It is not a TCP socket setting.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "HTTP application idle timeout in seconds", 
      "type": "integer"
    }, 
    "ntlm": {
      "default": false, 
      "description": "NTLM is an authentication protocol that can be used over HTTP. If the flag is set to true, LB will use NTLM challenge/response methodology.", 
      "required": false, 
      "title": "NTLM support flag", 
      "type": "boolean"
    }, 
    "request_body_size": {
      "description": "If it is not specified, it means that request body size is unlimited.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Maximum size of the buffer used to store HTTP request body", 
      "type": "integer"
    }, 
    "request_header_size": {
      "default": 1024, 
      "description": "A request with header larger than request_header_size will be processed as best effort whereas a request with header below this specified size is guaranteed to be processed.", 
      "maximum": 65536, 
      "minimum": 1, 
      "required": false, 
      "title": "Maximum size of the buffer used to store HTTP request headers", 
      "type": "integer"
    }, 
    "resource_type": {
      "$ref": "ApplicationProfileType, 
      "required": true
    }, 
    "response_header_size": {
      "default": 4096, 
      "description": "A response with header larger than response_header_size will be dropped.", 
      "maximum": 65536, 
      "minimum": 1, 
      "required": false, 
      "title": "Maximum size of the buffer used to store HTTP response headers", 
      "type": "integer"
    }, 
    "response_timeout": {
      "default": 60, 
      "description": "If server doesn't send any packet within this time, the connection is closed.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "Maximum server idle time in seconds", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "x_forwarded_for": {
      "$ref": "XForwardedForType, 
      "required": false, 
      "title": "insert or replace x_forwarded_for"
    }
  }, 
  "type": "object"
}

LbHttpRedirectAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to redirect HTTP request messages to a new URL. The reply_status value specified in this action is used as the status code of HTTP response message which is sent back to client (Normally a browser). The HTTP status code for redirection is 3xx, for example, 301, 302, 303, 307, etc. The redirect_url is the new URL that the HTTP request message is redirected to. Normally browser will send another HTTP request to the new URL after receiving a redirection response message. Captured variables and built-in variables can be used in redirect_url field. For example, to redirect all HTTP requests to HTTPS requests for a virtual server. We create an LbRule without any conditions, add an LbHttpRedirectAction to the rule. Set the redirect_url field of the LbHttpRedirectAction to:   https://$_host$_request_uri And set redirect_status to \"302\", which means found. This rule will redirect all HTTP requests to HTTPS server port on the same host.", 
  "extends": {
    "$ref": "LbRuleAction
  }, 
  "id": "LbHttpRedirectAction", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpRedirectAction"
  }, 
  "properties": {
    "redirect_status": {
      "required": true, 
      "title": "HTTP response status code", 
      "type": "string"
    }, 
    "redirect_url": {
      "required": true, 
      "title": "The URL that the HTTP request is redirected to", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LbRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Action to redirect HTTP request messages", 
  "type": "object"
}

LbHttpRejectAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to reject HTTP request messages. The specified reply_status value is used as the status code for the corresponding HTTP response message which is sent back to client (Normally a browser) indicating the reason it was rejected. Reference official HTTP status code list for your specific HTTP version to set the reply_status properly. LbHttpRejectAction does not support variables.", 
  "extends": {
    "$ref": "LbRuleAction
  }, 
  "id": "LbHttpRejectAction", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpRejectAction"
  }, 
  "properties": {
    "reply_message": {
      "required": false, 
      "title": "Response message", 
      "type": "string"
    }, 
    "reply_status": {
      "required": true, 
      "title": "HTTP response status code", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LbRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Action to reject HTTP request messages", 
  "type": "object"
}

LbHttpRequestBodyCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match the message body of an HTTP request. Typically, only HTTP POST, PATCH, or PUT requests have request body. The match_type field defines how body_value field is used to match the body of HTTP requests.", 
  "extends": {
    "$ref": "LbRuleCondition
  }, 
  "id": "LbHttpRequestBodyCondition", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpRequestBodyCondition"
  }, 
  "properties": {
    "body_value": {
      "required": true, 
      "title": "HTTP request body", 
      "type": "string"
    }, 
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing HTTP body value.", 
      "required": false, 
      "title": "A case sensitive flag for HTTP body comparing", 
      "type": "boolean"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "required": false, 
      "title": "Match type of HTTP body"
    }, 
    "type": {
      "$ref": "LbRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Condition to match content of HTTP request message body", 
  "type": "object"
}

LbHttpRequestCookieCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match HTTP request messages by cookie which is a specific type of HTTP header. The match_type and case_sensitive define how to compare cookie value.", 
  "extends": {
    "$ref": "LbRuleCondition
  }, 
  "id": "LbHttpRequestCookieCondition", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpRequestCookieCondition"
  }, 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing cookie value.", 
      "required": false, 
      "title": "A case sensitive flag for cookie value comparing", 
      "type": "boolean"
    }, 
    "cookie_name": {
      "required": true, 
      "title": "Name of cookie", 
      "type": "string"
    }, 
    "cookie_value": {
      "required": true, 
      "title": "Value of cookie", 
      "type": "string"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "required": false, 
      "title": "Match type of cookie value"
    }, 
    "type": {
      "$ref": "LbRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Condition to match HTTP request cookie", 
  "type": "object"
}

LbHttpRequestHeader (type) 

{
  "additionalProperties": false, 
  "id": "LbHttpRequestHeader", 
  "module_id": "LoadBalancer", 
  "properties": {
    "header_name": {
      "required": true, 
      "title": "Name of HTTP request header", 
      "type": "string"
    }, 
    "header_value": {
      "required": true, 
      "title": "Value of HTTP request header", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbHttpRequestHeaderCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match HTTP request messages by HTTP header fields. HTTP header fields are components of the header section of HTTP request and response messages. They define the operating parameters of an HTTP transaction. For example, Cookie, Authorization, User-Agent, etc. One condition can be used to match one header field, to match multiple header fields, multiple conditions must be specified. The match_type field defines how header_value field is used to match HTTP requests. The header_name field does not support match types.", 
  "extends": {
    "$ref": "LbRuleCondition
  }, 
  "id": "LbHttpRequestHeaderCondition", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpRequestHeaderCondition"
  }, 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing HTTP header value.", 
      "required": false, 
      "title": "A case sensitive flag for HTTP header value comparing", 
      "type": "boolean"
    }, 
    "header_name": {
      "required": true, 
      "title": "Name of HTTP header", 
      "type": "string"
    }, 
    "header_value": {
      "required": true, 
      "title": "Value of HTTP header", 
      "type": "string"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "required": false, 
      "title": "Match type of HTTP header value"
    }, 
    "type": {
      "$ref": "LbRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Condition to match HTTP request header", 
  "type": "object"
}

LbHttpRequestHeaderDeleteAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to delete header fields of HTTP request messages at HTTP_REQUEST_REWRITE phase. One action can be used to delete all headers with same header name. To delete headers with different header names, multiple actions must be defined.", 
  "extends": {
    "$ref": "LbRuleAction
  }, 
  "id": "LbHttpRequestHeaderDeleteAction", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpRequestHeaderDeleteAction"
  }, 
  "properties": {
    "header_name": {
      "required": true, 
      "title": "Name of a header field of HTTP request message", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LbRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Action to delete HTTP request header fields", 
  "type": "object"
}

LbHttpRequestHeaderRewriteAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to rewrite header fields of matched HTTP request messages to specified new values. One action can be used to rewrite one header field. To rewrite multiple header fields, multiple actions must be defined. Captured variables and built-in variables can be used in the header_value field, header_name field does not support variables.", 
  "extends": {
    "$ref": "LbRuleAction
  }, 
  "id": "LbHttpRequestHeaderRewriteAction", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpRequestHeaderRewriteAction"
  }, 
  "properties": {
    "header_name": {
      "required": true, 
      "title": "Name of HTTP request header", 
      "type": "string"
    }, 
    "header_value": {
      "required": true, 
      "title": "Value of HTTP request header", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LbRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Action to rewrite header fields of HTTP request messages.", 
  "type": "object"
}

LbHttpRequestMethodCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match method of HTTP requests. If the method of an HTTP request is same as the method specified in this condition, the HTTP request match this condition. For example, if the method field is set to GET in this condition, any HTTP request with GET method matches the condition.", 
  "extends": {
    "$ref": "LbRuleCondition
  }, 
  "id": "LbHttpRequestMethodCondition", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpRequestMethodCondition"
  }, 
  "properties": {
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "method": {
      "$ref": "HttpRequestMethodType, 
      "required": true, 
      "title": "Type of HTTP request method"
    }, 
    "type": {
      "$ref": "LbRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Condition to match method of HTTP request messages", 
  "type": "object"
}

LbHttpRequestUriArgumentsCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match URI arguments aka query string of Http request messages, for example, in URI http://exaple.com?foo=1&bar=2, the \"foo=1&bar=2\" is the query string containing URI arguments. In an URI scheme, query string is indicated by the first question mark (\"?\") character and terminated by a number sign (\"#\") character or by the end of the URI. The uri_arguments field can be specified as a regular expression(Set match_type to REGEX). For example, \"foo=(?&lt;x&gt;\\d+)\". It matches HTTP requests whose URI arguments containing \"foo\", the value of foo contains only digits. And the value of foo is captured as $x which can be used in LbRuleAction fields which support variables.", 
  "extends": {
    "$ref": "LbRuleCondition
  }, 
  "id": "LbHttpRequestUriArgumentsCondition", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpRequestUriArgumentsCondition"
  }, 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing URI arguments.", 
      "required": false, 
      "title": "A case sensitive flag for URI arguments comparing", 
      "type": "boolean"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "required": false, 
      "title": "Match type of URI arguments"
    }, 
    "type": {
      "$ref": "LbRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }, 
    "uri_arguments": {
      "description": "URI arguments, aka query string of URI.", 
      "required": true, 
      "title": "URI arguments", 
      "type": "string"
    }
  }, 
  "title": "Condition to match URI arguments of HTTP requests", 
  "type": "object"
}

LbHttpRequestUriCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match URIs(Uniform Resource Identifier) of HTTP request messages. The URI field can be specified as a regular expression. If an HTTP request message is requesting an URI which matches specified regular expression, it matches the condition. The syntax of whole URI looks like this: scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment] This condition matches only the path part of entire URI. When match_type field is specified as REGEX, the uri field is used as a regular expression to match URI path of HTTP requests. For example, to match any URI that has \"/image/\" or \"/images/\", uri field can be specified as: \"/image[s]?/\". Named capturing groups can be used in the uri field to capture substrings of matched URIs and store them in variables for use in LbRuleAction. For example, specify uri field as: \"/news/(?&lt;year&gt;\\d+)/(?&lt;month&gt;\\d+)/(?&lt;article&gt;.*)\" If the URI path is /articles/news/2017/06/xyz.html, then substring \"2017\" is captured in variable year, \"06\" is captured in variable month, and \"xyz.html\" is captured in variable article. These variables can then be used in an LbRuleAction field which supports variables, such as uri field of LbHttpRequestUriRewriteAction. For example, set the uri field of LbHttpRequestUriRewriteAction as: \"/articles/news/$year-$month-$article\" Then the URI path /articles/news/2017/06/xyz.html is rewritten to: \"/articles/news/2017-06-xyz.html\"", 
  "extends": {
    "$ref": "LbRuleCondition
  }, 
  "id": "LbHttpRequestUriCondition", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpRequestUriCondition"
  }, 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing URI.", 
      "required": false, 
      "title": "A case sensitive flag for URI comparing", 
      "type": "boolean"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "required": false, 
      "title": "Match type of URI"
    }, 
    "type": {
      "$ref": "LbRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }, 
    "uri": {
      "required": true, 
      "title": "A string used to identify resource", 
      "type": "string"
    }
  }, 
  "title": "Condition to match URIs of HTTP request messages", 
  "type": "object"
}

LbHttpRequestUriRewriteAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to rewrite URIs in matched HTTP request messages. Specify the uri and uri_arguments fields in this condition to rewrite the matched HTTP request message's URI and URI arguments to the new values. Full URI scheme of HTTP messages have following syntax: scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment] The uri field of this action is used to rewrite the /path part in above scheme. And the uri_arguments field is used to rewrite the query part. Captured variables and built-in variables can be used in the uri and uri_arguments fields. Check the example in LbRuleAction to see how to use variables in this action.", 
  "extends": {
    "$ref": "LbRuleAction
  }, 
  "id": "LbHttpRequestUriRewriteAction", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpRequestUriRewriteAction"
  }, 
  "properties": {
    "type": {
      "$ref": "LbRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }, 
    "uri": {
      "required": true, 
      "title": "URI of HTTP request", 
      "type": "string"
    }, 
    "uri_arguments": {
      "description": "Query string of URI, typically contains key value pairs, for example: foo1=bar1&foo2=bar2", 
      "required": false, 
      "title": "URI arguments", 
      "type": "string"
    }
  }, 
  "title": "Action to rewrite HTTP request URIs.", 
  "type": "object"
}

LbHttpRequestVersionCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match the HTTP protocol version of the HTTP request messages.", 
  "extends": {
    "$ref": "LbRuleCondition
  }, 
  "id": "LbHttpRequestVersionCondition", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpRequestVersionCondition"
  }, 
  "properties": {
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "type": {
      "$ref": "LbRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }, 
    "version": {
      "$ref": "HttpRequestVersionType, 
      "required": true, 
      "title": "HTTP version"
    }
  }, 
  "title": "Condition to match HTTP protocol version of HTTP requests", 
  "type": "object"
}

LbHttpResponseHeaderCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match HTTP response messages from backend servers by HTTP header fields. HTTP header fields are components of the header section of HTTP request and response messages. They define the operating parameters of an HTTP transaction. For example, Cookie, Authorization, User-Agent, etc. One condition can be used to match one header field, to match multiple header fields, multiple conditions must be specified. The match_type field defines how header_value field is used to match HTTP responses. The header_name field does not support match types.", 
  "extends": {
    "$ref": "LbRuleCondition
  }, 
  "id": "LbHttpResponseHeaderCondition", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpResponseHeaderCondition"
  }, 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing HTTP header value.", 
      "required": false, 
      "title": "A case sensitive flag for HTTP header value comparing", 
      "type": "boolean"
    }, 
    "header_name": {
      "required": true, 
      "title": "Name of HTTP header field", 
      "type": "string"
    }, 
    "header_value": {
      "required": true, 
      "title": "Value of HTTP header field", 
      "type": "string"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "required": false, 
      "title": "Match type of HTTP header value"
    }, 
    "type": {
      "$ref": "LbRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Condition to match a header field of HTTP response", 
  "type": "object"
}

LbHttpResponseHeaderDeleteAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to delete header fields of HTTP response messages at HTTP_RESPONSE_REWRITE phase. One action can be used to delete allgi headers with same header name. To delete headers with different header names, multiple actions must be defined", 
  "extends": {
    "$ref": "LbRuleAction
  }, 
  "id": "LbHttpResponseHeaderDeleteAction", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpResponseHeaderDeleteAction"
  }, 
  "properties": {
    "header_name": {
      "required": true, 
      "title": "Name of a header field of HTTP response message", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LbRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Action to delete HTTP response header fields", 
  "type": "object"
}

LbHttpResponseHeaderRewriteAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to rewrite header fields of HTTP response messages to specified new values at HTTP_RESPONSE_REWRITE phase. One action can be used to rewrite one header field. To rewrite multiple header fields, multiple actions must be defined. Captured variables and built-in variables can be used in the header_value field, header_name field does not support variables.", 
  "extends": {
    "$ref": "LbRuleAction
  }, 
  "id": "LbHttpResponseHeaderRewriteAction", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpResponseHeaderRewriteAction"
  }, 
  "properties": {
    "header_name": {
      "required": true, 
      "title": "Name of a header field of HTTP request message", 
      "type": "string"
    }, 
    "header_value": {
      "required": true, 
      "title": "Value of header field", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LbRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Action to rewrite HTTP response header fields", 
  "type": "object"
}

LbHttpSslCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match SSL handshake and SSL connection at all phases.If multiple properties are configured, the rule is considered a match when all the configured properties are matched.", 
  "extends": {
    "$ref": "LbRuleCondition
  }, 
  "id": "LbHttpSslCondition", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpSslCondition"
  }, 
  "properties": {
    "client_certificate_issuer_dn": {
      "$ref": "LbClientCertificateIssuerDnCondition, 
      "description": "The issuer DN match condition of the client certificate for an established SSL connection", 
      "required": false, 
      "title": "The issuer DN match condition of the client certificate"
    }, 
    "client_certificate_subject_dn": {
      "$ref": "LbClientCertificateSubjectDnCondition, 
      "description": "The subject DN match condition of the client certificate for an established SSL connection", 
      "required": false, 
      "title": "The subject DN match condition of the client certificate"
    }, 
    "client_supported_ssl_ciphers": {
      "items": {
        "$ref": "SslCipher
      }, 
      "required": false, 
      "title": "Cipher list which supported by client", 
      "type": "array"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "session_reused": {
      "$ref": "LbSslSessionReusedType, 
      "default": "IGNORE", 
      "required": false, 
      "title": "The type of SSL session reused"
    }, 
    "type": {
      "$ref": "LbRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }, 
    "used_protocol": {
      "$ref": "SslProtocol, 
      "required": false, 
      "title": "Protocol of an established SSL connection"
    }, 
    "used_ssl_cipher": {
      "$ref": "SslCipher, 
      "required": false, 
      "title": "Cipher used for an established SSL connection"
    }
  }, 
  "title": "Condition to match SSL handshake and SSL connection", 
  "type": "object"
}

LbHttpsMonitor (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbActiveMonitor
  }, 
  "id": "LbHttpsMonitor", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbHttpsMonitor"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "certificate_chain_depth": {
      "default": 3, 
      "description": "authentication depth is used to set the verification depth in the server certificates chain.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "the maximum traversal depth of server certificate chain", 
      "type": "integer"
    }, 
    "cipher_group_label": {
      "$ref": "SslCipherGroup, 
      "description": "It is a label of cipher group which is mostly consumed by GUI.", 
      "required": false, 
      "title": "Label of cipher group"
    }, 
    "ciphers": {
      "items": {
        "$ref": "SslCipher
      }, 
      "required": false, 
      "title": "supported SSL cipher list to servers", 
      "type": "array"
    }, 
    "client_certificate_id": {
      "description": "client certificate can be specified to support client authentication.", 
      "required": false, 
      "title": "client certificate identifier", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "num of consecutive checks must fail before marking it down", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "the frequency at which the system issues the monitor check (in second)", 
      "type": "integer"
    }, 
    "is_fips": {
      "description": "This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant..", 
      "readonly": true, 
      "title": "FIPS compliance of ciphers and protocols", 
      "type": "boolean"
    }, 
    "is_secure": {
      "description": "This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.", 
      "readonly": true, 
      "title": "Secure/Insecure monitor flag", 
      "type": "boolean"
    }, 
    "monitor_port": {
      "$ref": "PortElement, 
      "description": "If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.", 
      "required": false, 
      "title": "port which is used for healthcheck"
    }, 
    "protocols": {
      "description": "SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.", 
      "items": {
        "$ref": "SslProtocol
      }, 
      "required": false, 
      "title": "supported SSL protocol list to servers", 
      "type": "array"
    }, 
    "request_body": {
      "required": false, 
      "title": "String to send as part of HTTP health check request body. Valid only\nfor certain HTTP methods like POST.\n", 
      "type": "string"
    }, 
    "request_headers": {
      "items": {
        "$ref": "LbHttpRequestHeader
      }, 
      "required": false, 
      "title": "Array of HTTP request headers", 
      "type": "array"
    }, 
    "request_method": {
      "$ref": "HttpRequestMethodType, 
      "default": "GET", 
      "required": false, 
      "title": "the health check method for HTTP monitor type"
    }, 
    "request_url": {
      "required": false, 
      "title": "URL used for HTTP monitor", 
      "type": "string"
    }, 
    "request_version": {
      "$ref": "HttpRequestVersionType, 
      "default": "HTTP_VERSION_1_1", 
      "required": false, 
      "title": "HTTP request version"
    }, 
    "resource_type": {
      "$ref": "MonitorType, 
      "required": true
    }, 
    "response_body": {
      "description": "If HTTP response body match string (regular expressions not supported) is specified (using LbHttpMonitor.response_body) then the healthcheck HTTP response body is matched against the specified string and server is considered healthy only if there is a match. If the response body string is not specified, HTTP healthcheck is considered successful if the HTTP response status code is 2xx, but it can be configured to accept other status codes as successful.", 
      "required": false, 
      "title": "response body to match", 
      "type": "string"
    }, 
    "response_status_codes": {
      "description": "The HTTP response status code should be a valid HTTP status code.", 
      "items": {
        "type": "int"
      }, 
      "maxItems": 64, 
      "required": false, 
      "title": "Array of single HTTP response status codes", 
      "type": "array"
    }, 
    "rise_count": {
      "default": 3, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "num of consecutive checks must pass before marking it up", 
      "type": "integer"
    }, 
    "server_auth": {
      "$ref": "ServerAuthType, 
      "default": "IGNORE", 
      "title": "server authentication mode"
    }, 
    "server_auth_ca_ids": {
      "description": "If server auth type is REQUIRED, server certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "CA identifier list to verify server certificate", 
      "type": "array"
    }, 
    "server_auth_crl_ids": {
      "description": "A Certificate Revocation List (CRL) can be specified in the server-side SSL profile binding to disallow compromised server certificates.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "CRL identifier list to verify server certificate", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "the number of seconds the target has in which to respond to the monitor\nrequest\n", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LbIcmpMonitor (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbActiveMonitor
  }, 
  "id": "LbIcmpMonitor", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbIcmpMonitor"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "data_length": {
      "default": 56, 
      "maximum": 65507, 
      "minimum": 0, 
      "required": false, 
      "title": "The data size(in byte) of the ICMP healthcheck packet", 
      "type": "integer"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "num of consecutive checks must fail before marking it down", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "the frequency at which the system issues the monitor check (in second)", 
      "type": "integer"
    }, 
    "monitor_port": {
      "$ref": "PortElement, 
      "description": "If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.", 
      "required": false, 
      "title": "port which is used for healthcheck"
    }, 
    "resource_type": {
      "$ref": "MonitorType, 
      "required": true
    }, 
    "rise_count": {
      "default": 3, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "num of consecutive checks must pass before marking it up", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "the number of seconds the target has in which to respond to the monitor\nrequest\n", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LbIpHeaderCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match IP header fields of HTTP messages. Currently, only the source IP address is supported. IP addresses can be expressed as a single IP address like 10.1.1.1, or a range of IP addresses like 10.1.1.101-10.1.1.160. Both IPv4 and IPv6 addresses are supported.", 
  "extends": {
    "$ref": "LbRuleCondition
  }, 
  "id": "LbIpHeaderCondition", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbIpHeaderCondition"
  }, 
  "properties": {
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "source_address": {
      "$ref": "IPElement, 
      "required": true, 
      "title": "Source IP address of HTTP message"
    }, 
    "type": {
      "$ref": "LbRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Condition to match IP header fields", 
  "type": "object"
}

LbLogLevel (type) 

{
  "additionalProperties": false, 
  "enum": [
    "DEBUG", 
    "INFO", 
    "WARNING", 
    "ERROR", 
    "CRITICAL", 
    "ALERT", 
    "EMERGENCY"
  ], 
  "id": "LbLogLevel", 
  "module_id": "LoadBalancer", 
  "title": "the log level of load balancer service", 
  "type": "string"
}

LbMonitor (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "LbMonitor", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "MonitorType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LbMonitorListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "LbMonitorListRequestParameters", 
  "module_id": "LoadBalancer", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "type": {
      "$ref": "MonitorQueryType, 
      "description": "Specify this type parameter to retrieve a list of load balancer monitors of specified type.", 
      "required": false, 
      "title": "Load balancer monitor type"
    }
  }, 
  "type": "object"
}

LbMonitorListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LbMonitorListResult", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LbMonitor
      }, 
      "required": true, 
      "title": "paginated list of load balancer monitors", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbNodeCountPerSeverity (type) 

{
  "additionalProperties": false, 
  "description": "The node count for specific load balancer usage severity.", 
  "id": "LbNodeCountPerSeverity", 
  "module_id": "LoadBalancer", 
  "properties": {
    "node_count": {
      "description": "Node count for specific serverity.", 
      "readonly": true, 
      "title": "Node count for specific serverity", 
      "type": "integer"
    }, 
    "severity": {
      "$ref": "LbUsageSeverity, 
      "description": "The severity calculation is based on credit usage percentage of load balancer for one node.", 
      "readonly": true, 
      "title": "LB usage severity"
    }
  }, 
  "title": "The node count for specific severity", 
  "type": "object"
}

LbNodeUsage (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Node usage for load balancer contains basic information and LB entity usages and capacity for the given node.", 
  "id": "LbNodeUsage", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "type"
  }, 
  "properties": {
    "node_id": {
      "description": "The property identifies the node UUID for load balancer node usage.", 
      "required": true, 
      "title": "The UUID of the node for load balancer node usage", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LbNodeUsageType, 
      "description": "The property identifies the load balancer node usage type.", 
      "required": true, 
      "title": "Type of load balancer node usage"
    }
  }, 
  "title": "Node usage for load balancer", 
  "type": "object"
}

LbNodeUsageSummary (type) 

{
  "additionalProperties": false, 
  "description": "The load balancer node usage summary for all nodes. Only EdgeNode is supported. The summary calculation is based on all edge nodes configured in edge clusters.", 
  "id": "LbNodeUsageSummary", 
  "module_id": "LoadBalancer", 
  "properties": {
    "current_credit_number": {
      "description": "The current credit number reflects the overall credit usage for all nodes.", 
      "readonly": true, 
      "title": "Current credit number", 
      "type": "integer"
    }, 
    "node_counts": {
      "description": "The property identifies array of node count for each severity (RED, ORANGE and GREEN).", 
      "items": {
        "$ref": "LbNodeCountPerSeverity
      }, 
      "readonly": true, 
      "title": "Array of node count for each severity", 
      "type": "array"
    }, 
    "node_usages": {
      "description": "The property contains lb node usages for each node.", 
      "items": {
        "$ref": "LbNodeUsage
      }, 
      "readonly": true, 
      "title": "Array of lb node usages", 
      "type": "array"
    }, 
    "remaining_credit_number": {
      "description": "The remaining credit number is the overall remaining credits that can be used for load balancer service configuration for all nodes.", 
      "readonly": true, 
      "title": "Remaining credit number", 
      "type": "integer"
    }, 
    "severity": {
      "$ref": "LbUsageSeverity, 
      "description": "The severity calculation is based on current credit usage percentage of load balancer for all nodes.", 
      "readonly": true, 
      "title": "LB usage severity"
    }, 
    "usage_percentage": {
      "description": "The overall usage percentage of all nodes for the load balancer services.", 
      "readonly": true, 
      "title": "Usage percentage", 
      "type": "number"
    }
  }, 
  "title": "Lb node usage summary for all nodes", 
  "type": "object"
}

LbNodeUsageSummaryRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Load balancer node usage summary request parameters.", 
  "id": "LbNodeUsageSummaryRequestParameters", 
  "module_id": "LoadBalancer", 
  "properties": {
    "include_usages": {
      "description": "Specify whether to include node usages in response. By default, it is false which means node usages are not included in LbNodeUsageSummary response.", 
      "required": false, 
      "title": "Whether to include node usages", 
      "type": "boolean"
    }
  }, 
  "title": "Load balancer node usage summary request parameters", 
  "type": "object"
}

LbNodeUsageType (type) 

{
  "additionalProperties": false, 
  "description": "The node type for load balancer node usage.", 
  "enum": [
    "LbEdgeNodeUsage"
  ], 
  "id": "LbNodeUsageType", 
  "module_id": "LoadBalancer", 
  "title": "Node type for load balancer node usage", 
  "type": "string"
}

LbPassiveMonitor (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbMonitor
  }, 
  "id": "LbPassiveMonitor", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbPassiveMonitor"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "max_fails": {
      "default": 5, 
      "description": "When the consecutive failures reach this value, then the member is considered temporarily unavailable for a configurable period", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "number of consecutive connection failures", 
      "type": "integer"
    }, 
    "resource_type": {
      "$ref": "MonitorType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 5, 
      "description": "After this timeout period, the member is tried again for a new connection to see if it is available.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "timeout in seconds before it is selected again for a new connection", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LbPersistenceCookieTime (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbCookieTime
  }, 
  "id": "LbPersistenceCookieTime", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbPersistenceCookieTime"
  }, 
  "properties": {
    "cookie_max_idle": {
      "description": "HTTP cookie max-age to expire cookie, only available for insert mode.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": true, 
      "title": "persistence cookie max idle time in seconds", 
      "type": "integer"
    }, 
    "type": {
      "$ref": "CookieTimeType, 
      "required": true
    }
  }, 
  "type": "object"
}

LbPersistenceProfile (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "LB persistence profile contains the information related to load balancer persistence options. Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence can be enabled on a LbVirtualServer by binding a persistence profile to it. LbGenericPersistenceProfile cannot be attached to virtual server directly, it can be only consumed by LB rule action. If a user attaches a generic persistence profile directly to a virtual server, the operation is rejected.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "LbPersistenceProfile", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "persistence_shared": {
      "default": false, 
      "description": "The persistence shared flag identifies whether the persistence table is shared among virtual-servers referring this profile. If persistence shared flag is not set in the cookie persistence profile bound to a virtual server, it defaults to cookie persistence that is private to each virtual server and is qualified by the pool. This is accomplished by load balancer inserting a cookie with name in the format &lt;name&gt;.&lt;virtual_server_id&gt;.&lt;pool_id&gt;. If persistence shared flag is set in the cookie persistence profile, in cookie insert mode, cookie persistence could be shared across multiple virtual servers that are bound to the same pools. The cookie name would be changed to &lt;name&gt;.&lt;profile-id&gt;.&lt;pool-id&gt;. If persistence shared flag is not set in the sourceIp persistence profile bound to a virtual server, each virtual server that the profile is bound to maintains its own private persistence table. If persistence shared flag is set in the sourceIp persistence profile, all virtual servers the profile is bound to share the same persistence table. If persistence shared flag is not set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using both virtual server ID and profile ID. If persistence shared flag is set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using profile ID. It means that virtual servers which consume the same profile in the LbRule with this flag enabled are sharing the same persistence table.", 
      "required": false, 
      "title": "Persistence shared flag", 
      "type": "boolean"
    }, 
    "resource_type": {
      "$ref": "PersistenceProfileType, 
      "description": "The resource_type property identifies persistence profile type.", 
      "required": true, 
      "title": "Persistence profile type"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "LB persistence profile", 
  "type": "object"
}

LbPersistenceProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "LbPersistenceProfileListRequestParameters", 
  "module_id": "LoadBalancer", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "type": {
      "$ref": "PersistenceProfileType, 
      "description": "Specify this type parameter to retrieve a list of load balancer persistence profiles of specified type.", 
      "required": false, 
      "title": "Load balancer persistence profile type"
    }
  }, 
  "type": "object"
}

LbPersistenceProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LbPersistenceProfileListResult", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LbPersistenceProfile
      }, 
      "required": true, 
      "title": "paginated list of load balancer persistence profiles", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbPool (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "LbPool", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "active_monitor_ids": {
      "description": "In case of active healthchecks, load balancer itself initiates new connections (or sends ICMP ping) to the servers periodically to check their health, completely independent of any data traffic. Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the pool. Currently, only one active health monitor can be configured per server pool.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "active monitor identifier list", 
      "type": "array"
    }, 
    "algorithm": {
      "$ref": "PoolAlgorithm, 
      "default": "ROUND_ROBIN", 
      "description": "Load balancing algorithm, configurable per pool controls how the incoming connections are distributed among the members.", 
      "required": false, 
      "title": "pool balancing algorithm for backend pool members"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "member_group": {
      "$ref": "PoolMemberGroup, 
      "description": "Load balancer pool support grouping object as dynamic pool members. When member group is defined, members setting should not be specified.", 
      "required": false, 
      "title": "Load balancer member setting with grouping object"
    }, 
    "members": {
      "description": "Server pool consists of one or more pool members. Each pool member is identified, typically, by an IP address and a port.", 
      "items": {
        "$ref": "PoolMember
      }, 
      "required": false, 
      "title": "load balancer pool members", 
      "type": "array"
    }, 
    "min_active_members": {
      "default": 1, 
      "description": "A pool is considered active if there are at least certain minimum number of members.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "minimum number of active pool members to consider pool as active", 
      "type": "integer"
    }, 
    "passive_monitor_id": {
      "description": "Passive healthchecks are disabled by default and can be enabled by attaching a passive health monitor to a server pool. Each time a client connection to a pool member fails, its failed count is incremented. For pools bound to L7 virtual servers, a connection is considered to be failed and failed count is incremented if any TCP connection errors (e.g. TCP RST or failure to send data) or SSL handshake failures occur. For pools bound to L4 virtual servers, if no response is received to a TCP SYN sent to the pool member or if a TCP RST is received in response to a TCP SYN, then the pool member is considered to have failed and the failed count is incremented.", 
      "required": false, 
      "title": "passive monitor identifier", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "snat_translation": {
      "$ref": "LbSnatTranslation, 
      "description": "Depending on the topology, Source NAT (SNAT) may be required to ensure traffic from the server destined to the client is received by the load balancer. SNAT can be enabled per pool. If SNAT is not enabled for a pool, then load balancer uses the client IP and port (spoofing) while establishing connections to the servers. This is referred to as no-SNAT or TRANSPARENT mode.", 
      "required": false, 
      "title": "snat translation configuration"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_multiplexing_enabled": {
      "default": false, 
      "description": "TCP multiplexing allows the same TCP connection between load balancer and the backend server to be used for sending multiple client requests from different client TCP connections.", 
      "required": false, 
      "title": "TCP multiplexing enable flag", 
      "type": "boolean"
    }, 
    "tcp_multiplexing_number": {
      "default": 6, 
      "description": "The maximum number of TCP connections per pool that are idly kept alive for sending future client requests.", 
      "maximum": 2147483647, 
      "minimum": 0, 
      "required": false, 
      "title": "maximum number of TCP connections for multiplexing", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LbPoolListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LbPoolListResult", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LbPool
      }, 
      "required": true, 
      "title": "paginated list of pools", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbPoolMemberStatistics (type) 

{
  "id": "LbPoolMemberStatistics", 
  "module_id": "AggSvcLb", 
  "properties": {
    "ip_address": {
      "$ref": "IPAddress, 
      "required": true, 
      "title": "Pool member IP address"
    }, 
    "port": {
      "$ref": "PortElement, 
      "description": "The port is configured in pool member. For virtual server port range case, pool member port must be null.", 
      "title": "Pool member port"
    }, 
    "statistics": {
      "$ref": "LbStatisticsCounter, 
      "required": true, 
      "title": "Pool member statistics counter"
    }
  }, 
  "type": "object"
}

LbPoolMemberStatus (type) 

{
  "id": "LbPoolMemberStatus", 
  "module_id": "AggSvcLb", 
  "properties": {
    "failure_cause": {
      "title": "The healthcheck failure cause when status is DOWN", 
      "type": "string"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "required": true, 
      "title": "Pool member IP address"
    }, 
    "last_check_time": {
      "$ref": "EpochMsTimestamp, 
      "titile": "Timestamp when the monitor status was last checked"
    }, 
    "last_state_change_time": {
      "$ref": "EpochMsTimestamp, 
      "titile": "Timestamp when the monitor status was last changed"
    }, 
    "port": {
      "$ref": "PortElement, 
      "description": "The port is configured in pool member. For virtual server port range case, pool member port must be null.", 
      "title": "Pool member port"
    }, 
    "status": {
      "description": "UP means that pool member is enabled and monitors have marked the pool member as UP. If the pool member has no monitor configured, it would be treated as UP. DOWN means that pool member is enabled and monitors have marked the pool member as DOWN. DISABLED means that admin state of pool member is set to DISABLED. GRACEFUL_DISABLED means that admin state of pool member is set to GRACEFUL_DISABLED. UNUSED means that the pool member is not used when the IP list size of member group exceeds the maximum setting. The remaining IP addresses would not be used as available backend servers, hence mark the status as UNUSED.", 
      "enum": [
        "UP", 
        "DOWN", 
        "DISABLED", 
        "GRACEFUL_DISABLED", 
        "UNUSED"
      ], 
      "required": true, 
      "title": "Pool member status", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbPoolStatistics (type) 

{
  "id": "LbPoolStatistics", 
  "module_id": "AggSvcLb", 
  "properties": {
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "title": "Timestamp when the data was last updated"
    }, 
    "members": {
      "items": {
        "$ref": "LbPoolMemberStatistics
      }, 
      "title": "Statistics of load balancer pool members", 
      "type": "array"
    }, 
    "pool_id": {
      "required": true, 
      "title": "Load balancer pool identifier", 
      "type": "string"
    }, 
    "statistics": {
      "$ref": "LbStatisticsCounter, 
      "required": true, 
      "title": "Virtual server statistics counter"
    }
  }, 
  "type": "object"
}

LbPoolStatisticsListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LbPoolStatisticsListResult", 
  "module_id": "AggSvcLb", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LbPoolStatistics
      }, 
      "required": true, 
      "title": "paginated statistics list of pools", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbPoolStatus (type) 

{
  "id": "LbPoolStatus", 
  "module_id": "AggSvcLb", 
  "properties": {
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "title": "Timestamp when the data was last updated"
    }, 
    "members": {
      "items": {
        "$ref": "LbPoolMemberStatus
      }, 
      "title": "Status of load balancer pool members", 
      "type": "array"
    }, 
    "pool_id": {
      "required": true, 
      "title": "Load balancer pool identifier", 
      "type": "string"
    }, 
    "status": {
      "description": "UP means that all primary members are in UP status. PARTIALLY_UP means that some(not all) primary members are in UP status, the number of these active members is larger or equal to certain number(min_active_members) which is defined in LbPool. When there are no backup members which are in the UP status, the number(min_active_members) would be ignored. PRIMARY_DOWN means that less than certain(min_active_members) primary members are in UP status but backup members are in UP status, connections to this pool would be dispatched to backup members. DOWN means that all primary and backup members are DOWN. DETACHED means that the pool is not bound to any virtual server. UNKNOWN means that the pool is not associated to any enabled virtual servers, or no status reported from transport-nodes, the associated load balancer service may be working(or not working).", 
      "enum": [
        "UP", 
        "PARTIALLY_UP", 
        "PRIMARY_DOWN", 
        "DOWN", 
        "DETACHED", 
        "UNKNOWN"
      ], 
      "title": "Virtual server status", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbPoolStatusListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LbPoolStatusListResult", 
  "module_id": "AggSvcLb", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LbPoolStatus
      }, 
      "required": true, 
      "title": "paginated status list of pools", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbRule (type) 

{
  "description": "Load balancer rules allow customization of load balancing behavior using match/action rules. Currently, load balancer rules are supported for only layer 7 virtual servers with application profile LbHttpProfile. Each application rule consists of one or more match conditions and one or more actions. Load balancer rules could be used by different load balancer services.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "LbRule", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "actions": {
      "description": "A list of actions to be executed at specified phase when load balancer rule matches. The actions are used to manipulate application traffic, such as rewrite URI of HTTP messages, redirect HTTP messages, etc.", 
      "items": {
        "$ref": "LbRuleAction
      }, 
      "maxItems": 60, 
      "required": true, 
      "title": "Actions to be executed", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "match_conditions": {
      "description": "A list of match conditions used to match application traffic. Multiple match conditions can be specified in one load balancer rule, each match condition defines a criterion to match application traffic. If no match conditions are specified, then the load balancer rule will always match and it is used typically to define default rules. If more than one match condition is specified, then match strategy determines if all conditions should match or any one condition should match for the load balancer rule to considered a match.", 
      "items": {
        "$ref": "LbRuleCondition
      }, 
      "maxItems": 60, 
      "required": false, 
      "title": "Conditions to match application traffic", 
      "type": "array"
    }, 
    "match_strategy": {
      "description": "Strategy to define how load balancer rule is considered a match when multiple match conditions are specified in one rule. If match_stragety is set to ALL, then load balancer rule is considered a match only if all the conditions match. If match_strategy is set to ANY, then load balancer rule is considered a match if any one of the conditions match.", 
      "enum": [
        "ALL", 
        "ANY"
      ], 
      "required": true, 
      "title": "Strategy to match multiple conditions", 
      "type": "string"
    }, 
    "phase": {
      "description": "Each load balancer rule is used at a specific phase of load balancer processing. Currently three phases are supported, HTTP_REQUEST_REWRITE, HTTP_FORWARDING and HTTP_RESPONSE_REWRITE. When an HTTP request message is received by load balancer, all HTTP_REQUEST_REWRITE rules, if present are executed in the order they are applied to virtual server. And then if HTTP_FORWARDING rules present, only first matching rule's action is executed, remaining rules are not checked. HTTP_FORWARDING rules can have only one action. If the request is forwarded to a backend server and the response goes back to load balancer, all HTTP_RESPONSE_REWRITE rules, if present, are executed in the order they are applied to the virtual server.", 
      "enum": [
        "HTTP_REQUEST_REWRITE", 
        "HTTP_FORWARDING", 
        "HTTP_RESPONSE_REWRITE"
      ], 
      "required": true, 
      "title": "Load balancer processing phase", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Load balancer rules", 
  "type": "object"
}

LbRuleAction (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Load balancer rule actions are used to manipulate application traffic. Currently load balancer rules can be used at three load balancer processing phases. Each phase has its own supported type of actions. Supported actions in HTTP_REQUST_REWRITE phase are:   LbHttpRequestUriRewriteAction   LbHttpRequestHeaderRewriteAction   LbHttpRequestHeaderDeleteAction   LbVariableAssignmentAction Supported actions in HTTP_FORWARDING phase are:   LbHttpRejectAction   LbHttpRedirectAction   LbSelectPoolAction   LbVariablePersistenceOnAction Supported action in HTTP_RESPONSE_REWRITE phase is:   LbHttpResponseHeaderRewriteAction   LbHttpResponseHeaderDeleteAction   LbVariablePersistenceLearnAction  If the match type of an LbRuleCondition field is specified as REGEX and named capturing groups are used in the specified regular expression. The groups can be used as variables in LbRuleAction fields. For example, define a rule with LbHttpRequestUriCondition as match condition and LbHttpRequestUriRewriteAction as action. Set match_type field of LbHttpRequestUriCondition to REGEX, and set uri field to   \"/news/(?&lt;year&gt;\\d+)/(?&lt;month&gt;\\d+)/(?&lt;article&gt;.*)\". Set uri field of LbHttpRequestUriRewriteAction to:   \"/news/$year-$month/$article\" In uri field of LbHttpRequestUriCondition, the (?&lt;year&gt;\\d+), (?&lt;month&gt;\\d+) and (?&lt;article&gt;.*) are named capturing groups, they define variables named $year, $month and $article respectively. The defined variables are used in LbHttpRequestUriRewriteAction. For a matched HTTP request with URI \"/news/2017/06/xyz.html\", the substring \"2017\" is captured in variable $year, \"06\" is captured in variable $month, and \"xyz.html\" is captured in variable $article. The LbHttpRequestUriRewriteAction will rewrite the URI to:   \"/news/2017-06/xyz.html\" A set of built-in variables can be used in LbRuleAction as well. The name of built-in variables start with underscore, the name of user defined variables is not allowed to start with underscore. Following are some of the built-in variables:   $_scheme: Reference the scheme part of matched HTTP messages, could be \"http\" or \"https\".   $_host: Host of matched HTTP messages, for example \"www.example.com\".   $_server_port: Port part of URI, it is also the port of the server which accepted a request. Default port is 80 for http and 443 for https.   $_uri: The URI path, for example \"/products/sample.html\".   $_request_uri: Full original request URI with arguments, for example,     \"/products/sample.html?a=b&c=d\".   $_args: URI arguments, for instance \"a=b&c=d\"   $_is_args: \"?\" if a request has URI arguments, or an empty string otherwise. For the full list of built-in variables, please reference the NSX-T Administrator's Guide.", 
  "id": "LbRuleAction", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "type"
  }, 
  "properties": {
    "type": {
      "$ref": "LbRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Load balancer rule action", 
  "type": "object"
}

LbRuleActionType (type) 

{
  "additionalProperties": false, 
  "description": "LbRuleActionType is used to identify the action types used in load balancer rules.", 
  "enum": [
    "LbHttpRequestUriRewriteAction", 
    "LbHttpRequestHeaderRewriteAction", 
    "LbHttpRejectAction", 
    "LbHttpRedirectAction", 
    "LbSelectPoolAction", 
    "LbSelectServerAction", 
    "LbHttpResponseHeaderRewriteAction", 
    "LbHttpRequestHeaderDeleteAction", 
    "LbHttpResponseHeaderDeleteAction", 
    "LbVariableAssignmentAction", 
    "LbVariablePersistenceOnAction", 
    "LbVariablePersistenceLearnAction"
  ], 
  "id": "LbRuleActionType", 
  "module_id": "LoadBalancer", 
  "title": "Types of load balancer rule actions", 
  "type": "string"
}

LbRuleCondition (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Match conditions are used to match application traffic passing through load balancers. Multiple match conditions can be specified in one load balancer rule, each match condition defines a criterion for application traffic. If inverse field is set to true, the match result of the condition is inverted. If more than one match condition is specified, match strategy determines if all conditions should match or any one condition should match for the load balancer rule to be considered a match. Currently only HTTP messages are supported by load balancer rules. Each load balancer rule is used at a specific phase of load balancer processing. Currently three phases are supported, HTTP_REQUEST_REWRITE, HTTP_FORWARDING and HTTP_RESPONSE_REWRITE. Each phase supports certain types of match conditions, supported match conditions in HTTP_REQUEST_REWRITE phase are: LbHttpRequestMethodCondition LbHttpRequestUriCondition LbHttpRequestUriArgumentsCondition LbHttpRequestVersionCondition LbHttpRequestHeaderCondition LbHttpRequestCookieCondition LbHttpRequestBodyCondition LbTcpHeaderCondition LbIpHeaderCondition LbVariableCondition LbHttpSslCondition Supported match conditions in HTTP_FORWARDING phase are: LbHttpRequestMethodCondition LbHttpRequestUriCondition LbHttpRequestUriArgumentsCondition LbHttpRequestVersionCondition LbHttpRequestHeaderCondition LbHttpRequestCookieCondition LbHttpRequestBodyCondition LbTcpHeaderCondition LbIpHeaderCondition LbVariableCondition LbHttpSslCondition Supported match condition in HTTP_RESPONSE_REWRITE phase is: LbHttpResponseHeaderCondition LbHttpRequestMethodCondition LbHttpRequestUriCondition LbHttpRequestUriArgumentsCondition LbHttpRequestVersionCondition LbHttpRequestHeaderCondition LbHttpRequestCookieCondition LbTcpHeaderCondition LbIpHeaderCondition LbVariableCondition LbHttpSslCondition", 
  "id": "LbRuleCondition", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "type"
  }, 
  "properties": {
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "type": {
      "$ref": "LbRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Match condition of load balancer rule", 
  "type": "object"
}

LbRuleConditionType (type) 

{
  "additionalProperties": false, 
  "enum": [
    "LbHttpRequestMethodCondition", 
    "LbHttpRequestUriCondition", 
    "LbHttpRequestUriArgumentsCondition", 
    "LbHttpRequestVersionCondition", 
    "LbHttpRequestHeaderCondition", 
    "LbHttpRequestCookieCondition", 
    "LbHttpRequestBodyCondition", 
    "LbHttpResponseHeaderCondition", 
    "LbTcpHeaderCondition", 
    "LbIpHeaderCondition", 
    "LbVariableCondition", 
    "LbHttpSslCondition"
  ], 
  "id": "LbRuleConditionType", 
  "module_id": "LoadBalancer", 
  "title": "Type of load balancer rule match condition", 
  "type": "string"
}

LbRuleListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LbRuleListResult", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LbRule
      }, 
      "required": true, 
      "title": "paginated list of LB rules", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbRuleMatchType (type) 

{
  "additionalProperties": false, 
  "description": "LbRuleMatchType is used to determine how a specified string value is used to match a specified LbRuleCondition field. STARTS_WITH: If the LbRuleCondition field starts with specified string, the condition matches. The fields with this match type are specified as strings, not regular expressions. ENDS_WITH: If the LbRuleCondition field ends with specified string, the condition matches. The fields with this match type are specified as strings, not regular expressions. EQUALS: If the LbRuleCondition field is same as the specified string, the condition matches. The fields with this match type are specified as strings, not regular expressions. CONTAINS: If the LbRuleCondition field contains the specified string, the condition matches. The fields with this match type are specified as strings, not regular expressions. REGEX: If the LbRuleCondition field matches specified regular expression, the condition matches. The regular expressions in load balancer rules use the features common to both Java regular expressions and Perl Compatible Regular Expressions (PCREs) with some restrictions. Reference http://www.pcre.org for PCRE and the NSX-T Administrator's Guide for the restrictions. If named capturing groups are used in the regular expression, when a match succeeds, the substrings of the subject string that match named capturing groups are stored (captured) in variables with specific names which can be used in the fields of LbRuleAction which support variables. Named capturing group are defined in the format (?&lt;name&gt;subpattern), such as (?&lt;year&gt;\\d{4}). For example, in the regular expression: \"/news/(?&lt;year&gt;\\d+)/(?&lt;month&gt;\\d+)/(?&lt;article&gt;.*)\", for subject string \"/news/2017/06/xyz.html\", the substring \"2017\" is captured in variable year, \"06\" is captured in variable month, and \"xyz.html\" is captured in variable article. These variables can be used in LbRuleAction fields which support variables in form of $name, such as $year, $month, $article. Please note, when regular expressions are used in JSON(JavaScript Object Notation) string, every backslash character (\\) needs to be escaped by one additional backslash character.", 
  "enum": [
    "STARTS_WITH", 
    "ENDS_WITH", 
    "EQUALS", 
    "CONTAINS", 
    "REGEX"
  ], 
  "id": "LbRuleMatchType", 
  "module_id": "LoadBalancer", 
  "title": "Match type for LbRule conditions", 
  "type": "string"
}

LbSelectPoolAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to select a pool for matched HTTP request messages. The pool is specified by UUID. The matched HTTP request messages are forwarded to the specified pool.", 
  "extends": {
    "$ref": "LbRuleAction
  }, 
  "id": "LbSelectPoolAction", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbSelectPoolAction"
  }, 
  "properties": {
    "pool_id": {
      "required": true, 
      "title": "UUID of load balancer pool", 
      "type": "string"
    }, 
    "pool_name": {
      "readonly": true, 
      "title": "Display name of load balancer pool", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LbRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }
  }, 
  "title": "Action to select a pool for HTTP request messages", 
  "type": "object"
}

LbServerSslProfile (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbSslProfile
  }, 
  "id": "LbServerSslProfile", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "cipher_group_label": {
      "$ref": "SslCipherGroup, 
      "description": "It is a label of cipher group which is mostly consumed by GUI.", 
      "required": false, 
      "title": "Label of cipher group"
    }, 
    "ciphers": {
      "items": {
        "$ref": "SslCipher
      }, 
      "required": false, 
      "title": "supported SSL cipher list to client side", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_fips": {
      "description": "This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant.", 
      "readonly": true, 
      "title": "FIPS compliance of ciphers and protocols", 
      "type": "boolean"
    }, 
    "is_secure": {
      "description": "This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.", 
      "readonly": true, 
      "title": "Secure/Insecure SSL profile flag", 
      "type": "boolean"
    }, 
    "protocols": {
      "description": "SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.", 
      "items": {
        "$ref": "SslProtocol
      }, 
      "required": false, 
      "title": "supported SSL protocol list to client side", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "session_cache_enabled": {
      "default": true, 
      "description": "SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake.", 
      "required": false, 
      "title": "session cache enable/disable falg", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LbServerSslProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LbServerSslProfileListResult", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LbServerSslProfile
      }, 
      "required": true, 
      "title": "paginated list of load balancer server SSL profiles", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbService (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "LbService", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "access_log_enabled": {
      "default": false, 
      "deprecated": true, 
      "details": "This is a deprecated property, please use 'access_log_enabled' in\nLbVirtualServer. If both virtual server and load balancer service have\nthe setting, the setting in virtual server layer would override it and\ntake effect.\nIf access log is enabled, all HTTP requests sent to a L7 virtual server\nare logged to the access log file. L4 virtual server connections are\nnot currently logged to the access log.\n", 
      "required": false, 
      "title": "whether access log is enabled", 
      "type": "boolean"
    }, 
    "attachment": {
      "$ref": "ResourceReference, 
      "description": "LBS could be instantiated (or created) on the Logical router, etc. Typically, it could be applied to Tier1 LogicalRouter. It can be attached to Tier0 LogicalRouter either in non-multi-tenant environments or to provide load balancing for infrastructure services offered by the provider. If size is set to DLB for distribution, the attachment is optional. The supported attachment is NSGroup consisting of VIFs of that load balancer's clients. If the attachment is not specified and size is DLB, the associated load balancer settings are applied to all supported transport nodes.", 
      "required": false, 
      "title": "The target which is used to instantiate Lb service."
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "required": false, 
      "title": "whether the load balancer service is enabled", 
      "type": "boolean"
    }, 
    "error_log_level": {
      "$ref": "LbLogLevel, 
      "default": "INFO", 
      "description": "Load balancer engine writes information about encountered issues of different severity levels to the error log. This setting is used to define the severity level of the error log.", 
      "required": false, 
      "title": "Error log level of load balancer service"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "size": {
      "$ref": "LbServiceSize, 
      "default": "SMALL", 
      "required": false, 
      "title": "the size of load balancer service"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "virtual_server_ids": {
      "description": "virtual servers can be associated to LbService(which is similar to physical/virtual load balancer), Lb virtual servers, pools and other entities could be defined independently, the virtual server identifier list here would be used to maintain the relationship of LbService and other Lb entities.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "virtual server identifier list", 
      "type": "array"
    }
  }, 
  "search_dsl_name": [
    "lb service (advanced)"
  ], 
  "type": "object"
}

LbServiceDebugInfo (type) 

{
  "additionalProperties": false, 
  "description": "The information for a given load balancer service could be used for debugging and troubleshooting. It includes load balancer service, associated virtual servers, associated pools, associated profiles such as persistence, SSL, application, associated monitors and associated rules.", 
  "id": "LbServiceDebugInfo", 
  "module_id": "LoadBalancer", 
  "properties": {
    "application_profiles": {
      "description": "The application profiles are associated to virtual servers", 
      "items": {
        "$ref": "LbAppProfile
      }, 
      "readonly": true, 
      "title": "Associated load balancer application profile settings", 
      "type": "array"
    }, 
    "client_ssl_profiles": {
      "description": "The client SSL profiles are associated to virtual servers", 
      "items": {
        "$ref": "LbClientSslProfile
      }, 
      "readonly": true, 
      "title": "Associated load balancer client SSL profile settings", 
      "type": "array"
    }, 
    "monitors": {
      "description": "The load balancer monitors are associated to pools.", 
      "items": {
        "$ref": "LbMonitor
      }, 
      "readonly": true, 
      "title": "Associated load balancer monitor configurations", 
      "type": "array"
    }, 
    "persistence_profiles": {
      "description": "The persistence profiles are associated to virtual servers", 
      "items": {
        "$ref": "LbPersistenceProfile
      }, 
      "readonly": true, 
      "title": "Associated load balancer persistence profile settings", 
      "type": "array"
    }, 
    "pools": {
      "description": "The pools which are associated to the given load balancer service would be included. The pools could be defined in virtual server default pool, sorry pool or load balancer rule action.", 
      "items": {
        "$ref": "LbPool
      }, 
      "readonly": true, 
      "title": "Associated load balancer pool settings", 
      "type": "array"
    }, 
    "rules": {
      "description": "The load balancer rules are associated to virtual servers", 
      "items": {
        "$ref": "LbRule
      }, 
      "readonly": true, 
      "title": "Associated load balancer rule settings", 
      "type": "array"
    }, 
    "server_ssl_profiles": {
      "description": "The server SSL profiles are associated to virtual servers", 
      "items": {
        "$ref": "LbServerSslProfile
      }, 
      "readonly": true, 
      "title": "Associated load balancer server SSL profile settings", 
      "type": "array"
    }, 
    "service": {
      "$ref": "LbService, 
      "description": "Load balancer service setting for a given load balancer service identifier.", 
      "readonly": true, 
      "title": "Load balancer service setting"
    }, 
    "tcp_profiles": {
      "description": "The TCP profiles are associated to virtual servers", 
      "items": {
        "$ref": "LbTcpProfile
      }, 
      "readonly": true, 
      "title": "Associated load balancer TCP profile settings", 
      "type": "array"
    }, 
    "virtual_servers": {
      "description": "The virtual servers which are associated to the given load balancer service would be included.", 
      "items": {
        "$ref": "LbVirtualServer
      }, 
      "readonly": true, 
      "title": "Associated virtual server settings", 
      "type": "array"
    }
  }, 
  "title": "The debug information of the load balancer service", 
  "type": "object"
}

LbServiceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LbServiceListResult", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LbService
      }, 
      "required": true, 
      "title": "paginated list of load balancer services", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbServiceQueryRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "LbServiceQueryRequestParameters", 
  "module_id": "LoadBalancer", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "logical_router_id": {
      "description": "When logical_router_id is specified, the list load balancer API will return the load balancer services which are related to the given logical router.", 
      "title": "Logical router identifier", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Load balancer service list request parameters", 
  "type": "object"
}

LbServiceSize (type) 

{
  "additionalProperties": false, 
  "description": "Both distributed and centralized load balancer service are supported. For centralized load balancer service, to address varied customer performance and scalability requirements, different sizes for load balancer service are supported, LARGE, MEDIUM and SMALL, each with its own set of resource and performance specifications. For distributed load balancer service, the size is set to DLB.", 
  "enum": [
    "SMALL", 
    "MEDIUM", 
    "LARGE", 
    "DLB"
  ], 
  "id": "LbServiceSize", 
  "module_id": "LoadBalancer", 
  "title": "the size of load balancer service", 
  "type": "string"
}

LbServiceStatistics (type) 

{
  "id": "LbServiceStatistics", 
  "module_id": "AggSvcLb", 
  "properties": {
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "title": "Timestamp when the data was last updated"
    }, 
    "pools": {
      "items": {
        "$ref": "LbPoolStatistics
      }, 
      "title": "Statistics of load balancer pools", 
      "type": "array"
    }, 
    "service_id": {
      "required": true, 
      "title": "load balancer service identifier", 
      "type": "string"
    }, 
    "statistics": {
      "$ref": "LbServiceStatisticsCounter, 
      "title": "Load balancer service statistics counter"
    }, 
    "virtual_servers": {
      "items": {
        "$ref": "LbVirtualServerStatistics
      }, 
      "title": "Statistics of load balancer virtual servers", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LbServiceStatisticsCounter (type) 

{
  "id": "LbServiceStatisticsCounter", 
  "module_id": "AggSvcLb", 
  "properties": {
    "l4_current_session_rate": {
      "title": "The average number of l4 current sessions per second, the number is\naveraged over the last 5 one-second intervals.\n", 
      "type": "number"
    }, 
    "l4_current_sessions": {
      "title": "Number of l4 current sessions", 
      "type": "integer"
    }, 
    "l4_max_sessions": {
      "description": "L4 max sessions is used to show the peak L4 max session data since load balancer starts to provide service.", 
      "title": "Number of l4 maximum sessions", 
      "type": "integer"
    }, 
    "l4_total_sessions": {
      "title": "Number of l4 total sessions", 
      "type": "integer"
    }, 
    "l7_current_session_rate": {
      "title": "The average number of l7 current requests per second, the number is\naveraged over the last 5 one-second intervals.\n", 
      "type": "number"
    }, 
    "l7_current_sessions": {
      "title": "Number of l7 current sessions", 
      "type": "integer"
    }, 
    "l7_max_sessions": {
      "description": "L7 max sessions is used to show the peak L7 max session data since load balancer starts to provide service.", 
      "title": "Number of l7 maximum sessions", 
      "type": "integer"
    }, 
    "l7_total_sessions": {
      "title": "Number of l7 total sessions", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LbServiceStatus (type) 

{
  "id": "LbServiceStatus", 
  "module_id": "AggSvcLb", 
  "properties": {
    "active_transport_nodes": {
      "items": {
        "type": "string"
      }, 
      "title": "Ids of load balancer service related active transport nodes", 
      "type": "array"
    }, 
    "cpu_usage": {
      "title": "Cpu usage in percentage", 
      "type": "integer"
    }, 
    "error_message": {
      "title": "Error message, if available", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "title": "Timestamp when the data was last updated"
    }, 
    "memory_usage": {
      "title": "Memory usage in percentage", 
      "type": "integer"
    }, 
    "pools": {
      "items": {
        "$ref": "LbPoolStatus
      }, 
      "title": "status of load balancer pools", 
      "type": "array"
    }, 
    "service_id": {
      "required": true, 
      "title": "Load balancer service identifier", 
      "type": "string"
    }, 
    "service_status": {
      "description": "UP means the load balancer service is working fine on both transport-nodes(if have); DOWN means the load balancer service is down on both transport-nodes (if have), hence the load balancer will not respond to any requests; ERROR means error happens on transport-node(s) or no status is reported from transport-node(s). The load balancer service may be working (or not working); NO_STANDBY means load balancer service is working in one of the transport node while not in the other transport-node (if have). Hence if the load balancer service in the working transport-node goes down, the load balancer service will go down; DETACHED means that the load balancer service has no attachment setting and is not instantiated in any transport nodes; DISABLED means that admin state of load balancer service is DISABLED; UNKNOWN means that no status reported from transport-nodes.The load balancer service may be working(or not working).", 
      "enum": [
        "UP", 
        "DOWN", 
        "ERROR", 
        "NO_STANDBY", 
        "DETACHED", 
        "DISABLED", 
        "UNKNOWN"
      ], 
      "title": "Status of load balancer service", 
      "type": "string"
    }, 
    "standby_transport_nodes": {
      "items": {
        "type": "string"
      }, 
      "title": "Ids of load balancer service related standby transport nodes", 
      "type": "array"
    }, 
    "virtual_servers": {
      "items": {
        "$ref": "LbVirtualServerStatus
      }, 
      "title": "status of load balancer virtual servers", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LbServiceUsage (type) 

{
  "additionalProperties": false, 
  "description": "Describes the capacity and current usage of virtual servers, pools and pool members for the given load balancer service.", 
  "id": "LbServiceUsage", 
  "module_id": "LoadBalancer", 
  "properties": {
    "current_pool_count": {
      "description": "The current number of pools which has been configured in the given load balancer service.", 
      "readonly": true, 
      "title": "The current number of pools", 
      "type": "integer"
    }, 
    "current_pool_member_count": {
      "description": "The current number of pool members which has been configured in the given load balancer service.", 
      "readonly": true, 
      "title": "The current number of pool members", 
      "type": "integer"
    }, 
    "current_virtual_server_count": {
      "description": "The current number of virtual servers which has been configured in the given load balancer service.", 
      "readonly": true, 
      "title": "The current number of virtual servers", 
      "type": "integer"
    }, 
    "pool_capacity": {
      "description": "Pool capacity means maximum number of pools which could be configured in the given load balancer service.", 
      "readonly": true, 
      "title": "The capacity of pools", 
      "type": "integer"
    }, 
    "pool_member_capacity": {
      "description": "Pool member capacity means maximum number of pool members which could be configured in the given load balancer service.", 
      "readonly": true, 
      "title": "The capacity of pool members", 
      "type": "integer"
    }, 
    "service_id": {
      "readonly": true, 
      "title": "UUID of load balancer service", 
      "type": "string"
    }, 
    "service_size": {
      "$ref": "LbServiceSize, 
      "readonly": true, 
      "title": "The size of load balancer service"
    }, 
    "severity": {
      "$ref": "LbUsageSeverity, 
      "description": "The severity calculation is based on the largest usage percentage from virtual servers, pools and pool members for one load balancer service.", 
      "readonly": true, 
      "title": "LB usage severity"
    }, 
    "usage_percentage": {
      "description": "The usage percentage is the largest usage percentage from virtual servers, pools and pool members for the load balancer service.", 
      "readonly": true, 
      "title": "Usage percentage", 
      "type": "number"
    }, 
    "virtual_server_capacity": {
      "description": "Virtual server capacity means maximum number of virtual servers which could be configured in the given load balancer service.", 
      "readonly": true, 
      "title": "The capacity of virtual servers", 
      "type": "integer"
    }
  }, 
  "title": "The usage information of the load balancer service", 
  "type": "object"
}

LbSessionCookieTime (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbCookieTime
  }, 
  "id": "LbSessionCookieTime", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbSessionCookieTime"
  }, 
  "properties": {
    "cookie_max_idle": {
      "description": "Instead of using HTTP Cookie max-age and relying on client to expire the cookie, max idle time and/or max lifetime of the cookie can be used. Max idle time, if configured, specifies the maximum interval the cookie is valid for from the last time it was seen in a request. It is available for insert mode.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "session cookie max idle time in seconds", 
      "type": "integer"
    }, 
    "cookie_max_life": {
      "description": "Max life time, if configured, specifies the maximum interval the cookie is valid for from the first time the cookie was seen in a request. It is available for insert mode.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "session cookie max lifetime in seconds", 
      "type": "integer"
    }, 
    "type": {
      "$ref": "CookieTimeType, 
      "required": true
    }
  }, 
  "type": "object"
}

LbSnatAutoMap (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbSnatTranslation
  }, 
  "id": "LbSnatAutoMap", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbSnatAutoMap"
  }, 
  "properties": {
    "port_overload": {
      "default": 32, 
      "deprecated": true, 
      "description": "Both SNAT automap and SNAT IP list modes support port overloading which allows the same SNAT IP and port to be used for multiple backend connections as long as the tuple (source IP, source port, destination IP, destination port, IP protocol) after SNAT is performed is unique. The valid number is 1, 2, 4, 8, 16, 32. This is a deprecated property. The port overload factor is fixed to 32 in load balancer engine. If it is upgraded from an old version, the value would be changed to 32 automatically.", 
      "maximum": 32, 
      "minimum": 1, 
      "required": false, 
      "title": "port overloading with same SNAT IP and port", 
      "type": "integer"
    }, 
    "type": {
      "$ref": "SnatTranslationType, 
      "required": true
    }
  }, 
  "type": "object"
}

LbSnatIpElement (type) 

{
  "id": "LbSnatIpElement", 
  "module_id": "LoadBalancer", 
  "properties": {
    "ip_address": {
      "$ref": "IPElement, 
      "required": true, 
      "title": "Ip address or ip range such as 1.1.1.1 or 1.1.1.101-1.1.1.160"
    }, 
    "prefix_length": {
      "description": "Subnet prefix length should be not specified if there is only one single IP address or IP range.", 
      "required": false, 
      "title": "subnet prefix length", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LbSnatIpPool (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbSnatTranslation
  }, 
  "id": "LbSnatIpPool", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbSnatIpPool"
  }, 
  "properties": {
    "ip_addresses": {
      "description": "If an IP range is specified, the range may contain no more than 64 IP addresses.", 
      "items": {
        "$ref": "LbSnatIpElement
      }, 
      "maxItems": 64, 
      "required": true, 
      "title": "List of Ip address or ip range", 
      "type": "array"
    }, 
    "port_overload": {
      "default": 32, 
      "deprecated": true, 
      "description": "Both SNAT automap and SNAT IP list modes support port overloading which allows the same SNAT IP and port to be used for multiple backend connections as long as the tuple (source IP, source port, destination IP, destination port, IP protocol) after SNAT is performed is unique. The valid number is 1, 2, 4, 8, 16, 32. This is a deprecated property. The port overload factor is fixed to 32 in load balancer engine. If it is upgraded from an old version, the value would be changed to 32 automatically.", 
      "maximum": 32, 
      "minimum": 1, 
      "required": false, 
      "title": "port overloading with same SNAT IP and port", 
      "type": "integer"
    }, 
    "type": {
      "$ref": "SnatTranslationType, 
      "required": true
    }
  }, 
  "type": "object"
}

LbSnatTranslation (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "id": "LbSnatTranslation", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "type"
  }, 
  "properties": {
    "port_overload": {
      "default": 32, 
      "deprecated": true, 
      "description": "Both SNAT automap and SNAT IP list modes support port overloading which allows the same SNAT IP and port to be used for multiple backend connections as long as the tuple (source IP, source port, destination IP, destination port, IP protocol) after SNAT is performed is unique. The valid number is 1, 2, 4, 8, 16, 32. This is a deprecated property. The port overload factor is fixed to 32 in load balancer engine. If it is upgraded from an old version, the value would be changed to 32 automatically.", 
      "maximum": 32, 
      "minimum": 1, 
      "required": false, 
      "title": "port overloading with same SNAT IP and port", 
      "type": "integer"
    }, 
    "type": {
      "$ref": "SnatTranslationType, 
      "required": true
    }
  }, 
  "type": "object"
}

LbSourceIpPersistenceProfile (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbPersistenceProfile
  }, 
  "id": "LbSourceIpPersistenceProfile", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbSourceIpPersistenceProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "ha_persistence_mirroring_enabled": {
      "default": false, 
      "description": "Persistence entries are not synchronized to the HA peer by default.", 
      "required": false, 
      "title": "mirroring enabled flag to synchronize persistence entries", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "persistence_shared": {
      "default": false, 
      "description": "The persistence shared flag identifies whether the persistence table is shared among virtual-servers referring this profile. If persistence shared flag is not set in the cookie persistence profile bound to a virtual server, it defaults to cookie persistence that is private to each virtual server and is qualified by the pool. This is accomplished by load balancer inserting a cookie with name in the format &lt;name&gt;.&lt;virtual_server_id&gt;.&lt;pool_id&gt;. If persistence shared flag is set in the cookie persistence profile, in cookie insert mode, cookie persistence could be shared across multiple virtual servers that are bound to the same pools. The cookie name would be changed to &lt;name&gt;.&lt;profile-id&gt;.&lt;pool-id&gt;. If persistence shared flag is not set in the sourceIp persistence profile bound to a virtual server, each virtual server that the profile is bound to maintains its own private persistence table. If persistence shared flag is set in the sourceIp persistence profile, all virtual servers the profile is bound to share the same persistence table. If persistence shared flag is not set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using both virtual server ID and profile ID. If persistence shared flag is set in the generic persistence profile, the persistence entries are matched and stored in the table which is identified using profile ID. It means that virtual servers which consume the same profile in the LbRule with this flag enabled are sharing the same persistence table.", 
      "required": false, 
      "title": "Persistence shared flag", 
      "type": "boolean"
    }, 
    "purge": {
      "$ref": "SourceIpPersistencePurge, 
      "default": "FULL", 
      "required": false, 
      "title": "persistence purge setting"
    }, 
    "resource_type": {
      "$ref": "PersistenceProfileType, 
      "description": "The resource_type property identifies persistence profile type.", 
      "required": true, 
      "title": "Persistence profile type"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 300, 
      "description": "When all connections complete (reference count reaches 0), persistence entry timer is started with the expiration time.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "persistence entry expiration time in seconds", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LbSslCipherAndProtocolListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LbSslCipherAndProtocolListResult", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "ciphers": {
      "items": {
        "$ref": "LbSslCipherInfo
      }, 
      "required": true, 
      "title": "List of SSL ciphers", 
      "type": "array"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "protocols": {
      "items": {
        "$ref": "LbSslProtocolInfo
      }, 
      "required": true, 
      "title": "List of SSL protocols", 
      "type": "array"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbSslCipherInfo (type) 

{
  "additionalProperties": false, 
  "id": "LbSslCipherInfo", 
  "module_id": "LoadBalancer", 
  "properties": {
    "cipher": {
      "$ref": "SslCipher, 
      "required": true, 
      "title": "SSL cipher"
    }, 
    "cipher_group_labels": {
      "description": "Several cipher groups might contain the same cipher suite, each cipher suite could have multiple cipher group labels.", 
      "items": {
        "$ref": "SslCipherGroup
      }, 
      "title": "Cipher group label list", 
      "type": "array"
    }, 
    "is_default": {
      "required": true, 
      "title": "Default SSL cipher flag", 
      "type": "boolean"
    }, 
    "is_secure": {
      "required": true, 
      "title": "Secure/insecure SSL cipher flag", 
      "type": "boolean"
    }
  }, 
  "title": "SSL cipher", 
  "type": "object"
}

LbSslProfile (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "LbSslProfile", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Load balancer abstract SSL profile", 
  "type": "object"
}

LbSslProtocolInfo (type) 

{
  "additionalProperties": false, 
  "id": "LbSslProtocolInfo", 
  "module_id": "LoadBalancer", 
  "properties": {
    "is_default": {
      "required": true, 
      "title": "Default SSL protocol flag", 
      "type": "boolean"
    }, 
    "is_secure": {
      "required": true, 
      "title": "Secure/insecure SSL protocol flag", 
      "type": "boolean"
    }, 
    "protocol": {
      "$ref": "SslProtocol, 
      "required": true, 
      "title": "SSL protocol"
    }
  }, 
  "title": "SSL protocol", 
  "type": "object"
}

LbSslSessionReusedType (type) 

{
  "additionalProperties": false, 
  "enum": [
    "IGNORE", 
    "REUSED", 
    "NEW"
  ], 
  "id": "LbSslSessionReusedType", 
  "module_id": "LoadBalancer", 
  "title": "Type of SSL session reused", 
  "type": "string"
}

LbStatisticsCounter (type) 

{
  "id": "LbStatisticsCounter", 
  "module_id": "AggSvcLb", 
  "properties": {
    "bytes_in": {
      "required": true, 
      "title": "Number of bytes in", 
      "type": "integer"
    }, 
    "bytes_in_rate": {
      "title": "The average number of inbound bytes per second, the number is\naveraged over the last 5 one-second intervals.\n", 
      "type": "number"
    }, 
    "bytes_out": {
      "required": true, 
      "title": "Number of bytes out", 
      "type": "integer"
    }, 
    "bytes_out_rate": {
      "title": "The average number of outbound bytes per second, the number is\naveraged over the last 5 one-second intervals.\n", 
      "type": "number"
    }, 
    "current_session_rate": {
      "title": "The average number of current sessions per second, the number is\naveraged over the last 5 one-second intervals.\n", 
      "type": "number"
    }, 
    "current_sessions": {
      "required": true, 
      "title": "Number of current sessions", 
      "type": "integer"
    }, 
    "http_request_rate": {
      "title": "The average number of http requests per second, the number is\naveraged over the last 5 one-second intervals.\n", 
      "type": "number"
    }, 
    "http_requests": {
      "title": "The total number of http requests.", 
      "type": "integer"
    }, 
    "max_sessions": {
      "required": true, 
      "title": "Number of maximum sessions", 
      "type": "integer"
    }, 
    "packets_in": {
      "title": "Number of packets in", 
      "type": "integer"
    }, 
    "packets_in_rate": {
      "title": "The average number of inbound packets per second, the number is\naveraged over the last 5 one-second intervals.\n", 
      "type": "number"
    }, 
    "packets_out": {
      "title": "Number of packets out", 
      "type": "integer"
    }, 
    "packets_out_rate": {
      "title": "The average number of outbound packets per second, the number is\naveraged over the last 5 one-second intervals.\n", 
      "type": "number"
    }, 
    "source_ip_persistence_entry_size": {
      "title": "Number of source IP persistence entries", 
      "type": "integer"
    }, 
    "total_sessions": {
      "required": true, 
      "title": "Number of total sessions", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LbTcpHeaderCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match TCP header fields of HTTP messages. Currently, only the TCP source port is supported. Ports can be expressed as a single port number like 80, or a port range like 1024-1030.", 
  "extends": {
    "$ref": "LbRuleCondition
  }, 
  "id": "LbTcpHeaderCondition", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbTcpHeaderCondition"
  }, 
  "properties": {
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "source_port": {
      "$ref": "PortElement, 
      "required": true, 
      "title": "TCP source port of HTTP message"
    }, 
    "type": {
      "$ref": "LbRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }
  }, 
  "title": "Condition to match TCP header fields", 
  "type": "object"
}

LbTcpMonitor (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbActiveMonitor
  }, 
  "id": "LbTcpMonitor", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbTcpMonitor"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "num of consecutive checks must fail before marking it down", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "the frequency at which the system issues the monitor check (in second)", 
      "type": "integer"
    }, 
    "monitor_port": {
      "$ref": "PortElement, 
      "description": "If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.", 
      "required": false, 
      "title": "port which is used for healthcheck"
    }, 
    "receive": {
      "description": "Expected data, if specified, can be anywhere in the response and it has to be a string, regular expressions are not supported.", 
      "required": false, 
      "title": "expected data received from server", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "MonitorType, 
      "required": true
    }, 
    "rise_count": {
      "default": 3, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "num of consecutive checks must pass before marking it up", 
      "type": "integer"
    }, 
    "send": {
      "description": "If both send and receive are not specified, then just a TCP connection is established (3-way handshake) to validate server is healthy, no data is sent.", 
      "required": false, 
      "title": "data to send", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "the number of seconds the target has in which to respond to the monitor\nrequest\n", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LbTcpProfile (type) 

{
  "additionalProperties": false, 
  "description": "TCP profile allows customization of TCP stack behavior for each application. As TCP connections are terminated (or initiated) on the load balancer only for L7 virtual servers, TCP profiles are applicable only to them. As the desired TCP characteristics (e.g. Rx/Tx buffers) may be different for client (typically on WAN) and server (typically on LAN) sides, two separate profiles can be bound to virtual server, one for client-side (LbVirtualServer.client_tcp_profile_id) and another for server-side (LbVirtualServer.server_tcp_profile_id).", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "LbTcpProfile", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fin_wait2_timeout": {
      "description": "If the field is not specified, the load balancer will use the default setting per load balancer service flavor.", 
      "maximum": 2147483647, 
      "minimum": 0, 
      "required": false, 
      "title": "Sets how long TCP connections in FIN_WAIT2 state are kept.", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "max_syn_retransmissions": {
      "description": "If the field is not specified, the load balancer will use the default setting per load balancer service flavor.", 
      "maximum": 127, 
      "minimum": 1, 
      "required": false, 
      "title": "Sets the max number of times TCP SYN is retransmitted before failing an\nattempt to connect.\n", 
      "type": "integer"
    }, 
    "nagle_algorithm_enabled": {
      "default": true, 
      "required": false, 
      "title": "Setting this option to enable or disable Nagle's algorithm.", 
      "type": "boolean"
    }, 
    "receive_window_size": {
      "description": "If the field is not specified, the load balancer will use the default setting per load balancer service flavor.", 
      "maximum": 2147483647, 
      "minimum": 1024, 
      "required": false, 
      "title": "Sets max TCP receive buffer, specified in bytes.", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transmit_window_size": {
      "description": "If the field is not specified, the load balancer will use the default setting per load balancer service flavor.", 
      "maximum": 2147483647, 
      "minimum": 2048, 
      "required": false, 
      "title": "Sets max TCP transmit buffer, specified in bytes.", 
      "type": "integer"
    }
  }, 
  "title": "TCP profile allows customization of TCP stack behavior.", 
  "type": "object"
}

LbTcpProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LbTcpProfileListResult", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LbTcpProfile
      }, 
      "required": true, 
      "title": "Paginated list of load balancer TCP profiles", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbUdpMonitor (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LbActiveMonitor
  }, 
  "id": "LbUdpMonitor", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbUdpMonitor"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "num of consecutive checks must fail before marking it down", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "the frequency at which the system issues the monitor check (in second)", 
      "type": "integer"
    }, 
    "monitor_port": {
      "$ref": "PortElement, 
      "description": "If the monitor port is specified, it would override pool member port setting for healthcheck. A port range is not supported. For ICMP monitor, monitor_port is not required.", 
      "required": false, 
      "title": "port which is used for healthcheck"
    }, 
    "receive": {
      "description": "Expected data, can be anywhere in the response and it has to be a string, regular expressions are not supported. UDP healthcheck is considered failed if there is no server response within the timeout period.", 
      "required": true, 
      "title": "expected data received from server", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "MonitorType, 
      "required": true
    }, 
    "rise_count": {
      "default": 3, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "num of consecutive checks must pass before marking it up", 
      "type": "integer"
    }, 
    "send": {
      "description": "The data to be sent to the monitored server.", 
      "required": true, 
      "title": "data to send", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "the number of seconds the target has in which to respond to the monitor\nrequest\n", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LbUsageSeverity (type) 

{
  "additionalProperties": false, 
  "description": "Severity is calculated from usage percentage: GREEN means the current usage percentage is less than 60%. ORANGE means the current usage percentage is less than 80% and larger than or equal to 60%. RED means the current usage percentage is larger than or equal to 80%.", 
  "enum": [
    "GREEN", 
    "ORANGE", 
    "RED"
  ], 
  "id": "LbUsageSeverity", 
  "module_id": "LoadBalancer", 
  "title": "Load balancer usage severity", 
  "type": "string"
}

LbVariableAssignmentAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is used to create a new variable and assign value to it. One action can be used to create one variable. To create multiple variables, multiple actions must be defined. The variables can be used by LbVariableCondition, etc.", 
  "extends": {
    "$ref": "LbRuleAction
  }, 
  "id": "LbVariableAssignmentAction", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbVariableAssignmentAction"
  }, 
  "properties": {
    "type": {
      "$ref": "LbRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }, 
    "variable_name": {
      "required": true, 
      "title": "Name of the variable to be assigned", 
      "type": "string"
    }, 
    "variable_value": {
      "required": true, 
      "title": "Value of variable", 
      "type": "string"
    }
  }, 
  "title": "Action to create variable and assign value to it.", 
  "type": "object"
}

LbVariableCondition (type) 

{
  "additionalProperties": false, 
  "description": "This condition is used to match variable's name and value at all phases. The variables could be captured from REGEX or assigned by LbVariableAssignmentAction or system embedded variable. Varialbe_name and variable_value should be matched at the same time.", 
  "extends": {
    "$ref": "LbRuleCondition
  }, 
  "id": "LbVariableCondition", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbVariableCondition"
  }, 
  "properties": {
    "case_sensitive": {
      "default": true, 
      "description": "If true, case is significant when comparing variable value.", 
      "required": false, 
      "title": "A case sensitive flag for variable value comparing", 
      "type": "boolean"
    }, 
    "inverse": {
      "default": false, 
      "required": false, 
      "title": "A flag to indicate whether reverse the match result of this condition", 
      "type": "boolean"
    }, 
    "match_type": {
      "$ref": "LbRuleMatchType, 
      "default": "REGEX", 
      "required": false, 
      "title": "Match type of variable value"
    }, 
    "type": {
      "$ref": "LbRuleConditionType, 
      "required": true, 
      "title": "Type of load balancer rule condition"
    }, 
    "variable_name": {
      "required": true, 
      "title": "Name of the variable to be matched", 
      "type": "string"
    }, 
    "variable_value": {
      "required": true, 
      "title": "Value of variable to be matched", 
      "type": "string"
    }
  }, 
  "title": "Condition to match IP header fields", 
  "type": "object"
}

LbVariablePersistenceLearnAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is performed in HTTP response rewrite phase. It is used to learn the value of variable from the HTTP response, and insert an entry into the persistence table if the entry doesn't exist.", 
  "extends": {
    "$ref": "LbRuleAction
  }, 
  "id": "LbVariablePersistenceLearnAction", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbVariablePersistenceLearnAction"
  }, 
  "properties": {
    "persistence_profile_id": {
      "description": "If the persistence profile UUID is not specified, a default persistence table is created per virtual server. Currently, only LbGenericPersistenceProfile is supported.", 
      "required": false, 
      "title": "UUID of LbPersistenceProfile", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LbRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }, 
    "variable_hash_enabled": {
      "default": false, 
      "description": "The property is used to enable a hash operation for variable value when composing the persistence key.", 
      "required": false, 
      "title": "Whether to enable a hash operation for variable value", 
      "type": "boolean"
    }, 
    "variable_name": {
      "description": "The property is the name of variable to be learnt. It is used to identify which variable's value is learnt from HTTP response. The variable can be a system embedded variable such as \"_cookie_JSESSIONID\", a customized variable defined in LbVariableAssignmentAction or a captured variable in regular expression such as \"article\".", 
      "required": true, 
      "title": "Variable name", 
      "type": "string"
    }
  }, 
  "title": "Action to learn the variable value", 
  "type": "object"
}

LbVariablePersistenceOnAction (type) 

{
  "additionalProperties": false, 
  "description": "This action is performed in HTTP forwarding phase. It is used to inspect the variable of HTTP request, and look up the persistence entry with its value and pool uuid as key. If the persistence entry is found, the HTTP request is forwarded to the recorded backend server according to the persistence entry. If the persistence entry is not found, a new entry is created in the table after backend server is selected.", 
  "extends": {
    "$ref": "LbRuleAction
  }, 
  "id": "LbVariablePersistenceOnAction", 
  "module_id": "LoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LbVariablePersistenceOnAction"
  }, 
  "properties": {
    "persistence_profile_id": {
      "description": "If the persistence profile UUID is not specified, a default persistence table is created per virtual server. Currently, only LbGenericPersistenceProfile is supported.", 
      "required": false, 
      "title": "UUID of LbPersistenceProfile", 
      "type": "string"
    }, 
    "type": {
      "$ref": "LbRuleActionType, 
      "description": "The property identifies the load balancer rule action type.", 
      "required": true, 
      "title": "Type of load balancer rule action"
    }, 
    "variable_hash_enabled": {
      "default": false, 
      "description": "The property is used to enable a hash operation for variable value when composing the persistence key.", 
      "required": false, 
      "title": "Whether to enable a hash operation for variable value", 
      "type": "boolean"
    }, 
    "variable_name": {
      "description": "The property is the name of variable to be used. It specifies which variable's value of a HTTP Request will be used in the key of persistence entry. The variable can be a system embedded variable such as \"_cookie_JSESSIONID\", a customized variable defined in LbVariableAssignmentAction or a captured variable in regular expression such as \"article\".", 
      "required": true, 
      "title": "Variable name", 
      "type": "string"
    }
  }, 
  "title": "Action to persist the variable value", 
  "type": "object"
}

LbVirtualServer (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "LbVirtualServer", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "access_log_enabled": {
      "default": false, 
      "details": "If access log is enabled, all HTTP requests sent to L7 virtual server\nare logged to the access log file. L4 virtual server connections are\nnot currently logged to the access log.\n", 
      "required": false, 
      "title": "Whether access log is enabled", 
      "type": "boolean"
    }, 
    "application_profile_id": {
      "description": "The application profile defines the application protocol characteristics. It is used to influence how load balancing is performed. Currently, LbFastTCPProfile, LbFastUDPProfile and LbHttpProfile, etc are supported.", 
      "required": true, 
      "title": "application profile identifier", 
      "type": "string"
    }, 
    "client_ssl_profile_binding": {
      "$ref": "ClientSslProfileBinding, 
      "description": "The setting is used when load balancer acts as an SSL server and terminating the client SSL connection", 
      "required": false, 
      "title": "Virtual server side SSL binding setting"
    }, 
    "client_tcp_profile_id": {
      "description": "Only L7 virtual server could be configured with customized client side TCP profile.", 
      "title": "Identifier of client side TCP profile", 
      "type": "string"
    }, 
    "default_pool_member_port": {
      "$ref": "PortElement, 
      "deprecated": true, 
      "description": "This is a deprecated property, please use 'default_pool_member_ports' instead. If default_pool_member_port is configured and default_pool_member_ports are not specified, both default_pool_member_port and default_pool_member_ports in response payload would return the same port value. If both are specified, default_pool_member_ports setting would take effect with higher priority.", 
      "required": false, 
      "title": "Default pool member port when member port is not defined."
    }, 
    "default_pool_member_ports": {
      "description": "If default_pool_member_ports are configured, both default_pool_member_port and default_pool_member_ports in the response payload would include port settings, notice that the value of default_pool_member_port is the first element of default_pool_member_ports.", 
      "items": {
        "$ref": "PortElement
      }, 
      "maxItems": 14, 
      "required": false, 
      "title": "Default pool member ports when member port is not defined.", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "required": false, 
      "title": "whether the virtual server is enabled", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "required": true, 
      "title": "virtual server IP address"
    }, 
    "ip_protocol": {
      "$ref": "VirtualServerIpProtocol, 
      "default": "TCP", 
      "description": "Assigned Internet Protocol in IP header, TCP, UDP are supported.", 
      "required": false, 
      "title": "virtual server IP protocol"
    }, 
    "max_concurrent_connections": {
      "description": "To ensure one virtual server does not over consume resources, affecting other applications hosted on the same LBS, connections to a virtual server can be capped. If it is not specified, it means that connections are unlimited.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "maximum concurrent connection number", 
      "type": "integer"
    }, 
    "max_new_connection_rate": {
      "description": "To ensure one virtual server does not over consume resources, connections to a member can be rate limited. If it is not specified, it means that connection rate is unlimited.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "maximum new connection rate in second", 
      "type": "integer"
    }, 
    "persistence_profile_id": {
      "description": "Persistence profile is used to allow related client connections to be sent to the same backend server.", 
      "required": false, 
      "title": "persistence profile identifier", 
      "type": "string"
    }, 
    "pool_id": {
      "description": "The server pool(LbPool) contains backend servers. Server pool consists of one or more servers, also referred to as pool members, that are similarly configured and are running the same application.", 
      "required": false, 
      "title": "default server pool identifier", 
      "type": "string"
    }, 
    "port": {
      "$ref": "PortElement, 
      "deprecated": true, 
      "description": "This is a deprecated property, please use 'ports' instead. Port setting could be single port for both L7 mode and L4 mode. For L4 mode, a single port range is also supported. The port setting could be a single port or port range such as \"80\", \"1234-1236\". If port is configured and ports are not specified, both port and ports in response payload would return the same port value. If both port and ports are configured, ports setting would take effect with higher priority.", 
      "required": false, 
      "title": "Virtual server port number or port range"
    }, 
    "ports": {
      "description": "Port setting could be a single port for both L7 mode and L4 mode. For L4 mode, multiple ports or port ranges are also supported such as \"80\", \"443\", \"1234-1236\". If ports is configured, both port and ports in the response payload would include port settings, notice that the port field value is the first element of ports.", 
      "items": {
        "$ref": "PortElement
      }, 
      "maxItems": 14, 
      "required": false, 
      "title": "Virtual server ports or port ranges", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rule_ids": {
      "description": "Load balancer rules allow customization of load balancing behavior using match/action rules. Currently, load balancer rules are supported for only layer 7 virtual servers with LbHttpProfile.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 512, 
      "required": false, 
      "title": "List of load balancer rule identifiers", 
      "type": "array"
    }, 
    "server_ssl_profile_binding": {
      "$ref": "ServerSslProfileBinding, 
      "description": "The setting is used when load balancer acts as an SSL client and establishing a connection to the backend server.", 
      "required": false, 
      "title": "Pool side SSL binding setting"
    }, 
    "server_tcp_profile_id": {
      "description": "Only L7 virtual server could be configured with customized server side TCP profile.", 
      "title": "Identifier of server side TCP profile", 
      "type": "string"
    }, 
    "sorry_pool_id": {
      "description": "When load balancer can not select a backend server to serve the request in default pool or pool in rules, the request would be served by sorry server pool.", 
      "required": false, 
      "title": "Identifier of sorry server pool", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "search_dsl_name": [
    "lb virtual server (advanced)"
  ], 
  "type": "object"
}

LbVirtualServerDeleteParameters (type) 

{
  "additionalProperties": false, 
  "id": "LbVirtualServerDeleteParameters", 
  "module_id": "LoadBalancer", 
  "properties": {
    "delete_associated_rules": {
      "default": false, 
      "description": "If this is set to true, the associated rules are also deleted when virtual server is deleted if the rules are not used by other virtual servers.", 
      "required": false, 
      "title": "Delete associated rules", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

LbVirtualServerListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LbVirtualServerListResult", 
  "module_id": "LoadBalancer", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LbVirtualServer
      }, 
      "required": true, 
      "title": "paginated list of virtual servers", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbVirtualServerStatistics (type) 

{
  "id": "LbVirtualServerStatistics", 
  "module_id": "AggSvcLb", 
  "properties": {
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "title": "Timestamp when the data was last updated"
    }, 
    "statistics": {
      "$ref": "LbStatisticsCounter, 
      "required": true, 
      "title": "Virtual server statistics counter"
    }, 
    "virtual_server_id": {
      "required": true, 
      "title": "load balancer virtual server identifier", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbVirtualServerStatisticsListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LbVirtualServerStatisticsListResult", 
  "module_id": "AggSvcLb", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LbVirtualServerStatistics
      }, 
      "required": true, 
      "title": "paginated statistics list of virtual servers", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbVirtualServerStatus (type) 

{
  "id": "LbVirtualServerStatus", 
  "module_id": "AggSvcLb", 
  "properties": {
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "title": "Timestamp when the data was last updated."
    }, 
    "status": {
      "description": "UP means that all primary members in default pool are in UP status. For L7 virtual server, if there is no default pool, the virtual server would be treated as UP. PARTIALLY_UP means that some(not all) primary members in default pool are in UP status. The size of these active primary members should be larger than or equal to the certain number(min_active_members) which is defined in LbPool. When there are no backup members which are in the UP status, the number(min_active_members) would be ignored. PRIMARY_DOWN means that less than certain(min_active_members) primary members in default pool are in UP status but backup members are in UP status, the connections would be dispatched to backup members. DOWN means that all primary and backup members are in DOWN status. DETACHED means that the virtual server is not bound to any service. DISABLED means that the admin state of the virtual server is disabled. UNKNOWN means that no status reported from transport-nodes. The associated load balancer service may be working(or not working).", 
      "enum": [
        "UP", 
        "PARTIALLY_UP", 
        "PRIMARY_DOWN", 
        "DOWN", 
        "DETACHED", 
        "DISABLED", 
        "UNKNOWN"
      ], 
      "title": "Virtual server status", 
      "type": "string"
    }, 
    "virtual_server_id": {
      "required": true, 
      "title": "load balancer virtual server identifier", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbVirtualServerStatusListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LbVirtualServerStatusListResult", 
  "module_id": "AggSvcLb", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LbVirtualServerStatus
      }, 
      "required": true, 
      "title": "paginated status list of virtual servers", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LbVirtualServerWithRule (type) 

{
  "additionalProperties": false, 
  "id": "LbVirtualServerWithRule", 
  "module_id": "LoadBalancer", 
  "properties": {
    "rules": {
      "description": "It is used to add rules, update rules and bind rules to the virtual server. To add new rules, make sure that the rules have no identifier specified, the new rules are automatically generated and associated to the virtual server. If the virtual server need to consume some existed rules without change, those rules should not be specified in the list, otherwise, the rules are updated. For update_with_rules action, it supports rules delete and update. To delete old rules, the rules should not be configured in new action, the UUID of deleted rules should be removed from rule_ids. To update rules, the rules should be specified with new change and configured with identifier. If there are some rules which are not modified, those rule should not be specified in the rules list, the UUID list of rules should be specified in rule_ids of LbVirtualServer.", 
      "items": {
        "$ref": "LbRule
      }, 
      "title": "Associated load balancer rules", 
      "type": "array"
    }, 
    "virtual_server": {
      "$ref": "LbVirtualServer, 
      "description": "If rules need to be associated to the virtual server, please set rules properties of LbVirtualServerWithRule with rule list configuration. For the rules which are not modified but associated to the virtual server, the rule UUID list should be specified in rule_ids property of LbVirtualServer and the associated rules should not be specified in rules of LbVirtualServerWithRule.", 
      "required": true, 
      "title": "Virtual server configuration"
    }
  }, 
  "type": "object"
}

Legend (type) 

{
  "additionalProperties": false, 
  "description": "Represents legend that describes the entities of the widget.", 
  "id": "Legend", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "alignment": {
      "default": "VERTICAL", 
      "description": "Describes the alignment of legend. Alignment of a legend denotes how individual items of the legend are aligned in a container. For example, if VERTICAL is chosen then the items of the legend will appear one below the other and if HORIZONTAL is chosen then the items will appear side by side.", 
      "enum": [
        "HORIZONTAL", 
        "VERTICAL"
      ], 
      "title": "Alignment of the legend", 
      "type": "string"
    }, 
    "display_count": {
      "default": true, 
      "description": "If set to true, it will display the counts in legend. If set to false, counts of entities are not displayed in the legend.", 
      "title": "Show count of entities in the legend", 
      "type": "boolean"
    }, 
    "position": {
      "default": "RIGHT", 
      "description": "Describes the relative placement of legend. The legend of a widget can be placed either to the TOP or BOTTOM or LEFT or RIGHT relative to the widget. For example, if RIGHT is chosen then legend is placed to the right of the widget.", 
      "enum": [
        "TOP", 
        "BOTTOM", 
        "LEFT", 
        "RIGHT", 
        "TOP_RIGHT"
      ], 
      "title": "Placement of legend", 
      "type": "string"
    }, 
    "type": {
      "default": "CIRCLE", 
      "description": "Describes the render type for the legend. The legend for an entity describes the entity in the widget. The supported legend type is a circle against which the entity's details such as display_name are shown. The color of the circle denotes the color of the entity shown inside the widget.", 
      "enum": [
        "CIRCLE"
      ], 
      "title": "Type of the legend", 
      "type": "string"
    }
  }, 
  "title": "Legend for the widget", 
  "type": "object"
}

License (type) 

{
  "additionalProperties": false, 
  "description": "license properties", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "License", 
  "module_id": "License", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "capacity_type": {
      "description": "License metrics specifying the capacity type of license key. Types are: - VM - CPU - USER(Concurrent User)", 
      "enum": [
        "VM", 
        "CPU", 
        "USER"
      ], 
      "readonly": true, 
      "title": "license metric", 
      "type": "string"
    }, 
    "description": {
      "readonly": true, 
      "title": "license edition", 
      "type": "string"
    }, 
    "expiry": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "date that license expires"
    }, 
    "features": {
      "readonly": true, 
      "title": "semicolon delimited feature list", 
      "type": "string"
    }, 
    "is_eval": {
      "readonly": true, 
      "title": "true for evalution license", 
      "type": "boolean"
    }, 
    "is_expired": {
      "readonly": true, 
      "title": "whether the license has expired", 
      "type": "boolean"
    }, 
    "is_mh": {
      "readonly": true, 
      "title": "multi-hypervisor support", 
      "type": "boolean"
    }, 
    "license_key": {
      "pattern": "^[A-Z0-9]{5}-[A-Z0-9]{5}-[A-Z0-9]{5}-[A-Z0-9]{5}-[A-Z0-9]{5}$", 
      "required": true, 
      "sensitive": true, 
      "title": "license key", 
      "type": "string", 
      "validation_msg_key": "com.vmware.nsx.validation.constraints.License.license_key.message"
    }, 
    "product_name": {
      "readonly": true, 
      "title": "product name", 
      "type": "string"
    }, 
    "product_version": {
      "readonly": true, 
      "title": "product version", 
      "type": "string"
    }, 
    "quantity": {
      "readonly": true, 
      "title": "license capacity; 0 for unlimited", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LicensesListResult (type) 

{
  "description": "Licenses queries result", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LicensesListResult", 
  "module_id": "License", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "License
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Licenses Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ListByNodeIdParameters (type) 

{
  "extends": {
    "$ref": "ListWithDataSourceParameters
  }, 
  "id": "ListByNodeIdParameters", 
  "module_id": "AggSvcL2Types", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }, 
    "transport_node_id": {
      "required": false, 
      "title": "TransportNode Id", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ListByOptionalNodeIdParameters (type) 

{
  "extends": {
    "$ref": "ListWithDataSourceParameters
  }, 
  "id": "ListByOptionalNodeIdParameters", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }, 
    "transport_node_id": {
      "required": false, 
      "title": "Transport node id", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ListByRequiredNodeIdParameters (type) 

{
  "extends": {
    "$ref": "ListWithDataSourceParameters
  }, 
  "id": "ListByRequiredNodeIdParameters", 
  "module_id": "AggSvcL2Types", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }, 
    "transport_node_id": {
      "required": true, 
      "title": "TransportNode Id", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ListCertParameter (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "ListCertParameter", 
  "module_id": "CertificateManager", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "details": {
      "default": false, 
      "required": false, 
      "title": "whether to expand the pem data and show all its details", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "type": {
      "description": "Provide this parameter to limit the list of returned certificates to those matching a particular usage. Passing cluster_certificate will return the certificate used for the cluster wide API service.", 
      "enum": [
        "cluster_api_certificate"
      ], 
      "required": false, 
      "title": "Type of certificate to return", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ListRequestParameters (type) 

{
  "additionalProperties": {}, 
  "extends": {
    "$ref": "IncludedFieldsParameters
  }, 
  "id": "ListRequestParameters", 
  "module_id": "Common", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ListResult (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "ListResult", 
  "module_id": "Common", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Base class for list results from collections", 
  "type": "object"
}

ListResultQueryParameters (type) 

{
  "id": "ListResultQueryParameters", 
  "module_id": "Common", 
  "properties": {
    "fields": {
      "description": "Comma-separated field names to include in query result", 
      "title": "Fields to include in query results", 
      "type": "string"
    }
  }, 
  "title": "Parameters that affect how list results are processed", 
  "type": "object"
}

ListWithDataSourceParameters (type) 

{
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "ListWithDataSourceParameters", 
  "module_id": "Types", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }
  }, 
  "type": "object"
}

LldpHostSwitchProfile (type) 

{
  "extends": {
    "$ref": "BaseHostSwitchProfile
  }, 
  "id": "LldpHostSwitchProfile", 
  "module_id": "LldpHostSwitchProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LldpHostSwitchProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "required_capabilities": {
      "help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "resource_type": {
      "$ref": "HostSwitchProfileType, 
      "required": true
    }, 
    "send_enabled": {
      "required": true, 
      "title": "Enabled or disabled sending LLDP packets", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Host Switch for LLDP", 
  "type": "object"
}

LoadBalancerAllocationPool (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "EdgeClusterMemberAllocationPool
  }, 
  "id": "LoadBalancerAllocationPool", 
  "module_id": "LogicalRouter", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LoadBalancerAllocationPool"
  }, 
  "properties": {
    "allocation_pool_type": {
      "$ref": "AllocationPoolType, 
      "required": true
    }, 
    "allocation_size": {
      "default": "SMALL", 
      "description": "To address varied customer performance and scalability requirements, different sizes for load balancer service are supported: SMALL, MEDIUM and LARGE, each with its own set of resource and performance. Specify size of load balancer service which you will bind to TIER1 router.", 
      "enum": [
        "SMALL", 
        "MEDIUM", 
        "LARGE"
      ], 
      "required": true, 
      "title": "Size of load balancer service", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LocaleServices (type) 

{
  "additionalProperties": false, 
  "description": "Site specific configuration of Tier0 in multi-site scenario", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "LocaleServices", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "edge_cluster_path": {
      "description": "Policy path to edge cluster. Auto-assigned on Tier0 if associated enforcement-point has only one edge cluster.", 
      "required": false, 
      "title": "Edge cluster path", 
      "type": "string"
    }, 
    "ha_vip_configs": {
      "description": "This configuration can be defined only for Active-Standby Tier0 gateway to provide redundancy. For mulitple external interfaces, multiple HA VIP configs must be defined and each config will pair exactly two external interfaces. The VIP will move and will always be owned by the Active node. When this property is configured, configuration of dynamic-routing is not allowed.", 
      "items": {
        "$ref": "Tier0HaVipConfig
      }, 
      "title": "Array of HA VIP Config.", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "preferred_edge_paths": {
      "description": "Policy paths to edge nodes. Specified edge is used as preferred edge cluster member when failover mode is set to PREEMPTIVE, not applicable otherwise.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 2, 
      "required": false, 
      "title": "Edge node path", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "route_redistribution_types": {
      "description": "Enable redistribution of different types of routes on Tier-0. This property is only valid for locale-service under Tier-0.", 
      "items": {
        "$ref": "Tier0RouteRedistributionTypes
      }, 
      "required": false, 
      "title": "Enable redistribution of different types of routes on Tier-0", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Locale-services configuration", 
  "type": "object"
}

LocaleServicesListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LocaleServicesListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LocaleServices
      }, 
      "required": true, 
      "title": "LocaleServices results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of LocaleServices", 
  "type": "object"
}

LoggingServiceProperties (type) 

{
  "additionalProperties": false, 
  "id": "LoggingServiceProperties", 
  "properties": {
    "logging_level": {
      "enum": [
        "OFF", 
        "FATAL", 
        "ERROR", 
        "WARN", 
        "INFO", 
        "DEBUG", 
        "TRACE"
      ], 
      "required": true, 
      "title": "Service logging level", 
      "type": "string"
    }, 
    "package_logging_level": {
      "items": {
        "$ref": "PackageLoggingLevels
      }, 
      "title": "Package logging levels", 
      "type": "array"
    }
  }, 
  "title": "Service properties", 
  "type": "object"
}

LogicalConstructMigrationStats (type) 

{
  "description": "Contains migration related information about logical constructs", 
  "id": "LogicalConstructMigrationStats", 
  "module_id": "Migration", 
  "properties": {
    "source_count": {
      "description": "Number of objects of source type.", 
      "readonly": true, 
      "required": false, 
      "title": "Number of objects of source type", 
      "type": "string"
    }, 
    "source_type": {
      "description": "Type of the vSphere object (e.g. dvportgroup).", 
      "readonly": true, 
      "required": false, 
      "title": "Type of the vSphere object", 
      "type": "string"
    }, 
    "target_count": {
      "description": "Number of objects of target type.", 
      "readonly": true, 
      "required": false, 
      "title": "Number of objects of target type", 
      "type": "string"
    }, 
    "target_type": {
      "description": "Type of the Policy object corresponding to the source type (e.g. Segment).", 
      "readonly": true, 
      "required": false, 
      "title": "Type of the Policy object", 
      "type": "string"
    }, 
    "vertical": {
      "description": "Functional area that this vSphere object falls into", 
      "readonly": true, 
      "required": false, 
      "title": "Functional area for the vSphere object", 
      "type": "string"
    }
  }, 
  "title": "Migration Statistics for Logical Constructs", 
  "type": "object"
}

LogicalConstructMigrationStatsListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LogicalConstructMigrationStatsListResult", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LogicalConstructMigrationStats
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Paged collection of migration stats for logical constructs", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalDhcpServer (type) 

{
  "additionalProperties": false, 
  "description": "Definition of a logical DHCP server which can be attached a logical switch via a logical port.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "LogicalDhcpServer", 
  "module_id": "Dhcp", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "attached_logical_port_id": {
      "description": "The uuid of the attached logical port. Read only.", 
      "readonly": true, 
      "required": false, 
      "title": "Id of attached logical port", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "dhcp_profile_id": {
      "description": "The DHCP profile uuid the logical DHCP server references.", 
      "required": true, 
      "title": "DHCP profile uuid", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipv4_dhcp_server": {
      "$ref": "IPv4DhcpServer, 
      "description": "The DHCP server for ipv4 addresses allocation service.", 
      "required": true, 
      "title": "DHCP server for ipv4 addresses"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Logical DHCP server", 
  "type": "object"
}

LogicalDhcpServerListResult (type) 

{
  "additionalProperties": false, 
  "description": "A paginated list of logical DHCP servers.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LogicalDhcpServerListResult", 
  "module_id": "Dhcp", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "A paginated list of logical DHCP servers.", 
      "items": {
        "$ref": "LogicalDhcpServer
      }, 
      "required": true, 
      "title": "Paginated list of DHCP servers", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "A list of logical DHCP servers", 
  "type": "object"
}

LogicalPort (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "LogicalPort", 
  "module_id": "LogicalPort", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "address_bindings": {
      "description": "Each address binding must contain both an IPElement and MAC address. VLAN ID is optional. This binding configuration can be used by features such as spoof-guard and overrides any discovered bindings. Any non unique entries are deduplicated to generate a unique set of address bindings and then stored. For IPv6 addresses, a subnet address cannot have host bits set. A maximum of 128 unique address bindings is allowed per port.", 
      "items": {
        "$ref": "PacketAddressClassifier
      }, 
      "maxItems": 512, 
      "minItems": 0, 
      "required": false, 
      "title": "Address bindings for logical port", 
      "type": "array"
    }, 
    "admin_state": {
      "enum": [
        "UP", 
        "DOWN"
      ], 
      "required": true, 
      "title": "Represents Desired state of the logical port", 
      "type": "string"
    }, 
    "attachment": {
      "$ref": "LogicalPortAttachment, 
      "required": false, 
      "title": "Logical port attachment"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "extra_configs": {
      "description": "This property could be used for vendor specific configuration in key value string pairs. Logical port setting will override logical switch setting if the same key was set on both logical switch and logical port.", 
      "items": {
        "$ref": "ExtraConfig
      }, 
      "required": false, 
      "title": "Extra configs on logical port", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ignore_address_bindings": {
      "description": "IP Discovery module uses various mechanisms to discover address bindings being used on each port. If a user would like to ignore any specific discovered address bindings or prevent the discovery of a particular set of discovered bindings, then those address bindings can be provided here. Currently IP range in CIDR format is not supported.", 
      "items": {
        "$ref": "PacketAddressClassifier
      }, 
      "maxItems": 16, 
      "minItems": 0, 
      "required": false, 
      "title": "Address bindings to be ignored by IP Discovery module", 
      "type": "array"
    }, 
    "init_state": {
      "$ref": "LogicalPortInitState, 
      "description": "Set initial state when a new logical port is created. 'UNBLOCKED_VLAN' means new port will be unblocked on traffic in creation, also VLAN will be set with corresponding logical switch setting. This port setting can only be configured at port creation (POST), and cannot be modified.", 
      "required": false, 
      "title": "Initial state of this logical ports"
    }, 
    "logical_switch_id": {
      "required": true, 
      "title": "Id of the Logical switch that this port belongs to.", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "switching_profile_ids": {
      "items": {
        "$ref": "SwitchingProfileTypeIdEntry
      }, 
      "required": false, 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LogicalPortAttachment (type) 

{
  "id": "LogicalPortAttachment", 
  "module_id": "LogicalPort", 
  "properties": {
    "attachment_type": {
      "$ref": "AttachmentType, 
      "default": "VIF", 
      "description": "Indicates the type of logical port attachment. By default it is Virtual Machine interface (VIF)", 
      "required": false, 
      "title": "Type of attachment for logical port"
    }, 
    "context": {
      "$ref": "AttachmentContext, 
      "description": "Extra context data for the attachment", 
      "required": false, 
      "title": "Attachment context"
    }, 
    "id": {
      "required": true, 
      "title": "Identifier of the interface attached to the logical port", 
      "type": "string"
    }
  }, 
  "title": "Logical port attachment", 
  "type": "object"
}

LogicalPortDeleteParameters (type) 

{
  "additionalProperties": false, 
  "id": "LogicalPortDeleteParameters", 
  "module_id": "LogicalPort", 
  "properties": {
    "detach": {
      "default": false, 
      "description": "If this is set to true, then logical port is deleted regardless of whether it has attachments, or it is added to any NSGroup.", 
      "required": false, 
      "title": "force delete even if attached or referenced by a group", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

LogicalPortInitState (type) 

{
  "enum": [
    "UNBLOCKED_VLAN"
  ], 
  "id": "LogicalPortInitState", 
  "module_id": "LogicalPort", 
  "title": "Supported initial state of logical port", 
  "type": "string"
}

LogicalPortListParameters (type) 

{
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "LogicalPortListParameters", 
  "module_id": "LogicalPort", 
  "properties": {
    "attachment_id": {
      "required": false, 
      "title": "Logical Port attachment Id", 
      "type": "string"
    }, 
    "attachment_type": {
      "$ref": "AttachmentTypeQueryString, 
      "required": false, 
      "title": "Type of attachment for logical port; NONE means no attachment."
    }, 
    "bridge_cluster_id": {
      "required": false, 
      "title": "Bridge Cluster identifier", 
      "type": "string"
    }, 
    "container_ports_only": {
      "default": false, 
      "required": false, 
      "title": "Only container VIF logical ports will be returned if true", 
      "type": "boolean"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "diagnostic": {
      "default": false, 
      "required": false, 
      "title": "Flag to enable showing of transit logical port.", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "logical_switch_id": {
      "required": false, 
      "title": "Logical Switch identifier", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "parent_vif_id": {
      "description": "Get logical ports that have CHILD VIF attachment of given PARENT VIF.", 
      "required": false, 
      "title": "ID of the VIF of type PARENT", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "switching_profile_id": {
      "required": false, 
      "title": "Network Profile identifier", 
      "type": "string"
    }, 
    "transport_node_id": {
      "description": "Get logical ports on the transport node; it can not be given together with other parameters except container_ports_only and attachment_type VIF.", 
      "required": false, 
      "title": "Transport node identifier", 
      "type": "string"
    }, 
    "transport_zone_id": {
      "required": false, 
      "title": "Transport zone identifier", 
      "type": "string"
    }
  }, 
  "title": "Logical port list parameters", 
  "type": "object"
}

LogicalPortListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LogicalPortListResult", 
  "module_id": "LogicalPort", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LogicalPort
      }, 
      "readonly": true, 
      "title": "LogicalPort Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Logical port queries result", 
  "type": "object"
}

LogicalPortListWithSourceParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LogicalPortListParameters
  }, 
  "id": "LogicalPortListWithSourceParameters", 
  "module_id": "AggSvcLogicalPort", 
  "properties": {
    "attachment_id": {
      "required": false, 
      "title": "Logical Port attachment Id", 
      "type": "string"
    }, 
    "attachment_type": {
      "$ref": "AttachmentTypeQueryString, 
      "required": false, 
      "title": "Type of attachment for logical port; NONE means no attachment."
    }, 
    "bridge_cluster_id": {
      "required": false, 
      "title": "Bridge Cluster identifier", 
      "type": "string"
    }, 
    "container_ports_only": {
      "default": false, 
      "required": false, 
      "title": "Only container VIF logical ports will be returned if true", 
      "type": "boolean"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "diagnostic": {
      "default": false, 
      "required": false, 
      "title": "Flag to enable showing of transit logical port.", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "logical_switch_id": {
      "required": false, 
      "title": "Logical Switch identifier", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "parent_vif_id": {
      "description": "Get logical ports that have CHILD VIF attachment of given PARENT VIF.", 
      "required": false, 
      "title": "ID of the VIF of type PARENT", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }, 
    "switching_profile_id": {
      "required": false, 
      "title": "Network Profile identifier", 
      "type": "string"
    }, 
    "transport_node_id": {
      "description": "Get logical ports on the transport node; it can not be given together with other parameters except container_ports_only and attachment_type VIF.", 
      "required": false, 
      "title": "Transport node identifier", 
      "type": "string"
    }, 
    "transport_zone_id": {
      "required": false, 
      "title": "Transport zone identifier", 
      "type": "string"
    }
  }, 
  "title": "Logical Port list with data source parameters", 
  "type": "object"
}

LogicalPortMacAddressCsvListResult (type) 

{
  "extends": {
    "$ref": "CsvListResult
  }, 
  "id": "LogicalPortMacAddressCsvListResult", 
  "module_id": "AggSvcLogicalPort", 
  "properties": {
    "file_name": {
      "description": "File name set by HTTP server if API  returns CSV result as a file.", 
      "required": false, 
      "title": "File name", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "results": {
      "items": {
        "$ref": "LogicalPortMacTableCsvEntry
      }, 
      "required": false, 
      "type": "array"
    }
  }, 
  "type": "object"
}

LogicalPortMacAddressListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LogicalPortMacAddressListResult", 
  "module_id": "AggSvcLogicalPort", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "logical_port_id": {
      "readonly": true, 
      "required": true, 
      "title": "The id of the logical port", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LogicalPortMacTableEntry
      }, 
      "required": false, 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": false, 
      "title": "Transport node identifier", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalPortMacTableCsvEntry (type) 

{
  "extends": {
    "$ref": "CsvRecord
  }, 
  "id": "LogicalPortMacTableCsvEntry", 
  "module_id": "AggSvcLogicalPort", 
  "properties": {
    "mac_address": {
      "required": true, 
      "title": "The MAC address", 
      "type": "string"
    }, 
    "mac_type": {
      "$ref": "MacAddressType, 
      "required": true, 
      "title": "The type of the MAC address"
    }
  }, 
  "type": "object"
}

LogicalPortMacTableEntry (type) 

{
  "id": "LogicalPortMacTableEntry", 
  "module_id": "AggSvcLogicalPort", 
  "properties": {
    "mac_address": {
      "required": true, 
      "title": "The MAC address", 
      "type": "string"
    }, 
    "mac_type": {
      "$ref": "MacAddressType, 
      "required": true, 
      "title": "The type of the MAC address"
    }
  }, 
  "type": "object"
}

LogicalPortMirrorDestination (type) 

{
  "extends": {
    "$ref": "MirrorDestination
  }, 
  "id": "LogicalPortMirrorDestination", 
  "module_id": "PortMirroring", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LogicalPortMirrorDestination"
  }, 
  "properties": {
    "port_ids": {
      "items": {
        "type": "string"
      }, 
      "maxItems": 3, 
      "minItems": 1, 
      "required": true, 
      "title": "Destination logical port identifier list.", 
      "type": "array"
    }, 
    "resource_type": {
      "$ref": "MirrorDestinationResourceType, 
      "help_summary": "Possible values are 'LogicalPortMirrorDestination'", 
      "required": true
    }
  }, 
  "type": "object"
}

LogicalPortMirrorSource (type) 

{
  "extends": {
    "$ref": "MirrorSource
  }, 
  "id": "LogicalPortMirrorSource", 
  "module_id": "PortMirroring", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LogicalPortMirrorSource"
  }, 
  "properties": {
    "port_ids": {
      "items": {
        "type": "string"
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Source logical port identifier list", 
      "type": "array"
    }, 
    "resource_type": {
      "$ref": "MirrorSourceResourceType, 
      "help_summary": "Possible values are 'LogicalPortMirrorSource', 'PnicMirrorSource'", 
      "required": true
    }
  }, 
  "type": "object"
}

LogicalPortOperationalStatus (type) 

{
  "id": "LogicalPortOperationalStatus", 
  "module_id": "AggSvcLogicalPort", 
  "properties": {
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "logical_port_id": {
      "readonly": true, 
      "required": true, 
      "title": "The id of the logical port", 
      "type": "string"
    }, 
    "status": {
      "enum": [
        "UP", 
        "DOWN", 
        "UNKNOWN"
      ], 
      "required": true, 
      "title": "The Operational status of the logical port", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalPortState (type) 

{
  "additionalProperties": false, 
  "description": "Contians realized state of the logical port. For example, transport node on which the port is located, discovered and realized address bindings of the logical port.", 
  "id": "LogicalPortState", 
  "module_id": "LogicalPort", 
  "properties": {
    "discovered_bindings": {
      "description": "Contains the list of address bindings for a logical port that were automatically dicovered using various snooping methods like ARP, DHCP etc.", 
      "items": {
        "$ref": "AddressBindingEntry
      }, 
      "title": "Logical port bindings discovered automatically", 
      "type": "array"
    }, 
    "duplicate_bindings": {
      "description": "If any address binding discovered on the port is also found on other port on the same logical switch, then it is included in the duplicate bindings list along with the ID of the port with which it conflicts.", 
      "items": {
        "$ref": "DuplicateAddressBindingEntry
      }, 
      "title": "Duplicate logical port address bindings", 
      "type": "array"
    }, 
    "id": {
      "required": true, 
      "title": "Id of the logical port", 
      "type": "string"
    }, 
    "realized_bindings": {
      "description": "List of logical port bindings that are realized. This list may be populated from the discovered bindings or manual user specified bindings. This binding configuration can be used by features such as firewall, spoof-guard, traceflow etc.", 
      "items": {
        "$ref": "AddressBindingEntry
      }, 
      "title": "Realized logical port bindings", 
      "type": "array"
    }, 
    "transport_node_ids": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Identifiers of the transport node where the port is located", 
      "type": "array"
    }
  }, 
  "title": "Realized state of the logical port.", 
  "type": "object"
}

LogicalPortStatistics (type) 

{
  "extends": {
    "$ref": "AggregatedDataCounterEx
  }, 
  "id": "LogicalPortStatistics", 
  "module_id": "AggSvcLogicalPort", 
  "properties": {
    "dropped_by_security_packets": {
      "$ref": "PacketsDroppedBySecurity, 
      "readonly": true, 
      "required": false
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "logical_port_id": {
      "readonly": true, 
      "required": true, 
      "title": "The id of the logical port", 
      "type": "string"
    }, 
    "mac_learning": {
      "$ref": "MacLearningCounters, 
      "readonly": true, 
      "required": false
    }, 
    "rx_bytes": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "rx_packets": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_bytes": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_packets": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }
  }, 
  "type": "object"
}

LogicalPortStatusSummary (type) 

{
  "id": "LogicalPortStatusSummary", 
  "module_id": "AggSvcLogicalPort", 
  "properties": {
    "filters": {
      "items": {
        "$ref": "Filter
      }, 
      "required": false, 
      "title": "The filters used to find the logical ports- TransportZone id, LogicalSwitch id or LogicalSwitchProfile id", 
      "type": "array"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "total_ports": {
      "required": true, 
      "title": "The total number of logical ports.", 
      "type": "integer"
    }, 
    "up_ports": {
      "required": true, 
      "title": "The number of logical ports whose Operational status is UP", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LogicalRouter (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "LogicalRouter", 
  "module_id": "LogicalRouter", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "advanced_config": {
      "$ref": "LogicalRouterConfig, 
      "description": "Contains config properties for tier0 routers", 
      "required": false, 
      "title": "Logical Router Configuration"
    }, 
    "allocation_profile": {
      "$ref": "EdgeClusterMemberAllocationProfile, 
      "description": "Configurations options to auto allocate edge cluster members for logical router. Auto allocation is supported only for TIER1 and pick least utilized member post current assignment for next allocation.", 
      "required": false, 
      "title": "Edge Cluster Member Allocation Profile"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "edge_cluster_id": {
      "description": "Used for tier0 routers", 
      "required": false, 
      "title": "Identifier of the edge cluster for this Logical Router", 
      "type": "string"
    }, 
    "edge_cluster_member_indices": {
      "description": "For stateful services, the logical router should be associated with edge cluster. For TIER 1 logical router, for manual placement of service router within the cluster, edge cluster member indices needs to be provided else same will be auto-allocated. You can provide maximum two indices for HA ACTIVE_STANDBY. For TIER0 logical router this property is no use and placement is derived from logical router uplink or loopback port.", 
      "items": {
        "type": "integer"
      }, 
      "required": false, 
      "title": "Member indices of the edge node on the cluster", 
      "type": "array"
    }, 
    "failover_mode": {
      "description": "Determines the behavior when a logical router instance restarts after a failure. If set to PREEMPTIVE, the preferred node will take over, even if it causes another failure. If set to NON_PREEMPTIVE, then the instance that restarted will remain secondary. This property must not be populated unless the high_availability_mode property is set to ACTIVE_STANDBY. If high_availability_mode property is set to ACTIVE_STANDBY and this property is not specified then default will be NON_PREEMPTIVE.", 
      "enum": [
        "PREEMPTIVE", 
        "NON_PREEMPTIVE"
      ], 
      "required": false, 
      "title": "Failover mode for active-standby logical router instances.", 
      "type": "string"
    }, 
    "firewall_sections": {
      "description": "List of Firewall sections related to Logical Router.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "readonly": true, 
      "required": false, 
      "title": "LR Firewall Section References", 
      "type": "array"
    }, 
    "high_availability_mode": {
      "enum": [
        "ACTIVE_ACTIVE", 
        "ACTIVE_STANDBY"
      ], 
      "required": false, 
      "title": "High availability mode", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipv6_profiles": {
      "$ref": "IPv6Profiles, 
      "description": "IPv6Profiles captures IPv6 NDRA Profile and DAD Profile id associated with the logical router.", 
      "required": false, 
      "title": "IPv6 Profiles"
    }, 
    "preferred_edge_cluster_member_index": {
      "description": "Preferred edge cluster member index which is required for PREEMPTIVE failover mode. Used for Tier0 routers only.", 
      "minimum": 0, 
      "required": false, 
      "title": "Preferred edge cluster member index", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "router_type": {
      "enum": [
        "TIER0", 
        "TIER1"
      ], 
      "required": true, 
      "title": "Type of Logical Router", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LogicalRouterCentralizedServicePort (type) 

{
  "additionalProperties": false, 
  "description": "This port can be configured on both TIER0 and TIER1 logical router. Port can be connected to VLAN or overlay logical switch. Unlike downlink port it does not participate in distributed routing and hosted on all edge cluster members associated with logical router. Stateful services can be applied on this port.", 
  "extends": {
    "$ref": "LogicalRouterPort
  }, 
  "id": "LogicalRouterCentralizedServicePort", 
  "module_id": "LogicalRouterPorts", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LogicalRouterCentralizedServicePort"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enable_netx": {
      "default": false, 
      "required": false, 
      "title": "Port is exclusively used for N-S service insertion", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "linked_logical_switch_port_id": {
      "$ref": "ResourceReference, 
      "required": false, 
      "title": "Reference to the logical switch port to connect to"
    }, 
    "logical_router_id": {
      "required": true, 
      "title": "Identifier for logical router on which this port is created", 
      "type": "string"
    }, 
    "mtu": {
      "description": "Maximum transmission unit specifies the size of the largest packet that a network protocol can transmit. If not specified, the global logical MTU set in the /api/v1/global-configs/RoutingGlobalConfig API will be used.", 
      "minimum": 64, 
      "title": "Maximum transmission unit (MTU)", 
      "type": "integer"
    }, 
    "ndra_profile_id": {
      "description": "Identifier of Neighbor Discovery Router Advertisement profile associated with port. When NDRA profile id is associated at both the port level and logical router level, the profile id specified at port level takes the precedence.", 
      "required": false, 
      "title": "Identifier for NDRA profile on the port", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LogicalRouterPortResourceType, 
      "required": true
    }, 
    "service_bindings": {
      "items": {
        "$ref": "ServiceBinding
      }, 
      "required": false, 
      "title": "Service Bindings", 
      "type": "array"
    }, 
    "subnets": {
      "items": {
        "$ref": "IPSubnet
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Logical router port subnets", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "urpf_mode": {
      "$ref": "UrpfMode, 
      "default": "STRICT", 
      "required": false, 
      "title": "Unicast Reverse Path Forwarding mode"
    }
  }, 
  "title": "Port to connect VLAN based network or overlay logical switch", 
  "type": "object"
}

LogicalRouterConfig (type) 

{
  "additionalProperties": false, 
  "description": "Logical router configuration parameters.", 
  "id": "LogicalRouterConfig", 
  "module_id": "LogicalRouter", 
  "properties": {
    "external_transit_networks": {
      "description": "CIDR block defining addresses for Tier0 to Tier1 links. If the value for this field is not provided, then it will be considered as default IPv4 CIDR \"100.64.0.0/16\"", 
      "items": {
        "$ref": "IPCIDRBlock
      }, 
      "required": false, 
      "title": "CIDR block defining Tier0 to Tier1 links", 
      "type": "array"
    }, 
    "ha_vip_configs": {
      "description": "This configuration can be defined only for Active-Standby LogicalRouter to provide | redundancy. For mulitple uplink ports, multiple HaVipConfigs must be defined | and each config will pair exactly two uplink ports. The VIP will move and will | always be owned by the Active node. Note - when HaVipConfig[s] are defined, | configuring dynamic-routing is disallowed.", 
      "items": {
        "$ref": "HaVipConfig
      }, 
      "required": false, 
      "title": "Array of HA VIP Config.", 
      "type": "array"
    }, 
    "internal_transit_network": {
      "$ref": "IPv4CIDRBlock, 
      "description": "CIDR block defining service router to distributed router links. If the value for this field is not provided, then it will be considered as default IPv4 CIDR- \"169.254.0.0/28\" for logical router with ACTIVE_STANDBY HA mode \"169.254.0.0/24\" for logical router with ACTIVE_ACTIVE HA mode", 
      "required": false, 
      "title": "CIDR block defining SR to DR links"
    }, 
    "transport_zone_id": {
      "description": "Transport zone of the logical router. If specified then all downlink switches should belong to this transport zone and an error will be thrown if transport zone of the downlink switch doesn't match with this transport zone. All internal and external transit switches will be created in this transport zone.", 
      "required": false, 
      "title": "Transport Zone Identifier", 
      "type": "string"
    }
  }, 
  "title": "Logical router config", 
  "type": "object"
}

LogicalRouterDeleteRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DeleteRequestParameters
  }, 
  "id": "LogicalRouterDeleteRequestParameters", 
  "module_id": "LogicalRouter", 
  "properties": {
    "cascade_delete_linked_ports": {
      "default": false, 
      "description": "When the flag is true, connected logical switch ports which are associated | with the logical router ports will be deleted. Additionally, for Tier1 LR, the associated | Tier 0 router link port will also be deleted. Note that this flag is active only when \"force\" | parameter is also set to true.", 
      "required": false, 
      "title": "Flag to specify whether to delete related logical switch ports", 
      "type": "boolean"
    }, 
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }
  }, 
  "title": "LogicalRouter delete request parameters", 
  "type": "object"
}

LogicalRouterDownLinkPort (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LogicalRouterPort
  }, 
  "id": "LogicalRouterDownLinkPort", 
  "module_id": "LogicalRouterPorts", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LogicalRouterDownLinkPort"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "linked_logical_switch_port_id": {
      "$ref": "ResourceReference, 
      "required": false, 
      "title": "Reference to the logical switch port to connect to"
    }, 
    "logical_router_id": {
      "required": true, 
      "title": "Identifier for logical router on which this port is created", 
      "type": "string"
    }, 
    "mac_address": {
      "description": "MAC address", 
      "readonly": true, 
      "required": false, 
      "title": "MAC address", 
      "type": "string"
    }, 
    "ndra_profile_id": {
      "description": "Identifier of Neighbor Discovery Router Advertisement profile associated with port. When NDRA profile id is associated at both the port level and logical router level, the profile id specified at port level takes the precedence.", 
      "required": false, 
      "title": "Identifier for NDRA profile on the port", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LogicalRouterPortResourceType, 
      "required": true
    }, 
    "service_bindings": {
      "items": {
        "$ref": "ServiceBinding
      }, 
      "required": false, 
      "title": "Service Bindings", 
      "type": "array"
    }, 
    "subnets": {
      "items": {
        "$ref": "IPSubnet
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Logical router port subnets", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "urpf_mode": {
      "$ref": "UrpfMode, 
      "default": "STRICT", 
      "required": false, 
      "title": "Unicast Reverse Path Forwarding mode"
    }
  }, 
  "type": "object"
}

LogicalRouterFIBListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Filter parameters for filtering routes from FIB depending on provided properties.", 
  "extends": {
    "$ref": "ListByRequiredNodeIdParameters
  }, 
  "id": "LogicalRouterFIBListRequestParameters", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "network_prefix": {
      "$ref": "IPCIDRBlock, 
      "description": "CIDR network address to filter the the FIB table.", 
      "required": false, 
      "title": "Network address filter parameter"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }, 
    "transport_node_id": {
      "required": true, 
      "title": "TransportNode Id", 
      "type": "string"
    }
  }, 
  "title": "Logical Router FIB List Request Parameters\n", 
  "type": "object"
}

LogicalRouterFIBRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Filter parameters for filtering routes from FIB depending on provided properties.", 
  "extends": {
    "$ref": "RequiredTransportNodeIdParameters
  }, 
  "id": "LogicalRouterFIBRequestParameters", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "network_prefix": {
      "$ref": "IPCIDRBlock, 
      "description": "CIDR network address to filter the the FIB table.", 
      "required": false, 
      "title": "Network address filter parameter"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }, 
    "transport_node_id": {
      "required": true, 
      "title": "TransportNode Id", 
      "type": "string"
    }
  }, 
  "title": "Logical Router FIB Request Parameters", 
  "type": "object"
}

LogicalRouterIPTunnelPort (type) 

{
  "additionalProperties": false, 
  "description": "Logical router IP tunnel port.", 
  "extends": {
    "$ref": "LogicalRouterPort
  }, 
  "id": "LogicalRouterIPTunnelPort", 
  "module_id": "LogicalRouterPorts", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "admin_state": {
      "description": "Admin state of port.", 
      "enum": [
        "UP", 
        "DOWN"
      ], 
      "readonly": true, 
      "title": "Admin state of port", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logical_router_id": {
      "required": true, 
      "title": "Identifier for logical router on which this port is created", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LogicalRouterPortResourceType, 
      "required": true
    }, 
    "service_bindings": {
      "items": {
        "$ref": "ServiceBinding
      }, 
      "required": false, 
      "title": "Service Bindings", 
      "type": "array"
    }, 
    "subnets": {
      "description": "Tunnel port subnets.", 
      "items": {
        "$ref": "IPSubnet
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "readonly": true, 
      "required": true, 
      "title": "Tunnel port subnets", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "vpn_session_id": {
      "description": "Associated VPN session identifier.", 
      "readonly": true, 
      "title": "VPN session identifier", 
      "type": "string"
    }
  }, 
  "title": "Logical router IP tunnel port", 
  "type": "object"
}

LogicalRouterLinkPortOnTIER0 (type) 

{
  "additionalProperties": false, 
  "description": "This port can be configured only on a TIER0 LogicalRouter. Create an empty port to generate an id. Use this id in the linked_logical_router_port_id on LogicalRouterLinkPortOnTIER1 on TIER1 logical router.", 
  "extends": {
    "$ref": "LogicalRouterPort
  }, 
  "id": "LogicalRouterLinkPortOnTIER0", 
  "module_id": "LogicalRouterPorts", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LogicalRouterLinkPortOnTIER0"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "linked_logical_router_port_id": {
      "description": "Identifier of connected LogicalRouterLinkPortOnTIER1 of TIER1 logical router", 
      "readonly": true, 
      "required": false, 
      "title": "Identifier of connected LogicalRouterLinkPortOnTIER1", 
      "type": "string"
    }, 
    "logical_router_id": {
      "required": true, 
      "title": "Identifier for logical router on which this port is created", 
      "type": "string"
    }, 
    "mac_address": {
      "description": "MAC address", 
      "readonly": true, 
      "required": false, 
      "title": "MAC address", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LogicalRouterPortResourceType, 
      "required": true
    }, 
    "service_bindings": {
      "items": {
        "$ref": "ServiceBinding
      }, 
      "required": false, 
      "title": "Service Bindings", 
      "type": "array"
    }, 
    "subnets": {
      "items": {
        "$ref": "IPSubnet
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Logical router port subnets", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Port to connect the LogicalRouterLinkPortOnTIER1 of TIER1 logical router to", 
  "type": "object"
}

LogicalRouterLinkPortOnTIER1 (type) 

{
  "additionalProperties": false, 
  "description": "This port can be configured only on a TIER1 LogicalRouter. Use the id of the LogicalRouterLinkPortOnTIER0 from TIER0 logical router to set the linked_logical_router_port_id on the port on TIER1 logical router.", 
  "extends": {
    "$ref": "LogicalRouterPort
  }, 
  "id": "LogicalRouterLinkPortOnTIER1", 
  "module_id": "LogicalRouterPorts", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LogicalRouterLinkPortOnTIER1"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "edge_cluster_member_index": {
      "deprecated": true, 
      "description": "Please use logical router API to pass edge cluster members indexes manually.", 
      "items": {
        "type": "integer"
      }, 
      "required": false, 
      "title": "Member index of the edge node on the cluster", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "linked_logical_router_port_id": {
      "$ref": "ResourceReference, 
      "description": "Reference of LogicalRouterLinkPortOnTIER0 of TIER0 logical router to connect this TIER1 logical router outwards.", 
      "required": false, 
      "title": "Reference of TIER0 port to connect the TIER1 to."
    }, 
    "logical_router_id": {
      "required": true, 
      "title": "Identifier for logical router on which this port is created", 
      "type": "string"
    }, 
    "mac_address": {
      "description": "MAC address", 
      "readonly": true, 
      "required": false, 
      "title": "MAC address", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LogicalRouterPortResourceType, 
      "required": true
    }, 
    "service_bindings": {
      "items": {
        "$ref": "ServiceBinding
      }, 
      "required": false, 
      "title": "Service Bindings", 
      "type": "array"
    }, 
    "subnets": {
      "items": {
        "$ref": "IPSubnet
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Logical router port subnets", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Port to connect the TIER1 logical router to TIER0 logical router", 
  "type": "object"
}

LogicalRouterListParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "LogicalRouterListParameters", 
  "module_id": "LogicalRouter", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "router_type": {
      "enum": [
        "TIER0", 
        "TIER1"
      ], 
      "required": false, 
      "title": "Type of Logical Router", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Logical Router list parameters", 
  "type": "object"
}

LogicalRouterListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LogicalRouterListResult", 
  "module_id": "LogicalRouter", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LogicalRouter
      }, 
      "required": true, 
      "title": "Logical router list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalRouterLoopbackPort (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LogicalRouterPort
  }, 
  "id": "LogicalRouterLoopbackPort", 
  "module_id": "LogicalRouterPorts", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LogicalRouterLoopbackPort"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "edge_cluster_member_index": {
      "items": {
        "type": "integer"
      }, 
      "required": true, 
      "title": "Member index of the edge node on the cluster", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logical_router_id": {
      "required": true, 
      "title": "Identifier for logical router on which this port is created", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LogicalRouterPortResourceType, 
      "required": true
    }, 
    "service_bindings": {
      "items": {
        "$ref": "ServiceBinding
      }, 
      "required": false, 
      "title": "Service Bindings", 
      "type": "array"
    }, 
    "subnets": {
      "items": {
        "$ref": "IPSubnet
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Loopback port subnets", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LogicalRouterPort (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "LogicalRouterPort", 
  "module_id": "LogicalRouterPorts", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logical_router_id": {
      "required": true, 
      "title": "Identifier for logical router on which this port is created", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LogicalRouterPortResourceType, 
      "required": true
    }, 
    "service_bindings": {
      "items": {
        "$ref": "ServiceBinding
      }, 
      "required": false, 
      "title": "Service Bindings", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LogicalRouterPortArpCsvRecord (type) 

{
  "extends": {
    "$ref": "CsvRecord
  }, 
  "id": "LogicalRouterPortArpCsvRecord", 
  "module_id": "AggSvcLogicalRouterPort", 
  "properties": {
    "ip": {
      "$ref": "IPAddress, 
      "required": true, 
      "title": "The IP address"
    }, 
    "mac_address": {
      "required": true, 
      "title": "The MAC address", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalRouterPortArpEntry (type) 

{
  "id": "LogicalRouterPortArpEntry", 
  "module_id": "AggSvcLogicalRouterPort", 
  "properties": {
    "ip": {
      "$ref": "IPAddress, 
      "required": true, 
      "title": "The IP address"
    }, 
    "mac_address": {
      "required": true, 
      "title": "The MAC address", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalRouterPortArpTable (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LogicalRouterPortArpTable", 
  "module_id": "AggSvcLogicalRouterPort", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Timestamp when the data was last updated; unset if data source has never updated the data."
    }, 
    "logical_router_port_id": {
      "required": true, 
      "title": "The ID of the logical router port", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LogicalRouterPortArpEntry
      }, 
      "required": false, 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalRouterPortArpTableInCsvFormat (type) 

{
  "extends": {
    "$ref": "CsvListResult
  }, 
  "id": "LogicalRouterPortArpTableInCsvFormat", 
  "module_id": "AggSvcLogicalRouterPort", 
  "properties": {
    "file_name": {
      "description": "File name set by HTTP server if API  returns CSV result as a file.", 
      "required": false, 
      "title": "File name", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Timestamp when the data was last updated; unset if data source has never updated the data."
    }, 
    "results": {
      "items": {
        "$ref": "LogicalRouterPortArpCsvRecord
      }, 
      "required": false, 
      "type": "array"
    }
  }, 
  "type": "object"
}

LogicalRouterPortCounters (type) 

{
  "id": "LogicalRouterPortCounters", 
  "module_id": "AggSvcLogicalRouterPort", 
  "properties": {
    "dropped_packets": {
      "required": false, 
      "title": "The number of dropped packets", 
      "type": "integer"
    }, 
    "total_bytes": {
      "required": false, 
      "title": "The total number of bytes", 
      "type": "integer"
    }, 
    "total_packets": {
      "required": false, 
      "title": "The total number of packets", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LogicalRouterPortDeleteRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DeleteRequestParameters
  }, 
  "id": "LogicalRouterPortDeleteRequestParameters", 
  "module_id": "LogicalRouterPorts", 
  "properties": {
    "cascade_delete_linked_ports": {
      "default": false, 
      "description": "When the flag is true, the logical switch port or T0 router link port | associated with this logical router port is also deleted. This flag works independent | of the \"force\" parameter sent in request.", 
      "required": false, 
      "title": "Flag to specify whether to delete related logical switch ports", 
      "type": "boolean"
    }, 
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }
  }, 
  "title": "LogicalRouterPort delete request parameters", 
  "type": "object"
}

LogicalRouterPortListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LogicalRouterPortListResult", 
  "module_id": "LogicalRouterPorts", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LogicalRouterPort
      }, 
      "required": true, 
      "title": "Logical router port list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalRouterPortResourceType (type) 

{
  "additionalProperties": false, 
  "description": "LogicalRouterUpLinkPort is allowed only on TIER0 logical router.   It is the north facing port of the logical router. LogicalRouterLinkPortOnTIER0 is allowed only on TIER0 logical router.   This is the port where the LogicalRouterLinkPortOnTIER1 of TIER1 logical router connects to. LogicalRouterLinkPortOnTIER1 is allowed only on TIER1 logical router.   This is the port using which the user connected to TIER1 logical router for upwards connectivity via TIER0 logical router.   Connect this port to the LogicalRouterLinkPortOnTIER0 of the TIER0 logical router. LogicalRouterDownLinkPort is for the connected subnets on the logical router. LogicalRouterLoopbackPort is a loopback port for logical router component   which is placed on chosen edge cluster member. LogicalRouterIPTunnelPort is a IPSec VPN tunnel port created on   logical router when route based VPN session configured. LogicalRouterCentralizedServicePort is allowed only on Active/Standby TIER0 and TIER1   logical router. Port can be connected to VLAN or overlay logical switch.   Unlike downlink port it does not participate in distributed routing and hosted   on all edge cluster members associated with logical router.   Stateful services can be applied on this port.", 
  "enum": [
    "LogicalRouterUpLinkPort", 
    "LogicalRouterDownLinkPort", 
    "LogicalRouterLinkPortOnTIER0", 
    "LogicalRouterLinkPortOnTIER1", 
    "LogicalRouterLoopbackPort", 
    "LogicalRouterIPTunnelPort", 
    "LogicalRouterCentralizedServicePort"
  ], 
  "id": "LogicalRouterPortResourceType", 
  "module_id": "LogicalRouterPorts", 
  "title": "Resource types of logical router port", 
  "type": "string"
}

LogicalRouterPortState (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ConfigurationState
  }, 
  "id": "LogicalRouterPortState", 
  "module_id": "LogicalRouterPorts", 
  "properties": {
    "details": {
      "items": {
        "$ref": "ConfigurationStateElement
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Array of configuration state of various sub systems", 
      "type": "array"
    }, 
    "failure_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code", 
      "type": "integer"
    }, 
    "failure_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message in case of failure", 
      "type": "string"
    }, 
    "ipv6_dad_statuses": {
      "description": "Array of DAD status which contains DAD information for IP addresses on the port.", 
      "items": {
        "$ref": "IPv6DADStatus
      }, 
      "readonly": true, 
      "title": "DAD Status", 
      "type": "array"
    }, 
    "state": {
      "description": "Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.", 
      "enum": [
        "pending", 
        "in_progress", 
        "success", 
        "failed", 
        "partial_success", 
        "orphaned", 
        "unknown", 
        "error", 
        "NOT_AVAILABLE", 
        "VM_DEPLOYMENT_QUEUED", 
        "VM_DEPLOYMENT_IN_PROGRESS", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_IN_PROGRESS", 
        "VM_POWER_ON_FAILED", 
        "REGISTRATION_PENDING", 
        "NODE_NOT_READY", 
        "NODE_READY", 
        "VM_POWER_OFF_IN_PROGRESS", 
        "VM_POWER_OFF_FAILED", 
        "VM_UNDEPLOY_IN_PROGRESS", 
        "VM_UNDEPLOY_FAILED", 
        "VM_UNDEPLOY_SUCCESSFUL", 
        "EDGE_CONFIG_ERROR", 
        "VM_DEPLOYMENT_RESTARTED", 
        "REGISTRATION_FAILED", 
        "TRANSPORT_NODE_SYNC_PENDING", 
        "TRANSPORT_NODE_CONFIGURATION_MISSING", 
        "EDGE_HARDWARE_NOT_SUPPORTED", 
        "MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED", 
        "TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER", 
        "TZ_ENDPOINTS_NOT_SPECIFIED", 
        "NO_PNIC_PREPARED_IN_EDGE", 
        "APPLIANCE_INTERNAL_ERROR", 
        "VTEP_DHCP_NOT_SUPPORTED", 
        "UNSUPPORTED_HOST_SWITCH_PROFILE", 
        "UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED", 
        "HOSTSWITCH_PROFILE_NOT_FOUND", 
        "LLDP_SEND_ENABLED_NOT_SUPPORTED", 
        "UNSUPPORTED_NAMED_TEAMING_POLICY", 
        "LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM", 
        "LACP_NOT_SUPPORTED_FOR_EDGE_VM", 
        "STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM", 
        "MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE", 
        "UNSUPPORTED_LACP_LB_ALGO_FOR_NODE", 
        "EDGE_NODE_VERSION_NOT_SUPPORTED", 
        "NO_PNIC_SPECIFIED_IN_TN", 
        "INVALID_PNIC_DEVICE_NAME", 
        "TRANSPORT_NODE_READY", 
        "VM_NETWORK_EDIT_PENDING", 
        "UNSUPPORTED_DEFAULT_TEAMING_POLICY", 
        "MPA_DISCONNECTED", 
        "VM_RENAME_PENDING", 
        "VM_CONFIG_EDIT_PENDING", 
        "VM_NETWORK_EDIT_FAILED", 
        "VM_RENAME_FAILED", 
        "VM_CONFIG_EDIT_FAILED", 
        "VM_CONFIG_DISCREPANCY", 
        "VM_NODE_REFRESH_FAILED", 
        "VM_PLACEMENT_REFRESH_FAILED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Overall state of desired configuration", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalRouterPortStatistics (type) 

{
  "id": "LogicalRouterPortStatistics", 
  "module_id": "AggSvcLogicalRouterPort", 
  "properties": {
    "logical_router_port_id": {
      "required": true, 
      "title": "The ID of the logical router port", 
      "type": "string"
    }, 
    "per_node_statistics": {
      "additionalProperties": false, 
      "items": {
        "$ref": "LogicalRouterPortStatisticsPerNode
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Per Node Statistics", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LogicalRouterPortStatisticsPerNode (type) 

{
  "extends": {
    "$ref": "AggregatedLogicalRouterPortCounters
  }, 
  "id": "LogicalRouterPortStatisticsPerNode", 
  "module_id": "AggSvcLogicalRouterPort", 
  "properties": {
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Timestamp when the data was last updated; unset if data source has never updated the data."
    }, 
    "rx": {
      "$ref": "LogicalRouterPortCounters, 
      "readonly": true, 
      "required": false
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": true, 
      "title": "The ID of the TransportNode", 
      "type": "string"
    }, 
    "tx": {
      "$ref": "LogicalRouterPortCounters, 
      "readonly": true, 
      "required": false
    }
  }, 
  "type": "object"
}

LogicalRouterPortStatisticsSummary (type) 

{
  "extends": {
    "$ref": "AggregatedLogicalRouterPortCounters
  }, 
  "id": "LogicalRouterPortStatisticsSummary", 
  "module_id": "AggSvcLogicalRouterPort", 
  "properties": {
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Timestamp when the data was last updated; unset if data source has never updated the data."
    }, 
    "logical_router_port_id": {
      "required": true, 
      "title": "The ID of the logical router port", 
      "type": "string"
    }, 
    "rx": {
      "$ref": "LogicalRouterPortCounters, 
      "readonly": true, 
      "required": false
    }, 
    "tx": {
      "$ref": "LogicalRouterPortCounters, 
      "readonly": true, 
      "required": false
    }
  }, 
  "type": "object"
}

LogicalRouterPortsListParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "LogicalRouterPortsListParameters", 
  "module_id": "LogicalRouterPorts", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "logical_router_id": {
      "required": false, 
      "title": "Logical Router identifier", 
      "type": "string"
    }, 
    "logical_switch_id": {
      "required": false, 
      "title": "Logical Switch identifier", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "resource_type": {
      "$ref": "LogicalRouterPortResourceType, 
      "required": false, 
      "title": "Resource Type"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Logical Router Ports list parameters", 
  "type": "object"
}

LogicalRouterRIBListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Filter parameters for filtering routes from RIB depending on provided properties", 
  "extends": {
    "$ref": "ListByRequiredNodeIdParameters
  }, 
  "id": "LogicalRouterRIBListRequestParameters", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "network_prefix": {
      "$ref": "IPCIDRBlock, 
      "description": "CIDR network address to filter the RIB table.", 
      "required": false, 
      "title": "Network address filter parameter"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "route_source": {
      "description": "To filter the RIB table based on the source from which route is learned.", 
      "enum": [
        "BGP", 
        "STATIC", 
        "CONNECTED"
      ], 
      "title": "Route source filter parameter", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }, 
    "transport_node_id": {
      "required": true, 
      "title": "TransportNode Id", 
      "type": "string"
    }
  }, 
  "title": "Logical Router RIB List Request Parameters\n", 
  "type": "object"
}

LogicalRouterRIBRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Filter parameters for filtering routes from RIB depending on provided properties.", 
  "extends": {
    "$ref": "RequiredTransportNodeIdParameters
  }, 
  "id": "LogicalRouterRIBRequestParameters", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "network_prefix": {
      "$ref": "IPCIDRBlock, 
      "description": "CIDR network address to filter the the RIB table", 
      "required": false, 
      "title": "Network address filter parameter"
    }, 
    "route_source": {
      "description": "To filter the RIB table based on the source from which route is learned.", 
      "enum": [
        "BGP", 
        "STATIC", 
        "CONNECTED"
      ], 
      "required": false, 
      "title": "Route source filter parameter", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }, 
    "transport_node_id": {
      "required": true, 
      "title": "TransportNode Id", 
      "type": "string"
    }
  }, 
  "title": "Logical Router RIB Request Parameters", 
  "type": "object"
}

LogicalRouterRouteCsvRecord (type) 

{
  "extends": {
    "$ref": "CsvRecord
  }, 
  "id": "LogicalRouterRouteCsvRecord", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "admin_distance": {
      "required": false, 
      "title": "The admin distance of the next hop", 
      "type": "integer"
    }, 
    "logical_router_port_id": {
      "required": false, 
      "title": "The id of the logical router port which is used as the next hop", 
      "type": "string"
    }, 
    "lr_component_id": {
      "required": false, 
      "title": "Logical router component(Service Router/Distributed Router) id", 
      "type": "string"
    }, 
    "lr_component_type": {
      "required": false, 
      "title": "Logical router component(Service Router/Distributed Router) type", 
      "type": "string"
    }, 
    "network": {
      "$ref": "IPCIDRBlock, 
      "required": true, 
      "title": "CIDR network address"
    }, 
    "next_hop": {
      "$ref": "IPAddress, 
      "required": false, 
      "title": "The IP of the next hop"
    }, 
    "route_type": {
      "required": true, 
      "title": "Route type (USER, CONNECTED, NSX_INTERNAL,..)", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalRouterRouteEntry (type) 

{
  "id": "LogicalRouterRouteEntry", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "admin_distance": {
      "required": false, 
      "title": "The admin distance of the next hop", 
      "type": "integer"
    }, 
    "logical_router_port_id": {
      "required": false, 
      "title": "The id of the logical router port which is used as the next hop", 
      "type": "string"
    }, 
    "lr_component_id": {
      "required": false, 
      "title": "Logical router component(Service Router/Distributed Router) id", 
      "type": "string"
    }, 
    "lr_component_type": {
      "required": false, 
      "title": "Logical router component(Service Router/Distributed Router) type", 
      "type": "string"
    }, 
    "network": {
      "$ref": "IPCIDRBlock, 
      "required": true, 
      "title": "CIDR network address"
    }, 
    "next_hop": {
      "$ref": "IPAddress, 
      "required": false, 
      "title": "The IP address of the next hop"
    }, 
    "route_type": {
      "required": true, 
      "title": "Route type (USER, CONNECTED, NSX_INTERNAL,..)", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalRouterRouteTable (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LogicalRouterRouteTable", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "logical_router_id": {
      "required": true, 
      "title": "The id of the logical router", 
      "type": "string"
    }, 
    "logical_router_name": {
      "readonly": true, 
      "required": false, 
      "title": "Name of the logical router", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LogicalRouterRouteEntry
      }, 
      "required": false, 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalRouterRouteTableInCsvFormat (type) 

{
  "extends": {
    "$ref": "CsvListResult
  }, 
  "id": "LogicalRouterRouteTableInCsvFormat", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "file_name": {
      "description": "File name set by HTTP server if API  returns CSV result as a file.", 
      "required": false, 
      "title": "File name", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "results": {
      "items": {
        "$ref": "LogicalRouterRouteCsvRecord
      }, 
      "required": false, 
      "type": "array"
    }
  }, 
  "type": "object"
}

LogicalRouterState (type) 

{
  "extends": {
    "$ref": "ConfigurationState
  }, 
  "id": "LogicalRouterState", 
  "module_id": "LogicalRouter", 
  "properties": {
    "details": {
      "items": {
        "$ref": "ConfigurationStateElement
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Array of configuration state of various sub systems", 
      "type": "array"
    }, 
    "failure_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code", 
      "type": "integer"
    }, 
    "failure_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message in case of failure", 
      "type": "string"
    }, 
    "state": {
      "description": "Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.", 
      "enum": [
        "pending", 
        "in_progress", 
        "success", 
        "failed", 
        "partial_success", 
        "orphaned", 
        "unknown", 
        "error", 
        "NOT_AVAILABLE", 
        "VM_DEPLOYMENT_QUEUED", 
        "VM_DEPLOYMENT_IN_PROGRESS", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_IN_PROGRESS", 
        "VM_POWER_ON_FAILED", 
        "REGISTRATION_PENDING", 
        "NODE_NOT_READY", 
        "NODE_READY", 
        "VM_POWER_OFF_IN_PROGRESS", 
        "VM_POWER_OFF_FAILED", 
        "VM_UNDEPLOY_IN_PROGRESS", 
        "VM_UNDEPLOY_FAILED", 
        "VM_UNDEPLOY_SUCCESSFUL", 
        "EDGE_CONFIG_ERROR", 
        "VM_DEPLOYMENT_RESTARTED", 
        "REGISTRATION_FAILED", 
        "TRANSPORT_NODE_SYNC_PENDING", 
        "TRANSPORT_NODE_CONFIGURATION_MISSING", 
        "EDGE_HARDWARE_NOT_SUPPORTED", 
        "MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED", 
        "TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER", 
        "TZ_ENDPOINTS_NOT_SPECIFIED", 
        "NO_PNIC_PREPARED_IN_EDGE", 
        "APPLIANCE_INTERNAL_ERROR", 
        "VTEP_DHCP_NOT_SUPPORTED", 
        "UNSUPPORTED_HOST_SWITCH_PROFILE", 
        "UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED", 
        "HOSTSWITCH_PROFILE_NOT_FOUND", 
        "LLDP_SEND_ENABLED_NOT_SUPPORTED", 
        "UNSUPPORTED_NAMED_TEAMING_POLICY", 
        "LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM", 
        "LACP_NOT_SUPPORTED_FOR_EDGE_VM", 
        "STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM", 
        "MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE", 
        "UNSUPPORTED_LACP_LB_ALGO_FOR_NODE", 
        "EDGE_NODE_VERSION_NOT_SUPPORTED", 
        "NO_PNIC_SPECIFIED_IN_TN", 
        "INVALID_PNIC_DEVICE_NAME", 
        "TRANSPORT_NODE_READY", 
        "VM_NETWORK_EDIT_PENDING", 
        "UNSUPPORTED_DEFAULT_TEAMING_POLICY", 
        "MPA_DISCONNECTED", 
        "VM_RENAME_PENDING", 
        "VM_CONFIG_EDIT_PENDING", 
        "VM_NETWORK_EDIT_FAILED", 
        "VM_RENAME_FAILED", 
        "VM_CONFIG_EDIT_FAILED", 
        "VM_CONFIG_DISCREPANCY", 
        "VM_NODE_REFRESH_FAILED", 
        "VM_PLACEMENT_REFRESH_FAILED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Overall state of desired configuration", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalRouterStatus (type) 

{
  "id": "LogicalRouterStatus", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Timestamp when the data was last updated; unset if data source has never updated the data."
    }, 
    "logical_router_id": {
      "required": true, 
      "title": "The id of the logical router", 
      "type": "string"
    }, 
    "per_node_status": {
      "additionalProperties": false, 
      "items": {
        "$ref": "LogicalRouterStatusPerNode
      }, 
      "readonly": true, 
      "title": "Per Node Status", 
      "type": "array"
    }
  }, 
  "type": "object"
}

LogicalRouterStatusPerNode (type) 

{
  "id": "LogicalRouterStatusPerNode", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "high_availability_status": {
      "enum": [
        "ACTIVE", 
        "STANDBY", 
        "DOWN", 
        "SYNC", 
        "UNKNOWN"
      ], 
      "required": true, 
      "title": "A service router's HA status on an edge node", 
      "type": "string"
    }, 
    "service_router_id": {
      "required": false, 
      "title": "id of the service router where the router status is retrieved.", 
      "type": "string"
    }, 
    "transport_node_id": {
      "required": true, 
      "title": "id of the transport node where the router status is retrieved.", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalRouterUpLinkPort (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LogicalRouterPort
  }, 
  "id": "LogicalRouterUpLinkPort", 
  "module_id": "LogicalRouterPorts", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LogicalRouterUpLinkPort"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "edge_cluster_member_index": {
      "items": {
        "type": "integer"
      }, 
      "required": true, 
      "title": "Member index of the edge node on the cluster", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "linked_logical_switch_port_id": {
      "$ref": "ResourceReference, 
      "required": false, 
      "title": "Reference to the logical switch port to connect to"
    }, 
    "logical_router_id": {
      "required": true, 
      "title": "Identifier for logical router on which this port is created", 
      "type": "string"
    }, 
    "mac_address": {
      "description": "MAC address", 
      "readonly": true, 
      "required": false, 
      "title": "MAC address", 
      "type": "string"
    }, 
    "mtu": {
      "description": "Maximum transmission unit specifies the size of the largest packet that a network protocol can transmit. If not specified, the global logical MTU set in the /api/v1/global-configs/RoutingGlobalConfig API will be used.", 
      "minimum": 64, 
      "title": "Maximum transmission unit (MTU)", 
      "type": "integer"
    }, 
    "ndra_prefix_config": {
      "description": "Configuration to override the neighbor discovery router advertisement prefix time parameters at the subnet level. Note that users are allowed to override the prefix time only for IPv6 subnets which are configured on the port.", 
      "items": {
        "$ref": "NDRAPrefixConfig
      }, 
      "required": false, 
      "type": "array"
    }, 
    "ndra_profile_id": {
      "description": "Identifier of Neighbor Discovery Router Advertisement profile associated with port. When NDRA profile id is associated at both the port level and logical router level, the profile id specified at port level takes the precedence.", 
      "required": false, 
      "title": "Identifier for NDRA profile on the port", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "LogicalRouterPortResourceType, 
      "required": true
    }, 
    "service_bindings": {
      "items": {
        "$ref": "ServiceBinding
      }, 
      "required": false, 
      "title": "Service Bindings", 
      "type": "array"
    }, 
    "subnets": {
      "items": {
        "$ref": "IPSubnet
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Logical router port subnets", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "urpf_mode": {
      "$ref": "UrpfMode, 
      "default": "STRICT", 
      "required": false, 
      "title": "Unicast Reverse Path Forwarding mode"
    }
  }, 
  "type": "object"
}

LogicalServiceRouterClusterState (type) 

{
  "extends": {
    "$ref": "ConfigurationState
  }, 
  "id": "LogicalServiceRouterClusterState", 
  "module_id": "LogicalRouter", 
  "properties": {
    "details": {
      "items": {
        "$ref": "ConfigurationStateElement
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Array of configuration state of various sub systems", 
      "type": "array"
    }, 
    "failure_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code", 
      "type": "integer"
    }, 
    "failure_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message in case of failure", 
      "type": "string"
    }, 
    "state": {
      "description": "Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.", 
      "enum": [
        "pending", 
        "in_progress", 
        "success", 
        "failed", 
        "partial_success", 
        "orphaned", 
        "unknown", 
        "error", 
        "NOT_AVAILABLE", 
        "VM_DEPLOYMENT_QUEUED", 
        "VM_DEPLOYMENT_IN_PROGRESS", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_IN_PROGRESS", 
        "VM_POWER_ON_FAILED", 
        "REGISTRATION_PENDING", 
        "NODE_NOT_READY", 
        "NODE_READY", 
        "VM_POWER_OFF_IN_PROGRESS", 
        "VM_POWER_OFF_FAILED", 
        "VM_UNDEPLOY_IN_PROGRESS", 
        "VM_UNDEPLOY_FAILED", 
        "VM_UNDEPLOY_SUCCESSFUL", 
        "EDGE_CONFIG_ERROR", 
        "VM_DEPLOYMENT_RESTARTED", 
        "REGISTRATION_FAILED", 
        "TRANSPORT_NODE_SYNC_PENDING", 
        "TRANSPORT_NODE_CONFIGURATION_MISSING", 
        "EDGE_HARDWARE_NOT_SUPPORTED", 
        "MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED", 
        "TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER", 
        "TZ_ENDPOINTS_NOT_SPECIFIED", 
        "NO_PNIC_PREPARED_IN_EDGE", 
        "APPLIANCE_INTERNAL_ERROR", 
        "VTEP_DHCP_NOT_SUPPORTED", 
        "UNSUPPORTED_HOST_SWITCH_PROFILE", 
        "UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED", 
        "HOSTSWITCH_PROFILE_NOT_FOUND", 
        "LLDP_SEND_ENABLED_NOT_SUPPORTED", 
        "UNSUPPORTED_NAMED_TEAMING_POLICY", 
        "LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM", 
        "LACP_NOT_SUPPORTED_FOR_EDGE_VM", 
        "STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM", 
        "MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE", 
        "UNSUPPORTED_LACP_LB_ALGO_FOR_NODE", 
        "EDGE_NODE_VERSION_NOT_SUPPORTED", 
        "NO_PNIC_SPECIFIED_IN_TN", 
        "INVALID_PNIC_DEVICE_NAME", 
        "TRANSPORT_NODE_READY", 
        "VM_NETWORK_EDIT_PENDING", 
        "UNSUPPORTED_DEFAULT_TEAMING_POLICY", 
        "MPA_DISCONNECTED", 
        "VM_RENAME_PENDING", 
        "VM_CONFIG_EDIT_PENDING", 
        "VM_NETWORK_EDIT_FAILED", 
        "VM_RENAME_FAILED", 
        "VM_CONFIG_EDIT_FAILED", 
        "VM_CONFIG_DISCREPANCY", 
        "VM_NODE_REFRESH_FAILED", 
        "VM_PLACEMENT_REFRESH_FAILED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Overall state of desired configuration", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalSwitch (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "LogicalSwitch", 
  "module_id": "LogicalSwitch", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "address_bindings": {
      "help_detail": "Each address binding must contain an IPElement and/or MAC address.\nVLAN ID is optional. This binding configuration can be used by\nfeatures such as spoof-guard.\n", 
      "help_summary": "Allowed addresses or range of addresses for the Logical Switch.", 
      "items": {
        "$ref": "PacketAddressClassifier
      }, 
      "maxItems": 100, 
      "minItems": 0, 
      "required": false, 
      "title": "Address bindings for the Logical switch", 
      "type": "array"
    }, 
    "admin_state": {
      "enum": [
        "UP", 
        "DOWN"
      ], 
      "required": true, 
      "title": "Represents Desired state of the Logical Switch", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "extra_configs": {
      "description": "This property could be used for vendor specific configuration in key value string pairs, the setting in extra_configs will be automatically inheritted by logical ports in the logical switch.", 
      "items": {
        "$ref": "ExtraConfig
      }, 
      "required": false, 
      "title": "Extra configs on logical switch", 
      "type": "array"
    }, 
    "hybrid": {
      "default": false, 
      "description": "If this flag is set to true, then all the logical switch ports attached to this logical switch will behave in a hybrid fashion. The hybrid logical switch port indicates to NSX that the VM intends to operate in underlay mode, but retains the ability to forward egress traffic to the NSX overlay network. This flag can be enabled only for the logical switches in the overlay type transport zone which has host switch mode as STANDARD and also has either CrossCloud or CloudScope tag scopes. Only the NSX public cloud gateway (PCG) uses this flag, other host agents like ESX, KVM and Edge will ignore it. This property cannot be modified once the logical switch is created.", 
      "required": false, 
      "title": "Flag to identify a hybrid logical switch", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_pool_id": {
      "description": "IP pool id that associated with a LogicalSwitch.", 
      "required": false, 
      "title": "Allocation ip pool associated with the Logical switch", 
      "type": "string"
    }, 
    "mac_pool_id": {
      "description": "Mac pool id that associated with a LogicalSwitch.", 
      "required": false, 
      "title": "Allocation mac pool associated with the Logical switch", 
      "type": "string"
    }, 
    "replication_mode": {
      "enum": [
        "MTEP", 
        "SOURCE"
      ], 
      "required": false, 
      "title": "Replication mode of the Logical Switch", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "switch_type": {
      "description": "This field indicates purpose of a LogicalSwitch. It is set by manager internally or user can provide this field. If not set, DEFAULT type is assigned. NSX components can use this field to create LogicalSwitch that provides component specific functionality. DEFAULT type LogicalSwitches are created for basic L2 connectivity by API users. SERVICE_PLANE type LogicalSwitches are system created service plane LogicalSwitches for Service Insertion service. User can not create SERVICE_PLANE type of LogicalSwitch. DHCP_RELAY type LogicalSwitches are created by external user like Policy with special permissions or by system and will be treated as internal LogicalSwitches. Such LogicalSwitch will not be exposed to vSphere user.", 
      "enum": [
        "DEFAULT", 
        "SERVICE_PLANE", 
        "DHCP_RELAY"
      ], 
      "required": false, 
      "title": "Type of LogicalSwitch.", 
      "type": "string"
    }, 
    "switching_profile_ids": {
      "items": {
        "$ref": "SwitchingProfileTypeIdEntry
      }, 
      "required": false, 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_zone_id": {
      "required": true, 
      "title": "Id of the TransportZone to which this LogicalSwitch is associated", 
      "type": "string"
    }, 
    "uplink_teaming_policy_name": {
      "description": "This name has to be one of the switching uplink teaming policy names listed inside the logical switch's TransportZone. If this field is not specified, the logical switch will not have a teaming policy associated with it and the host switch's default teaming policy will be used.", 
      "required": false, 
      "title": "The name of the switching uplink teaming policy for the logical switch", 
      "type": "string"
    }, 
    "vlan": {
      "$ref": "VlanID, 
      "description": "This property is dedicated to VLAN based network, to set VLAN of logical network. It is mutually exclusive with 'vlan_trunk_spec'.", 
      "required": false, 
      "title": "VLAN Id of logical switch"
    }, 
    "vlan_trunk_spec": {
      "$ref": "VlanTrunkSpec, 
      "description": "This property is used for VLAN trunk specification of logical switch. It's mutually exclusive with 'vlan'. Also it could be set to do guest VLAN tagging in overlay network.", 
      "required": false, 
      "title": "VLAN trunk spec of logical switch"
    }, 
    "vni": {
      "description": "Only for OVERLAY network. A VNI will be auto-allocated from the default VNI pool if not given; otherwise the given VNI has to be inside the default pool and not used by any other LogicalSwitch.", 
      "required": false, 
      "title": "VNI for this LogicalSwitch.", 
      "type": "int"
    }
  }, 
  "type": "object"
}

LogicalSwitchDeleteParameters (type) 

{
  "additionalProperties": false, 
  "id": "LogicalSwitchDeleteParameters", 
  "module_id": "LogicalSwitch", 
  "properties": {
    "cascade": {
      "default": false, 
      "required": false, 
      "title": "Delete a Logical Switch and all the logical ports in it,\nif none of the logical ports have any attachment.\n", 
      "type": "boolean"
    }, 
    "detach": {
      "default": false, 
      "description": "If this is set to true, then logical switch is deleted regardless of whether or not it is added to NSGroup. If cascade is set to true in the meantime, then logical switch and all logical ports are deleted regardless of whether any logical port in this switch has attachments.", 
      "required": false, 
      "title": "Force delete a logical switch", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

LogicalSwitchInfo (type) 

{
  "additionalProperties": false, 
  "id": "LogicalSwitchInfo", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "instances_count": {
      "readonly": true, 
      "required": false, 
      "title": "Number of instances on this logical switch", 
      "type": "integer"
    }, 
    "is_default_logical_switch": {
      "readonly": true, 
      "required": false, 
      "title": "Flag to identify if this is the default logical switch", 
      "type": "boolean"
    }, 
    "logical_switch_display_name": {
      "readonly": true, 
      "required": false, 
      "title": "Name of the logical switch", 
      "type": "string"
    }, 
    "logical_switch_id": {
      "readonly": true, 
      "required": false, 
      "title": "ID of the logical switch", 
      "type": "string"
    }, 
    "nsx_switch_tag": {
      "readonly": true, 
      "required": false, 
      "title": "This tag is applied on cloud compute resource to be attached to this\nlogical switch\n", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalSwitchListParameters (type) 

{
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "LogicalSwitchListParameters", 
  "module_id": "LogicalSwitch", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "diagnostic": {
      "default": false, 
      "required": false, 
      "title": "Flag to enable showing of transit logical switch.", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "switching_profile_id": {
      "required": false, 
      "title": "Switching Profile identifier", 
      "type": "string"
    }, 
    "transport_type": {
      "$ref": "TransportType, 
      "required": false, 
      "title": "Mode of transport supported in the transport zone for this logical switch"
    }, 
    "transport_zone_id": {
      "required": false, 
      "title": "Transport zone identifier", 
      "type": "string"
    }, 
    "uplink_teaming_policy_name": {
      "required": false, 
      "title": "The logical switch's uplink teaming policy name", 
      "type": "string"
    }, 
    "vlan": {
      "$ref": "VlanID, 
      "required": false, 
      "title": "Return VLAN logical switches whose \"vlan\" field matches this value"
    }, 
    "vni": {
      "required": false, 
      "title": "VNI of the OVERLAY LogicalSwitch(es) to return.", 
      "type": "int"
    }
  }, 
  "title": "Logical Switch list parameters", 
  "type": "object"
}

LogicalSwitchListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LogicalSwitchListResult", 
  "module_id": "LogicalSwitch", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LogicalSwitch
      }, 
      "readonly": true, 
      "title": "Logical Switch Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Logical Switch queries result", 
  "type": "object"
}

LogicalSwitchListWithSourceParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LogicalSwitchListParameters
  }, 
  "id": "LogicalSwitchListWithSourceParameters", 
  "module_id": "AggSvcLogicalSwitch", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "diagnostic": {
      "default": false, 
      "required": false, 
      "title": "Flag to enable showing of transit logical switch.", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }, 
    "switching_profile_id": {
      "required": false, 
      "title": "Switching Profile identifier", 
      "type": "string"
    }, 
    "transport_type": {
      "$ref": "TransportType, 
      "required": false, 
      "title": "Mode of transport supported in the transport zone for this logical switch"
    }, 
    "transport_zone_id": {
      "required": false, 
      "title": "Transport zone identifier", 
      "type": "string"
    }, 
    "uplink_teaming_policy_name": {
      "required": false, 
      "title": "The logical switch's uplink teaming policy name", 
      "type": "string"
    }, 
    "vlan": {
      "$ref": "VlanID, 
      "required": false, 
      "title": "Return VLAN logical switches whose \"vlan\" field matches this value"
    }, 
    "vni": {
      "required": false, 
      "title": "VNI of the OVERLAY LogicalSwitch(es) to return.", 
      "type": "int"
    }
  }, 
  "title": "Logical Switch list with data source parameters", 
  "type": "object"
}

LogicalSwitchMirrorSource (type) 

{
  "extends": {
    "$ref": "MirrorSource
  }, 
  "id": "LogicalSwitchMirrorSource", 
  "module_id": "PortMirroring", 
  "polymorphic-type-descriptor": {
    "type-identifier": "LogicalSwitchMirrorSource"
  }, 
  "properties": {
    "resource_type": {
      "$ref": "MirrorSourceResourceType, 
      "help_summary": "Possible values are 'LogicalPortMirrorSource', 'PnicMirrorSource'", 
      "required": true
    }, 
    "switch_id": {
      "required": true, 
      "title": "Source logical switch identifier", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalSwitchParameters (type) 

{
  "additionalProperties": false, 
  "description": "Logical switch parameters.", 
  "id": "LogicalSwitchParameters", 
  "module_id": "L2VPNStatistics", 
  "properties": {
    "logical_switch_id": {
      "description": "logical switch identifier", 
      "title": "logical switch identifier", 
      "type": "string"
    }
  }, 
  "title": "Logical switch parameters", 
  "type": "object"
}

LogicalSwitchState (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ConfigurationState
  }, 
  "id": "LogicalSwitchState", 
  "module_id": "LogicalSwitch", 
  "properties": {
    "details": {
      "items": {
        "$ref": "ConfigurationStateElement
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Array of configuration state of various sub systems", 
      "type": "array"
    }, 
    "failure_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code", 
      "type": "integer"
    }, 
    "failure_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message in case of failure", 
      "type": "string"
    }, 
    "logical_switch_id": {
      "readonly": true, 
      "required": false, 
      "title": "Id of the logical switch", 
      "type": "string"
    }, 
    "state": {
      "description": "Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.", 
      "enum": [
        "pending", 
        "in_progress", 
        "success", 
        "failed", 
        "partial_success", 
        "orphaned", 
        "unknown", 
        "error", 
        "NOT_AVAILABLE", 
        "VM_DEPLOYMENT_QUEUED", 
        "VM_DEPLOYMENT_IN_PROGRESS", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_IN_PROGRESS", 
        "VM_POWER_ON_FAILED", 
        "REGISTRATION_PENDING", 
        "NODE_NOT_READY", 
        "NODE_READY", 
        "VM_POWER_OFF_IN_PROGRESS", 
        "VM_POWER_OFF_FAILED", 
        "VM_UNDEPLOY_IN_PROGRESS", 
        "VM_UNDEPLOY_FAILED", 
        "VM_UNDEPLOY_SUCCESSFUL", 
        "EDGE_CONFIG_ERROR", 
        "VM_DEPLOYMENT_RESTARTED", 
        "REGISTRATION_FAILED", 
        "TRANSPORT_NODE_SYNC_PENDING", 
        "TRANSPORT_NODE_CONFIGURATION_MISSING", 
        "EDGE_HARDWARE_NOT_SUPPORTED", 
        "MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED", 
        "TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER", 
        "TZ_ENDPOINTS_NOT_SPECIFIED", 
        "NO_PNIC_PREPARED_IN_EDGE", 
        "APPLIANCE_INTERNAL_ERROR", 
        "VTEP_DHCP_NOT_SUPPORTED", 
        "UNSUPPORTED_HOST_SWITCH_PROFILE", 
        "UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED", 
        "HOSTSWITCH_PROFILE_NOT_FOUND", 
        "LLDP_SEND_ENABLED_NOT_SUPPORTED", 
        "UNSUPPORTED_NAMED_TEAMING_POLICY", 
        "LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM", 
        "LACP_NOT_SUPPORTED_FOR_EDGE_VM", 
        "STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM", 
        "MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE", 
        "UNSUPPORTED_LACP_LB_ALGO_FOR_NODE", 
        "EDGE_NODE_VERSION_NOT_SUPPORTED", 
        "NO_PNIC_SPECIFIED_IN_TN", 
        "INVALID_PNIC_DEVICE_NAME", 
        "TRANSPORT_NODE_READY", 
        "VM_NETWORK_EDIT_PENDING", 
        "UNSUPPORTED_DEFAULT_TEAMING_POLICY", 
        "MPA_DISCONNECTED", 
        "VM_RENAME_PENDING", 
        "VM_CONFIG_EDIT_PENDING", 
        "VM_NETWORK_EDIT_FAILED", 
        "VM_RENAME_FAILED", 
        "VM_CONFIG_EDIT_FAILED", 
        "VM_CONFIG_DISCREPANCY", 
        "VM_NODE_REFRESH_FAILED", 
        "VM_PLACEMENT_REFRESH_FAILED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Overall state of desired configuration", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalSwitchStateListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "LogicalSwitchStateListResult", 
  "module_id": "LogicalSwitch", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "LogicalSwitchState
      }, 
      "readonly": true, 
      "title": "Logical Switch State Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Logical Switch state queries result", 
  "type": "object"
}

LogicalSwitchStateParameters (type) 

{
  "additionalProperties": false, 
  "id": "LogicalSwitchStateParameters", 
  "module_id": "LogicalSwitch", 
  "properties": {
    "status": {
      "enum": [
        "PENDING", 
        "IN_PROGRESS", 
        "PARTIAL_SUCCESS", 
        "SUCCESS"
      ], 
      "required": false, 
      "title": "Realized state of logical switches", 
      "type": "string"
    }
  }, 
  "type": "object"
}

LogicalSwitchStatistics (type) 

{
  "extends": {
    "$ref": "AggregatedDataCounterEx
  }, 
  "id": "LogicalSwitchStatistics", 
  "module_id": "AggSvcLogicalSwitch", 
  "properties": {
    "dropped_by_security_packets": {
      "$ref": "PacketsDroppedBySecurity, 
      "readonly": true, 
      "required": false
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "logical_switch_id": {
      "readonly": true, 
      "required": true, 
      "title": "The id of the logical Switch", 
      "type": "string"
    }, 
    "mac_learning": {
      "$ref": "MacLearningCounters, 
      "readonly": true, 
      "required": false
    }, 
    "rx_bytes": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "rx_packets": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_bytes": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_packets": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }
  }, 
  "type": "object"
}

LogicalSwitchStatus (type) 

{
  "additionalProperties": false, 
  "id": "LogicalSwitchStatus", 
  "module_id": "LogicalSwitch", 
  "properties": {
    "logical_switch_id": {
      "readonly": true, 
      "required": false, 
      "title": "Unique ID identifying the the Logical Switch", 
      "type": "string"
    }, 
    "num_logical_ports": {
      "readonly": true, 
      "required": false, 
      "title": "Count of Logical Ports belonging to this switch", 
      "type": "int"
    }
  }, 
  "type": "object"
}

LogicalSwitchStatusSummary (type) 

{
  "id": "LogicalSwitchStatusSummary", 
  "module_id": "AggSvcLogicalSwitch", 
  "properties": {
    "filters": {
      "items": {
        "$ref": "Filter
      }, 
      "required": false, 
      "title": "The filters used to find the logical switches- TransportZone id, LogicalSwitchProfile id or TransportType", 
      "type": "array"
    }, 
    "fully_realized_switches": {
      "required": true, 
      "title": "The number of logical switches that are realized in all transport nodes.", 
      "type": "integer"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "total_switches": {
      "required": true, 
      "title": "The total number of logical switches.", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

LoginCredential (type) 

{
  "id": "LoginCredential", 
  "module_id": "Types", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "credential_type"
  }, 
  "properties": {
    "credential_type": {
      "description": "Possible values are 'UsernamePasswordLoginCredential', 'VerifiableAsymmetricLoginCredential'.", 
      "required": true, 
      "title": "Login credential, for example username-password-thumbprint or certificate based, etc", 
      "type": "string"
    }
  }, 
  "title": "Base type for various login credential types", 
  "type": "object"
}

MACAddress (type) 

{
  "description": "A MAC address. Must be 6 pairs of hexadecimal digits, upper or lower case, separated by colons or dashes. Examples: 01:23:45:67:89:ab, 01-23-45-67-89-AB.", 
  "id": "MACAddress", 
  "module_id": "Common", 
  "pattern": "^(([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2}))|(([0-9A-Fa-f]{2}[-]){5}([0-9A-Fa-f]{2}))$", 
  "title": "MAC Address", 
  "type": "string"
}

MACAddressElement (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "RevisionedResource
  }, 
  "id": "MACAddressElement", 
  "module_id": "MACSet", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "mac_address": {
      "$ref": "MACAddress, 
      "required": true
    }
  }, 
  "title": "MAC Address", 
  "type": "object"
}

MACAddressElementListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MACAddressElementListResult", 
  "module_id": "MACSet", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "MACAddressElement
      }, 
      "required": true, 
      "title": "MAC address element list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Collection of MAC address elements", 
  "type": "object"
}

MACAddressExpression (type) 

{
  "additionalProperties": false, 
  "description": "Represents MAC address expressions in the form of an array, to support addition of MAC addresses in a group.", 
  "extends": {
    "$ref": "Expression
  }, 
  "id": "MACAddressExpression", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "MACAddressExpression"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "mac_addresses": {
      "description": "This array can consist of one or more MAC addresses.", 
      "items": {
        "$ref": "MACAddress
      }, 
      "maxItems": 4000, 
      "minItems": 1, 
      "required": true, 
      "title": "Array of MAC addresses", 
      "type": "array"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "Condition", 
        "ConjunctionOperator", 
        "NestedExpression", 
        "IPAddressExpression", 
        "MACAddressExpression", 
        "ExternalIDExpression", 
        "PathExpression", 
        "IdentityGroupExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "MAC address expression node", 
  "type": "object"
}

MACSet (type) 

{
  "additionalProperties": false, 
  "description": "MACSet is used to group individual MAC addresses. MACSets can be used as sources and destinations in layer2 firewall rules. These can also be used as members of NSGroups.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "MACSet", 
  "module_id": "MACSet", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "mac_addresses": {
      "items": {
        "$ref": "MACAddress
      }, 
      "maxItems": 4000, 
      "required": false, 
      "title": "MAC addresses", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Set of one or more MAC addresses", 
  "type": "object"
}

MACSetDeleteRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DeleteRequestParameters
  }, 
  "id": "MACSetDeleteRequestParameters", 
  "module_id": "MACSet", 
  "properties": {
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }
  }, 
  "title": "MACSet delete request parameters", 
  "type": "object"
}

MACSetListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "MACSetListRequestParameters", 
  "module_id": "MACSet", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "MACSet list request parameters", 
  "type": "object"
}

MACSetListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MACSetListResult", 
  "module_id": "MACSet", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "MACSet
      }, 
      "required": true, 
      "title": "Paged collection of MACSets", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MPAConfigProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "MPAConfigProperties", 
  "properties": {
    "AccountName": {
      "description": "The account name to use when authenticating to the management plane's message bus.", 
      "readonly": false, 
      "type": [
        "string", 
        "null"
      ]
    }, 
    "RmqBrokerCluster": {
      "description": "The list of messaging brokers this controller is configured with.", 
      "items": {
        "$ref": "BrokerProperties
      }, 
      "type": "array"
    }, 
    "RmqClientType": {
      "description": "The nodes client type.", 
      "type": [
        "string", 
        "null"
      ]
    }, 
    "SharedSecret": {
      "description": "The shared secret to use when autnenticating to the management plane's message bus. Not returned in REST responses.", 
      "sensitive": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }
  }, 
  "title": "Information about the management plane this node is communciating with", 
  "type": "object"
}

MacAddressCsvListResult (type) 

{
  "extends": {
    "$ref": "CsvListResult
  }, 
  "id": "MacAddressCsvListResult", 
  "module_id": "AggSvcLogicalSwitch", 
  "properties": {
    "file_name": {
      "description": "File name set by HTTP server if API  returns CSV result as a file.", 
      "required": false, 
      "title": "File name", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "results": {
      "items": {
        "$ref": "MacTableCsvRecord
      }, 
      "required": false, 
      "type": "array"
    }
  }, 
  "type": "object"
}

MacAddressListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MacAddressListResult", 
  "module_id": "AggSvcLogicalSwitch", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "logical_switch_id": {
      "readonly": true, 
      "required": true, 
      "title": "The id of the logical Switch", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "MacTableEntry
      }, 
      "required": false, 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": false, 
      "title": "Transport node identifier", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MacAddressType (type) 

{
  "enum": [
    "STATIC", 
    "LEARNED"
  ], 
  "id": "MacAddressType", 
  "module_id": "AggSvcLogicalPort", 
  "title": "The type of the MAC address", 
  "type": "string"
}

MacDiscoveryProfile (type) 

{
  "additionalProperties": false, 
  "description": "Mac Discovery Profile", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "MacDiscoveryProfile", 
  "module_id": "PolicyMacDiscovery", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "mac_change_enabled": {
      "default": false, 
      "description": "Allowing source MAC address change", 
      "required": false, 
      "title": "Is rule enabled or not", 
      "type": "boolean"
    }, 
    "mac_learning_aging_time": {
      "default": 600, 
      "description": "Indicates how long learned MAC address remain.", 
      "readonly": true, 
      "required": false, 
      "title": "Aging time in seconds for learned MAC address", 
      "type": "int"
    }, 
    "mac_learning_enabled": {
      "description": "Allowing source MAC address learning", 
      "required": true, 
      "title": "Is MAC learning enabled or not", 
      "type": "boolean"
    }, 
    "mac_limit": {
      "default": 4096, 
      "description": "The maximum number of MAC addresses that can be learned on this port", 
      "maximum": 4096, 
      "minimum": 0, 
      "required": false, 
      "title": "Maximum number of arp bindings", 
      "type": "int"
    }, 
    "mac_limit_policy": {
      "default": "ALLOW", 
      "description": "The policy after MAC Limit is exceeded", 
      "enum": [
        "ALLOW", 
        "DROP"
      ], 
      "title": "Mac Limit Policy", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "unknown_unicast_flooding_enabled": {
      "default": true, 
      "description": "Allowing flooding for unlearned MAC for ingress traffic", 
      "required": false, 
      "title": "Is unknown unicast flooding rule enabled or not", 
      "type": "boolean"
    }
  }, 
  "search_dsl_name": [
    "mac discovery segment profile"
  ], 
  "title": "Mac Discovery Profile", 
  "type": "object"
}

MacDiscoveryProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "MacDiscoveryProfileListRequestParameters", 
  "module_id": "PolicyMacDiscovery", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Mac Discovery Profile request parameters", 
  "type": "object"
}

MacDiscoveryProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MacDiscoveryProfileListResult", 
  "module_id": "PolicyMacDiscovery", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "MacDiscoveryProfile
      }, 
      "required": true, 
      "title": "Mac Discovery profile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Mac Discovery Profiles", 
  "type": "object"
}

MacLearningCounters (type) 

{
  "id": "MacLearningCounters", 
  "module_id": "AggSvcL2Types", 
  "properties": {
    "mac_not_learned_packets_allowed": {
      "description": "The number of packets with unknown source MAC address that are dispatched without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_ALLOW.", 
      "required": false, 
      "title": "Number of dispatched packets with unknown source MAC address.", 
      "type": "integer"
    }, 
    "mac_not_learned_packets_dropped": {
      "description": "The number of packets with unknown source MAC address that are dropped without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_DROP.", 
      "required": false, 
      "title": "Number of dropped packets with unknown source MAC address.", 
      "type": "integer"
    }, 
    "macs_learned": {
      "required": false, 
      "title": "Number of MACs learned", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

MacLearningSpec (type) 

{
  "additionalProperties": false, 
  "id": "MacLearningSpec", 
  "module_id": "MacManagementSwitchingProfile", 
  "properties": {
    "aging_time": {
      "default": 600, 
      "readonly": true, 
      "required": false, 
      "title": "Aging time in sec for learned MAC address", 
      "type": "int"
    }, 
    "enabled": {
      "readonly": false, 
      "required": true, 
      "title": "Allowing source MAC address learning", 
      "type": "boolean"
    }, 
    "limit": {
      "default": 4096, 
      "maximum": 4096, 
      "minimum": 0, 
      "readonly": false, 
      "required": false, 
      "title": "The maximum number of MAC addresses that can be learned on this port", 
      "type": "int"
    }, 
    "limit_policy": {
      "default": "ALLOW", 
      "enum": [
        "ALLOW", 
        "DROP"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "The policy after MAC Limit is exceeded", 
      "type": "string"
    }, 
    "unicast_flooding_allowed": {
      "default": true, 
      "readonly": false, 
      "required": false, 
      "title": "Allowing flooding for unlearned MAC for ingress traffic", 
      "type": "boolean"
    }
  }, 
  "title": "MAC learning configuration", 
  "type": "object"
}

MacManagementSwitchingProfile (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "BaseSwitchingProfile
  }, 
  "id": "MacManagementSwitchingProfile", 
  "module_id": "MacManagementSwitchingProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "MacManagementSwitchingProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "mac_change_allowed": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Allowing source MAC address change", 
      "type": "boolean"
    }, 
    "mac_learning": {
      "$ref": "MacLearningSpec, 
      "readonly": false, 
      "required": false, 
      "title": "MAC learning configuration"
    }, 
    "required_capabilities": {
      "help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "resource_type": {
      "help_summary": "Possible values are 'QosSwitchingProfile', 'PortMirroringSwitchingProfile',\n'IpDiscoverySwitchingProfile', 'MacManagementSwitchingProfile', 'SpoofGuardSwitchingProfile' and 'SwitchSecuritySwitchingProfile'\n'PortMirroringSwitchingProfile' is deprecated, please turn to\n\"Troubleshooting And Monitoring: Portmirroring\" and use\nPortMirroringSession API for port mirror function.\n", 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

MacPool (type) 

{
  "additionalProperties": false, 
  "description": "A collection of ranges of MAC addresses", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "MacPool", 
  "module_id": "MACAM", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ranges": {
      "items": {
        "$ref": "MacRange
      }, 
      "required": true, 
      "title": "Array of ranges for MAC addresses", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

MacPoolListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MacPoolListResult", 
  "module_id": "MACAM", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "MacPool
      }, 
      "required": true, 
      "title": "MAC pool list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MacRange (type) 

{
  "additionalProperties": false, 
  "description": "A range of MAC addresses with a start and end value", 
  "id": "MacRange", 
  "module_id": "MACAM", 
  "properties": {
    "end": {
      "$ref": "MACAddress, 
      "description": "End value for MAC address range", 
      "readonly": false, 
      "required": true, 
      "title": "End value of MAC range"
    }, 
    "start": {
      "$ref": "MACAddress, 
      "description": "Start value for MAC address range", 
      "readonly": false, 
      "required": true, 
      "title": "Start value of MAC range"
    }
  }, 
  "type": "object"
}

MacTableCsvRecord (type) 

{
  "extends": {
    "$ref": "CsvRecord
  }, 
  "id": "MacTableCsvRecord", 
  "module_id": "AggSvcLogicalSwitch", 
  "properties": {
    "mac_address": {
      "required": true, 
      "title": "The MAC address", 
      "type": "string"
    }, 
    "vtep_ip": {
      "$ref": "IPAddress, 
      "required": false, 
      "title": "The virtual tunnel endpoint IP address"
    }, 
    "vtep_mac_address": {
      "required": false, 
      "title": "The virtual tunnel endpoint MAC address", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MacTableEntry (type) 

{
  "id": "MacTableEntry", 
  "module_id": "AggSvcLogicalSwitch", 
  "properties": {
    "mac_address": {
      "required": true, 
      "title": "The MAC address", 
      "type": "string"
    }, 
    "vtep_ip": {
      "$ref": "IPAddress, 
      "required": false, 
      "title": "The virtual tunnel endpoint IP address"
    }, 
    "vtep_mac_address": {
      "required": false, 
      "title": "The virtual tunnel endpoint MAC address", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MaintenanceModeParameters (type) 

{
  "id": "MaintenanceModeParameters", 
  "module_id": "TransportNode", 
  "properties": {
    "action": {
      "description": "User could use this parameter to put transport node into maintenance mode or exit from maintenance mode. 'enter_maintenance_mode' will put Transport Node into maintenance mode if there is no VIFs attached. 'forced_enter_maintenance_mode' will put transport node into maintenance mode forcibly regardless of whether or not VIF attached. 'exit_maintenance_mode' will exit from maintenance mode.", 
      "enum": [
        "enter_maintenance_mode", 
        "forced_enter_maintenance_mode", 
        "exit_maintenance_mode"
      ], 
      "type": "string"
    }
  }, 
  "title": "transport node maintenance mode setting parameters", 
  "type": "object"
}

MaintenanceModeState (type) 

{
  "enum": [
    "ENTERING", 
    "ENABLED", 
    "EXITING", 
    "DISABLED"
  ], 
  "id": "MaintenanceModeState", 
  "module_id": "TransportNode", 
  "readonly": true, 
  "title": "maintenance mode state", 
  "type": "string"
}

ManagedResource (type) 

{
  "abstract": true, 
  "extends": {
    "$ref": "RevisionedResource
  }, 
  "id": "ManagedResource", 
  "module_id": "Common", 
  "polymorphic-type-descriptor": {
    "mode": "force", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Base type for resources that are managed by API clients", 
  "type": "object"
}

ManagedVnetInfo (type) 

{
  "description": "Stores the account ID and VNet ID of the corresponding managed VNet. A managed VNet is a Azure compute VNet, which is NSX managed by a transit VNet.", 
  "extends": {
    "$ref": "VirtualPrivateCloudInfo
  }, 
  "id": "ManagedVnetInfo", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "associated_account_ids": {
      "description": "Cloud account ID related to the virtual private cloud.", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Array of Cloud Account IDs", 
      "type": "array"
    }, 
    "virtual_private_cloud_id": {
      "description": "Virtual private cloud ID of the corresponding cloud.", 
      "readonly": true, 
      "required": true, 
      "title": "Virtual Private Cloud ID", 
      "type": "string"
    }, 
    "virtual_private_cloud_name": {
      "description": "Virtual private cloud name of the corresponding cloud.", 
      "readonly": true, 
      "required": true, 
      "title": "Virtual Private Cloud name", 
      "type": "string"
    }
  }, 
  "title": "Azure Managed VNet Information", 
  "type": "object"
}

ManagedVpcInfo (type) 

{
  "description": "Stores the account ID and VPC ID of the corresponding managed VPC. A managed VPC is a AWS compute VPC, which is NSX managed by a transit VPC.", 
  "extends": {
    "$ref": "VirtualPrivateCloudInfo
  }, 
  "id": "ManagedVpcInfo", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "associated_account_ids": {
      "description": "Cloud account ID related to the virtual private cloud.", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Array of Cloud Account IDs", 
      "type": "array"
    }, 
    "virtual_private_cloud_id": {
      "description": "Virtual private cloud ID of the corresponding cloud.", 
      "readonly": true, 
      "required": true, 
      "title": "Virtual Private Cloud ID", 
      "type": "string"
    }, 
    "virtual_private_cloud_name": {
      "description": "Virtual private cloud name of the corresponding cloud.", 
      "readonly": true, 
      "required": true, 
      "title": "Virtual Private Cloud name", 
      "type": "string"
    }
  }, 
  "title": "AWS Managed VPC Information", 
  "type": "object"
}

ManagementClusterNodeStatus (type) 

{
  "additionalProperties": false, 
  "id": "ManagementClusterNodeStatus", 
  "module_id": "ClusterManagement", 
  "properties": {
    "mgmt_cluster_status": {
      "$ref": "ClusteringStatus, 
      "readonly": true, 
      "title": "Status of this node's connection to the management cluster"
    }
  }, 
  "type": "object"
}

ManagementClusterRoleConfig (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ClusterRoleConfig
  }, 
  "id": "ManagementClusterRoleConfig", 
  "module_id": "ClusterManagement", 
  "properties": {
    "api_listen_addr": {
      "$ref": "ServiceEndpoint, 
      "readonly": true, 
      "title": "The IP and port for the public API service on this node"
    }, 
    "appliance_connection_info": {
      "$ref": "ServiceEndpoint, 
      "readonly": true, 
      "title": "The IP, port and certificate for connecting to appliance."
    }, 
    "mgmt_cluster_listen_addr": {
      "$ref": "ServiceEndpoint, 
      "readonly": true, 
      "title": "The IP and port for the management cluster service on this node"
    }, 
    "mgmt_plane_listen_addr": {
      "$ref": "ServiceEndpoint, 
      "readonly": true, 
      "title": "The IP and port for the management plane service on this node"
    }, 
    "mpa_msg_client_info": {
      "$ref": "MsgClientInfo
    }, 
    "type": {
      "enum": [
        "ManagementClusterRoleConfig", 
        "ControllerClusterRoleConfig"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Type of this role configuration", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ManagementClusterStatus (type) 

{
  "additionalProperties": false, 
  "id": "ManagementClusterStatus", 
  "module_id": "ClusterManagement", 
  "properties": {
    "offline_nodes": {
      "description": "Current missing management plane nodes", 
      "items": {
        "$ref": "ManagementPlaneBaseNodeInfo
      }, 
      "readonly": true, 
      "type": "array"
    }, 
    "online_nodes": {
      "description": "Current alive management plane nodes", 
      "items": {
        "$ref": "ManagementPlaneBaseNodeInfo
      }, 
      "readonly": true, 
      "type": "array"
    }, 
    "required_members_for_initialization": {
      "description": "The details of the cluster nodes required for cluster initialization", 
      "items": {
        "$ref": "ClusterInitializationNodeInfo
      }, 
      "readonly": true, 
      "type": "array"
    }, 
    "status": {
      "enum": [
        "INITIALIZING", 
        "UNSTABLE", 
        "DEGRADED", 
        "STABLE", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "title": "The current status of the management cluster", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ManagementConfig (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "RevisionedResource
  }, 
  "id": "ManagementConfig", 
  "module_id": "ConfigManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "publish_fqdns": {
      "required": true, 
      "title": "True if Management nodes publish their fqdns(instead of default IP addresses) across NSX for its reachability.", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

ManagementNodeAggregateInfo (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "BaseNodeAggregateInfo
  }, 
  "id": "ManagementNodeAggregateInfo", 
  "module_id": "ClusterManagement", 
  "properties": {
    "display_name": {
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "readonly": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "node_interface_properties": {
      "items": {
        "$ref": "NodeInterfaceProperties
      }, 
      "readonly": true, 
      "title": "Array of Node interface statistic properties", 
      "type": "array"
    }, 
    "node_interface_statistics": {
      "items": {
        "$ref": "NodeInterfaceStatisticsProperties
      }, 
      "readonly": true, 
      "title": "Array of Node network interface statistic properties", 
      "type": "array"
    }, 
    "node_status": {
      "$ref": "ClusterNodeStatus, 
      "readonly": true
    }, 
    "node_status_properties": {
      "items": {
        "$ref": "NodeStatusProperties
      }, 
      "title": "Time series of the node's system properties", 
      "type": "array"
    }, 
    "role_config": {
      "$ref": "ManagementClusterRoleConfig, 
      "readonly": true
    }, 
    "transport_nodes_connected": {
      "minimum": 0, 
      "readonly": true, 
      "type": "integer"
    }
  }, 
  "type": "object"
}

ManagementPlaneBaseNodeInfo (type) 

{
  "description": "The basic node info of management plane node", 
  "id": "ManagementPlaneBaseNodeInfo", 
  "module_id": "ClusterManagement", 
  "properties": {
    "mgmt_cluster_listen_ip_address": {
      "readonly": true, 
      "title": "The IP address of MP node", 
      "type": "string"
    }, 
    "uuid": {
      "readonly": true, 
      "title": "Management plane node UUID", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ManagementPlaneBrokerProperties (type) 

{
  "additionalProperties": false, 
  "id": "ManagementPlaneBrokerProperties", 
  "properties": {
    "host": {
      "$ref": "HostnameOrIPv4Address, 
      "description": "IP address or hostname of the message bus broker on the management plane node.", 
      "readonly": false, 
      "required": true
    }, 
    "port": {
      "default": 5671, 
      "description": "Port number of the message bus broker on the management plane node.", 
      "maximum": 65535, 
      "minimum": 0, 
      "type": "integer"
    }, 
    "thumbprint": {
      "description": "Certificate thumbprint of the message bus broker on the management plane node.", 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "Information about a management plane node this controller is configured to communicate with", 
  "type": "object"
}

ManagementPlaneProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "ManagementPlaneProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "account": {
      "description": "The account name to use when authenticating to the management plane's message bus.", 
      "readonly": false, 
      "type": [
        "string", 
        "null"
      ]
    }, 
    "brokers": {
      "description": "The list of messaging brokers this controller is configured with.", 
      "items": {
        "$ref": "ManagementPlaneBrokerProperties
      }, 
      "type": "array"
    }, 
    "secret": {
      "description": "The shared secret to use when autnenticating to the management plane's message bus. Not returned in REST responses.", 
      "sensitive": true, 
      "type": "string"
    }
  }, 
  "title": "Information about the management plane this controller is communciating with", 
  "type": "object"
}

MandatoryAccessControlProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "MandatoryAccessControlProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "enabled": {
      "description": "Enabled can be True/False", 
      "type": "boolean"
    }, 
    "status": {
      "description": "current status of Mandatory Access Control", 
      "enum": [
        "ENABLED", 
        "DISABLED", 
        "ENABLED_PENDING_REBOOT"
      ], 
      "readonly": true, 
      "type": "string"
    }
  }, 
  "title": "Information about mandatory access control", 
  "type": "object"
}

ManualHealthCheck (type) 

{
  "description": "Describes a manual check to evaluate the status of a transport zone.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ManualHealthCheck", 
  "module_id": "HealthCheck", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "operation_status": {
      "description": "The operation status for health check", 
      "enum": [
        "IN_PROGRESS", 
        "FINISHED"
      ], 
      "readonly": true, 
      "title": "Operation Status", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "result": {
      "$ref": "HealthCheckResult, 
      "readonly": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_zone_id": {
      "description": "The entity ID works as a filter param. Entity ID and entity type should   be both provided or not at a query.", 
      "required": true, 
      "title": "Transport Zone ID", 
      "type": "string"
    }, 
    "vlans": {
      "$ref": "HealthCheckSpecVlans, 
      "description": "VLANs specificied for manual health check", 
      "required": true, 
      "title": "Specificied VLANs"
    }
  }, 
  "title": "Manual Health Check", 
  "type": "object"
}

ManualHealthCheckListResult (type) 

{
  "description": "Manual health check list result for query with list parameters.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ManualHealthCheckListResult", 
  "module_id": "HealthCheck", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ManualHealthCheck
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Manual Health Check List", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of Manual Health Checks", 
  "type": "object"
}

MemberAction (type) 

{
  "additionalProperties": false, 
  "id": "MemberAction", 
  "module_id": "NSGroup", 
  "properties": {
    "action": {
      "enum": [
        "ADD_MEMBERS", 
        "REMOVE_MEMBERS"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Specifies addition or removal action", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MessagingClientInfo (type) 

{
  "id": "MessagingClientInfo", 
  "module_id": "ClusterManagement", 
  "properties": {
    "account_name": {
      "title": "Account name in messaging client", 
      "type": "string"
    }, 
    "client_type": {
      "enum": [
        "MPA", 
        "HOST"
      ], 
      "title": "Type of messaging client", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MetadataProxy (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "MetadataProxy", 
  "module_id": "MetadataProxy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "attached_logical_port_id": {
      "readonly": true, 
      "required": false, 
      "title": "id of attached logical port", 
      "type": "string"
    }, 
    "crypto_protocols": {
      "description": "The cryptographic protocols listed here are supported by the metadata proxy. The TLSv1.1 and TLSv1.2 are supported by default.", 
      "items": {
        "$ref": "MetadataProxyCryptoProtocol
      }, 
      "readonly": false, 
      "required": false, 
      "title": "metadata proxy supported cryptographic protocols.", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "edge_cluster_id": {
      "required": true, 
      "title": "edge cluster uuid", 
      "type": "string"
    }, 
    "edge_cluster_member_indexes": {
      "description": "If none is provided, the NSX will auto-select two edge-nodes from the given edge cluster. If user provides only one edge node, there will be no HA support.", 
      "items": {
        "type": "integer"
      }, 
      "maxItems": 2, 
      "minItems": 0, 
      "required": false, 
      "title": "edge cluster member indexes", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "enable_standby_relocation": {
      "default": false, 
      "description": "Flag to enable the auto-relocation of standby Metadata Proxy in case of edge node failure. Only tier 1 and auto placed Metadata Proxy are considered for the relocation.", 
      "required": false, 
      "title": "Flag to enable standby Metadata proxy server relocation", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "metadata_server_ca_ids": {
      "description": "The CAs referenced here must be uploaded to the truststore using the API POST /api/v1/trust-management/certificates?action=import. User needs to ensure a correct CA for this metedata server is used. The REST API can not detect a wrong CA which was used to verify a different server. If the Metadata Proxy reports an ERROR or NO_BACKUP status, user can check the metadata proxy log at transport node for a possible CA issue.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "uuids of CAs to verify metadata server certificate", 
      "type": "array"
    }, 
    "metadata_server_url": {
      "description": "The URL in format scheme://host:port/path. Please note, the scheme supports only http and https as of now, port supports range 3000 - 9000, inclusive.", 
      "required": true, 
      "title": "metadata server url", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "secret": {
      "required": false, 
      "title": "secret to access metadata server", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

MetadataProxyCryptoProtocol (type) 

{
  "additionalProperties": false, 
  "enum": [
    "TLS_V1", 
    "TLS_V1_1", 
    "TLS_V1_2"
  ], 
  "id": "MetadataProxyCryptoProtocol", 
  "module_id": "MetadataProxy", 
  "title": "Metadata proxy supported cryptographic protocol", 
  "type": "string"
}

MetadataProxyListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MetadataProxyListResult", 
  "module_id": "MetadataProxy", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "MetadataProxy
      }, 
      "required": true, 
      "title": "paginated list of metadata proxies", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MetadataProxyStatistics (type) 

{
  "id": "MetadataProxyStatistics", 
  "module_id": "AggSvcMetadataProxy", 
  "properties": {
    "metadata_proxy_id": {
      "required": true, 
      "title": "metadata proxy uuid", 
      "type": "string"
    }, 
    "statistics": {
      "items": {
        "$ref": "MetadataProxyStatisticsPerLogicalSwitch
      }, 
      "required": false, 
      "title": "metadata proxy statistics per logical switch", 
      "type": "array"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "required": true, 
      "title": "timestamp of the statistics"
    }
  }, 
  "type": "object"
}

MetadataProxyStatisticsPerLogicalSwitch (type) 

{
  "id": "MetadataProxyStatisticsPerLogicalSwitch", 
  "module_id": "AggSvcMetadataProxy", 
  "properties": {
    "error_responses_from_nova_server": {
      "required": true, 
      "title": "error responses from  nova server", 
      "type": "integer"
    }, 
    "logical_switch_id": {
      "required": true, 
      "title": "uuid of attached logical switch", 
      "type": "string"
    }, 
    "requests_from_clients": {
      "required": true, 
      "title": "requests from clients", 
      "type": "integer"
    }, 
    "requests_to_nova_server": {
      "required": true, 
      "title": "requests to nova server", 
      "type": "integer"
    }, 
    "responses_to_clients": {
      "required": true, 
      "title": "responses to clients", 
      "type": "integer"
    }, 
    "succeeded_responses_from_nova_server": {
      "required": true, 
      "title": "succeeded responses from  nova server", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

MetadataProxyStatisticsRequestParameters (type) 

{
  "extends": {
    "$ref": "DataSourceParameters
  }, 
  "id": "MetadataProxyStatisticsRequestParameters", 
  "module_id": "AggSvcMetadataProxy", 
  "properties": {
    "logical_switch_id": {
      "required": false, 
      "title": "The uuid of logical switch", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }
  }, 
  "type": "object"
}

MetadataProxyStatus (type) 

{
  "id": "MetadataProxyStatus", 
  "module_id": "AggSvcMetadataProxy", 
  "properties": {
    "error_message": {
      "required": false, 
      "title": "Error message, if available", 
      "type": "string"
    }, 
    "proxy_status": {
      "description": "UP means the metadata proxy is working fine on both transport-nodes(if have); DOWN means the metadata proxy is is down on both transport-nodes(if have), hence the metadata proxy will not repsonse any metadata request; Error means error happens on transport-node(s) or no status is reported from transport-node(s). The metadata proxy may be working (or not working); NO_BACK means metadata proxy is working in one of the transport node while not in the other transport-node (if have). Hence if the metadata proxy in the working transport-node goes down, the metadata proxy will go down.", 
      "enum": [
        "UP", 
        "DOWN", 
        "ERROR", 
        "NO_BACKUP"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "transport_nodes": {
      "description": "Order of the transport nodes is insensitive because Metadata Proxy is running in Active-Active mode among target transport nodes.", 
      "items": {
        "type": "string"
      }, 
      "required": true, 
      "title": "ids of transport nodes where this metadata proxy is running", 
      "type": "array"
    }
  }, 
  "type": "object"
}

MgmtConnStatus (type) 

{
  "additionalProperties": false, 
  "id": "MgmtConnStatus", 
  "module_id": "ClusterManagement", 
  "properties": {
    "connectivity_status": {
      "enum": [
        "CONNECTED", 
        "DISCONNECTED", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "title": "Indicates the controller node's MP channel connectivity status", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationComponentTypeListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "MigrationComponentTypeListRequestParameters", 
  "module_id": "Migration", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": false, 
      "title": "Component type based on which migration unit groups to be filtered", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationFeedbackCategory (type) 

{
  "additionalProperties": false, 
  "description": "Categorization of feedback requests from the migration tool where user input is required.", 
  "id": "MigrationFeedbackCategory", 
  "module_id": "Migration", 
  "properties": {
    "accepted_values": {
      "description": "List of acceptable values for this feedback request.", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Acceptable values for this feedback request", 
      "type": "array"
    }, 
    "category": {
      "description": "Functional area that this query falls into.", 
      "readonly": true, 
      "required": true, 
      "title": "Functional area for the feedback query", 
      "type": "string"
    }, 
    "count": {
      "description": "Total number of feedback requests for this functional area.", 
      "readonly": true, 
      "required": true, 
      "title": "Total number of feedback requests for this functional area", 
      "type": "int"
    }, 
    "resolved": {
      "description": "Total number of resolved feedback requests for this functional area.", 
      "readonly": true, 
      "required": true, 
      "title": "Count of resolved feedback requests for this functional area", 
      "type": "int"
    }
  }, 
  "title": "Category of feedback for Migration", 
  "type": "object"
}

MigrationFeedbackRequest (type) 

{
  "additionalProperties": false, 
  "description": "Detailed feedback requests from the migration tool where user input is required.", 
  "id": "MigrationFeedbackRequest", 
  "module_id": "Migration", 
  "properties": {
    "accepted_actions": {
      "description": "List of acceptable actions for this feedback request.", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Acceptable actions for this feedback request", 
      "type": "array"
    }, 
    "accepted_value_type": {
      "description": "Data type of the items listed in acceptable values list.", 
      "readonly": true, 
      "required": true, 
      "title": "Data type of the items listed in acceptable values", 
      "type": "string"
    }, 
    "accepted_values": {
      "description": "List of acceptable values for this feedback request.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Acceptable values for this feedback request", 
      "type": "array"
    }, 
    "hash": {
      "description": "Identify a feedback request type across objects. This can be used to group together objects with similar feedback request and resolve them in one go.", 
      "readonly": true, 
      "required": false, 
      "title": "Identifier for a feedback request type", 
      "type": "string"
    }, 
    "id": {
      "description": "Identifier of the feedback request.", 
      "readonly": true, 
      "required": true, 
      "title": "UUID of the feedback request", 
      "type": "string"
    }, 
    "message": {
      "description": "Detailed feedback request with options.", 
      "readonly": true, 
      "required": true, 
      "title": "Content of feedback request", 
      "type": "string"
    }, 
    "multi_value": {
      "description": "Indicates if multiple values can be selected as response from the list of acceptable value.", 
      "readonly": true, 
      "required": true, 
      "title": "Indicates if multiple values can be selected as response", 
      "type": "boolean"
    }, 
    "object_id": {
      "description": "Identifier of the object for which feedback is requested.", 
      "readonly": true, 
      "required": false, 
      "title": "UUID of the object", 
      "type": "string"
    }, 
    "rejected": {
      "description": "Indicates if previous response was invalid. Please provide a valid response.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates if the previous feedback response was rejected", 
      "type": "boolean"
    }, 
    "resolution": {
      "description": "If the feedback request was resolved earlier, provides details about the previous resolution.", 
      "readonly": true, 
      "required": false, 
      "title": "Previous resolution details for this feedback request", 
      "type": "string"
    }, 
    "resolved": {
      "description": "Indicates if a valid response already exist for this feedback request.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates if this feedback request has already been resolved", 
      "type": "boolean"
    }, 
    "sub_vertical": {
      "description": "Functional sub-area that this query falls into.", 
      "readonly": true, 
      "required": true, 
      "title": "Functional sub-area for the feedback query", 
      "type": "string"
    }, 
    "suggested_action": {
      "description": "The suggested action to resolve this feedback request.", 
      "readonly": true, 
      "required": true, 
      "title": "Suggested action for this feedback request", 
      "type": "string"
    }, 
    "suggested_value": {
      "description": "The suggested value to resolve this feedback request.", 
      "readonly": true, 
      "required": true, 
      "title": "Suggested value for this feedback request", 
      "type": "string"
    }, 
    "v_object_id": {
      "description": "Identifier for this object in the source NSX endpoint.", 
      "readonly": true, 
      "required": true, 
      "title": "Id of this object in the source NSX endpoint", 
      "type": "string"
    }, 
    "v_object_name": {
      "description": "Name of this object in the source NSX endpoint.", 
      "readonly": true, 
      "required": true, 
      "title": "Name of this object in the source NSX endpoint", 
      "type": "string"
    }, 
    "vertical": {
      "description": "Functional area that this query falls into.", 
      "readonly": true, 
      "required": true, 
      "title": "Functional area for the feedback query", 
      "type": "string"
    }
  }, 
  "title": "Feedback detail required for Migration", 
  "type": "object"
}

MigrationFeedbackRequestListResult (type) 

{
  "additionalProperties": false, 
  "description": "List of detailed feedback requests from the migration tool where user input is required.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MigrationFeedbackRequestListResult", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "MigrationFeedbackRequest
      }, 
      "readonly": false, 
      "required": true, 
      "title": "Paged Collection of feedback requests", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of feedback required for Migration", 
  "type": "object"
}

MigrationFeedbackResponse (type) 

{
  "additionalProperties": false, 
  "description": "Detailed feedback requests from the migration tool where user input is required.", 
  "id": "MigrationFeedbackResponse", 
  "module_id": "Migration", 
  "properties": {
    "action": {
      "description": "Action selected in response to the feedback request.", 
      "readonly": false, 
      "required": true, 
      "title": "Action selected for feedback request", 
      "type": "string"
    }, 
    "id": {
      "description": "Identifier of the feedback request.", 
      "readonly": false, 
      "required": true, 
      "title": "UUID of the feedback request", 
      "type": "string"
    }, 
    "value": {
      "description": "User input provided in response to the feedback request.", 
      "readonly": false, 
      "required": false, 
      "title": "User input for the feedback query", 
      "type": "string"
    }, 
    "values": {
      "description": "User input provided in the form of a list of values in response to the feedback request.", 
      "items": {
        "type": "string"
      }, 
      "readonly": false, 
      "required": false, 
      "title": "User input with multiple values for the feedback query", 
      "type": "array"
    }
  }, 
  "title": "Feedback details required for Migration", 
  "type": "object"
}

MigrationFeedbackResponseList (type) 

{
  "additionalProperties": false, 
  "description": "List of detailed feedback response for the migration tool.", 
  "id": "MigrationFeedbackResponseList", 
  "module_id": "Migration", 
  "properties": {
    "response_list": {
      "description": "List of feedback responses.", 
      "items": {
        "$ref": "MigrationFeedbackResponse
      }, 
      "readonly": false, 
      "required": true, 
      "title": "List of feedback responses", 
      "type": "array"
    }
  }, 
  "title": "List of feedback reponse for Migration", 
  "type": "object"
}

MigrationFeedbackSummaryListResult (type) 

{
  "additionalProperties": false, 
  "description": "List of feedback categories and count of requests in each category.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MigrationFeedbackSummaryListResult", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "MigrationFeedbackCategory
      }, 
      "readonly": false, 
      "required": true, 
      "title": "Paged Collection of feedback categories", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of feedback categories for Migration", 
  "type": "object"
}

MigrationGroupStatusListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "MigrationGroupStatusListRequestParameters", 
  "module_id": "Migration", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "has_errors": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Flag to indicate whether to return only migration units with errors", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationNodeInfoListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "MigrationNodeInfoListRequestParameters", 
  "module_id": "Migration", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": false, 
      "title": "Component type based on which nodes will be filtered", 
      "type": "string"
    }, 
    "component_version": {
      "readonly": false, 
      "required": false, 
      "title": "Component version based on which nodes will be filtered", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationPlanResetRequest (type) 

{
  "additionalProperties": false, 
  "id": "MigrationPlanResetRequest", 
  "module_id": "Migration", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": true, 
      "title": "Component type", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationPlanSettings (type) 

{
  "additionalProperties": false, 
  "id": "MigrationPlanSettings", 
  "module_id": "Migration", 
  "properties": {
    "parallel": {
      "default": true, 
      "readonly": false, 
      "required": false, 
      "title": "Migration Method to specify whether the migration is to be performed serially or in parallel", 
      "type": "boolean"
    }, 
    "pause_after_each_group": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Flag to indicate whether to pause the migration after migration of each group is completed", 
      "type": "boolean"
    }, 
    "pause_on_error": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Flag to indicate whether to pause the migration plan execution when an error occurs", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

MigrationSetupInfo (type) 

{
  "additionalProperties": false, 
  "description": "Details about source and destination NSX setup to be migrated", 
  "id": "MigrationSetupInfo", 
  "module_id": "Migration", 
  "properties": {
    "destination_nsx": {
      "$ref": "DestinationNsxApiEndpoint, 
      "description": "IP address or hostname of the destination NSX API endpoint.", 
      "readonly": false, 
      "required": false, 
      "title": "Destination NSX API endpoint"
    }, 
    "migration_mode": {
      "default": "ONPREMISE_V2T", 
      "description": "Migration mode can be VMC_V2T, ONPREMISE_V2T, ONPREMISE_VSPHERE2T", 
      "enum": [
        "VMC_V2T", 
        "ONPREMISE_V2T", 
        "ONPREMISE_VSPHERE2T"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Migration mode", 
      "type": "string"
    }, 
    "source_nsx": {
      "description": "List of source NSX manager endpoints.", 
      "items": {
        "$ref": "SourceNsxApiEndpoint
      }, 
      "readonly": false, 
      "required": false, 
      "title": "List of source NSX managers", 
      "type": "array"
    }
  }, 
  "title": "Details about source and destination NSX setup", 
  "type": "object"
}

MigrationStatus (type) 

{
  "additionalProperties": false, 
  "id": "MigrationStatus", 
  "module_id": "Migration", 
  "properties": {
    "component_status": {
      "items": {
        "$ref": "ComponentMigrationStatus
      }, 
      "readonly": true, 
      "required": true, 
      "title": "List of component statuses", 
      "type": "array"
    }, 
    "overall_migration_status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Status of migration", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationStatusSummaryRequestParameters (type) 

{
  "additionalProperties": false, 
  "id": "MigrationStatusSummaryRequestParameters", 
  "module_id": "Migration", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": false, 
      "title": "Component type based on which migration units to be filtered", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationSummary (type) 

{
  "additionalProperties": false, 
  "id": "MigrationSummary", 
  "module_id": "Migration", 
  "properties": {
    "component_target_versions": {
      "items": {
        "$ref": "ComponentTargetVersion
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "migration_coordinator_version": {
      "readonly": true, 
      "required": true, 
      "title": "Current version of migration coordinator", 
      "type": "string"
    }, 
    "migration_status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Status of migration", 
      "type": "string"
    }, 
    "system_version": {
      "readonly": true, 
      "required": true, 
      "title": "Current system version", 
      "type": "string"
    }, 
    "target_version": {
      "readonly": true, 
      "required": true, 
      "title": "Target system version", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationSwitchInfo (type) 

{
  "additionalProperties": false, 
  "description": "Details about switch to be migrated", 
  "id": "MigrationSwitchInfo", 
  "module_id": "Migration", 
  "properties": {
    "id": {
      "description": "Switch Identifier.", 
      "readonly": true, 
      "required": true, 
      "title": "Switch id", 
      "type": "string"
    }, 
    "kind": {
      "default": "DVS", 
      "description": "Kind of switch, can be DVS, VSS.", 
      "enum": [
        "DVS", 
        "VSS"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Kind of switch", 
      "type": "string"
    }, 
    "name": {
      "description": "Name of the switch.", 
      "readonly": false, 
      "required": false, 
      "title": "Switch name", 
      "type": "string"
    }, 
    "pnic_count": {
      "description": "Number of PNICs associated with this switch.", 
      "readonly": true, 
      "required": false, 
      "title": "PNIC count", 
      "type": "int"
    }, 
    "version": {
      "description": "Version of the switch to be migrated.", 
      "readonly": true, 
      "required": false, 
      "title": "Switch version", 
      "type": "string"
    }
  }, 
  "title": "Details about switch to be migrated", 
  "type": "object"
}

MigrationSwitchListResult (type) 

{
  "additionalProperties": false, 
  "description": "Details about all the DVS and VSS present on the VC", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MigrationSwitchListResult", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "A paginated list of DVS/VSS present on the VC.", 
      "items": {
        "$ref": "MigrationSwitchInfo
      }, 
      "readonly": false, 
      "required": false, 
      "title": "Paginated list of DVS/VSS present on the VC", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Details about all the DVS and VSS present on the VC", 
  "type": "object"
}

MigrationUnit (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "MigrationUnit", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "current_version": {
      "description": "This is component version e.g. if migration unit is of type HOST, then this is host version.", 
      "readonly": true, 
      "required": false, 
      "title": "Current version of migration unit", 
      "type": "string"
    }, 
    "display_name": {
      "readonly": false, 
      "required": false, 
      "title": "Name of the migration unit", 
      "type": "string"
    }, 
    "group": {
      "$ref": "ResourceReference, 
      "readonly": true, 
      "required": false, 
      "title": "Info of the group to which this migration unit belongs"
    }, 
    "id": {
      "description": "Identifier of the migration unit", 
      "readonly": true, 
      "required": true, 
      "title": "UUID of the migration unit", 
      "type": "string"
    }, 
    "metadata": {
      "items": {
        "$ref": "KeyValuePair
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Metadata about migration unit", 
      "type": "array"
    }, 
    "type": {
      "readonly": false, 
      "required": false, 
      "title": "Migration unit type", 
      "type": "string"
    }, 
    "warnings": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of warnings indicating issues with the migration unit that may result in migration failure", 
      "type": "array"
    }
  }, 
  "type": "object"
}

MigrationUnitAggregateInfo (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "MigrationUnitAggregateInfo", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "errors": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of errors occurred during migration of this migration unit", 
      "type": "array"
    }, 
    "percent_complete": {
      "readonly": true, 
      "required": true, 
      "title": "Indicator of migration progress in percentage", 
      "type": "number"
    }, 
    "status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Status of migration unit", 
      "type": "string"
    }, 
    "unit": {
      "$ref": "MigrationUnit, 
      "description": "Details of the migration unit", 
      "readonly": true, 
      "required": true, 
      "title": "Migration unit info"
    }
  }, 
  "type": "object"
}

MigrationUnitAggregateInfoListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "MigrationUnitAggregateInfoListRequestParameters", 
  "module_id": "Migration", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": false, 
      "title": "Component type based on which migration units to be filtered", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "group_id": {
      "readonly": false, 
      "required": false, 
      "title": "Identifier of group based on which migration units to be filtered", 
      "type": "string"
    }, 
    "has_errors": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Flag to indicate whether to return only migration units with errors", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "metadata": {
      "readonly": false, 
      "required": false, 
      "title": "Metadata about migration unit to filter on", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "selection_status": {
      "default": "ALL", 
      "enum": [
        "SELECTED", 
        "DESELECTED", 
        "ALL"
      ], 
      "required": false, 
      "title": "Flag to indicate whether to return only selected, only deselected or both type of migration units", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationUnitAggregateInfoListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MigrationUnitAggregateInfoListResult", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "MigrationUnitAggregateInfo
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Paged collection of MigrationUnit AggregateInfo", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationUnitGroup (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "MigrationUnitGroup", 
  "module_id": "Migration", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "readonly": false, 
      "required": false, 
      "title": "Flag to indicate whether migration of this group is enabled or not", 
      "type": "boolean"
    }, 
    "extended_configuration": {
      "items": {
        "$ref": "KeyValuePair
      }, 
      "maxItems": 100, 
      "readonly": false, 
      "required": false, 
      "title": "Extended configuration for the group", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "migration_unit_count": {
      "description": "Number of migration units in the group", 
      "readonly": true, 
      "required": false, 
      "title": "Count of migration units in the group", 
      "type": "int"
    }, 
    "migration_units": {
      "items": {
        "$ref": "MigrationUnit
      }, 
      "maxItems": 100, 
      "readonly": false, 
      "required": false, 
      "title": "List of migration units in the group", 
      "type": "array"
    }, 
    "parallel": {
      "default": true, 
      "readonly": false, 
      "required": false, 
      "title": "Migration method to specify whether the migration is to be performed in parallel or serially", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "type": {
      "readonly": false, 
      "required": true, 
      "title": "Component type", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationUnitGroupAggregateInfo (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "MigrationUnitGroupAggregateInfo", 
  "module_id": "Migration", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "failed_count": {
      "readonly": true, 
      "required": false, 
      "title": "Number of nodes in the migration unit group that failed migration", 
      "type": "int"
    }, 
    "group": {
      "$ref": "MigrationUnitGroup, 
      "readonly": false, 
      "required": true, 
      "title": "Migration unit group details"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "percent_complete": {
      "readonly": true, 
      "required": true, 
      "title": "Indicator of migration progress in percentage", 
      "type": "number"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Migration status of migration unit group", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

MigrationUnitGroupAggregateInfoListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MigrationUnitGroupAggregateInfoListResult", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "MigrationUnitGroupAggregateInfo
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Paged collection of migration status for migration unit groups", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationUnitGroupListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "MigrationUnitGroupListRequestParameters", 
  "module_id": "Migration", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": false, 
      "title": "Component type based on which migration unit groups to be filtered", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "summary": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Flag indicating whether to return summary", 
      "type": "boolean"
    }, 
    "sync": {
      "default": false, 
      "description": "If true, synchronize with the management plane before returning migration unit groups", 
      "required": false, 
      "title": "Synchronize before returning migration unit groups", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

MigrationUnitGroupListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MigrationUnitGroupListResult", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "MigrationUnitGroup
      }, 
      "required": true, 
      "title": "Paged Collection of Migration unit groups", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationUnitGroupStatus (type) 

{
  "additionalProperties": false, 
  "id": "MigrationUnitGroupStatus", 
  "module_id": "Migration", 
  "properties": {
    "failed_count": {
      "readonly": true, 
      "required": false, 
      "title": "Number of nodes in the migration unit group that failed migration", 
      "type": "int"
    }, 
    "group_id": {
      "description": "Identifier for migration unit group", 
      "readonly": true, 
      "required": true, 
      "title": "UUID of migration unit group", 
      "type": "string"
    }, 
    "group_name": {
      "description": "Name of the migration unit group", 
      "readonly": true, 
      "required": true, 
      "title": "Migration unit group Name", 
      "type": "string"
    }, 
    "migration_unit_count": {
      "readonly": true, 
      "required": true, 
      "title": "Number of migration units in the group", 
      "type": "int"
    }, 
    "percent_complete": {
      "readonly": true, 
      "required": true, 
      "title": "Indicator of migration progress in percentage", 
      "type": "number"
    }, 
    "status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Migration status of migration unit group", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationUnitGroupStatusListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MigrationUnitGroupStatusListResult", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "MigrationUnitGroupStatus
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Paged collection of migration status for migration unit groups", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationUnitList (type) 

{
  "additionalProperties": false, 
  "id": "MigrationUnitList", 
  "module_id": "Migration", 
  "properties": {
    "list": {
      "items": {
        "$ref": "MigrationUnit
      }, 
      "required": true, 
      "title": "Collection of Migration units", 
      "type": "array"
    }
  }, 
  "type": "object"
}

MigrationUnitListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "MigrationUnitListRequestParameters", 
  "module_id": "Migration", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": false, 
      "title": "Component type based on which migration units to be filtered", 
      "type": "string"
    }, 
    "current_version": {
      "readonly": false, 
      "required": false, 
      "title": "Current version of migration unit based on which migration units to be filtered", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "group_id": {
      "readonly": false, 
      "required": false, 
      "title": "UUID of group based on which migration units to be filtered", 
      "type": "string"
    }, 
    "has_warnings": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Flag to indicate whether to return only migration units with warnings", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "metadata": {
      "readonly": false, 
      "required": false, 
      "title": "Metadata about migration unit to filter on", 
      "type": "string"
    }, 
    "migration_unit_type": {
      "readonly": false, 
      "required": false, 
      "title": "Migration unit type based on which migration units to be filtered", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationUnitListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MigrationUnitListResult", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "MigrationUnit
      }, 
      "required": true, 
      "title": "Paged Collection of Migration units", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationUnitStatus (type) 

{
  "additionalProperties": false, 
  "id": "MigrationUnitStatus", 
  "module_id": "Migration", 
  "properties": {
    "display_name": {
      "readonly": true, 
      "required": true, 
      "title": "Name of migration unit", 
      "type": "string"
    }, 
    "errors": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of errors occurred during migration of this migration unit", 
      "type": "array"
    }, 
    "id": {
      "description": "Identifier of migration unit", 
      "readonly": true, 
      "required": true, 
      "title": "UUID of migration unit", 
      "type": "string"
    }, 
    "percent_complete": {
      "readonly": true, 
      "required": true, 
      "title": "Indicator of migration progress in percentage", 
      "type": "number"
    }, 
    "status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Status of migration unit", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationUnitStatusListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MigrationUnitStatusListResult", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "MigrationUnitStatus
      }, 
      "required": true, 
      "title": "Paged Collection of migration units status", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationUnitTypeStats (type) 

{
  "additionalProperties": false, 
  "id": "MigrationUnitTypeStats", 
  "module_id": "Migration", 
  "properties": {
    "node_count": {
      "readonly": true, 
      "required": true, 
      "title": "Number of nodes", 
      "type": "int"
    }, 
    "node_with_issues_count": {
      "readonly": true, 
      "required": false, 
      "title": "Number of nodes with issues that may cause migration failure", 
      "type": "int"
    }, 
    "type": {
      "readonly": true, 
      "required": true, 
      "title": "Type of migration unit", 
      "type": "string"
    }, 
    "version": {
      "readonly": true, 
      "required": true, 
      "title": "Version of the migration unit", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationUnitTypeStatsList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "MigrationUnitTypeStatsList", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "MigrationUnitTypeStats
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of migration unit type stats", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

MigrationUnitsStatsRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "MigrationUnitsStatsRequestParameters", 
  "module_id": "Migration", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "sync": {
      "default": false, 
      "description": "If true, synchronize with the management plane before returning migration unit stats", 
      "required": false, 
      "title": "Synchronize before returning migration unit stats", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

MirrorDestination (type) 

{
  "abstract": true, 
  "id": "MirrorDestination", 
  "module_id": "PortMirroring", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "resource_type": {
      "$ref": "MirrorDestinationResourceType, 
      "help_summary": "Possible values are 'LogicalPortMirrorDestination'", 
      "required": true
    }
  }, 
  "type": "object"
}

MirrorDestinationResourceType (type) 

{
  "additionalProperties": false, 
  "enum": [
    "LogicalPortMirrorDestination", 
    "PnicMirrorDestination", 
    "IPMirrorDestination"
  ], 
  "id": "MirrorDestinationResourceType", 
  "module_id": "PortMirroring", 
  "title": "Resource types of mirror destination", 
  "type": "string"
}

MirrorSource (type) 

{
  "abstract": true, 
  "id": "MirrorSource", 
  "module_id": "PortMirroring", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "resource_type": {
      "$ref": "MirrorSourceResourceType, 
      "help_summary": "Possible values are 'LogicalPortMirrorSource', 'PnicMirrorSource'", 
      "required": true
    }
  }, 
  "type": "object"
}

MirrorSourceResourceType (type) 

{
  "additionalProperties": false, 
  "enum": [
    "LogicalPortMirrorSource", 
    "PnicMirrorSource", 
    "VlanMirrorSource", 
    "LogicalSwitchMirrorSource"
  ], 
  "id": "MirrorSourceResourceType", 
  "module_id": "PortMirroring", 
  "title": "Resource types of mirror source", 
  "type": "string"
}

MonitorQueryType (type) 

{
  "additionalProperties": false, 
  "description": "MonitorQueryType is used to query load balancer monitors. LbActiveMonitor represents active load balancer monitors. While LbActiveMonitor is specified to query load balancer monitors, it returns all active monitors, including LbHttpMonitor, LbHttpMonitor, LbIcmpMonitor, LbTcpMonitor, LbUdpMonitor.", 
  "enum": [
    "LbHttpMonitor", 
    "LbHttpsMonitor", 
    "LbIcmpMonitor", 
    "LbTcpMonitor", 
    "LbUdpMonitor", 
    "LbPassiveMonitor", 
    "LbActiveMonitor"
  ], 
  "id": "MonitorQueryType", 
  "module_id": "LoadBalancer", 
  "title": "monitor query type", 
  "type": "string"
}

MonitorType (type) 

{
  "additionalProperties": false, 
  "description": "Load balancers monitor the health of backend servers to ensure traffic is not black holed. There are two types of healthchecks: active and passive. Passive healthchecks depend on failures in actual client traffic (e.g. RST from server in response to a client connection) to detect that the server or the application is down. In case of active healthchecks, load balancer itself initiates new connections (or sends ICMP ping) to the servers periodically to check their health, completely independent of any data traffic. Currently, active health monitors are supported for HTTP, HTTPS, TCP, UDP and ICMP protocols.", 
  "enum": [
    "LbHttpMonitor", 
    "LbHttpsMonitor", 
    "LbIcmpMonitor", 
    "LbTcpMonitor", 
    "LbUdpMonitor", 
    "LbPassiveMonitor"
  ], 
  "id": "MonitorType", 
  "module_id": "LoadBalancer", 
  "title": "monitor type", 
  "type": "string"
}

MonitoringProfileBindingMap (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "MonitoringProfileBindingMap", 
  "module_id": "PolicyMonitoringProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Base Monitoring Profile Binding Map", 
  "type": "object"
}

MonthlyTelemetrySchedule (type) 

{
  "extends": {
    "$ref": "TelemetrySchedule
  }, 
  "id": "MonthlyTelemetrySchedule", 
  "module_id": "TelemetryConfig", 
  "polymorphic-type-descriptor": {
    "type-identifier": "MonthlyTelemetrySchedule"
  }, 
  "properties": {
    "day_of_month": {
      "description": "Day of month on which data will be collected. Specify a value between 1 through 31.", 
      "maximum": 31, 
      "minimum": 1, 
      "required": true, 
      "title": "Day of month on which data will be collected", 
      "type": "integer"
    }, 
    "frequency_type": {
      "description": "Specify one of DailyTelemetrySchedule, WeeklyTelemetrySchedule, or MonthlyTelemetrySchedule.", 
      "required": true, 
      "title": "Frequency at which data will be collected", 
      "type": "string"
    }, 
    "hour_of_day": {
      "description": "Hour at which data will be collected. Specify a value between 0 through 23.", 
      "maximum": 23, 
      "minimum": 0, 
      "required": true, 
      "title": "Hour at which data will be collected", 
      "type": "integer"
    }, 
    "minutes": {
      "default": 0, 
      "description": "Minute at which data will be collected. Specify a value between 0 through 59.", 
      "maximum": 59, 
      "minimum": 0, 
      "required": false, 
      "title": "Minute at which data will be collected", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

MsgClientInfo (type) 

{
  "id": "MsgClientInfo", 
  "module_id": "Common", 
  "properties": {
    "account_name": {
      "description": "Account name for the messaging client. Identifies the client on the management plane message bus.", 
      "readonly": false, 
      "required": false, 
      "type": "string"
    }, 
    "certificate": {
      "description": "Messaging client's certificate. Used to authenticate to the control plane messaging endpoint.", 
      "readonly": false, 
      "required": false, 
      "type": "string"
    }, 
    "shared_secret": {
      "description": "Messaging client's secret. Used to authenticate to the management plane messaging broker.", 
      "readonly": false, 
      "required": false, 
      "type": "string"
    }, 
    "software_version": {
      "description": "Software version of the node.", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }
  }, 
  "title": "Information about a messaging client", 
  "type": "object"
}

MultiWidgetConfiguration (type) 

{
  "additionalProperties": false, 
  "description": "Combines two or more widgetconfigurations into a multi-widget", 
  "extends": {
    "$ref": "WidgetConfiguration
  }, 
  "id": "MultiWidgetConfiguration", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "polymorphic-type-descriptor": {
    "type-identifier": "MultiWidgetConfiguration"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "datasources": {
      "description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.", 
      "items": {
        "$ref": "Datasource
      }, 
      "minItems": 0, 
      "title": "Array of Datasource Instances with their relative urls", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.", 
      "maxLength": 255, 
      "title": "Widget Title", 
      "type": "string"
    }, 
    "drilldown_id": {
      "description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.", 
      "maxLength": 255, 
      "title": "Id of drilldown widget", 
      "type": "string"
    }, 
    "footer": {
      "$ref": "Footer
    }, 
    "icons": {
      "description": "Icons to be applied at dashboard for widgets and UI elements.", 
      "items": {
        "$ref": "Icon
      }, 
      "title": "Icons", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_drilldown": {
      "default": false, 
      "description": "Set to true if this widget should be used as a drilldown.", 
      "title": "Set as a drilldown widget", 
      "type": "boolean"
    }, 
    "legend": {
      "$ref": "Legend, 
      "description": "Legend to be displayed. If legend is not needed, do not include it.", 
      "title": "Legend for the widget"
    }, 
    "navigation": {
      "description": "Hyperlink of the specified UI page that provides details.", 
      "maxLength": 1024, 
      "title": "Navigation to a specified UI page", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration and ContainerConfiguration.", 
      "enum": [
        "LabelValueConfiguration", 
        "DonutConfiguration", 
        "MultiWidgetConfiguration", 
        "ContainerConfiguration", 
        "StatsConfiguration", 
        "GridConfiguration", 
        "GraphConfiguration"
      ], 
      "maxLength": 255, 
      "readonly": true, 
      "required": true, 
      "title": "Widget visualization type", 
      "type": "string"
    }, 
    "shared": {
      "deprecated": true, 
      "description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.", 
      "title": "Visiblity of widgets to other users", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "weight": {
      "deprecated": true, 
      "description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.", 
      "title": "Weightage or placement of the widget or container", 
      "type": "int"
    }, 
    "widgets": {
      "description": "Array of widgets that are part of the multi-widget.", 
      "items": {
        "$ref": "WidgetItem
      }, 
      "maxItems": 2, 
      "minItems": 1, 
      "required": true, 
      "title": "Widgets", 
      "type": "array"
    }
  }, 
  "title": "Multi-Widget", 
  "type": "object"
}

NDRAPrefixConfig (type) 

{
  "additionalProperties": false, 
  "description": "Overrides the router advertisement attributes for the IPv6 prefixes.", 
  "id": "NDRAPrefixConfig", 
  "module_id": "LogicalRouterPorts", 
  "properties": {
    "network_prefix": {
      "$ref": "IPv6CIDRBlock, 
      "description": "Override the neighbor discovery prefix preferred time and prefix valid time for the subnet on uplink port whose network matches with the network address of CIDR specified in network_prefix.", 
      "required": true, 
      "title": "Network prefix"
    }, 
    "prefix_preferred_time": {
      "description": "The time interval in seconds, in which the prefix is advertised as preferred.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Prefix preferred time", 
      "type": "integer"
    }, 
    "prefix_valid_time": {
      "description": "The time interval in seconds, in which the prefix is advertised as valid.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Subnet Prefix Length", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

NDRAProfile (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "NDRAProfile", 
  "module_id": "Routing", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "dns_config": {
      "$ref": "RaDNSConfig, 
      "required": false, 
      "title": "DNS Configuration"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ra_config": {
      "$ref": "RAConfig, 
      "required": true, 
      "title": "RA Configuration"
    }, 
    "ra_mode": {
      "$ref": "RAMode, 
      "default": "SLAAC_DNS_THROUGH_RA", 
      "required": true, 
      "title": "RA Mode"
    }, 
    "reachable_timer": {
      "default": 0, 
      "description": "Neighbour reachable time duration in milliseconds. A value of 0 means unspecified.", 
      "maximum": 3600000, 
      "minimum": 0, 
      "required": false, 
      "title": "Reachable timer", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "retransmit_interval": {
      "default": 1000, 
      "description": "The time, in milliseconds, between retransmitted neighbour solicitation messages.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Retransmission interval", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

NDRAProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NDRAProfileListResult", 
  "module_id": "Routing", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NDRAProfile
      }, 
      "required": true, 
      "title": "Paginated list of NDRAProfile", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

NSAttributes (type) 

{
  "additionalProperties": false, 
  "id": "NSAttributes", 
  "module_id": "NSProfile", 
  "properties": {
    "attributes_data": {
      "$ref": "NSAttributesData, 
      "required": true, 
      "title": "Data for attribute"
    }, 
    "sub_attributes": {
      "items": {
        "$ref": "NSAttributesData
      }, 
      "required": false, 
      "title": "Reference to sub attributes for the attribute", 
      "type": "array"
    }
  }, 
  "title": "NS Attributes data holder structure", 
  "type": "object"
}

NSAttributesData (type) 

{
  "additionalProperties": false, 
  "id": "NSAttributesData", 
  "module_id": "NSProfile", 
  "properties": {
    "datatype": {
      "enum": [
        "STRING"
      ], 
      "required": true, 
      "title": "Data type of attribute/sub attribute key", 
      "type": "string"
    }, 
    "description": {
      "required": false, 
      "title": "Description for NSProfile attributes", 
      "type": "string"
    }, 
    "key": {
      "description": "NSProfile attribute/sub attribute keys.", 
      "required": true, 
      "title": "Key for attribute/sub attribute", 
      "type": "string"
    }, 
    "value": {
      "description": "Multiple attribute/sub attribute values can be specified as elements of array.", 
      "items": {
        "type": "string"
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "value for attribute/sub attribute key", 
      "type": "array", 
      "uniqueItems": true
    }
  }, 
  "title": "Attributes/sub-attributes data holder structure for NSProfile", 
  "type": "object"
}

NSGroup (type) 

{
  "additionalProperties": false, 
  "description": "NSGroups are recursive groupings of different NSX elements (logical and physical), typically used in policy definitions.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "NSGroup", 
  "module_id": "NSGroup", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "member_count": {
      "readonly": true, 
      "required": false, 
      "title": "Count of the members added to this NSGroup", 
      "type": "integer"
    }, 
    "members": {
      "description": "Reference to the direct/static members of the NSGroup. Can be ID based expressions only. VirtualMachine cannot be added as a static member.", 
      "items": {
        "$ref": "NSGroupSimpleExpression
      }, 
      "maxItems": 500, 
      "required": false, 
      "title": "Members of NSGroup", 
      "type": "array"
    }, 
    "membership_criteria": {
      "description": "List of tag or name based expressions which define the dynamic membership criteria for this NSGroup. An object must satisfy atleast one of these expressions to qualify as a member of this group. It is not recommended to use ID based expressions in this section. ID based expression should be used in \"members\" section", 
      "items": {
        "$ref": "NSGroupExpression
      }, 
      "maxItems": 5, 
      "required": false, 
      "title": "The criteria for membership of this NSGroup", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Networking and Security Group", 
  "type": "object"
}

NSGroupComplexExpression (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "NSGroupExpression
  }, 
  "id": "NSGroupComplexExpression", 
  "module_id": "NSGroup", 
  "polymorphic-type-descriptor": {
    "type-identifier": "NSGroupComplexExpression"
  }, 
  "properties": {
    "expressions": {
      "description": "Represents expressions which are to be logically 'AND'ed.The array cannot contain NSGroupComplexExpression.Only NSGroupTagExpression and NSGroupSimpleExpressions are accepted.", 
      "items": {
        "$ref": "NSGroupExpression
      }, 
      "maxItems": 5, 
      "minItems": 2, 
      "required": true, 
      "title": "List of simple and tag expressions", 
      "type": "array"
    }, 
    "resource_type": {
      "enum": [
        "NSGroupSimpleExpression", 
        "NSGroupComplexExpression", 
        "NSGroupTagExpression"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "Complex expressions to represent NSGroup membership", 
  "type": "object"
}

NSGroupDeleteRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DeleteRequestParameters
  }, 
  "id": "NSGroupDeleteRequestParameters", 
  "module_id": "NSGroup", 
  "properties": {
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }
  }, 
  "title": "NSGroup delete request parameters", 
  "type": "object"
}

NSGroupExpression (type) 

{
  "id": "NSGroupExpression", 
  "module_id": "NSGroup", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "resource_type": {
      "enum": [
        "NSGroupSimpleExpression", 
        "NSGroupComplexExpression", 
        "NSGroupTagExpression"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "Policy expression for NSGroup membership", 
  "type": "object"
}

NSGroupExpressionList (type) 

{
  "additionalProperties": false, 
  "id": "NSGroupExpressionList", 
  "module_id": "NSGroup", 
  "properties": {
    "members": {
      "items": {
        "$ref": "NSGroupExpression
      }, 
      "maxItems": 500, 
      "required": true, 
      "title": "List of NSGroupExpressions to be passed to add and remove APIs\n", 
      "type": "array"
    }
  }, 
  "title": "List of NSGroupExpressions", 
  "type": "object"
}

NSGroupInfo (type) 

{
  "description": "NSGroupInfo contains information about a particular NSGroup used in a SI Rule. It also contains information about policy path used to create this NSGroup.", 
  "id": "NSGroupInfo", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "nsgroup": {
      "$ref": "ResourceReference, 
      "description": "NSGroup Data.", 
      "readonly": true, 
      "required": false, 
      "title": "NSGroup"
    }, 
    "nsgroup_policy_path": {
      "description": "Relative Policy path of a particular NSGroup.", 
      "readonly": true, 
      "required": true, 
      "title": "Policy Path of a Particular NSGroup", 
      "type": "string"
    }
  }, 
  "title": "NSGroupInfo", 
  "type": "object"
}

NSGroupListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "NSGroupListRequestParameters", 
  "module_id": "NSGroup", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "member_types": {
      "description": "Specify valid member types in CSV format to filter NSGroups. Returns NSGroups whose member types are same as or subset of specified member types", 
      "required": false, 
      "title": "Specify member types to filter corresponding NSGroups\n", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "populate_references": {
      "default": false, 
      "description": "If set to true, the target_resource property of each NSGroupExpresion will be populated from the associated resource when the expression uniquely identifies a resource.", 
      "title": "Populate metadata of resource referenced by NSGroupExpressions\n", 
      "type": "boolean"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "NSGroup list request parameters", 
  "type": "object"
}

NSGroupListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NSGroupListResult", 
  "module_id": "NSGroup", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NSGroup
      }, 
      "required": true, 
      "title": "NSGroup list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of NSGroups", 
  "type": "object"
}

NSGroupMetaInfo (type) 

{
  "description": "Contains the metadata of a NSGroup when the application discovery session was started", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NSGroupMetaInfo", 
  "module_id": "AppDiscovery", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "no_of_vms": {
      "required": false, 
      "title": "Number of VMs discovered for this NSGroup when session was started", 
      "type": "integer"
    }, 
    "ns_group_id": {
      "required": true, 
      "title": "ID of the NS Group", 
      "type": "string"
    }
  }, 
  "title": "Metadata about NSGroup", 
  "type": "object"
}

NSGroupMetaInfoListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NSGroupMetaInfoListResult", 
  "module_id": "AppDiscovery", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NSGroupMetaInfo
      }, 
      "required": true, 
      "title": "list of NSGroupMetaInfos", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "NSGroupMetaInfo list", 
  "type": "object"
}

NSGroupRequestParameters (type) 

{
  "additionalProperties": false, 
  "id": "NSGroupRequestParameters", 
  "module_id": "NSGroup", 
  "properties": {
    "populate_references": {
      "default": false, 
      "description": "If set to true, the target_resource property of each NSGroupExpresion will be populated from the associated resource when the expression uniquely identifies a resource.", 
      "title": "Populate metadata of resource referenced by NSGroupExpressions\n", 
      "type": "boolean"
    }
  }, 
  "title": "NSGroup request parameters", 
  "type": "object"
}

NSGroupServiceAssociationListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "NSGroupServiceAssociationListRequestParameters", 
  "module_id": "GroupingObjectsProviders", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "fetch_parentgroup_associations": {
      "default": false, 
      "description": "If set to true, will fetch direct as well as indirect associated service entities for the given NSGroup.", 
      "required": false, 
      "title": "Fetch complete list of associated resources considering\nnesting\n", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "service_type": {
      "enum": [
        "firewall", 
        "ipfix"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "NSGroup Service association list request parameters", 
  "type": "object"
}

NSGroupSimpleExpression (type) 

{
  "extends": {
    "$ref": "NSGroupExpression
  }, 
  "id": "NSGroupSimpleExpression", 
  "module_id": "NSGroup", 
  "polymorphic-type-descriptor": {
    "type-identifier": "NSGroupSimpleExpression"
  }, 
  "properties": {
    "op": {
      "enum": [
        "EQUALS", 
        "CONTAINS", 
        "STARTSWITH", 
        "ENDSWITH", 
        "NOTEQUALS"
      ], 
      "required": true, 
      "title": "Operator of the expression", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "NSGroupSimpleExpression", 
        "NSGroupComplexExpression", 
        "NSGroupTagExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "target_property": {
      "required": true, 
      "title": "Field of the resource on which this expression is evaluated", 
      "type": "string"
    }, 
    "target_resource": {
      "$ref": "ResourceReference, 
      "description": "Reference of the target. Will be populated when the property is a resource id, the op (operator) is EQUALS and populate_references is set to be true.", 
      "readonly": true, 
      "required": false, 
      "title": "Reference of the target"
    }, 
    "target_type": {
      "$ref": "NSGroupValidResourceType, 
      "required": true, 
      "title": "Type of the resource on which this expression is evaluated"
    }, 
    "value": {
      "required": true, 
      "title": "Value that satisfies this expression", 
      "type": "string"
    }
  }, 
  "title": "Simple expressions to represent NSGroup membership", 
  "type": "object"
}

NSGroupTagExpression (type) 

{
  "description": "Includes both scope and tag attribute of Tag. The scope and tag expressions are logically 'AND' with each other. eg- tag.scope = \"S1\" AND tag.tag = 'T1'", 
  "extends": {
    "$ref": "NSGroupExpression
  }, 
  "id": "NSGroupTagExpression", 
  "module_id": "NSGroup", 
  "polymorphic-type-descriptor": {
    "type-identifier": "NSGroupTagExpression"
  }, 
  "properties": {
    "resource_type": {
      "enum": [
        "NSGroupSimpleExpression", 
        "NSGroupComplexExpression", 
        "NSGroupTagExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "scope": {
      "maxLength": 128, 
      "required": false, 
      "title": "The tag.scope attribute of the object", 
      "type": "string"
    }, 
    "scope_op": {
      "default": "EQUALS", 
      "enum": [
        "EQUALS"
      ], 
      "required": false, 
      "title": "Operator of the scope expression eg- tag.scope = \"S1\".", 
      "type": "string"
    }, 
    "tag": {
      "maxLength": 256, 
      "required": false, 
      "title": "The tag.tag attribute of the object", 
      "type": "string"
    }, 
    "tag_op": {
      "default": "EQUALS", 
      "description": "Target_type VirtualMachine supports all specified operators for tag expression while LogicalSwitch and LogicalPort supports only EQUALS operator.", 
      "enum": [
        "EQUALS", 
        "CONTAINS", 
        "STARTSWITH", 
        "ENDSWITH"
      ], 
      "required": false, 
      "title": "Operator of the tag expression eg- tag.tag = \"Production\"", 
      "type": "string"
    }, 
    "target_type": {
      "enum": [
        "LogicalSwitch", 
        "LogicalPort", 
        "VirtualMachine", 
        "IPSet"
      ], 
      "required": true, 
      "title": "Type of the resource on which this expression is evaluated", 
      "type": "string"
    }
  }, 
  "title": "TAG expressions to represent NSGroup membership", 
  "type": "object"
}

NSGroupValidResourceType (type) 

{
  "enum": [
    "NSGroup", 
    "IPSet", 
    "MACSet", 
    "LogicalSwitch", 
    "LogicalPort", 
    "VirtualMachine", 
    "DirectoryGroup", 
    "VirtualNetworkInterface", 
    "TransportNode"
  ], 
  "id": "NSGroupValidResourceType", 
  "module_id": "NSGroup", 
  "title": "Resource type valid for use in an NSGroupExpression", 
  "type": "string"
}

NSProfile (type) 

{
  "additionalProperties": false, 
  "description": "An entity that encapsulates attributes and sub-attributes of various network services (ex. L7 services,domain name,encryption algorithm) The entity will be consumed in DFW rules and can be added in new tuple called profile in DFW rules. This entity is design to be generic and can be consumed at other places as well where attributes and sub-attributes collection can be used. To get a list of supported attributes and sub-attributes fire the following REST API GET https://&lt;nsx-mgr&gt;/api/v1/ns-profiles/attributes", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "NSProfile", 
  "module_id": "NSProfile", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_valid": {
      "default": true, 
      "description": "If set to false, the NSProfile has some app ids which are unsupported. Those were allowed to be added in previous releases but in testing in later phases found that those app ids could not be detected.", 
      "readonly": true, 
      "title": "Flag indicating if NSProfile has supported app ids", 
      "type": "boolean"
    }, 
    "nsprofile_attribute": {
      "description": "Reference to the encapsulating object of attributes/sub-attributes for NSProfile.", 
      "items": {
        "$ref": "NSAttributes
      }, 
      "required": true, 
      "title": "NSProfile attributes and sub-attributes object", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Network Services Profile entity", 
  "type": "object"
}

NSProfileDeleteRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DeleteRequestParameters
  }, 
  "id": "NSProfileDeleteRequestParameters", 
  "module_id": "NSProfile", 
  "properties": {
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }
  }, 
  "title": "NSProfile delete request parameters", 
  "type": "object"
}

NSProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "NSProfileListRequestParameters", 
  "module_id": "NSProfile", 
  "properties": {
    "attribute_type": {
      "description": "It fetches NSProfiles for the given attribute type. Only one type of supported attribute type can be mentioned in a single API call.API will return all NSProfiles that have at least one attribute level key which matches given attribute type. If not provided, all NSProfiles will be returned.", 
      "required": false, 
      "title": "Fetch NSProfiles for the given attribute type", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "NSProfile list request parameters.", 
  "type": "object"
}

NSProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NSProfileListResult", 
  "module_id": "NSProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NSProfile
      }, 
      "readonly": true, 
      "title": "Paged collection of NSProfiles", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List result of NSProfiles", 
  "type": "object"
}

NSService (type) 

{
  "additionalProperties": false, 
  "description": "A Networking and Security Service allows users to specify characteristics to use for matching network traffic. For example the user can specify port and protocol pair.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "NSService", 
  "module_id": "NSService", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "default_service": {
      "description": "The default NSServices are created in the system by default. These NSServices can't be modified/deleted", 
      "readonly": true, 
      "title": "NSServices created in the system by default", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "nsservice_element": {
      "$ref": "NSServiceElement, 
      "required": true, 
      "title": "An NSService Element that describes traffic corresponding to this NSService"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

NSServiceDeleteRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DeleteRequestParameters
  }, 
  "id": "NSServiceDeleteRequestParameters", 
  "module_id": "NSService", 
  "properties": {
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }
  }, 
  "title": "NSService delete request parameters", 
  "type": "object"
}

NSServiceElement (type) 

{
  "abstract": true, 
  "id": "NSServiceElement", 
  "module_id": "Types", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "resource_type": {
      "enum": [
        "EtherTypeNSService", 
        "IPProtocolNSService", 
        "IGMPTypeNSService", 
        "ICMPTypeNSService", 
        "ALGTypeNSService", 
        "L4PortSetNSService"
      ], 
      "required": true, 
      "title": "The specific type of NSServiceElement", 
      "type": "string"
    }
  }, 
  "title": "An NSService element that describes traffic corresponding to an NSService", 
  "type": "object"
}

NSServiceGroup (type) 

{
  "additionalProperties": false, 
  "description": "A Networking and Security Service Group that represents a group of NSServices", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "NSServiceGroup", 
  "module_id": "NSServiceGroup", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "default_service": {
      "description": "The default NSServiceGroups are created in the system by default. These NSServiceGroups can't be modified/deleted", 
      "readonly": true, 
      "title": "NSServiceGroups created in the system by default", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "members": {
      "description": "List of NSService resources that can be added as members to an NSServiceGroup.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 50, 
      "required": true, 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "service_type": {
      "enum": [
        "ETHER", 
        "NON_ETHER"
      ], 
      "readonly": true, 
      "title": "Type of the NSServiceGroup", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

NSServiceGroupDeleteRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DeleteRequestParameters
  }, 
  "id": "NSServiceGroupDeleteRequestParameters", 
  "module_id": "NSServiceGroup", 
  "properties": {
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }
  }, 
  "title": "NSServiceGroup delete request parameters", 
  "type": "object"
}

NSServiceGroupListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "NSServiceGroupListRequestParameters", 
  "module_id": "NSServiceGroup", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "default_service": {
      "description": "If set to true, then it will display only default NSServiceGroups. If set to false, then it will display all those NSServiceGroups which are not default. If it is not provided, then complete (default as well as non default) list of NSServiceGroups will be displayed.", 
      "title": "Fetch all default NSServiceGroups", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "NSServiceGroup list request parameters", 
  "type": "object"
}

NSServiceGroupListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NSServiceGroupListResult", 
  "module_id": "NSServiceGroup", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NSServiceGroup
      }, 
      "required": true, 
      "title": "Paged collection of NSServiceGroups", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List result of NSServiceGroups", 
  "type": "object"
}

NSServiceListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "NSServiceListRequestParameters", 
  "module_id": "NSService", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "default_service": {
      "description": "If set to true, then it will display only default NSServices. If set to false, then it will display all those NSServices which are not default. If it is not provided, then complete (default as well as non default) list of NSServices will be displayed.", 
      "title": "Fetch all default NSServices", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "NSService list request parameters.", 
  "type": "object"
}

NSServiceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NSServiceListResult", 
  "module_id": "NSService", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NSService
      }, 
      "required": true, 
      "title": "Paged collection of NSServices", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List result of NSservices", 
  "type": "object"
}

NSSupportedAttributeTypesResult (type) 

{
  "additionalProperties": false, 
  "id": "NSSupportedAttributeTypesResult", 
  "module_id": "NSProfile", 
  "properties": {
    "attribute_types": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "title": "List of NSSupportedAttributes types", 
      "type": "array"
    }
  }, 
  "title": "NSSupportedAttributes Types", 
  "type": "object"
}

NSSupportedAttributes (type) 

{
  "additionalProperties": false, 
  "id": "NSSupportedAttributes", 
  "module_id": "NSProfile", 
  "properties": {
    "ns_attributes": {
      "description": "The type represent pre-defined list of supported attributes and sub-attributes that can be used while creating NSProfile", 
      "items": {
        "$ref": "NSAttributes
      }, 
      "required": true, 
      "title": "Collection of supported attributes and sub-attributes", 
      "type": "array"
    }
  }, 
  "title": "Supported attributes and sub-attributes for NSProfile", 
  "type": "object"
}

NSSupportedAttributesListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "NSSupportedAttributesListRequestParameters", 
  "module_id": "NSProfile", 
  "properties": {
    "attribute_type": {
      "description": "It fetches attributes and subattributes for the given attribute type supported in the system which can be used for NSProfile creation.", 
      "required": false, 
      "title": "Fetch attributes and sub-attributes for the given attribute type", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "NSAttributes list request parameters.", 
  "type": "object"
}

NSSupportedAttributesListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NSSupportedAttributesListResult", 
  "module_id": "NSProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NSSupportedAttributes
      }, 
      "readonly": true, 
      "title": "Paged collection of NSSupportedAttributes", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "NSSupportedAttributes for supported attributes and sub-attributes", 
  "type": "object"
}

NSXProfileReference (type) 

{
  "description": "It is a reference to any NSX profile. It comprise of NSX profile type eg. DFWCPUProfile, CentralConfigProfile etc. and id of profile i.e. target_id", 
  "extends": {
    "$ref": "ResourceReference
  }, 
  "id": "NSXProfileReference", 
  "module_id": "ServiceConfig", 
  "properties": {
    "is_valid": {
      "description": "Will be set to false if the referenced NSX resource has been deleted.", 
      "readonly": true, 
      "required": false, 
      "title": "Target validity", 
      "type": "boolean"
    }, 
    "profile_type": {
      "$ref": "ProfileType, 
      "required": true
    }, 
    "target_display_name": {
      "description": "Display name of the NSX resource.", 
      "maxLength": 255, 
      "readonly": true, 
      "required": false, 
      "title": "Target display name", 
      "type": "string"
    }, 
    "target_id": {
      "description": "Identifier of the NSX resource.", 
      "maxLength": 64, 
      "readonly": false, 
      "required": false, 
      "title": "Target ID", 
      "type": "string"
    }, 
    "target_type": {
      "description": "Type of the NSX resource.", 
      "maxLength": 255, 
      "readonly": false, 
      "required": false, 
      "title": "Target type", 
      "type": "string"
    }
  }, 
  "title": "Reference of single NSX profile which need to added in service config profiles", 
  "type": "object"
}

NSXTConnectionInfo (type) 

{
  "extends": {
    "$ref": "EnforcementPointConnectionInfo
  }, 
  "id": "NSXTConnectionInfo", 
  "module_id": "PolicyEnforcementPointManagement", 
  "polymorphic-type-descriptor": {
    "type-identifier": "NSXTConnectionInfo"
  }, 
  "properties": {
    "edge_cluster_ids": {
      "deprecated": true, 
      "description": "Edge Cluster UUIDs on enforcement point. Edge cluster information is required for creating logical L2, L3 constructs on enforcement point. Max 1 edge cluster ID. This is a deprecated property. The edge cluster id is now auto populated from enforcement point and its value can be read using APIs GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/edge-clusters and GET /infra/sites/site-id/enforcement-points/enforcementpoint-1/edge-clusters/edge-cluster-id. The value passed through this property will be ignored.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "required": false, 
      "title": "Edge Cluster IDs", 
      "type": "array"
    }, 
    "enforcement_point_address": {
      "description": "Value of this property could be hostname or ip. eg. For NSX-T manager running on default port the value can be \"10.192.1.1\", for NSX-T manager running on custom port value can be \"192.168.1.1:32789\". For NSX-T manager in VMC deployments value  can have url prefix eg. \"192.168.1.1:5480/nsxapi\"", 
      "required": true, 
      "title": "IP Address or hostname of the Enforcement point", 
      "type": "string"
    }, 
    "password": {
      "sensitive": true, 
      "title": "Password", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "NSXTConnectionInfo", 
        "NSXVConnectionInfo", 
        "CvxConnectionInfo"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "thumbprint": {
      "description": "Thumbprint of EnforcementPoint. sha-256 hash represented in lower case hex.", 
      "title": "Thumbprint of Enforcement Point", 
      "type": "string"
    }, 
    "transport_zone_ids": {
      "deprecated": true, 
      "description": "Transport Zone UUIDs on enforcement point. Transport zone information is required for creating logical L2, L3 constructs on enforcement point. Max 1 transport zone ID. This is a deprecated property. The transport zone id is now auto populated from enforcement point and its value can be read using APIs GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/transport-zones and GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/transport-zones/transport-zone-id. The value passed through this property will be ignored.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "required": false, 
      "title": "Transport Zone IDs", 
      "type": "array"
    }, 
    "username": {
      "title": "UserName", 
      "type": "string"
    }
  }, 
  "title": "Credential info to connect to NSXT enforcement type", 
  "type": "object"
}

NSXVConnectionInfo (type) 

{
  "extends": {
    "$ref": "EnforcementPointConnectionInfo
  }, 
  "id": "NSXVConnectionInfo", 
  "module_id": "PolicyEnforcementPointManagement", 
  "polymorphic-type-descriptor": {
    "type-identifier": "NSXVConnectionInfo"
  }, 
  "properties": {
    "enforcement_point_address": {
      "description": "Value of this property could be hostname or ip. eg. For NSX-T manager running on default port the value can be \"10.192.1.1\", for NSX-T manager running on custom port value can be \"192.168.1.1:32789\". For NSX-T manager in VMC deployments value  can have url prefix eg. \"192.168.1.1:5480/nsxapi\"", 
      "required": true, 
      "title": "IP Address or hostname of the Enforcement point", 
      "type": "string"
    }, 
    "password": {
      "required": true, 
      "sensitive": true, 
      "title": "Password", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "NSXTConnectionInfo", 
        "NSXVConnectionInfo", 
        "CvxConnectionInfo"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "thumbprint": {
      "description": "Thumbprint of EnforcementPoint. sha-256 hash represented in lower case hex.", 
      "required": true, 
      "title": "Thumbprint of Enforcement Point", 
      "type": "string"
    }, 
    "username": {
      "required": true, 
      "sensitive": true, 
      "title": "UserName", 
      "type": "string"
    }
  }, 
  "title": "Credential info to connect to NSXV enforcement type", 
  "type": "object"
}

NamedTeamingPolicy (type) 

{
  "extends": {
    "$ref": "TeamingPolicy
  }, 
  "id": "NamedTeamingPolicy", 
  "module_id": "UplinkHostSwitchProfile", 
  "properties": {
    "active_list": {
      "items": {
        "$ref": "Uplink
      }, 
      "required": true, 
      "title": "List of Uplinks used in active list", 
      "type": "array"
    }, 
    "name": {
      "description": "An uplink teaming policy of a given name defined in UplinkHostSwitchProfile. The names of all NamedTeamingPolicies in an UplinkHostSwitchProfile must be different, but a name can be shared by different UplinkHostSwitchProfiles. Different TransportNodes can use different NamedTeamingPolicies having the same name in different UplinkHostSwitchProfiles to realize an uplink teaming policy on a logical switch. An uplink teaming policy on a logical switch can be any policy defined by a user; it does not have to be a single type of FAILOVER or LOADBALANCE. It can be a combination of types, for instance, a user can define a policy with name \"MyHybridTeamingPolicy\" as \"FAILOVER on all ESX TransportNodes and LOADBALANCE on all KVM TransportNodes\". The name is the key of the teaming policy and can not be changed once assigned.", 
      "required": true, 
      "title": "The name of the uplink teaming policy", 
      "type": "string"
    }, 
    "policy": {
      "enum": [
        "FAILOVER_ORDER", 
        "LOADBALANCE_SRCID", 
        "LOADBALANCE_SRC_MAC"
      ], 
      "required": true, 
      "title": "Teaming policy", 
      "type": "string"
    }, 
    "standby_list": {
      "items": {
        "$ref": "Uplink
      }, 
      "required": false, 
      "title": "List of Uplinks used in standby list", 
      "type": "array"
    }
  }, 
  "title": "Uplink Teaming Policy with a name that can be referenced by logical switches", 
  "type": "object"
}

NatActions (type) 

{
  "additionalProperties": false, 
  "description": "NAT action types. Please note, the NO_NAT was deprecated. Please use the alternative NO_SNAT or NO_DNAT.", 
  "enum": [
    "SNAT", 
    "DNAT", 
    "NO_NAT", 
    "REFLEXIVE", 
    "NO_SNAT", 
    "NO_DNAT"
  ], 
  "id": "NatActions", 
  "module_id": "Nat", 
  "title": "NAT action types", 
  "type": "string"
}

NatCounters (type) 

{
  "id": "NatCounters", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "active_sessions": {
      "readonly": true, 
      "required": false, 
      "title": "The number of active sessions", 
      "type": "integer"
    }, 
    "total_bytes": {
      "readonly": true, 
      "required": false, 
      "title": "The number of bytes", 
      "type": "integer"
    }, 
    "total_packets": {
      "readonly": true, 
      "required": false, 
      "title": "The number of packets", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

NatFirewallMatch (type) 

{
  "additionalProperties": false, 
  "description": "The type indicates how the firewall is applied to a traffic packet. MATCH_EXTERNAL_ADRESS indicates the firewall will be applied to external address of a NAT rule. For SNAT, the external address is the translated source address after NAT is done. For DNAT, the external address is the original destination address before NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the translated source address after NAT is done; To ingress traffic, the firewall will be applied to the original destination address before NAT is done. MATCH_INTERNAL_ADDRESS indicates the firewall will be applied to internal address of a NAT rule. For SNAT, the internal address is the original source address before NAT is done. For DNAT, the internal address is the translated destination address after NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the original source address before NAT is done; To ingress traffic, the firewall will be applied to the translated destination address after NAT is done. BYPASS indicates the firewall stage will be skipped.", 
  "enum": [
    "MATCH_EXTERNAL_ADDRESS", 
    "MATCH_INTERNAL_ADDRESS", 
    "BYPASS"
  ], 
  "id": "NatFirewallMatch", 
  "module_id": "Nat", 
  "title": "The rule how the firewall is applied to a traffic packet", 
  "type": "string"
}

NatRule (type) 

{
  "additionalProperties": false, 
  "description": "The configuration entity to define a NAT rule. It defines how an ip packet is matched via source address or/and destination address or/and service(s), how the address (and/or) port is translated, and how the related firewall stage is involved or bypassed.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "NatRule", 
  "module_id": "Nat", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "action": {
      "$ref": "NatActions, 
      "description": "Valid actions: SNAT, DNAT, NO_SNAT, NO_DNAT, REFLEXIVE. All rules in a logical router are either stateless or stateful. Mix is not supported. SNAT and DNAT are stateful, can NOT be supported when the logical router is running at active-active HA mode; REFLEXIVE is stateless. NO_SNAT and NO_DNAT have no translated_fields, only match fields are supported.", 
      "required": true, 
      "title": "NAT rule action type"
    }, 
    "applied_tos": {
      "description": "Holds the list of LogicalRouterPort Ids that a NAT rule can be applied to. The LogicalRouterPort used must belong to the same LogicalRouter for which the NAT Rule is created. As of now a NAT rule can only have a single LogicalRouterPort as applied_tos. When applied_tos is not set, the NAT rule is applied to all LogicalRouterPorts beloging to the LogicalRouter.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 1, 
      "required": false, 
      "title": "List of LogicalRouterPort resources as applied to", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Indicator to enable/disable the rule.", 
      "required": false, 
      "title": "enable/disable the rule", 
      "type": "boolean"
    }, 
    "firewall_match": {
      "$ref": "NatFirewallMatch, 
      "description": "Indicate how firewall is applied to a traffic packet. Firewall can be bypassed, or be applied to external/internal address of NAT rule.  The firewall_match will take priority over nat_pass. If the firewall_match is not provided, the nat_pass will be picked up.", 
      "required": false, 
      "title": "The rule how the firewall is applied"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "internal_rule_id": {
      "description": "Internal NAT rule uuid for debug used in Controller and backend.", 
      "readonly": true, 
      "required": false, 
      "title": "Internal NAT rule uuid", 
      "type": "string"
    }, 
    "logging": {
      "default": false, 
      "description": "Enable/disable the logging of rule.", 
      "required": false, 
      "title": "Enable/disable the logging of rule", 
      "type": "boolean"
    }, 
    "logical_router_id": {
      "description": "The logical router id which the nat rule runs on.", 
      "readonly": true, 
      "required": false, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "match_destination_network": {
      "description": "IP Address | CIDR | (null implies Any)", 
      "required": false, 
      "title": "match destination network", 
      "type": "string"
    }, 
    "match_service": {
      "$ref": "NSServiceElement, 
      "description": "A NSServiceElement that specifies the matching services of source ports, destination ports, ip protocol version and number, sub protocol version and number, ICMP type and code, etc. The match_service can be one of IPProtocolNSService,L4PortSetNSService or ICMPTypeNSService. REFLEXIVE NAT does not support match_service.", 
      "required": false, 
      "title": "match service"
    }, 
    "match_source_network": {
      "description": "IP Address | CIDR | (null implies Any)", 
      "required": false, 
      "title": "match source network", 
      "type": "string"
    }, 
    "nat_pass": {
      "default": true, 
      "deprecated": true, 
      "description": "Default is true. If the nat_pass is set to true, the following firewall stage will be skipped. Please note, if action is NO_SNAT or NO_DNAT, then nat_pass must be set to true or omitted.  Nat_pass was deprecated with an alternative firewall_match. Please stop using nat_pass to specify whether firewall stage is skipped. if you want to skip, please set firewall_match to BYPASS. If you do not want to skip, please set the firewall_match to MATCH_EXTERNAL_ADDRESS or MATCH_INTERNAL_ADDRESS.  Please note, the firewall_match will take priority over the nat_pass. If both are provided, the nat_pass is ignored. If firewall_match is not provided while the nat_pass is specified, the nat_pass will still be picked up. In this case, if nat_pass is set to false, firewall rule will be applied on internall address of a packet, i.e. MATCH_INTERNAL_ADDRESS.", 
      "required": false, 
      "title": "enable/disable to bypass following firewall stage", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rule_priority": {
      "default": 1024, 
      "description": "Ascending, valid range [0-2147483647]. If multiple rules have the same priority, evaluation sequence is undefined.", 
      "required": false, 
      "title": "NAT rule priority", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "translated_network": {
      "description": "The translated address for the matched IP packet. For a SNAT, it can be a single ip address, an ip range, or a CIDR block. For a DNAT and a REFLEXIVE, it can be a single ip address or a CIDR block. Translated network is not supported for NO_SNAT or NO_DNAT.", 
      "required": false, 
      "title": "IP Address | IP Range | CIDR", 
      "type": "string"
    }, 
    "translated_ports": {
      "description": "The translated port(s) for the mtached IP packet. It can be a single port or a port range. Please note, port translating is supported only for DNAT.", 
      "required": false, 
      "title": "port number or port range. DNAT only", 
      "type": "string"
    }
  }, 
  "title": "The configuration entity to define a NAT rule", 
  "type": "object"
}

NatRuleList (type) 

{
  "additionalProperties": false, 
  "id": "NatRuleList", 
  "module_id": "Nat", 
  "properties": {
    "rules": {
      "description": "Add new NatRules to the list in Bulk creation.", 
      "items": {
        "$ref": "NatRule
      }, 
      "maxItems": 128, 
      "required": true, 
      "title": "NAT rules list", 
      "type": "array"
    }
  }, 
  "type": "object"
}

NatRuleListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NatRuleListResult", 
  "module_id": "Nat", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NatRule
      }, 
      "required": true, 
      "title": "NAT rule list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

NatStatisticsPerLogicalRouter (type) 

{
  "id": "NatStatisticsPerLogicalRouter", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Timestamp when the data was last updated; unset if data source has never updated the data."
    }, 
    "logical_router_id": {
      "readonly": true, 
      "required": true, 
      "title": "Id for the logical router", 
      "type": "string"
    }, 
    "per_transport_node_statistics": {
      "items": {
        "$ref": "NatStatisticsPerTransportNode
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Detailed per node statistics", 
      "type": "array"
    }, 
    "statistics_across_all_nodes": {
      "$ref": "NatCounters, 
      "readonly": true, 
      "required": true, 
      "title": "Rolled-up statistics for all rules on the logical router across all the nodes"
    }
  }, 
  "type": "object"
}

NatStatisticsPerRule (type) 

{
  "extends": {
    "$ref": "NatCounters
  }, 
  "id": "NatStatisticsPerRule", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "active_sessions": {
      "readonly": true, 
      "required": false, 
      "title": "The number of active sessions", 
      "type": "integer"
    }, 
    "id": {
      "readonly": true, 
      "required": true, 
      "title": "The id of the NAT rule.", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Timestamp when the data was last updated; unset if data source has never updated the data."
    }, 
    "logical_router_id": {
      "readonly": true, 
      "required": true, 
      "title": "The id of the logical router which owns the NAT rule.", 
      "type": "string"
    }, 
    "total_bytes": {
      "readonly": true, 
      "required": false, 
      "title": "The number of bytes", 
      "type": "integer"
    }, 
    "total_packets": {
      "readonly": true, 
      "required": false, 
      "title": "The number of packets", 
      "type": "integer"
    }, 
    "warning_message": {
      "readonly": true, 
      "required": false, 
      "title": "The warning message about the NAT Rule statistics.", 
      "type": "string"
    }
  }, 
  "type": "object"
}

NatStatisticsPerTransportNode (type) 

{
  "extends": {
    "$ref": "NatCounters
  }, 
  "id": "NatStatisticsPerTransportNode", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "active_sessions": {
      "readonly": true, 
      "required": false, 
      "title": "The number of active sessions", 
      "type": "integer"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Timestamp when the data was last updated; unset if data source has never updated the data."
    }, 
    "total_bytes": {
      "readonly": true, 
      "required": false, 
      "title": "The number of bytes", 
      "type": "integer"
    }, 
    "total_packets": {
      "readonly": true, 
      "required": false, 
      "title": "The number of packets", 
      "type": "integer"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": true, 
      "title": "Id for the transport node", 
      "type": "string"
    }
  }, 
  "type": "object"
}

NdSnoopingConfig (type) 

{
  "additionalProperties": false, 
  "description": "Contains Neighbor Discovery Protocol (ND) snooping related configuration.", 
  "id": "NdSnoopingConfig", 
  "module_id": "PolicyIpDiscovery", 
  "properties": {
    "nd_snooping_enabled": {
      "default": false, 
      "description": "Enable this method will snoop the NS (Neighbor Solicitation) and NA (Neighbor Advertisement) messages in the ND (Neighbor Discovery Protocol) family of messages which are transmitted by a VM. From the NS messages, we will learn about the source which sent this NS message. From the NA message, we will learn the resolved address in the message which the VM is a recipient of. Addresses snooped by this method are subject to TOFU (Trust on First Use) policies as enforced by the system.", 
      "required": false, 
      "title": "Is ND snooping enabled or not", 
      "type": "boolean"
    }, 
    "nd_snooping_limit": {
      "default": 3, 
      "description": "Maximum number of ND (Neighbor Discovery Protocol) snooped IPv6 addresses", 
      "maximum": 15, 
      "minimum": 2, 
      "required": false, 
      "title": "Maximum number of ND (Neighbor Discovery Protocol) bindings", 
      "type": "int"
    }
  }, 
  "title": "ND Snooping Configuration", 
  "type": "object"
}

NdpHeader (type) 

{
  "additionalProperties": false, 
  "id": "NdpHeader", 
  "module_id": "Traceflow", 
  "properties": {
    "dst_ip": {
      "$ref": "IPv6Address, 
      "description": "The IP address of the destination of the solicitation. It MUST NOT be a multicast address.", 
      "required": false, 
      "title": "The destination IP address"
    }, 
    "msg_type": {
      "default": "NEIGHBOR_SOLICITATION", 
      "description": "This field specifies the type of the Neighbor discover message being sent. NEIGHBOR_SOLICITATION - Neighbor Solicitation message to discover the link-layer address of an on-link IPv6 node or to confirm a previously determined link-layer address. NEIGHBOR_ADVERTISEMENT - Neighbor Advertisement message in response to a Neighbor Solicitation message.", 
      "enum": [
        "NEIGHBOR_SOLICITATION", 
        "NEIGHBOR_ADVERTISEMENT"
      ], 
      "title": "NDP message type", 
      "type": "string"
    }
  }, 
  "title": "Neighbor discovery protocol header", 
  "type": "object"
}

NeighborProperties (type) 

{
  "additionalProperties": false, 
  "id": "NeighborProperties", 
  "module_id": "Lldp", 
  "properties": {
    "capabilities": {
      "display": {
        "order": 6
      }, 
      "readonly": true, 
      "title": "Capabilities", 
      "type": "string"
    }, 
    "enabled_capabilities": {
      "display": {
        "order": 7
      }, 
      "readonly": true, 
      "title": "Enabled capabilities", 
      "type": "string"
    }, 
    "ifindex": {
      "display": {
        "order": 9
      }, 
      "readonly": true, 
      "title": "Interface index", 
      "type": "integer"
    }, 
    "link_aggregation_capable": {
      "display": {
        "order": 12
      }, 
      "readonly": true, 
      "title": "Aggregation Capability", 
      "type": "boolean"
    }, 
    "link_aggregation_port_id": {
      "display": {
        "order": 14
      }, 
      "readonly": true, 
      "title": "Aggregation port id", 
      "type": "string"
    }, 
    "link_aggregation_status": {
      "description": "True if currently in aggregation", 
      "display": {
        "order": 13
      }, 
      "readonly": true, 
      "title": "Aggregation Status", 
      "type": "boolean"
    }, 
    "mac": {
      "display": {
        "order": 2
      }, 
      "pattern": "^[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}$", 
      "readonly": true, 
      "title": "Interface MAC address", 
      "type": "string"
    }, 
    "mgmt_addr": {
      "display": {
        "order": 8
      }, 
      "readonly": true, 
      "title": "Management address", 
      "type": "string"
    }, 
    "name": {
      "display": {
        "order": 1
      }, 
      "readonly": true, 
      "title": "Interface name", 
      "type": "string"
    }, 
    "oid": {
      "display": {
        "order": 11
      }, 
      "readonly": true, 
      "title": "Object identifier", 
      "type": "string"
    }, 
    "port_desc": {
      "display": {
        "order": 3
      }, 
      "readonly": true, 
      "title": "Port description", 
      "type": "string"
    }, 
    "system_desc": {
      "display": {
        "order": 5
      }, 
      "readonly": true, 
      "title": "System description", 
      "type": "string"
    }, 
    "system_name": {
      "display": {
        "order": 4
      }, 
      "readonly": true, 
      "title": "System name", 
      "type": "string"
    }, 
    "system_port_number": {
      "display": {
        "order": 10
      }, 
      "readonly": true, 
      "title": "System port number", 
      "type": "integer"
    }
  }, 
  "title": "Neighbor properties", 
  "type": "object"
}

NestedExpression (type) 

{
  "additionalProperties": false, 
  "description": "Nested expressions is a list of condition expressions that must follow the below criteria: 0. Only allowed expressions in a NestedExpression are Condition and ConjunctionOperator. 1. A non-empty expression list, must be of odd size. In a list, with indices starting from 0, all condition expressions must be at even indices, separated by the conjunction expressions AND at odd indices. 2. There may be at most 5 condition expressions inside a list. 3. NestedExpressions are homogeneous in nature, i.e, all expressions inside a nested expression must have the same member type.", 
  "extends": {
    "$ref": "Expression
  }, 
  "id": "NestedExpression", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "NestedExpression"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "expressions": {
      "description": "Expression.", 
      "items": {
        "$ref": "Expression
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Expression", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "Condition", 
        "ConjunctionOperator", 
        "NestedExpression", 
        "IPAddressExpression", 
        "MACAddressExpression", 
        "ExternalIDExpression", 
        "PathExpression", 
        "IdentityGroupExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "NestedExpression", 
  "type": "object"
}

NetworkMigrationSpec (type) (Deprecated) 

{
  "abstract": true, 
  "deprecated": true, 
  "description": "The NetworkMigrationSpec is the base class for any types of network migration specifications to be handled by transport node. Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "NetworkMigrationSpec", 
  "module_id": "TransportNode", 
  "nsx_feature": "HostProfileSupport", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "NetworkMigrationSpecType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Abstract base type for network migration specification", 
  "type": "object"
}

NetworkMigrationSpecListParameters (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "NetworkMigrationSpecListParameters", 
  "module_id": "TransportNode", 
  "nsx_feature": "HostProfileSupport", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_system_owned": {
      "default": false, 
      "required": false, 
      "title": "Whether the list result contains system resources", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "type": {
      "$ref": "NetworkMigrationSpecType, 
      "required": false, 
      "title": "Type of network migration specification."
    }
  }, 
  "title": "NetworkMigrationSpec List Parameters", 
  "type": "object"
}

NetworkMigrationSpecListResult (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NetworkMigrationSpecListResult", 
  "module_id": "TransportNode", 
  "nsx_feature": "HostProfileSupport", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NetworkMigrationSpec
      }, 
      "readonly": true, 
      "title": "Network migration specification template results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Network migration specification template list result", 
  "type": "object"
}

NetworkMigrationSpecType (type) (Deprecated) 

{
  "deprecated": true, 
  "description": "Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.", 
  "enum": [
    "HostProfileNetworkMigrationSpec"
  ], 
  "id": "NetworkMigrationSpecType", 
  "module_id": "TransportNode", 
  "nsx_feature": "HostProfileSupport", 
  "title": "Supported network migration specification types.", 
  "type": "string"
}

NetworkMigrationSpecTypeIdEntry (type) (Deprecated) 

{
  "deprecated": true, 
  "description": "Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.", 
  "id": "NetworkMigrationSpecTypeIdEntry", 
  "module_id": "TransportNode", 
  "nsx_feature": "HostProfileSupport", 
  "properties": {
    "key": {
      "$ref": "NetworkMigrationSpecType, 
      "description": "the type of the NetworkMigrationSpec", 
      "readonly": true
    }, 
    "value": {
      "description": "the id of the NetworkMigrationSpec", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }
  }, 
  "type": "object"
}

NicInfo (type) 

{
  "description": "Information of a network interface present on the partner appliance that needs to be configured by the NSX Manager.", 
  "id": "NicInfo", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "gateway_address": {
      "description": "Gateway address associated with the NIC metadata.", 
      "readonly": false, 
      "required": false, 
      "title": "Gateway address", 
      "type": "string"
    }, 
    "ip_address": {
      "description": "IP address associated with the NIC metadata. Required only when assigning IP statically for a deployment that is for a single VM instance.", 
      "readonly": false, 
      "required": false, 
      "title": "IP address", 
      "type": "string"
    }, 
    "ip_allocation_type": {
      "description": "IP allocation type with values STATIC, DHCP, or NONE indicating that IP address is not required.", 
      "enum": [
        "STATIC", 
        "DHCP", 
        "NONE"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "IP allocation type", 
      "type": "string"
    }, 
    "ip_pool_id": {
      "description": "If the nic should get IP using a static IP pool then IP pool id should be provided here.", 
      "readonly": false, 
      "required": false, 
      "title": "Static IP Pool Id", 
      "type": "string"
    }, 
    "network_id": {
      "description": "Network Id associated with the NIC metadata. It can be a moref, or a logical switch ID. If it is to be taken from 'Agent VM Settings', then it should be empty.", 
      "readonly": false, 
      "required": false, 
      "title": "Network Id", 
      "type": "string"
    }, 
    "nic_metadata": {
      "$ref": "NicMetadata, 
      "description": "NIC metadata information.", 
      "readonly": true, 
      "required": true, 
      "title": "NIC metadata"
    }, 
    "subnet_mask": {
      "description": "Subnet mask associated with the NIC metadata.", 
      "readonly": false, 
      "required": false, 
      "title": "Subnet mask", 
      "type": "string"
    }
  }, 
  "title": "NIC information", 
  "type": "object"
}

NicMetadata (type) 

{
  "description": "Information on the Network interfaces present on the partner appliance that needs to be configured by the NSX Manager.", 
  "id": "NicMetadata", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "interface_index": {
      "description": "Network Interface index.", 
      "minimum": 0, 
      "readonly": false, 
      "required": true, 
      "title": "Interface Index", 
      "type": "integer"
    }, 
    "interface_label": {
      "description": "Network Interface label.", 
      "readonly": false, 
      "required": true, 
      "title": "Interface label", 
      "type": "string"
    }, 
    "interface_type": {
      "description": "Interface that needs to be configured on the partner appliance. Ex. MANAGEMENT, DATA1, DATA2, HA1, HA2, CONTROL.", 
      "enum": [
        "MANAGEMENT", 
        "DATA1", 
        "DATA2", 
        "HA1", 
        "HA2", 
        "CONTROL"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Interface type", 
      "type": "string"
    }, 
    "transports": {
      "description": "Transport Type of the service, which is the mechanism of redirecting the traffic to the the partner appliance. Transport type is required if Service caters to any functionality other than EPP. Here, the transports array specifies the kinds of transport where this particular NIC is user configurable. If nothing is specified, and the \"user_configurable\" flag is true, then user configuration will be allowed for all transports. If any transport is/are specified, then it will be considered as user configurable for the specified transports only.\"", 
      "items": {
        "enum": [
          "L2_BRIDGE", 
          "L3_ROUTED", 
          "NSH"
        ], 
        "type": "string"
      }, 
      "maxItems": 3, 
      "minItems": 0, 
      "readonly": false, 
      "required": false, 
      "title": "Transport Type", 
      "type": "array"
    }, 
    "user_configurable": {
      "description": "Used to specify if the given interface needs configuration. Management nics will always need the configuration, for others it will be use case specific. For example, a DATA NIC may be user configurable if the appliance is deployed in certain mode, such as L3_ROUTED.", 
      "readonly": false, 
      "required": false, 
      "title": "Required Configuration", 
      "type": "boolean"
    }
  }, 
  "title": "NIC Metadata", 
  "type": "object"
}

NiocProfile (type) 

{
  "description": "This profile is created for Network I/O Control(NIOC).", 
  "extends": {
    "$ref": "BaseHostSwitchProfile
  }, 
  "id": "NiocProfile", 
  "module_id": "NiocProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "NiocProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "The enabled property specifies the status of NIOC feature. When enabled is set to true, NIOC feature is turned on and the bandwidth allocations specified for the traffic resources are enforced. When enabled is set to false, NIOC feature is turned off and no bandwidth allocation is guaranteed. By default, enabled will be set to true.", 
      "nsx_feature": "Nioc", 
      "required": false, 
      "title": "Enabled status of NIOC feature", 
      "type": "boolean"
    }, 
    "host_infra_traffic_res": {
      "description": "host_infra_traffic_res specifies bandwidth allocation for various traffic resources.", 
      "items": {
        "$ref": "ResourceAllocation
      }, 
      "nsx_feature": "Nioc", 
      "required": false, 
      "title": "Resource allocation associated with NiocProfile", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "required_capabilities": {
      "help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "resource_type": {
      "$ref": "HostSwitchProfileType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Profile for Nioc", 
  "type": "object"
}

NoRestRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Parameter definition for requests that do not allow parameters.", 
  "id": "NoRestRequestParameters", 
  "module_id": "Types", 
  "properties": {}, 
  "type": "object"
}

Node (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "Node", 
  "module_id": "FabricNode", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "discovered_ip_addresses": {
      "items": {
        "$ref": "IPAddress
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Discovered IP Addresses of the fabric node, version 4 or 6", 
      "type": "array"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "required": false, 
      "title": "ID of the Node maintained on the Node and used to recognize the Node", 
      "type": "string"
    }, 
    "fqdn": {
      "readonly": true, 
      "required": false, 
      "title": "Fully qualified domain name of the fabric node", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_addresses": {
      "description": "IP Addresses of the Node, version 4 or 6. This property is mandatory for all nodes except for automatic deployment of edge virtual machine node. For automatic deployment, the ip address from management_port_subnets property will be considered.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "required": false, 
      "title": "IP Addresses of the Node, version 4 or 6", 
      "type": "array"
    }, 
    "resource_type": {
      "help_summary": "Possible values are 'HostNode', 'EdgeNode', 'PublicCloudGatewayNode'", 
      "required": true, 
      "title": "Fabric node type, for example 'HostNode', 'EdgeNode' or 'PublicCloudGatewayNode'", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

NodeActionParameters (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Fabric node action parameters", 
  "id": "NodeActionParameters", 
  "module_id": "FabricNode", 
  "properties": {
    "action": {
      "description": "For EdgeNode, the supported actions are enter_maintenance_mode, exit_maintenance_mode.", 
      "enum": [
        "enter_maintenance_mode", 
        "exit_maintenance_mode", 
        "get_maintenance_mode_state"
      ], 
      "title": "Supported fabric node actions", 
      "type": "string"
    }, 
    "evacuate_powered_off_vms": {
      "default": false, 
      "description": "Indicates whether to evacuate powered-off vms while entering maintenance mode.", 
      "readonly": true, 
      "required": false, 
      "title": "Evacuate powered-off vms", 
      "type": "boolean"
    }, 
    "vsan_mode": {
      "default": "ensure_object_accessibility", 
      "description": "Vsan decommission mode to be used while entering maintenance mode.", 
      "enum": [
        "evacuate_all_data", 
        "ensure_object_accessibility", 
        "no_action"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Vsan decommission mode", 
      "type": "string"
    }
  }, 
  "title": "Fabric node action parameters", 
  "type": "object"
}

NodeAuthProviderVidmProperties (type) 

{
  "additionalProperties": false, 
  "id": "NodeAuthProviderVidmProperties", 
  "properties": {
    "client_id": {
      "required": true, 
      "title": "vIDM client id", 
      "type": "string"
    }, 
    "client_secret": {
      "required": false, 
      "sensitive": true, 
      "title": "vIDM client secret", 
      "type": "string"
    }, 
    "host_name": {
      "required": true, 
      "title": "Fully Qualified Domain Name(FQDN) of vIDM", 
      "type": "string"
    }, 
    "lb_enable": {
      "required": false, 
      "title": "Load Balancer enable flag", 
      "type": "boolean"
    }, 
    "node_host_name": {
      "description": "host name to use when creating the redirect URL for clients to follow after authenticating to vIDM", 
      "required": true, 
      "title": "host name of the node redirected to", 
      "type": "string"
    }, 
    "thumbprint": {
      "description": "Hexadecimal SHA256 hash of the vIDM server's X.509 certificate", 
      "required": true, 
      "title": "vIDM certificate thumbprint", 
      "type": "string"
    }, 
    "vidm_enable": {
      "required": false, 
      "title": "vIDM enable flag", 
      "type": "boolean"
    }
  }, 
  "title": "Node AAA provider vIDM properties", 
  "type": "object"
}

NodeAuthProviderVidmStatus (type) 

{
  "additionalProperties": false, 
  "id": "NodeAuthProviderVidmStatus", 
  "properties": {
    "runtime_state": {
      "required": true, 
      "title": "AAA provider vIDM status", 
      "type": "string"
    }, 
    "vidm_enable": {
      "required": true, 
      "title": "vIDM enable flag", 
      "type": "boolean"
    }
  }, 
  "title": "Node AAA provider vIDM status", 
  "type": "object"
}

NodeCapabilitiesResult (type) 

{
  "additionalProperties": false, 
  "id": "NodeCapabilitiesResult", 
  "module_id": "FabricNode", 
  "properties": {
    "capabilities": {
      "items": {
        "$ref": "NodeCapability
      }, 
      "required": true, 
      "title": "Node capability results", 
      "type": "array"
    }
  }, 
  "title": "List of capabilities of a fabric node", 
  "type": "object"
}

NodeCapability (type) 

{
  "additionalProperties": false, 
  "id": "NodeCapability", 
  "module_id": "FabricNode", 
  "properties": {
    "description": {
      "readonly": true, 
      "required": true, 
      "title": "Description of this capability that can be displayed in UI", 
      "type": "string"
    }, 
    "key": {
      "readonly": true, 
      "required": true, 
      "title": "String that identifies the base capability for all nodes", 
      "type": "string"
    }, 
    "provider": {
      "readonly": true, 
      "required": true, 
      "title": "Provider of this capability for the node", 
      "type": "string"
    }, 
    "value": {
      "readonly": true, 
      "required": true, 
      "title": "Value of this capability", 
      "type": "string"
    }, 
    "version": {
      "readonly": true, 
      "required": true, 
      "title": "Version of the capability", 
      "type": "int"
    }
  }, 
  "title": "Capability of a fabric node", 
  "type": "object"
}

NodeCertificateInfo (type) 

{
  "id": "NodeCertificateInfo", 
  "module_id": "ClusterManagement", 
  "properties": {
    "certificate": {
      "title": "Certificate content", 
      "type": "string"
    }, 
    "certificate_sha256_thumbprint": {
      "title": "SHA256 of certificate", 
      "type": "string"
    }, 
    "entity_type": {
      "$ref": "NsxEntity, 
      "title": "Entity type of this certificate"
    }
  }, 
  "type": "object"
}

NodeEntityInfo (type) 

{
  "id": "NodeEntityInfo", 
  "module_id": "ClusterManagement", 
  "properties": {
    "entity_type": {
      "$ref": "NsxEntity, 
      "title": "Entity type of this service endpoint"
    }, 
    "ip_address": {
      "title": "IP address of service provider", 
      "type": "string"
    }, 
    "port": {
      "maximum": 65535, 
      "minimum": 0, 
      "title": "Port number of service provider", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

NodeFileSystemProperties (type) 

{
  "additionalProperties": false, 
  "id": "NodeFileSystemProperties", 
  "module_id": "ApplianceStats", 
  "properties": {
    "file_system": {
      "readonly": true, 
      "title": "File system id", 
      "type": "string"
    }, 
    "mount": {
      "readonly": true, 
      "title": "File system mount", 
      "type": "string"
    }, 
    "total": {
      "readonly": true, 
      "title": "File system size in kilobytes", 
      "type": "integer"
    }, 
    "type": {
      "readonly": true, 
      "title": "File system type", 
      "type": "string"
    }, 
    "used": {
      "readonly": true, 
      "title": "Amount of file system used in kilobytes", 
      "type": "integer"
    }
  }, 
  "title": "File system properties", 
  "type": "object"
}

NodeHttpServiceProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "NodeServiceProperties
  }, 
  "id": "NodeHttpServiceProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "service_name": {
      "required": true, 
      "title": "Service name", 
      "type": "string"
    }, 
    "service_properties": {
      "$ref": "HttpServiceProperties, 
      "title": "HTTP Service properties"
    }
  }, 
  "title": "Node HTTP service properties", 
  "type": "object"
}

NodeIdServicesMap (type) 

{
  "additionalProperties": false, 
  "id": "NodeIdServicesMap", 
  "module_id": "CertificateManager", 
  "properties": {
    "node_id": {
      "maxLength": 255, 
      "readonly": false, 
      "required": true, 
      "title": "NodeId", 
      "type": "string"
    }, 
    "service_types": {
      "description": "list of ServiceTypes", 
      "items": {
        "$ref": "ServiceType
      }, 
      "readonly": false, 
      "required": true, 
      "type": "array"
    }
  }, 
  "type": "object"
}

NodeInfo (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeInfo", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "component_version": {
      "readonly": true, 
      "required": true, 
      "title": "Component version of the node", 
      "type": "string"
    }, 
    "display_name": {
      "readonly": true, 
      "required": true, 
      "title": "Name of the node", 
      "type": "string"
    }, 
    "id": {
      "description": "Identifier of the node", 
      "readonly": true, 
      "required": true, 
      "title": "UUID of node", 
      "type": "string"
    }, 
    "type": {
      "readonly": true, 
      "required": true, 
      "title": "Node type", 
      "type": "string"
    }
  }, 
  "type": "object"
}

NodeInfoListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "NodeInfoListRequestParameters", 
  "module_id": "Upgrade", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": false, 
      "title": "Component type based on which nodes will be filtered", 
      "type": "string"
    }, 
    "component_version": {
      "readonly": false, 
      "required": false, 
      "title": "Component version based on which nodes will be filtered", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

NodeInfoListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NodeInfoListResult", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NodeInfo
      }, 
      "required": true, 
      "title": "Paged Collection of Nodes", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

NodeInstallUpgradeServiceProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "NodeServiceProperties
  }, 
  "id": "NodeInstallUpgradeServiceProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "service_name": {
      "required": true, 
      "title": "Service name", 
      "type": "string"
    }, 
    "service_properties": {
      "$ref": "InstallUpgradeServiceProperties, 
      "title": "install-upgrade Service properties"
    }
  }, 
  "title": "Node install-upgrade service properties", 
  "type": "object"
}

NodeInterfaceAlias (type) 

{
  "additionalProperties": false, 
  "id": "NodeInterfaceAlias", 
  "module_id": "ApplianceStats", 
  "properties": {
    "broadcast_address": {
      "$ref": "IPAddress, 
      "pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$", 
      "title": "Interface broadcast address"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$", 
      "title": "Interface IP address"
    }, 
    "ip_configuration": {
      "enum": [
        "dhcp", 
        "static", 
        "not configured"
      ], 
      "title": "Interface configuration", 
      "type": "string"
    }, 
    "netmask": {
      "pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$", 
      "title": "Interface netmask", 
      "type": "string"
    }, 
    "physical_address": {
      "$ref": "MACAddress, 
      "title": "Interface MAC address"
    }
  }, 
  "title": "Node network interface alias", 
  "type": "object"
}

NodeInterfaceProperties (type) 

{
  "additionalProperties": false, 
  "id": "NodeInterfaceProperties", 
  "module_id": "ApplianceStats", 
  "properties": {
    "admin_status": {
      "enum": [
        "UP", 
        "DOWN"
      ], 
      "title": "Interface administration status", 
      "type": "string"
    }, 
    "backing_nsx_managed": {
      "title": "Indicates whether backing of VIRTUAL network interface is managed by NSX", 
      "type": "boolean"
    }, 
    "connected_switch": {
      "title": "Connected switch", 
      "type": "string"
    }, 
    "ens_capable": {
      "title": "Interface capability for Enhanced Networking Stack", 
      "type": "boolean"
    }, 
    "ens_enabled": {
      "title": "Indicates whether interface is enabled for Enhanced Networking Stack", 
      "type": "boolean"
    }, 
    "host_managed": {
      "title": "Indicates whether interface is managed by the host", 
      "type": "boolean"
    }, 
    "interface_alias": {
      "items": {
        "$ref": "NodeInterfaceAlias
      }, 
      "title": "IP Alias", 
      "type": "array"
    }, 
    "interface_id": {
      "title": "Interface ID", 
      "type": "string"
    }, 
    "interface_type": {
      "enum": [
        "PHYSICAL", 
        "VIRTUAL"
      ], 
      "title": "Interface Type", 
      "type": "string"
    }, 
    "link_status": {
      "enum": [
        "UP", 
        "DOWN"
      ], 
      "title": "Interface administration status", 
      "type": "string"
    }, 
    "lport_attachment_id": {
      "title": "LPort Attachment Id assigned to VIRTUAL network interface of a node", 
      "type": "string"
    }, 
    "mtu": {
      "title": "Interface MTU", 
      "type": "integer"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "title": "Source of status data"
    }
  }, 
  "title": "Node network interface properties", 
  "type": "object"
}

NodeInterfacePropertiesListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NodeInterfacePropertiesListResult", 
  "module_id": "ApplianceStats", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NodeInterfaceProperties
      }, 
      "required": true, 
      "title": "Node interface property results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Node network interface properties list results", 
  "type": "object"
}

NodeInterfaceStatisticsProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeInterfaceStatisticsProperties", 
  "module_id": "ApplianceStats", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "interface_id": {
      "title": "Interface ID", 
      "type": "string"
    }, 
    "rx_bytes": {
      "title": "Number of bytes received", 
      "type": "integer"
    }, 
    "rx_dropped": {
      "title": "Number of packets dropped", 
      "type": "integer"
    }, 
    "rx_errors": {
      "title": "Number of receive errors", 
      "type": "integer"
    }, 
    "rx_frame": {
      "title": "Number of framing errors", 
      "type": "integer"
    }, 
    "rx_packets": {
      "title": "Number of packets received", 
      "type": "integer"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "title": "Source of status data."
    }, 
    "tx_bytes": {
      "title": "Number of bytes transmitted", 
      "type": "integer"
    }, 
    "tx_carrier": {
      "title": "Number of carrier losses detected", 
      "type": "integer"
    }, 
    "tx_colls": {
      "title": "Number of collisions detected", 
      "type": "integer"
    }, 
    "tx_dropped": {
      "title": "Number of packets dropped", 
      "type": "integer"
    }, 
    "tx_errors": {
      "title": "Number of transmit errors", 
      "type": "integer"
    }, 
    "tx_packets": {
      "title": "Number of packets transmitted", 
      "type": "integer"
    }
  }, 
  "title": "Node network interface statistic properties", 
  "type": "object"
}

NodeListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "NodeListRequestParameters", 
  "module_id": "FabricNode", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "discovered_node_id": {
      "required": false, 
      "title": "Id of the discovered node which was converted to create this node", 
      "type": "string"
    }, 
    "display_name": {
      "required": false, 
      "title": "HostNode display name", 
      "type": "string"
    }, 
    "external_id": {
      "required": false, 
      "title": "HostNode external id", 
      "type": "string"
    }, 
    "hardware_id": {
      "description": "HardwareId of the host is used to get fabric node on reboot.", 
      "required": false, 
      "title": "Hardware Id of the host", 
      "type": "string"
    }, 
    "hypervisor_os_type": {
      "enum": [
        "ESXI", 
        "RHELKVM", 
        "UBUNTUKVM", 
        "HYPERV", 
        "RHELCONTAINER", 
        "CENTOSCONTAINER", 
        "RHELSERVER", 
        "UBUNTUSERVER", 
        "CENTOSSERVER", 
        "CENTOSKVM", 
        "SLESKVM", 
        "SLESSERVER"
      ], 
      "required": false, 
      "title": "HostNode's Hypervisor type, for example ESXi, RHEL KVM or UBUNTU KVM.", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "ip_address": {
      "required": false, 
      "title": "Management IP address of the node", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "resource_type": {
      "enum": [
        "HostNode", 
        "EdgeNode", 
        "PublicCloudGatewayNode"
      ], 
      "required": false, 
      "title": "Node type from 'HostNode', 'EdgeNode', 'PublicCloudGatewayNode'", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Node list parameters", 
  "type": "object"
}

NodeListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NodeListResult", 
  "module_id": "FabricNode", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Node
      }, 
      "required": true, 
      "title": "Node list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Node list result", 
  "type": "object"
}

NodeLogProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeLogProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Last modified time expressed in milliseconds since epoch"
    }, 
    "log_name": {
      "readonly": true, 
      "title": "Name of log file", 
      "type": "string"
    }, 
    "log_size": {
      "readonly": true, 
      "title": "Size of log file in bytes", 
      "type": "integer"
    }
  }, 
  "title": "Node log properties", 
  "type": "object"
}

NodeLogPropertiesListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NodeLogPropertiesListResult", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NodeLogProperties
      }, 
      "required": true, 
      "title": "Node log property results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Node log property query results", 
  "type": "object"
}

NodeMessagingClientInfo (type) 

{
  "id": "NodeMessagingClientInfo", 
  "module_id": "ClusterManagement", 
  "properties": {
    "clients": {
      "items": {
        "$ref": "MessagingClientInfo
      }, 
      "title": "A list of messaging clients owned by this entity", 
      "type": "array"
    }, 
    "entity_type": {
      "$ref": "NsxEntity, 
      "title": "Entity type of this messaging client"
    }
  }, 
  "type": "object"
}

NodeMode (type) 

{
  "description": "Possible values of a mode in a \"/config/nsx_appliance_mode\" file", 
  "id": "NodeMode", 
  "module_id": "ApplianceModes", 
  "properties": {
    "mode_id": {
      "description": "Possible enum values in a \"/config/nsx_appliance_mode\" file", 
      "enum": [
        "ON_PREM", 
        "SERVICE", 
        "VMC", 
        "VMC_LOCAL"
      ], 
      "required": true, 
      "title": "Nsx node mode", 
      "type": "string"
    }
  }, 
  "title": "Stub for Nsx node modes", 
  "type": "object"
}

NodeNameServersProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeNameServersProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "name_servers": {
      "items": {
        "type": "string"
      }, 
      "maxItems": 3, 
      "required": true, 
      "title": "Name servers", 
      "type": "array"
    }
  }, 
  "title": "Node network name servers properties", 
  "type": "object"
}

NodeNetworkInterfaceProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeNetworkInterfaceProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "admin_status": {
      "enum": [
        "up", 
        "down"
      ], 
      "readonly": true, 
      "title": "Interface administration status", 
      "type": "string"
    }, 
    "bond_mode": {
      "enum": [
        "ACTIVE_BACKUP", 
        "802_3AD", 
        "ROUND_ROBIN", 
        "BROADCAST", 
        "XOR", 
        "TLB", 
        "ALB"
      ], 
      "title": "Bond mode", 
      "type": "string"
    }, 
    "bond_primary": {
      "title": "Bond's primary device name in active-backup bond mode", 
      "type": "string"
    }, 
    "bond_slaves": {
      "items": {
        "type": "string"
      }, 
      "title": "Bond's slave devices", 
      "type": "array"
    }, 
    "broadcast_address": {
      "pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$", 
      "title": "Interface broadcast address", 
      "type": "string"
    }, 
    "default_gateway": {
      "pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$", 
      "title": "Interface's default gateway", 
      "type": "string"
    }, 
    "interface_id": {
      "readonly": true, 
      "required": true, 
      "title": "Interface ID", 
      "type": "string"
    }, 
    "ip_addresses": {
      "items": {
        "$ref": "IPv4AddressProperties
      }, 
      "maxItems": 1, 
      "title": "Interface IP addresses", 
      "type": "array"
    }, 
    "ip_configuration": {
      "enum": [
        "dhcp", 
        "static", 
        "not configured"
      ], 
      "required": true, 
      "title": "Interface configuration", 
      "type": "string"
    }, 
    "is_kni": {
      "readonly": true, 
      "title": "Interface is a KNI", 
      "type": "boolean"
    }, 
    "link_status": {
      "enum": [
        "up", 
        "down"
      ], 
      "readonly": true, 
      "title": "Interface administration status", 
      "type": "string"
    }, 
    "mtu": {
      "title": "Interface MTU", 
      "type": "integer"
    }, 
    "physical_address": {
      "pattern": "^[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}$", 
      "readonly": true, 
      "title": "Interface MAC address", 
      "type": "string"
    }, 
    "plane": {
      "enum": [
        "mgmt", 
        "debug", 
        "none"
      ], 
      "title": "Interface plane", 
      "type": "string"
    }, 
    "vlan": {
      "maximum": 4094, 
      "minimum": 1, 
      "readonly": true, 
      "title": "VLAN Id", 
      "type": "integer"
    }
  }, 
  "title": "Node network interface properties", 
  "type": "object"
}

NodeNetworkInterfacePropertiesListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NodeNetworkInterfacePropertiesListResult", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NodeNetworkInterfaceProperties
      }, 
      "required": true, 
      "title": "Node network interface property results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Node network interface properties list results", 
  "type": "object"
}

NodeNetworkProperties (type) 

{
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeNetworkProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }
  }, 
  "title": "Network configuration properties", 
  "type": "object"
}

NodeNtpServiceProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "NodeServiceProperties
  }, 
  "id": "NodeNtpServiceProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "service_name": {
      "required": true, 
      "title": "Service name", 
      "type": "string"
    }, 
    "service_properties": {
      "$ref": "NtpServiceProperties, 
      "title": "NTP Service properties"
    }
  }, 
  "title": "Node NTP service properties", 
  "type": "object"
}

NodePolicyServiceProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "NodeServiceProperties
  }, 
  "id": "NodePolicyServiceProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "service_name": {
      "required": true, 
      "title": "Service name", 
      "type": "string"
    }, 
    "service_properties": {
      "$ref": "LoggingServiceProperties, 
      "title": "Service properties"
    }
  }, 
  "title": "Node service properties", 
  "type": "object"
}

NodeProcessProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeProcessProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cpu_time": {
      "readonly": true, 
      "title": "CPU time (user and system) consumed by process in milliseconds", 
      "type": "integer"
    }, 
    "mem_resident": {
      "readonly": true, 
      "title": "Resident set size of process in bytes", 
      "type": "integer"
    }, 
    "mem_used": {
      "readonly": true, 
      "title": "Virtual memory used by process in bytes", 
      "type": "integer"
    }, 
    "pid": {
      "readonly": true, 
      "title": "Process id", 
      "type": "integer"
    }, 
    "ppid": {
      "readonly": true, 
      "title": "Parent process id", 
      "type": "integer"
    }, 
    "process_name": {
      "readonly": true, 
      "title": "Process name", 
      "type": "string"
    }, 
    "start_time": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Process start time expressed in milliseconds since epoch"
    }, 
    "uptime": {
      "readonly": true, 
      "title": "Milliseconds since process started", 
      "type": "integer"
    }
  }, 
  "title": "Node process properties", 
  "type": "object"
}

NodeProcessPropertiesListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NodeProcessPropertiesListResult", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NodeProcessProperties
      }, 
      "required": true, 
      "title": "Node process property results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Node process property query results", 
  "type": "object"
}

NodeProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cli_timeout": {
      "minimum": 0, 
      "title": "NSX CLI inactivity timeout, set to 0 to configure no timeout", 
      "type": "integer"
    }, 
    "export_type": {
      "enum": [
        "RESTRICTED", 
        "UNRESTRICTED"
      ], 
      "readonly": true, 
      "title": "Export restrictions in effect, if any", 
      "type": "string"
    }, 
    "fully_qualified_domain_name": {
      "readonly": true, 
      "title": "Fully qualified domain name", 
      "type": "string"
    }, 
    "hostname": {
      "$ref": "SystemHostname, 
      "title": "Host name or fully qualified domain name of node", 
      "type": "string"
    }, 
    "kernel_version": {
      "readonly": true, 
      "title": "Kernel version", 
      "type": "string"
    }, 
    "motd": {
      "title": "Message of the day to display when users login to node using the NSX CLI", 
      "type": [
        "string", 
        "null"
      ]
    }, 
    "node_version": {
      "readonly": true, 
      "title": "Node version", 
      "type": "string"
    }, 
    "product_version": {
      "readonly": true, 
      "title": "Product version", 
      "type": "string"
    }, 
    "system_datetime": {
      "$ref": "DatetimeUTC, 
      "title": "System date time in UTC"
    }, 
    "system_time": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Current time expressed in milliseconds since epoch"
    }, 
    "timezone": {
      "title": "Timezone", 
      "type": "string"
    }
  }, 
  "title": "Node properties", 
  "type": "object"
}

NodeProtonServiceProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "NodeServiceProperties
  }, 
  "id": "NodeProtonServiceProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "service_name": {
      "required": true, 
      "title": "Service name", 
      "type": "string"
    }, 
    "service_properties": {
      "$ref": "LoggingServiceProperties, 
      "title": "Service properties"
    }
  }, 
  "title": "Node service properties", 
  "type": "object"
}

NodeRouteProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeRouteProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "destination": {
      "title": "Destination covered by route", 
      "type": "string"
    }, 
    "from_address": {
      "pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$", 
      "title": "From address", 
      "type": "string"
    }, 
    "gateway": {
      "pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$", 
      "title": "Address of next hop", 
      "type": "string"
    }, 
    "interface_id": {
      "title": "Network interface id of route", 
      "type": "string"
    }, 
    "metric": {
      "title": "Metric value of route", 
      "type": "string"
    }, 
    "netmask": {
      "pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$", 
      "title": "Netmask of destination covered by route", 
      "type": "string"
    }, 
    "proto": {
      "default": "boot", 
      "enum": [
        "unspec", 
        "redirect", 
        "kernel", 
        "boot", 
        "static", 
        "gated", 
        "ra", 
        "mrt", 
        "zebra", 
        "bird", 
        "dnrouted", 
        "xorp", 
        "ntk", 
        "dhcp"
      ], 
      "title": "Routing protocol identifier of route", 
      "type": "string"
    }, 
    "route_id": {
      "readonly": true, 
      "title": "Unique identifier for the route", 
      "type": "string"
    }, 
    "route_type": {
      "enum": [
        "default", 
        "static", 
        "blackhole", 
        "prohibit", 
        "throw", 
        "unreachable"
      ], 
      "required": true, 
      "title": "Route type", 
      "type": "string"
    }, 
    "scope": {
      "title": "Scope of destinations covered by route", 
      "type": "string"
    }, 
    "src": {
      "pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$", 
      "title": "Source address to prefer when sending to destinations of route", 
      "type": "string"
    }
  }, 
  "title": "Node network route properties", 
  "type": "object"
}

NodeRoutePropertiesListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NodeRoutePropertiesListResult", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NodeRouteProperties
      }, 
      "required": true, 
      "title": "Node route property results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Node network route properties list results", 
  "type": "object"
}

NodeSearchDomainsProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeSearchDomainsProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "search_domains": {
      "items": {
        "type": "string"
      }, 
      "required": true, 
      "title": "Search domains", 
      "type": "array"
    }
  }, 
  "title": "Node network search domains properties", 
  "type": "object"
}

NodeServiceProperties (type) 

{
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeServiceProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "service_name": {
      "required": true, 
      "title": "Service name", 
      "type": "string"
    }
  }, 
  "title": "Node service properties", 
  "type": "object"
}

NodeServicePropertiesListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NodeServicePropertiesListResult", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NodeServiceProperties
      }, 
      "required": true, 
      "title": "Node service property results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Node service property query results", 
  "type": "object"
}

NodeServiceStatusProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeServiceStatusProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "health": {
      "readonly": true, 
      "required": false, 
      "title": "Service health in addition to runtime_state", 
      "type": "string"
    }, 
    "monitor_pid": {
      "readonly": true, 
      "title": "Service monitor process id", 
      "type": "integer"
    }, 
    "monitor_runtime_state": {
      "enum": [
        "running", 
        "stopped"
      ], 
      "readonly": true, 
      "title": "Service monitor runtime state", 
      "type": "string"
    }, 
    "pids": {
      "items": {
        "type": "integer"
      }, 
      "readonly": true, 
      "title": "Service process ids", 
      "type": "array"
    }, 
    "runtime_state": {
      "enum": [
        "running", 
        "stopped"
      ], 
      "readonly": true, 
      "title": "Service runtime state", 
      "type": "string"
    }
  }, 
  "title": "Node service status properties", 
  "type": "object"
}

NodeSnmpServiceProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "NodeServiceProperties
  }, 
  "id": "NodeSnmpServiceProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "service_name": {
      "required": true, 
      "title": "Service name", 
      "type": "string"
    }, 
    "service_properties": {
      "$ref": "SnmpServiceProperties, 
      "required": true, 
      "title": "SNMP Service properties"
    }
  }, 
  "title": "Node SNMP service properties", 
  "type": "object"
}

NodeSnmpV3EngineID (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "NodeServiceProperties
  }, 
  "id": "NodeSnmpV3EngineID", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "service_name": {
      "required": true, 
      "title": "Service name", 
      "type": "string"
    }, 
    "v3_engine_id": {
      "required": true, 
      "title": "SNMP v3 engine id", 
      "type": "string"
    }
  }, 
  "title": "SNMP V3 Engine Id", 
  "type": "object"
}

NodeSshServiceProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "NodeServiceProperties
  }, 
  "id": "NodeSshServiceProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "service_name": {
      "required": true, 
      "title": "Service name", 
      "type": "string"
    }, 
    "service_properties": {
      "$ref": "SshServiceProperties, 
      "title": "SSH Service properties"
    }
  }, 
  "title": "Node SSH service properties", 
  "type": "object"
}

NodeStatus (type) 

{
  "id": "NodeStatus", 
  "module_id": "FabricNode", 
  "properties": {
    "external_id": {
      "required": false, 
      "title": "HostNode external id", 
      "type": "string"
    }, 
    "host_node_deployment_status": {
      "description": "This enum specifies the current nsx install state for host node or current deployment and ready state for edge node. The ready status 'NODE_READY' indicates whether edge node is ready to become a transport node. The status 'EDGE_CONFIG_ERROR' indicates that edge hardware or underlying host is not supported. After all fabric level operations are done for an edge node, this value indicates transport node related configuration issues and state as relevant.", 
      "enum": [
        "NOT_PREPARED", 
        "INSTALL_IN_PROGRESS", 
        "INSTALL_FAILED", 
        "INSTALL_SUCCESSFUL", 
        "UNINSTALL_IN_PROGRESS", 
        "UNINSTALL_FAILED", 
        "UNINSTALL_SUCCESSFUL", 
        "UNINSTALL_SCHEDULED", 
        "UPGRADE_IN_PROGRESS", 
        "UPGRADE_FAILED", 
        "PENDING_UPGRADE", 
        "NOT_AVAILABLE", 
        "VM_DEPLOYMENT_QUEUED", 
        "VM_DEPLOYMENT_IN_PROGRESS", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_IN_PROGRESS", 
        "VM_POWER_ON_FAILED", 
        "REGISTRATION_PENDING", 
        "NODE_NOT_READY", 
        "NODE_READY", 
        "VM_POWER_OFF_IN_PROGRESS", 
        "VM_POWER_OFF_FAILED", 
        "VM_UNDEPLOY_IN_PROGRESS", 
        "VM_UNDEPLOY_FAILED", 
        "VM_UNDEPLOY_SUCCESSFUL", 
        "EDGE_CONFIG_ERROR", 
        "VM_DEPLOYMENT_RESTARTED", 
        "REGISTRATION_FAILED", 
        "HOST_DISCONNECTED", 
        "POWERED_OFF", 
        "TRANSPORT_NODE_SYNC_PENDING", 
        "TRANSPORT_NODE_CONFIGURATION_MISSING", 
        "EDGE_HARDWARE_NOT_SUPPORTED", 
        "MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED", 
        "TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER", 
        "TZ_ENDPOINTS_NOT_SPECIFIED", 
        "NO_PNIC_PREPARED_IN_EDGE", 
        "APPLIANCE_INTERNAL_ERROR", 
        "VTEP_DHCP_NOT_SUPPORTED", 
        "UNSUPPORTED_HOST_SWITCH_PROFILE", 
        "UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED", 
        "HOSTSWITCH_PROFILE_NOT_FOUND", 
        "LLDP_SEND_ENABLED_NOT_SUPPORTED", 
        "UNSUPPORTED_NAMED_TEAMING_POLICY", 
        "MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING", 
        "LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM", 
        "LACP_NOT_SUPPORTED_FOR_EDGE_VM", 
        "STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM", 
        "MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE", 
        "UNSUPPORTED_LACP_LB_ALGO_FOR_NODE", 
        "EDGE_NODE_VERSION_NOT_SUPPORTED", 
        "NO_PNIC_SPECIFIED_IN_TN", 
        "INVALID_PNIC_DEVICE_NAME", 
        "TRANSPORT_NODE_READY", 
        "UNSUPPORTED_DEFAULT_TEAMING_POLICY", 
        "MPA_DISCONNECTED", 
        "VM_NETWORK_EDIT_PENDING", 
        "VM_RENAME_PENDING", 
        "VM_CONFIG_EDIT_PENDING", 
        "VM_NETWORK_EDIT_FAILED", 
        "VM_RENAME_FAILED", 
        "VM_CONFIG_EDIT_FAILED", 
        "VM_CONFIG_DISCREPANCY", 
        "VM_NODE_REFRESH_FAILED", 
        "VM_PLACEMENT_REFRESH_FAILED"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Install/Uninstall status of deployment.", 
      "type": "string"
    }, 
    "inventory_sync_paused": {
      "readonly": true, 
      "required": false, 
      "title": "Is true if inventory sync is paused else false", 
      "type": "boolean"
    }, 
    "inventory_sync_reenable_time": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "required": false, 
      "title": "Inventory sync auto re-enable target time, in epoch milis"
    }, 
    "last_heartbeat_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp of the last heartbeat status change, in epoch milliseconds."
    }, 
    "last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp of the last successful update of Inventory, in epoch milliseconds."
    }, 
    "lcp_connectivity_status": {
      "default": "UNKNOWN", 
      "enum": [
        "UP", 
        "DOWN", 
        "DEGRADED", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Indicates the fabric node's LCP&lt;-&gt;CCP channel connectivity status, UP, DOWN, DEGRADED, UNKNOWN.", 
      "type": "string"
    }, 
    "lcp_connectivity_status_details": {
      "default": [], 
      "items": {
        "$ref": "ControlConnStatus
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Details, if any, about the current LCP&lt;-&gt;CCP channel connectivity status of the fabric node.", 
      "type": "array"
    }, 
    "maintenance_mode": {
      "enum": [
        "OFF", 
        "ENTERING", 
        "ON", 
        "EXITING"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Indicates the fabric node's status of maintenance mode, OFF, ENTERING, ON, EXITING.", 
      "type": "string"
    }, 
    "mpa_connectivity_status": {
      "enum": [
        "UP", 
        "DOWN", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Indicates the fabric node's MP&lt;-&gt;MPA channel connectivity status, UP, DOWN, UNKNOWN.", 
      "type": "string"
    }, 
    "mpa_connectivity_status_details": {
      "readonly": true, 
      "required": false, 
      "title": "Details, if any, about the current MP&lt;-&gt;MPA channel connectivity status of the fabric node.", 
      "type": "string"
    }, 
    "software_version": {
      "readonly": true, 
      "title": "Software version of the fabric node.", 
      "type": "string"
    }, 
    "system_status": {
      "$ref": "NodeStatusProperties, 
      "readonly": true, 
      "required": false, 
      "title": "Node status properties"
    }
  }, 
  "title": "Runtime status information of the fabric node.", 
  "type": "object"
}

NodeStatusListResult (type) 

{
  "additionalProperties": false, 
  "id": "NodeStatusListResult", 
  "module_id": "FabricNode", 
  "properties": {
    "results": {
      "items": {
        "$ref": "NodeStatus
      }, 
      "required": true, 
      "title": "Node Status list results", 
      "type": "array"
    }
  }, 
  "title": "Node Status list result", 
  "type": "object"
}

NodeStatusProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeStatusProperties", 
  "module_id": "ApplianceStats", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cpu_cores": {
      "readonly": true, 
      "title": "Number of CPU cores on the system", 
      "type": "integer"
    }, 
    "file_systems": {
      "items": {
        "$ref": "NodeFileSystemProperties
      }, 
      "readonly": true, 
      "title": "File systems configured on the system", 
      "type": "array"
    }, 
    "load_average": {
      "items": {
        "type": "number"
      }, 
      "readonly": true, 
      "title": "One, five, and fifteen minute load averages for the system", 
      "type": "array"
    }, 
    "mem_cache": {
      "readonly": true, 
      "title": "Amount of RAM on the system that can be flushed out to disk, in kilobytes", 
      "type": "integer"
    }, 
    "mem_total": {
      "readonly": true, 
      "title": "Amount of RAM allocated to the system, in kilobytes", 
      "type": "integer"
    }, 
    "mem_used": {
      "readonly": true, 
      "title": "Amount of RAM in use on the system, in kilobytes", 
      "type": "integer"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "readonly": true, 
      "title": "Source of status data."
    }, 
    "swap_total": {
      "readonly": true, 
      "title": "Amount of disk available for swap, in kilobytes", 
      "type": "integer"
    }, 
    "swap_used": {
      "readonly": true, 
      "title": "Amount of swap disk in use, in kilobytes", 
      "type": "integer"
    }, 
    "system_time": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Current time expressed in milliseconds since epoch"
    }, 
    "uptime": {
      "readonly": true, 
      "title": "Milliseconds since system start", 
      "type": "integer"
    }
  }, 
  "title": "Node status properties", 
  "type": "object"
}

NodeSummary (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeSummary", 
  "module_id": "Migration", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "component_version": {
      "readonly": true, 
      "required": true, 
      "title": "Component version", 
      "type": "string"
    }, 
    "node_count": {
      "description": "Number of nodes of the type and at the component version", 
      "readonly": true, 
      "required": true, 
      "title": "Count of nodes", 
      "type": "int"
    }, 
    "type": {
      "readonly": true, 
      "required": true, 
      "title": "Node type", 
      "type": "string"
    }
  }, 
  "type": "object"
}

NodeSummaryList (type) 

{
  "additionalProperties": false, 
  "id": "NodeSummaryList", 
  "module_id": "Migration", 
  "properties": {
    "results": {
      "items": {
        "$ref": "NodeSummary
      }, 
      "required": true, 
      "title": "List of Node Summary", 
      "type": "array"
    }
  }, 
  "type": "object"
}

NodeSyslogExporterProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeSyslogExporterProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "exporter_name": {
      "required": true, 
      "title": "Syslog exporter name", 
      "type": "string"
    }, 
    "facilities": {
      "items": {
        "$ref": "SyslogFacility
      }, 
      "title": "Facilities to export", 
      "type": "array"
    }, 
    "level": {
      "enum": [
        "EMERG", 
        "ALERT", 
        "CRIT", 
        "ERR", 
        "WARNING", 
        "NOTICE", 
        "INFO", 
        "DEBUG"
      ], 
      "required": true, 
      "title": "Logging level to export", 
      "type": "string"
    }, 
    "msgids": {
      "items": {
        "pattern": "^.+$", 
        "type": "string"
      }, 
      "title": "MSGIDs to export", 
      "type": "array"
    }, 
    "port": {
      "default": 514, 
      "maximum": 65535, 
      "minimum": 1, 
      "title": "Port to export to", 
      "type": "integer"
    }, 
    "protocol": {
      "enum": [
        "TCP", 
        "TLS", 
        "UDP", 
        "LI", 
        "LI-TLS"
      ], 
      "required": true, 
      "title": "Export protocol", 
      "type": "string"
    }, 
    "server": {
      "$ref": "HostnameOrIPv4Address, 
      "required": true, 
      "title": "IP address or hostname of server to export to", 
      "type": "string"
    }, 
    "structured_data": {
      "items": {
        "pattern": "^(comp|subcomp|s2comp|security|audit|reqId|ereqId|entId|errorCode|eventId|euser|level|username|threadId|splitId|splitIndex)=.+$", 
        "type": "string"
      }, 
      "title": "Structured data to export", 
      "type": "array"
    }, 
    "tls_ca_pem": {
      "title": "CA certificate PEM of TLS server to export to", 
      "type": "string"
    }, 
    "tls_cert_pem": {
      "title": "Certificate PEM of the rsyslog client", 
      "type": "string"
    }, 
    "tls_client_ca_pem": {
      "title": "CA certificate PEM of the rsyslog client", 
      "type": "string"
    }, 
    "tls_key_pem": {
      "title": "Private key PEM of the rsyslog client", 
      "type": "string"
    }
  }, 
  "title": "Node syslog exporter properties", 
  "type": "object"
}

NodeSyslogExporterPropertiesListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NodeSyslogExporterPropertiesListResult", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NodeSyslogExporterProperties
      }, 
      "required": true, 
      "title": "Node syslog exporter results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Node syslog exporter list results", 
  "type": "object"
}

NodeTime (type) 

{
  "additionalProperties": false, 
  "description": "Node system time in UTC", 
  "id": "NodeTime", 
  "properties": {
    "system_datetime": {
      "$ref": "DatetimeUTC, 
      "required": true, 
      "title": "Datetime string in UTC"
    }
  }, 
  "title": "Node system time in UTC", 
  "type": "object"
}

NodeUserProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "NodeUserProperties", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "full_name": {
      "title": "Full name for the user", 
      "type": "string"
    }, 
    "last_password_change": {
      "maximum": 2147483647, 
      "minimum": 0, 
      "readonly": true, 
      "title": "Number of days since password was last changed", 
      "type": "integer"
    }, 
    "old_password": {
      "sensitive": true, 
      "title": "Old password for the user (required on PUT if password specified)", 
      "type": "string"
    }, 
    "password": {
      "sensitive": true, 
      "title": "Password for the user (optionally specified on PUT, unspecified on GET)", 
      "type": "string"
    }, 
    "password_change_frequency": {
      "description": "Number of days password is valid before it must be changed. This can be set to 0 to indicate no password change is required or a positive integer up to 9999. By default local user passwords must be changed every 90 days.", 
      "maximum": 9999, 
      "minimum": 0, 
      "title": "Number of days password is valid before it must be changed", 
      "type": "integer"
    }, 
    "status": {
      "description": "Status of the user. This value can be ACTIVE indicating authentication attempts will be successful if the correct credentials are specified. The value can also be PASSWORD_EXPIRED indicating authentication attempts will fail because the user's password has expired and must be changed. Or, this value can be NOT_ACTIVATED indicating the user's password has not yet been set and must be set before the user can authenticate.", 
      "enum": [
        "ACTIVE", 
        "PASSWORD_EXPIRED", 
        "NOT_ACTIVATED"
      ], 
      "readonly": true, 
      "title": "User status", 
      "type": "string"
    }, 
    "userid": {
      "maximum": 2147483647, 
      "minimum": 0, 
      "readonly": true, 
      "title": "Numeric id for the user", 
      "type": "integer"
    }, 
    "username": {
      "maxLength": 32, 
      "minLength": 1, 
      "pattern": "^[a-zA-Z][a-zA-Z0-9@-_.\\-]*$", 
      "title": "User login name (must be \"root\" if userid is 0)", 
      "type": "string"
    }
  }, 
  "title": "Node user properties", 
  "type": "object"
}

NodeUserPropertiesListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NodeUserPropertiesListResult", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NodeUserProperties
      }, 
      "required": true, 
      "title": "List of node users", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Node users list results", 
  "type": "object"
}

NodeUserSettings (type) 

{
  "additionalProperties": false, 
  "id": "NodeUserSettings", 
  "module_id": "FabricNode", 
  "properties": {
    "audit_password": {
      "description": "Password for the node audit user. For deployment, this property is required. After deployment, this property is ignored, and the node cli must be used to change the password. The password specified must be at least 12 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one special character (except quotes). Passwords based on dictionary words and palindromes are invalid.", 
      "pattern": "^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[~`!@#$%^&*)(\\-_\\+\\=}{\\]\\[|:;,?\\.><])[A-Za-z\\d~`!@#$%^&*)(\\-_\\+\\=}{\\]\\[\\|:;,?\\.><]{12,}$", 
      "required": false, 
      "sensitive": true, 
      "title": "Node audit user password", 
      "type": "string"
    }, 
    "audit_username": {
      "description": "The default username is \"audit\". To configure username, you must provide this property together with <b>audit_password</b>. Username must contain ASCII characters only.", 
      "pattern": "^[\\x00-\\x7F]+$", 
      "required": false, 
      "title": "CLI \"audit\" username", 
      "type": "string"
    }, 
    "cli_password": {
      "description": "Password for the node cli user. For deployment, this property is required. After deployment, this property is ignored, and the node cli must be used to change the password. The password specified must be at least 12 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one special character (except quotes). Passwords based on dictionary words and palindromes are invalid.", 
      "pattern": "^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[~`!@#$%^&*)(\\-_\\+\\=}{\\]\\[|:;,?\\.><])[A-Za-z\\d~`!@#$%^&*)(\\-_\\+\\=}{\\]\\[\\|:;,?\\.><]{12,}$", 
      "required": false, 
      "sensitive": true, 
      "title": "Node cli password", 
      "type": "string"
    }, 
    "cli_username": {
      "default": "admin", 
      "description": "To configure username, you must provide this property together with <b>cli_password</b>. Username must contain ASCII characters only.", 
      "pattern": "^[\\x00-\\x7F]+$", 
      "required": false, 
      "title": "CLI \"admin\" username", 
      "type": "string"
    }, 
    "root_password": {
      "description": "Password for the node root user. For deployment, this property is required. After deployment, this property is ignored, and the node cli must be used to change the password. The password specified must be at least 12 characters in length and must contain at least one lowercase, one uppercase, one numeric character and  one special character (except quotes). Passwords based on dictionary words and palindromes are invalid.", 
      "pattern": "^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[~`!@#$%^&*)(\\-_\\+\\=}{\\]\\[|:;,?\\.><])[A-Za-z\\d~`!@#$%^&*)(\\-_\\+\\=}{\\]\\[\\|:;,?\\.><]{12,}$", 
      "required": false, 
      "sensitive": true, 
      "title": "Node root user password", 
      "type": "string"
    }
  }, 
  "type": "object"
}

NodeVersion (type) 

{
  "additionalProperties": false, 
  "id": "NodeVersion", 
  "properties": {
    "node_version": {
      "readonly": true, 
      "title": "Node version", 
      "type": "string"
    }, 
    "product_version": {
      "readonly": true, 
      "title": "Product version", 
      "type": "string"
    }
  }, 
  "type": "object"
}

NormalizationListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "NormalizationListRequestParameters", 
  "module_id": "Normalization", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "preferred_normalization_type": {
      "$ref": "NormalizationTargetType, 
      "description": "Type to which the resource needs to be normalized. Multiple types can be passed by repeating the parameter. The order in which the types are passed is honored and decides to which type the resource is normalized. The resource is normalized to the first type in the list to which it can be normalized.  For example, consider an NSGroup NS1 that has an LSwitch LS1. Assume that NS1 is being normalized to a list of translated entities [LSwitch, LPort]. As LSwitch is the first translated entity to which NSGroup can be translated, the translation will return a list having the LSwitch LS1.  Normalization is supported from NSGroup to NSGroup, LogicalSwitch, LogicalPort, IPSets and MACSets.", 
      "required": true, 
      "title": "Type to which the resource is to be normalized."
    }, 
    "resource_id": {
      "required": true, 
      "title": "Identifier of the resource on which normalization is to be performed", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "NormalizationSourceType, 
      "required": true, 
      "title": "Type of the resource for which normalization is to be performed"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Normalization list request parameters.", 
  "type": "object"
}

NormalizationSourceType (type) 

{
  "enum": [
    "NSGroup"
  ], 
  "id": "NormalizationSourceType", 
  "module_id": "Normalization", 
  "title": "Resource type valid for use as source in normalization API.", 
  "type": "string"
}

NormalizationTargetType (type) 

{
  "enum": [
    "NSGroup", 
    "IPSet", 
    "MACSet", 
    "LogicalSwitch", 
    "LogicalPort", 
    "DirectoryGroup"
  ], 
  "id": "NormalizationTargetType", 
  "module_id": "Normalization", 
  "title": "Resource type valid for use as target in normalization API.", 
  "type": "string"
}

NormalizedResourceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NormalizedResourceListResult", 
  "module_id": "Normalization", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ResourceReference
      }, 
      "required": true, 
      "title": "Normalized resource list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of normalized resources", 
  "type": "object"
}

Notification (type) 

{
  "id": "Notification", 
  "module_id": "NfwConfig", 
  "properties": {
    "notification_id": {
      "description": "A string identifying feature_name.notification_name to indicate a notification watcher is interested in receiving notifications for the URI identified by the feature_name.notification_name.", 
      "title": "A string identifying feature_name.notification_name", 
      "type": "string"
    }, 
    "uri_filters": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Optional list of URIs", 
      "type": "array", 
      "uniqueItems": true
    }
  }, 
  "type": "object"
}

NotificationAuthenticationScheme (type) 

{
  "description": "NotificationAuthenticationScheme describes how notification requests should authenticate to the server.", 
  "id": "NotificationAuthenticationScheme", 
  "module_id": "NfwConfig", 
  "properties": {
    "certificate_id": {
      "description": "Certificate ID with a valid certificate and private key, procured from trust-management API.", 
      "title": "Valid certificate ID", 
      "type": "string"
    }, 
    "password": {
      "description": "Password to use if scheme_name is BASIC_AUTH.", 
      "sensitive": true, 
      "title": "Password for authentication", 
      "type": "string"
    }, 
    "scheme_name": {
      "description": "Authentication scheme to use when making notification requests to the partner/customer specified watcher. Specify one of BASIC_AUTH or CERTIFICATE.", 
      "enum": [
        "BASIC_AUTH", 
        "CERTIFICATE"
      ], 
      "required": true, 
      "title": "Authentication scheme to use when making notification requests", 
      "type": "string"
    }, 
    "username": {
      "description": "Username to use if scheme_name is BASIC_AUTH.", 
      "title": "Username for authentication", 
      "type": "string"
    }
  }, 
  "type": "object"
}

NotificationWatcher (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "NotificationWatcher", 
  "module_id": "NfwConfig", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "authentication_scheme": {
      "$ref": "NotificationAuthenticationScheme, 
      "description": "A NotificationAuthenticationScheme that describes how notification requests should authenticate to the server.", 
      "required": true, 
      "title": "Scheme to authenticate requests sent to the server"
    }, 
    "certificate_sha256_thumbprint": {
      "description": "Contains the hex-encoded SHA256 thumbprint of the HTTPS certificate. It must be specified if use_https is set to true.", 
      "required": false, 
      "title": "SHA256 thumbprint of the HTTPS certificate", 
      "type": "string"
    }, 
    "description": {
      "description": "Optional description that can be associated with this NotificationWatcher.", 
      "required": false, 
      "title": "Description associated with this notification watcher", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "description": "System generated identifier to identify a notification watcher uniquely.", 
      "readonly": true, 
      "title": "Identifier to identify a notification watcher uniquely", 
      "type": "string"
    }, 
    "max_send_uri_count": {
      "default": 5000, 
      "description": "If the number of notification URIs accumulated in specified send_interval exceeds max_send_uri_count, then multiple notification requests (each with max_send_uri_count or less number of notification URIs) will be sent to this NotificationWatcher. The default value is 5000.", 
      "maximum": 5000, 
      "minimum": 1, 
      "required": false, 
      "title": "Optional maximum number of notification URIs batched in a single notification request", 
      "type": "integer"
    }, 
    "method": {
      "description": "Type of method notification requests should be made on the specified server. The value must be set to POST.", 
      "enum": [
        "POST"
      ], 
      "required": true, 
      "title": "Type of method notification requests should be made on the server", 
      "type": "string"
    }, 
    "port": {
      "description": "Optional integer port value to specify a non-standard HTTP or HTTPS port.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Integer port value to specify a non-standard HTTP or HTTPS port", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "send_interval": {
      "description": "Optional time interval (in seconds) for which notification URIs will be accumulated. At the end of the time interval the accumulated notification URIs will be sent to this NotificationWatcher in the form of zero (nothing accumulated) or more notification requests as soon as possible. If it is not specified, the NotificationWatcher should expected to receive notifications at any time.", 
      "minimum": 30, 
      "required": false, 
      "title": "Optional time interval for which notification URIs will be accumulated", 
      "type": "integer"
    }, 
    "send_timeout": {
      "default": 30, 
      "description": "Optional time duration (in seconds) to specify request timeout to notification watcher. If the send reaches the timeout, will try to send refresh_needed as true in the next time interval. The default value is 30 seconds.", 
      "minimum": 1, 
      "required": false, 
      "title": "Optional time period within which response for a notification request should be received from this NotificationWatcher", 
      "type": "integer"
    }, 
    "server": {
      "description": "IP address or fully qualified domain name of the partner/customer watcher.", 
      "required": true, 
      "title": "IP address or fully qualified domain name of watcher", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "uri": {
      "description": "URI notification requests should be made on the specified server.", 
      "required": true, 
      "title": "URI notification requests should be made on the server", 
      "type": "string"
    }, 
    "use_https": {
      "default": false, 
      "description": "Optional field, when set to true indicates REST API server should use HTTPS.", 
      "required": false, 
      "title": "Flag to indicate if REST API server should use HTTPS", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

NotificationWatcherListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NotificationWatcherListResult", 
  "module_id": "NfwConfig", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NotificationWatcher
      }, 
      "readonly": true, 
      "title": "List of notification watchers", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

NotificationsList (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "NotificationsList", 
  "module_id": "NfwConfig", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "notifications": {
      "items": {
        "$ref": "Notification
      }, 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

NsLookupParameters (type) 

{
  "additionalProperties": false, 
  "description": "The parameters for DNS nslookup.", 
  "id": "NsLookupParameters", 
  "module_id": "DnsForwarder", 
  "properties": {
    "address": {
      "description": "IP address or FQDN for this lookup", 
      "required": false, 
      "title": "IP address or FQDN for nslookup", 
      "type": "string"
    }, 
    "server_ip": {
      "$ref": "IPv4Address, 
      "description": "If absent, the underlying DNS forwarder will be used as the target server. And the answer could be cached by the forwarder if it was not cached yet. If provided, the query will go directly to the given server. You will need to ensure this address represents a workable and reachale DNS server. The answer will not be cached by the forwarder unless this server_ip is exactly the same listener ip of the forwarder.", 
      "required": false, 
      "title": "Target server used for this lookup"
    }, 
    "source_ip": {
      "$ref": "IPv4Address, 
      "description": "Source ip used for this lookup. If absent, the listener ip of the underlying DNS forwarder will be used as the source ip. If provided, you will need to ensure this source ip is valid and can be routed back to the transport node via data plane", 
      "required": false, 
      "title": "Source ip used for this lookup"
    }
  }, 
  "title": "The parameters of nslookup", 
  "type": "object"
}

NsxEntity (type) 

{
  "enum": [
    "HTTP", 
    "DATASTORE", 
    "MANAGER", 
    "POLICY", 
    "CONTROLLER"
  ], 
  "id": "NsxEntity", 
  "module_id": "ClusterManagement", 
  "type": "string"
}

NsxManagerAccount (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "NsxManagerAccount", 
  "module_id": "NsxManagerAccounts", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fqdn": {
      "format": "hostname-or-ip", 
      "required": false, 
      "title": "Fully Qualified Domain Name", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "password": {
      "required": false, 
      "sensitive": true, 
      "title": "Password of the NSX Manager Account", 
      "type": "string"
    }, 
    "private_ip": {
      "required": false, 
      "title": "Private IP Address of the NSX Manager Account", 
      "type": "string"
    }, 
    "public_ip": {
      "required": false, 
      "title": "Public IP Address of the NSX Manager Account", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tenant_id": {
      "required": false, 
      "title": "Tenant ID of the NSX Manager account", 
      "type": "string"
    }, 
    "thumbprint": {
      "required": false, 
      "title": "Thumb print of the NSX Manager Account", 
      "type": "string"
    }, 
    "token": {
      "description": "This field can be used for using one time access token for Nsx Manager registration.", 
      "required": false, 
      "sensitive": true, 
      "title": "One time access token for Nsx Manager registration", 
      "type": "string"
    }, 
    "username": {
      "required": true, 
      "title": "Username of the NSX Manager Account", 
      "type": "string"
    }
  }, 
  "title": "NSX Manager Account Structure", 
  "type": "object"
}

NsxManagerAccountsListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "NsxManagerAccountsListResult", 
  "module_id": "NsxManagerAccounts", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "NsxManagerAccount
      }, 
      "required": false, 
      "title": "NSX Manager Accounts list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "NSX Manager Accounts list", 
  "type": "object"
}

NsxRole (type) 

{
  "id": "NsxRole", 
  "module_id": "AAA", 
  "properties": {
    "permissions": {
      "deprecated": true, 
      "description": "Please use the /user-info/permissions api to get the permission that the user has on each feature.", 
      "items": {
        "enum": [
          "read-api", 
          "read-write-api", 
          "crud", 
          "read", 
          "execute", 
          "none"
        ], 
        "type": "string"
      }, 
      "required": false, 
      "title": "Permissions", 
      "type": "array"
    }, 
    "role": {
      "enum": [
        "read_only_api_users", 
        "read_write_api_users", 
        "enterprise_admin", 
        "auditor", 
        "network_engineer", 
        "network_op", 
        "security_engineer", 
        "security_op", 
        "lb_admin", 
        "lb_auditor", 
        "cloud_service_admin", 
        "cloud_service_auditor", 
        "site_reliability_engineer", 
        "site_reliability_auditor", 
        "cloud_admin", 
        "cloud_auditor"
      ], 
      "required": true, 
      "title": "Role name", 
      "type": "string"
    }
  }, 
  "title": "Role", 
  "type": "object"
}

NsxSecurityRuleErrorDetails (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about a NSX security rule error.", 
  "id": "NsxSecurityRuleErrorDetails", 
  "module_id": "CloudVirtualMachineInformation", 
  "properties": {
    "error_id": {
      "description": "ID of the error.", 
      "readonly": true, 
      "required": false, 
      "title": "Error ID", 
      "type": "string"
    }, 
    "error_message": {
      "description": "Detailed message about the error.", 
      "readonly": true, 
      "required": false, 
      "title": "Error Message", 
      "type": "string"
    }, 
    "rule_id": {
      "description": "ID of the NSX security rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Rule ID", 
      "type": "string"
    }
  }, 
  "title": "NSX Security Rule Error", 
  "type": "object"
}

NsxTDNSForwarderStatistics (type) 

{
  "description": "The current statistics counters of the DNS forwarder including cache usages and query numbers per forwarders, on an NSX-T type of enforcement point.", 
  "extends": {
    "$ref": "DNSForwarderStatisticsPerEnforcementPoint
  }, 
  "id": "NsxTDNSForwarderStatistics", 
  "module_id": "PolicyDNSStatistics", 
  "polymorphic-type-descriptor": {
    "type-identifier": "NsxTDNSForwarderStatistics"
  }, 
  "properties": {
    "cached_entries": {
      "readonly": true, 
      "title": "The total number of cached entries", 
      "type": "integer"
    }, 
    "conditional_forwarder_statistics": {
      "items": {
        "$ref": "NsxTDNSForwarderZoneStatistics
      }, 
      "maxItems": 5, 
      "minItems": 0, 
      "readonly": true, 
      "required": false, 
      "title": "The statistics of conditional forwarder zones", 
      "type": "array"
    }, 
    "configured_cache_size": {
      "readonly": true, 
      "title": "The configured cache size, in kb", 
      "type": "integer"
    }, 
    "default_forwarder_statistics": {
      "$ref": "NsxTDNSForwarderZoneStatistics, 
      "readonly": true, 
      "title": "The statistics of default forwarder zone"
    }, 
    "enforcement_point_path": {
      "description": "Policy path referencing the enforcement point from where the statistics are fetched.", 
      "readonly": true, 
      "title": "Enforcement point path", 
      "type": "string"
    }, 
    "queries_answered_locally": {
      "readonly": true, 
      "title": "The total number of queries answered from local cache", 
      "type": "integer"
    }, 
    "queries_forwarded": {
      "readonly": true, 
      "title": "The total number of forwarded DNS queries", 
      "type": "integer"
    }, 
    "resource_type": {
      "enum": [
        "NsxTDNSForwarderStatistics"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Time stamp of the current statistics, in ms"
    }, 
    "total_queries": {
      "readonly": true, 
      "title": "The total number of received DNS queries", 
      "type": "integer"
    }, 
    "used_cache_statistics": {
      "items": {
        "$ref": "NsxTPerNodeUsedCacheStatistics
      }, 
      "maxItems": 2, 
      "minItems": 0, 
      "readonly": true, 
      "required": false, 
      "title": "The statistics of used cache", 
      "type": "array"
    }
  }, 
  "title": "Statistics counters of the DNS forwarder", 
  "type": "object"
}

NsxTDNSForwarderStatus (type) 

{
  "description": "The current runtime status of the DNS forwarder.", 
  "extends": {
    "$ref": "DNSForwarderStatusPerEnforcementPoint
  }, 
  "id": "NsxTDNSForwarderStatus", 
  "module_id": "PolicyDNSStatistics", 
  "polymorphic-type-descriptor": {
    "type-identifier": "NsxTDNSForwarderStatus"
  }, 
  "properties": {
    "enforcement_point_path": {
      "description": "Policy path referencing the enforcement point from where the status is fetched.", 
      "readonly": true, 
      "title": "Enforcement point path", 
      "type": "string"
    }, 
    "extra_message": {
      "readonly": true, 
      "required": false, 
      "title": "Extra message, if available", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "NsxTDNSForwarderStatus"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "status": {
      "description": "UP means the DNS forwarder is working correctly on the active transport node and the stand-by transport node (if present). Failover will occur if either node goes down. DOWN means the DNS forwarder is down on both active transport node and standby node (if present). The DNS forwarder does not function in this situation. Error means there is some error on one or both transport node, or no status was reported from one or both transport nodes. The DNS forwarder may be working (or not working). NO_BACKUP means DNS forwarder is working in only one transport node, either because it is down on the standby node, or no standby is configured. An forwarder outage will occur if the active node goes down.", 
      "enum": [
        "UP", 
        "DOWN", 
        "ERROR", 
        "NO_BACKUP", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "type": "string"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Time stamp of the current status, in ms"
    }
  }, 
  "title": "The current runtime status of DNS forwarder", 
  "type": "object"
}

NsxTDNSForwarderZoneStatistics (type) 

{
  "description": "Statistics counters of the DNS forwarder zone.", 
  "id": "NsxTDNSForwarderZoneStatistics", 
  "module_id": "PolicyDNSStatistics", 
  "properties": {
    "domain_names": {
      "description": "Domain names configured for the forwarder. Empty if this is the default forwarder.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 100, 
      "minItems": 0, 
      "readonly": true, 
      "title": "Domain names configured for the forwarder", 
      "type": "array"
    }, 
    "upstream_statistics": {
      "items": {
        "$ref": "NsxTUpstreamServerStatistics
      }, 
      "maxItems": 3, 
      "minItems": 0, 
      "readonly": true, 
      "required": false, 
      "title": "Statistics per upstream server.", 
      "type": "array"
    }
  }, 
  "title": "Statistics counters of the DNS forwarder zone", 
  "type": "object"
}

NsxTDnsAnswer (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyDnsAnswerPerEnforcementPoint
  }, 
  "id": "NsxTDnsAnswer", 
  "module_id": "PolicyDnsForwarder", 
  "properties": {
    "authoritative_answers": {
      "items": {
        "$ref": "NsxTDnsQueryAnswer
      }, 
      "maxItems": 256, 
      "minItems": 1, 
      "required": false, 
      "title": "Authoritative answers", 
      "type": "array"
    }, 
    "dns_server": {
      "description": "Dns server ip address and port, format is \"ip address#port\".", 
      "required": true, 
      "title": "Dns server information", 
      "type": "string"
    }, 
    "edge_node_id": {
      "description": "ID of the edge node that performed the query.", 
      "required": true, 
      "title": "Edge node id", 
      "type": "string"
    }, 
    "enforcement_point_path": {
      "description": "Policy path referencing the enforcement point from where the DNS forwarder nslookup answer is fetched.", 
      "readonly": true, 
      "title": "Enforcement point path", 
      "type": "string"
    }, 
    "non_authoritative_answers": {
      "items": {
        "$ref": "NsxTDnsQueryAnswer
      }, 
      "maxItems": 256, 
      "minItems": 1, 
      "required": false, 
      "title": "Non authoritative answers", 
      "type": "array"
    }, 
    "raw_answer": {
      "description": "It can be NXDOMAIN or error message which is not consisted of authoritative_answer or non_authoritative_answer.", 
      "required": false, 
      "title": "Raw message returned from the dns forwarder", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Resource type of the DNS forwarder nslookup answer.", 
      "enum": [
        "NsxTDnsAnswer"
      ], 
      "required": true, 
      "title": "Resource type", 
      "type": "string"
    }
  }, 
  "title": "Answer of dns nslookup", 
  "type": "object"
}

NsxTDnsQueryAnswer (type) 

{
  "additionalProperties": false, 
  "id": "NsxTDnsQueryAnswer", 
  "module_id": "PolicyDnsForwarder", 
  "properties": {
    "address": {
      "description": "Resolved IP address matched with the nslookup address provided as a request parameter.", 
      "required": false, 
      "title": "Matched ip address", 
      "type": "string"
    }, 
    "name": {
      "description": "Matched name of the given address.", 
      "required": false, 
      "title": "Matched name", 
      "type": "string"
    }
  }, 
  "title": "Answer of nslookup", 
  "type": "object"
}

NsxTPerNodeUsedCacheStatistics (type) 

{
  "description": "Query statistics counters of used cache from node", 
  "id": "NsxTPerNodeUsedCacheStatistics", 
  "module_id": "PolicyDNSStatistics", 
  "properties": {
    "cached_entries": {
      "readonly": true, 
      "title": "The total number of cached entries", 
      "type": "integer"
    }, 
    "node_id": {
      "readonly": true, 
      "title": "UUID of active/standby transport node", 
      "type": "string"
    }, 
    "used_cache_size": {
      "readonly": true, 
      "title": "The memory size used in cache, in kb", 
      "type": "integer"
    }
  }, 
  "title": "Per node used cache query statistics counters", 
  "type": "object"
}

NsxTUpstreamServerStatistics (type) 

{
  "description": "Query statistics counters to an upstream server including successfully forwarded queries and failed queries.", 
  "id": "NsxTUpstreamServerStatistics", 
  "module_id": "PolicyDNSStatistics", 
  "properties": {
    "queries_failed": {
      "readonly": true, 
      "title": "Queries failed to forward.", 
      "type": "integer"
    }, 
    "queries_succeeded": {
      "readonly": true, 
      "title": "Queries forwarded successfully", 
      "type": "integer"
    }, 
    "upstream_server": {
      "$ref": "IPAddress, 
      "readonly": true, 
      "title": "Upstream server ip"
    }
  }, 
  "title": "Upstream server query statistics counters", 
  "type": "object"
}

NtpServiceProperties (type) 

{
  "additionalProperties": false, 
  "id": "NtpServiceProperties", 
  "properties": {
    "servers": {
      "items": {
        "$ref": "HostnameOrIPv4Address
      }, 
      "required": true, 
      "title": "NTP servers", 
      "type": "array"
    }, 
    "start_on_boot": {
      "default": true, 
      "required": false, 
      "title": "Start NTP service when system boots", 
      "type": "boolean"
    }
  }, 
  "title": "NTP Service properties", 
  "type": "object"
}

Oauth2Credentials (type) 

{
  "additionalProperties": false, 
  "id": "Oauth2Credentials", 
  "module_id": "ApplianceModes", 
  "properties": {
    "client_id": {
      "description": "Client ID, that will be used for authentication in AWS environment,", 
      "required": true, 
      "title": "Client ID", 
      "type": "string"
    }, 
    "client_secret": {
      "description": "Client secret, that will be used for authentication in AWS environment. Can be some passphrase.", 
      "required": true, 
      "sensitive": true, 
      "title": "Client Secret", 
      "type": "string"
    }
  }, 
  "title": "Oauth2 Account Credentials", 
  "type": "object"
}

ObjectRolePermissionGroup (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ObjectRolePermissionGroup", 
  "module_id": "PolicyAuthz", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "inheritance_disabled": {
      "default": false, 
      "required": false, 
      "title": "Does children of this object inherit this rule", 
      "type": "boolean"
    }, 
    "operation": {
      "enum": [
        "crud", 
        "read", 
        "execute", 
        "none"
      ], 
      "required": false, 
      "title": "Allowed operation", 
      "type": "string"
    }, 
    "path_prefix": {
      "required": true, 
      "title": "Path prefix", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "role_name": {
      "required": true, 
      "title": "Role name", 
      "type": "string"
    }, 
    "rule_disabled": {
      "default": false, 
      "required": false, 
      "title": "Is rule disabled or not", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "RBAC Objects qualifier", 
  "type": "object"
}

ObjectRolePermissionGroupListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "ObjectRolePermissionGroupListRequestParameters", 
  "module_id": "PolicyAuthz", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "inheritance_disabled": {
      "default": false, 
      "required": false, 
      "title": "Does children of this object inherit this rule", 
      "type": "boolean"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "path_prefix": {
      "required": false, 
      "title": "Path prefix", 
      "type": "string"
    }, 
    "role_name": {
      "required": false, 
      "title": "Role name", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "RBAC Objects qualifier", 
  "type": "object"
}

ObjectRolePermissionGroupListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ObjectRolePermissionGroupListResult", 
  "module_id": "PolicyAuthz", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ObjectRolePermissionGroup
      }, 
      "required": true, 
      "title": "ObjectRolePermissionGroup list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of RBAC Objects", 
  "type": "object"
}

OperationCollector (type) 

{
  "description": "The operation collector is defined to receive stats from hosts. (eg. vRNI-collector collects all the system metrics)", 
  "id": "OperationCollector", 
  "module_id": "GlobalConfigs", 
  "properties": {
    "collector_ip": {
      "$ref": "IPAddress, 
      "description": "IP address for the operation collector.", 
      "required": true, 
      "title": "IP address for the operation collector"
    }, 
    "collector_port": {
      "description": "Port for the operation collector.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": true, 
      "title": "Port for the operation collector", 
      "type": "int"
    }
  }, 
  "type": "object"
}

OperationCollectorGlobalConfig (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "GlobalConfigs
  }, 
  "id": "OperationCollectorGlobalConfig", 
  "module_id": "GlobalConfigs", 
  "polymorphic-type-descriptor": {
    "type-identifier": "OperationCollectorGlobalConfig"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "collectors": {
      "description": "Operation Collector Config.", 
      "items": {
        "$ref": "OperationCollector
      }, 
      "required": false, 
      "title": "Operation Collector Config", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "GlobalConfigType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "NSX global configs for operation collector", 
  "type": "object"
}

OrgInfo (type) 

{
  "additionalProperties": false, 
  "description": "Organization ID and role, predefined for a particular type of VMware support.", 
  "id": "OrgInfo", 
  "module_id": "ApplianceModes", 
  "properties": {
    "org_id": {
      "description": "Organization ID, connected to a predefined role of a VMware support.", 
      "required": true, 
      "title": "Org ID", 
      "type": "string"
    }, 
    "org_role": {
      "description": "Predefined role of a VMware support.", 
      "required": true, 
      "title": "Org role", 
      "type": "string"
    }
  }, 
  "title": "Organization ID and role", 
  "type": "object"
}

OwnerResourceLink (type) 

{
  "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
  "extends": {
    "$ref": "ResourceLink
  }, 
  "id": "OwnerResourceLink", 
  "module_id": "Common", 
  "properties": {
    "action": {
      "readonly": true, 
      "title": "Optional action", 
      "type": "string"
    }, 
    "href": {
      "readonly": true, 
      "required": true, 
      "title": "Link to resource", 
      "type": "string"
    }, 
    "rel": {
      "description": "Custom relation type (follows RFC 5988 where appropriate definitions exist)", 
      "readonly": true, 
      "required": true, 
      "title": "Link relation type", 
      "type": "string"
    }
  }, 
  "title": "Link to this resource", 
  "type": "object"
}

PBRInsertParameters (type) 

{
  "extends": {
    "$ref": "DSInsertParameters
  }, 
  "id": "PBRInsertParameters", 
  "module_id": "PBR", 
  "properties": {
    "id": {
      "maxLength": 64, 
      "required": false, 
      "title": "Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'.", 
      "type": "string"
    }, 
    "operation": {
      "default": "insert_top", 
      "enum": [
        "insert_top", 
        "insert_bottom", 
        "insert_after", 
        "insert_before"
      ], 
      "required": false, 
      "title": "Operation", 
      "type": "string"
    }
  }, 
  "title": "Parameters that indicate where rule/section need to be added All the params take rule/section Id", 
  "type": "object"
}

PBRListRequestParameters (type) 

{
  "description": "Pagination and Filtering parameters to get only a subset of sections/rules.", 
  "extends": {
    "$ref": "DSListRequestParameters
  }, 
  "id": "PBRListRequestParameters", 
  "module_id": "PBR", 
  "properties": {
    "applied_tos": {
      "description": "Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "AppliedTo's referenced by this section or section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "destinations": {
      "description": "The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "Destinations referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "filter_type": {
      "default": "FILTER", 
      "description": "Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria.", 
      "enum": [
        "FILTER", 
        "SEARCH"
      ], 
      "required": false, 
      "title": "Filter type", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "services": {
      "description": "Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "NSService referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "sources": {
      "description": "The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "Sources referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }
  }, 
  "title": "Parameters to filter list of sections/rules", 
  "type": "object"
}

PBRRule (type) 

{
  "extends": {
    "$ref": "EmbeddedResource
  }, 
  "id": "PBRRule", 
  "module_id": "PBR", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_owner": {
      "$ref": "OwnerResourceLink, 
      "readonly": true, 
      "title": "Owner of this resource"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "action": {
      "description": "Action enforced on the packets which matches the PBR rule.", 
      "enum": [
        "ROUTE_TO_UNDERLAY_NAT", 
        "ROUTE_TO_OVERLAY_NAT", 
        "ROUTE_TO_UNDERLAY", 
        "ROUTE_TO_OVERLAY", 
        "ROUTE_FROM_OVERLAY", 
        "ROUTE_FROM_UNDERLAY"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Action", 
      "type": "string"
    }, 
    "applied_tos": {
      "description": "List of object where rule will be enforced. field overrides this one. Null will be treated as any.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "AppliedTo List", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destinations": {
      "description": "List of the destinations. Null will be treated as any.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Destination List", 
      "type": "array"
    }, 
    "disabled": {
      "default": false, 
      "description": "Flag to disable rule. Disabled will only be persisted but never provisioned/realized.", 
      "readonly": false, 
      "required": false, 
      "title": "Rule enable/disable flag", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "description": "Identifier of the resource", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "logged": {
      "default": false, 
      "description": "Flag to enable packet logging. Default is disabled.", 
      "readonly": false, 
      "required": false, 
      "title": "Enable logging flag", 
      "type": "boolean"
    }, 
    "notes": {
      "description": "User notes specific to the rule.", 
      "maxLength": 2048, 
      "readonly": false, 
      "required": false, 
      "title": "Notes", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rule_tag": {
      "description": "User level field which will be printed in CLI and packet logs.", 
      "maxLength": 32, 
      "readonly": false, 
      "required": false, 
      "title": "Tag", 
      "type": "string"
    }, 
    "services": {
      "description": "List of the services. Null will be treated as any.", 
      "items": {
        "$ref": "PBRService
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Service List", 
      "type": "array"
    }, 
    "sources": {
      "description": "List of sources. Null will be treated as any.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Source List", 
      "type": "array"
    }
  }, 
  "type": "object"
}

PBRRuleList (type) 

{
  "id": "PBRRuleList", 
  "module_id": "PBR", 
  "properties": {
    "rules": {
      "description": "List of PBR rules in the section.", 
      "items": {
        "$ref": "PBRRule
      }, 
      "maxItems": 1000, 
      "required": true, 
      "title": "List of the PBR rules", 
      "type": "array"
    }
  }, 
  "type": "object"
}

PBRRuleListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PBRRuleListResult", 
  "module_id": "PBR", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "PBR rule list result with pagination support.", 
      "items": {
        "$ref": "PBRRule
      }, 
      "readonly": true, 
      "required": true, 
      "title": "PBR rule list result", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

PBRSection (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "PBRSection", 
  "module_id": "PBR", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rule_count": {
      "description": "Number of rules in this section.", 
      "readonly": true, 
      "required": false, 
      "title": "Rule count", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

PBRSectionFilterParameters (type) 

{
  "description": "Pagination and Filtering parameters to get only a subset of sections.", 
  "extends": {
    "$ref": "PBRListRequestParameters
  }, 
  "id": "PBRSectionFilterParameters", 
  "module_id": "PBR", 
  "properties": {
    "applied_tos": {
      "description": "Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "AppliedTo's referenced by this section or section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "destinations": {
      "description": "The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "Destinations referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "exclude_applied_to_type": {
      "$ref": "DSAppliedToType, 
      "description": "Used to filter out sections not having a specified AppliedTo target type. This parameter cannot be used along with include_applied_to_type parameter. Section filter only takes a single value for this param.", 
      "required": false, 
      "title": "Limit result to sections not having a specific AppliedTo type"
    }, 
    "filter_type": {
      "default": "FILTER", 
      "description": "Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria.", 
      "enum": [
        "FILTER", 
        "SEARCH"
      ], 
      "required": false, 
      "title": "Filter type", 
      "type": "string"
    }, 
    "include_applied_to_type": {
      "$ref": "DSAppliedToType, 
      "description": "Used to filter out results based on target type of a section's AppliedTo. Only sections with matching target type in its applied to will be returned. This parameter cannot be used along with exclude_applied_to_type parameter.Section filter only takes a single value for this param.", 
      "required": false, 
      "title": "Limit result to sections having a specific AppliedTo type"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "services": {
      "description": "Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "NSService referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "sources": {
      "description": "The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "Sources referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }
  }, 
  "title": "Parameters to filter section from list of sections", 
  "type": "object"
}

PBRSectionListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PBRSectionListResult", 
  "module_id": "PBR", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of the PBR sections.", 
      "items": {
        "$ref": "PBRSection
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Section list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

PBRSectionQueryParameters (type) 

{
  "extends": {
    "$ref": "DSSectionQueryParameters
  }, 
  "id": "PBRSectionQueryParameters", 
  "module_id": "PBR", 
  "properties": {
    "cascade": {
      "default": false, 
      "required": false, 
      "title": "Flag to cascade delete of this object to all it's child objects.", 
      "type": "boolean"
    }
  }, 
  "title": "Section query parameters", 
  "type": "object"
}

PBRSectionRuleList (type) 

{
  "extends": {
    "$ref": "PBRSection
  }, 
  "id": "PBRSectionRuleList", 
  "module_id": "PBR", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rule_count": {
      "description": "Number of rules in this section.", 
      "readonly": true, 
      "required": false, 
      "title": "Rule count", 
      "type": "integer"
    }, 
    "rules": {
      "description": "List of PBR rules in the section.", 
      "items": {
        "$ref": "PBRRule
      }, 
      "maxItems": 1000, 
      "readonly": false, 
      "required": true, 
      "title": "List of the PBR rules", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

PBRService (type) 

{
  "description": "Type to define services associated with every rule", 
  "extends": {
    "$ref": "DSService
  }, 
  "id": "PBRService", 
  "module_id": "PBR", 
  "properties": {
    "is_valid": {
      "description": "Will be set to false if the referenced NSX resource has been deleted.", 
      "readonly": true, 
      "required": false, 
      "title": "Target validity", 
      "type": "boolean"
    }, 
    "service": {
      "$ref": "NSServiceElement, 
      "description": "Distributed Service API accepts raw protocol and ports as part of NS service element in Distributed Service Rule that describes traffic corresponding to an NSService.", 
      "readonly": false, 
      "required": false, 
      "title": "Distributed Service Network and Security Service element"
    }, 
    "target_display_name": {
      "description": "Display name of the NSX resource.", 
      "maxLength": 255, 
      "readonly": true, 
      "required": false, 
      "title": "Target display name", 
      "type": "string"
    }, 
    "target_id": {
      "description": "Identifier of the NSX resource.", 
      "maxLength": 64, 
      "readonly": false, 
      "required": false, 
      "title": "Target ID", 
      "type": "string"
    }, 
    "target_type": {
      "description": "Type of the NSX resource.", 
      "maxLength": 255, 
      "readonly": false, 
      "required": false, 
      "title": "Target type", 
      "type": "string"
    }
  }, 
  "title": "PBR Service element", 
  "type": "object"
}

PBRStats (type) 

{
  "extends": {
    "$ref": "Resource
  }, 
  "id": "PBRStats", 
  "module_id": "PBRStatsRule", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "byte_count": {
      "description": "Aggregated number of bytes processed by the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Bytes count", 
      "type": "integer"
    }, 
    "packet_count": {
      "description": "Aggregated number of packets processed by the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Packets count", 
      "type": "integer"
    }, 
    "rule_id": {
      "description": "Rule Identifier of the PBR rule. This is a globally unique number.", 
      "readonly": true, 
      "required": false, 
      "title": "PBR Rule ID", 
      "type": "string"
    }
  }, 
  "type": "object"
}

PBRStatsList (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PBRStatsList", 
  "module_id": "PBRStatsRule", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of rule statistics.", 
      "items": {
        "$ref": "PBRStats
      }, 
      "readonly": true, 
      "required": false, 
      "title": "PBR rules stats", 
      "type": "array"
    }, 
    "section_id": {
      "description": "PBR section identifier.", 
      "readonly": true, 
      "required": true, 
      "title": "PBR Section ID", 
      "type": "string"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

PackageLoggingLevels (type) 

{
  "additionalProperties": false, 
  "id": "PackageLoggingLevels", 
  "properties": {
    "logging_level": {
      "enum": [
        "OFF", 
        "FATAL", 
        "ERROR", 
        "WARN", 
        "INFO", 
        "DEBUG", 
        "TRACE"
      ], 
      "title": "Logging levels per package", 
      "type": "string"
    }, 
    "package_name": {
      "title": "Package name", 
      "type": "string"
    }
  }, 
  "type": "object"
}

PacketAddressClassifier (type) 

{
  "description": "A packet is classified to have an address binding, if its address configuration matches with all user specified properties.", 
  "id": "PacketAddressClassifier", 
  "module_id": "Switching", 
  "properties": {
    "ip_address": {
      "$ref": "IPElement, 
      "required": false, 
      "title": "A single IP address or a subnet, e.g. x.x.x.x or x.x.x.x/y"
    }, 
    "mac_address": {
      "$ref": "MACAddress, 
      "required": false, 
      "title": "A single MAC address"
    }, 
    "vlan": {
      "$ref": "VlanID, 
      "required": false
    }
  }, 
  "title": "Address classifications for a packet", 
  "type": "object"
}

PacketCaptureOption (type) 

{
  "additionalProperties": false, 
  "description": "The option is used to filter data on given node.", 
  "id": "PacketCaptureOption", 
  "module_id": "PacketCapture", 
  "properties": {
    "name": {
      "description": "The avaiable option names in the enum can be used to filter the capture data.", 
      "enum": [
        "ETHTYPE", 
        "MAC", 
        "SRCMAC", 
        "DSTMAC", 
        "VLAN", 
        "IP", 
        "SRCIP", 
        "DSTIP", 
        "IPPROTO", 
        "PORT", 
        "SRCPORT", 
        "DSTPORT", 
        "VNI", 
        "IPPROTO6", 
        "IP6", 
        "SRCIP6", 
        "DSTIP6"
      ], 
      "title": "Packet capture option name", 
      "type": "string"
    }, 
    "value": {
      "description": "Define the capture value according to the given capture option.", 
      "title": "Packet capture option value", 
      "type": "string"
    }
  }, 
  "title": "Packet capture option", 
  "type": "object"
}

PacketCaptureOptionList (type) 

{
  "additionalProperties": false, 
  "description": "List of packet capture options to filter data in capture process.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PacketCaptureOptionList", 
  "module_id": "PacketCapture", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "values": {
      "description": "Packet capture option collection", 
      "items": {
        "$ref": "PacketCaptureOption
      }, 
      "title": "Packet capture option collection", 
      "type": "array"
    }
  }, 
  "title": "List of packet capture options", 
  "type": "object"
}

PacketCaptureRequest (type) 

{
  "description": "This type is used to create packet request on give node. Need to specify related parameters according to the capture point.", 
  "id": "PacketCaptureRequest", 
  "module_id": "PacketCapture", 
  "properties": {
    "capamount": {
      "description": "Define the packet capture amount size.", 
      "title": "Packet capture amount", 
      "type": "int"
    }, 
    "capduration": {
      "description": "Define the packet capture duration time. After the capture duration time, the capture process will stop working.", 
      "title": "Packet capture duration time in seconds", 
      "type": "int"
    }, 
    "capfilesize": {
      "description": "Define the packet capture file size limit.", 
      "title": "Packet capture file size limit", 
      "type": "int"
    }, 
    "capmode": {
      "description": "Define the capture streaming mode. The STREAM mode will send the data to given stream address and port. And the STANDALONE mode will save the capture file in local folder.", 
      "enum": [
        "STANDALONE", 
        "STREAM"
      ], 
      "title": "Packet Capture streaming mode", 
      "type": "string"
    }, 
    "cappoint": {
      "description": "Define the point to capture data.", 
      "enum": [
        "VNIC", 
        "VMKNIC", 
        "VMNIC", 
        "VDRPORT", 
        "DVFILTER", 
        "LOGICALPORT", 
        "FCPORT", 
        "VIF"
      ], 
      "required": true, 
      "title": "Packet capture point", 
      "type": "string"
    }, 
    "caprate": {
      "description": "Define the rate of packet capture process.", 
      "title": "Packet capture rate", 
      "type": "int"
    }, 
    "capsnaplen": {
      "description": "Limit the number of bytes captured from each packet.", 
      "title": "Packet capture snapshot length", 
      "type": "int"
    }, 
    "capsource": {
      "description": "This type is used to differenite the incoming request from CLI/UI.", 
      "enum": [
        "CLI", 
        "UI"
      ], 
      "required": true, 
      "title": "Packet capture source type", 
      "type": "string"
    }, 
    "capvalue": {
      "description": "Define the capture value of given capture point.", 
      "title": "Packet capture point value", 
      "type": "string"
    }, 
    "direction": {
      "description": "Define the capture direction. Support three types INPUT/OUTPUT/DUAL.", 
      "enum": [
        "INPUT", 
        "OUTPUT", 
        "DUAL"
      ], 
      "title": "Packet capture direction type", 
      "type": "string"
    }, 
    "filtertype": {
      "description": "Define the capture filter type. Support PRE/POST mode.", 
      "enum": [
        "PRE", 
        "POST"
      ], 
      "title": "Packet capture dvfilter stage type", 
      "type": "string"
    }, 
    "node": {
      "description": "Define the transport node to capture data.", 
      "title": "Packet capture node id", 
      "type": "string"
    }, 
    "node_ip": {
      "$ref": "IPAddress, 
      "description": "Define the transport node to capture data.", 
      "title": "Packet capture node ip"
    }, 
    "options": {
      "$ref": "PacketCaptureOptionList, 
      "description": "Define the packet capture additional options to filter the capture data.", 
      "title": "Packet capture options"
    }, 
    "streamaddress": {
      "description": "Set the stream address to receive the capture packet.", 
      "title": "Packet capture Streaming address", 
      "type": "string"
    }, 
    "streamport": {
      "description": "Set the stream port to receive the capture packet. The STREAM mode is based on GRE-in-UDP Encapsulation(RFC8086). Packets are sent to UDP port 4754.", 
      "title": "Packet capture Streaming port", 
      "type": "int"
    }
  }, 
  "title": "Packet capture request information", 
  "type": "object"
}

PacketCaptureSession (type) 

{
  "additionalProperties": false, 
  "description": "Packet capture session information.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "PacketCaptureSession", 
  "module_id": "PacketCapture", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "endtime": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when session was stopped in epoch millisecond.", 
      "title": "End time in epoch millisecond"
    }, 
    "errormsg": {
      "description": "Error messasge in capture.", 
      "title": "Error messasge in capture", 
      "type": "string"
    }, 
    "filelocation": {
      "description": "Packet capture file location.", 
      "title": "Packet capture file location", 
      "type": "string"
    }, 
    "filesize": {
      "description": "Packet capture file Size in bytes.", 
      "title": "Packet capture file Size in bytes", 
      "type": "int"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "request": {
      "$ref": "PacketCaptureRequest, 
      "description": "Packet capture request information.", 
      "required": true, 
      "title": "Packet capture request"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sessionid": {
      "description": "Packet capture session id.", 
      "required": true, 
      "title": "Packet capture session id", 
      "type": "string"
    }, 
    "sessionname": {
      "description": "Packet capture session name.", 
      "title": "Packet capture session name", 
      "type": "string"
    }, 
    "sessionstatus": {
      "description": "Packet capture session status.", 
      "enum": [
        "CREATED", 
        "STARTED", 
        "STOPPED", 
        "FINISHED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Packet capture session status", 
      "type": "string"
    }, 
    "starttime": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when session was created in epoch millisecond.", 
      "title": "Start time in epoch millisecond"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Packet capture response information", 
  "type": "object"
}

PacketCaptureSessionList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PacketCaptureSessionList", 
  "module_id": "PacketCapture", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "required": true, 
      "title": "Total capture session count", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PacketCaptureSession
      }, 
      "title": "Packet capture list for all sessoins", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

PacketData (type) 

{
  "abstract": true, 
  "id": "PacketData", 
  "module_id": "Traceflow", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "frame_size": {
      "default": 128, 
      "description": "If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message.  The frame will be zero padded to the requested size.", 
      "maximum": 1000, 
      "minimum": 60, 
      "required": false, 
      "title": "Requested total size of the (logical) packet in bytes", 
      "type": "integer"
    }, 
    "resource_type": {
      "default": "FieldsPacketData", 
      "enum": [
        "BinaryPacketData", 
        "FieldsPacketData"
      ], 
      "required": true, 
      "title": "Packet configuration", 
      "type": "string"
    }, 
    "routed": {
      "required": false, 
      "title": "A flag, when set true, indicates that the traceflow packet is of L3 routing.", 
      "type": "boolean"
    }, 
    "transport_type": {
      "default": "UNICAST", 
      "enum": [
        "BROADCAST", 
        "UNICAST", 
        "MULTICAST", 
        "UNKNOWN"
      ], 
      "required": false, 
      "title": "transport type of the traceflow packet", 
      "type": "string"
    }
  }, 
  "type": "object"
}

PacketTypeAndCounter (type) 

{
  "id": "PacketTypeAndCounter", 
  "module_id": "AggSvcL2Types", 
  "properties": {
    "counter": {
      "required": true, 
      "title": "The number of packets.", 
      "type": "integer"
    }, 
    "packet_type": {
      "required": true, 
      "title": "The type of the packets", 
      "type": "string"
    }
  }, 
  "type": "object"
}

PacketsDroppedBySecurity (type) 

{
  "id": "PacketsDroppedBySecurity", 
  "module_id": "AggSvcL2Types", 
  "properties": {
    "bpdu_filter_dropped": {
      "required": false, 
      "title": "The number of packets dropped by \"BPDU filter\".", 
      "type": "integer"
    }, 
    "dhcp_client_dropped_ipv4": {
      "required": false, 
      "title": "The number of IPv4 packets dropped by \"DHCP client block\".", 
      "type": "integer"
    }, 
    "dhcp_client_dropped_ipv6": {
      "required": false, 
      "title": "The number of IPv6 packets dropped by \"DHCP client block\".", 
      "type": "integer"
    }, 
    "dhcp_server_dropped_ipv4": {
      "required": false, 
      "title": "The number of IPv4 packets dropped by \"DHCP server block\".", 
      "type": "integer"
    }, 
    "dhcp_server_dropped_ipv6": {
      "required": false, 
      "title": "The number of IPv6 packets dropped by \"DHCP server block\".", 
      "type": "integer"
    }, 
    "spoof_guard_dropped": {
      "items": {
        "$ref": "PacketTypeAndCounter
      }, 
      "required": false, 
      "title": "The packets dropped by \"Spoof Guard\"; supported packet types are IPv4, IPv6, ARP, ND, non-IP.", 
      "type": "array"
    }
  }, 
  "type": "object"
}

PasswordAuthenticationScheme (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "AuthenticationScheme
  }, 
  "id": "PasswordAuthenticationScheme", 
  "properties": {
    "password": {
      "required": true, 
      "sensitive": true, 
      "title": "Password to authenticate with", 
      "type": "string"
    }, 
    "scheme_name": {
      "enum": [
        "password"
      ], 
      "required": true, 
      "title": "Authentication scheme name", 
      "type": "string"
    }, 
    "username": {
      "pattern": "^.+$", 
      "required": true, 
      "title": "User name to authenticate with", 
      "type": "string"
    }
  }, 
  "type": "object"
}

PatchResources (type) 

{
  "additionalProperties": false, 
  "description": "Patch Resources is an action to create/patch resources in response to an event.", 
  "extends": {
    "$ref": "Action
  }, 
  "id": "PatchResources", 
  "module_id": "PolicyReaction", 
  "polymorphic-type-descriptor": {
    "type-identifier": "PatchResources"
  }, 
  "properties": {
    "body": {
      "description": "Patch body representing a Hierarchical Patch payload. The resources included in the body are patched replacing the injections' keys with their actual values.", 
      "required": true, 
      "title": "Body", 
      "type": "object"
    }, 
    "injections": {
      "description": "Injections holding keys (variables) and their corresponding values.", 
      "items": {
        "$ref": "Injection
      }, 
      "minItems": 1, 
      "title": "Injections", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "Reaction Action resource type.", 
      "enum": [
        "PatchResources", 
        "SetFields"
      ], 
      "required": true, 
      "title": "Resource Type", 
      "type": "string"
    }
  }, 
  "title": "Patch Resources", 
  "type": "object"
}

PathExpression (type) 

{
  "additionalProperties": false, 
  "description": "Represents policy path expressions in the form of an array, to support addition of objects like groups, segments and policy logical ports in a group.", 
  "extends": {
    "$ref": "Expression
  }, 
  "id": "PathExpression", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "type-identifier": "PathExpression"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "paths": {
      "description": "This array can consist of one or more policy paths. Only policy paths of groups, segments and policy logical ports are allowed.", 
      "items": {
        "type": "string"
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Array of policy paths", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "Condition", 
        "ConjunctionOperator", 
        "NestedExpression", 
        "IPAddressExpression", 
        "MACAddressExpression", 
        "ExternalIDExpression", 
        "PathExpression", 
        "IdentityGroupExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Path expression node", 
  "type": "object"
}

PathPermissionGroup (type) 

{
  "additionalProperties": false, 
  "id": "PathPermissionGroup", 
  "module_id": "PolicyAuthz", 
  "properties": {
    "object_path": {
      "required": true, 
      "title": "Full Object Path", 
      "type": "string"
    }, 
    "operation": {
      "enum": [
        "crud", 
        "read", 
        "execute", 
        "none"
      ], 
      "required": true, 
      "title": "Allowed operation", 
      "type": "string"
    }
  }, 
  "title": "RBAC Objects qualifier", 
  "type": "object"
}

PemFile (type) 

{
  "additionalProperties": false, 
  "id": "PemFile", 
  "module_id": "CertificateManager", 
  "properties": {
    "file": {
      "required": true, 
      "title": "file data", 
      "type": "multipart_file"
    }
  }, 
  "type": "object"
}

PendingChange (type) 

{
  "id": "PendingChange", 
  "module_id": "Firewall", 
  "properties": {
    "request_id": {
      "description": "Request identifier of the API which modified the entity.", 
      "title": "Request_id of the API change", 
      "type": "string"
    }
  }, 
  "type": "object"
}

PerForwarderStatistics (type) 

{
  "description": "Query statistics counters of a forwarder identified by domain names.", 
  "id": "PerForwarderStatistics", 
  "module_id": "AggSvcDnsForwarder", 
  "properties": {
    "domain_names": {
      "description": "Domain names configured for the forwarder. Empty if this is the default forwarder.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 100, 
      "minItems": 0, 
      "readonly": true, 
      "title": "Domain names configured for the forwarder", 
      "type": "array"
    }, 
    "upstream_statistics": {
      "items": {
        "$ref": "PerUpstreamServerStatistics
      }, 
      "maxItems": 3, 
      "minItems": 0, 
      "readonly": true, 
      "required": false, 
      "title": "Statistics per upstream server.", 
      "type": "array"
    }
  }, 
  "title": "Per-forwarder query statistics counters", 
  "type": "object"
}

PerNodeDnsFailedQueries (type) 

{
  "additionalProperties": false, 
  "description": "The list of the failed DNS queries with entry count and timestamp. The entry count is for per active/standby transport node.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PerNodeDnsFailedQueries", 
  "module_id": "DnsForwarder", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "node_id": {
      "description": "The Uuid of active/standby transport node.", 
      "readonly": true, 
      "required": true, 
      "title": "Uuid of active/standby transport node", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "The list of failed DNS queries.", 
      "items": {
        "$ref": "DnsFailedQuery
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of failed DNS queries", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "timestamp": {
      "description": "Timestamp of the request, in YYYY-MM-DD HH:MM:SS.zzz format.", 
      "readonly": true, 
      "required": true, 
      "title": "Timestamp of the request", 
      "type": "string"
    }
  }, 
  "title": "The list of failed DNS queries per transport node", 
  "type": "object"
}

PerNodeUsedCacheStatistics (type) 

{
  "description": "Query statistics counters of used cache from node", 
  "id": "PerNodeUsedCacheStatistics", 
  "module_id": "AggSvcDnsForwarder", 
  "properties": {
    "cached_entries": {
      "readonly": true, 
      "title": "The total number of cached entries", 
      "type": "integer"
    }, 
    "node_id": {
      "readonly": true, 
      "title": "Uuid of active/standby transport node", 
      "type": "string"
    }, 
    "used_cache_size": {
      "readonly": true, 
      "title": "The memory size used in cache, in kb", 
      "type": "integer"
    }
  }, 
  "title": "Per-node used cache query statistics counters", 
  "type": "object"
}

PerStepRestoreStatus (type) 

{
  "id": "PerStepRestoreStatus", 
  "module_id": "ClusterRestore", 
  "properties": {
    "description": {
      "readonly": true, 
      "required": true, 
      "title": "A description of the restore status", 
      "type": "string"
    }, 
    "value": {
      "enum": [
        "INITIAL", 
        "RUNNING", 
        "SUSPENDED_BY_USER", 
        "SUSPENDED_FOR_USER_ACTION", 
        "FAILED", 
        "SUCCESS"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Per step restore status value", 
      "type": "string"
    }
  }, 
  "title": "Restore step status", 
  "type": "object"
}

PerUpstreamServerStatistics (type) 

{
  "description": "Query statistics counters to an upstream server including successfully forwarded queries and failed queries.", 
  "id": "PerUpstreamServerStatistics", 
  "module_id": "AggSvcDnsForwarder", 
  "properties": {
    "queries_failed": {
      "readonly": true, 
      "title": "Queries failed to forward.", 
      "type": "integer"
    }, 
    "queries_succeeded": {
      "readonly": true, 
      "title": "Queries forwarded successfully", 
      "type": "integer"
    }, 
    "upstream_server": {
      "$ref": "IPAddress, 
      "readonly": true, 
      "title": "Upstream server ip"
    }
  }, 
  "title": "Per-upstream server query statistics counters", 
  "type": "object"
}

PersistenceProfileType (type) 

{
  "additionalProperties": false, 
  "description": "Source-ip persistence ensures all connections from a client (identified by IP address) are sent to the same backend server for a specified period. Cookie persistence allows related client connections, identified by the same cookie in HTTP requests, to be redirected to the same server. Generic persistence profile cannot be attached to virtual servers directly. It can only be consumed by load balancer rule actions: LbVariablePersistenceOnAction and LbVariablePersistenceLearnAction.", 
  "enum": [
    "LbCookiePersistenceProfile", 
    "LbSourceIpPersistenceProfile", 
    "LbGenericPersistenceProfile"
  ], 
  "id": "PersistenceProfileType", 
  "module_id": "LoadBalancer", 
  "title": "persistence profile type", 
  "type": "string"
}

Pnic (type) 

{
  "id": "Pnic", 
  "module_id": "TransportNode", 
  "properties": {
    "device_name": {
      "readonly": false, 
      "required": true, 
      "title": "device name or key", 
      "type": "string"
    }, 
    "uplink_name": {
      "readonly": false, 
      "required": true, 
      "title": "Uplink name for this Pnic. This name will be used to reference this Pnic in other configurations.", 
      "type": "string"
    }
  }, 
  "title": "Physical NIC specification", 
  "type": "object"
}

PnicBondFilter (type) 

{
  "additionalProperties": false, 
  "description": "pNIC/bond statuses", 
  "id": "PnicBondFilter", 
  "module_id": "Heatmap", 
  "properties": {
    "status": {
      "description": "Status of pNIC/bond", 
      "enum": [
        "UNKNOWN", 
        "UP", 
        "DOWN", 
        "DEGRADED"
      ], 
      "title": "pNic/bond status", 
      "type": "string"
    }
  }, 
  "title": "pNIC/bond status", 
  "type": "object"
}

PnicBondStatus (type) 

{
  "additionalProperties": false, 
  "description": "pNIC/bond statuses", 
  "id": "PnicBondStatus", 
  "module_id": "Heatmap", 
  "properties": {
    "name": {
      "description": "Name of the pNIC/bond", 
      "title": "pNIC/bond name", 
      "type": "string"
    }, 
    "status": {
      "description": "Status of pNIC/bond", 
      "enum": [
        "UNKNOWN", 
        "UP", 
        "DOWN", 
        "DEGRADED"
      ], 
      "title": "pNic/bond status", 
      "type": "string"
    }, 
    "type": {
      "description": "type, whether the object is a pNIC or a bond", 
      "enum": [
        "UNKNOWN_TYPE", 
        "PNIC", 
        "BOND"
      ], 
      "title": "Object type", 
      "type": "string"
    }
  }, 
  "title": "pNIC/bond status", 
  "type": "object"
}

PnicBondStatusListResult (type) 

{
  "additionalProperties": false, 
  "description": "This object contains reference to list of pNIC/bond statuses", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PnicBondStatusListResult", 
  "module_id": "Heatmap", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of pNIC statuses belonging to the transport node", 
      "items": {
        "$ref": "PnicBondStatus
      }, 
      "title": "List of pNIC/bond statuses", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "pNIC status list container", 
  "type": "object"
}

PnicMirrorDestination (type) 

{
  "extends": {
    "$ref": "MirrorDestination
  }, 
  "id": "PnicMirrorDestination", 
  "module_id": "PortMirroring", 
  "polymorphic-type-descriptor": {
    "type-identifier": "PnicMirrorDestination"
  }, 
  "properties": {
    "dest_pnics": {
      "items": {
        "type": "string"
      }, 
      "maxItems": 3, 
      "minItems": 1, 
      "required": true, 
      "title": "Physical NIC device names to which to send the mirrored packets", 
      "type": "array"
    }, 
    "node_id": {
      "required": true, 
      "title": "Transport node to which to send the mirrored packets", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "MirrorDestinationResourceType, 
      "help_summary": "Possible values are 'LogicalPortMirrorDestination'", 
      "required": true
    }
  }, 
  "type": "object"
}

PnicMirrorSource (type) 

{
  "extends": {
    "$ref": "MirrorSource
  }, 
  "id": "PnicMirrorSource", 
  "module_id": "PortMirroring", 
  "polymorphic-type-descriptor": {
    "type-identifier": "PnicMirrorSource"
  }, 
  "properties": {
    "encapsulated": {
      "default": false, 
      "required": true, 
      "title": "Whether to filter encapsulated packet.", 
      "type": "boolean"
    }, 
    "node_id": {
      "required": true, 
      "title": "Transport node identifier for the pnic located.", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "MirrorSourceResourceType, 
      "help_summary": "Possible values are 'LogicalPortMirrorSource', 'PnicMirrorSource'", 
      "required": true
    }, 
    "source_pnics": {
      "items": {
        "type": "string"
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Source physical NIC device names", 
      "type": "array"
    }
  }, 
  "type": "object"
}

PointDefinition (type) 

{
  "additionalProperties": false, 
  "description": "Defines the point of a graph.", 
  "id": "PointDefinition", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "drilldown_id": {
      "description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.", 
      "title": "Id of drilldown widget", 
      "type": "string"
    }, 
    "field": {
      "description": "An expression that represents the points of the graph", 
      "required": true, 
      "title": "Expression for points of the graph", 
      "type": "string"
    }, 
    "navigation": {
      "description": "Hyperlink of the specified UI page that provides details.", 
      "maxLength": 1024, 
      "title": "Navigation to a specified UI page", 
      "type": "string"
    }, 
    "tooltip": {
      "description": "Multi-line text to be shown on tooltip while hovering over the point of a graph.", 
      "items": {
        "$ref": "Tooltip
      }, 
      "minItems": 0, 
      "title": "Multi-line tooltip", 
      "type": "array"
    }, 
    "x_value": {
      "description": "Represents the variable for the X value of points that are plotted on the graph.", 
      "required": true, 
      "title": "Variable chosen for X value of the point of the graph", 
      "type": "string"
    }, 
    "y_value": {
      "description": "Represents the variable for the Y value of points that are plotted on the graph.", 
      "required": true, 
      "title": "Variable chosen for Y value of the point of the graph", 
      "type": "string"
    }
  }, 
  "title": "Definition of a point of graph", 
  "type": "object"
}

Policy (type) 

{
  "additionalProperties": false, 
  "description": "Ordered list of Rules. This object is created by default along with the Domain.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Policy", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "category": {
      "description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.", 
      "required": false, 
      "title": "A way to classify a security policy, if needed.", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "comments": {
      "description": "Comments for security policy lock/unlock.", 
      "readonly": false, 
      "required": false, 
      "title": "SecurityPolicy lock/unlock comments", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "lock_modified_by": {
      "description": "ID of the user who last modified the lock for the secruity policy.", 
      "readonly": true, 
      "required": false, 
      "title": "User who locked the security policy", 
      "type": "string"
    }, 
    "lock_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "SecurityPolicy locked/unlocked time in epoch milliseconds.", 
      "readonly": true, 
      "required": false, 
      "title": "SecuirtyPolicy locked/unlocked time"
    }, 
    "locked": {
      "default": false, 
      "description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.", 
      "required": false, 
      "title": "Lock a security policy", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "scope": {
      "description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security policies.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "type": "array"
    }, 
    "sequence_number": {
      "description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy.", 
      "minimum": 0, 
      "title": "Sequence number to resolve conflicts across Domains", 
      "type": "int"
    }, 
    "stateful": {
      "description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.", 
      "readonly": false, 
      "required": false, 
      "title": "Stateful nature of the entries within this security policy.", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_strict": {
      "description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies.", 
      "readonly": false, 
      "required": false, 
      "title": "Enforce strict tcp handshake before allowing data packets", 
      "type": "boolean"
    }
  }, 
  "title": "Contains ordered list of Rules", 
  "type": "object"
}

PolicyAlarmResource (type) 

{
  "description": "Alarm base class of realized policy object", 
  "extends": {
    "$ref": "PolicyResource
  }, 
  "id": "PolicyAlarmResource", 
  "module_id": "PolicyRealizedState", 
  "polymorphic-type-descriptor": {
    "type-identifier": "PolicyAlarmResource"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "error_details": {
      "$ref": "PolicyApiError, 
      "required": false, 
      "title": "Detailed information about errors from an API call made to the\nenforcement point, if any.\n"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "message": {
      "required": false, 
      "title": "error message to describe the issue", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "source_reference": {
      "required": false, 
      "title": "path of the object on which alarm is created", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Alarm base class of realized policy object", 
  "type": "object"
}

PolicyAlarmResourceListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "PolicyAlarmResource list request parameters", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "PolicyAlarmResourceListRequestParameters", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "PolicyAlarmResource list request parameters", 
  "type": "object"
}

PolicyAlarmResourceListResult (type) 

{
  "additionalProperties": false, 
  "description": "PolicyAlarmResource list result", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyAlarmResourceListResult", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of alarm resources", 
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Paged Collection of PolicyAlarmResources", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "PolicyAlarmResource list result", 
  "type": "object"
}

PolicyApiError (type) 

{
  "extends": {
    "$ref": "PolicyRelatedApiError
  }, 
  "id": "PolicyApiError", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "details": {
      "title": "Further details about the error", 
      "type": "string"
    }, 
    "error_code": {
      "title": "A numeric error code", 
      "type": "integer"
    }, 
    "error_data": {
      "title": "Additional data about the error", 
      "type": "object"
    }, 
    "error_message": {
      "title": "A description of the error", 
      "type": "string"
    }, 
    "module_name": {
      "title": "The module name where the error occurred", 
      "type": "string"
    }, 
    "related_errors": {
      "items": {
        "$ref": "PolicyRelatedApiError
      }, 
      "title": "Other errors related to this error", 
      "type": "array"
    }
  }, 
  "title": "Detailed information about an API Error", 
  "type": "object"
}

PolicyAttributes (type) 

{
  "additionalProperties": false, 
  "id": "PolicyAttributes", 
  "module_id": "PolicyContextProfile", 
  "properties": {
    "datatype": {
      "enum": [
        "STRING"
      ], 
      "required": true, 
      "title": "Datatype for attribute", 
      "type": "string"
    }, 
    "description": {
      "required": false, 
      "title": "Description for attribute value", 
      "type": "string"
    }, 
    "isALGType": {
      "description": "Describes whether the APP_ID value is ALG type or not.", 
      "required": false, 
      "title": "Is the value ALG type", 
      "type": "boolean"
    }, 
    "key": {
      "enum": [
        "APP_ID", 
        "DOMAIN_NAME"
      ], 
      "required": true, 
      "title": "Key for attribute", 
      "type": "string"
    }, 
    "sub_attributes": {
      "items": {
        "$ref": "PolicySubAttributes
      }, 
      "required": false, 
      "title": "Reference to sub attributes for the attribute", 
      "type": "array"
    }, 
    "value": {
      "description": "Multiple attribute values can be specified as elements of array.", 
      "items": {
        "type": "string"
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Value for attribute key", 
      "type": "array", 
      "uniqueItems": true
    }
  }, 
  "title": "Policy Attributes data holder", 
  "type": "object"
}

PolicyBasedIPSecVPNSession (type) 

{
  "additionalProperties": false, 
  "description": "A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet.", 
  "extends": {
    "$ref": "IPSecVPNSession
  }, 
  "id": "PolicyBasedIPSecVPNSession", 
  "module_id": "IPSecVPN", 
  "polymorphic-type-descriptor": {
    "type-identifier": "PolicyBasedIPSecVPNSession"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Enable/Disable IPSec VPN session.", 
      "title": "Enable/Disable IPSec VPN session", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipsec_vpn_service_id": {
      "description": "Identifier of VPN Service linked with local endpoint.", 
      "readonly": true, 
      "title": "IPSec VPN service identifier", 
      "type": "string"
    }, 
    "local_endpoint_id": {
      "description": "Local endpoint identifier.", 
      "required": true, 
      "title": "Local endpoint identifier", 
      "type": "string"
    }, 
    "peer_endpoint_id": {
      "description": "Peer endpoint identifier.", 
      "required": true, 
      "title": "Peer endpoint identifier", 
      "type": "string"
    }, 
    "policy_rules": {
      "items": {
        "$ref": "IPSecVPNPolicyRule
      }, 
      "required": true, 
      "title": "Policy rules", 
      "type": "array"
    }, 
    "resource_type": {
      "$ref": "IPSecVPNSessionResourceType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_mss_clamping": {
      "$ref": "TcpMssClamping, 
      "required": false
    }
  }, 
  "title": "Policy based VPN session", 
  "type": "object"
}

PolicyBasedIPSecVpnSession (type) 

{
  "additionalProperties": false, 
  "description": "A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet.", 
  "extends": {
    "$ref": "IPSecVpnSession
  }, 
  "id": "PolicyBasedIPSecVpnSession", 
  "module_id": "PolicyIPSecVpn", 
  "polymorphic-type-descriptor": {
    "type-identifier": "PolicyBasedIPSecVpnSession"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "authentication_mode": {
      "default": "PSK", 
      "description": "Peer authentication mode. PSK - In this mode a secret key shared between local and peer sites is to be used for authentication. The secret key can be a string with a maximum length of 128 characters. CERTIFICATE - In this mode a certificate defined at the global level is to be used for authentication.", 
      "enum": [
        "PSK", 
        "CERTIFICATE"
      ], 
      "title": "Authentication Mode", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "compliance_suite": {
      "description": "Compliance suite.", 
      "enum": [
        "CNSA", 
        "SUITE_B_GCM_128", 
        "SUITE_B_GCM_256", 
        "PRIME", 
        "FOUNDATION", 
        "FIPS", 
        "NONE"
      ], 
      "title": "Compliance suite", 
      "type": "string"
    }, 
    "connection_initiation_mode": {
      "default": "INITIATOR", 
      "description": "Connection initiation mode used by local endpoint to establish ike connection with peer site. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.", 
      "enum": [
        "INITIATOR", 
        "RESPOND_ONLY", 
        "ON_DEMAND"
      ], 
      "title": "Connection initiation mode", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "dpd_profile_path": {
      "description": "Policy path referencing Dead Peer Detection (DPD) profile. Default is set to system default profile.", 
      "title": "Dead peer detection (DPD) profile path", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Enable/Disable IPSec VPN session.", 
      "title": "Enable/Disable IPSec VPN session", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ike_profile_path": {
      "description": "Policy path referencing IKE profile to be used. Default is set according to system default profile.", 
      "title": "Internet key exchange (IKE) profile path", 
      "type": "string"
    }, 
    "local_endpoint_path": {
      "description": "Policy path referencing Local endpoint.", 
      "required": true, 
      "title": "Local endpoint path", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "peer_address": {
      "description": "Public IPV4 address of the remote device terminating the VPN connection.", 
      "required": true, 
      "title": "IPV4 address of peer endpoint on remote site", 
      "type": "string"
    }, 
    "peer_id": {
      "description": "Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer.", 
      "required": true, 
      "title": "Peer id", 
      "type": "string"
    }, 
    "psk": {
      "description": "IPSec Pre-shared key. Maximum length of this field is 128 characters.", 
      "sensitive": true, 
      "title": "Pre-shared key", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "IPSecVpnSessionResourceType, 
      "required": true
    }, 
    "rules": {
      "items": {
        "$ref": "IPSecVpnRule
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Rules", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_mss_clamping": {
      "$ref": "TcpMaximumSegmentSizeClamping, 
      "description": "TCP Maximum Segment Size Clamping Direction and Value.", 
      "title": "TCP MSS Clamping"
    }, 
    "tunnel_profile_path": {
      "description": "Policy path referencing Tunnel profile to be used. Default is set to system default profile.", 
      "title": "IPSec tunnel profile path", 
      "type": "string"
    }
  }, 
  "title": "Policy based VPN session", 
  "type": "object"
}

PolicyBasedL3VpnSession (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "A Policy-based L3Vpn session is a configuration in which a specific vpn tunnel is referenced in a policy whose action is set as tunnel.", 
  "extends": {
    "$ref": "L3VpnSession
  }, 
  "id": "PolicyBasedL3VpnSession", 
  "module_id": "PolicyL3Vpn", 
  "polymorphic-type-descriptor": {
    "type-identifier": "PolicyBasedL3VpnSession"
  }, 
  "properties": {
    "resource_type": {
      "$ref": "L3VpnSessionResourceType, 
      "required": true
    }, 
    "rules": {
      "description": "L3Vpn rules that are specific to the L3Vpn. Only L3Vpn rules with PROTECT action are supported.", 
      "items": {
        "$ref": "L3VpnRule
      }, 
      "title": "L3Vpn Rules", 
      "type": "array", 
      "uniqueItems": true
    }
  }, 
  "title": "Policy based L3Vpn Session", 
  "type": "object"
}

PolicyComplianceStatus (type) 

{
  "id": "PolicyComplianceStatus", 
  "module_id": "PolicyCompliance", 
  "properties": {
    "last_updated_time": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "title": "Timestamp of last update"
    }, 
    "non_compliant_configs": {
      "items": {
        "$ref": "PolicyNonCompliantConfig
      }, 
      "readonly": true, 
      "title": "List of non compliant configuration and impacted services", 
      "type": "array"
    }
  }, 
  "type": "object"
}

PolicyConfigResource (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Represents an object on the desired state.", 
  "extends": {
    "$ref": "PolicyResource
  }, 
  "id": "PolicyConfigResource", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Represents an object on the desired state", 
  "type": "object"
}

PolicyContextProfile (type) 

{
  "additionalProperties": false, 
  "description": "An entity that encapsulates attributes and sub-attributes of various network services (eg. L7 services, domain name, encryption algorithm) The entity will be consumed in firewall rules and can be added in new tuple called profile in firewall rules. To get a list of supported attributes and sub-attributes fire the following REST API GET https://&lt;policy-mgr&gt;/policy/api/v1/infra/context-profiles/attributes", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyContextProfile", 
  "module_id": "PolicyContextProfile", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "attributes": {
      "description": "Property containing attributes/sub-attributes for Policy Context Profile.", 
      "items": {
        "$ref": "PolicyAttributes
      }, 
      "required": true, 
      "title": "Array of Policy Context Profile attributes", 
      "type": "array"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Policy Context Profile entity", 
  "type": "object"
}

PolicyContextProfileDeleteRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DeleteRequestParameters
  }, 
  "id": "PolicyContextProfileDeleteRequestParameters", 
  "module_id": "PolicyContextProfile", 
  "properties": {
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }
  }, 
  "title": "Policy Context Profile delete request parameters", 
  "type": "object"
}

PolicyContextProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PolicyContextProfileListRequestParameters", 
  "module_id": "PolicyContextProfile", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Policy Context Profile list request parameters", 
  "type": "object"
}

PolicyContextProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyContextProfileListResult", 
  "module_id": "PolicyContextProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyContextProfile
      }, 
      "readonly": true, 
      "title": "Paged collection of PolicyContextProfiles", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List result of PolicyContextProfiles", 
  "type": "object"
}

PolicyDHGroup (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1024-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group.", 
  "enum": [
    "GROUP2", 
    "GROUP5", 
    "GROUP14", 
    "GROUP15", 
    "GROUP16"
  ], 
  "id": "PolicyDHGroup", 
  "module_id": "PolicyL3Vpn", 
  "title": "Diffie-Hellman groups", 
  "type": "string"
}

PolicyDnsAnswerPerEnforcementPoint (type) 

{
  "abstract": true, 
  "description": "DNS forwarder nslookup answer per enforcement point.", 
  "id": "PolicyDnsAnswerPerEnforcementPoint", 
  "module_id": "PolicyDnsForwarder", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "enforcement_point_path": {
      "description": "Policy path referencing the enforcement point from where the DNS forwarder nslookup answer is fetched.", 
      "readonly": true, 
      "title": "Enforcement point path", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Resource type of the DNS forwarder nslookup answer.", 
      "enum": [
        "NsxTDnsAnswer"
      ], 
      "required": true, 
      "title": "Resource type", 
      "type": "string"
    }
  }, 
  "title": "NSLookup answer per enforcement point", 
  "type": "object"
}

PolicyDnsForwarder (type) 

{
  "additionalProperties": false, 
  "description": "Used to configure DNS Forwarder", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyDnsForwarder", 
  "module_id": "PolicyDnsForwarder", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "conditional_forwarder_zone_paths": {
      "description": "Max of 5 DNS servers can be configured", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 5, 
      "required": false, 
      "title": "Path of conditional DNS zones", 
      "type": "array"
    }, 
    "default_forwarder_zone_path": {
      "description": "This is the zone to which DNS requests are forwarded by default", 
      "required": true, 
      "title": "Path of the default DNS zone.", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "The flag, which suggests whether the DNS forwarder is enabled or disabled. The default is True.", 
      "title": "DNS forwarder enabled flag", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "listener_ip": {
      "$ref": "IPv4Address, 
      "description": "This is the IP on which the DNS Forwarder listens.", 
      "required": true, 
      "title": "IP on which the DNS Forwarder listens."
    }, 
    "log_level": {
      "default": "INFO", 
      "description": "Set log_level to DISABLED will stop dumping fowarder log.", 
      "enum": [
        "DEBUG", 
        "INFO", 
        "WARNING", 
        "ERROR", 
        "FATAL"
      ], 
      "required": false, 
      "title": "Log level of the dns forwarder", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "DNS Forwarder", 
  "type": "object"
}

PolicyDnsForwarderZone (type) 

{
  "additionalProperties": false, 
  "description": "Used to configure zones on DNS Forwarder", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyDnsForwarderZone", 
  "module_id": "PolicyDnsForwarder", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "dns_domain_names": {
      "description": "List of domain names on which conditional forwarding is based. This field is required if the DNS Zone is being used for a conditional forwarder. This field will also be used for conditional reverse lookup. Example 1, if for one of the zones, one of the entries in the fqdn is example.com, all the DNS requests under the domain example.com will be served by the corresponding upstream DNS server. Example 2, if for one of the zones, one of the entries in the fqdn list is \"13.12.30.in-addr.arpa\", reverse lookup for 30.12.13.0/24 will go to the corresponding DNS server.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "List of domain names", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "source_ip": {
      "$ref": "IPv4Address, 
      "description": "The source IP used by the DNS Forwarder zone.", 
      "required": false, 
      "title": "Source IP used by DNS Forwarder zone"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "upstream_servers": {
      "description": "Max of 3 DNS servers can be configured", 
      "items": {
        "$ref": "IPv4Address
      }, 
      "maxItems": 3, 
      "required": true, 
      "title": "DNS servers to which the DNS request needs to be forwarded", 
      "type": "array"
    }
  }, 
  "title": "DNS Forwarder Zone", 
  "type": "object"
}

PolicyDnsForwarderZoneListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PolicyDnsForwarderZoneListRequestParameters", 
  "module_id": "PolicyDnsForwarder", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "DNS Forwarder Zone list request parameters", 
  "type": "object"
}

PolicyDnsForwarderZoneListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyDnsForwarderZoneListResult", 
  "module_id": "PolicyDnsForwarder", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyDnsForwarderZone
      }, 
      "required": true, 
      "title": "Dns Forwarder Zone list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of DNS Forwarder Zones", 
  "type": "object"
}

PolicyDraft (type) 

{
  "additionalProperties": false, 
  "description": "A draft which stores the system generated as well as user intended changes in a hierarchical body format.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyDraft", 
  "module_id": "PolicyDraft", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_auto_draft": {
      "default": false, 
      "description": "Flag to indicate whether draft is auto created. True indicates that the draft is an auto draft. False indicates that the draft is a manual draft.", 
      "readonly": true, 
      "title": "Auto draft flag", 
      "type": "boolean"
    }, 
    "lock_comments": {
      "description": "Comments for a policy draft lock/unlock.", 
      "readonly": false, 
      "required": false, 
      "title": "Policy draft lock/unlock comments", 
      "type": "string"
    }, 
    "lock_modified_by": {
      "description": "ID of the user who last modified the lock for a policy draft.", 
      "readonly": true, 
      "required": false, 
      "title": "User who locked a policy draft", 
      "type": "string"
    }, 
    "lock_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "Policy draft locked/unlocked time in epoch milliseconds.", 
      "readonly": true, 
      "required": false, 
      "title": "Policy draft locked/unlocked time"
    }, 
    "locked": {
      "default": false, 
      "description": "Indicates whether a draft should be locked. If the draft is locked by an user, then no other user would be able to modify or publish this draft. Once the user releases the lock, other users can then modify or publish this draft.", 
      "required": false, 
      "title": "Lock a policy draft", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "ref_draft_path": {
      "description": "When specified, a manual draft will be created w.r.t. the specified draft. If not specified, manual draft will be created w.r.t. the current published configuration. For an auto draft, this will always be null.", 
      "title": "Path of an existing draft for reference", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "system_area": {
      "$ref": "Infra, 
      "description": "Configuration changes against the current configuration, tracked by the system. The value is stored in a hierarchical body format.", 
      "readonly": true, 
      "title": "Configuration changes tracked by the system"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "user_area": {
      "$ref": "Infra, 
      "description": "These are user defined configuration changes, which are applicable only in case of manual drafts. During the publish of a draft, system_area changes gets applied first, and then these changes. The value must be in a hierarchical body format.", 
      "title": "User defined configuration changes"
    }
  }, 
  "title": "Policy draft", 
  "type": "object"
}

PolicyDraftListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Request parameters to be passed while listing policy drafts.", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PolicyDraftListRequestParameters", 
  "module_id": "PolicyDraft", 
  "properties": {
    "auto_drafts": {
      "description": "If set to true, then only auto drafts will be get fetched. If set to false, then only manual drafts will be get fetched. If not set, then all drafts will be get fetched.", 
      "title": "Fetch list of draft based on is_auto_draft flag", 
      "type": "boolean"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Policy draft list request parameters", 
  "type": "object"
}

PolicyDraftListResult (type) 

{
  "additionalProperties": false, 
  "description": "This holds the list of policy drafts.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyDraftListResult", 
  "module_id": "PolicyDraft", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Paginated list of policy drafts.", 
      "items": {
        "$ref": "PolicyDraft
      }, 
      "readonly": true, 
      "title": "Policy drafts list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of policy drafts", 
  "type": "object"
}

PolicyEdgeCluster (type) 

{
  "description": "Policy manager periodically reads edge clusters from enforcement point and corresponding read-only intent objects are auto-created.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyEdgeCluster", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "nsx_id": {
      "description": "UUID of edge cluster on enforcement point.", 
      "readonly": true, 
      "title": "UUID of edge cluster on enforcement point", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "search_dsl_exclude": true, 
  "title": "Edge Cluster", 
  "type": "object"
}

PolicyEdgeClusterListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Edge Cluster list request parameters", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PolicyEdgeClusterListRequestParameters", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

PolicyEdgeClusterListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paged Collection of Edge Cluster", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyEdgeClusterListResult", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyEdgeCluster
      }, 
      "required": true, 
      "title": "Edge Cluster", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Edge Cluster", 
  "type": "object"
}

PolicyEdgeNode (type) 

{
  "description": "Policy manager periodically reads edge nodes from enforcement point and corresponding read-only intent objects are auto-created.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyEdgeNode", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "member_index": {
      "description": "Member index of edge node in edge cluster.", 
      "readonly": true, 
      "title": "Member index of edge node in edge cluster", 
      "type": "integer"
    }, 
    "nsx_id": {
      "description": "UUID of edge node on enforcement point.", 
      "readonly": true, 
      "title": "UUID of edge node on enforcement point", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "search_dsl_exclude": true, 
  "title": "Edge Node", 
  "type": "object"
}

PolicyEdgeNodeListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Edge Node list request parameters", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PolicyEdgeNodeListRequestParameters", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

PolicyEdgeNodeListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paged Collection of Edge Node", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyEdgeNodeListResult", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyEdgeNode
      }, 
      "required": true, 
      "title": "Edge Node", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Edge Node", 
  "type": "object"
}

PolicyExcludeList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyExcludeList", 
  "module_id": "PolicyFirewallConfiguration", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "members": {
      "description": "List of the members in the exclude list", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 100, 
      "required": true, 
      "title": "ExcludeList member list", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

PolicyFineTuningResourceInfo (type) 

{
  "additionalProperties": false, 
  "description": "It represent the resource with details of name and fields it owns.", 
  "id": "PolicyFineTuningResourceInfo", 
  "module_id": "PolicyFineTuning", 
  "properties": {
    "fields": {
      "items": {
        "$ref": "PolicyFineTuningResourceInfoDetail
      }, 
      "required": true, 
      "title": "List of all field of any resource", 
      "type": "array"
    }, 
    "resource_name": {
      "description": "It will represent resource with name and fields.", 
      "required": true, 
      "title": "Resource name", 
      "type": "string"
    }
  }, 
  "title": "Contains the detail of resources with name and fields", 
  "type": "object"
}

PolicyFineTuningResourceInfoDetail (type) 

{
  "additionalProperties": false, 
  "description": "Contains the details of resource field", 
  "id": "PolicyFineTuningResourceInfoDetail", 
  "module_id": "PolicyFineTuning", 
  "properties": {
    "field_name": {
      "description": "It will represent resource with name and fields.", 
      "required": true, 
      "title": "Resource name", 
      "type": "string"
    }, 
    "sub_type": {
      "$ref": "PolicyFineTuningResourceInfo, 
      "required": true, 
      "title": "List of all field of any resource"
    }
  }, 
  "title": "Contains the details resources with field type and name", 
  "type": "object"
}

PolicyFirewallFloodProtectionProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "This entity will be used to establish association between Firewall Flood Protection profile and Group. Using this entity, user can specify intent for applying Firewall Flood Protection profile to particular Group.", 
  "extends": {
    "$ref": "ProfileBindingMap
  }, 
  "id": "PolicyFirewallFloodProtectionProfileBindingMap", 
  "module_id": "PolicyFirewallFloodProtectionProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "profile_path": {
      "description": "PolicyPath of associated Profile", 
      "required": true, 
      "title": "Profile Path", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sequence_number": {
      "description": "Sequence number is used to resolve conflicts when two profiles get applied to a single port. Lower value gets higher precedence. Two binding maps having the same profile path should have the same sequence number.", 
      "required": true, 
      "title": "Sequence number of this profile binding map.", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Policy DFW Flood Protection Profile binding map", 
  "type": "object"
}

PolicyFirewallFloodProtectionProfileBindingMapListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PolicyFirewallFloodProtectionProfileBindingMapListRequestParameters", 
  "module_id": "PolicyFirewallFloodProtectionProfileBinding", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Policy Firewall Flood Protection Profile Binding Map list request parameters", 
  "type": "object"
}

PolicyFirewallFloodProtectionProfileBindingMapListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyFirewallFloodProtectionProfileBindingMapListResult", 
  "module_id": "PolicyFirewallFloodProtectionProfileBinding", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyFirewallFloodProtectionProfileBindingMap
      }, 
      "required": true, 
      "title": "Firewall Flood Protection Profile Binding Map list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Firewall Flood Protection Profile Binding Maps", 
  "type": "object"
}

PolicyFirewallSessionTimerProfile (type) 

{
  "description": "A profile holding TCP, UDP and ICMP session timeout configuration.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyFirewallSessionTimerProfile", 
  "module_id": "PolicyFirewallSessionTimerProfile", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "icmp_error_reply": {
      "default": 10, 
      "description": "The timeout value for the connection after an ICMP error came back in response to an ICMP packet.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Timeout after ICMP error", 
      "type": "integer"
    }, 
    "icmp_first_packet": {
      "default": 20, 
      "description": "The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new ICMP flow.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "First packet connection timeout", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_closed": {
      "default": 20, 
      "description": "The timeout value of connection in seconds after one endpoint sends an RST.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Timeout after RST", 
      "type": "integer"
    }, 
    "tcp_closing": {
      "default": 120, 
      "description": "The timeout value of connection in seconds after the first FIN has been sent.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Timeout after first TN", 
      "type": "integer"
    }, 
    "tcp_established": {
      "default": 43200, 
      "description": "The timeout value of connection in seconds once the connection has become fully established.", 
      "maximum": 4320000, 
      "minimum": 120, 
      "readonly": false, 
      "required": true, 
      "title": "Connection timeout", 
      "type": "integer"
    }, 
    "tcp_finwait": {
      "default": 45, 
      "description": "The timeout value of connection in seconds after both FINs have been exchanged and connection is closed.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Timeout after FINs exchanged", 
      "type": "integer"
    }, 
    "tcp_first_packet": {
      "default": 120, 
      "description": "The timeout value of connection in seconds after the first packet has been sent.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Connection timout after first packet", 
      "type": "integer"
    }, 
    "tcp_opening": {
      "default": 30, 
      "description": "The timeout value of connection in seconds after a second packet has been transferred.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Connection timout after second packet", 
      "type": "integer"
    }, 
    "udp_first_packet": {
      "default": 60, 
      "description": "The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new UDP flow.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Connection timout after first packet", 
      "type": "integer"
    }, 
    "udp_multiple": {
      "default": 60, 
      "description": "The timeout value of connection in seconds if both hosts have sent packets.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Timeout after hosts sent packet", 
      "type": "integer"
    }, 
    "udp_single": {
      "default": 30, 
      "description": "The timeout value of connection in seconds if the source host sends more than one packet but the destination host has never sent one back.", 
      "maximum": 4320000, 
      "minimum": 10, 
      "readonly": false, 
      "required": true, 
      "title": "Connection timeout for destination", 
      "type": "integer"
    }
  }, 
  "title": "Policy Firewall Session timeout profile", 
  "type": "object"
}

PolicyFirewallSessionTimerProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "This entity will be used to establish association between Firewall Timer session profile and Group. Using this entity, user can specify intent for applying Firewall Timer session profile to particular Group.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyFirewallSessionTimerProfileBindingMap", 
  "module_id": "PolicyFirewallSessionTimerProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "firewall_session_timer_profile_path": {
      "description": "PolicyPath of associated Firewall Timer Session Profile", 
      "required": true, 
      "title": "Firewall Session Timer Profile Path", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sequence_number": {
      "description": "Sequence number is used to resolve conflicts when two profiles get applied to a single port. Lower value gets higher precedence. Two binding maps having the same profile path should have the same sequence number.", 
      "required": false, 
      "title": "Sequence number of this profile binding map.", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Policy DFW Timer Session Profile binding map", 
  "type": "object"
}

PolicyFirewallSessionTimerProfileBindingMapListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PolicyFirewallSessionTimerProfileBindingMapListRequestParameters", 
  "module_id": "PolicyFirewallSessionTimerProfileBinding", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Policy Firewall Session Timer Profile Binding Map list request parameters", 
  "type": "object"
}

PolicyFirewallSessionTimerProfileBindingMapListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyFirewallSessionTimerProfileBindingMapListResult", 
  "module_id": "PolicyFirewallSessionTimerProfileBinding", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyFirewallSessionTimerProfileBindingMap
      }, 
      "required": true, 
      "title": "Firewall Session Timer Profile Binding Map list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Firewall Session Timer Profile Binding Maps", 
  "type": "object"
}

PolicyFirewallSessionTimerProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PolicyFirewallSessionTimerProfileListRequestParameters", 
  "module_id": "PolicyFirewallSessionTimerProfile", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Policy Firewall Session timeout profile list request parameters", 
  "type": "object"
}

PolicyFirewallSessionTimerProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyFirewallSessionTimerProfileListResult", 
  "module_id": "PolicyFirewallSessionTimerProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyFirewallSessionTimerProfile
      }, 
      "required": true, 
      "title": "Policy Firewall Session timeout profile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Policy Firewall Session timeout profiles", 
  "type": "object"
}

PolicyGroupIPMembersListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paginated collection of IP members belonging to a Group.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyGroupIPMembersListResult", 
  "module_id": "PolicyGroupRealization", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "IPElement
      }, 
      "required": true, 
      "title": "Paged Collection of IP addresses that belong to the given Group", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Group IP members list result", 
  "type": "object"
}

PolicyGroupMemberDetails (type) 

{
  "additionalProperties": false, 
  "description": "Details of the member belonging to a Group", 
  "id": "PolicyGroupMemberDetails", 
  "module_id": "PolicyGroupRealization", 
  "properties": {
    "display_name": {
      "readonly": true, 
      "required": true, 
      "title": "The display name of the member on the enforcement point", 
      "type": "string"
    }, 
    "id": {
      "readonly": true, 
      "required": true, 
      "title": "The ID of the member on the enforcement point", 
      "type": "string"
    }, 
    "path": {
      "readonly": true, 
      "required": true, 
      "title": "The path of the member, if relevant", 
      "type": "string"
    }
  }, 
  "title": "Group member details", 
  "type": "object"
}

PolicyGroupMembersListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paginated collection of members belonging to a Group.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyGroupMembersListResult", 
  "module_id": "PolicyGroupRealization", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyGroupMemberDetails
      }, 
      "required": true, 
      "title": "Paged Collection of members that belong to the given Group", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Group members list result", 
  "type": "object"
}

PolicyIKEDigestAlgorithm (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "The IKEDigestAlgorithms are used to verify message integrity during IKE negotiation. SHA1 produces 160 bits hash and SHA2_256 produces 256 bit hash.", 
  "enum": [
    "SHA1", 
    "SHA2_256"
  ], 
  "id": "PolicyIKEDigestAlgorithm", 
  "module_id": "PolicyL3Vpn", 
  "title": "Digest Algorithms used in IKE negotiations", 
  "type": "string"
}

PolicyIKEEncryptionAlgorithm (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "IKEEncryption algorithms are used to ensure confidentiality of the messages exchanged during IKE negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode(GCM) and is used to provide both confidentiality and data origin authentication. AES_GCM composed of two separate functions one for encryption(AES) and one for authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only. AES_GMAC_128 uses 128-bit keys. AES_GMAC_192 uses 192-bit keys. AES_GMAC_256 uses 256-bit keys.", 
  "enum": [
    "AES_128", 
    "AES_256", 
    "AES_GCM_128", 
    "AES_GCM_192", 
    "AES_GCM_256"
  ], 
  "id": "PolicyIKEEncryptionAlgorithm", 
  "module_id": "PolicyL3Vpn", 
  "title": "Encryption algorithms used in IKE", 
  "type": "string"
}

PolicyIKEVersion (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.", 
  "enum": [
    "IKE_V1", 
    "IKE_V2", 
    "IKE_FLEX"
  ], 
  "id": "PolicyIKEVersion", 
  "module_id": "PolicyL3Vpn", 
  "title": "IKE version", 
  "type": "string"
}

PolicyIPAddressInfo (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Used to specify the display name and value of the IPv4Address.", 
  "id": "PolicyIPAddressInfo", 
  "module_id": "PolicyL3Vpn", 
  "properties": {
    "address_value": {
      "$ref": "IPv4Address, 
      "description": "Value of the IPv4Address.", 
      "required": true, 
      "title": "Value of the IPv4Address"
    }, 
    "display_name": {
      "description": "Display name used to help identify the IPv4Address.", 
      "required": false, 
      "title": "Display name of the IPv4Address", 
      "type": "string"
    }, 
    "next_hop": {
      "$ref": "IPv4Address, 
      "description": "Next hop used in auto-plumbing of static route. If a value is not provided, static route will not be auto-plumbed.", 
      "required": false, 
      "title": "Next Hop of the IPv4Address"
    }
  }, 
  "title": "IP address information", 
  "type": "object"
}

PolicyInsertParameters (type) 

{
  "description": "Parameters to let the admin specify a relative position of a security policy or rule w.r.t to another one.", 
  "id": "PolicyInsertParameters", 
  "module_id": "Policy", 
  "properties": {
    "anchor_path": {
      "required": false, 
      "title": "The security policy/rule path if operation is 'insert_after' or\n'insert_before'\n", 
      "type": "string"
    }, 
    "operation": {
      "default": "insert_top", 
      "enum": [
        "insert_top", 
        "insert_bottom", 
        "insert_after", 
        "insert_before"
      ], 
      "required": false, 
      "title": "Operation", 
      "type": "string"
    }
  }, 
  "title": "Parameters to tell where security policy/rule needs to be placed\n", 
  "type": "object"
}

PolicyInterfaceStatistics (type) 

{
  "additionalProperties": false, 
  "description": "Tier0 or Tier1 interface statistics on specific Enforcement Point.", 
  "extends": {
    "$ref": "LogicalRouterPortStatistics
  }, 
  "id": "PolicyInterfaceStatistics", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "logical_router_port_id": {
      "required": true, 
      "title": "The ID of the logical router port", 
      "type": "string"
    }, 
    "per_node_statistics": {
      "additionalProperties": false, 
      "items": {
        "$ref": "LogicalRouterPortStatisticsPerNode
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Per Node Statistics", 
      "type": "array"
    }
  }, 
  "title": "Tier0 or Tier1 interface statistics on specific Enforcement Point", 
  "type": "object"
}

PolicyLabel (type) 

{
  "additionalProperties": false, 
  "description": "Label to reference group of policy entities of same type.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyLabel", 
  "module_id": "PolicyLabel", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "refs": {
      "description": "Policy entity paths referred by the label instance", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Policy entity paths referred by the label instance", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "type": {
      "description": "Policy intent entity type from PolicyResourceType", 
      "required": true, 
      "title": "Policy intent entity type from PolicyResourceType", 
      "type": "string"
    }
  }, 
  "title": "Label to reference group of policy entities of same type.", 
  "type": "object"
}

PolicyLabelListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PolicyLabelListRequestParameters", 
  "module_id": "PolicyLabel", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "PolicyLabel list request parameters", 
  "type": "object"
}

PolicyLabelListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyLabelListResult", 
  "module_id": "PolicyLabel", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyLabel
      }, 
      "required": true, 
      "title": "Policy label list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Domains", 
  "type": "object"
}

PolicyLbMonitorProfile (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "All the types of PolicyLbMonitorProfile extend from this abstract class. This is present for extensibility.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyLbMonitorProfile", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.", 
      "required": false, 
      "title": "Monitor fall count for active healthchecks", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.", 
      "required": false, 
      "title": "Monitor interval in seconds for active healthchecks", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "monitor_port": {
      "description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Monitor port for active healthchecks", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "TcpPolicyLbMonitorProfile", 
        "UdpPolicyLbMonitorProfile", 
        "IcmpPolicyLbMonitorProfile", 
        "HttpPolicyLbMonitorProfile", 
        "HttpsPolicyLbMonitorProfile"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "rise_count": {
      "default": 3, 
      "description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.", 
      "required": false, 
      "title": "Monitor rise count for active healthchecks", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "description": "Timeout specified in seconds.  After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
      "required": false, 
      "title": "Monitor timeout in seconds for active healthchecks", 
      "type": "integer"
    }
  }, 
  "title": "Base class for each type or protocol of PolicyLbMonitorProfile", 
  "type": "object"
}

PolicyLbPersistenceProfile (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a PolicyLbVirtualServer by binding a persistence profile to it.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyLbPersistenceProfile", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "L4PolicyLbPersistenceProfile", 
        "L7PolicyLbPersistenceProfile", 
        "CustomPolicyLbPersistenceProfile"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Contains the information related to load balancer persistence options", 
  "type": "object"
}

PolicyLbPoolAccess (type) 

{
  "additionalProperties": false, 
  "description": "Defining access of a Group from a PolicyLbVirtualServer and binding to PolicyLbMonitorProfile.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyLbPoolAccess", 
  "module_id": "TempPolicyLoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "algorithm": {
      "default": "ROUND_ROBIN", 
      "description": "Load balanding algorithm controls how the incoming connections are distributed among the members. - ROUND_ROBIN - requests to the application servers are distributed in a round-robin fashion, - LEAST_CONNECTION - next request is assigned to the server with the least number of active connections", 
      "enum": [
        "ROUND_ROBIN", 
        "LEAST_CONNECTION"
      ], 
      "required": false, 
      "title": "Load balancing algorithm", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_port_list": {
      "description": "IP Port list for applications within the Group to allow for non-uniform port usage by applications", 
      "items": {
        "$ref": "IPAddressPortPair
      }, 
      "required": false, 
      "title": "IP Port list for applications within the Group", 
      "type": "array"
    }, 
    "lb_monitor_profile": {
      "description": "Path of the PolicyLbMonitorProfile to actively monitor the PolicyLbPoolAccess's Group", 
      "required": false, 
      "title": "Path of the PolicyLbMonitorProfile to actively monitor the PolicyLbPoolAccess's Group", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "pool_port": {
      "description": "Port for LoadBalancer to send connections to the PolicyLbPoolAccess's Group. Pool_port could be optional, if it is not specified, LB will use PolicyLbVirtualServer port to connect to backend servers. If the PolicyLbMonitorProfile is configured in PolicyLbPoolAccess and active monitor IP protocol is TCP/UDP(which requires TCP or UDP port number), monitor_port should be specified if pool_port is unset.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Port for LoadBalancer to send traffic", 
      "type": "int"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "source_nat": {
      "default": "ENABLED", 
      "description": "Depending on the topology, Source NAT (SNAT) may be required to ensure traffic from the server destined to the client is received by the load balancer. SNAT can be enabled per pool. If SNAT is not enabled for a pool, then load balancer uses the client IP and port (spoofing) while establishing connections to the servers. This is referred to as no-SNAT or TRANSPARENT mode.  SNAT is enabled by default and will use the load balancer interface IP and an ephemeral port as the source IP and port of the server side connection.", 
      "enum": [
        "ENABLED", 
        "DISABLED"
      ], 
      "required": false, 
      "title": "Source NAT setting of the PolicyLbPoolAccess", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Defining access a Group from a PolicyLbVirtualServer and binding to PolicyLbMonitorProfile", 
  "type": "object"
}

PolicyLbRule (type) 

{
  "additionalProperties": false, 
  "description": "Binding of a LbPoolAccess and Group to a PolicyLbVirtualServer used to route application traffic passing through load balancers. PolicyLbRule uses match conditions to match application traffic passing through a PolicyLbVirtualServer using HTTP or HTTPS. Can bind multiple PolicyLbVirtualServers to a Group. Each PolicyLbRule consists of two optional match conditions, each match contidion defines a criterion for application traffic.  If no match conditions are specified, then the PolicyLbRule will always match and it is used typically to define default rules. If more than one match condition is specified, then matching strategy determines if all conditions should match or any one condition should match for the PolicyLbRule to be considered a match.  A match indicates that the PolicyLbVirtualServer should route the request to the Group (parent of PolicyLbRule).", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyLbRule", 
  "module_id": "TempPolicyLoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "host_match": {
      "description": "This condition is used to match HTTP request messages by the specific HTTP header field, Host.  The Host request header specifies the domain name of the server. The supplied Host HTTP header match condition will be matched as a regular expression. The regular expressions in load balancer rules use the features common to both Java regular expressions and Perl Compatible Regular Expressions (PCREs) with some restrictions. Reference http://www.pcre .org for PCRE and the NSX-T Administrator's Guide for the restrictions. Please note, when regular expressions are used in JSON (JavaScript Object Notation) string, every backslash character (\\) needs to be escaped by one additional backslash character.", 
      "required": false, 
      "title": "Host HTTP header match condition", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "lb_virtual_server": {
      "description": "The path of PolicyLbVirtualServer to bind to this PolicyLbRule and its Group", 
      "required": false, 
      "title": "PolicyLbVirtualServer path", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "match_strategy": {
      "default": "ANY", 
      "description": "If more than one match condition is specified, then matching strategy determines if all conditions should match or any one condition should match for the LB Rule to be considered a match. - ALL indicates that both host_match and path_match must match for this PolicyLbRule to be considered a match - ANY indicates that either host_match or patch match may match for this PolicyLbRule to be considered a match", 
      "enum": [
        "ALL", 
        "ANY"
      ], 
      "required": false, 
      "title": "Match strategy for determining match of multiple conditions", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "path_match": {
      "description": "This condition is used to match URIs(Uniform Resource Identifier) of HTTP request messages. The URI field can be specified as a regluar expression. If an HTTP request message is requesting an URI which matches specified regular expression, it matches the condition. The syntax of whole URI looks like this: scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment] This condition matches only the path part of entire URI. The path_match field is used as a regular expression to match URI path of HTTP requests. For example, to match any URI that has \"/image/\" or \"/images/\", uri field can be specified as: \"/image[s]?/\". The regular  expressions in load balancer rules use the features common to both  Java regular expressions and Perl Compatible Regular Expressions  (PCREs) with some restrictions. Reference http://www.pcre .org for  PCRE and the NSX-T Administrator's Guide for the restrictions.  Please note, when regular expressions are used in JSON (JavaScript  Object Notation) string, every backslash character (\\) needs to be  escaped by one additional backslash character.", 
      "required": false, 
      "title": "HTTP request uri match condition", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sequence_number": {
      "description": "This field is used to resolve conflicts between multiple PolicyLbRules associated with a single PolicyLbVirtualServer and will be applied numerically or low to high", 
      "required": false, 
      "title": "Sequence number of the this PolicyLbRule", 
      "type": "int"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Binding of a LbPoolAccess and Group to a PolicyLbVirtualServer", 
  "type": "object"
}

PolicyLbVirtualServer (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "All the types of PolicyLbVirtualServer extend from this abstract class. This is present for extensibility.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyLbVirtualServer", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "access_log_enabled": {
      "default": false, 
      "description": "If access log is enabled, all HTTP requests sent to an L7 virtual server are logged to the access log file. Both successful requests (backend server returns 2xx) and unsuccessful requests (backend server returns 4xx or 5xx) are logged to access log, if enabled.", 
      "required": false, 
      "title": "Access log enabled setting", 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "description": "Configures the IP address of the PolicyLbVirtualServer where it receives all client connections and distributes them among the backend servers.", 
      "required": true, 
      "title": "IP address of the PolicyLbVirtualServer"
    }, 
    "lb_persistence_profile": {
      "description": "Path to optional object that enables persistence on a virtual server allowing related client connections to be sent to the same backend server. Persistence is disabled by default.", 
      "required": false, 
      "title": "Persistence Profile used by PolicyLbVirtualServer", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "ports": {
      "description": "Ports contains a list of at least one port or port range such as \"80\", \"1234-1236\". Each port element in the list should be a single port or a single port range.", 
      "items": {
        "$ref": "PortElement
      }, 
      "required": true, 
      "title": "Virtual server port number(s) or port range(s)", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "TcpPolicyLbVirtualServer", 
        "UdpPolicyLbVirtualServer", 
        "HttpPolicyLbVirtualServer", 
        "HttpsPolicyLbVirtualServer", 
        "CustomPolicyLbVirtualServer"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "router_path": {
      "description": "Path to router type object that PolicyLbVirtualServer connects to. The only supported router object is Network.", 
      "required": true, 
      "title": "Path to router type object for PolicyLbVirtualServer", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "traffic_source": {
      "type": "string"
    }
  }, 
  "title": "Base class for each type of PolicyLbVirtualServer", 
  "type": "object"
}

PolicyListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "PolicyListRequestParameters", 
  "module_id": "Policy", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Policy list request parameters", 
  "type": "object"
}

PolicyListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyListResult", 
  "module_id": "Policy", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of security policies", 
  "type": "object"
}

PolicyNATRuleCounters (type) 

{
  "additionalProperties": false, 
  "description": "Gives the statistics count of a NAT rule.", 
  "id": "PolicyNATRuleCounters", 
  "module_id": "PolicyNAT", 
  "properties": {
    "active_sessions": {
      "description": "Gives the total number of active sessions.", 
      "readonly": true, 
      "title": "Active sessions", 
      "type": "integer"
    }, 
    "total_bytes": {
      "description": "Gives the total number of bytes.", 
      "readonly": true, 
      "title": "Total bytes", 
      "type": "integer"
    }, 
    "total_packets": {
      "description": "Gives the total number of packets.", 
      "readonly": true, 
      "title": "Total packets", 
      "type": "integer"
    }
  }, 
  "title": "Statistics count", 
  "type": "object"
}

PolicyNat (type) 

{
  "additionalProperties": false, 
  "description": "Represents NAT section. This object is created by default when corresponding tier-0/tier-1 is created. Under tier-0/tier-1 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT).", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyNat", 
  "module_id": "PolicyNAT", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "nat_type": {
      "description": "Represents a NAT section under tier-0/tier-1.", 
      "enum": [
        "INTERNAL", 
        "USER", 
        "DEFAULT"
      ], 
      "title": "NAT section under tier-0/tier-1", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Contains list of NAT Rules", 
  "type": "object"
}

PolicyNatRule (type) 

{
  "additionalProperties": false, 
  "description": "Represents a NAT rule between source and destination at T0/T1 router.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyNatRule", 
  "module_id": "PolicyNAT", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "action": {
      "description": "Source NAT(SNAT) - translates a source IP address in an outbound packet so that the packet appears to originate from a different network. SNAT is only supported when the logical router is running in active-standby mode. Destination NAT(DNAT) - translates the destination IP address of inbound packets so that packets are delivered to a target address into another network. DNAT is only supported when the logical router is running in active-standby mode. Reflexive NAT(REFLEXIVE) - IP-Range and CIDR are supported to define the \"n\". The number of original networks should be exactly the same as that of translated networks. The address translation is deterministic. Reflexive is supported on both Active/Standby and Active/Active LR. NO_SNAT and NO_DNAT - These do not have support for translated_fields, only source_network and destination_network fields are supported.", 
      "enum": [
        "SNAT", 
        "DNAT", 
        "REFLEXIVE", 
        "NO_SNAT", 
        "NO_DNAT"
      ], 
      "required": true, 
      "title": "Represents action of NAT Rule SNAT, DNAT, REFLEXIVE", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destination_network": {
      "$ref": "IPElementList, 
      "description": "IP Address | Comma separeted list of IP addresses | CIDR. For DNAT and NO_DNAT rules, this is a mandatory field, and represents the destination network for the incoming packets. For other type of rules, optionally it can contain destination network of outgoing packets. NULL value for this field represents ANY network.", 
      "required": false, 
      "title": "Represents the destination network"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "The flag, which suggests whether the NAT rule is enabled or disabled. The default is True.", 
      "title": "Policy NAT Rule enabled flag", 
      "type": "boolean"
    }, 
    "firewall_match": {
      "description": "It indicates how the firewall matches the address after NATing if firewall stage is not skipped.  MATCH_EXTERNAL_ADDRESS indicates the firewall will be applied to external address of a NAT rule. For SNAT, the external address is the translated source address after NAT is done. For DNAT, the external address is the original destination address before NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the translated source address after NAT is done; To ingress traffic, the firewall will be applied to the original destination address before NAT is done.  MATCH_INTERNAL_ADDRESS indicates the firewall will be applied to internal address of a NAT rule. For SNAT, the internal address is the original source address before NAT is done. For DNAT, the internal address is the translated destination address after NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the original source address before NAT is done; To ingress traffic, the firewall will be applied to the translated destination address after NAT is done.  BYPASS indicates the firewall stage will be skipped.  For NO_SNAT or NO_DNAT, it must be BYPASS or leave it unassigned", 
      "enum": [
        "MATCH_EXTERNAL_ADDRESS", 
        "MATCH_INTERNAL_ADDRESS", 
        "BYPASS"
      ], 
      "required": false, 
      "title": "Represents the firewall match flag", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logging": {
      "default": false, 
      "description": "The flag, which suggests whether the logging of NAT rule is enabled or disabled. The default is False.", 
      "title": "Policy NAT Rule logging flag", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "scope": {
      "description": "Represents the array of policy paths of ProviderInterface or NetworkInterface or labels of type ProviderInterface or NetworkInterface on which the NAT rule should get enforced. The interfaces must belong to the same router for which the NAT Rule is created.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Array of policy paths of labels, ProviderInterface, NetworkInterface", 
      "type": "array"
    }, 
    "sequence_number": {
      "default": 0, 
      "description": "The sequence_number decides the rule_priority of a NAT rule. Sequence_number and rule_priority have 1:1 mapping.For each NAT section, there will be reserved rule_priority numbers.The valid range of rule_priority number is from 0 to 2147483647(MAX_INT). 1. INTERNAL section     rule_priority reserved from 0 - 1023 (1024 rules)     valid sequence_number range  0 - 1023 2. USER section    rule_priority reserved from 1024 - 2147482623 (2147481600 rules)    valid sequence_number range  0 - 2147481599 3. DEFAULT section    rule_priority reserved from 2147482624 - 2147483647 (1024 rules)    valid sequence_number range  0 - 1023", 
      "title": "Sequence number of the Nat Rule", 
      "type": "int"
    }, 
    "service": {
      "description": "It represents the path of Service on which the NAT rule will be applied. If not provided or if it is blank then Policy manager will consider it as ANY.", 
      "required": false, 
      "title": "Represents the service on which the NAT rule will be applied", 
      "type": "string"
    }, 
    "source_network": {
      "$ref": "IPElementList, 
      "description": "IP Address | Comma separeted list of IP addresses | CIDR. For SNAT, NO_SNAT and REFLEXIVE rules, this is a mandatory field and represents the source network of the packets leaving the network. For DNAT and NO_DNAT rules, optionally it can contain source network of incoming packets. NULL value for this field represents ANY network.", 
      "required": false, 
      "title": "Represents the source network address"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "translated_network": {
      "$ref": "IPElementList, 
      "description": "IP Address | Comma separeted list of IP addresses | CIDR. For SNAT, DNAT and REFLEXIVE rules, this ia a mandatory field, which represents the translated network address. For NO_SNAT and NO_DNAT this should be empty.", 
      "required": false, 
      "title": "Represents the translated network address"
    }, 
    "translated_ports": {
      "$ref": "PortElement, 
      "required": false, 
      "title": "Port number or port range"
    }
  }, 
  "title": "Represents a NAT rule between source and destination at T0/T1 router", 
  "type": "object"
}

PolicyNatRuleListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PolicyNatRuleListRequestParameters", 
  "module_id": "PolicyNAT", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "NAT Rule list request parameters", 
  "type": "object"
}

PolicyNatRuleListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyNatRuleListResult", 
  "module_id": "PolicyNAT", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyNatRule
      }, 
      "required": true, 
      "title": "NAT Rules list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of NAT Rules", 
  "type": "object"
}

PolicyNatRuleStatistics (type) 

{
  "additionalProperties": false, 
  "description": "Gives the Statistics of a NAT rule.", 
  "extends": {
    "$ref": "PolicyNATRuleCounters
  }, 
  "id": "PolicyNatRuleStatistics", 
  "module_id": "PolicyNAT", 
  "properties": {
    "active_sessions": {
      "description": "Gives the total number of active sessions.", 
      "readonly": true, 
      "title": "Active sessions", 
      "type": "integer"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "readonly": true, 
      "title": "Last update timestamp"
    }, 
    "total_bytes": {
      "description": "Gives the total number of bytes.", 
      "readonly": true, 
      "title": "Total bytes", 
      "type": "integer"
    }, 
    "total_packets": {
      "description": "Gives the total number of packets.", 
      "readonly": true, 
      "title": "Total packets", 
      "type": "integer"
    }, 
    "warning_message": {
      "description": "The warning message about the NAT Rule Statistics.", 
      "readonly": true, 
      "title": "Warning Message", 
      "type": "string"
    }
  }, 
  "title": "Statistics of NAT Rule", 
  "type": "object"
}

PolicyNatRuleStatisticsListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Request parameter to get NAT rule statistics.", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PolicyNatRuleStatisticsListRequestParameters", 
  "module_id": "PolicyNAT", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "enforcement_point_path": {
      "description": "Enforcement point path, forward slashes must be escaped using %2F.", 
      "required": false, 
      "title": "String Path of the enforcement point", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "NAT Rule statistics list request parameters", 
  "type": "object"
}

PolicyNatRuleStatisticsListResult (type) 

{
  "additionalProperties": false, 
  "description": "Gives the collection of NAT rule statistics per enforcement point.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyNatRuleStatisticsListResult", 
  "module_id": "PolicyNAT", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyNatRuleStatisticsPerEnforcementPoint
      }, 
      "required": true, 
      "title": "NAT rules statistics per enforcement point", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Collection of NAT Rule statistics", 
  "type": "object"
}

PolicyNatRuleStatisticsPerEnforcementPoint (type) 

{
  "additionalProperties": false, 
  "description": "Gives the statistics of a NAT rule per enforcement point.", 
  "id": "PolicyNatRuleStatisticsPerEnforcementPoint", 
  "module_id": "PolicyNAT", 
  "properties": {
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point from where the statistics are fetched.", 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "rule_path": {
      "description": "Path of NAT Rule.", 
      "title": "Path of NAT Rule", 
      "type": "string"
    }, 
    "rule_statistics": {
      "description": "Gives NAT rule stats on an enforcement point.", 
      "items": {
        "$ref": "PolicyNatRuleStatistics
      }, 
      "readonly": true, 
      "title": "Rule statistics per enforcement point", 
      "type": "array"
    }
  }, 
  "title": "Statistics of NAT Rule per enforcement point", 
  "type": "object"
}

PolicyNatRuleStatisticsPerLogicalRouter (type) 

{
  "additionalProperties": false, 
  "description": "Gives the statistics of a NAT rule per logical router on specified enforcement point.", 
  "id": "PolicyNatRuleStatisticsPerLogicalRouter", 
  "module_id": "PolicyNAT", 
  "properties": {
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point from where the statistics are fetched.", 
      "title": "Enforcement point Path", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "readonly": true, 
      "title": "Last update timestamp"
    }, 
    "per_node_statistics": {
      "description": "Detailed Rule statistics per logical router.", 
      "items": {
        "$ref": "PolicyNatRuleStatisticsPerTransportNode
      }, 
      "readonly": true, 
      "title": "Detailed Rule statistics", 
      "type": "array"
    }, 
    "router_path": {
      "description": "Path of the router.", 
      "title": "Router path", 
      "type": "string"
    }, 
    "statistics": {
      "$ref": "PolicyNATRuleCounters, 
      "description": "Rolled up statistics for all rules on the logical router.", 
      "readonly": true, 
      "title": "Rolled up statistics"
    }
  }, 
  "title": "Statistics of NAT Rule per logical router", 
  "type": "object"
}

PolicyNatRuleStatisticsPerLogicalRouterListResult (type) 

{
  "additionalProperties": false, 
  "description": "Gives the collection of NAT rule statistics per logical router on specified enforcement point.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyNatRuleStatisticsPerLogicalRouterListResult", 
  "module_id": "PolicyNAT", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyNatRuleStatisticsPerLogicalRouter
      }, 
      "required": true, 
      "title": "NAT rules statistics per logical router", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Collection of NAT rule statistics per logical router", 
  "type": "object"
}

PolicyNatRuleStatisticsPerTransportNode (type) 

{
  "additionalProperties": false, 
  "description": "Gives the Statistics of a NAT rule.", 
  "extends": {
    "$ref": "PolicyNATRuleCounters
  }, 
  "id": "PolicyNatRuleStatisticsPerTransportNode", 
  "module_id": "PolicyNAT", 
  "properties": {
    "active_sessions": {
      "description": "Gives the total number of active sessions.", 
      "readonly": true, 
      "title": "Active sessions", 
      "type": "integer"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated.", 
      "readonly": true, 
      "title": "Last update timestamp"
    }, 
    "total_bytes": {
      "description": "Gives the total number of bytes.", 
      "readonly": true, 
      "title": "Total bytes", 
      "type": "integer"
    }, 
    "total_packets": {
      "description": "Gives the total number of packets.", 
      "readonly": true, 
      "title": "Total packets", 
      "type": "integer"
    }, 
    "transport_node_path": {
      "description": "Policy path of the Edge Node.", 
      "readonly": true, 
      "title": "Node path", 
      "type": "string"
    }
  }, 
  "title": "Statistics of NAT Rule", 
  "type": "object"
}

PolicyNonCompliantConfig (type) 

{
  "id": "PolicyNonCompliantConfig", 
  "module_id": "PolicyCompliance", 
  "properties": {
    "affected_resources": {
      "description": "Resources/Services impacted by non compliant configuration", 
      "items": {
        "$ref": "PolicyResourceReference
      }, 
      "readonly": true, 
      "title": "Resources/Services impacted by non compliant configuration", 
      "type": "array"
    }, 
    "description": {
      "readonly": true, 
      "title": "Detail description of non compliant configuration with suggestive action", 
      "type": "string"
    }, 
    "non_compliance_code": {
      "readonly": true, 
      "title": "Code for non compliant configuration", 
      "type": "integer"
    }, 
    "reported_by": {
      "$ref": "PolicyResourceReference, 
      "readonly": true, 
      "title": "Id and name of non compliant resource/service"
    }
  }, 
  "type": "object"
}

PolicyNsLookupParameters (type) 

{
  "extends": {
    "$ref": "PolicyRuntimeOnEpRequestParameters
  }, 
  "id": "PolicyNsLookupParameters", 
  "module_id": "PolicyDnsForwarder", 
  "properties": {
    "address": {
      "required": false, 
      "title": "IP address or FQDN for nslookup", 
      "type": "string"
    }, 
    "enforcement_point_path": {
      "description": "enforcement point path, forward slashes must be escaped using %2F.", 
      "required": false, 
      "title": "String Path of the enforcement point", 
      "type": "string"
    }
  }, 
  "type": "object"
}

PolicyRealizedResource (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Abstract base class for all the realized policy objects", 
  "extends": {
    "$ref": "PolicyResource
  }, 
  "id": "PolicyRealizedResource", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Abstract base class for all the realized policy objects", 
  "type": "object"
}

PolicyRelatedApiError (type) 

{
  "id": "PolicyRelatedApiError", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "details": {
      "title": "Further details about the error", 
      "type": "string"
    }, 
    "error_code": {
      "title": "A numeric error code", 
      "type": "integer"
    }, 
    "error_data": {
      "title": "Additional data about the error", 
      "type": "object"
    }, 
    "error_message": {
      "title": "A description of the error", 
      "type": "string"
    }, 
    "module_name": {
      "title": "The module name where the error occurred", 
      "type": "string"
    }
  }, 
  "title": "Detailed information about errors from API call to an enforcement point", 
  "type": "object"
}

PolicyResource (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Abstract base class for all the policy objects.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "PolicyResource", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Abstract base class for all the policy objects", 
  "type": "object"
}

PolicyResourceReference (type) 

{
  "additionalProperties": false, 
  "description": "Policy resource reference.", 
  "extends": {
    "$ref": "ResourceReference
  }, 
  "id": "PolicyResourceReference", 
  "module_id": "Policy", 
  "properties": {
    "is_valid": {
      "description": "Will be set to false if the referenced NSX resource has been deleted.", 
      "readonly": true, 
      "required": false, 
      "title": "Target validity", 
      "type": "boolean"
    }, 
    "path": {
      "description": "Absolute path of this object.", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "target_display_name": {
      "description": "Display name of the NSX resource.", 
      "maxLength": 255, 
      "readonly": true, 
      "required": false, 
      "title": "Target display name", 
      "type": "string"
    }, 
    "target_id": {
      "description": "Identifier of the NSX resource.", 
      "maxLength": 64, 
      "readonly": false, 
      "required": false, 
      "title": "Target ID", 
      "type": "string"
    }, 
    "target_type": {
      "description": "Type of the NSX resource.", 
      "maxLength": 255, 
      "readonly": false, 
      "required": false, 
      "title": "Target type", 
      "type": "string"
    }
  }, 
  "title": "Policy resource reference", 
  "type": "object"
}

PolicyResourceReferenceForEP (type) 

{
  "additionalProperties": false, 
  "description": "Policy resource reference for enforcement point", 
  "extends": {
    "$ref": "PolicyResourceReference
  }, 
  "id": "PolicyResourceReferenceForEP", 
  "module_id": "PolicyGroupRealization", 
  "properties": {
    "is_valid": {
      "description": "Will be set to false if the referenced NSX resource has been deleted.", 
      "readonly": true, 
      "required": false, 
      "title": "Target validity", 
      "type": "boolean"
    }, 
    "path": {
      "description": "Absolute path of this object.", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "target_display_name": {
      "description": "Display name of the NSX resource.", 
      "maxLength": 255, 
      "readonly": true, 
      "required": false, 
      "title": "Target display name", 
      "type": "string"
    }, 
    "target_id": {
      "description": "Identifier of the NSX resource.", 
      "maxLength": 64, 
      "readonly": false, 
      "required": false, 
      "title": "Target ID", 
      "type": "string"
    }, 
    "target_type": {
      "description": "Type of the NSX resource.", 
      "maxLength": 255, 
      "readonly": false, 
      "required": false, 
      "title": "Target type", 
      "type": "string"
    }
  }, 
  "title": "Policy resource reference for enforcement point", 
  "type": "object"
}

PolicyResourceReferenceForEPListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paginated collection of policy resource references for enforcement point", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyResourceReferenceForEPListResult", 
  "module_id": "PolicyGroupRealization", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyResourceReferenceForEP
      }, 
      "required": true, 
      "title": "Paged Collection of policy resource references for enforcement point", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Policy resource reference list for enforcement point", 
  "type": "object"
}

PolicyRuntimeAlarm (type) 

{
  "description": "Alarm associated with the PolicyRuntimeInfoPerEP that exposes potential errors when retrieving runtime information from the enforcement point.", 
  "id": "PolicyRuntimeAlarm", 
  "module_id": "PolicyBaseStatistics", 
  "properties": {
    "error_details": {
      "$ref": "PolicyApiError, 
      "description": "Detailed information about errors from an API call made to the enforcement point, if any.", 
      "readonly": true, 
      "title": "Error Detailed Information"
    }, 
    "error_id": {
      "description": "Alarm error id.", 
      "readonly": true, 
      "title": "Alarm Error Id", 
      "type": "string"
    }, 
    "message": {
      "description": "Error message describing the issue.", 
      "readonly": true, 
      "title": "Error Message to Describe the Issue", 
      "type": "string"
    }
  }, 
  "title": "Alarm of PolicyRuntimeInfoPerEP", 
  "type": "object"
}

PolicyRuntimeInfoPerEP (type) 

{
  "abstract": true, 
  "description": "Runtime Info Per Enforcement Point.", 
  "id": "PolicyRuntimeInfoPerEP", 
  "module_id": "PolicyBaseStatistics", 
  "properties": {
    "alarm": {
      "$ref": "PolicyRuntimeAlarm, 
      "description": "Alarm information details.", 
      "readonly": true, 
      "title": "Alarm Information Details"
    }, 
    "enforcement_point_path": {
      "description": "Policy Path referencing the enforcement point where the info is fetched.", 
      "readonly": true, 
      "title": "Enforcement point Path", 
      "type": "string"
    }
  }, 
  "title": "PolicyRuntimeInfoPerEP", 
  "type": "object"
}

PolicyRuntimeOnEpRequestParameters (type) 

{
  "description": "Request parameters that represents an enforcement point path. A request on runtime information can be parameterized with this path and will be evaluated as follows: - no enforcement point path specified: the request is evaluated on all enforcement points. - an enforcement point path is specified: the request is evaluated only on the given enforcement point.", 
  "id": "PolicyRuntimeOnEpRequestParameters", 
  "module_id": "PolicyBaseStatistics", 
  "properties": {
    "enforcement_point_path": {
      "description": "enforcement point path, forward slashes must be escaped using %2F.", 
      "required": false, 
      "title": "String Path of the enforcement point", 
      "type": "string"
    }
  }, 
  "title": "Request Parameters for Policy Runtime on enforcement point", 
  "type": "object"
}

PolicyRuntimeRequestParameters (type) 

{
  "description": "Request parameters that represents an enforcement point path and data source. A request on runtime information can be parameterized with this pair and will be evaluted as follows: - no enforcement point path specified: the request is evaluated on all enforcement points. - an enforcement point path is specified: the request is evaluated only on the given enforcement point.", 
  "extends": {
    "$ref": "DataSourceParameters
  }, 
  "id": "PolicyRuntimeRequestParameters", 
  "module_id": "PolicyBaseStatistics", 
  "properties": {
    "enforcement_point_path": {
      "description": "enforcement point path, forward slashes must be escaped using %2F.", 
      "required": false, 
      "title": "String Path of the enforcement point", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }
  }, 
  "title": "Request Parameters for Policy Runtime Information", 
  "type": "object"
}

PolicySIEnforcementPointRequestParameters (type) 

{
  "description": "Request parameters that represents an enforcement point path. A request can be | parameterized with this path and will be evaluted as follows | > no enforcement point path specified: the request is evaluated on DEFAULT enforcement point. > {enforcement_point_path}: the request is evaluated only on the given enforcement | point.", 
  "id": "PolicySIEnforcementPointRequestParameters", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "enforcement_point_path": {
      "description": "enforcement point path, forward slashes must be escaped using %2F.", 
      "required": false, 
      "title": "String Path of the enforcement point", 
      "type": "string"
    }
  }, 
  "title": "Policy Service Insertion Request Parameters", 
  "type": "object"
}

PolicyServiceChain (type) 

{
  "description": "Service chain is a set of network Services. A Service chain is made up of ordered list of service profiles belonging to any same or different services.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyServiceChain", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "failure_policy": {
      "default": "ALLOW", 
      "description": "Failure policy for the service defines the action to be taken i.e to allow or to block the traffic during failure scenarios.", 
      "enum": [
        "ALLOW", 
        "BLOCK"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Failure Policy", 
      "type": "string"
    }, 
    "forward_path_service_profiles": {
      "description": "Forward path service profiles are applied to ingress traffic.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 4, 
      "readonly": false, 
      "required": true, 
      "title": "Forward path service profiles", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "path_selection_policy": {
      "default": "ANY", 
      "description": "Path selection policy can be - ANY - Service Insertion is free to redirect to any service path regardless of any load balancing considerations or flow pinning. LOCAL - Preference to be given to local service insances. REMOTE - Preference to be given to the SVM co-located on the same host. ROUND_ROBIN - All active service paths are hit with equal probability.", 
      "enum": [
        "ANY", 
        "LOCAL", 
        "REMOTE", 
        "ROUND_ROBIN"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Path Selection Policy", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "reverse_path_service_profiles": {
      "description": "Reverse path service profiles are applied to egress traffic and is optional. 2 different set of profiles can be defined for forward and reverse path. If not defined, the reverse of the forward path service profile is applied.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 4, 
      "readonly": false, 
      "required": false, 
      "title": "Reverse path service profiles", 
      "type": "array"
    }, 
    "service_segment_path": {
      "description": "Path to service segment using which the traffic needs to be redirected.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "readonly": false, 
      "required": true, 
      "title": "Path to service segment", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Policy Service Chain", 
  "type": "object"
}

PolicyServiceChainListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyServiceChainListResult", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyServiceChain
      }, 
      "required": true, 
      "title": "All PolicyServiceChain objects", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Policy Service Chain List", 
  "type": "object"
}

PolicyServiceInstance (type) 

{
  "additionalProperties": false, 
  "description": "Represents an instance of partner Service and its configuration.", 
  "extends": {
    "$ref": "BasePolicyServiceInstance
  }, 
  "id": "PolicyServiceInstance", 
  "module_id": "PolicyServiceInsertion", 
  "polymorphic-type-descriptor": {
    "type-identifier": "PolicyServiceInstance"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "attributes": {
      "description": "List of attributes specific to a partner for which the service is created. There attributes are passed on to the partner appliance.", 
      "items": {
        "$ref": "Attribute
      }, 
      "maxItems": 128, 
      "required": true, 
      "title": "Deployment Template attributes", 
      "type": "array"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "compute_id": {
      "description": "Id of the compute(ResourcePool) to which this service needs to be deployed.", 
      "required": true, 
      "title": "Id of the compute resource.", 
      "type": "string"
    }, 
    "context_id": {
      "description": "UUID of VCenter/Compute Manager as seen on NSX Manager, to which this service needs to be deployed.", 
      "required": false, 
      "title": "Id of the compute manager", 
      "type": "string"
    }, 
    "deployment_mode": {
      "default": "ACTIVE_STANDBY", 
      "description": "Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode.", 
      "enum": [
        "STAND_ALONE", 
        "ACTIVE_STANDBY"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Deployment Mode", 
      "type": "string"
    }, 
    "deployment_spec_name": {
      "description": "Form factor for the deployment of partner service.", 
      "required": true, 
      "title": "Name of the Deployment Specification", 
      "type": "string"
    }, 
    "deployment_template_name": {
      "description": "Template for the deployment of partnet service.", 
      "required": true, 
      "title": "Name of the Deployment Template", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "failure_policy": {
      "default": "BLOCK", 
      "description": "Failure policy for the Service VM. If this values is not provided, it will be defaulted to FAIL_CLOSE.", 
      "enum": [
        "ALLOW", 
        "BLOCK"
      ], 
      "required": false, 
      "title": "Failure policy for the Service VM", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "partner_service_name": {
      "description": "Unique name of Partner Service in the Marketplace", 
      "required": true, 
      "title": "Name of Partner Service", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "primary_interface_mgmt_ip": {
      "$ref": "IPElement, 
      "description": "Management IP Address of primary interface of the Service", 
      "required": true, 
      "title": "Management IP Address of primary interface of the Service"
    }, 
    "primary_interface_network": {
      "description": "Path of the Network to which primary interface of the Service VM needs to be connected", 
      "required": true, 
      "title": "Path of the Network to which primary interface of the Service VM needs to be connected", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "secondary_interface_mgmt_ip": {
      "$ref": "IPElement, 
      "description": "Management IP Address of secondary interface of the Service", 
      "required": true, 
      "title": "Management IP Address of secondary interface of the Service"
    }, 
    "secondary_interface_network": {
      "description": "Path of Network to which secondary interface of the Service VM needs to be connected", 
      "required": true, 
      "title": "Path of Network to which secondary interface of the Service VM needs to be connected", 
      "type": "string"
    }, 
    "storage_id": {
      "description": "Id of the storage(Datastore). VC moref of Datastore to which this service needs to be deployed.", 
      "required": true, 
      "title": "Id of the storage", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_type": {
      "default": "L2_BRIDGE", 
      "description": "Transport to be used while deploying Service-VM.", 
      "enum": [
        "L2_BRIDGE", 
        "L3_ROUTED"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Transport Type", 
      "type": "string"
    }
  }, 
  "title": "Represents an instance of partner Service and its configuration", 
  "type": "object"
}

PolicyServiceInstanceListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PolicyServiceInstanceListRequestParameters", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "PolicyServiceInstance list request parameters", 
  "type": "object"
}

PolicyServiceInstanceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyServiceInstanceListResult", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyServiceInstance
      }, 
      "required": true, 
      "title": "Service instance list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Collection of only SI objects", 
  "type": "object"
}

PolicyServiceInstanceStatistics (type) 

{
  "description": "Statistics for NICs for a PolicyServiceInstance", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "PolicyServiceInstanceStatistics", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "enforcement_point_path": {
      "description": "Enforcement point path, forward slashes must be escaped using %2F.", 
      "readonly": true, 
      "required": false, 
      "title": "String Path of the enforcement point", 
      "type": "string"
    }, 
    "instance_runtime_statistics": {
      "description": "Statistics for the data NICs for all the runtimes associated with this service instance.", 
      "items": {
        "$ref": "InstanceRuntimeStatistic
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Statistics for all runtimes", 
      "type": "array"
    }, 
    "service_instance_id": {
      "description": "PolicyServiceInsatnce path", 
      "readonly": true, 
      "required": true, 
      "title": "PolicyServiceInstance path", 
      "type": "string"
    }
  }, 
  "title": "Statistics for NICs on PolicyServiceInstance", 
  "type": "object"
}

PolicyServiceProfile (type) 

{
  "description": "Service profile represents specialization of a vendor template.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyServiceProfile", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "attributes": {
      "description": "List of attributes specific to a partner for which the service is created. These attributes are passed on to the partner appliance and are opaque to NSX. If a vendor template exposes configurable parameters, then their values are specified here.", 
      "items": {
        "$ref": "Attribute
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Service profile attributes", 
      "type": "array"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "redirection_action": {
      "description": "The redirection action represents if the packet is exclusively redirected to the service, or if a copy is forwarded to the service. Redirection action is not applicable to guest introspection service.", 
      "enum": [
        "PUNT", 
        "COPY"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Redirection action", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "vendor_template_name": {
      "description": "Name of the vendor template for which this Service Profile is being created.", 
      "readonly": false, 
      "required": true, 
      "title": "Vendor template name", 
      "type": "string"
    }
  }, 
  "title": "Policy Service Profile for a given Service", 
  "type": "object"
}

PolicyServiceProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PolicyServiceProfileListRequestParameters", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Policy Service Profile list request parameters", 
  "type": "object"
}

PolicyServiceProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyServiceProfileListResult", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyServiceProfile
      }, 
      "required": true, 
      "title": "Service Profile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Policy Service Profile List", 
  "type": "object"
}

PolicyServiceReferenceCascadeDeletionParam (type) 

{
  "id": "PolicyServiceReferenceCascadeDeletionParam", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "cascade": {
      "default": false, 
      "required": false, 
      "title": "Flag to cascade delete all children associated with service reference", 
      "type": "boolean"
    }
  }, 
  "title": "Service reference casade delete param", 
  "type": "object"
}

PolicySubAttributes (type) 

{
  "additionalProperties": false, 
  "id": "PolicySubAttributes", 
  "module_id": "PolicyContextProfile", 
  "properties": {
    "datatype": {
      "enum": [
        "STRING"
      ], 
      "required": true, 
      "title": "Datatype for sub attribute", 
      "type": "string"
    }, 
    "key": {
      "enum": [
        "TLS_CIPHER_SUITE", 
        "TLS_VERSION", 
        "CIFS_SMB_VERSION"
      ], 
      "required": true, 
      "title": "Key for sub attribute", 
      "type": "string"
    }, 
    "value": {
      "description": "Multiple sub attribute values can be specified as elements of array.", 
      "items": {
        "type": "string"
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Value for sub attribute key", 
      "type": "array", 
      "uniqueItems": true
    }
  }, 
  "title": "Policy Sub Attributes data holder", 
  "type": "object"
}

PolicyTransportZone (type) 

{
  "description": "Policy manager periodically reads transport zones (TZ) from enforcement point and corresponding read-only intent objects are auto-created.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PolicyTransportZone", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_default": {
      "default": false, 
      "description": "Indicates whether the transport zone is default.", 
      "title": "Indicates whether the transport zone is default", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "nsx_id": {
      "description": "UUID of transport zone on enforcement point.", 
      "readonly": true, 
      "title": "UUID of transport zone on enforcement point", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tz_type": {
      "enum": [
        "OVERLAY_STANDARD", 
        "OVERLAY_ENS", 
        "VLAN_BACKED", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "title": "Type of Transport Zone", 
      "type": "string"
    }
  }, 
  "search_dsl_exclude": true, 
  "title": "Transport Zone", 
  "type": "object"
}

PolicyTransportZoneListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Transport Zone list request parameters", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PolicyTransportZoneListRequestParameters", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

PolicyTransportZoneListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paged Collection of Transport Zone", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PolicyTransportZoneListResult", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyTransportZone
      }, 
      "required": true, 
      "title": "Transport Zone", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Transport Zone", 
  "type": "object"
}

PolicyTunnelDigestAlgorithm (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "The TunnelDigestAlgorithms are used to verify message integrity during tunnel establishment. SHA1 produces 160 bits hash and SHA2_256 produces 256 bit hash.", 
  "enum": [
    "SHA1", 
    "SHA2_256"
  ], 
  "id": "PolicyTunnelDigestAlgorithm", 
  "module_id": "PolicyL3Vpn", 
  "title": "Digest Algorithms used in tunnel establishment", 
  "type": "string"
}

PolicyTunnelEncryptionAlgorithm (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "TunnelEncryption algorithms are used to ensure confidentiality of the messages exchanged during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode (GCM) and is used to provide both confidentiality and data origin authentication.", 
  "enum": [
    "AES_128", 
    "AES_256", 
    "AES_GCM_128", 
    "AES_GCM_192", 
    "AES_GCM_256"
  ], 
  "id": "PolicyTunnelEncryptionAlgorithm", 
  "module_id": "PolicyL3Vpn", 
  "title": "Encryption algorithm used in tunnel", 
  "type": "string"
}

PoolAlgorithm (type) 

{
  "additionalProperties": false, 
  "description": "Load Balancing algorithm chooses a server for each new connection by going through the list of servers in the pool. Currently, following load balancing algorithms are supported with ROUND_ROBIN as the default. ROUND_ROBIN means that a server is selected in a round-robin fashion. The weight would be ignored even if it is configured. WEIGHTED_ROUND_ROBIN means that a server is selected in a weighted round-robin fashion. Default weight of 1 is used if weight is not configured. LEAST_CONNECTION means that a server is selected when it has the least number of connections. The weight would be ignored even if it is configured. Slow start would be enabled by default. WEIGHTED_LEAST_CONNECTION means that a server is selected in a weighted least connection fashion. Default weight of 1 is used if weight is not configured. Slow start would be enabled by default. IP_HASH means that consistent hash is performed on the source IP address of the incoming connection. This ensures that the same client IP address will always reach the same server as long as no server goes down or up. It may be used on the Internet to provide a best-effort stickiness to clients which refuse session cookies.", 
  "enum": [
    "ROUND_ROBIN", 
    "WEIGHTED_ROUND_ROBIN", 
    "LEAST_CONNECTION", 
    "WEIGHTED_LEAST_CONNECTION", 
    "IP_HASH"
  ], 
  "id": "PoolAlgorithm", 
  "module_id": "LoadBalancer", 
  "title": "load balancing algorithm", 
  "type": "string"
}

PoolMember (type) 

{
  "additionalProperties": false, 
  "id": "PoolMember", 
  "module_id": "LoadBalancer", 
  "properties": {
    "admin_state": {
      "$ref": "PoolMemberAdminStateType, 
      "default": "ENABLED", 
      "required": false, 
      "title": "member admin state"
    }, 
    "backup_member": {
      "default": false, 
      "description": "Backup servers are typically configured with a sorry page indicating to the user that the application is currently unavailable. While the pool is active (a specified minimum number of pool members are active) BACKUP members are skipped during server selection. When the pool is inactive, incoming connections are sent to only the BACKUP member(s).", 
      "required": false, 
      "title": "determine whether the pool member is for backup usage", 
      "type": "boolean"
    }, 
    "display_name": {
      "required": false, 
      "title": "pool member name", 
      "type": "string"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "required": true, 
      "title": "pool member IP address"
    }, 
    "max_concurrent_connections": {
      "description": "To ensure members are not overloaded, connections to a member can be capped by the load balancer. When a member reaches this limit, it is skipped during server selection. If it is not specified, it means that connections are unlimited.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "maximum concurrent connection number", 
      "type": "integer"
    }, 
    "port": {
      "$ref": "PortElement, 
      "description": "If port is specified, all connections will be sent to this port. Only single port is supported. If unset, the same port the client connected to will be used, it could be overrode by default_pool_member_port setting in virtual server. The port should not specified for port range case.", 
      "required": false, 
      "title": "pool member port number"
    }, 
    "weight": {
      "default": 1, 
      "description": "Pool member weight is used for WEIGHTED_ROUND_ROBIN balancing algorithm. The weight value would be ignored in other algorithms.", 
      "maximum": 256, 
      "minimum": 1, 
      "required": false, 
      "title": "pool member weight", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

PoolMemberAction (type) 

{
  "additionalProperties": false, 
  "id": "PoolMemberAction", 
  "module_id": "LoadBalancer", 
  "properties": {
    "action": {
      "enum": [
        "ADD_MEMBERS", 
        "REMOVE_MEMBERS", 
        "UPDATE_MEMBERS"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Specifies addition, removal and modification action", 
      "type": "string"
    }
  }, 
  "type": "object"
}

PoolMemberAdminStateType (type) 

{
  "additionalProperties": false, 
  "description": "User can set the admin state of a member to ENABLED or DISABLED or GRACEFUL_DISABLED. By default, when a member is added, it is ENABLED. If a member is set to DISABLED, it is not selected for any new connections. Active connections, however, will continue to be processed by it. New connections with matching persistence entries pointing to DISABLED members are not sent to those DISABLED members. Those connections are assigned to other members of the pool and the corresponding persistence entries are updated to point to the newly selected server. To allow for a more graceful way of taking down servers for maintenance, a routine task, another admin state GRACEFUL_DISABLED is supported. Existing connections to a member in GRACEFUL_DISABLED state continue to be processed.", 
  "enum": [
    "ENABLED", 
    "DISABLED", 
    "GRACEFUL_DISABLED"
  ], 
  "id": "PoolMemberAdminStateType", 
  "module_id": "LoadBalancer", 
  "title": "pool member admin state", 
  "type": "string"
}

PoolMemberGroup (type) 

{
  "additionalProperties": false, 
  "id": "PoolMemberGroup", 
  "module_id": "LoadBalancer", 
  "properties": {
    "customized_members": {
      "description": "The list is used to show the customized pool member settings. User can only user pool member action API to update the admin state for a specific IP address.", 
      "items": {
        "$ref": "PoolMemberSetting
      }, 
      "readonly": false, 
      "title": "List of customized pool member settings", 
      "type": "array"
    }, 
    "grouping_object": {
      "$ref": "ResourceReference, 
      "description": "Load balancer pool support grouping object as dynamic pool members. The IP list of the grouping object such as NSGroup would be used as pool member IP setting.", 
      "required": true, 
      "title": "Grouping object resource reference"
    }, 
    "ip_revision_filter": {
      "default": "IPV4", 
      "description": "Ip revision filter is used to filter IPv4 or IPv6 addresses from the grouping object. If the filter is not specified, both IPv4 and IPv6 addresses would be used as server IPs. The link local and loopback addresses would be always filtered out.", 
      "enum": [
        "IPV4", 
        "IPV6", 
        "IPV4_IPV6"
      ], 
      "required": false, 
      "title": "Filter of ipv4 or ipv6 address of grouping object IP list", 
      "type": "string"
    }, 
    "max_ip_list_size": {
      "description": "The size is used to define the maximum number of grouping object IP address list. These IP addresses would be used as pool members. If the grouping object includes more than certain number of IP addresses, the redundant parts would be ignored and those IP addresses would not be treated as pool members. If the size is not specified, one member is budgeted for this dynamic pool so that the pool has at least one member even if some other dynamic pools grow beyond the capacity of load balancer service. Other members are picked according to available dynamic capacity. The unused members would be set to DISABLED so that the load balancer system itself is not overloaded during runtime.", 
      "maximum": 2147483647, 
      "minimum": 0, 
      "required": false, 
      "title": "Maximum number of grouping object IP address list", 
      "type": "integer"
    }, 
    "port": {
      "description": "If port is specified, all connections will be sent to this port. If unset, the same port the client connected to will be used, it could be overridden by default_pool_member_ports setting in virtual server. The port should not specified for multiple ports case.", 
      "maximum": 65535, 
      "minimum": 1, 
      "required": false, 
      "title": "Pool member port for all IP addresses of the grouping object", 
      "type": "int"
    }
  }, 
  "type": "object"
}

PoolMemberSetting (type) 

{
  "additionalProperties": false, 
  "description": "The setting is used to add, update or remove pool members from pool. For static pool members, admin_state, display_name and weight can be updated. For dynamic pool members, only admin_state can be updated.", 
  "id": "PoolMemberSetting", 
  "module_id": "LoadBalancer", 
  "properties": {
    "admin_state": {
      "$ref": "PoolMemberAdminStateType, 
      "default": "ENABLED", 
      "required": false, 
      "title": "Member admin state"
    }, 
    "display_name": {
      "description": "Only applicable to static pool members. If supplied for a pool defined by a grouping object, update API would fail.", 
      "required": false, 
      "title": "Pool member display name", 
      "type": "string"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "required": true, 
      "title": "Pool member IP address"
    }, 
    "port": {
      "$ref": "PortElement, 
      "required": false, 
      "title": "Pool member port number"
    }, 
    "weight": {
      "description": "Only applicable to static pool members. If supplied for a pool defined by a grouping object, update API would fail.", 
      "maximum": 255, 
      "minimum": 1, 
      "required": false, 
      "title": "Pool member weight", 
      "type": "integer"
    }
  }, 
  "title": "Pool member setting", 
  "type": "object"
}

PoolMemberSettingList (type) 

{
  "additionalProperties": false, 
  "id": "PoolMemberSettingList", 
  "module_id": "LoadBalancer", 
  "properties": {
    "members": {
      "items": {
        "$ref": "PoolMemberSetting
      }, 
      "required": true, 
      "title": "List of pool member settings to be passed to add, update and remove APIs\n", 
      "type": "array"
    }
  }, 
  "title": "List of PoolMemberSetting", 
  "type": "object"
}

PoolUsage (type) 

{
  "additionalProperties": false, 
  "description": "Pool usage statistics in a pool.", 
  "id": "PoolUsage", 
  "module_id": "Ipam", 
  "properties": {
    "allocated_ids": {
      "readonly": true, 
      "title": "Total number of allocated IDs in a pool", 
      "type": "integer"
    }, 
    "free_ids": {
      "readonly": true, 
      "title": "Total number of free IDs in a pool", 
      "type": "integer"
    }, 
    "total_ids": {
      "readonly": true, 
      "title": "Total number of IDs in a pool", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

PortAddressBindingEntry (type) 

{
  "additionalProperties": false, 
  "description": "Detailed information about static address for the port.", 
  "id": "PortAddressBindingEntry", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "ip_address": {
      "description": "IP Address for port binding", 
      "required": false, 
      "title": "IP address", 
      "type": "string"
    }, 
    "mac_address": {
      "$ref": "MACAddress, 
      "description": "Mac address for port binding", 
      "required": false, 
      "title": "MAC address"
    }, 
    "vlan_id": {
      "$ref": "VlanID, 
      "description": "VLAN ID for port binding", 
      "required": false, 
      "title": "VLAN ID"
    }
  }, 
  "title": "Address binding information", 
  "type": "object"
}

PortAttachment (type) 

{
  "additionalProperties": false, 
  "description": "Detail information about port attachment", 
  "id": "PortAttachment", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "allocate_addresses": {
      "description": "Indicate how IP will be allocated for the port", 
      "enum": [
        "IP_POOL", 
        "MAC_POOL", 
        "BOTH", 
        "NONE"
      ], 
      "required": false, 
      "title": "Allocate addresses", 
      "type": "string"
    }, 
    "app_id": {
      "description": "ID used to identify/look up a child attachment behind a parent attachment", 
      "required": false, 
      "title": "App Id", 
      "type": "string"
    }, 
    "context_id": {
      "description": "Parent VIF ID if type is CHILD, Transport node ID if type is INDEPENDENT", 
      "required": false, 
      "title": "Context ID based on the type", 
      "type": "string"
    }, 
    "id": {
      "description": "VIF UUID on NSX Manager. If the attachement type is PARENT, this property is required.", 
      "required": false, 
      "title": "Port attachment ID", 
      "type": "string"
    }, 
    "traffic_tag": {
      "$ref": "VlanID, 
      "description": "Not valid when type is INDEPENDENT, mainly used to identify traffic from different ports in container use case", 
      "required": false, 
      "title": "VLAN ID"
    }, 
    "type": {
      "description": "Type of port attachment, it's an Enum value.", 
      "enum": [
        "PARENT", 
        "CHILD", 
        "INDEPENDENT"
      ], 
      "required": false, 
      "title": "Attachement type", 
      "type": "string"
    }
  }, 
  "title": "Attachment information on the port", 
  "type": "object"
}

PortConnectionBMEntities (type) 

{
  "id": "PortConnectionBMEntities", 
  "module_id": "PortConnection", 
  "properties": {
    "dst_port": {
      "$ref": "LogicalPort, 
      "required": false
    }, 
    "src_port": {
      "$ref": "LogicalPort, 
      "required": false
    }
  }, 
  "title": "Port Connection Bare Metal Entities", 
  "type": "object"
}

PortConnectionContainersEntities (type) 

{
  "id": "PortConnectionContainersEntities", 
  "module_id": "PortConnection", 
  "properties": {
    "logical_ports": {
      "items": {
        "$ref": "LogicalPort
      }, 
      "required": false, 
      "type": "array"
    }
  }, 
  "title": "Port Connection Containers Entities", 
  "type": "object"
}

PortConnectionEdgeNodeGroup (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PortConnectionEntity
  }, 
  "id": "PortConnectionEdgeNodeGroup", 
  "module_id": "PortConnection", 
  "properties": {
    "edge_nodes": {
      "items": {
        "$ref": "TransportNode
      }, 
      "type": "array"
    }, 
    "id": {
      "readonly": true, 
      "required": true, 
      "title": "Resource ID is mapped to this. (ID is Generated for Edge node groups, since resource will be null)", 
      "type": "string"
    }, 
    "logical_router_id": {
      "required": true, 
      "title": "Id of the logical router", 
      "type": "string"
    }, 
    "resource": {
      "$ref": "ManagedResource, 
      "readonly": true, 
      "required": false, 
      "title": "Resource reference with details of the entity"
    }
  }, 
  "title": "Collection of edge nodes backing a logical router", 
  "type": "object"
}

PortConnectionEntities (type) 

{
  "additionalProperties": false, 
  "id": "PortConnectionEntities", 
  "module_id": "PortConnection", 
  "properties": {
    "containers": {
      "$ref": "PortConnectionContainersEntities, 
      "required": true
    }, 
    "edge_node_groups": {
      "items": {
        "$ref": "PortConnectionEdgeNodeGroup
      }, 
      "required": false, 
      "type": "array"
    }, 
    "errors": {
      "items": {
        "$ref": "PortConnectionError
      }, 
      "required": true, 
      "type": "array"
    }, 
    "hypervisors": {
      "items": {
        "$ref": "PortConnectionHypervisor
      }, 
      "required": true, 
      "type": "array"
    }, 
    "logical_switches": {
      "items": {
        "$ref": "PortConnectionLogicalSwitch
      }, 
      "required": true, 
      "type": "array"
    }, 
    "physical_hosts": {
      "$ref": "PortConnectionBMEntities, 
      "require": false
    }, 
    "routers": {
      "items": {
        "$ref": "PortConnectionRouter
      }, 
      "required": false, 
      "type": "array"
    }, 
    "tunnels": {
      "items": {
        "$ref": "PortConnectionTunnel
      }, 
      "required": true, 
      "type": "array"
    }, 
    "vms": {
      "items": {
        "$ref": "VirtualMachine
      }, 
      "required": true, 
      "type": "array"
    }
  }, 
  "title": "Port Connection Entities (to help draw a visual picture of entities between two ports)", 
  "type": "object"
}

PortConnectionEntity (type) 

{
  "additionalProperties": false, 
  "id": "PortConnectionEntity", 
  "module_id": "PortConnection", 
  "properties": {
    "id": {
      "readonly": true, 
      "required": true, 
      "title": "Resource ID is mapped to this. (ID is Generated for Edge node groups, since resource will be null)", 
      "type": "string"
    }, 
    "resource": {
      "$ref": "ManagedResource, 
      "readonly": true, 
      "required": false, 
      "title": "Resource reference with details of the entity"
    }
  }, 
  "title": "Port Connection Entity", 
  "type": "object"
}

PortConnectionError (type) 

{
  "additionalProperties": false, 
  "id": "PortConnectionError", 
  "module_id": "PortConnection", 
  "properties": {
    "entity_type": {
      "type": "string"
    }, 
    "error_details": {
      "type": "object"
    }, 
    "error_summary": {
      "type": "string"
    }
  }, 
  "title": "Errors encountered while fetching entities in the forwarding path", 
  "type": "object"
}

PortConnectionHypervisor (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PortConnectionEntity
  }, 
  "id": "PortConnectionHypervisor", 
  "module_id": "PortConnection", 
  "properties": {
    "id": {
      "readonly": true, 
      "required": true, 
      "title": "Resource ID is mapped to this. (ID is Generated for Edge node groups, since resource will be null)", 
      "type": "string"
    }, 
    "neighbors_list": {
      "items": {
        "$ref": "InterfaceNeighborProperties
      }, 
      "type": "array"
    }, 
    "pnics": {
      "deprecated": true, 
      "items": {
        "$ref": "Pnic
      }, 
      "type": "array"
    }, 
    "pnics_list": {
      "items": {
        "$ref": "NodeInterfaceProperties
      }, 
      "type": "array"
    }, 
    "profiles": {
      "items": {
        "$ref": "BaseHostSwitchProfile
      }, 
      "type": "array"
    }, 
    "resource": {
      "$ref": "ManagedResource, 
      "readonly": true, 
      "required": false, 
      "title": "Resource reference with details of the entity"
    }
  }, 
  "title": "Port Connection Hypervisor/Transport Node Entity", 
  "type": "object"
}

PortConnectionLogicalSwitch (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PortConnectionEntity
  }, 
  "id": "PortConnectionLogicalSwitch", 
  "module_id": "PortConnection", 
  "properties": {
    "id": {
      "readonly": true, 
      "required": true, 
      "title": "Resource ID is mapped to this. (ID is Generated for Edge node groups, since resource will be null)", 
      "type": "string"
    }, 
    "resource": {
      "$ref": "ManagedResource, 
      "readonly": true, 
      "required": false, 
      "title": "Resource reference with details of the entity"
    }, 
    "router_ports": {
      "items": {
        "$ref": "LogicalPort
      }, 
      "readonly": true, 
      "title": "Logical Ports that are attached to a router", 
      "type": "array"
    }, 
    "vm_ports": {
      "items": {
        "$ref": "LogicalPort
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Logical Ports that are attached to a VIF/VM", 
      "type": "array"
    }, 
    "vm_ports_states": {
      "items": {
        "$ref": "LogicalPortState
      }, 
      "readonly": true, 
      "required": true, 
      "title": "States of Logical Ports that are attached to a VIF/VM", 
      "type": "array"
    }, 
    "vm_vnics": {
      "items": {
        "$ref": "VirtualNetworkInterface
      }, 
      "readonly": true, 
      "title": "Virutal Network Interfaces that are attached to the Logical Ports", 
      "type": "array"
    }
  }, 
  "title": "Port Connection Logical Switch Entity", 
  "type": "object"
}

PortConnectionRequestParameters (type) 

{
  "additionalProperties": false, 
  "id": "PortConnectionRequestParameters", 
  "module_id": "PortConnection", 
  "properties": {
    "peer_port_id": {
      "required": true, 
      "title": "ID of peer port", 
      "type": "string"
    }
  }, 
  "title": "Port Connection request parameters", 
  "type": "object"
}

PortConnectionRouter (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PortConnectionEntity
  }, 
  "id": "PortConnectionRouter", 
  "module_id": "PortConnection", 
  "properties": {
    "downlink_ports": {
      "items": {
        "$ref": "LogicalRouterPort
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Downlink ports of the Logical Router.", 
      "type": "array"
    }, 
    "id": {
      "readonly": true, 
      "required": true, 
      "title": "Resource ID is mapped to this. (ID is Generated for Edge node groups, since resource will be null)", 
      "type": "string"
    }, 
    "resource": {
      "$ref": "ManagedResource, 
      "readonly": true, 
      "required": false, 
      "title": "Resource reference with details of the entity"
    }, 
    "uplink_ports": {
      "items": {
        "$ref": "LogicalRouterPort
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Uplink ports of the Logical Router.", 
      "type": "array"
    }
  }, 
  "title": "Port Connection Logical Router Entity", 
  "type": "object"
}

PortConnectionTunnel (type) 

{
  "additionalProperties": false, 
  "id": "PortConnectionTunnel", 
  "module_id": "PortConnection", 
  "properties": {
    "src_node_id": {
      "required": true, 
      "title": "Id of the source transport node", 
      "type": "string"
    }, 
    "tunnel_properties": {
      "$ref": "TunnelProperties, 
      "required": true, 
      "title": "Tunnel properties between the source and the destination transport node"
    }
  }, 
  "title": "Tunnel information between two given transport nodes", 
  "type": "object"
}

PortDiscoveryProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "This entity will be used to establish association between discovery profile and Port. Using this entity, user can specify intent for applying discovery profile to particular Port. Port here is Logical Port.", 
  "extends": {
    "$ref": "DiscoveryProfileBindingMap
  }, 
  "id": "PortDiscoveryProfileBindingMap", 
  "module_id": "PolicyDiscoveryProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_discovery_profile_path": {
      "description": "PolicyPath of associated IP Discovery Profile", 
      "required": false, 
      "title": "IP Discovery Profile Path", 
      "type": "string"
    }, 
    "mac_discovery_profile_path": {
      "description": "PolicyPath of associated Mac Discovery Profile", 
      "required": false, 
      "title": "Mac Discovery Profile Path", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Port Discovery Profile binding map", 
  "type": "object"
}

PortDiscoveryProfileBindingMapListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PortDiscoveryProfileBindingMapListRequestParameters", 
  "module_id": "PolicyDiscoveryProfileBinding", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Port Discovery Profile Binding Map list request parameters", 
  "type": "object"
}

PortDiscoveryProfileBindingMapListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PortDiscoveryProfileBindingMapListResult", 
  "module_id": "PolicyDiscoveryProfileBinding", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PortDiscoveryProfileBindingMap
      }, 
      "required": true, 
      "title": "Port Discovery Profile Binding Map list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Port Discovery Profile Binding Maps", 
  "type": "object"
}

PortElement (type) 

{
  "description": "Examples- Single port \"8080\", Range of ports \"8090-8095\"", 
  "format": "port-or-range", 
  "id": "PortElement", 
  "module_id": "Common", 
  "title": "A port or a port range", 
  "type": "string"
}

PortMirroringFilter (type) 

{
  "id": "PortMirroringFilter", 
  "module_id": "PortMirroring", 
  "properties": {
    "dst_ips": {
      "$ref": "IPAddresses, 
      "description": "Destination IP in the form of IPAddresses, used to match the destination IP of a packet. If not provided, no filtering by destination IPs is performed.", 
      "required": false, 
      "title": "Destination IP used to filter packets"
    }, 
    "dst_ports": {
      "$ref": "PortElement, 
      "description": "Destination port in the form of a port or port range, used to match the destination port of a packet. If not provided, no filtering by destination port is performed.", 
      "required": false, 
      "title": "Destination port or port range used to filter packets"
    }, 
    "filter_action": {
      "default": "MIRROR", 
      "description": "If set to MIRROR, packets will be mirrored. If set to DO_NOT_MIRROR, packets will not be mirrored.", 
      "enum": [
        "MIRROR", 
        "DO_NOT_MIRROR"
      ], 
      "required": false, 
      "title": "Mirror action to filter packets", 
      "type": "string"
    }, 
    "ip_protocol": {
      "description": "The transport protocols of TCP or UDP, used to match the transport protocol of a packet. If not provided, no filtering by IP protocols is performed.", 
      "enum": [
        "TCP", 
        "UDP"
      ], 
      "required": false, 
      "title": "The protocol used to filter packets.", 
      "type": "string"
    }, 
    "src_ips": {
      "$ref": "IPAddresses, 
      "description": "Source IP in the form of IPAddresses, used to match the source IP of a packet. If not provided, no filtering by source IPs is performed.", 
      "required": false, 
      "title": "Source IP used to filter packets"
    }, 
    "src_ports": {
      "$ref": "PortElement, 
      "description": "Source port in the form of a port or port range, used to match the source port of a packet. If not provided, no filtering by source port is performed.", 
      "required": false, 
      "title": "Source port or port range used to filter packets"
    }
  }, 
  "type": "object"
}

PortMirroringProfile (type) 

{
  "additionalProperties": false, 
  "description": "Mirrors Data from source to destination", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PortMirroringProfile", 
  "module_id": "PolicyPortMirroring", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destination_group": {
      "description": "Data from source group will be copied to members of destination group. Only IPSET group and group with membership criteria VM is supported. IPSET group allows only three ip's.", 
      "required": true, 
      "title": "Destination group path", 
      "type": "string"
    }, 
    "direction": {
      "default": "BIDIRECTIONAL", 
      "description": "Port mirroring profile direction", 
      "enum": [
        "INGRESS", 
        "EGRESS", 
        "BIDIRECTIONAL"
      ], 
      "title": "Direction", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "encapsulation_type": {
      "default": "GRE", 
      "description": "User can provide Mirror Destination type e.g GRE, ERSPAN_TWO or ERSPAN_THREE.If profile type is REMOTE_L3_SPAN, encapsulation type is used else ignored.", 
      "enum": [
        "GRE", 
        "ERSPAN_TWO", 
        "ERSPAN_THREE"
      ], 
      "required": false, 
      "title": "Mirror Destination encapsulation type", 
      "type": "string"
    }, 
    "erspan_id": {
      "default": 0, 
      "description": "Used by physical switch for the mirror traffic forwarding. Must be provided and only effective when encapsulation type is ERSPAN type II or type III.", 
      "maximum": 1023, 
      "minimum": 0, 
      "required": false, 
      "title": "ERSPAN session id", 
      "type": "int"
    }, 
    "gre_key": {
      "default": 0, 
      "description": "User-configurable 32-bit key only for GRE", 
      "minimum": 0, 
      "required": false, 
      "title": "GRE encapsulation key", 
      "type": "int"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "profile_type": {
      "default": "REMOTE_L3_SPAN", 
      "description": "Allows user to select type of port mirroring session.", 
      "enum": [
        "REMOTE_L3_SPAN", 
        "LOGICAL_SPAN"
      ], 
      "required": false, 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "snap_length": {
      "description": "If this property is set, the packet will be truncated to the provided length. If this property is unset, entire packet will be mirrored.", 
      "maximum": 65535, 
      "minimum": 60, 
      "required": false, 
      "title": "Maximum packet length for packet truncation", 
      "type": "int"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Mirrors Data from source to destination", 
  "type": "object"
}

PortMirroringProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "PortMirroringProfileListRequestParameters", 
  "module_id": "PolicyPortMirroring", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Port mirroring profile request parameters", 
  "type": "object"
}

PortMirroringProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PortMirroringProfileListResult", 
  "module_id": "PolicyPortMirroring", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PortMirroringProfile
      }, 
      "required": true, 
      "title": "Port Mirroring Profiles list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of port mirroring profiles", 
  "type": "object"
}

PortMirroringSession (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "PortMirroringSession", 
  "module_id": "PortMirroring", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "direction": {
      "$ref": "DirectionType, 
      "required": true, 
      "title": "Port mirroring session direction"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "encapsulation_vlan_id": {
      "$ref": "VlanID, 
      "description": "Only for Remote SPAN Port Mirror.", 
      "required": false, 
      "title": "Encapsulation VLAN ID"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "mirror_destination": {
      "$ref": "MirrorDestination, 
      "required": true, 
      "title": "Mirror destination"
    }, 
    "mirror_sources": {
      "items": {
        "$ref": "MirrorSource
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Mirror sources", 
      "type": "array"
    }, 
    "port_mirroring_filters": {
      "description": "An array of 5-tuples used to filter packets for the mirror session, if not provided, all the packets will be mirrored.", 
      "items": {
        "$ref": "PortMirroringFilter
      }, 
      "required": false, 
      "title": "Port mirror filter for this session", 
      "type": "array"
    }, 
    "preserve_original_vlan": {
      "default": false, 
      "required": false, 
      "title": "Only for Remote SPAN Port Mirror. Whether to preserve original VLAN.", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "session_type": {
      "$ref": "PortMirroringSessionType, 
      "default": "LocalPortMirrorSession", 
      "description": "If this property is unset, this session will be treated as LocalPortMirrorSession.", 
      "required": false, 
      "title": "Port mirroring session type"
    }, 
    "snap_length": {
      "description": "If this property is set, the packet will be truncated to the provided length. If this property is unset, entire packet will be mirrored.", 
      "maximum": 65535, 
      "minimum": 60, 
      "required": false, 
      "title": "Maximum packet length for packet truncation", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

PortMirroringSessionListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PortMirroringSessionListResult", 
  "module_id": "PortMirroring", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PortMirroringSession
      }, 
      "readonly": true, 
      "title": "Port mirroring session results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Mirror session queries result", 
  "type": "object"
}

PortMirroringSessionType (type) 

{
  "additionalProperties": false, 
  "description": "PortMirroringSession is the configuration instance of port mirroring, you can create different types of PortMirroringSession with different mirror source and mirror destination. Each port mirror session type has its own mirror source and mirror destination pair. LocalPortMirrorSession include LogicalPortMirrorSession and UplinkPortMirrorSession. You can create multiple mirror sessions of same parent type by one API call. LogicalPortMirrorSession   - source[LogicalPortMirrorSource] destination[LogicalPortMirrorDestination] UplinkPortMirrorSession   - source[PnicMirrorSource] destination[LogicalPortMirrorDestination] RspanSrcMirrorSession   - source[LogicalPortMirrorSource] destination[PnicMirrorDestination] RspanDstMirrorSession   - source[VlanMirrorSource] destination[LogicalPortMirrorDestination] LogicalLocalPortMirrorSession   - source[LogicalPortMirrorSource] destination[LogicalPortMirrorDestination] L3PortMirrorSession   - source[LogicalPortMirrorSource or LogicalSwitchMirrorSource] destination[IPMirrorDestination]", 
  "enum": [
    "LogicalPortMirrorSession", 
    "UplinkPortMirrorSession", 
    "RspanSrcMirrorSession", 
    "RspanDstMirrorSession", 
    "LocalPortMirrorSession", 
    "LogicalLocalPortMirrorSession", 
    "L3PortMirrorSession"
  ], 
  "id": "PortMirroringSessionType", 
  "module_id": "PortMirroring", 
  "title": "Resource types of mirror session", 
  "type": "string"
}

PortMirroringSwitchingProfile (type) (Deprecated) 

{
  "deprecated": true, 
  "extends": {
    "$ref": "BaseSwitchingProfile
  }, 
  "id": "PortMirroringSwitchingProfile", 
  "module_id": "PortMirroringSwitchingProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "PortMirroringSwitchingProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destinations": {
      "items": {
        "$ref": "IPAddress
      }, 
      "maxItems": 3, 
      "title": "List of destination addresses", 
      "type": "array"
    }, 
    "direction": {
      "$ref": "DirectionType
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "key": {
      "required": false, 
      "title": "User-configurable 32-bit key", 
      "type": "integer"
    }, 
    "required_capabilities": {
      "help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "resource_type": {
      "help_summary": "Possible values are 'QosSwitchingProfile', 'PortMirroringSwitchingProfile',\n'IpDiscoverySwitchingProfile', 'MacManagementSwitchingProfile', 'SpoofGuardSwitchingProfile' and 'SwitchSecuritySwitchingProfile'\n'PortMirroringSwitchingProfile' is deprecated, please turn to\n\"Troubleshooting And Monitoring: Portmirroring\" and use\nPortMirroringSession API for port mirror function.\n", 
      "required": true, 
      "type": "string"
    }, 
    "snap_length": {
      "description": "If this property not set, original package will not be truncated.", 
      "maximum": 65535, 
      "minimum": 60, 
      "required": false, 
      "title": "Snap length for package truncation", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

PortMonitoringProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "This entity will be used to establish association between monitoring profile and Port. Using this entity, user can specify intent for applying monitoring profile to particular Port. Port here is Segment Port.", 
  "extends": {
    "$ref": "MonitoringProfileBindingMap
  }, 
  "id": "PortMonitoringProfileBindingMap", 
  "module_id": "PolicyMonitoringProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipfix_l2_profile_path": {
      "description": "PolicyPath of associated IPFIX L2 Profile", 
      "required": false, 
      "title": "IPFIX L2 Profile Path", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "port_mirroring_profile_path": {
      "description": "PolicyPath of associated Port Mirroring Profile", 
      "required": false, 
      "title": "Port Mirroring Profile Path", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Port Monitoring Profile binding map", 
  "type": "object"
}

PortMonitoringProfileBindingMapListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PortMonitoringProfileBindingMapListRequestParameters", 
  "module_id": "PolicyMonitoringProfileBinding", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Port Monitoring Profile Binding Map list request parameters", 
  "type": "object"
}

PortMonitoringProfileBindingMapListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PortMonitoringProfileBindingMapListResult", 
  "module_id": "PolicyMonitoringProfileBinding", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PortMonitoringProfileBindingMap
      }, 
      "required": true, 
      "title": "Port Monitoring Profile Binding Map list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Port Monitoring Profile Binding Maps", 
  "type": "object"
}

PortQoSProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "This entity will be used to establish association between qos profile and Port. Using this entity, you can  specify intent for applying qos profile to particular Port. Port here is Segment Port.", 
  "extends": {
    "$ref": "QoSProfileBindingMap
  }, 
  "id": "PortQoSProfileBindingMap", 
  "module_id": "PolicyQoSProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "qos_profile_path": {
      "description": "PolicyPath of associated  QoS Profile", 
      "required": false, 
      "title": "QoS Profile Path", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "search_dsl_name": [
    "port qos profile binding map"
  ], 
  "title": "Port QoS Profile binding map", 
  "type": "object"
}

PortQoSProfileBindingMapListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "PortQoSProfileBindingMapListRequestParameters", 
  "module_id": "PolicyQoSProfileBinding", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Port QoS Profile Binding Map list request parameters", 
  "type": "object"
}

PortQoSProfileBindingMapListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PortQoSProfileBindingMapListResult", 
  "module_id": "PolicyQoSProfileBinding", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PortQoSProfileBindingMap
      }, 
      "required": true, 
      "title": "Port QoS Profile Binding Map list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Port QoS Profile Binding Maps", 
  "type": "object"
}

PortSecurityProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Contains the binding relationship between port and security profile.", 
  "extends": {
    "$ref": "SecurityProfileBindingMap
  }, 
  "id": "PortSecurityProfileBindingMap", 
  "module_id": "PolicySecurityProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "segment_security_profile_path": {
      "description": "The policy path of the asscociated Segment Security profile", 
      "required": false, 
      "title": "Segment Security Profile Path", 
      "type": "string"
    }, 
    "spoofguard_profile_path": {
      "description": "The policy path of the asscociated SpoofGuard profile", 
      "required": false, 
      "title": "SpoofGuard Profile Path", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Security profile binding map for port", 
  "type": "object"
}

PortSecurityProfileBindingMapListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "PortSecurityProfileBindingMapListRequestParameters", 
  "module_id": "PolicySecurityProfileBinding", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Port security profile binding map request parameters", 
  "type": "object"
}

PortSecurityProfileBindingMapListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PortSecurityProfileBindingMapListResult", 
  "module_id": "PolicySecurityProfileBinding", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PortSecurityProfileBindingMap
      }, 
      "required": true, 
      "title": "Port security profile binding map list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of port security profile binding maps", 
  "type": "object"
}

PortStatus (type) 

{
  "additionalProperties": false, 
  "id": "PortStatus", 
  "properties": {
    "enabled": {
      "required": true, 
      "title": "indicates if the RabbitMQ management port is set or not", 
      "type": "boolean"
    }
  }, 
  "title": "indicates if the RabbitMQ management port is set or not", 
  "type": "object"
}

PreconfiguredEndpoint (type) 

{
  "id": "PreconfiguredEndpoint", 
  "module_id": "TransportNode", 
  "properties": {
    "device_name": {
      "readonly": false, 
      "required": true, 
      "title": "Name of the virtual tunnel endpoint", 
      "type": "string"
    }
  }, 
  "title": "Tunnel endpoint configuration of preconfigured host switch", 
  "type": "object"
}

PreconfiguredHostSwitch (type) 

{
  "description": "Preconfigured host switch is used for manually configured transport node.", 
  "id": "PreconfiguredHostSwitch", 
  "module_id": "TransportNode", 
  "properties": {
    "endpoints": {
      "items": {
        "$ref": "PreconfiguredEndpoint
      }, 
      "maxItems": 1, 
      "required": false, 
      "title": "List of virtual tunnel endpoints which are preconfigured on this host switch", 
      "type": "array"
    }, 
    "host_switch_id": {
      "readonly": false, 
      "required": true, 
      "title": "External Id of the preconfigured host switch.", 
      "type": "string"
    }
  }, 
  "title": "Preconfigured host switch", 
  "type": "object"
}

PreconfiguredHostSwitchSpec (type) 

{
  "description": "Preconfigured host switch specification is used for manually configured transport node. It is user's responsibility to ensure correct configuration is provided to NSX. This type is only valid for supported KVM fabric nodes.", 
  "extends": {
    "$ref": "HostSwitchSpec
  }, 
  "id": "PreconfiguredHostSwitchSpec", 
  "module_id": "TransportNode", 
  "polymorphic-type-descriptor": {
    "type-identifier": "PreconfiguredHostSwitchSpec"
  }, 
  "properties": {
    "host_switches": {
      "items": {
        "$ref": "PreconfiguredHostSwitch
      }, 
      "maxItems": 1, 
      "required": true, 
      "title": "Preconfigured Transport Node host switches", 
      "type": "array"
    }, 
    "resource_type": {
      "enum": [
        "StandardHostSwitchSpec", 
        "PreconfiguredHostSwitchSpec"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "Specification of transport node preconfigured host switch", 
  "type": "object"
}

PrefixConfig (type) 

{
  "additionalProperties": false, 
  "id": "PrefixConfig", 
  "module_id": "Routing", 
  "properties": {
    "action": {
      "$ref": "RoutingFilterAction, 
      "required": true, 
      "title": "Action for the IPPrefix"
    }, 
    "ge": {
      "maximum": 128, 
      "minimum": 1, 
      "required": false, 
      "title": "Greater than or equal to", 
      "type": "integer"
    }, 
    "le": {
      "maximum": 128, 
      "minimum": 1, 
      "required": false, 
      "title": "Less than or equal to", 
      "type": "integer"
    }, 
    "network": {
      "$ref": "IPCIDRBlock, 
      "description": "If absent, the action applies to all addresses.", 
      "required": false, 
      "title": "CIDR"
    }
  }, 
  "type": "object"
}

PrefixEntry (type) 

{
  "additionalProperties": false, 
  "id": "PrefixEntry", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "action": {
      "default": "PERMIT", 
      "description": "Action for the prefix list.", 
      "enum": [
        "PERMIT", 
        "DENY"
      ], 
      "required": false, 
      "title": "Action for the prefix list", 
      "type": "string"
    }, 
    "ge": {
      "description": "Prefix length greater than or equal to.", 
      "maximum": 128, 
      "minimum": 1, 
      "title": "Prefix length greater than or equal to", 
      "type": "int"
    }, 
    "le": {
      "description": "Prefix length less than or equal to.", 
      "maximum": 128, 
      "minimum": 1, 
      "title": "Prefix length less than or equal to", 
      "type": "int"
    }, 
    "network": {
      "description": "Network prefix in CIDR format. \"ANY\" matches all networks.", 
      "required": true, 
      "title": "Network prefix in CIDR format", 
      "type": "string"
    }
  }, 
  "title": "Network prefix entry", 
  "type": "object"
}

PrefixList (type) 

{
  "additionalProperties": false, 
  "description": "A named list of prefixes for routing purposes.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "PrefixList", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "prefixes": {
      "description": "Specify ordered list of network prefixes.", 
      "items": {
        "$ref": "PrefixEntry
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Ordered list of network prefixes", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "A named list of prefixes for routing purposes", 
  "type": "object"
}

PrefixListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "PrefixListRequestParameters", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "PrefixList request parameters", 
  "type": "object"
}

PrefixListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PrefixListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PrefixList
      }, 
      "required": true, 
      "title": "PrefixList results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of PrefixLists", 
  "type": "object"
}

Principal (type) 

{
  "additionalProperties": false, 
  "id": "Principal", 
  "module_id": "CertificateManager", 
  "properties": {
    "attributes": {
      "description": "Certificate list", 
      "items": {
        "$ref": "KeyValue
      }, 
      "readonly": false, 
      "required": true, 
      "type": "array"
    }
  }, 
  "type": "object"
}

PrincipalIdentity (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "PrincipalIdentity", 
  "module_id": "CertificateManager", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "certificate_id": {
      "description": "Id of the stored certificate. When used with the deprecated POST /trust-management/principal-identities API this field is required.", 
      "readonly": false, 
      "required": false, 
      "title": "Id of the stored certificate", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_protected": {
      "description": "Indicator whether the entities created by this principal should be protected", 
      "readonly": false, 
      "required": false, 
      "title": "Protection indicator", 
      "type": "boolean"
    }, 
    "name": {
      "description": "Name of the principal", 
      "maxLength": 255, 
      "pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$", 
      "readonly": false, 
      "required": true, 
      "title": "Name", 
      "type": "string"
    }, 
    "node_id": {
      "description": "Unique node-id of a principal", 
      "maxLength": 255, 
      "pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$", 
      "readonly": false, 
      "required": true, 
      "title": "Unique node-id", 
      "type": "string"
    }, 
    "permission_group": {
      "$ref": "UserGroupType, 
      "deprecated": true, 
      "description": "Use the 'role' field instead and pass in 'auditor' for read_only_api_users or 'enterprise_admin' for the others.", 
      "readonly": false, 
      "required": false, 
      "title": "permission group"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "role": {
      "pattern": "^[a-zA-Z]+(_?[a-zA-Z]+)*$", 
      "readonly": false, 
      "required": false, 
      "title": "Role", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

PrincipalIdentityList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "PrincipalIdentityList", 
  "module_id": "CertificateManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "PrincipalIdentity list", 
      "items": {
        "$ref": "PrincipalIdentity
      }, 
      "readonly": false, 
      "required": true, 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "PrincipalIdentity query result", 
  "type": "object"
}

PrincipalIdentityWithCertificate (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PrincipalIdentity
  }, 
  "id": "PrincipalIdentityWithCertificate", 
  "module_id": "CertificateManager", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "certificate_id": {
      "description": "Id of the stored certificate. When used with the deprecated POST /trust-management/principal-identities API this field is required.", 
      "readonly": false, 
      "required": false, 
      "title": "Id of the stored certificate", 
      "type": "string"
    }, 
    "certificate_pem": {
      "description": "PEM encoding of the new certificate", 
      "readonly": false, 
      "required": true, 
      "title": "PEM encoding of the new certificate", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_protected": {
      "description": "Indicator whether the entities created by this principal should be protected", 
      "readonly": false, 
      "required": false, 
      "title": "Protection indicator", 
      "type": "boolean"
    }, 
    "name": {
      "description": "Name of the principal", 
      "maxLength": 255, 
      "pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$", 
      "readonly": false, 
      "required": true, 
      "title": "Name", 
      "type": "string"
    }, 
    "node_id": {
      "description": "Unique node-id of a principal", 
      "maxLength": 255, 
      "pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$", 
      "readonly": false, 
      "required": true, 
      "title": "Unique node-id", 
      "type": "string"
    }, 
    "permission_group": {
      "$ref": "UserGroupType, 
      "deprecated": true, 
      "description": "Use the 'role' field instead and pass in 'auditor' for read_only_api_users or 'enterprise_admin' for the others.", 
      "readonly": false, 
      "required": false, 
      "title": "permission group"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "role": {
      "pattern": "^[a-zA-Z]+(_?[a-zA-Z]+)*$", 
      "readonly": false, 
      "required": false, 
      "title": "Role", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

ProfileBindingListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "ProfileBindingListRequestParameters", 
  "module_id": "PolicyProfile", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Profile binding map list request parameters", 
  "type": "object"
}

ProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "This entity will be used to establish association between profile and policy entities.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "ProfileBindingMap", 
  "module_id": "PolicyProfile", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "profile_path": {
      "description": "PolicyPath of associated Profile", 
      "required": true, 
      "title": "Profile Path", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Policy base profile binding map", 
  "type": "object"
}

ProfileSupportedAttributesListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "ProfileSupportedAttributesListRequestParameters", 
  "module_id": "PolicyContextProfile", 
  "properties": {
    "attribute_key": {
      "description": "It fetches attributes and subattributes for the given attribute key supported in the system which can be used for Policy Context Profile creation.", 
      "required": false, 
      "title": "Fetch attributes and sub-attributes for the given attribute key", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Profile Attributes list request parameters.", 
  "type": "object"
}

ProfileType (type) 

{
  "enum": [
    "FirewallSessionTimerProfile", 
    "FirewallCpuMemThresholdsProfile", 
    "GiServiceProfile", 
    "FirewallFloodProtectionProfile", 
    "FirewallDnsProfile"
  ], 
  "id": "ProfileType", 
  "module_id": "Common", 
  "title": "Profile type of the ServiceConfig", 
  "type": "string"
}

PropertyItem (type) 

{
  "additionalProperties": false, 
  "description": "Represents a label-value pair.", 
  "id": "PropertyItem", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "condition": {
      "description": "If the condition is met then the property will be displayed. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.", 
      "maxLength": 1024, 
      "title": "Expression for evaluating condition", 
      "type": "string"
    }, 
    "field": {
      "description": "Represents field value of the property.", 
      "maxLength": 1024, 
      "required": true, 
      "title": "Field of the Property", 
      "type": "string"
    }, 
    "heading": {
      "default": false, 
      "description": "Set to true if the field is a heading. Default is false.", 
      "title": "If true, represents the field as a heading", 
      "type": "boolean"
    }, 
    "label": {
      "$ref": "Label, 
      "description": "If a field represents a heading, then label is not needed", 
      "title": "Label of the property"
    }, 
    "render_configuration": {
      "description": "Render configuration to be applied, if any.", 
      "items": {
        "$ref": "RenderConfiguration
      }, 
      "title": "Render Configuration", 
      "type": "array"
    }, 
    "separator": {
      "default": false, 
      "description": "If true, separates this property in a widget.", 
      "title": "A separator after this property", 
      "type": "boolean"
    }, 
    "type": {
      "default": "String", 
      "description": "Data type of the field.", 
      "enum": [
        "String", 
        "Number", 
        "Date", 
        "Url"
      ], 
      "maxLength": 255, 
      "required": true, 
      "title": "field data type", 
      "type": "string"
    }
  }, 
  "title": "LabelValue Property", 
  "type": "object"
}

Protocol (type) 

{
  "abstract": true, 
  "additionalProperties": {}, 
  "id": "Protocol", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "name"
  }, 
  "properties": {
    "name": {
      "enum": [
        "http", 
        "https", 
        "scp", 
        "sftp"
      ], 
      "required": true, 
      "title": "Protocol name", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ProtocolVersion (type) 

{
  "additionalProperties": false, 
  "id": "ProtocolVersion", 
  "properties": {
    "enabled": {
      "required": true, 
      "title": "Enable status for this protocol version", 
      "type": "boolean"
    }, 
    "name": {
      "required": true, 
      "title": "Name of the TLS protocol version", 
      "type": "string"
    }
  }, 
  "title": "TLS protocol version", 
  "type": "object"
}

Proxy (type) 

{
  "description": "Type to define the Proxy configuration.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "Proxy", 
  "module_id": "ProxyConfig", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "description": "Flag to indicate if proxy is enabled. When set to true, a scheme, host and port must be provided.", 
      "required": true, 
      "title": "Flag to indicate if proxy is enabled.", 
      "type": "boolean"
    }, 
    "host": {
      "description": "Specify the fully qualified domain name, or ip address, of the proxy server.", 
      "format": "hostname-or-ip", 
      "required": false, 
      "title": "FQDN or IP address of the proxy server", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "password": {
      "description": "Specify the password used to authenticate with the proxy server, if required.", 
      "required": false, 
      "sensitive": true, 
      "title": "Password", 
      "type": "string"
    }, 
    "port": {
      "description": "Specify the port of the proxy server.", 
      "required": false, 
      "title": "Configured port for proxy", 
      "type": "int"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "scheme": {
      "description": "The scheme accepted by the proxy server. Specify one of HTTP and HTTPS.", 
      "enum": [
        "HTTP", 
        "HTTPS"
      ], 
      "required": false, 
      "title": "The scheme accepted by the proxy server", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "username": {
      "description": "Specify the user name used to authenticate with the proxy server, if required.", 
      "required": false, 
      "title": "User name", 
      "type": "string"
    }
  }, 
  "title": "Proxy Configuration", 
  "type": "object"
}

ProxyServerProfileInfo (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ProxyServerProfileInfo", 
  "module_id": "ProxyServerProfile", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "host": {
      "description": "IP Address or name of the proxy server.", 
      "format": "hostname-or-ip", 
      "required": true, 
      "title": "IP Address or name of the proxy server", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_default": {
      "default": false, 
      "description": "Flag which decides whether current proxy server profile is default or not.", 
      "required": false, 
      "title": "Flag to decide default proxy profile", 
      "type": "boolean"
    }, 
    "password": {
      "description": "The Password for the proxy server.", 
      "required": false, 
      "sensitive": true, 
      "title": "Password of the proxy server", 
      "type": "string"
    }, 
    "port": {
      "description": "The port of the proxy server.", 
      "required": true, 
      "title": "Port of the proxy server", 
      "type": "integer"
    }, 
    "profilename": {
      "description": "The name of proxy profile.", 
      "required": true, 
      "title": "Name of the proxy profile", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tls_certificate": {
      "description": "If proxy server is using TLS certificate for secure communication. In that case, certificate of Proxy Server is required.", 
      "required": false, 
      "title": "TLS certificate of Proxy Server", 
      "type": "string"
    }, 
    "username": {
      "description": "The username for the proxy server.", 
      "required": false, 
      "title": "Username of the proxy server", 
      "type": "string"
    }
  }, 
  "title": "Proxy Server Profile Information", 
  "type": "object"
}

ProxyServerProfilesListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ProxyServerProfilesListResult", 
  "module_id": "ProxyServerProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ProxyServerProfileInfo
      }, 
      "required": false, 
      "title": "Proxy Server Profile list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Proxy Server Profiles list", 
  "type": "object"
}

PublicCloudGatewayNode (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "EdgeNode
  }, 
  "id": "PublicCloudGatewayNode", 
  "module_id": "FabricNode", 
  "nsx_feature": "PublicCloud", 
  "polymorphic-type-descriptor": {
    "type-identifier": "PublicCloudGatewayNode"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "allocation_list": {
      "description": "List of logical router ids to which this edge node is allocated.", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Allocation list", 
      "type": "array"
    }, 
    "deployment_config": {
      "$ref": "EdgeNodeDeploymentConfig, 
      "description": "When this configuration is specified, edge fabric node of deployment_type VIRTUAL_MACHINE will be deployed and registered with MP.", 
      "required": false, 
      "title": "Config for automatic deployment of edge node virtual machine."
    }, 
    "deployment_type": {
      "$ref": "EdgeDeploymentType, 
      "readonly": true, 
      "required": false
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "discovered_ip_addresses": {
      "items": {
        "$ref": "IPAddress
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Discovered IP Addresses of the fabric node, version 4 or 6", 
      "type": "array"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "required": false, 
      "title": "ID of the Node maintained on the Node and used to recognize the Node", 
      "type": "string"
    }, 
    "fqdn": {
      "readonly": true, 
      "required": false, 
      "title": "Fully qualified domain name of the fabric node", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_addresses": {
      "description": "IP Addresses of the Node, version 4 or 6. This property is mandatory for all nodes except for automatic deployment of edge virtual machine node. For automatic deployment, the ip address from management_port_subnets property will be considered.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "required": false, 
      "title": "IP Addresses of the Node, version 4 or 6", 
      "type": "array"
    }, 
    "node_settings": {
      "$ref": "EdgeNodeSettings, 
      "description": "Reports the current configuration of the SSH, DHS, NTP and host name on this edge node. The deployment_config property is used during deployment and this counterpart property shows current values.", 
      "required": false, 
      "title": "Current configuration on edge node."
    }, 
    "resource_type": {
      "help_summary": "Possible values are 'HostNode', 'EdgeNode', 'PublicCloudGatewayNode'", 
      "required": true, 
      "title": "Fabric node type, for example 'HostNode', 'EdgeNode' or 'PublicCloudGatewayNode'", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

QoSBaseRateLimiter (type) 

{
  "abstract": true, 
  "id": "QoSBaseRateLimiter", 
  "module_id": "PolicyQoS", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "enabled": {
      "required": true, 
      "type": "boolean"
    }, 
    "resource_type": {
      "default": "IngressRateLimiter", 
      "description": "Type rate limiter", 
      "enum": [
        "IngressRateLimiter", 
        "IngressBroadcastRateLimiter", 
        "EgressRateLimiter"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "A Limiter configuration entry that specifies type and metrics", 
  "type": "object"
}

QoSDscp (type) 

{
  "description": "Dscp value is ignored in case of 'TRUSTED' DscpTrustMode.", 
  "id": "QoSDscp", 
  "module_id": "PolicyQoS", 
  "properties": {
    "mode": {
      "$ref": "DscpTrustMode
    }, 
    "priority": {
      "default": 0, 
      "maximum": 63, 
      "minimum": 0, 
      "title": "Internal Forwarding Priority", 
      "type": "int"
    }
  }, 
  "required": true, 
  "title": "One of QoS or Encapsulated-Remote-Switched-Port-Analyzer", 
  "type": "object"
}

QoSProfile (type) 

{
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "QoSProfile", 
  "module_id": "PolicyQoS", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "class_of_service": {
      "default": 0, 
      "description": "Class of service groups similar types of traffic in the network and each type of traffic is treated as a class with its own level of service priority. The lower priority traffic is slowed down or in some cases dropped to provide better throughput for higher priority traffic.", 
      "maximum": 7, 
      "minimum": 0, 
      "title": "Class of service", 
      "type": "int"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "dscp": {
      "$ref": "QoSDscp
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "shaper_configurations": {
      "description": "Array of Rate limiter configurations to applied on Segment or Port.", 
      "items": {
        "$ref": "QoSBaseRateLimiter
      }, 
      "maxItems": 3, 
      "minItems": 0, 
      "required": false, 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "search_dsl_name": [
    "qos segment profile"
  ], 
  "type": "object"
}

QoSProfileBindingMap (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "QoSProfileBindingMap", 
  "module_id": "PolicyQoSProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Base QoS Profile Binding Map", 
  "type": "object"
}

QoSProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "QoSProfileListRequestParameters", 
  "module_id": "PolicyQoS", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "QoS Profile request parameters", 
  "type": "object"
}

QoSProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "QoSProfileListResult", 
  "module_id": "PolicyQoS", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "QoSProfile
      }, 
      "required": true, 
      "title": "QoS profiles list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of QoS profiles", 
  "type": "object"
}

QosBaseRateShaper (type) 

{
  "abstract": true, 
  "id": "QosBaseRateShaper", 
  "module_id": "QosSwitchingProfile", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "enabled": {
      "required": true, 
      "type": "boolean"
    }, 
    "resource_type": {
      "default": "IngressRateShaper", 
      "enum": [
        "IngressRateShaper", 
        "IngressBroadcastRateShaper", 
        "EgressRateShaper"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "A shaper configuration entry that specifies type and metrics", 
  "type": "object"
}

QosSwitchingProfile (type) 

{
  "extends": {
    "$ref": "BaseSwitchingProfile
  }, 
  "id": "QosSwitchingProfile", 
  "module_id": "QosSwitchingProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "QosSwitchingProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "class_of_service": {
      "default": 0, 
      "maximum": 7, 
      "minimum": 0, 
      "title": "Class of service", 
      "type": "int"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "dscp": {
      "$ref": "Dscp
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "required_capabilities": {
      "help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "resource_type": {
      "help_summary": "Possible values are 'QosSwitchingProfile', 'PortMirroringSwitchingProfile',\n'IpDiscoverySwitchingProfile', 'MacManagementSwitchingProfile', 'SpoofGuardSwitchingProfile' and 'SwitchSecuritySwitchingProfile'\n'PortMirroringSwitchingProfile' is deprecated, please turn to\n\"Troubleshooting And Monitoring: Portmirroring\" and use\nPortMirroringSession API for port mirror function.\n", 
      "required": true, 
      "type": "string"
    }, 
    "shaper_configuration": {
      "items": {
        "$ref": "QosBaseRateShaper
      }, 
      "maxItems": 3, 
      "minItems": 0, 
      "required": false, 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

QueryTunnelParameters (type) 

{
  "extends": {
    "$ref": "ListWithDataSourceParameters
  }, 
  "id": "QueryTunnelParameters", 
  "module_id": "Tunnel", 
  "properties": {
    "bfd_diagnostic_code": {
      "enum": [
        "0", 
        "NO_DIAGNOSTIC", 
        "1", 
        "CONTROL_DETECTION_TIME_EXPIRED", 
        "2", 
        "ECHO_FUNCTION_FAILED", 
        "3", 
        "NEIGHBOR_SIGNALED_SESSION_DOWN", 
        "4", 
        "FORWARDING_PLANE_RESET", 
        "5", 
        "PATH_DOWN", 
        "6", 
        "CONCATENATED_PATH_DOWN", 
        "7", 
        "ADMINISTRATIVELY_DOWN", 
        "8", 
        "REVERSE_CONCATENATED_PATH_DOWN"
      ], 
      "title": "BFD diagnostic code of Tunnel as defined in RFC 5880", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "remote_node_id": {
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }, 
    "status": {
      "enum": [
        "UP", 
        "DOWN"
      ], 
      "title": "Tunnel status", 
      "type": "string"
    }
  }, 
  "type": "object"
}

RAConfig (type) 

{
  "additionalProperties": false, 
  "id": "RAConfig", 
  "module_id": "Routing", 
  "properties": {
    "hop_limit": {
      "default": 64, 
      "description": "The maximum number of hops through which packets can pass before being discarded.", 
      "maximum": 255, 
      "minimum": 0, 
      "required": false, 
      "title": "Hop limit", 
      "type": "integer"
    }, 
    "prefix_lifetime": {
      "default": 2592000, 
      "description": "The time interval in seconds, in which the prefix is advertised as valid.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Lifetime of prefix", 
      "type": "integer"
    }, 
    "prefix_preferred_time": {
      "default": 604800, 
      "description": "The time interval in seconds, in which the prefix is advertised as preferred.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Prefix preferred time", 
      "type": "integer"
    }, 
    "ra_interval": {
      "default": 600, 
      "description": "Interval between 2 Router advertisement in seconds.", 
      "maximum": 1800, 
      "minimum": 4, 
      "required": false, 
      "title": "RA interval", 
      "type": "integer"
    }, 
    "router_lifetime": {
      "default": 1800, 
      "description": "Router lifetime value in seconds. A value of 0 indicates the router is not a default router for the receiving end. Any other value in this field specifies the lifetime, in seconds, associated with this router as a default router.", 
      "maximum": 65520, 
      "minimum": 0, 
      "required": false, 
      "title": "Lifetime of router", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

RAMode (type) 

{
  "additionalProperties": false, 
  "description": "Router Advertisement Modes. DISABLED - RA is disabled SLAAC_DNS_THROUGH_RA - Stateless address auto-configuration RA for address and configuration SLAAC_DNS_THROUGH_DHCP - SLAAC RA for address and DHCPv6 for configuration DHCP_ADDRESS_AND_DNS_THROUGH_DHCP - DHCPv6 for address and configurations SLAAC_AND_ADDRESS_DNS_THROUGH_DHCP - SLAAC RA and DHCPv6 for address and configurations", 
  "enum": [
    "DISABLED", 
    "SLAAC_DNS_THROUGH_RA", 
    "SLAAC_DNS_THROUGH_DHCP", 
    "DHCP_ADDRESS_AND_DNS_THROUGH_DHCP", 
    "SLAAC_AND_ADDRESS_DNS_THROUGH_DHCP"
  ], 
  "id": "RAMode", 
  "module_id": "Routing", 
  "title": "Router Advertisement Mode", 
  "type": "string"
}

RaDNSConfig (type) 

{
  "additionalProperties": false, 
  "id": "RaDNSConfig", 
  "module_id": "Routing", 
  "properties": {
    "dns_server": {
      "description": "DNS server.", 
      "items": {
        "$ref": "IPv6Address
      }, 
      "maxItems": 8, 
      "required": false, 
      "title": "DNS server", 
      "type": "array"
    }, 
    "dns_server_lifetime": {
      "default": 1800000, 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Lifetime of DNS server in milliseconds", 
      "type": "integer"
    }, 
    "domain_name": {
      "description": "Domain name in RA message.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 8, 
      "required": false, 
      "title": "Domain name", 
      "type": "array"
    }, 
    "domain_name_lifetime": {
      "default": 1800000, 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Lifetime of Domain names in milliseconds", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

RateLimits (type) 

{
  "description": "Enables traffic limit for incoming/outgoing broadcast and multicast packets. Use 0 to disable rate limiting for a specific traffic type", 
  "id": "RateLimits", 
  "module_id": "SwitchSecuritySwitchingProfile", 
  "properties": {
    "enabled": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Whether rate limiting is enabled", 
      "type": "boolean"
    }, 
    "rx_broadcast": {
      "default": 0, 
      "minimum": 0, 
      "readonly": false, 
      "required": false, 
      "title": "Incoming broadcast traffic limit in packets per second", 
      "type": "int"
    }, 
    "rx_multicast": {
      "default": 0, 
      "minimum": 0, 
      "readonly": false, 
      "required": false, 
      "title": "Incoming multicast traffic limit in packets per second", 
      "type": "int"
    }, 
    "tx_broadcast": {
      "default": 0, 
      "minimum": 0, 
      "readonly": false, 
      "required": false, 
      "title": "Outgoing broadcast traffic limit in packets per second", 
      "type": "int"
    }, 
    "tx_multicast": {
      "default": 0, 
      "minimum": 0, 
      "readonly": false, 
      "required": false, 
      "title": "Outgoing multicast traffic limit in packets per second", 
      "type": "int"
    }
  }, 
  "title": "Rate limiting configuration", 
  "type": "object"
}

Reaction (type) 

{
  "additionalProperties": false, 
  "description": "Reaction represents a programmable entity which encapsulates the events and the actions in response to the events, or simply \"If This Then That\".", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Reaction", 
  "module_id": "PolicyReaction", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "actions": {
      "description": "Actions that need to be taken when the events occur. These actions must appear in the order that they need to be taken in. This field can be interpreted as the HOW of the Reaction, or simply as \"Then That\".", 
      "items": {
        "$ref": "Action
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "Reaction Actions", 
      "type": "array"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "events": {
      "description": "Events that provide contextual variables about what the reaction should react to. This field can be interpreted as the WHAT of the Reaction, or simply as \"If This\" Clause.", 
      "items": {
        "$ref": "Event
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "Reaction Events", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Reaction", 
  "type": "object"
}

ReadNodesStatusRequestQueryParameters (type) 

{
  "additionalProperties": false, 
  "id": "ReadNodesStatusRequestQueryParameters", 
  "module_id": "FabricNode", 
  "properties": {
    "node_ids": {
      "description": "A comma separated list of request Node Ids.", 
      "required": true, 
      "title": "List of requested Nodes.", 
      "type": "string"
    }
  }, 
  "title": "Node Status list request queryparameters", 
  "type": "object"
}

RealizationListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "List request params for the pass through type api that get data from the Enforcement point. The basic requirement for these kind of APIs is filtering by Enforcement point.", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "RealizationListRequestParameters", 
  "module_id": "PolicyGroupRealization", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "enforcement_point_path": {
      "description": "The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.", 
      "required": false, 
      "title": "String Path of the enforcement point", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Realization list request params", 
  "type": "object"
}

RealizationStateBarrierConfig (type) 

{
  "description": "The configuration data for setting the global realization state barrier", 
  "extends": {
    "$ref": "RevisionedResource
  }, 
  "id": "RealizationStateBarrierConfig", 
  "module_id": "RealizationStateBarrier", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "interval": {
      "description": "The interval in milliseconds used for auto incrementing the barrier number", 
      "minimum": 0, 
      "readonly": false, 
      "required": true, 
      "title": "Interval in milliseconds", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

RealizationStateQueryParameters (type) 

{
  "description": "Query parameters that allow checking the realization status of logical entities such as firewall rules and sections.", 
  "id": "RealizationStateQueryParameters", 
  "module_id": "RealizationState", 
  "properties": {
    "barrier_id": {
      "deprecated": true, 
      "description": "The system checks to ensure that the logical entity is realized or not at least at the given barrier number. This parameter has been deprecated. Please use request_id instead.", 
      "minimum": 0, 
      "readonly": false, 
      "required": false, 
      "type": "integer"
    }, 
    "request_id": {
      "description": "Passing a request_id allows you to check if the changes to a logical entity made in a particular API request have been realized or not. The request_id is returned from each API request in the X-NSX-REQUESTID header. For example, to check if a change to a firewall rule has been realized, save the X-NSX-REQUESTID header value returned from the PUT /api/v1/firewall/sections/<section-id>/rules/<rule-id> call, then add ?request_id=<id> to the GET /api/v1/firewall/rules/<rule-id>/state API call.", 
      "readonly": false, 
      "required": false, 
      "title": "Realization request ID", 
      "type": "string"
    }
  }, 
  "title": "Realization state request query parameters", 
  "type": "object"
}

RealizedEnforcementPoint (type) 

{
  "experimental": true, 
  "extends": {
    "$ref": "PolicyRealizedResource
  }, 
  "id": "RealizedEnforcementPoint", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "realized_firewalls": {
      "$ref": "RealizedFirewalls, 
      "readonly": true, 
      "required": false, 
      "title": "Root of Realized Firewalls"
    }, 
    "realized_groups": {
      "$ref": "RealizedGroups, 
      "readonly": true, 
      "required": false, 
      "title": "Root of Realized Groups"
    }, 
    "realized_services": {
      "$ref": "RealizedServices, 
      "readonly": true, 
      "required": false, 
      "title": "Root of Realized Services"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Realized Enforcement Point", 
  "type": "object"
}

RealizedEnforcementPointListRequestParameters (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "RealizedEnforcementPointListRequestParameters", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Realized enforcement point list request parameters", 
  "type": "object"
}

RealizedEnforcementPointListResult (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "RealizedEnforcementPointListResult", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "RealizedEnforcementPoint, 
        "title": "Enforcement point list result"
      }, 
      "required": false, 
      "title": "Paged Collection of Enforcement Point's", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

RealizedFirewall (type) 

{
  "abstract": true, 
  "experimental": true, 
  "extends": {
    "$ref": "PolicyRealizedResource
  }, 
  "id": "RealizedFirewall", 
  "module_id": "PolicyRealizedState", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "RealizedFirewallSection"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Realized firewall", 
  "type": "object"
}

RealizedFirewallRule (type) 

{
  "experimental": true, 
  "extends": {
    "$ref": "PolicyRealizedResource
  }, 
  "id": "RealizedFirewallRule", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "action": {
      "description": "Action enforced on the packets which matches the firewall rule.", 
      "enum": [
        "ALLOW", 
        "DROP", 
        "REJECT"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Action", 
      "type": "string"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destinations": {
      "description": "List of the destinations. Null will be treated as any.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": true, 
      "required": false, 
      "title": "Destination List", 
      "type": "array"
    }, 
    "direction": {
      "default": "IN_OUT", 
      "description": "Rule direction in case of stateless firewall rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.", 
      "enum": [
        "IN", 
        "OUT", 
        "IN_OUT"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Rule direction", 
      "type": "string"
    }, 
    "disabled": {
      "description": "Flag to disable rule. Disabled will only be persisted but never provisioned/realized.", 
      "readonly": true, 
      "required": false, 
      "title": "Rule enable/disable flag", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "services": {
      "description": "List of the services. Null will be treated as any.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": true, 
      "required": false, 
      "title": "Service List", 
      "type": "array"
    }, 
    "sources": {
      "description": "List of sources. Null will be treated as any.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": true, 
      "required": false, 
      "title": "Source List", 
      "type": "array"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Realized Firewall Rule", 
  "type": "object"
}

RealizedFirewallSection (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "RealizedFirewall
  }, 
  "id": "RealizedFirewallSection", 
  "module_id": "PolicyRealizedState", 
  "polymorphic-type-descriptor": {
    "type-identifier": "RealizedFirewallSection"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "RealizedFirewallSection"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "rule_count": {
      "description": "Number of rules in this section.", 
      "readonly": true, 
      "required": false, 
      "title": "Rule count", 
      "type": "integer"
    }, 
    "rules": {
      "description": "List of firewall rules in the section.", 
      "items": {
        "$ref": "RealizedFirewallRule
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of the firewall rules", 
      "type": "array"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "section_type": {
      "description": "Type of the rules which a section can contain.", 
      "enum": [
        "LAYER2", 
        "LAYER3"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Section Type", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Realized Firewall section", 
  "type": "object"
}

RealizedFirewallSectionListRequestParameters (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "RealizedFirewallSectionListRequestParameters", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Realized firewall section list request parameters", 
  "type": "object"
}

RealizedFirewallSectionListResult (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "RealizedFirewallSectionListResult", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "RealizedFirewallSection, 
        "title": "Firewall list results"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Paged Collection of firewall sections", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

RealizedFirewalls (type) 

{
  "experimental": true, 
  "extends": {
    "$ref": "PolicyRealizedResource
  }, 
  "id": "RealizedFirewalls", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "realized_firewalls": {
      "items": {
        "$ref": "RealizedFirewall
      }, 
      "readonly": true, 
      "required": false, 
      "title": "list of realized firewalls", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Realized firewalls", 
  "type": "object"
}

RealizedGroup (type) 

{
  "abstract": true, 
  "experimental": true, 
  "extends": {
    "$ref": "PolicyRealizedResource
  }, 
  "id": "RealizedGroup", 
  "module_id": "PolicyRealizedState", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "RealizedNSGroup", 
        "RealizedSecurityGroup"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Realized group", 
  "type": "object"
}

RealizedGroups (type) 

{
  "experimental": true, 
  "extends": {
    "$ref": "PolicyRealizedResource
  }, 
  "id": "RealizedGroups", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "realized_groups": {
      "items": {
        "$ref": "RealizedGroup
      }, 
      "readonly": true, 
      "required": false, 
      "title": "list of realized groups", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Realized groups", 
  "type": "object"
}

RealizedIPSetListRequestParameters (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "RealizedIPSetListRequestParameters", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Realized IPSet list request parameters", 
  "type": "object"
}

RealizedLogicalPort (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "PolicyRealizedResource
  }, 
  "id": "RealizedLogicalPort", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "logical_port_id": {
      "readonly": true, 
      "required": false, 
      "title": "The id of the logical port", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "status": {
      "enum": [
        "UP", 
        "DOWN", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "The Operational status of the logical port", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Realized Logical Port", 
  "type": "object"
}

RealizedLogicalSwitch (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "PolicyRealizedResource
  }, 
  "id": "RealizedLogicalSwitch", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "logical_switch_id": {
      "readonly": true, 
      "required": false, 
      "title": "Id of the logical switch", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_zone_id": {
      "readonly": true, 
      "required": false, 
      "title": "Transport zone identifier", 
      "type": "string"
    }
  }, 
  "title": "Realized Logical Switch", 
  "type": "object"
}

RealizedMACSetListRequestParameters (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "RealizedMACSetListRequestParameters", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Realized MACSet list request parameters", 
  "type": "object"
}

RealizedNSGroup (type) 

{
  "experimental": true, 
  "extends": {
    "$ref": "RealizedGroup
  }, 
  "id": "RealizedNSGroup", 
  "module_id": "PolicyRealizedState", 
  "polymorphic-type-descriptor": {
    "type-identifier": "RealizedNSGroup"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "evaluations": {
      "description": "Reference to the evaluated members of the NSGroup.", 
      "items": {
        "$ref": "RealizedNSGroupMemberEvaluation
      }, 
      "maxItems": 500, 
      "readonly": true, 
      "required": false, 
      "title": "Evaluated members of NSGroup", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "RealizedNSGroup", 
        "RealizedSecurityGroup"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Realized Network and Security Group", 
  "type": "object"
}

RealizedNSGroupListRequestParameters (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "RealizedNSGroupListRequestParameters", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Realized NSGroup list request parameters", 
  "type": "object"
}

RealizedNSGroupMemberEvaluation (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "PolicyRealizedResource
  }, 
  "id": "RealizedNSGroupMemberEvaluation", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "logical_ports": {
      "items": {
        "$ref": "RealizedLogicalPort
      }, 
      "readonly": true, 
      "required": false, 
      "title": "list of logical ports", 
      "type": "array"
    }, 
    "logical_switches": {
      "items": {
        "$ref": "RealizedLogicalSwitch
      }, 
      "readonly": true, 
      "required": false, 
      "title": "list of logical switches", 
      "type": "array"
    }, 
    "member_count": {
      "readonly": true, 
      "required": false, 
      "title": "Count of the members added to this NSGroup", 
      "type": "integer"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "virtual_machines": {
      "items": {
        "$ref": "RealizedVirtualMachine
      }, 
      "readonly": true, 
      "required": false, 
      "title": "list of virtual machines", 
      "type": "array"
    }
  }, 
  "title": "Realized NSGroup member evaluation", 
  "type": "object"
}

RealizedNSService (type) 

{
  "experimental": true, 
  "extends": {
    "$ref": "RealizedService
  }, 
  "id": "RealizedNSService", 
  "module_id": "PolicyRealizedState", 
  "polymorphic-type-descriptor": {
    "type-identifier": "RealizedNSService"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "RealizedNSService"
      ], 
      "required": true, 
      "title": "Realized services", 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "service_type": {
      "enum": [
        "SERVICE", 
        "SERVICE_GROUP"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Realized nsservice type", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Realized NSService", 
  "type": "object"
}

RealizedPathRequestParameter (type) 

{
  "description": "Realized path for which state/realized entities would be fetched.", 
  "id": "RealizedPathRequestParameter", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "realized_path": {
      "description": "Realized path of object, forward slashes must be escaped using %2F", 
      "required": true, 
      "title": "String Path of the realized object", 
      "type": "string"
    }
  }, 
  "title": "Parameter to filter realized entities by realized path", 
  "type": "object"
}

RealizedSecurityGroup (type) 

{
  "experimental": true, 
  "extends": {
    "$ref": "RealizedGroup
  }, 
  "id": "RealizedSecurityGroup", 
  "module_id": "PolicyRealizedState", 
  "polymorphic-type-descriptor": {
    "type-identifier": "RealizedSecurityGroup"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "evaluations": {
      "description": "Reference to the evaluted members of the Security Group.", 
      "items": {
        "$ref": "RealizedSecurityGroupMemberEvaluation
      }, 
      "maxItems": 500, 
      "readonly": true, 
      "required": false, 
      "title": "Evaluated members of Security Group", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "RealizedNSGroup", 
        "RealizedSecurityGroup"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Realized Network and Security Group", 
  "type": "object"
}

RealizedSecurityGroupListRequestParameters (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "RealizedSecurityGroupListRequestParameters", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Realized Security Group list request parameters", 
  "type": "object"
}

RealizedSecurityGroupListResult (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "RealizedSecurityGroupListResult", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "RealizedSecurityGroup, 
        "title": "Security Group list results"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Paged Collection of realized Security Groups", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

RealizedSecurityGroupMemberEvaluation (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "PolicyRealizedResource
  }, 
  "id": "RealizedSecurityGroupMemberEvaluation", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "member_count": {
      "readonly": true, 
      "required": false, 
      "title": "Count of the members added to this Security Group", 
      "type": "integer"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "virtual_machines": {
      "items": {
        "$ref": "RealizedVirtualMachine
      }, 
      "readonly": true, 
      "required": false, 
      "title": "list of virtual machines", 
      "type": "array"
    }
  }, 
  "title": "Realized Security Group member evaluation", 
  "type": "object"
}

RealizedService (type) 

{
  "experimental": true, 
  "extends": {
    "$ref": "PolicyRealizedResource
  }, 
  "id": "RealizedService", 
  "module_id": "PolicyRealizedState", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "RealizedNSService"
      ], 
      "required": true, 
      "title": "Realized services", 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Realized Service", 
  "type": "object"
}

RealizedServices (type) 

{
  "experimental": true, 
  "extends": {
    "$ref": "PolicyRealizedResource
  }, 
  "id": "RealizedServices", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "realized_services": {
      "items": {
        "$ref": "RealizedService
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of realized services", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Realized services", 
  "type": "object"
}

RealizedStateRequestParameter (type) 

{
  "description": "Request parameter that represents a binding between an intent path and enforcement point path. A request on the realized state can be parameterized with this pair and will be evaluted as follows: - {intent_path}: the request is evaluated on all enforcement points for the given intent. - {intent_path, enforcement_point_path}: the request is evaluated only on the given enforcement point for the given intent.", 
  "id": "RealizedStateRequestParameter", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "enforcement_point_path": {
      "description": "enforcement point path, forward slashes must be escaped using %2F", 
      "required": false, 
      "title": "String Path of the enforcement point", 
      "type": "string"
    }, 
    "intent_path": {
      "description": "Intent path of object, forward slashes must be escaped using %2F", 
      "required": true, 
      "title": "String Path of the intent object", 
      "type": "string"
    }
  }, 
  "title": "Binding between Intent and Enforcement Point Paths", 
  "type": "object"
}

RealizedVirtualMachine (type) 

{
  "additionalProperties": false, 
  "experimental": true, 
  "extends": {
    "$ref": "PolicyRealizedResource
  }, 
  "id": "RealizedVirtualMachine", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "alarms": {
      "items": {
        "$ref": "PolicyAlarmResource
      }, 
      "required": false, 
      "title": "Alarm info detail", 
      "type": "array"
    }, 
    "compute_ids": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of external compute ids of the virtual machine in the format 'id-type-key:value' , list of external compute ids ['uuid:xxxx-xxxx-xxxx-xxxx', 'moIdOnHost:moref-11', 'instanceUuid:xxxx-xxxx-xxxx-xxxx']", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "host_id": {
      "readonly": true, 
      "required": false, 
      "title": "Id of the host on which the vm exists.", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "intent_reference": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Desire state paths of this object", 
      "type": "array"
    }, 
    "local_id_on_host": {
      "readonly": true, 
      "required": false, 
      "title": "Id of the vm unique within the host.", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "power_state": {
      "enum": [
        "VM_RUNNING", 
        "VM_STOPPED", 
        "VM_SUSPENDED", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Current power state of this virtual machine in the system.", 
      "type": "string"
    }, 
    "realization_api": {
      "required": false, 
      "title": "Realization API of this object on enforcement point", 
      "type": "string"
    }, 
    "realization_specific_identifier": {
      "required": false, 
      "title": "Realization id of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "runtime_error": {
      "description": "It define the root cause for runtime error.", 
      "required": false, 
      "title": "String representation of runtime error", 
      "type": "string"
    }, 
    "runtime_status": {
      "description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.", 
      "required": false, 
      "title": "String representation of runtime status", 
      "type": "string"
    }, 
    "state": {
      "enum": [
        "UNAVAILABLE", 
        "UNREALIZED", 
        "REALIZED", 
        "ERROR"
      ], 
      "required": true, 
      "title": "Realization state of this object", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Realized Virtual Machine", 
  "type": "object"
}

RealizedVirtualMachineListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "RealizedVirtualMachineListRequestParameters", 
  "module_id": "PolicyGroupStatistics", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "enforcement_point_path": {
      "description": "enforcement point path, forward slashes must be escaped using %2F.", 
      "required": false, 
      "title": "String Path of the enforcement point", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Realized Virtual Machine list request parameters", 
  "type": "object"
}

RealizedVirtualMachineListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "RealizedVirtualMachineListResult", 
  "module_id": "PolicyGroupStatistics", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "RealizedVirtualMachine, 
        "title": "Virtual machine list result"
      }, 
      "required": false, 
      "title": "Paged Collection of VMs", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

RedirectionPolicy (type) 

{
  "additionalProperties": false, 
  "description": "Ordered list of rules long with the path of PolicyServiceInstance to which the traffic needs to be redirected.", 
  "extends": {
    "$ref": "Policy
  }, 
  "id": "RedirectionPolicy", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "category": {
      "description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.", 
      "required": false, 
      "title": "A way to classify a security policy, if needed.", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "comments": {
      "description": "Comments for security policy lock/unlock.", 
      "readonly": false, 
      "required": false, 
      "title": "SecurityPolicy lock/unlock comments", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "lock_modified_by": {
      "description": "ID of the user who last modified the lock for the secruity policy.", 
      "readonly": true, 
      "required": false, 
      "title": "User who locked the security policy", 
      "type": "string"
    }, 
    "lock_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "SecurityPolicy locked/unlocked time in epoch milliseconds.", 
      "readonly": true, 
      "required": false, 
      "title": "SecuirtyPolicy locked/unlocked time"
    }, 
    "locked": {
      "default": false, 
      "description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.", 
      "required": false, 
      "title": "Lock a security policy", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "redirect_to": {
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "List of path Service Instance/service Instance endpoint", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rules": {
      "description": "Redirection rules that are a part of this RedirectionPolicy. At max, there can be 1000 rules in a given RedirectPolicy.", 
      "items": {
        "$ref": "RedirectionRule
      }, 
      "maxItems": 1000, 
      "required": false, 
      "title": "Redirection rules that are a part of this RedirectionPolicy", 
      "type": "array"
    }, 
    "scope": {
      "description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security policies.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "type": "array"
    }, 
    "sequence_number": {
      "description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy.", 
      "minimum": 0, 
      "title": "Sequence number to resolve conflicts across Domains", 
      "type": "int"
    }, 
    "stateful": {
      "description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.", 
      "readonly": false, 
      "required": false, 
      "title": "Stateful nature of the entries within this security policy.", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_strict": {
      "description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies.", 
      "readonly": false, 
      "required": false, 
      "title": "Enforce strict tcp handshake before allowing data packets", 
      "type": "boolean"
    }
  }, 
  "title": "Contains ordered list of rules and path to PolicyServiceInstance\n", 
  "type": "object"
}

RedirectionPolicyListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListResult
  }, 
  "id": "RedirectionPolicyListResult", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "RedirectionPolicy
      }, 
      "required": true, 
      "title": "Redirection policy list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Redirection Policies", 
  "type": "object"
}

RedirectionRule (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "BaseRule
  }, 
  "id": "RedirectionRule", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "action": {
      "description": "The action to be applied to all the services", 
      "enum": [
        "REDIRECT", 
        "DO_NOT_REDIRECT"
      ], 
      "required": false, 
      "title": "Action", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destination_groups": {
      "description": "We need paths as duplicate names may exist for groups under different domains.In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Destination group paths", 
      "type": "array"
    }, 
    "destinations_excluded": {
      "default": false, 
      "description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups", 
      "readonly": false, 
      "required": false, 
      "title": "Negation of destination groups", 
      "type": "boolean"
    }, 
    "direction": {
      "default": "IN_OUT", 
      "description": "Define direction of traffic.", 
      "enum": [
        "IN", 
        "OUT", 
        "IN_OUT"
      ], 
      "required": false, 
      "title": "Direction", 
      "type": "string"
    }, 
    "disabled": {
      "default": false, 
      "description": "Flag to disable the rule. Default is enabled.", 
      "readonly": false, 
      "required": false, 
      "title": "Flag to disable the rule", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_protocol": {
      "description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.", 
      "enum": [
        "IPV4", 
        "IPV6", 
        "IPV4_IPV6"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "IPv4 vs IPv6 packet type", 
      "type": "string"
    }, 
    "logged": {
      "default": false, 
      "description": "Flag to enable packet logging. Default is disabled.", 
      "readonly": false, 
      "required": false, 
      "title": "Enable logging flag", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "notes": {
      "description": "Text for additional notes on changes.", 
      "maxLength": 2048, 
      "readonly": false, 
      "required": false, 
      "title": "Text for additional notes on changes", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "profiles": {
      "description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Layer 7 service profiles", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "scope": {
      "description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "type": "array"
    }, 
    "sequence_number": {
      "description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain", 
      "minimum": 0, 
      "required": false, 
      "title": "Sequence number of the this Rule", 
      "type": "int"
    }, 
    "services": {
      "description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Names of services", 
      "type": "array"
    }, 
    "source_groups": {
      "description": "We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Source group paths", 
      "type": "array"
    }, 
    "sources_excluded": {
      "default": false, 
      "description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups", 
      "readonly": false, 
      "required": false, 
      "title": "Negation of source groups", 
      "type": "boolean"
    }, 
    "tag": {
      "description": "User level field which will be printed in CLI and packet logs.", 
      "required": false, 
      "title": "Tag applied on the rule", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "It define redirection rule for service insertion", 
  "type": "object"
}

RedirectionRuleListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "RuleListRequestParameters
  }, 
  "id": "RedirectionRuleListRequestParameters", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "RedirectionRule list request parameters", 
  "type": "object"
}

RedirectionRuleListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "BaseRuleListResult
  }, 
  "id": "RedirectionRuleListResult", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "RedirectionRule
      }, 
      "required": true, 
      "title": "RedirectionRule list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of RedirectionRules", 
  "type": "object"
}

RedistributionConfig (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "RedistributionConfig", 
  "module_id": "Routing", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "bgp_enabled": {
      "default": false, 
      "required": false, 
      "title": "Flag to enable redistribution for BGP as destinationProtocol", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logical_router_id": {
      "readonly": true, 
      "required": false, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

RedistributionProtocols (type) 

{
  "additionalProperties": false, 
  "description": "Types of route to redistribute over routing protocols. STATIC type is deprecated, use T0_STATIC instead. T0_STATIC type should be used to redistribute user added static routes. NSX_CONNECTED type is deprecated, use T0_CONNECTED instead. For backward compatibility when NSX_CONNECTED is selected, we will redistribute downlink port subnets for TIER0 LR. T0_CONNECTED type should be used to redistribute all port subnets including uplink, downlink, CSP and loopback for TIER0 LR. NSX_STATIC type is deprecated, use T1_STATIC instead. For backward compatibility when NSX_STATIC is selected, we will redistribute static, CSP and downlink port subnets advertised by TIER1 LR. T1_STATIC type should be used to redistribute static subnets advertised by TIER1 LR. T0_UPLINK type should be used to redistribute uplink port subnets on TIER0 LR. T0_DOWNLINK type should be used to redistribute downlink port subnets on TIER0 LR. T0_ROUTER_LINK type should be used to redistribute router link port subnets on TIER0 LR T0_CSP type should be used to redistribute centralised service port subnets on TIER0 LR. T0_LOOPBACK type should be used to redistribute loopback port subnets on TIER0 LR. T0_DNS_FORWARDER_IP type should be used to redistribute DNS forwarder subnets on TIER0 LR. T0_IPSEC_LOCAL_IP type should be used to redistribute IPSec subnets on TIER0 LR. TIER0_NAT type is deprecated, use T0_NAT instead. T0_NAT type should be used to redistribute NAT IPs owned by TIER0 logical router. TIER1_NAT type is deprecated, use T1_NAT instead. T1_NAT type should be used to redistribute NAT IP subnets advertised by TIER1 LR. TIER1_LB_VIP type is deprecated,use T1_LB_VIP instead. T1_LB_VIP type should be used to redistribute LB VIP IP subnets advertised by TIER1 LR. TIER1_LB_SNAT type is deprecated, use T1_NAT instead. T1_LB_SNAT type should be used to redistribute LB SNAT IP subnets advertised by TIER1 LR. T1_DNS_FORWARDER_IP type should be used to redistribute DNS forwarder subnets advertised by TIER1 LR. T1_CONNECTED type should be used to redistribute downlink and CSP port subnets advertised by TIER1 LR. T1_DOWNLINK type should be used to redistribute downlink port subnets advertised by TIER1 LR. T1_CSP type should be used to redistribute centralised service port subnets advertised by TIER1 LR. BGP type should be used to redistribute routes learned via BGP. T1_IPSEC_LOCAL_IP type should be used to redistribute IPSec VPN local endpoint subnets advertised by TIER1 LR.", 
  "enum": [
    "STATIC", 
    "T0_STATIC", 
    "NSX_CONNECTED", 
    "T0_CONNECTED", 
    "NSX_STATIC", 
    "T1_STATIC", 
    "T0_UPLINK", 
    "T0_DOWNLINK", 
    "T0_ROUTER_LINK", 
    "T0_CSP", 
    "T0_LOOPBACK", 
    "T0_DNS_FORWARDER_IP", 
    "T0_IPSEC_LOCAL_IP", 
    "TIER0_NAT", 
    "T0_NAT", 
    "TIER1_NAT", 
    "T1_NAT", 
    "TIER1_LB_VIP", 
    "T1_LB_VIP", 
    "TIER1_LB_SNAT", 
    "T1_LB_SNAT", 
    "T1_DNS_FORWARDER_IP", 
    "T1_CONNECTED", 
    "T1_DOWNLINK", 
    "T1_CSP", 
    "BGP", 
    "T1_IPSEC_LOCAL_IP"
  ], 
  "id": "RedistributionProtocols", 
  "module_id": "Routing", 
  "title": "Redistribution Protocols", 
  "type": "string"
}

RedistributionRule (type) 

{
  "additionalProperties": false, 
  "id": "RedistributionRule", 
  "module_id": "Routing", 
  "properties": {
    "address_family": {
      "default": "IPV4_AND_IPV6", 
      "enum": [
        "IPV4", 
        "IPV6", 
        "IPV4_AND_IPV6"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Address family for Route Redistribution", 
      "type": "string"
    }, 
    "description": {
      "maxLength": 1024, 
      "required": false, 
      "title": "Description", 
      "type": "string"
    }, 
    "destination": {
      "$ref": "RedistributionProtocols, 
      "required": true, 
      "title": "Destination redistribution protocol"
    }, 
    "display_name": {
      "maxLength": 255, 
      "required": false, 
      "title": "Display name", 
      "type": "string"
    }, 
    "route_map_id": {
      "required": false, 
      "title": "RouteMap Id for the filter", 
      "type": "string"
    }, 
    "sources": {
      "items": {
        "$ref": "RedistributionProtocols
      }, 
      "required": true, 
      "title": "Array of redistribution protocols", 
      "type": "array"
    }
  }, 
  "type": "object"
}

RedistributionRuleList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "RedistributionRuleList", 
  "module_id": "Routing", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logical_router_id": {
      "readonly": true, 
      "required": false, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rules": {
      "default": [], 
      "items": {
        "$ref": "RedistributionRule
      }, 
      "maxItems": 5, 
      "minItems": 0, 
      "required": false, 
      "title": "List of redistribution rules.\nUser needs to re-order rules to change the priority.\n", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

RegistrationToken (type) 

{
  "id": "RegistrationToken", 
  "module_id": "RegistrationTokenEndPoint", 
  "properties": {
    "roles": {
      "items": {
        "type": "string"
      }, 
      "required": true, 
      "title": "List results", 
      "type": "array"
    }, 
    "token": {
      "required": true, 
      "title": "Access token", 
      "type": "string"
    }, 
    "user": {
      "required": false, 
      "title": "User delegated by token", 
      "type": "string"
    }
  }, 
  "title": "Appliance registration access token", 
  "type": "object"
}

RelatedApiError (type) 

{
  "id": "RelatedApiError", 
  "module_id": "Common", 
  "properties": {
    "details": {
      "title": "Further details about the error", 
      "type": "string"
    }, 
    "error_code": {
      "title": "A numeric error code", 
      "type": "integer"
    }, 
    "error_data": {
      "title": "Additional data about the error", 
      "type": "object"
    }, 
    "error_message": {
      "title": "A description of the error", 
      "type": "string"
    }, 
    "module_name": {
      "title": "The module name where the error occurred", 
      "type": "string"
    }
  }, 
  "title": "Detailed information about a related API error", 
  "type": "object"
}

RelatedAttribute (type) 

{
  "additionalProperties": false, 
  "description": "Related attribute on the target resource for conditional constraints based on related attribute value. Example - destinationGroups/service/action is related attribute of   sourceGroups in communcation entry.", 
  "id": "RelatedAttribute", 
  "module_id": "PolicyConstraints", 
  "properties": {
    "attribute": {
      "required": true, 
      "title": "Related attribute name on the target entity.", 
      "type": "string"
    }
  }, 
  "title": "Related attribute details.", 
  "type": "object"
}

RelatedAttributeConditionalExpression (type) 

{
  "additionalProperties": false, 
  "description": "Represents the leaf level type expression to express constraint as value of realted attribute to the target. Example - Constraint traget attribute 'X' (example in Constraint),   if destinationGroups contains 'vCeneter' then allow only values   \"HTTPS\", \"HTTP\" for attribute X.   {     \"target\":{       \"target_resource_type\":\"CommunicationEntry\",       \"attribute\":\"services\",       \"path_prefix\": \"/infra/domains/{{DOMAIN}}/edge-communication-maps/default/communication-entries/\"     },     \"constraint_expression\": {       \"resource_type\": \"RelatedAttributeConditionalExpression\",       \"related_attribute\":{         \"attribute\":\"destinationGroups\"       },       \"condition\" : {         \"operator\":\"INCLUDES\",         \"rhs_value\": [\"/infra/domains/mgw/groups/VCENTER\"],         \"value_constraint\": {           \"resource_type\": \"ValueConstraintExpression\",           \"operator\":\"INCLUDES\",           \"values\":[\"/infra/services/HTTP\", \"/infra/services/HTTPS\"]         }       }     }   }", 
  "extends": {
    "$ref": "ConstraintExpression
  }, 
  "id": "RelatedAttributeConditionalExpression", 
  "module_id": "PolicyConstraints", 
  "polymorphic-type-descriptor": {
    "type-identifier": "RelatedAttributeConditionalExpression"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "condition": {
      "$ref": "ConditionalValueConstraintExpression, 
      "description": "Conditional value expression for target based on realted attribute value.", 
      "required": true, 
      "title": "Conditiona value constraint expression."
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "related_attribute": {
      "$ref": "RelatedAttribute, 
      "required": true, 
      "title": "Related attribute."
    }, 
    "resource_type": {
      "enum": [
        "ValueConstraintExpression", 
        "RelatedAttributeConditionalExpression", 
        "EntityInstanceCountConstraintExpression", 
        "FieldSanityConstraintExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Represents the leaf level type expression to express constraint as\nvalue of realted attribute to the target. Uses\nConditionalValueConstraintExpression to constrain the target value\nbased on the related attribute value on the same resource.\n", 
  "type": "object"
}

RemainingSupportBundleNode (type) 

{
  "additionalProperties": false, 
  "id": "RemainingSupportBundleNode", 
  "properties": {
    "node_display_name": {
      "readonly": true, 
      "required": true, 
      "title": "Display name of node", 
      "type": "string"
    }, 
    "node_id": {
      "readonly": true, 
      "required": true, 
      "title": "UUID of node", 
      "type": "string"
    }, 
    "status": {
      "enum": [
        "PENDING", 
        "PROCESSING"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Status of node", 
      "type": "string"
    }
  }, 
  "type": "object"
}

RemoteFileServer (type) 

{
  "additionalProperties": false, 
  "id": "RemoteFileServer", 
  "module_id": "BackupConfiguration", 
  "properties": {
    "directory_path": {
      "pattern": "^\\/[\\w\\-.\\+~%\\/]+$", 
      "required": true, 
      "title": "Remote server directory to copy bundle files to", 
      "type": "string", 
      "validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.directory_path_pattern.message"
    }, 
    "port": {
      "default": 22, 
      "maximum": 65535, 
      "minimum": 1, 
      "title": "Server port", 
      "type": "integer"
    }, 
    "protocol": {
      "$ref": "FileTransferProtocol, 
      "required": true, 
      "title": "Protocol to use to copy file"
    }, 
    "server": {
      "format": "hostname-or-ip", 
      "required": true, 
      "title": "Remote server hostname or IP address", 
      "type": "string"
    }
  }, 
  "title": "Remote file server", 
  "type": "object"
}

RemoteServerFingerprint (type) 

{
  "additionalProperties": false, 
  "id": "RemoteServerFingerprint", 
  "module_id": "BackupConfiguration", 
  "properties": {
    "port": {
      "default": 22, 
      "maximum": 65535, 
      "minimum": 1, 
      "title": "Server port", 
      "type": "integer"
    }, 
    "server": {
      "format": "hostname-or-ip", 
      "required": true, 
      "title": "Remote server hostname or IP address", 
      "type": "string"
    }, 
    "ssh_fingerprint": {
      "required": true, 
      "title": "SSH fingerprint of server", 
      "type": "string"
    }
  }, 
  "title": "Remote server", 
  "type": "object"
}

RemoteServerFingerprintRequest (type) 

{
  "additionalProperties": false, 
  "id": "RemoteServerFingerprintRequest", 
  "module_id": "BackupConfiguration", 
  "properties": {
    "port": {
      "default": 22, 
      "maximum": 65535, 
      "minimum": 1, 
      "title": "Server port", 
      "type": "integer"
    }, 
    "server": {
      "format": "hostname-or-ip", 
      "required": true, 
      "title": "Remote server hostname or IP address", 
      "type": "string"
    }
  }, 
  "title": "Remote server", 
  "type": "object"
}

RemoteTransportNodeStatusParametersWithDataSource (type) 

{
  "description": "Query parameters that may be used to select which transport nodes status to return in a query. The tunnel_status and bfd_diagnostic_code parameters are ANDed together if both are provided.", 
  "extends": {
    "$ref": "ListWithDataSourceParameters
  }, 
  "id": "RemoteTransportNodeStatusParametersWithDataSource", 
  "module_id": "Heatmap", 
  "properties": {
    "bfd_diagnostic_code": {
      "description": "The BFD diagnostic code of Tunnel as defined in RFC 5880. If specified, only the status for transport nodes connected via tunnels having the specified BFD diagnostic code are returned.", 
      "enum": [
        "0", 
        "NO_DIAGNOSTIC", 
        "1", 
        "CONTROL_DETECTION_TIME_EXPIRED", 
        "2", 
        "ECHO_FUNCTION_FAILED", 
        "3", 
        "NEIGHBOR_SIGNALED_SESSION_DOWN", 
        "4", 
        "FORWARDING_PLANE_RESET", 
        "5", 
        "PATH_DOWN", 
        "6", 
        "CONCATENATED_PATH_DOWN", 
        "7", 
        "ADMINISTRATIVELY_DOWN", 
        "8", 
        "REVERSE_CONCATENATED_PATH_DOWN"
      ], 
      "title": "BFD diagnostic code of Tunnel", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }, 
    "tunnel_status": {
      "description": "If specified, only the status for transport nodes connected via tunnels having the specified tunnel status are returned.", 
      "enum": [
        "UP", 
        "DOWN"
      ], 
      "title": "Tunnel Status", 
      "type": "string"
    }
  }, 
  "type": "object"
}

RenderConfiguration (type) 

{
  "additionalProperties": false, 
  "description": "Render configuration to be applied to the widget.", 
  "id": "RenderConfiguration", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "color": {
      "description": "The color to use when rendering an entity. For example, set color as 'RED' to render a portion of donut in red.", 
      "enum": [
        "GREY", 
        "DARK_GREY", 
        "LIGHT_GREY", 
        "SKY_BLUE", 
        "BLUE", 
        "GREEN", 
        "YELLOW", 
        "RED", 
        "DARK_RED"
      ], 
      "title": "Color of the entity", 
      "type": "string"
    }, 
    "condition": {
      "description": "If the condition is met then the rendering specified for the condition will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.", 
      "maxLength": 1024, 
      "title": "Expression for evaluating condition", 
      "type": "string"
    }, 
    "display_value": {
      "description": "If specified, overrides the field value. This can be used to display a meaningful value in situations where field value is not available or not configured.", 
      "maxLength": 255, 
      "title": "Overridden value to display, if any", 
      "type": "string"
    }, 
    "icons": {
      "description": "Icons to be applied at dashboard for widgets and UI elements.", 
      "items": {
        "$ref": "Icon
      }, 
      "minItems": 0, 
      "title": "Icons", 
      "type": "array"
    }, 
    "tooltip": {
      "description": "Multi-line text to be shown on tooltip while hovering over the UI element if the condition is met.", 
      "items": {
        "$ref": "Tooltip
      }, 
      "minItems": 0, 
      "title": "Multi-line tooltip", 
      "type": "array"
    }
  }, 
  "title": "Render Configuration", 
  "type": "object"
}

ReorderMigrationRequest (type) 

{
  "additionalProperties": false, 
  "id": "ReorderMigrationRequest", 
  "module_id": "Migration", 
  "properties": {
    "id": {
      "readonly": false, 
      "required": true, 
      "title": "id of the migration unit group/migration unit before/after which the migration unit group/migration unit is to be placed", 
      "type": "string"
    }, 
    "is_before": {
      "default": true, 
      "readonly": false, 
      "required": false, 
      "title": "flag indicating whether the migration unit group/migration unit is to be placed before or after the specified migration unit group/migration unit", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

ReorderRequest (type) 

{
  "additionalProperties": false, 
  "id": "ReorderRequest", 
  "module_id": "Upgrade", 
  "properties": {
    "id": {
      "readonly": false, 
      "required": true, 
      "title": "id of the upgrade unit group/upgrade unit before/after which the upgrade unit group/upgrade unit is to be placed", 
      "type": "string"
    }, 
    "is_before": {
      "default": true, 
      "readonly": false, 
      "required": false, 
      "title": "flag indicating whether the upgrade unit group/upgrade unit is to be placed before or after the specified upgrade unit group/upgrade unit", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

RepoSyncStatusReport (type) 

{
  "id": "RepoSyncStatusReport", 
  "module_id": "ClusterNodeVMDeployment", 
  "properties": {
    "failure_code": {
      "description": "In case of repo sync related failure, the code for the error will be stored here.", 
      "required": false, 
      "title": "Error code for failure", 
      "type": "integer"
    }, 
    "failure_message": {
      "description": "In case if repo sync fails due to some issue, an error message will be stored here.", 
      "required": false, 
      "title": "Error message for failure", 
      "type": "string"
    }, 
    "status": {
      "description": "Status of the repo sync operation on the single nsx-manager", 
      "enum": [
        "NOT_STARTED", 
        "IN_PROGRESS", 
        "FAILED", 
        "SUCCESS"
      ], 
      "required": true, 
      "title": "Repository Synchronization Status", 
      "type": "string"
    }, 
    "status_message": {
      "description": "Describes the steps which repo sync operation is performing currently.", 
      "required": false, 
      "title": "Status message", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ReportAppResultsForVmsRequestParameters (type) 

{
  "description": "Parameters to query results of an application discovery session. It has a list of vm ids.", 
  "id": "ReportAppResultsForVmsRequestParameters", 
  "module_id": "AppDiscovery", 
  "properties": {
    "vm_ids": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Vm external Ids", 
      "type": "array"
    }
  }, 
  "title": "Parameters to request results of an application discovery session", 
  "type": "object"
}

RequiredTransportNodeIdParameters (type) 

{
  "extends": {
    "$ref": "DataSourceParameters
  }, 
  "id": "RequiredTransportNodeIdParameters", 
  "module_id": "AggSvcL2Types", 
  "properties": {
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }, 
    "transport_node_id": {
      "required": true, 
      "title": "TransportNode Id", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ResetStatsParameters (type) 

{
  "id": "ResetStatsParameters", 
  "module_id": "FirewallStatsRule", 
  "properties": {
    "category": {
      "description": "Aggregation statistic category to perform reset operation.", 
      "enum": [
        "L3DFW", 
        "L3EDGE", 
        "L3BRIDGEPORT"
      ], 
      "required": true, 
      "title": "Aggregation statistic category", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ResetStatsRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Request parameters that represents an enforcement point path and category. A request on statistics can be parameterized with this  enforcement point path and will be evaluated as follows: - no enforcement point path specified: the request is evaluated on all enforcement points. - {enforcement_point_path}: the request is evaluated only on the given enforcement point.", 
  "extends": {
    "$ref": "StatisticsRequestParameters
  }, 
  "id": "ResetStatsRequestParameters", 
  "module_id": "PolicyBaseStatistics", 
  "properties": {
    "category": {
      "description": "Aggregation statistic category to perform reset operation.", 
      "enum": [
        "DFW", 
        "EDGE"
      ], 
      "required": true, 
      "title": "Aggregation statistic category", 
      "type": "string"
    }, 
    "enforcement_point_path": {
      "description": "enforcement point path, forward slashes must be escaped using %2F.", 
      "required": false, 
      "title": "String Path of the enforcement point", 
      "type": "string"
    }
  }, 
  "title": "Reset Statistics Request Parameters", 
  "type": "object"
}

Resource (type) 

{
  "abstract": true, 
  "id": "Resource", 
  "module_id": "Common", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }
  }, 
  "title": "Base class for resources", 
  "type": "object"
}

ResourceAllocation (type) 

{
  "description": "Specify limit, shares and reservation for all kinds of traffic. Values for limit and reservation are expressed in percentage. And for shares, the value is expressed as a number between 1-100. The overall reservation among all traffic types should not exceed 75%. Otherwise, the API request will be rejected.", 
  "id": "ResourceAllocation", 
  "module_id": "NiocProfile", 
  "nsx_feature": "Nioc", 
  "properties": {
    "limit": {
      "default": -1.0, 
      "description": "The limit property specifies the maximum bandwidth allocation for a given traffic type and is expressed in percentage. The default value for this field is set to -1 which means the traffic is unbounded for the traffic type. All other negative values for this property is not supported and will be rejected by the API.", 
      "maximum": 100, 
      "minimum": -1, 
      "required": true, 
      "title": "Maximum bandwidth percentage", 
      "type": "number"
    }, 
    "reservation": {
      "default": 0.0, 
      "maximum": 75, 
      "minimum": 0, 
      "required": true, 
      "title": "Minimum guaranteed bandwidth percentage", 
      "type": "number"
    }, 
    "shares": {
      "default": 50, 
      "maximum": 100, 
      "minimum": 1, 
      "required": true, 
      "title": "Shares", 
      "type": "int"
    }, 
    "traffic_type": {
      "$ref": "HostInfraTrafficType, 
      "required": true, 
      "title": "Resource allocation traffic type"
    }
  }, 
  "title": "Resource allocation information for a host infrastructure traffic type", 
  "type": "object"
}

ResourceFieldPointer (type) 

{
  "additionalProperties": false, 
  "description": "Resource Field Pointer representing the exact value within a policy object.", 
  "id": "ResourceFieldPointer", 
  "module_id": "PolicyReaction", 
  "properties": {
    "field_pointer": {
      "description": "Field Pointer referencing the exact field within the policy object.", 
      "required": true, 
      "title": "Field Pointer", 
      "type": "string"
    }, 
    "path": {
      "description": "Policy Path referencing a policy object. If not supplied, the field pointer will be applied to the event source.", 
      "title": "Resource Path", 
      "type": "string"
    }
  }, 
  "title": "Resource Field Pointer", 
  "type": "object"
}

ResourceInfoListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ResourceInfoListResult", 
  "module_id": "PolicyFineTuning", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "PolicyFineTuningResourceInfo
      }, 
      "required": true, 
      "title": "Resource info list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Collection of resource info objects", 
  "type": "object"
}

ResourceInfoSearchParameters (type) 

{
  "additionalProperties": false, 
  "description": "This object presents additional search capabilities over any API through free text query string. e.g. type=\"FirewallRuleDto\".", 
  "experimental": true, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "ResourceInfoSearchParameters", 
  "module_id": "PolicyFineTuning", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "type": {
      "required": false, 
      "title": "Type query", 
      "type": "string"
    }
  }, 
  "title": "Represents search object that provides additional search capabilities", 
  "type": "object"
}

ResourceLink (type) 

{
  "additionalProperties": false, 
  "id": "ResourceLink", 
  "module_id": "Common", 
  "properties": {
    "action": {
      "readonly": true, 
      "title": "Optional action", 
      "type": "string"
    }, 
    "href": {
      "readonly": true, 
      "required": true, 
      "title": "Link to resource", 
      "type": "string"
    }, 
    "rel": {
      "description": "Custom relation type (follows RFC 5988 where appropriate definitions exist)", 
      "readonly": true, 
      "required": true, 
      "title": "Link relation type", 
      "type": "string"
    }
  }, 
  "title": "A link to a related resource", 
  "type": "object"
}

ResourceOperation (type) 

{
  "additionalProperties": false, 
  "description": "Resource Operation is an Event Source that represents a resource that is being changed at very specific points of time, with regard to its interaction with dao layer.", 
  "extends": {
    "$ref": "Source
  }, 
  "id": "ResourceOperation", 
  "module_id": "PolicyReaction", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ResourceOperation"
  }, 
  "properties": {
    "operation_types": {
      "description": "Operation types.", 
      "items": {
        "$ref": "ResourceOperationType
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Operation Types", 
      "type": "array"
    }, 
    "resource_pointer": {
      "description": "Regex path representing a regex expression on resources. This regex is used to identify the object(s) that is/are the source of the Event. For instance: specifying \"Lb* | /infra/tier-0s/vmc/ipsec-vpn-services/default\" as a source means that ANY resource starting with Lb or ANY resource with \"/infra/tier-0s/vmc/ipsec-vpn-services/default\" as path would be the source of the event in question.", 
      "required": true, 
      "title": "Resource Pointer", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Event Source resource type.", 
      "enum": [
        "ResourceOperation", 
        "ApiRequestBody"
      ], 
      "required": true, 
      "title": "Resource Type", 
      "type": "string"
    }
  }, 
  "title": "Resource Operation", 
  "type": "object"
}

ResourceOperationType (type) 

{
  "additionalProperties": false, 
  "description": "Resource Operation Type represents a change in state of a resource with regard to the interaction with DAO layer: POST_CREATE: post-create change event. POST_UPDATE: post-update change event. PRE_DELETE: pre-delete change event.", 
  "enum": [
    "POST_CREATE", 
    "POST_UPDATE", 
    "PRE_DELETE"
  ], 
  "id": "ResourceOperationType", 
  "module_id": "PolicyReaction", 
  "title": "Resource Operation Type", 
  "type": "string"
}

ResourceReference (type) 

{
  "description": "A weak reference to an NSX resource.", 
  "id": "ResourceReference", 
  "module_id": "Common", 
  "properties": {
    "is_valid": {
      "description": "Will be set to false if the referenced NSX resource has been deleted.", 
      "readonly": true, 
      "required": false, 
      "title": "Target validity", 
      "type": "boolean"
    }, 
    "target_display_name": {
      "description": "Display name of the NSX resource.", 
      "maxLength": 255, 
      "readonly": true, 
      "required": false, 
      "title": "Target display name", 
      "type": "string"
    }, 
    "target_id": {
      "description": "Identifier of the NSX resource.", 
      "maxLength": 64, 
      "readonly": false, 
      "required": false, 
      "title": "Target ID", 
      "type": "string"
    }, 
    "target_type": {
      "description": "Type of the NSX resource.", 
      "maxLength": 255, 
      "readonly": false, 
      "required": false, 
      "title": "Target type", 
      "type": "string"
    }
  }, 
  "type": "object"
}

RestoreConfiguration (type) 

{
  "additionalProperties": false, 
  "id": "RestoreConfiguration", 
  "module_id": "BackupConfiguration", 
  "properties": {
    "passphrase": {
      "sensitive": true, 
      "title": "Passphrase used to encrypt backup files.", 
      "type": "string"
    }, 
    "remote_file_server": {
      "$ref": "RemoteFileServer, 
      "required": true, 
      "title": "The server from which backup files will be retrieved for restore."
    }
  }, 
  "title": "Configuration where backup files are stored for restore", 
  "type": "object"
}

RestoreStep (type) 

{
  "id": "RestoreStep", 
  "module_id": "ClusterRestore", 
  "properties": {
    "description": {
      "readonly": true, 
      "required": true, 
      "title": "Restore step description", 
      "type": "string"
    }, 
    "status": {
      "$ref": "PerStepRestoreStatus
    }, 
    "step_number": {
      "readonly": true, 
      "required": true, 
      "title": "Restore step number", 
      "type": "integer"
    }, 
    "value": {
      "readonly": true, 
      "required": true, 
      "title": "Restore step value", 
      "type": "string"
    }
  }, 
  "title": "Restore step info", 
  "type": "object"
}

RevisionedResource (type) 

{
  "abstract": true, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "RevisionedResource", 
  "module_id": "Common", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }
  }, 
  "title": "A base class for types that track revisions", 
  "type": "object"
}

Role (type) 

{
  "id": "Role", 
  "module_id": "AAA", 
  "properties": {
    "role": {
      "required": true, 
      "title": "Role name", 
      "type": "string"
    }
  }, 
  "title": "Role", 
  "type": "object"
}

RoleBinding (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "RoleBinding", 
  "module_id": "AAA", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "name": {
      "readonly": true, 
      "required": true, 
      "title": "User/Group's name", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "roles": {
      "items": {
        "$ref": "Role
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Roles", 
      "type": "array"
    }, 
    "stale": {
      "description": "Property 'stale' can be considered to have these values - absent  - This type of rolebinding does not support stale property TRUE    - Rolebinding is stale in vIDM meaning the user is no longer present in vIDM FALSE   - Rolebinding is available in vIDM UNKNOWN - Rolebinding's state of staleness in unknown Once rolebindings become stale, they can be deleted using the API POST /aaa/role-bindings?action=delete_stale_bindings", 
      "enum": [
        "TRUE", 
        "FALSE", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Stale in vIDM", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "type": {
      "enum": [
        "remote_user", 
        "remote_group", 
        "local_user", 
        "principal_identity"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Type", 
      "type": "string"
    }
  }, 
  "title": "User/Group's role binding", 
  "type": "object"
}

RoleBindingListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "RoleBindingListResult", 
  "module_id": "AAA", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "RoleBinding
      }, 
      "required": true, 
      "title": "List results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

RoleBindingRequestParameters (type) 

{
  "description": "Pagination and Filtering parameters to get only a subset of users/groups.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "RoleBindingRequestParameters", 
  "module_id": "AAA", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "name": {
      "required": false, 
      "title": "User/Group name", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "type": {
      "enum": [
        "remote_user", 
        "remote_group", 
        "local_user", 
        "principal_identity"
      ], 
      "required": false, 
      "title": "Type", 
      "type": "string"
    }
  }, 
  "title": "Parameters to filter list of role bindings.", 
  "type": "object"
}

RoleListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "RoleListResult", 
  "module_id": "AAA", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Role
      }, 
      "required": true, 
      "title": "List results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

RoleWithFeatures (type) 

{
  "id": "RoleWithFeatures", 
  "module_id": "AAA", 
  "properties": {
    "features": {
      "items": {
        "$ref": "FeaturePermission
      }, 
      "required": true, 
      "title": "Features", 
      "type": "array"
    }, 
    "role": {
      "readonly": true, 
      "required": true, 
      "title": "Role name", 
      "type": "string"
    }
  }, 
  "title": "Role", 
  "type": "object"
}

RouteAdvertisementRule (type) 

{
  "additionalProperties": false, 
  "id": "RouteAdvertisementRule", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "action": {
      "default": "PERMIT", 
      "description": "Action to advertise filtered routes to the connected Tier0 gateway. PERMIT: Enables the advertisment DENY: Disables the advertisement", 
      "enum": [
        "PERMIT", 
        "DENY"
      ], 
      "required": true, 
      "title": "Action to advertise routes", 
      "type": "string"
    }, 
    "name": {
      "description": "Display name should be unique.", 
      "required": true, 
      "title": "Display name for rule", 
      "type": "string"
    }, 
    "prefix_operator": {
      "default": "GE", 
      "description": "Prefix operator to filter subnets. GE prefix operator filters all the routes with prefix length greater than or equal to the subnets configured. EQ prefix operator filter all the routes with prefix length equal to the subnets configured.", 
      "enum": [
        "GE", 
        "EQ"
      ], 
      "required": false, 
      "title": "Prefix operator to match subnets", 
      "type": "string"
    }, 
    "route_advertisement_types": {
      "description": "Enable different types of route advertisements. When not specified, routes to IPSec VPN local-endpoint subnets (TIER1_IPSEC_LOCAL_ENDPOINT) are automatically advertised.", 
      "items": {
        "$ref": "Tier1RouteAdvertisentTypes
      }, 
      "required": false, 
      "title": "Enable different types of route advertisements", 
      "type": "array"
    }, 
    "subnets": {
      "description": "Network CIDRs to be routed.", 
      "items": {
        "format": "ip-cidr-block", 
        "type": "string"
      }, 
      "required": false, 
      "title": "Network CIDRs", 
      "type": "array"
    }
  }, 
  "title": "Route advertisement rules and filtering", 
  "type": "object"
}

RouteAggregationEntry (type) 

{
  "additionalProperties": false, 
  "id": "RouteAggregationEntry", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "prefix": {
      "description": "CIDR of aggregate address", 
      "format": "ip-cidr-block", 
      "required": true, 
      "title": "CIDR of aggregate address", 
      "type": "string"
    }, 
    "summary_only": {
      "default": true, 
      "description": "Send only summarized route. Summarization reduces number of routes advertised by representing multiple related routes with prefix property.", 
      "required": false, 
      "title": "Send only summarized route", 
      "type": "boolean"
    }
  }, 
  "title": "List of routes to be aggregated", 
  "type": "object"
}

RouteBasedIPSecVPNSession (type) 

{
  "additionalProperties": false, 
  "description": "A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.", 
  "extends": {
    "$ref": "IPSecVPNSession
  }, 
  "id": "RouteBasedIPSecVPNSession", 
  "module_id": "IPSecVPN", 
  "polymorphic-type-descriptor": {
    "type-identifier": "RouteBasedIPSecVPNSession"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Enable/Disable IPSec VPN session.", 
      "title": "Enable/Disable IPSec VPN session", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipsec_vpn_service_id": {
      "description": "Identifier of VPN Service linked with local endpoint.", 
      "readonly": true, 
      "title": "IPSec VPN service identifier", 
      "type": "string"
    }, 
    "local_endpoint_id": {
      "description": "Local endpoint identifier.", 
      "required": true, 
      "title": "Local endpoint identifier", 
      "type": "string"
    }, 
    "peer_endpoint_id": {
      "description": "Peer endpoint identifier.", 
      "required": true, 
      "title": "Peer endpoint identifier", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "IPSecVPNSessionResourceType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_mss_clamping": {
      "$ref": "TcpMssClamping, 
      "required": false
    }, 
    "tunnel_ports": {
      "description": "IP Tunnel ports.", 
      "items": {
        "$ref": "TunnelPortConfig
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "IP Tunnel ports", 
      "type": "array"
    }
  }, 
  "title": "Route based VPN session", 
  "type": "object"
}

RouteBasedIPSecVpnSession (type) 

{
  "additionalProperties": false, 
  "description": "A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.", 
  "extends": {
    "$ref": "IPSecVpnSession
  }, 
  "id": "RouteBasedIPSecVpnSession", 
  "module_id": "PolicyIPSecVpn", 
  "polymorphic-type-descriptor": {
    "type-identifier": "RouteBasedIPSecVpnSession"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "authentication_mode": {
      "default": "PSK", 
      "description": "Peer authentication mode. PSK - In this mode a secret key shared between local and peer sites is to be used for authentication. The secret key can be a string with a maximum length of 128 characters. CERTIFICATE - In this mode a certificate defined at the global level is to be used for authentication.", 
      "enum": [
        "PSK", 
        "CERTIFICATE"
      ], 
      "title": "Authentication Mode", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "compliance_suite": {
      "description": "Compliance suite.", 
      "enum": [
        "CNSA", 
        "SUITE_B_GCM_128", 
        "SUITE_B_GCM_256", 
        "PRIME", 
        "FOUNDATION", 
        "FIPS", 
        "NONE"
      ], 
      "title": "Compliance suite", 
      "type": "string"
    }, 
    "connection_initiation_mode": {
      "default": "INITIATOR", 
      "description": "Connection initiation mode used by local endpoint to establish ike connection with peer site. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.", 
      "enum": [
        "INITIATOR", 
        "RESPOND_ONLY", 
        "ON_DEMAND"
      ], 
      "title": "Connection initiation mode", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "dpd_profile_path": {
      "description": "Policy path referencing Dead Peer Detection (DPD) profile. Default is set to system default profile.", 
      "title": "Dead peer detection (DPD) profile path", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Enable/Disable IPSec VPN session.", 
      "title": "Enable/Disable IPSec VPN session", 
      "type": "boolean"
    }, 
    "force_whitelisting": {
      "default": false, 
      "deprecated": true, 
      "description": "If true the default firewall rule Action is set to DROP, otherwise set to ALLOW. This filed is deprecated and recommended to change Rule action filed. Note that this filed is not synchornied with default rule field.", 
      "required": false, 
      "title": "Flag to add default whitelisting Gateway Policy rule for the VTI interface.", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ike_profile_path": {
      "description": "Policy path referencing IKE profile to be used. Default is set according to system default profile.", 
      "title": "Internet key exchange (IKE) profile path", 
      "type": "string"
    }, 
    "local_endpoint_path": {
      "description": "Policy path referencing Local endpoint.", 
      "required": true, 
      "title": "Local endpoint path", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "peer_address": {
      "description": "Public IPV4 address of the remote device terminating the VPN connection.", 
      "required": true, 
      "title": "IPV4 address of peer endpoint on remote site", 
      "type": "string"
    }, 
    "peer_id": {
      "description": "Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer.", 
      "required": true, 
      "title": "Peer id", 
      "type": "string"
    }, 
    "psk": {
      "description": "IPSec Pre-shared key. Maximum length of this field is 128 characters.", 
      "sensitive": true, 
      "title": "Pre-shared key", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "IPSecVpnSessionResourceType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_mss_clamping": {
      "$ref": "TcpMaximumSegmentSizeClamping, 
      "description": "TCP Maximum Segment Size Clamping Direction and Value.", 
      "title": "TCP MSS Clamping"
    }, 
    "tunnel_interfaces": {
      "description": "IP Tunnel interfaces.", 
      "items": {
        "$ref": "IPSecVpnTunnelInterface
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "IP Tunnel interfaces", 
      "type": "array"
    }, 
    "tunnel_profile_path": {
      "description": "Policy path referencing Tunnel profile to be used. Default is set to system default profile.", 
      "title": "IPSec tunnel profile path", 
      "type": "string"
    }
  }, 
  "title": "Route based VPN session", 
  "type": "object"
}

RouteBasedL3VpnSession (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "A Route Based L3Vpn is more flexible, more powerful and recommended over policy based. IP Tunnel subnet is created and all traffic routed through tunnel subnet is sent over tunnel. Routes can be learned through BGP. A route based L3Vpn is required when using redundant L3Vpn.", 
  "extends": {
    "$ref": "L3VpnSession
  }, 
  "id": "RouteBasedL3VpnSession", 
  "module_id": "PolicyL3Vpn", 
  "polymorphic-type-descriptor": {
    "type-identifier": "RouteBasedL3VpnSession"
  }, 
  "properties": {
    "default_rule_logging": {
      "default": false, 
      "description": "Indicates if logging should be enabled for the default whitelisting rule for the VTI interface.", 
      "required": false, 
      "title": "Enable logging for whitelisted rule for the VTI interface", 
      "type": "boolean"
    }, 
    "force_whitelisting": {
      "default": false, 
      "description": "The default firewall rule Action is set to DROP if true otherwise set to ALLOW.", 
      "required": false, 
      "title": "Flag to add default whitelisting FW rule for the VTI interface.", 
      "type": "boolean"
    }, 
    "resource_type": {
      "$ref": "L3VpnSessionResourceType, 
      "required": true
    }, 
    "routing_config_path": {
      "deprecated": true, 
      "description": "This is a deprecated field. Any specified value is not saved and will be ignored.", 
      "title": "Routing configuration policy path", 
      "type": "string"
    }, 
    "tunnel_subnets": {
      "description": "Virtual tunnel interface (VTI) port IP subnets to be used to configure route-based L3Vpn session. A max of one tunnel subnet is allowed.", 
      "items": {
        "$ref": "TunnelSubnet
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "Virtual Tunnel Interface (VTI) IP subnets", 
      "type": "array", 
      "uniqueItems": true
    }
  }, 
  "title": "Route based L3Vpn Session", 
  "type": "object"
}

RouteDetails (type) 

{
  "additionalProperties": false, 
  "description": "BGP route details.", 
  "id": "RouteDetails", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "as_path": {
      "description": "BGP AS path attribute.", 
      "readonly": true, 
      "required": false, 
      "title": "AS path", 
      "type": "string"
    }, 
    "local_pref": {
      "description": "BGP Local Preference attribute.", 
      "readonly": true, 
      "required": false, 
      "title": "Local preference", 
      "type": "integer"
    }, 
    "med": {
      "description": "BGP Multi Exit Discriminator attribute.", 
      "readonly": true, 
      "required": false, 
      "title": "Multi Exit Discriminator", 
      "type": "integer"
    }, 
    "network": {
      "$ref": "IPCIDRBlock, 
      "description": "CIDR network address.", 
      "readonly": true, 
      "required": true, 
      "title": "CIDR network address"
    }, 
    "next_hop": {
      "$ref": "IPAddress, 
      "description": "Next hop IP address.", 
      "readonly": true, 
      "required": false, 
      "title": "Next hop IP address"
    }, 
    "weight": {
      "description": "BGP Weight attribute.", 
      "readonly": true, 
      "required": false, 
      "title": "Weight", 
      "type": "integer"
    }
  }, 
  "title": "BGP route details", 
  "type": "object"
}

RouteMap (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "RouteMap", 
  "module_id": "Routing", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logical_router_id": {
      "readonly": true, 
      "required": false, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sequences": {
      "items": {
        "$ref": "RouteMapSequence
      }, 
      "maxItems": 1000, 
      "minItems": 1, 
      "required": true, 
      "title": "Ordered list of routeMap sequences", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

RouteMapEntry (type) 

{
  "additionalProperties": false, 
  "id": "RouteMapEntry", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "action": {
      "description": "Action for the route map entry", 
      "enum": [
        "PERMIT", 
        "DENY"
      ], 
      "required": true, 
      "title": "Action for the route map entry", 
      "type": "string"
    }, 
    "community_list_matches": {
      "description": "Community list match criteria for route map. Properties community_list_matches and prefix_list_matches are mutually exclusive and cannot be used in the same route map entry.", 
      "items": {
        "$ref": "CommunityMatchCriteria
      }, 
      "required": false, 
      "title": "Community list match criteria", 
      "type": "array"
    }, 
    "prefix_list_matches": {
      "description": "Prefix list match criteria for route map. Properties community_list_matches and prefix_list_matches are mutually exclusive and cannot be used in the same route map entry.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 500, 
      "required": false, 
      "title": "Prefix list match criteria", 
      "type": "array"
    }, 
    "set": {
      "$ref": "RouteMapEntrySet, 
      "description": "Set criteria for route map entry", 
      "required": false, 
      "title": "Set criteria for route map entry"
    }
  }, 
  "title": "Route map entry", 
  "type": "object"
}

RouteMapEntrySet (type) 

{
  "additionalProperties": false, 
  "id": "RouteMapEntrySet", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "as_path_prepend": {
      "description": "AS path prepend to influence route selection.", 
      "required": false, 
      "title": "AS path prepend to influence route selection", 
      "type": "string"
    }, 
    "community": {
      "description": "Set BGP regular or large community for matching routes. A maximum of one value for each community type separated by space. Well-known community name, community value in aa:nn (2byte:2byte) format for regular community and community value in aa:bb:nn (4byte:4byte:4byte) format for large community are supported.", 
      "required": false, 
      "title": "Set BGP community", 
      "type": "string"
    }, 
    "local_preference": {
      "default": 100, 
      "description": "Local preference indicates the degree of preference for one BGP route over other BGP routes. The path with highest local preference is preferred.", 
      "maximum": 4294967295, 
      "title": "Local preference to set for matching BGP routes", 
      "type": "integer"
    }, 
    "med": {
      "description": "Multi exit descriminator (MED) is a hint to BGP neighbors about the preferred path into an autonomous system (AS) that has multiple entry points. A lower MED value is preferred over a higher value.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Multi exit descriminator", 
      "type": "int"
    }, 
    "weight": {
      "description": "Weight is used to select a route when multiple routes are available to the same network. Route with the highest weight is preferred.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Weight used to select certain path", 
      "type": "int"
    }
  }, 
  "title": "Set criteria for route map entry", 
  "type": "object"
}

RouteMapListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "RouteMapListResult", 
  "module_id": "Routing", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "RouteMap
      }, 
      "required": true, 
      "title": "Paginated list of RouteMaps", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

RouteMapSequence (type) 

{
  "additionalProperties": false, 
  "id": "RouteMapSequence", 
  "module_id": "Routing", 
  "properties": {
    "action": {
      "$ref": "RoutingFilterAction, 
      "required": true, 
      "title": "Action for the Sequence"
    }, 
    "match_criteria": {
      "$ref": "RouteMapSequenceMatch, 
      "required": true, 
      "title": "Match Criteria for the RouteMap Sequence"
    }, 
    "set_criteria": {
      "$ref": "RouteMapSequenceSet, 
      "required": false, 
      "title": "Set Criteria for the RouteMap Sequence"
    }
  }, 
  "type": "object"
}

RouteMapSequenceMatch (type) 

{
  "additionalProperties": false, 
  "description": "Match sequence in route map which is used for matching routes. IP prefix lists and match community expression are mutually exclusive fields, one of them must be provided.", 
  "id": "RouteMapSequenceMatch", 
  "module_id": "Routing", 
  "properties": {
    "ip_prefix_lists": {
      "items": {
        "type": "string"
      }, 
      "maxItems": 500, 
      "minItems": 1, 
      "title": "IPPrefixList Identifiers for RouteMap Sequence Match Criteria", 
      "type": "array"
    }, 
    "match_community_expression": {
      "$ref": "CommunityMatchExpression, 
      "description": "It supports conjunction operator (AND) and five operators within singular community match expression (MATCH_ANY, MATCH_ALL, MATCH_EXACT, MATCH_NONE, MATCH_REGEX).", 
      "title": "Expression to match BGP communities"
    }
  }, 
  "type": "object"
}

RouteMapSequenceSet (type) 

{
  "additionalProperties": false, 
  "id": "RouteMapSequenceSet", 
  "module_id": "Routing", 
  "properties": {
    "as_path_prepend": {
      "required": false, 
      "title": "As Path Prepending to influence path selection", 
      "type": "string"
    }, 
    "community": {
      "description": "Set normal BGP community either well-known community name or community value in aa:nn(2byte:2byte) format.", 
      "required": false, 
      "title": "Set normal BGP community", 
      "type": "string"
    }, 
    "large_community": {
      "description": "Set large BGP community, community value shoud be in aa:bb:nn format where aa, bb, nn are unsigned integers with range [1-4294967295].", 
      "required": false, 
      "title": "Set large BGP community", 
      "type": "string"
    }, 
    "local_preference": {
      "description": "Local preference indicates the degree of preference for one BGP route over other BGP routes. The path/route with highest local preference value is preferred/selected. If local preference value is not specified then it will be considered as 100 by default.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Local preference number", 
      "type": "integer"
    }, 
    "multi_exit_discriminator": {
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "Multi Exit Discriminator (MED)", 
      "type": "integer"
    }, 
    "weight": {
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Weight used to select certain path", 
      "type": "int"
    }
  }, 
  "type": "object"
}

RouterNexthop (type) 

{
  "additionalProperties": false, 
  "id": "RouterNexthop", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "admin_distance": {
      "default": 1, 
      "description": "Cost associated with next hop route", 
      "maximum": 255, 
      "minimum": 1, 
      "required": false, 
      "title": "Cost associated with next hop route", 
      "type": "int"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "description": "Next hop gateway IP address", 
      "required": false, 
      "title": "Next hop gateway IP address"
    }, 
    "scope": {
      "description": "Interface path associated with current route. For example: specify a policy path referencing the IPSec VPN Session.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": false, 
      "title": "Interface path associated with current route", 
      "type": "array"
    }
  }, 
  "title": "Next hop configuration for network", 
  "type": "object"
}

RoutesPerTransportNode (type) 

{
  "additionalProperties": false, 
  "description": "BGP routes per transport node.", 
  "id": "RoutesPerTransportNode", 
  "module_id": "AggSvcLogicalRouter", 
  "properties": {
    "routes": {
      "description": "Array of BGP neighbor route details for this transport node.", 
      "items": {
        "$ref": "RouteDetails
      }, 
      "readonly": true, 
      "required": false, 
      "title": "BGP neighbor route details", 
      "type": "array"
    }, 
    "source_address": {
      "$ref": "IPAddress, 
      "description": "BGP neighbor source address.", 
      "readonly": true, 
      "required": false, 
      "title": "BGP neighbor source address"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": true, 
      "title": "Transport node id", 
      "type": "string"
    }
  }, 
  "title": "Routes per transport node", 
  "type": "object"
}

RoutesRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "RoutesRequestParameters", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "edge_id": {
      "description": "UUID of edge node. Edge should be member of enforcement point.", 
      "title": "UUID of edge node", 
      "type": "string"
    }, 
    "enforcement_point_path": {
      "description": "Enforcement point path.", 
      "title": "String Path of the enforcement point", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "route_source": {
      "description": "Filter routes based on the source from which route is learned.", 
      "enum": [
        "BGP", 
        "STATIC", 
        "CONNECTED"
      ], 
      "title": "Filter routes based on the source from which route is learned", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Routes request parameters", 
  "type": "object"
}

RoutingConfig (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "RoutingConfig", 
  "module_id": "Routing", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "forwarding_up_timer": {
      "default": 0, 
      "description": "Defines the extra time the router must wait before sending the UP notification after the first BGP session is established. Default means forward immediately.", 
      "required": false, 
      "title": "Forwarding up timer", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logical_router_id": {
      "readonly": true, 
      "required": false, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

RoutingEntry (type) 

{
  "additionalProperties": false, 
  "description": "Routing table entry.", 
  "id": "RoutingEntry", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "admin_distance": {
      "description": "Admin distance.", 
      "readonly": true, 
      "title": "Admin distance", 
      "type": "int"
    }, 
    "network": {
      "description": "Network CIDR.", 
      "readonly": true, 
      "title": "Network CIDR", 
      "type": "string"
    }, 
    "next_hop": {
      "$ref": "IPAddress, 
      "description": "Next hop address.", 
      "readonly": true, 
      "title": "Next hop address"
    }, 
    "route_type": {
      "description": "Network address CIDR.", 
      "readonly": true, 
      "title": "Route type", 
      "type": "string"
    }
  }, 
  "title": "Routing table entry", 
  "type": "object"
}

RoutingFilterAction (type) 

{
  "additionalProperties": false, 
  "enum": [
    "PERMIT", 
    "DENY"
  ], 
  "id": "RoutingFilterAction", 
  "module_id": "Routing", 
  "title": "Action for Filters in Routing", 
  "type": "string"
}

RoutingGlobalConfig (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "GlobalConfigs
  }, 
  "id": "RoutingGlobalConfig", 
  "module_id": "GlobalConfigs", 
  "polymorphic-type-descriptor": {
    "type-identifier": "RoutingGlobalConfig"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "l3_forwarding_mode": {
      "default": "IPV4_ONLY", 
      "description": "This setting does not restrict configuration as per other modes. But the forwarding will only work as per the mode set here.", 
      "enum": [
        "IPV4_ONLY", 
        "IPV4_AND_IPV6"
      ], 
      "required": true, 
      "title": "L3 forwarding mode", 
      "type": "string"
    }, 
    "logical_uplink_mtu": {
      "default": 1500, 
      "description": "This is the global default MTU for all the logical uplinks in a NSX domain. Currently logical uplink MTU can only be set globally and applies to the entire NSX domain. There is no option to override this value at transport zone level or transport node level. If this value is not set, the default value of 1500 will be used.", 
      "readonly": false, 
      "title": "MTU for the logical uplinks", 
      "type": "int"
    }, 
    "resource_type": {
      "$ref": "GlobalConfigType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "NSX global configs for Routing", 
  "type": "object"
}

RoutingTable (type) 

{
  "additionalProperties": false, 
  "description": "Routing table.", 
  "id": "RoutingTable", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "count": {
      "description": "Entry count.", 
      "readonly": true, 
      "title": "Entry count", 
      "type": "int"
    }, 
    "edge_node": {
      "description": "Transport node ID.", 
      "readonly": true, 
      "title": "Transport node ID", 
      "type": "string"
    }, 
    "route_entries": {
      "description": "Route entries.", 
      "items": {
        "$ref": "RoutingEntry
      }, 
      "required": true, 
      "title": "Route entries", 
      "type": "array"
    }
  }, 
  "title": "Routing table", 
  "type": "object"
}

RoutingTableListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "RoutingTableListResult", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Paged Collection of Routes per transport node ID.", 
      "items": {
        "$ref": "RoutingTable, 
        "title": "Routing table"
      }, 
      "required": false, 
      "title": "Paged Collection of Routes per transport node ID", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

RowListField (type) 

{
  "additionalProperties": false, 
  "description": "Root of the api result set for forming rows.", 
  "id": "RowListField", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "alias": {
      "description": "Short name or alias of row list field, if any. If unspecified, the row list field can be referenced by its index in the array of row list fields as $<index> (for example, $0).", 
      "maxLength": 255, 
      "title": "Alias Name", 
      "type": "string"
    }, 
    "path": {
      "description": "JSON path to the root of the api result set for forming rows.", 
      "maxLength": 1024, 
      "required": true, 
      "title": "JSON path", 
      "type": "string"
    }
  }, 
  "title": "List of fields from which rows are formed", 
  "type": "object"
}

Rule (type) 

{
  "additionalProperties": false, 
  "description": "A rule indicates the action to be performed for various types of traffic flowing between workload groups.", 
  "extends": {
    "$ref": "BaseRule
  }, 
  "id": "Rule", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "action": {
      "description": "The action to be applied to all the services", 
      "enum": [
        "ALLOW", 
        "DROP", 
        "REJECT"
      ], 
      "required": false, 
      "title": "Action", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destination_groups": {
      "description": "We need paths as duplicate names may exist for groups under different domains.In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Destination group paths", 
      "type": "array"
    }, 
    "destinations_excluded": {
      "default": false, 
      "description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups", 
      "readonly": false, 
      "required": false, 
      "title": "Negation of destination groups", 
      "type": "boolean"
    }, 
    "direction": {
      "default": "IN_OUT", 
      "description": "Define direction of traffic.", 
      "enum": [
        "IN", 
        "OUT", 
        "IN_OUT"
      ], 
      "required": false, 
      "title": "Direction", 
      "type": "string"
    }, 
    "disabled": {
      "default": false, 
      "description": "Flag to disable the rule. Default is enabled.", 
      "readonly": false, 
      "required": false, 
      "title": "Flag to disable the rule", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_protocol": {
      "description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.", 
      "enum": [
        "IPV4", 
        "IPV6", 
        "IPV4_IPV6"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "IPv4 vs IPv6 packet type", 
      "type": "string"
    }, 
    "logged": {
      "default": false, 
      "description": "Flag to enable packet logging. Default is disabled.", 
      "readonly": false, 
      "required": false, 
      "title": "Enable logging flag", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "notes": {
      "description": "Text for additional notes on changes.", 
      "maxLength": 2048, 
      "readonly": false, 
      "required": false, 
      "title": "Text for additional notes on changes", 
      "type": "string"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "profiles": {
      "description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Layer 7 service profiles", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "scope": {
      "description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "type": "array"
    }, 
    "sequence_number": {
      "description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain", 
      "minimum": 0, 
      "required": false, 
      "title": "Sequence number of the this Rule", 
      "type": "int"
    }, 
    "services": {
      "description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Names of services", 
      "type": "array"
    }, 
    "source_groups": {
      "description": "We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Source group paths", 
      "type": "array"
    }, 
    "sources_excluded": {
      "default": false, 
      "description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups", 
      "readonly": false, 
      "required": false, 
      "title": "Negation of source groups", 
      "type": "boolean"
    }, 
    "tag": {
      "description": "User level field which will be printed in CLI and packet logs.", 
      "required": false, 
      "title": "Tag applied on the rule", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "A rule specifies the security policy rule between the workload groups", 
  "type": "object"
}

RuleInsertParameters (type) 

{
  "description": "Parameters to let the admin specify a relative position of a rule w.r.t to another one in the same security policy. If the rule specified in the anchor_path belongs to another security policy an error will be thrown.", 
  "extends": {
    "$ref": "PolicyInsertParameters
  }, 
  "id": "RuleInsertParameters", 
  "module_id": "Policy", 
  "properties": {
    "anchor_path": {
      "required": false, 
      "title": "The security policy/rule path if operation is 'insert_after' or\n'insert_before'\n", 
      "type": "string"
    }, 
    "operation": {
      "default": "insert_top", 
      "enum": [
        "insert_top", 
        "insert_bottom", 
        "insert_after", 
        "insert_before"
      ], 
      "required": false, 
      "title": "Operation", 
      "type": "string"
    }
  }, 
  "title": "Parameters to tell where rule needs to be placed", 
  "type": "object"
}

RuleListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "RuleListRequestParameters", 
  "module_id": "Policy", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Rule list request parameters", 
  "type": "object"
}

RuleListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "BaseRuleListResult
  }, 
  "id": "RuleListResult", 
  "module_id": "Policy", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Rule
      }, 
      "required": true, 
      "title": "Rule list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Rules", 
  "type": "object"
}

RuleState (type) 

{
  "extends": {
    "$ref": "DSRuleState
  }, 
  "id": "RuleState", 
  "module_id": "Firewall", 
  "properties": {
    "details": {
      "items": {
        "$ref": "ConfigurationStateElement
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Array of configuration state of various sub systems", 
      "type": "array"
    }, 
    "failure_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code", 
      "type": "integer"
    }, 
    "failure_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message in case of failure", 
      "type": "string"
    }, 
    "pending_change_list": {
      "description": "Pending changes to be realized.", 
      "items": {
        "$ref": "PendingChange
      }, 
      "maxItems": 100, 
      "title": "List of pending changes", 
      "type": "array"
    }, 
    "revision_desired": {
      "description": "This attribute represents revision number of rule's desired state.", 
      "readonly": true, 
      "required": false, 
      "title": "Desired state revision number", 
      "type": "integer"
    }, 
    "state": {
      "description": "Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.", 
      "enum": [
        "pending", 
        "in_progress", 
        "success", 
        "failed", 
        "partial_success", 
        "orphaned", 
        "unknown", 
        "error", 
        "NOT_AVAILABLE", 
        "VM_DEPLOYMENT_QUEUED", 
        "VM_DEPLOYMENT_IN_PROGRESS", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_IN_PROGRESS", 
        "VM_POWER_ON_FAILED", 
        "REGISTRATION_PENDING", 
        "NODE_NOT_READY", 
        "NODE_READY", 
        "VM_POWER_OFF_IN_PROGRESS", 
        "VM_POWER_OFF_FAILED", 
        "VM_UNDEPLOY_IN_PROGRESS", 
        "VM_UNDEPLOY_FAILED", 
        "VM_UNDEPLOY_SUCCESSFUL", 
        "EDGE_CONFIG_ERROR", 
        "VM_DEPLOYMENT_RESTARTED", 
        "REGISTRATION_FAILED", 
        "TRANSPORT_NODE_SYNC_PENDING", 
        "TRANSPORT_NODE_CONFIGURATION_MISSING", 
        "EDGE_HARDWARE_NOT_SUPPORTED", 
        "MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED", 
        "TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER", 
        "TZ_ENDPOINTS_NOT_SPECIFIED", 
        "NO_PNIC_PREPARED_IN_EDGE", 
        "APPLIANCE_INTERNAL_ERROR", 
        "VTEP_DHCP_NOT_SUPPORTED", 
        "UNSUPPORTED_HOST_SWITCH_PROFILE", 
        "UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED", 
        "HOSTSWITCH_PROFILE_NOT_FOUND", 
        "LLDP_SEND_ENABLED_NOT_SUPPORTED", 
        "UNSUPPORTED_NAMED_TEAMING_POLICY", 
        "LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM", 
        "LACP_NOT_SUPPORTED_FOR_EDGE_VM", 
        "STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM", 
        "MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE", 
        "UNSUPPORTED_LACP_LB_ALGO_FOR_NODE", 
        "EDGE_NODE_VERSION_NOT_SUPPORTED", 
        "NO_PNIC_SPECIFIED_IN_TN", 
        "INVALID_PNIC_DEVICE_NAME", 
        "TRANSPORT_NODE_READY", 
        "VM_NETWORK_EDIT_PENDING", 
        "UNSUPPORTED_DEFAULT_TEAMING_POLICY", 
        "MPA_DISCONNECTED", 
        "VM_RENAME_PENDING", 
        "VM_CONFIG_EDIT_PENDING", 
        "VM_NETWORK_EDIT_FAILED", 
        "VM_RENAME_FAILED", 
        "VM_CONFIG_EDIT_FAILED", 
        "VM_CONFIG_DISCREPANCY", 
        "VM_NODE_REFRESH_FAILED", 
        "VM_PLACEMENT_REFRESH_FAILED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Overall state of desired configuration", 
      "type": "string"
    }
  }, 
  "type": "object"
}

RuleStatistics (type) 

{
  "extends": {
    "$ref": "Resource
  }, 
  "id": "RuleStatistics", 
  "module_id": "Policy", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "byte_count": {
      "description": "Aggregated number of bytes processed by the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Bytes count", 
      "type": "integer"
    }, 
    "hit_count": {
      "description": "Aggregated number of hits received by the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Hits count", 
      "type": "integer"
    }, 
    "internal_rule_id": {
      "description": "Realized id of the rule on NSX MP. Policy Manager can create more than one rule per policy rule, in which case this identifier helps to distinguish between the multple rules created.", 
      "readonly": true, 
      "required": false, 
      "title": "NSX internal rule id", 
      "type": "string"
    }, 
    "lr_path": {
      "description": "Path of the LR on which the section is applied in case of Edge FW.", 
      "readonly": true, 
      "required": false, 
      "title": "Logical Router (Tier-0/Tier1) path", 
      "type": "string"
    }, 
    "max_popularity_index": {
      "description": "Maximum value of popularity index of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.", 
      "readonly": true, 
      "required": false, 
      "title": "The maximum popularity index", 
      "type": "integer"
    }, 
    "max_session_count": {
      "description": "Maximum value of sessions count of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.", 
      "readonly": true, 
      "required": false, 
      "title": "Maximum Sessions count", 
      "type": "integer"
    }, 
    "packet_count": {
      "description": "Aggregated number of packets processed by the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Packets count", 
      "type": "integer"
    }, 
    "popularity_index": {
      "description": "This is calculated by sessions count divided by age of the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "The index of the popularity of rule", 
      "type": "integer"
    }, 
    "rule": {
      "description": "Path of the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Rule path", 
      "type": "string"
    }, 
    "session_count": {
      "description": "Aggregated number of sessions processed by the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "sessions count", 
      "type": "integer"
    }, 
    "total_session_count": {
      "description": "Aggregated number of sessions processed by all the rules This is aggregated statistic which are computed with lower frequency compared to individual generic rule  statistics. It may have a computation delay up to 15 minutes in response to this API.", 
      "readonly": true, 
      "required": false, 
      "title": "Total Sessions count", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

RuleStatisticsForEnforcementPoint (type) 

{
  "description": "Rule statistics for a specfic enforcement point.", 
  "id": "RuleStatisticsForEnforcementPoint", 
  "module_id": "Policy", 
  "properties": {
    "enforcement_point": {
      "description": "Rule statistics for a single enforcement point", 
      "readonly": true, 
      "required": false, 
      "title": "Enforcement point path", 
      "type": "string"
    }, 
    "statistics": {
      "$ref": "RuleStatistics, 
      "description": "Statistics for the specified enforcement point", 
      "readonly": true, 
      "required": false, 
      "title": "Rule Statistics"
    }
  }, 
  "title": "Rule statistics for an enforcement point", 
  "type": "object"
}

RuleStatisticsListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "RuleStatisticsListResult", 
  "module_id": "Policy", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "RuleStatisticsForEnforcementPoint
      }, 
      "required": true, 
      "title": "RuleStatistics list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of rule statistics", 
  "type": "object"
}

RuntimeInterfaceOperationalStatus (type) 

{
  "id": "RuntimeInterfaceOperationalStatus", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "interface_index": {
      "readonly": true, 
      "required": true, 
      "title": "Index of the interface", 
      "type": "integer"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "status": {
      "enum": [
        "UP", 
        "DOWN", 
        "UNKNOWN"
      ], 
      "required": true, 
      "title": "The Operational status of the interface", 
      "type": "string"
    }
  }, 
  "type": "object"
}

RuntimeInterfaceStatistics (type) 

{
  "extends": {
    "$ref": "SIAggregatedDataCounterEx
  }, 
  "id": "RuntimeInterfaceStatistics", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "dropped_by_security_packets": {
      "$ref": "SIPacketsDroppedBySecurity, 
      "readonly": true, 
      "required": false
    }, 
    "interface_index": {
      "readonly": true, 
      "required": true, 
      "title": "Index of the interface", 
      "type": "integer"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "mac_learning": {
      "$ref": "SIMacLearningCounters, 
      "readonly": true, 
      "required": false
    }, 
    "rx_bytes": {
      "$ref": "SIDataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "rx_packets": {
      "$ref": "SIDataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_bytes": {
      "$ref": "SIDataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_packets": {
      "$ref": "SIDataCounter, 
      "readonly": true, 
      "required": false
    }
  }, 
  "type": "object"
}

SIAggregatedDataCounter (type) 

{
  "id": "SIAggregatedDataCounter", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "rx_bytes": {
      "$ref": "SIDataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "rx_packets": {
      "$ref": "SIDataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_bytes": {
      "$ref": "SIDataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_packets": {
      "$ref": "SIDataCounter, 
      "readonly": true, 
      "required": false
    }
  }, 
  "type": "object"
}

SIAggregatedDataCounterEx (type) 

{
  "extends": {
    "$ref": "SIAggregatedDataCounter
  }, 
  "id": "SIAggregatedDataCounterEx", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "dropped_by_security_packets": {
      "$ref": "SIPacketsDroppedBySecurity, 
      "readonly": true, 
      "required": false
    }, 
    "mac_learning": {
      "$ref": "SIMacLearningCounters, 
      "readonly": true, 
      "required": false
    }, 
    "rx_bytes": {
      "$ref": "SIDataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "rx_packets": {
      "$ref": "SIDataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_bytes": {
      "$ref": "SIDataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_packets": {
      "$ref": "SIDataCounter, 
      "readonly": true, 
      "required": false
    }
  }, 
  "type": "object"
}

SIDataCounter (type) 

{
  "id": "SIDataCounter", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "dropped": {
      "required": false, 
      "title": "The dropped packets or bytes", 
      "type": "integer"
    }, 
    "multicast_broadcast": {
      "required": false, 
      "title": "The multicast and broadcast packets or bytes", 
      "type": "integer"
    }, 
    "total": {
      "required": true, 
      "title": "The total packets or bytes", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

SIErrorClass (type) 

{
  "id": "SIErrorClass", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "error_id": {
      "readonly": true, 
      "required": false, 
      "type": "integer"
    }, 
    "error_message": {
      "readonly": true, 
      "required": false, 
      "type": "string"
    }
  }, 
  "title": "Error class for all the Service Insertion related errors.", 
  "type": "object"
}

SIExcludeList (type) 

{
  "description": "List of entities where Service Insertion will not be enforced. Exclusion List can contain NSGroup(s) or LogicalPort(s) or LogicalSwitch(es).", 
  "extends": {
    "$ref": "DSExcludeList
  }, 
  "id": "SIExcludeList", 
  "module_id": "ServiceInsertionExcludeList", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "member_count": {
      "description": "Total number of members present in Exclude List.", 
      "readonly": true, 
      "required": false, 
      "title": "Total Member Count", 
      "type": "integer"
    }, 
    "members": {
      "description": "List of members in Exclusion List", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 1000, 
      "readonly": false, 
      "required": true, 
      "title": "Member list", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Exclusion List", 
  "type": "object"
}

SIExcludeListRequestParams (type) 

{
  "description": "Parameter used to remove member from Exclude List.", 
  "id": "SIExcludeListRequestParams", 
  "module_id": "ServiceInsertionExcludeList", 
  "properties": {
    "object_id": {
      "maxLength": 64, 
      "required": true, 
      "title": "Identifier of the object", 
      "type": "string"
    }
  }, 
  "title": "Parameter for the exclude list", 
  "type": "object"
}

SIMacLearningCounters (type) 

{
  "id": "SIMacLearningCounters", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "mac_not_learned_packets_allowed": {
      "description": "The number of packets with unknown source MAC address that are dispatched without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_ALLOW.", 
      "required": false, 
      "title": "Number of dispatched packets with unknown source MAC address.", 
      "type": "integer"
    }, 
    "mac_not_learned_packets_dropped": {
      "description": "The number of packets with unknown source MAC address that are dropped without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_DROP.", 
      "required": false, 
      "title": "Number of dropped packets with unknown source MAC address.", 
      "type": "integer"
    }, 
    "macs_learned": {
      "required": false, 
      "title": "Number of MACs learned", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

SIPacketTypeAndCounter (type) 

{
  "id": "SIPacketTypeAndCounter", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "counter": {
      "required": true, 
      "title": "The number of packets.", 
      "type": "integer"
    }, 
    "packet_type": {
      "required": true, 
      "title": "The type of the packets", 
      "type": "string"
    }
  }, 
  "type": "object"
}

SIPacketsDroppedBySecurity (type) 

{
  "id": "SIPacketsDroppedBySecurity", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "bpdu_filter_dropped": {
      "required": false, 
      "title": "The number of packets dropped by \"BPDU filter\".", 
      "type": "integer"
    }, 
    "dhcp_client_dropped_ipv4": {
      "required": false, 
      "title": "The number of IPv4 packets dropped by \"DHCP client block\".", 
      "type": "integer"
    }, 
    "dhcp_client_dropped_ipv6": {
      "required": false, 
      "title": "The number of IPv6 packets dropped by \"DHCP client block\".", 
      "type": "integer"
    }, 
    "dhcp_server_dropped_ipv4": {
      "required": false, 
      "title": "The number of IPv4 packets dropped by \"DHCP server block\".", 
      "type": "integer"
    }, 
    "dhcp_server_dropped_ipv6": {
      "required": false, 
      "title": "The number of IPv6 packets dropped by \"DHCP server block\".", 
      "type": "integer"
    }, 
    "spoof_guard_dropped": {
      "items": {
        "$ref": "SIPacketTypeAndCounter
      }, 
      "required": false, 
      "title": "The packets dropped by \"Spoof Guard\"; supported packet types are IPv4, IPv6, ARP, ND, non-IP.", 
      "type": "array"
    }
  }, 
  "type": "object"
}

SIServiceProfileListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SIServiceProfileListResult", 
  "module_id": "ServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of the Service-Insertion Services. The list has to be homogenous.", 
      "items": {
        "$ref": "BaseServiceProfile
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Service list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service Insertion Service Profile List", 
  "type": "object"
}

SVMConfigureIssue (type) 

{
  "description": "Type of issue and detailed description of the issues in case of post-VM  deployment configuration failure.", 
  "id": "SVMConfigureIssue", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "errors": {
      "description": "List of errors along with details like errorId and error messages.", 
      "items": {
        "$ref": "SIErrorClass
      }, 
      "required": false, 
      "title": "List of errors", 
      "type": "array"
    }, 
    "service_instance_id": {
      "description": "The ID of service instance which was deployed.", 
      "required": false, 
      "title": "Service Instance ID", 
      "type": "string"
    }
  }, 
  "title": "Service VM configuration issue", 
  "type": "object"
}

SVMDeploymentSpec (type) 

{
  "description": "Deployment Specs holds information required to deploy the Service-VMs.i.e. OVF url where the partner Service-VM OVF is hosted. The host type on which the OVF(Open Virtualization Format) can be deployed, Form factor to name a few.", 
  "id": "SVMDeploymentSpec", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "host_type": {
      "description": "Host Type on which the specified OVF can be deployed.", 
      "enum": [
        "ESXI", 
        "RHELKVM", 
        "UBUNTUKVM"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "HostType", 
      "type": "string"
    }, 
    "min_host_version": {
      "default": "6.5", 
      "description": "Minimum host version supported by this ovf. If a host in the deployment cluster is having version less than this, then service deployment will not happen on that host.", 
      "readonly": false, 
      "required": false, 
      "title": "Minimum Host Version", 
      "type": "string"
    }, 
    "name": {
      "description": "Deployment Spec name for ease of use, since multiple DeploymentSpec can be specified.", 
      "readonly": false, 
      "required": false, 
      "title": "name", 
      "type": "string"
    }, 
    "ovf_url": {
      "description": "Location of the partner VM OVF to be deployed.", 
      "readonly": false, 
      "required": true, 
      "title": "OVF url", 
      "type": "string"
    }, 
    "service_form_factor": {
      "default": "MEDIUM", 
      "description": "Supported ServiceInsertion Form Factor for the OVF deployment. The default FormFactor is Medium.", 
      "enum": [
        "SMALL", 
        "MEDIUM", 
        "LARGE"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Service Form Factor", 
      "type": "string"
    }
  }, 
  "title": "Service-VM Deployment Spec", 
  "type": "object"
}

ScpProtocol (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Protocol
  }, 
  "id": "ScpProtocol", 
  "polymorphic-type-descriptor": {
    "type-identifier": "scp"
  }, 
  "properties": {
    "authentication_scheme": {
      "$ref": "PasswordAuthenticationScheme, 
      "required": true, 
      "title": "Scheme to authenticate if required"
    }, 
    "name": {
      "enum": [
        "http", 
        "https", 
        "scp", 
        "sftp"
      ], 
      "required": true, 
      "title": "Protocol name", 
      "type": "string"
    }, 
    "ssh_fingerprint": {
      "required": true, 
      "title": "SSH fingerprint of server", 
      "type": "string"
    }
  }, 
  "type": "object"
}

SearchResponse (type) 

{
  "additionalProperties": false, 
  "description": "Search response", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SearchResponse", 
  "module_id": "Search", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Search results", 
      "items": {
        "type": "object"
      }, 
      "required": true, 
      "title": "Search results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "SearchResponse", 
  "type": "object"
}

SectionQueryParameters (type) 

{
  "extends": {
    "$ref": "DSSectionQueryParameters
  }, 
  "id": "SectionQueryParameters", 
  "module_id": "Firewall", 
  "properties": {
    "cascade": {
      "default": false, 
      "required": false, 
      "title": "Flag to cascade delete of this object to all it's child objects.", 
      "type": "boolean"
    }
  }, 
  "title": "Section query parameters", 
  "type": "object"
}

SecurityCertificate (type) 

{
  "additionalProperties": false, 
  "id": "SecurityCertificate", 
  "properties": {
    "pem_encoded": {
      "description": "The certificate must include the enclosing \"-----BEGIN CERTIFICATE-----\" and \"-----END CERTIFICATE-----\"", 
      "display": {
        "order": 1
      }, 
      "minLength": 52, 
      "readonly": false, 
      "required": true, 
      "title": "PEM encoded X.509 certificate", 
      "type": "string"
    }, 
    "ssh_public_key": {
      "display": {
        "order": 4
      }, 
      "readonly": true, 
      "type": "string"
    }, 
    "text": {
      "display": {
        "order": 5
      }, 
      "minLength": 52, 
      "readonly": true, 
      "title": "X.509 certificate in text form", 
      "type": "string"
    }, 
    "valid_from": {
      "display": {
        "order": 2
      }, 
      "readonly": true, 
      "title": "The time when the certificate starts being valid", 
      "type": "string"
    }, 
    "valid_to": {
      "display": {
        "order": 3
      }, 
      "readonly": true, 
      "title": "The time when the certificate stops being valid", 
      "type": "string"
    }
  }, 
  "type": "object"
}

SecurityGlobalConfig (type) 

{
  "extends": {
    "$ref": "GlobalConfigs
  }, 
  "id": "SecurityGlobalConfig", 
  "module_id": "GlobalConfigs", 
  "polymorphic-type-descriptor": {
    "type-identifier": "SecurityGlobalConfig"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "ca_signed_only": {
      "default": false, 
      "description": "When this flag is set to true (for NDcPP compliance) only ca-signed certificates will be allowed to be applied as server certificates.", 
      "title": "A flag to indicate whether the server certs are only allowed to be ca-signed.", 
      "type": "boolean"
    }, 
    "crl_checking_enabled": {
      "default": true, 
      "description": "When this flag is set to true, during certificate checking the CRL is fetched and checked whether the certificate is revoked or not.", 
      "title": "A flag to indicate whether the Java trust-managers check certificate revocation", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "GlobalConfigType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "NSX global configs for security purposes, like trust store and trust manager.", 
  "type": "object"
}

SecurityGroup (type) 

{
  "additionalProperties": false, 
  "description": "Stores information about a security group.", 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "SecurityGroup", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "security_group_id": {
      "description": "ID of the security group.", 
      "readonly": true, 
      "required": false, 
      "title": "Security Group ID", 
      "type": "string"
    }, 
    "security_group_name": {
      "description": "Name of the security group.", 
      "readonly": true, 
      "required": false, 
      "title": "Security Group Name", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Security Group", 
  "type": "object"
}

SecurityGroupDetails (type) 

{
  "additionalProperties": false, 
  "description": "Stores details of cloud security group and corresponding NSX security group.", 
  "id": "SecurityGroupDetails", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "cloud_security_group": {
      "$ref": "SecurityGroup, 
      "description": "Stores information about a cloud native security group created by NSX. For AWS, this will correspond to cloud network security group information. For Azure, this will correspond to cloud application security group information.", 
      "readonly": true, 
      "required": false, 
      "title": "Cloud Security Group"
    }, 
    "nsx_security_group": {
      "$ref": "SecurityGroup, 
      "description": "Stores information about a NSX security group corresponding to the cloud security group.", 
      "readonly": true, 
      "required": false, 
      "title": "NSX Security Group"
    }
  }, 
  "title": "Security Group Details", 
  "type": "object"
}

SecurityGroupListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "These parameters will be used to filter the list of security groups. Multiple parameters can be given as input to 'AND' them.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "SecurityGroupListRequestParameters", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "is_managed_by_nsx": {
      "description": "Filter parameter to obtain security groups which are managed by NSX.", 
      "title": "Is Managed By NSX", 
      "type": "boolean"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

SecurityPolicy (type) 

{
  "description": "Ordered list of Rules. This object is created by default along with the Domain.", 
  "extends": {
    "$ref": "Policy
  }, 
  "id": "SecurityPolicy", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "category": {
      "description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.", 
      "required": false, 
      "title": "A way to classify a security policy, if needed.", 
      "type": "string"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "comments": {
      "description": "Comments for security policy lock/unlock.", 
      "readonly": false, 
      "required": false, 
      "title": "SecurityPolicy lock/unlock comments", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "lock_modified_by": {
      "description": "ID of the user who last modified the lock for the secruity policy.", 
      "readonly": true, 
      "required": false, 
      "title": "User who locked the security policy", 
      "type": "string"
    }, 
    "lock_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "SecurityPolicy locked/unlocked time in epoch milliseconds.", 
      "readonly": true, 
      "required": false, 
      "title": "SecuirtyPolicy locked/unlocked time"
    }, 
    "locked": {
      "default": false, 
      "description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.", 
      "required": false, 
      "title": "Lock a security policy", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rules": {
      "items": {
        "$ref": "Rule
      }, 
      "required": false, 
      "title": "Rules that are a part of this SecurityPolicy", 
      "type": "array"
    }, 
    "scope": {
      "description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security policies.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 128, 
      "required": false, 
      "type": "array"
    }, 
    "sequence_number": {
      "description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy.", 
      "minimum": 0, 
      "title": "Sequence number to resolve conflicts across Domains", 
      "type": "int"
    }, 
    "stateful": {
      "description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.", 
      "readonly": false, 
      "required": false, 
      "title": "Stateful nature of the entries within this security policy.", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_strict": {
      "description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies.", 
      "readonly": false, 
      "required": false, 
      "title": "Enforce strict tcp handshake before allowing data packets", 
      "type": "boolean"
    }
  }, 
  "title": "Contains ordered list of Rules", 
  "type": "object"
}

SecurityPolicyInsertParameters (type) 

{
  "description": "Parameters to let the admin specify a relative position of a security policy w.r.t to another one.", 
  "extends": {
    "$ref": "PolicyInsertParameters
  }, 
  "id": "SecurityPolicyInsertParameters", 
  "module_id": "Policy", 
  "properties": {
    "anchor_path": {
      "required": false, 
      "title": "The security policy/rule path if operation is 'insert_after' or\n'insert_before'\n", 
      "type": "string"
    }, 
    "operation": {
      "default": "insert_top", 
      "enum": [
        "insert_top", 
        "insert_bottom", 
        "insert_after", 
        "insert_before"
      ], 
      "required": false, 
      "title": "Operation", 
      "type": "string"
    }
  }, 
  "title": "Parameters to tell where security policy needs to be placed", 
  "type": "object"
}

SecurityPolicyListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "SecurityPolicyListRequestParameters", 
  "module_id": "Policy", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "SecurityPolicy list request parameters", 
  "type": "object"
}

SecurityPolicyListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListResult
  }, 
  "id": "SecurityPolicyListResult", 
  "module_id": "Policy", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "SecurityPolicy
      }, 
      "required": true, 
      "title": "SecurityPolicy list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of security policies", 
  "type": "object"
}

SecurityPolicyStatistics (type) 

{
  "description": "Aggregate statistics of all the rules in a security policy.", 
  "id": "SecurityPolicyStatistics", 
  "module_id": "Policy", 
  "properties": {
    "internal_section_id": {
      "description": "Realized id of the section on NSX MP. Policy Manager can create more than one section per SecurityPolicy, in which case this identifier helps to distinguish between the multiple sections created.", 
      "readonly": true, 
      "required": false, 
      "title": "NSX internal section id", 
      "type": "string"
    }, 
    "lr_path": {
      "description": "Path of the LR on which the section is applied in case of Gateway Firewall.", 
      "readonly": true, 
      "required": false, 
      "title": "Logical Router (Tier-0/Tier1) path", 
      "type": "string"
    }, 
    "result_count": {
      "description": "Total count for rule statistics", 
      "readonly": true, 
      "required": true, 
      "title": "Rule stats count", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of rule statistics.", 
      "items": {
        "$ref": "RuleStatistics
      }, 
      "maxItems": 1000, 
      "readonly": true, 
      "required": false, 
      "title": "Statistics for all rules", 
      "type": "array"
    }
  }, 
  "title": "Security policy statistics", 
  "type": "object"
}

SecurityPolicyStatisticsForEnforcementPoint (type) 

{
  "description": "Aggregate statistics of all the rules in a security policy for a specific enforcement point.", 
  "id": "SecurityPolicyStatisticsForEnforcementPoint", 
  "module_id": "Policy", 
  "properties": {
    "enforcement_point": {
      "description": "Enforcement point to fetch the statistics from.", 
      "readonly": true, 
      "required": false, 
      "title": "Enforcement point path", 
      "type": "string"
    }, 
    "statistics": {
      "$ref": "SecurityPolicyStatistics, 
      "description": "Statistics for the specified enforcement point", 
      "readonly": true, 
      "required": false, 
      "title": "Security Policy Statistics"
    }
  }, 
  "title": "Security policy statistics for an enforcement point", 
  "type": "object"
}

SecurityPolicyStatisticsListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SecurityPolicyStatisticsListResult", 
  "module_id": "Policy", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "SecurityPolicyStatisticsForEnforcementPoint
      }, 
      "required": true, 
      "title": "Security Policy statistics list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Security Policy statistics", 
  "type": "object"
}

SecurityProfileBindingMap (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "SecurityProfileBindingMap", 
  "module_id": "PolicySecurityProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Base security profile binding map", 
  "type": "object"
}

Segment (type) 

{
  "additionalProperties": false, 
  "description": "Segment configuration to attach workloads.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Segment", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "advanced_config": {
      "$ref": "SegmentAdvancedConfig, 
      "description": "Advanced configuration for Segment.", 
      "required": false, 
      "title": "Advanced configuration for Segment"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "connectivity_path": {
      "description": "Policy path to the connecting Tier-0 or Tier-1. Valid only for segments created under Infra.", 
      "required": false, 
      "title": "Policy path to the connecting Tier-0 or Tier-1", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "domain_name": {
      "required": false, 
      "title": "DNS domain name", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "l2_extension": {
      "$ref": "L2Extension, 
      "required": false, 
      "title": "Configuration for extending Segment through L2 VPN"
    }, 
    "ls_id": {
      "deprecated": true, 
      "description": "This property is deprecated. The property will continue to work as expected for existing segments. The segments that are newly created with ls_id will be ignored. Sepcify pre-creted logical switch id for Segment.", 
      "required": false, 
      "title": "Pre-created logical switch id for Segment", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "overlay_id": {
      "description": "Used for overlay connectivity of segments. The overlay_id should be allocated from the pool as definied by enforcement-point. If not provided, it is auto-allocated from the default pool on the enforcement-point.", 
      "maximum": 2147483647, 
      "minimum": 0, 
      "required": false, 
      "title": "Overlay connectivity ID for this Segment", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "subnets": {
      "items": {
        "$ref": "SegmentSubnet
      }, 
      "required": false, 
      "title": "Subnet configuration. Max 1 subnet", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_zone_path": {
      "description": "Policy path to the transport zone. Supported for VLAN backed segments as well as Overlay Segments. This field is required for VLAN backed Segments. Auto assigned if only one transport zone exists in the enforcement point. Default transport zone is auto assigned for overlay segments if none specified.", 
      "required": false, 
      "title": "Policy path to the transport zone", 
      "type": "string"
    }, 
    "type": {
      "description": "Segment type based on configuration.", 
      "enum": [
        "ROUTED", 
        "EXTENDED", 
        "ROUTED_AND_EXTENDED", 
        "DISCONNECTED"
      ], 
      "readonly": true, 
      "title": "Segment type", 
      "type": "string"
    }, 
    "vlan_ids": {
      "description": "VLAN ids for a VLAN backed Segment. Can be a VLAN id or a range of VLAN ids specified with '-' in between.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "VLAN ids for VLAN backed Segment", 
      "type": "array"
    }
  }, 
  "title": "Segment configuration", 
  "type": "object"
}

SegmentAdvancedConfig (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ConnectivityAdvancedConfig
  }, 
  "id": "SegmentAdvancedConfig", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "address_pool_paths": {
      "description": "Policy path to IP address pools.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "required": false, 
      "title": "Policy path to IP address pools", 
      "type": "array"
    }, 
    "connectivity": {
      "default": "ON", 
      "description": "Connectivity configuration to manually connect (ON) or disconnect (OFF) a logical entity from network topology.", 
      "enum": [
        "ON", 
        "OFF"
      ], 
      "required": false, 
      "title": "Connectivity configuration", 
      "type": "string"
    }, 
    "hybrid": {
      "default": false, 
      "description": "When set to true, all the ports created on this segment will behave in a hybrid fashion. The hybrid port indicates to NSX that the VM intends to operate in underlay mode, but retains the ability to forward egress traffic to the NSX overlay network. This property is only applicable for segment created with transport zone type OVERLAY_STANDARD. This property cannot be modified after segment is created.", 
      "required": false, 
      "title": "Flag to identify a hybrid logical switch", 
      "type": "boolean"
    }, 
    "local_egress": {
      "default": false, 
      "description": "This property is used to enable proximity routing with local egress. When set to true, logical router interface (downlink) connecting Segment to Tier0/Tier1 gateway is configured with prefix-length 32.", 
      "required": false, 
      "title": "Flag to enable local egress", 
      "type": "boolean"
    }
  }, 
  "title": "Advanced configuration for Segment", 
  "type": "object"
}

SegmentDiscoveryProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "This entity will be used to establish association between discovery profile and Segment. Using this entity, user can specify intent for applying discovery profile to particular segments.", 
  "extends": {
    "$ref": "DiscoveryProfileBindingMap
  }, 
  "id": "SegmentDiscoveryProfileBindingMap", 
  "module_id": "PolicyDiscoveryProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_discovery_profile_path": {
      "description": "PolicyPath of associated IP Discovery Profile", 
      "required": false, 
      "title": "IP Discovery Profile Path", 
      "type": "string"
    }, 
    "mac_discovery_profile_path": {
      "description": "PolicyPath of associated Mac Discovery Profile", 
      "required": false, 
      "title": "Mac Discovery Profile Path", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Segment Discovery Profile binding map", 
  "type": "object"
}

SegmentDiscoveryProfileBindingMapListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "SegmentDiscoveryProfileBindingMapListRequestParameters", 
  "module_id": "PolicyDiscoveryProfileBinding", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Segment Discovery Profile Binding Map list request parameters", 
  "type": "object"
}

SegmentDiscoveryProfileBindingMapListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SegmentDiscoveryProfileBindingMapListResult", 
  "module_id": "PolicyDiscoveryProfileBinding", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "SegmentDiscoveryProfileBindingMap
      }, 
      "required": true, 
      "title": "Segment Discovery Profile Binding Map list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Segment Discovery Profile Binding Maps", 
  "type": "object"
}

SegmentInfo (type) 

{
  "additionalProperties": false, 
  "description": "This contains details about the segment created in NSX domain on a transport zone.", 
  "id": "SegmentInfo", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "display_name": {
      "description": "Segment Name as created in NSX domain.", 
      "readonly": true, 
      "required": false, 
      "title": "Name of the segment", 
      "type": "string"
    }, 
    "id": {
      "description": "Segment id as created in NSX domain.", 
      "readonly": true, 
      "required": false, 
      "title": "Segment Id", 
      "type": "string"
    }, 
    "instances_count": {
      "description": "Number of instances or cloud compute resources on this segment.", 
      "readonly": true, 
      "required": false, 
      "title": "Number of instances on this segment", 
      "type": "integer"
    }, 
    "is_hybrid": {
      "description": "Flag to identify if this is a hybrid segment.", 
      "readonly": true, 
      "required": false, 
      "title": "Flag to identify if this is a hybrid segment", 
      "type": "boolean"
    }, 
    "nsx_tag": {
      "description": "This tag value is applied on cloud compute resource to be attached to this segment.", 
      "readonly": true, 
      "required": false, 
      "title": "NSX Tag value", 
      "type": "string"
    }
  }, 
  "title": "Segment related information", 
  "type": "object"
}

SegmentListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "SegmentListRequestParameters", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Segment list request parameters", 
  "type": "object"
}

SegmentListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SegmentListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Segment
      }, 
      "required": true, 
      "title": "Segment list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Segments", 
  "type": "object"
}

SegmentMonitoringProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "This entity will be used to establish association between monitoring profile and Segment. Using this entity, you can specify intent for applying monitoring profile to particular segment.", 
  "extends": {
    "$ref": "MonitoringProfileBindingMap
  }, 
  "id": "SegmentMonitoringProfileBindingMap", 
  "module_id": "PolicyMonitoringProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipfix_l2_profile_path": {
      "description": "PolicyPath of associated IPFIX L2 Profile", 
      "required": false, 
      "title": "IPFIX L2 Profile Path", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "port_mirroring_profile_path": {
      "description": "PolicyPath of associated Port Mirroring Profile", 
      "required": false, 
      "title": "Port Mirroring Profile Path", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Segment Monitoring Profile binding map", 
  "type": "object"
}

SegmentMonitoringProfileBindingMapListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "SegmentMonitoringProfileBindingMapListRequestParameters", 
  "module_id": "PolicyMonitoringProfileBinding", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Segment Monitoring Profile Binding Map list request parameters", 
  "type": "object"
}

SegmentMonitoringProfileBindingMapListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SegmentMonitoringProfileBindingMapListResult", 
  "module_id": "PolicyMonitoringProfileBinding", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "SegmentMonitoringProfileBindingMap
      }, 
      "required": true, 
      "title": "Segment Monitoring Profile Binding Map list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Segment Monitoring Profile Binding Maps", 
  "type": "object"
}

SegmentPort (type) 

{
  "additionalProperties": false, 
  "description": "Policy port will create LogicalPort on LogicalSwitch corresponding to the Segment.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "SegmentPort", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "address_bindings": {
      "description": "Static address binding used for the port.", 
      "items": {
        "$ref": "PortAddressBindingEntry
      }, 
      "required": false, 
      "title": "Address bindings for the port", 
      "type": "array"
    }, 
    "attachment": {
      "$ref": "PortAttachment, 
      "description": "Only VIF attachment is supported", 
      "required": false, 
      "title": "VIF attachment"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Policy port object for segment", 
  "type": "object"
}

SegmentPortListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "SegmentPortListRequestParameters", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "SegmentPort list request parameters", 
  "type": "object"
}

SegmentPortListResult (type) 

{
  "additionalProperties": false, 
  "description": "List SegmentPort objects", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SegmentPortListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Place holder for the list result", 
      "items": {
        "$ref": "SegmentPort
      }, 
      "required": true, 
      "title": "SegmentPort list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of SegmentPort", 
  "type": "object"
}

SegmentPortStatistics (type) 

{
  "additionalProperties": false, 
  "description": "Segment port statistics on specific Enforcement Point.", 
  "extends": {
    "$ref": "LogicalPortStatistics
  }, 
  "id": "SegmentPortStatistics", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "dropped_by_security_packets": {
      "$ref": "PacketsDroppedBySecurity, 
      "readonly": true, 
      "required": false
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "logical_port_id": {
      "readonly": true, 
      "required": true, 
      "title": "The id of the logical port", 
      "type": "string"
    }, 
    "mac_learning": {
      "$ref": "MacLearningCounters, 
      "readonly": true, 
      "required": false
    }, 
    "rx_bytes": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "rx_packets": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_bytes": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_packets": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }
  }, 
  "title": "Segment port statistics on specific Enforcement Point", 
  "type": "object"
}

SegmentQoSProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "This entity will be used to establish association between qos profile and Segment. Using this entity, you can specify intent for applying qos profile to particular segment.", 
  "extends": {
    "$ref": "QoSProfileBindingMap
  }, 
  "id": "SegmentQoSProfileBindingMap", 
  "module_id": "PolicyQoSProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "qos_profile_path": {
      "description": "PolicyPath of associated  QoS Profile", 
      "required": false, 
      "title": "QoS Profile Path", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "search_dsl_name": [
    "segment qos profile binding map"
  ], 
  "title": "Segment QoS Profile binding map", 
  "type": "object"
}

SegmentQoSProfileBindingMapListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "SegmentQoSProfileBindingMapListRequestParameters", 
  "module_id": "PolicyQoSProfileBinding", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Segment QoS Profile Binding Map list request parameters", 
  "type": "object"
}

SegmentQoSProfileBindingMapListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SegmentQoSProfileBindingMapListResult", 
  "module_id": "PolicyQoSProfileBinding", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "SegmentQoSProfileBindingMap
      }, 
      "required": true, 
      "title": "Segment QoS Profile Binding Map list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Segment QoS Profile Binding Maps", 
  "type": "object"
}

SegmentSecurityProfile (type) 

{
  "additionalProperties": false, 
  "description": "Security features extended by policy operations for securing logical segments.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "SegmentSecurityProfile", 
  "module_id": "PolicySegmentSecurity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "bpdu_filter_allow": {
      "description": "Pre-defined list of allowed MAC addresses to be excluded from BPDU filtering. List of allowed MACs - 01:80:c2:00:00:00, 01:80:c2:00:00:01, 01:80:c2:00:00:02, 01:80:c2:00:00:03,                        01:80:c2:00:00:04, 01:80:c2:00:00:05, 01:80:c2:00:00:06, 01:80:c2:00:00:07,                        01:80:c2:00:00:08, 01:80:c2:00:00:09, 01:80:c2:00:00:0a, 01:80:c2:00:00:0b,                        01:80:c2:00:00:0c, 01:80:c2:00:00:0d, 01:80:c2:00:00:0e, 01:80:c2:00:00:0f,                        00:e0:2b:00:00:00, 00:e0:2b:00:00:04, 00:e0:2b:00:00:06, 01:00:0c:00:00:00,                        01:00:0c:cc:cc:cc, 01:00:0c:cc:cc:cd, 01:00:0c:cd:cd:cd, 01:00:0c:cc:cc:c0,                        01:00:0c:cc:cc:c1, 01:00:0c:cc:cc:c2, 01:00:0c:cc:cc:c3, 01:00:0c:cc:cc:c4,                        01:00:0c:cc:cc:c5, 01:00:0c:cc:cc:c6, 01:00:0c:cc:cc:c7", 
      "items": {
        "$ref": "MACAddress
      }, 
      "maxItems": 32, 
      "minItems": 0, 
      "required": false, 
      "title": "Disable BPDU filtering on this whitelist", 
      "type": "array"
    }, 
    "bpdu_filter_enable": {
      "default": true, 
      "description": "Indicates whether BPDU filter is enabled. BPDU filtering is enabled by default.", 
      "required": false, 
      "title": "BPDU filtering status", 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "dhcp_client_block_enabled": {
      "default": false, 
      "description": "Filters DHCP server and/or client traffic. DHCP server blocking is enabled and client blocking is disabled by default.", 
      "required": false, 
      "title": "Enable DHCP client block", 
      "type": "boolean"
    }, 
    "dhcp_client_block_v6_enabled": {
      "default": false, 
      "description": "Filters DHCP server and/or client IPv6 traffic. DHCP server blocking is enabled and client blocking is disabled by default.", 
      "required": false, 
      "title": "Enable DHCP client block v6", 
      "type": "boolean"
    }, 
    "dhcp_server_block_enabled": {
      "default": true, 
      "description": "Filters DHCP server and/or client traffic. DHCP server blocking is enabled and client blocking is disabled by default.", 
      "required": false, 
      "title": "Enable DHCP server block", 
      "type": "boolean"
    }, 
    "dhcp_server_block_v6_enabled": {
      "default": true, 
      "description": "Filters DHCP server and/or client IPv6 traffic. DHCP server blocking is enabled and client blocking is disabled by default.", 
      "required": false, 
      "title": "Enable DHCP server block v6", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "non_ip_traffic_block_enabled": {
      "default": false, 
      "description": "A flag to block all traffic except IP/(G)ARP/BPDU.", 
      "required": false, 
      "title": "Enable non IP traffic block", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "ra_guard_enabled": {
      "default": false, 
      "description": "Enable or disable Router Advertisement Guard.", 
      "required": false, 
      "title": "Enable Router Advertisement Guard", 
      "type": "boolean"
    }, 
    "rate_limits": {
      "$ref": "TrafficRateLimits, 
      "description": "Allows configuration of rate limits for broadcast and multicast traffic. Rate limiting is disabled by default", 
      "required": false, 
      "title": "Rate limiting configuration"
    }, 
    "rate_limits_enabled": {
      "default": false, 
      "description": "Enable or disable Rate Limits", 
      "required": false, 
      "title": "Enable Rate Limits", 
      "type": "boolean"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "search_dsl_name": [
    "security segment profile"
  ], 
  "title": "Segment Security Profile", 
  "type": "object"
}

SegmentSecurityProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "Contains the binding relationship between segment and security profile.", 
  "extends": {
    "$ref": "SecurityProfileBindingMap
  }, 
  "id": "SegmentSecurityProfileBindingMap", 
  "module_id": "PolicySecurityProfileBinding", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "segment_security_profile_path": {
      "description": "The policy path of the asscociated Segment Security profile", 
      "required": false, 
      "title": "Segment Security Profile Path", 
      "type": "string"
    }, 
    "spoofguard_profile_path": {
      "description": "The policy path of the asscociated SpoofGuard profile", 
      "required": false, 
      "title": "SpoofGuard Profile Path", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Security profile binding map for segment", 
  "type": "object"
}

SegmentSecurityProfileBindingMapListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "SegmentSecurityProfileBindingMapListRequestParameters", 
  "module_id": "PolicySecurityProfileBinding", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Segment security profile binding map request parameters", 
  "type": "object"
}

SegmentSecurityProfileBindingMapListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SegmentSecurityProfileBindingMapListResult", 
  "module_id": "PolicySecurityProfileBinding", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "SegmentSecurityProfileBindingMap
      }, 
      "required": true, 
      "title": "Segment security profile binding map list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of segment security profile binding maps", 
  "type": "object"
}

SegmentSecurityProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "SegmentSecurityProfileListRequestParameters", 
  "module_id": "PolicySegmentSecurity", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Segment security profile request parameters", 
  "type": "object"
}

SegmentSecurityProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SegmentSecurityProfileListResult", 
  "module_id": "PolicySegmentSecurity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "SegmentSecurityProfile
      }, 
      "required": true, 
      "title": "Segment Security profile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of segment security profiles", 
  "type": "object"
}

SegmentStatistics (type) 

{
  "additionalProperties": false, 
  "description": "Segment statistics on specific Enforcement Point.", 
  "extends": {
    "$ref": "LogicalSwitchStatistics
  }, 
  "id": "SegmentStatistics", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "dropped_by_security_packets": {
      "$ref": "PacketsDroppedBySecurity, 
      "readonly": true, 
      "required": false
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "logical_switch_id": {
      "readonly": true, 
      "required": true, 
      "title": "The id of the logical Switch", 
      "type": "string"
    }, 
    "mac_learning": {
      "$ref": "MacLearningCounters, 
      "readonly": true, 
      "required": false
    }, 
    "rx_bytes": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "rx_packets": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_bytes": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }, 
    "tx_packets": {
      "$ref": "DataCounter, 
      "readonly": true, 
      "required": false
    }
  }, 
  "title": "Segment statistics on specific Enforcement Point", 
  "type": "object"
}

SegmentSubnet (type) 

{
  "additionalProperties": false, 
  "id": "SegmentSubnet", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "dhcp_ranges": {
      "description": "DHCP address ranges are used for dynamic IP allocation. Supports address range and CIDR formats. First valid host address from the first value is assigned to DHCP server IP address. Existing values cannot be deleted or modified, but additional DHCP ranges can be added.", 
      "items": {
        "$ref": "IPElement
      }, 
      "minItems": 1, 
      "required": false, 
      "title": "DHCP address ranges for dynamic IP allocation", 
      "type": "array"
    }, 
    "gateway_address": {
      "description": "Gateway IP address in CIDR format for both IPv4 and IPv6.", 
      "format": "ip-cidr-block", 
      "title": "Gateway IP address.", 
      "type": "string"
    }, 
    "network": {
      "description": "Network CIDR for this subnet calculated from gateway_addresses and prefix_len.", 
      "readonly": true, 
      "title": "Network CIDR for subnet", 
      "type": "string"
    }
  }, 
  "title": "Subnet configuration for segment", 
  "type": "object"
}

SelectableResourceReference (type) 

{
  "extends": {
    "$ref": "ResourceReference
  }, 
  "id": "SelectableResourceReference", 
  "module_id": "ClusterRestore", 
  "properties": {
    "is_valid": {
      "description": "Will be set to false if the referenced NSX resource has been deleted.", 
      "readonly": true, 
      "required": false, 
      "title": "Target validity", 
      "type": "boolean"
    }, 
    "selected": {
      "required": true, 
      "title": "Set to true if this resource has been selected to be acted upon", 
      "type": "boolean"
    }, 
    "target_display_name": {
      "description": "Display name of the NSX resource.", 
      "maxLength": 255, 
      "readonly": true, 
      "required": false, 
      "title": "Target display name", 
      "type": "string"
    }, 
    "target_id": {
      "description": "Identifier of the NSX resource.", 
      "maxLength": 64, 
      "readonly": false, 
      "required": false, 
      "title": "Target ID", 
      "type": "string"
    }, 
    "target_type": {
      "description": "Type of the NSX resource.", 
      "maxLength": 255, 
      "readonly": false, 
      "required": false, 
      "title": "Target type", 
      "type": "string"
    }
  }, 
  "title": "Resources to take action on", 
  "type": "object"
}

SelfResourceLink (type) 

{
  "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
  "extends": {
    "$ref": "ResourceLink
  }, 
  "id": "SelfResourceLink", 
  "module_id": "Common", 
  "properties": {
    "action": {
      "readonly": true, 
      "title": "Optional action", 
      "type": "string"
    }, 
    "href": {
      "readonly": true, 
      "required": true, 
      "title": "Link to resource", 
      "type": "string"
    }, 
    "rel": {
      "description": "Custom relation type (follows RFC 5988 where appropriate definitions exist)", 
      "readonly": true, 
      "required": true, 
      "title": "Link relation type", 
      "type": "string"
    }
  }, 
  "title": "Link to this resource", 
  "type": "object"
}

SelfSignedActionParameter (type) 

{
  "additionalProperties": false, 
  "id": "SelfSignedActionParameter", 
  "module_id": "CertificateManager", 
  "properties": {
    "days_valid": {
      "default": 3650, 
      "maximum": 10000, 
      "minimum": 1, 
      "required": true, 
      "title": "Number of days the certificate will be valid, default 10 years", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

ServerAuthType (type) 

{
  "additionalProperties": false, 
  "description": "Server authentication could be REQUIRED or IGNORE, it is used to specify if the server certificate presented to the load balancer during handshake should be actually validated or not. Validation is disabled by default. If validation is REQUIRED, then to be accepted, server certificate must be signed by one of the trusted CAs whose self signed certificates are specified in the same server-side SSL profile binding.", 
  "enum": [
    "REQUIRED", 
    "IGNORE"
  ], 
  "id": "ServerAuthType", 
  "module_id": "LoadBalancer", 
  "title": "server authentication mode", 
  "type": "string"
}

ServerSslProfileBinding (type) 

{
  "additionalProperties": false, 
  "id": "ServerSslProfileBinding", 
  "module_id": "LoadBalancer", 
  "properties": {
    "certificate_chain_depth": {
      "default": 3, 
      "description": "authentication depth is used to set the verification depth in the server certificates chain.", 
      "maximum": 2147483647, 
      "minimum": 1, 
      "required": false, 
      "title": "the maximum traversal depth of server certificate chain", 
      "type": "integer"
    }, 
    "client_certificate_id": {
      "description": "To support client authentication (load balancer acting as a client authenticating to the backend server), client certificate can be specified in the server-side SSL profile binding", 
      "required": false, 
      "title": "client certificate identifier", 
      "type": "string"
    }, 
    "server_auth": {
      "$ref": "ServerAuthType, 
      "default": "IGNORE", 
      "title": "server authentication mode"
    }, 
    "server_auth_ca_ids": {
      "description": "If server auth type is REQUIRED, server certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "CA identifier list to verify server certificate", 
      "type": "array"
    }, 
    "server_auth_crl_ids": {
      "description": "A Certificate Revocation List (CRL) can be specified in the server-side SSL profile binding to disallow compromised server certificates.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "CRL identifier list to verify server certificate", 
      "type": "array"
    }, 
    "ssl_profile_id": {
      "description": "Server SSL profile defines reusable, application-independent server side SSL properties.", 
      "required": false, 
      "title": "server SSL profile identifier", 
      "type": "string"
    }
  }, 
  "type": "object"
}

Service (type) 

{
  "description": "Used while defining a CommunicationEntry. A service may have multiple service entries.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Service", 
  "module_id": "Policy", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_default": {
      "default": false, 
      "description": "The flag, if true, indicates that service is created in the system by default. Such default services can't be modified/deleted.", 
      "readonly": true, 
      "title": "Flag for default services", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "service_entries": {
      "items": {
        "$ref": "ServiceEntry
      }, 
      "maxItems": 50, 
      "title": "Service type", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Contains the information related to a service", 
  "type": "object"
}

ServiceAssociationListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceAssociationListResult", 
  "module_id": "GroupingObjectsProviders", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "service_type"
  }, 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "service_type": {
      "enum": [
        "FireWallServiceAssociationListResult", 
        "IpfixServiceAssociationListResult"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ServiceAttachment (type) 

{
  "description": "A ServiceAttachment represents a point on NSX entity (Example - Edge Router) to which ServiceInstance can be connected through an InstanceEndpoint. Example - In VMWare Hybric Cloud Extention (HCX) use case, HCX appliances connect to this Service Attachment Point. We do not handle the lifecycle of these appliance/s.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ServiceAttachment", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "attachment_status": {
      "default": "UP", 
      "description": "UP - A Service Attachment will have its Service Port - UP and with a configured IP address. DOWN - An Inactive ServiceAttachment has its Service Port - DOWN. It can be used to connect set of appliances that do not need to exchange traffic to/from/through the Edge node.", 
      "enum": [
        "UP", 
        "DOWN"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Attachment Status", 
      "type": "string"
    }, 
    "deployed_to": {
      "$ref": "ResourceReference, 
      "description": "NSX Resource where we want to create Service Attachment Point. Ex. T0 LR Edge in case of north-south ServiceInsertion and a TransportZone (which is used to define the service plane) in case of east-west service insertion.", 
      "readonly": false, 
      "required": true, 
      "title": "Deployed-to object"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "local_ips": {
      "description": "Local IPs associated with this Service Attachment.", 
      "items": {
        "$ref": "IPInfo
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": false, 
      "title": "Local IPs", 
      "type": "array"
    }, 
    "logical_switch": {
      "$ref": "ResourceReference, 
      "description": "Logical Switch gets created as a part of Service Attachment creation.", 
      "readonly": true, 
      "required": false, 
      "title": "Logical Switch"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "service_port": {
      "$ref": "ResourceReference, 
      "description": "Service Port gets created as a part of Service Attachment creation. It is a Logical Router Port of type CentralizedServicePort. It does not participate in distributed routing. Stateless Policy Based Routing service can be applied on this port.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Port (Logical Router Centralized Service Port)"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Logical Attachment Point for a 3rd Party Service", 
  "type": "object"
}

ServiceAttachmentListResult (type) 

{
  "description": "List of Service Attachments.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceAttachmentListResult", 
  "module_id": "ServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of the Service Attachments.", 
      "items": {
        "$ref": "ServiceAttachment
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Service-Attachment list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service Attachment List", 
  "type": "object"
}

ServiceBinding (type) 

{
  "additionalProperties": false, 
  "id": "ServiceBinding", 
  "module_id": "LogicalRouterPorts", 
  "properties": {
    "service_id": {
      "$ref": "ResourceReference, 
      "description": "Identifier of Logical Service", 
      "required": true, 
      "title": "UUID of Service"
    }
  }, 
  "type": "object"
}

ServiceCapability (type) 

{
  "description": "Service capabilities that will be inherited by service VMs created using a service definition that contains this service capability.", 
  "id": "ServiceCapability", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "can_decrement_si": {
      "default": false, 
      "description": "Indicating whether service is configured to decrement SI field in NSH metadata.", 
      "readonly": true, 
      "required": false, 
      "title": "SI decrement flag", 
      "type": "boolean"
    }, 
    "nsh_liveness_support_enabled": {
      "default": false, 
      "description": "Indicating whether service supports NSH liveness detection.", 
      "readonly": false, 
      "required": false, 
      "title": "NSH liveness support flag", 
      "type": "boolean"
    }
  }, 
  "title": "Service capabilities", 
  "type": "object"
}

ServiceChain (type) 

{
  "description": "Service chain is a set of network Services. A Service chain is made up of ordered list of service profiles belonging to any same or different services.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ServiceChain", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "forward_path_service_profiles": {
      "description": "List of ServiceInsertionServiceProfiles that constitutes the the service chain. The forward path service profiles are applied to ingress traffic.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 4, 
      "readonly": false, 
      "required": true, 
      "title": "Forward path service profiles", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "on_failure_policy": {
      "default": "ALLOW", 
      "description": "Failure policy for the service tells datapath, the action to take i.e to allow or block traffic during failure scenarios.", 
      "enum": [
        "ALLOW", 
        "BLOCK"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "On Failure Policy", 
      "type": "string"
    }, 
    "path_selection_policy": {
      "default": "ANY", 
      "description": "Path selection policy can be - ANY - Service Insertion is free to redirect to any service path regardless of any load balancing considerations or flow pinning. LOCAL - means to prefer local service insances. REMOTE - preference is to redirect to the SVM co-located on the same host.", 
      "enum": [
        "ANY", 
        "LOCAL", 
        "REMOTE"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Path Selection Policy", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "reverse_path_service_profiles": {
      "description": "List of ServiceInsertionServiceProfiles id. Reverse path service profiles are applied to egress traffic and is optional. 2 different set of profiles can be defined for forward and reverse path. If not defined, the reverse of the forward path service profile is applied.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 4, 
      "readonly": false, 
      "required": false, 
      "title": "Reverse path service profiles", 
      "type": "array"
    }, 
    "service_attachments": {
      "description": "Service attachment specifies the scope i.e Service plane at which the SVMs are deployed.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "readonly": false, 
      "required": true, 
      "title": "Service Attachment list", 
      "type": "array"
    }, 
    "service_chain_id": {
      "description": "A unique id generated for every service chain. This is not a uuid.", 
      "readonly": true, 
      "required": false, 
      "title": "Service chain id", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Service Chain", 
  "type": "object"
}

ServiceChainListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "ServiceChainListRequestParameters", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service Chain list request parameters", 
  "type": "object"
}

ServiceChainListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceChainListResult", 
  "module_id": "ServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of the Service-Insertion Services. The list has to be homogenous.", 
      "items": {
        "$ref": "ServiceChain
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Service list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service Chain List", 
  "type": "object"
}

ServiceChainMapping (type) 

{
  "description": "A ServiceInsertionServiceProfile can be part of multiple ServiceChains. ServiceChainMapping for a particular profile will contain a list of all the ServiceChains it's part of. Each Mapping will also contain some metadata to uniquely identify a profile from other profiles.", 
  "id": "ServiceChainMapping", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "direction": {
      "description": "Each ServiceChain has forward_path_service_profiles and reverse_path_service_profiles. This property will indicate which of them being used. FORWARD - forward_path_service_profiles REVERSE - reverse_path_service_profiles", 
      "enum": [
        "FORWARD", 
        "REVERSE"
      ], 
      "readonly": true, 
      "title": "Direction", 
      "type": "string"
    }, 
    "service_chain_id": {
      "description": "A unique id generated for every ServiceChain. This is not a uuid.", 
      "readonly": true, 
      "title": "Service Chain id", 
      "type": "string"
    }, 
    "service_index": {
      "description": "Service Index represents a numerical position of a ServiceInsertionServiceProfile in a ServiceChain. It will be in reverse order. Service Index can point to either forward_path_service_profiles or reverse_path_service_profiles indicated by direction property. Example - For a ServiceChain A-B-C, A will have index of 3, B will have index of 2 and C will have index of 1.", 
      "readonly": true, 
      "title": "Service Index", 
      "type": "integer"
    }
  }, 
  "title": "Service Chain Mapping", 
  "type": "object"
}

ServiceChainMappingListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceChainMappingListResult", 
  "module_id": "ServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of the Service Chain Mappings. The list has to be homogenous.", 
      "items": {
        "$ref": "ServiceChainMapping
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Service Chain Mapping List", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service Chain Mapping List", 
  "type": "object"
}

ServiceConfig (type) 

{
  "additionalProperties": false, 
  "description": "Service configs are groupings of profiles (i.e switch profiles) and configurations applied to resources or collection of resources(NSGroups).", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ServiceConfig", 
  "module_id": "ServiceConfig", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "applied_to": {
      "description": "The list of entities that the configurations should be applied to. This can either be a NSGroup or any other entity like TransportNode, LogicalPorts etc.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "required": false, 
      "title": "Entities on which the input profile will be applied", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "precedence": {
      "description": "Every ServiceConfig has a priority based upon its precedence value. Lower the value of precedence, higher will be its priority. If user doesnt specify the precedence, it is generated automatically by system. The precedence is generated based upon the type of profile used in ServiceConfig. Precedence are auto-generated in decreasing order with difference of 100. Automatically generated precedence value will be 100 less than the current minimum value of precedence of ServiceConfig of a given profile type in system.There cannot be duplicate precedence for ServiceConfig of same profile type.", 
      "maximum": 4294967295, 
      "minimum": 0, 
      "required": false, 
      "title": "The priority of the service config", 
      "type": "integer"
    }, 
    "profiles": {
      "description": "These are the NSX Profiles which will be added to service config, which will be applied to entities/groups provided to applied_to field of service config.", 
      "items": {
        "$ref": "NSXProfileReference
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "Profiles to be added to service config", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Service Config for profile and common configuration", 
  "type": "object"
}

ServiceConfigList (type) 

{
  "additionalProperties": false, 
  "description": "List of Service config objects that needs to be either created or updated with the respective profiles and precedence.", 
  "id": "ServiceConfigList", 
  "module_id": "ServiceConfig", 
  "properties": {
    "service_configs": {
      "description": "An Array of ServiceConfig objects containing details of profiles to be applied, entities on which these profiles will be applied and precedence.", 
      "items": {
        "$ref": "ServiceConfig
      }, 
      "maxItems": 100, 
      "minItems": 1, 
      "required": true, 
      "title": "service config list results", 
      "type": "array"
    }
  }, 
  "title": "List of Service Configs for batch operation", 
  "type": "object"
}

ServiceConfigListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "ServiceConfigListRequestParameters", 
  "module_id": "ServiceConfig", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "profile_type": {
      "description": "It fetches ServiceConfig for the given profile_type. Only one type of supported profile type can be mentioned in a single API call. API will return all ServiceConfig if this field is not passed.", 
      "required": false, 
      "title": "Fetch ServiceConfig for the given attribute profile_type", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "NSProfile list request parameters.", 
  "type": "object"
}

ServiceConfigListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceConfigListResult", 
  "module_id": "ServiceConfig", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ServiceConfig
      }, 
      "required": true, 
      "title": "service config list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of service configs", 
  "type": "object"
}

ServiceDefinition (type) 

{
  "description": "Registering a Service is the first step in the ServiceInsertion mechanism. A ServiceDefinition is used to create a service.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ServiceDefinition", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "attachment_point": {
      "description": "The point at which the service is deployed/attached for redirecting the traffic to the the partner appliance. Attachment Point is required if Service caters to any functionality other than EPP.", 
      "items": {
        "enum": [
          "TIER0_LR", 
          "TIER1_LR", 
          "SERVICE_PLANE"
        ], 
        "type": "string"
      }, 
      "maxItems": 2, 
      "minItems": 0, 
      "readonly": false, 
      "required": false, 
      "title": "Attachment Point", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "functionalities": {
      "description": "The capabilities provided by the services. Needs to be one or more of the following | NG_FW - Next Generation Firewall | IDS_IPS - Intrusion detection System / Intrusion Prevention System | NET_MON - Network Monitoring | HCX - Hybrid Cloud Exchange | BYOD - Bring Your Own Device | EPP - Endpoint Protection.(Third party AntiVirus partners using NXGI should use this functionality for the service)", 
      "items": {
        "enum": [
          "NG_FW", 
          "IDS_IPS", 
          "NET_MON", 
          "HCX", 
          "BYOD", 
          "EPP"
        ], 
        "type": "string"
      }, 
      "minItems": 1, 
      "readonly": false, 
      "required": true, 
      "title": "Functionality Type", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "implementations": {
      "description": "This indicates the insertion point of the service i.e whether the service will be used to protect North-South or East-West traffic in the datacenter.", 
      "items": {
        "enum": [
          "NORTH_SOUTH", 
          "EAST_WEST"
        ], 
        "type": "string"
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "readonly": false, 
      "required": true, 
      "title": "Implementation Type", 
      "type": "array"
    }, 
    "on_failure_policy": {
      "default": "ALLOW", 
      "description": "Failure policy for the service tells datapath, the action to take i.e to Allow or Block traffic during failure scenarios. For north-south ServiceInsertion, failure policy in the service instance takes precedence. For east-west ServiceInsertion, failure policy in the service chain takes precedence. BLOCK is not supported for Endpoint protection (EPP) functionality.", 
      "enum": [
        "ALLOW", 
        "BLOCK"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "On Failure Policy", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "service_capability": {
      "$ref": "ServiceCapability, 
      "description": "Service capability.", 
      "readonly": false, 
      "required": false, 
      "title": "Service capability"
    }, 
    "service_deployment_spec": {
      "$ref": "ServiceDeploymentSpec, 
      "description": "Service Deployment Specification defines takes in information required to deploy and configure a partner appliance/service-vm.", 
      "readonly": false, 
      "required": false, 
      "title": "Service Deployment Specification"
    }, 
    "service_manager_id": {
      "description": "ID of the service manager to which this service is attached with. This field is not set during creation of service. This field will be set explicitly when Service Manager is created successfully using this service.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Manager Id", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transports": {
      "description": "Transport Type of the service, which is the mechanism of redirecting the traffic to the the partner appliance. Transport type is required if Service caters to any functionality other than EPP.", 
      "items": {
        "enum": [
          "L2_BRIDGE", 
          "L3_ROUTED", 
          "NSH"
        ], 
        "type": "string"
      }, 
      "maxItems": 1, 
      "minItems": 0, 
      "readonly": false, 
      "required": false, 
      "title": "Transport Type", 
      "type": "array"
    }, 
    "vendor_id": {
      "description": "Id which is unique to a vendor or partner for which the service is created.", 
      "readonly": false, 
      "required": true, 
      "title": "Vendor ID", 
      "type": "string"
    }
  }, 
  "title": "Definition of a Service.", 
  "type": "object"
}

ServiceDefinitionListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "ServiceDefinitionListRequestParameters", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service definition list request parameters", 
  "type": "object"
}

ServiceDeployment (type) 

{
  "description": "Used to provide the deployment specification for the service.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ServiceDeployment", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "clustered_deployment_count": {
      "default": 1, 
      "description": "Number of instances in case of clustered deployment.", 
      "maximum": 10, 
      "minimum": 1, 
      "readonly": false, 
      "required": false, 
      "title": "Clustered Deployment Count", 
      "type": "integer"
    }, 
    "deployed_to": {
      "description": "List of resource references where service instance be deployed. Ex. Tier 0 Logical Router in case of N-S ServiceInsertion. Service Attachment in case of E-W ServiceInsertion.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "minItems": 1, 
      "readonly": false, 
      "required": false, 
      "title": "Deployed-to object list", 
      "type": "array"
    }, 
    "deployment_mode": {
      "default": "STAND_ALONE", 
      "description": "Mode of deployment. Currently, only stand alone deployment is supported. It is a single VM deployed through this deployment spec. In future, HA configurations will be supported here.", 
      "enum": [
        "STAND_ALONE", 
        "ACTIVE_STANDBY"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Deployment Mode", 
      "type": "string"
    }, 
    "deployment_spec_name": {
      "description": "Name of the deployment spec to be used for deployment, which specifies the OVF provided by the partner and the form factor.", 
      "readonly": false, 
      "required": true, 
      "title": "Deployment Spec Name", 
      "type": "string"
    }, 
    "deployment_type": {
      "default": "CLUSTERED", 
      "description": "Specifies whether the service VM should be deployed on each host such that it provides partner service locally on the host, or whether the service VMs can be deployed as a cluster. If deployment_type is CLUSTERED, then the clustered_deployment_count should be provided.", 
      "enum": [
        "HOSTLOCAL", 
        "CLUSTERED"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Deployment Type", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "instance_deployment_template": {
      "$ref": "DeploymentTemplate, 
      "description": "The deployment template to be used during the deployment to provide customized attributes to the service VM.", 
      "readonly": false, 
      "required": true, 
      "title": "Instance Deployment Template"
    }, 
    "perimeter": {
      "default": "HOST", 
      "description": "This indicates the deployment perimeter, such as a VC cluster or a host.", 
      "enum": [
        "CLUSTER", 
        "HOST"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Deployment perimeter", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "service_deployment_config": {
      "$ref": "ServiceDeploymentConfig, 
      "description": "Deployment Config contains the deployment specification, such as the storage and network to be used along with the cluster where the service VM can be deployed.", 
      "readonly": false, 
      "required": true, 
      "title": "Service Deployment Config"
    }, 
    "service_id": {
      "description": "The Service to which the service deployment is associated.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Id", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Deployment details of a Service", 
  "type": "object"
}

ServiceDeploymentConfig (type) 

{
  "description": "The Deployment Config contains settings that are applied during install time.", 
  "id": "ServiceDeploymentConfig", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "compute_collection_id": {
      "description": "Resource Pool or cluster Id.", 
      "readonly": false, 
      "required": true, 
      "title": "Compute Collection Id", 
      "type": "string"
    }, 
    "compute_manager_id": {
      "description": "Context Id or VCenter Id.", 
      "readonly": false, 
      "required": true, 
      "title": "Compute Manager Id", 
      "type": "string"
    }, 
    "host_id": {
      "description": "The service VM will be deployed on the specified host in the specified server within the cluster if host_id is specified. Note: You must ensure that storage and specified networks are accessible       by this host.", 
      "readonly": false, 
      "required": false, 
      "title": "Host id", 
      "type": "string"
    }, 
    "storage_id": {
      "description": "Moref of the datastore in VC. If it is to be taken from 'Agent VM Settings', then it should be empty.", 
      "readonly": false, 
      "required": false, 
      "title": "Storage Id", 
      "type": "string"
    }, 
    "vm_nic_info": {
      "$ref": "VmNicInfo, 
      "description": "VM NIC information for VMs", 
      "readonly": false, 
      "required": false, 
      "title": "VM NIC information"
    }
  }, 
  "title": "Service Deployment Config", 
  "type": "object"
}

ServiceDeploymentIssue (type) 

{
  "description": "Type of issue and detailed description of the issue in case of deployment failure.", 
  "id": "ServiceDeploymentIssue", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "issue_description": {
      "description": "Description of issue encountered while service deployment.", 
      "required": false, 
      "title": "Description of issue encountered while service deployment", 
      "type": "string"
    }, 
    "issue_timestamp": {
      "description": "Timestamp when issue was issue encountered while service deployment.", 
      "required": false, 
      "title": "Timestamp when issue was encountered while service deployment", 
      "type": "string"
    }, 
    "issue_type": {
      "description": "Type of issue encountered while service deployment.", 
      "required": true, 
      "title": "Type of issue encountered while service deployment", 
      "type": "string"
    }
  }, 
  "title": "Service deployment issue", 
  "type": "object"
}

ServiceDeploymentListResult (type) 

{
  "additionalProperties": false, 
  "description": "Result of List of ServiceDeployments", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceDeploymentListResult", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Array of existing ServiceDeployments in database", 
      "items": {
        "$ref": "ServiceDeployment
      }, 
      "required": true, 
      "title": "Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "ServiceDeployment list result", 
  "type": "object"
}

ServiceDeploymentSpec (type) 

{
  "description": "ServiceDeployment Spec consists of information required to deploy and configure the partner appliances. viz. Deployment template, deployment spec and NIC metatdata.", 
  "id": "ServiceDeploymentSpec", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "deployment_specs": {
      "description": "Deployment Specs holds information required to deploy the Service-VMs. i.e. OVF url where the partner Service-VM OVF is hosted. The host type on which the OVF can be deployed, Form factor to name a few.", 
      "items": {
        "$ref": "SVMDeploymentSpec
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Service Deployment Spec List", 
      "type": "array"
    }, 
    "deployment_template": {
      "description": "Deployment Template holds the attributes specific to partner for which the service is created. These attributes are opaque to NSX Manager.", 
      "items": {
        "$ref": "DeploymentTemplate
      }, 
      "readonly": false, 
      "required": true, 
      "title": "Service Deployment Template", 
      "type": "array"
    }, 
    "nic_metadata_list": {
      "description": "NIC metadata associated with the deployment spec.", 
      "items": {
        "$ref": "NicMetadata
      }, 
      "readonly": false, 
      "required": false, 
      "title": "NIC Metadata", 
      "type": "array"
    }, 
    "svm_version": {
      "description": "Partner needs to specify the Service VM version which will get deployed. Modification of this field would notify administrators that new upgrade is available.", 
      "required": false, 
      "title": "Partner Service-VM version.", 
      "type": "string"
    }
  }, 
  "title": "Service Deployment Specification.", 
  "type": "object"
}

ServiceDeploymentStatus (type) 

{
  "id": "ServiceDeploymentStatus", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "deployment_issues": {
      "description": "List of issue and detailed description of the issue in case of deployment failure.", 
      "items": {
        "$ref": "ServiceDeploymentIssue
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Service deployment issue", 
      "type": "array"
    }, 
    "deployment_status": {
      "description": "Deployment status of NXGI Partner Service-VM on a compute collection. It shows the latest status during the process of deployment, redeploy, upgrade, and un-deployment on a compute collection such as VC cluster.", 
      "enum": [
        "UPGRADE_IN_PROGRESS", 
        "UPGRADE_FAILED", 
        "DEPLOYMENT_QUEUED", 
        "DEPLOYMENT_IN_PROGRESS", 
        "DEPLOYMENT_FAILED", 
        "DEPLOYMENT_SUCCESSFUL", 
        "UNDEPLOYMENT_QUEUED", 
        "UNDEPLOYMENT_IN_PROGRESS", 
        "UNDEPLOYMENT_FAILED", 
        "UNDEPLOYMENT_SUCCESSFUL", 
        "UPGRADE_QUEUED"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Compute collection deployment progress status", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "service_deployment_id": {
      "description": "Id of service deployment.", 
      "readonly": true, 
      "required": false, 
      "title": "Service deployment id", 
      "type": "string"
    }, 
    "sva_current_version": {
      "description": "Currently deployed Service Virtual Appliance version.", 
      "required": false, 
      "title": "Current deployed SVA version", 
      "type": "string"
    }, 
    "sva_max_available_version": {
      "description": "Max available SVA version for upgrade", 
      "required": false, 
      "title": "Max available SVA version", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ServiceEndpoint (type) 

{
  "additionalProperties": false, 
  "id": "ServiceEndpoint", 
  "module_id": "ClusterManagement", 
  "properties": {
    "certificate": {
      "required": false, 
      "title": "Certificate or certificate chain", 
      "type": "string"
    }, 
    "certificate_sha256_thumbprint": {
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "entities_hosted": {
      "items": {
        "$ref": "HostedEntityInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of entities hosted on accessible through the service endpoint", 
      "type": "array"
    }, 
    "fqdn": {
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "required": true
    }, 
    "port": {
      "maximum": 65535, 
      "minimum": 0, 
      "required": true, 
      "type": "integer"
    }, 
    "service_endpoint_uuid": {
      "readonly": true, 
      "required": false, 
      "title": "Unique identifier of this service endpoint", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ServiceEntry (type) 

{
  "abstract": true, 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "ServiceEntry", 
  "module_id": "Policy", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "IPProtocolServiceEntry", 
        "IGMPTypeServiceEntry", 
        "ICMPTypeServiceEntry", 
        "ALGTypeServiceEntry", 
        "L4PortSetServiceEntry", 
        "EtherTypeServiceEntry"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "A Service entry that describes traffic", 
  "type": "object"
}

ServiceEntryListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "ServiceEntryListRequestParameters", 
  "module_id": "Policy", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service entry list request parameters", 
  "type": "object"
}

ServiceEntryListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceEntryListResult", 
  "module_id": "Policy", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ServiceEntry
      }, 
      "required": true, 
      "title": "Service entry list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Service entries", 
  "type": "object"
}

ServiceInsertionContextType (type) 

{
  "description": "Types of Service Insertion contexts. \"east_west\" applies to trasport_nodes in data center. \"north_south\" applies to logical_routers (T0/T1) in data center.", 
  "enum": [
    "east_west", 
    "north_south"
  ], 
  "id": "ServiceInsertionContextType", 
  "module_id": "ServiceInsertionStatus", 
  "title": "Service Insertion Context Type", 
  "type": "string"
}

ServiceInsertionDeleteParameters (type) 

{
  "id": "ServiceInsertionDeleteParameters", 
  "module_id": "ServiceInsertion", 
  "properties": {
    "cascade": {
      "default": false, 
      "required": false, 
      "title": "Flag to cascade delete all the child objects, associated with it.", 
      "type": "boolean"
    }
  }, 
  "title": "Service Insertion delete parameters", 
  "type": "object"
}

ServiceInsertionInsertParameters (type) 

{
  "extends": {
    "$ref": "DSInsertParameters
  }, 
  "id": "ServiceInsertionInsertParameters", 
  "module_id": "ServiceInsertionRules", 
  "properties": {
    "id": {
      "maxLength": 64, 
      "required": false, 
      "title": "Identifier of the anchor rule or section. This is a required field in case operation like 'insert_before' and 'insert_after'.", 
      "type": "string"
    }, 
    "operation": {
      "default": "insert_top", 
      "enum": [
        "insert_top", 
        "insert_bottom", 
        "insert_after", 
        "insert_before"
      ], 
      "required": false, 
      "title": "Operation", 
      "type": "string"
    }
  }, 
  "title": "Parameters that indicate where rule/section need to be added All the params take rule/section Id", 
  "type": "object"
}

ServiceInsertionListRequestParameters (type) 

{
  "description": "Pagination and Filtering parameters to get only a subset of sections/rules.", 
  "extends": {
    "$ref": "DSListRequestParameters
  }, 
  "id": "ServiceInsertionListRequestParameters", 
  "module_id": "ServiceInsertionRules", 
  "properties": {
    "applied_tos": {
      "description": "Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "AppliedTo's referenced by this section or section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "destinations": {
      "description": "The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "Destinations referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "filter_type": {
      "default": "FILTER", 
      "description": "Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria.", 
      "enum": [
        "FILTER", 
        "SEARCH"
      ], 
      "required": false, 
      "title": "Filter type", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "services": {
      "description": "Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "NSService referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "sources": {
      "description": "The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "Sources referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }
  }, 
  "title": "Parameters to filter list of sections/rules", 
  "type": "object"
}

ServiceInsertionRule (type) 

{
  "description": "ServiceInsertion Rule.", 
  "extends": {
    "$ref": "DSRule
  }, 
  "id": "ServiceInsertionRule", 
  "module_id": "ServiceInsertionRules", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_owner": {
      "$ref": "OwnerResourceLink, 
      "readonly": true, 
      "title": "Owner of this resource"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "action": {
      "description": "Action enforced on the packets which matches the distributed service rule. Currently DS Layer supports below actions. ALLOW           - Forward any packet when a rule with this action gets a match (Used by Firewall). DROP            - Drop any packet when a rule with this action gets a match. Packets won't go further(Used by Firewall). REJECT          - Terminate TCP connection by sending TCP reset for a packet when a rule with this action gets a match (Used by Firewall). REDIRECT        - Redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion). DO_NOT_REDIRECT - Do not redirect any packet to a partner appliance when a rule with this action gets a match (Used by Service Insertion).", 
      "enum": [
        "ALLOW", 
        "DROP", 
        "REJECT", 
        "REDIRECT", 
        "DO_NOT_REDIRECT"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Action", 
      "type": "string"
    }, 
    "applied_tos": {
      "description": "List of object where rule will be enforced. The section level field overrides this one. Null will be treated as any.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "AppliedTo List", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destinations": {
      "description": "List of the destinations. Null will be treated as any.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Destination List", 
      "type": "array"
    }, 
    "destinations_excluded": {
      "default": false, 
      "description": "Negation of the destination.", 
      "readonly": false, 
      "required": false, 
      "title": "Negation of destination", 
      "type": "boolean"
    }, 
    "direction": {
      "default": "IN_OUT", 
      "description": "Rule direction in case of stateless distributed service rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified.", 
      "enum": [
        "IN", 
        "OUT", 
        "IN_OUT"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Rule direction", 
      "type": "string"
    }, 
    "disabled": {
      "default": false, 
      "description": "Flag to disable rule. Disabled will only be persisted but never provisioned/realized.", 
      "readonly": false, 
      "required": false, 
      "title": "Rule enable/disable flag", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "description": "Identifier of the resource", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "ip_protocol": {
      "default": "IPV4_IPV6", 
      "description": "Type of IP packet that should be matched while enforcing the rule.", 
      "enum": [
        "IPV4", 
        "IPV6", 
        "IPV4_IPV6"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "IPv4 vs IPv6 packet type", 
      "type": "string"
    }, 
    "is_default": {
      "description": "Flag to indicate whether rule is default.", 
      "readonly": true, 
      "required": false, 
      "title": "Default rule", 
      "type": "boolean"
    }, 
    "logged": {
      "default": false, 
      "description": "Flag to enable packet logging. Default is disabled.", 
      "readonly": false, 
      "required": false, 
      "title": "Enable logging flag", 
      "type": "boolean"
    }, 
    "notes": {
      "description": "User notes specific to the rule.", 
      "maxLength": 2048, 
      "readonly": false, 
      "required": false, 
      "title": "Notes", 
      "type": "string"
    }, 
    "priority": {
      "description": "Priority of the rule.", 
      "readonly": true, 
      "required": false, 
      "title": "Rule priority", 
      "type": "integer"
    }, 
    "redirect_tos": {
      "description": "A rule can be redirected to ServiceInstance, InstanceEndpoint for North/South Traffic. A rule can be redirected to ServiceChain for East/West Traffic. For REDIRECT action, redirect_tos is mandatory. For DO_NOT_REDIRECT action, redirect_tos is optional.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 1, 
      "readonly": false, 
      "required": false, 
      "title": "Redirect_Tos List", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rule_tag": {
      "description": "User level field which will be printed in CLI and packet logs.", 
      "maxLength": 32, 
      "readonly": false, 
      "required": false, 
      "title": "Tag", 
      "type": "string"
    }, 
    "section_id": {
      "description": "ID of the section to which this rule belongs.", 
      "readonly": true, 
      "required": false, 
      "title": "Section Id", 
      "type": "string"
    }, 
    "services": {
      "description": "List of the services. Null will be treated as any.", 
      "items": {
        "$ref": "ServiceInsertionService
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Service List", 
      "type": "array"
    }, 
    "sources": {
      "description": "List of sources. Null will be treated as any.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Source List", 
      "type": "array"
    }, 
    "sources_excluded": {
      "default": false, 
      "description": "Negation of the source.", 
      "readonly": false, 
      "required": false, 
      "title": "Negation of source", 
      "type": "boolean"
    }
  }, 
  "title": "ServiceInsertion Rule", 
  "type": "object"
}

ServiceInsertionRuleList (type) 

{
  "description": "List of ServiceInsertion Rules.", 
  "id": "ServiceInsertionRuleList", 
  "module_id": "ServiceInsertionRules", 
  "properties": {
    "rules": {
      "description": "List of ServiceInsertion rules in the section. Only homogeneous rules are supported.", 
      "items": {
        "$ref": "ServiceInsertionRule
      }, 
      "maxItems": 1000, 
      "required": true, 
      "title": "List of the ServiceInsertion rules", 
      "type": "array"
    }
  }, 
  "title": "ServiceInsertion Section RuleList", 
  "type": "object"
}

ServiceInsertionRuleListResult (type) 

{
  "description": "List of ServiceInsertion Rules.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceInsertionRuleListResult", 
  "module_id": "ServiceInsertionRules", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "ServiceInsertion rule list result with pagination support.", 
      "items": {
        "$ref": "ServiceInsertionRule
      }, 
      "readonly": true, 
      "required": true, 
      "title": "ServiceInsertion rule list result", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "ServiceInsertion Section RuleList", 
  "type": "object"
}

ServiceInsertionSection (type) 

{
  "description": "A ServiceInsertion section composed of ServiceInsertion Rules.", 
  "extends": {
    "$ref": "DSSection
  }, 
  "id": "ServiceInsertionSection", 
  "module_id": "ServiceInsertionRules", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "applied_tos": {
      "description": "List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "AppliedTo List", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_default": {
      "description": "It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.", 
      "readonly": true, 
      "required": false, 
      "title": "Default section flag", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rule_count": {
      "description": "Number of rules in this section.", 
      "readonly": true, 
      "required": false, 
      "title": "Rule count", 
      "type": "integer"
    }, 
    "section_type": {
      "description": "Type of the rules which a section can contain. Only homogeneous sections are supported.", 
      "enum": [
        "LAYER2", 
        "LAYER3", 
        "L3REDIRECT"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Section Type", 
      "type": "string"
    }, 
    "stateful": {
      "description": "Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.", 
      "readonly": false, 
      "required": true, 
      "title": "Stateful nature of the distributed service rules in the section.", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_strict": {
      "default": false, 
      "description": "Ensures that a three way TCP handshake is done before the data packets are sent if the value is set to be true. tcp_strict=true is supported only for stateful sections.", 
      "required": false, 
      "title": "TCP Strict", 
      "type": "boolean"
    }
  }, 
  "title": "ServiceInsertion Section", 
  "type": "object"
}

ServiceInsertionSectionFilterParameters (type) 

{
  "description": "Pagination and Filtering parameters to get only a subset of sections.", 
  "extends": {
    "$ref": "ServiceInsertionListRequestParameters
  }, 
  "id": "ServiceInsertionSectionFilterParameters", 
  "module_id": "ServiceInsertionRules", 
  "properties": {
    "applied_tos": {
      "description": "Where the Distributed Service Rules are applied.(used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "AppliedTo's referenced by this section or section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "destinations": {
      "description": "The destination value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "Destinations referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "exclude_applied_to_type": {
      "$ref": "DSAppliedToType, 
      "description": "Used to filter out sections not having a specified AppliedTo target type. This parameter cannot be used along with include_applied_to_type parameter. Section filter only takes a single value for this param.", 
      "required": false, 
      "title": "Limit result to sections not having a specific AppliedTo type"
    }, 
    "filter_type": {
      "default": "FILTER", 
      "description": "Filter type defines matching criteria to qualify a rule in result. Type 'FILTER' will ensure all criterias (sources, destinations, services, extended sources, context profiles, appliedtos) are matched. Type 'SEARCH' will match any of the given criteria.", 
      "enum": [
        "FILTER", 
        "SEARCH"
      ], 
      "required": false, 
      "title": "Filter type", 
      "type": "string"
    }, 
    "include_applied_to_type": {
      "$ref": "DSAppliedToType, 
      "description": "Used to filter out results based on target type of a section's AppliedTo. Only sections with matching target type in its applied to will be returned. This parameter cannot be used along with exclude_applied_to_type parameter. Section filter only takes a single value for this param.", 
      "required": false, 
      "title": "Limit result to sections having a specific AppliedTo type"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "services": {
      "description": "Specifying this returns the Rules where this NSServiceElement is used (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "NSService referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "sources": {
      "description": "The source value in Distributed Service Rules (used for filtering the list). Single value is supported in current release. Multiple Comma delmited values may be supported in future releases.", 
      "required": false, 
      "title": "Sources referenced by this section's Distributed Service Rules .", 
      "type": "string"
    }, 
    "type": {
      "default": "L3REDIRECT", 
      "description": "Section Type with values L3REDIRECT.", 
      "enum": [
        "L3REDIRECT"
      ], 
      "required": false, 
      "title": "Section Type", 
      "type": "string"
    }
  }, 
  "title": "Parameters to filter section from list of sections", 
  "type": "object"
}

ServiceInsertionSectionListResult (type) 

{
  "description": "List of ServiceInsertion Sections.", 
  "extends": {
    "$ref": "DSSectionListResult
  }, 
  "id": "ServiceInsertionSectionListResult", 
  "module_id": "ServiceInsertionRules", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of the ServiceInsertion sections. The list has to be homogeneous.", 
      "items": {
        "$ref": "ServiceInsertionSection
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Section list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "ServiceInsertion Section List", 
  "type": "object"
}

ServiceInsertionSectionQueryParameters (type) 

{
  "extends": {
    "$ref": "DSSectionQueryParameters
  }, 
  "id": "ServiceInsertionSectionQueryParameters", 
  "module_id": "ServiceInsertionRules", 
  "properties": {
    "cascade": {
      "default": false, 
      "required": false, 
      "title": "Flag to cascade delete of this object to all it's child objects.", 
      "type": "boolean"
    }
  }, 
  "title": "Section query parameters", 
  "type": "object"
}

ServiceInsertionSectionRuleList (type) 

{
  "description": "List of ServiceInsertion Rules.", 
  "extends": {
    "$ref": "ServiceInsertionSection
  }, 
  "id": "ServiceInsertionSectionRuleList", 
  "module_id": "ServiceInsertionRules", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "applied_tos": {
      "description": "List of objects where the rules in this section will be enforced. This will take precedence over rule level appliedTo.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "AppliedTo List", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_default": {
      "description": "It is a boolean flag which reflects whether a distributed service section is default section or not. Each Layer 3 and Layer 2 section will have at least and at most one default section.", 
      "readonly": true, 
      "required": false, 
      "title": "Default section flag", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "rule_count": {
      "description": "Number of rules in this section.", 
      "readonly": true, 
      "required": false, 
      "title": "Rule count", 
      "type": "integer"
    }, 
    "rules": {
      "description": "List of Service Insertion rules in the section. Only homogeneous rules are supported.", 
      "items": {
        "$ref": "ServiceInsertionRule
      }, 
      "maxItems": 1000, 
      "readonly": false, 
      "required": true, 
      "title": "List of the Service Insertion rules", 
      "type": "array"
    }, 
    "section_type": {
      "description": "Type of the rules which a section can contain. Only homogeneous sections are supported.", 
      "enum": [
        "LAYER2", 
        "LAYER3", 
        "L3REDIRECT"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Section Type", 
      "type": "string"
    }, 
    "stateful": {
      "description": "Stateful or Stateless nature of distributed service section is enforced on all rules inside the section. Layer3 sections can be stateful or stateless. Layer2 sections can only be stateless.", 
      "readonly": false, 
      "required": true, 
      "title": "Stateful nature of the distributed service rules in the section.", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_strict": {
      "default": false, 
      "description": "Ensures that a three way TCP handshake is done before the data packets are sent if the value is set to be true. tcp_strict=true is supported only for stateful sections.", 
      "required": false, 
      "title": "TCP Strict", 
      "type": "boolean"
    }
  }, 
  "title": "ServiceInsertion Section RuleList", 
  "type": "object"
}

ServiceInsertionService (type) 

{
  "description": "Protocol on which a particular ServiceInsertion Rule should apply to.", 
  "extends": {
    "$ref": "DSService
  }, 
  "id": "ServiceInsertionService", 
  "module_id": "ServiceInsertionRules", 
  "properties": {
    "is_valid": {
      "description": "Will be set to false if the referenced NSX resource has been deleted.", 
      "readonly": true, 
      "required": false, 
      "title": "Target validity", 
      "type": "boolean"
    }, 
    "service": {
      "$ref": "NSServiceElement, 
      "description": "Distributed Service API accepts raw protocol and ports as part of NS service element in Distributed Service Rule that describes traffic corresponding to an NSService.", 
      "readonly": false, 
      "required": false, 
      "title": "Distributed Service Network and Security Service element"
    }, 
    "target_display_name": {
      "description": "Display name of the NSX resource.", 
      "maxLength": 255, 
      "readonly": true, 
      "required": false, 
      "title": "Target display name", 
      "type": "string"
    }, 
    "target_id": {
      "description": "Identifier of the NSX resource.", 
      "maxLength": 64, 
      "readonly": false, 
      "required": false, 
      "title": "Target ID", 
      "type": "string"
    }, 
    "target_type": {
      "description": "Type of the NSX resource.", 
      "maxLength": 255, 
      "readonly": false, 
      "required": false, 
      "title": "Target type", 
      "type": "string"
    }
  }, 
  "title": "ServiceInsertion Service", 
  "type": "object"
}

ServiceInsertionServiceListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceInsertionServiceListResult", 
  "module_id": "ServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of the Service-Insertion Services. The list has to be homogenous.", 
      "items": {
        "$ref": "ServiceDefinition
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Service list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service List", 
  "type": "object"
}

ServiceInsertionServiceProfile (type) 

{
  "description": "Service profile represents a specialization of vendor template.", 
  "extends": {
    "$ref": "BaseServiceProfile
  }, 
  "id": "ServiceInsertionServiceProfile", 
  "module_id": "ServiceInsertionCommonTypes", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ServiceInsertionServiceProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "attributes": {
      "description": "List of attributes specific to a partner for which the service is created. These attributes are passed on to the partner appliance and are opaque to the NSX Manager. If a vendor template exposes configurables, then the values are specified here.", 
      "items": {
        "$ref": "Attribute
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Service profile attributes", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "redirection_action": {
      "default": "PUNT", 
      "description": "The redirection action represents if the packet is exclusively redirected to the service, or if a copy is forwarded to the service. The service insertion profile inherits the redirection action if already specified at the vendor template. However the service profile cannot overide the action specified at the vendor template.", 
      "enum": [
        "PUNT", 
        "COPY"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Redirection action", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Service Profile type, for example 'GiServiceProfile', 'ServiceInsertionServiceProfile'", 
      "required": true, 
      "title": "Service Profile Resource type.", 
      "type": "string"
    }, 
    "service_id": {
      "description": "The service to which the service profile belongs.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Id", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "vendor_template_id": {
      "description": "Id of the vendor template to be used by the servive profile.", 
      "readonly": false, 
      "required": true, 
      "title": "Vendor template id", 
      "type": "string"
    }
  }, 
  "title": "Service Profile for a Service", 
  "type": "object"
}

ServiceInsertionStatus (type) 

{
  "description": "It represents global status of Service Insertion for a particular context type. It shows whether a service insertion is enabled or not for a type.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ServiceInsertionStatus", 
  "module_id": "ServiceInsertionStatus", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "context": {
      "$ref": "ServiceInsertionContextType, 
      "description": "Type of service insertion contexts.", 
      "readonly": false, 
      "required": true, 
      "title": "Service Insertion Context Type"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "global_status": {
      "$ref": "ServiceInsertionStatusType, 
      "description": "service insertion status for a context type (e.g. east_west traffic).", 
      "readonly": false, 
      "required": true, 
      "title": "Service Insertion Status Type"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Service Insertion Status", 
  "type": "object"
}

ServiceInsertionStatusListResult (type) 

{
  "description": "List of service insertion statuses for a context or all context", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceInsertionStatusListResult", 
  "module_id": "ServiceInsertionStatus", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ServiceInsertionStatus
      }, 
      "readonly": true, 
      "required": true, 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service Insertion Statuses", 
  "type": "object"
}

ServiceInsertionStatusType (type) 

{
  "description": "Service Insertion status for a context type (e.g. east_west traffic).", 
  "enum": [
    "DISABLED", 
    "ENABLED"
  ], 
  "id": "ServiceInsertionStatusType", 
  "module_id": "ServiceInsertionStatus", 
  "title": "Service Insertion Status Type", 
  "type": "string"
}

ServiceInstance (type) 

{
  "description": "The deployment of a registered service. Service instance is instantiation of service. It is the most used type of instance. It is a default instance to be used when NSX handles lifecycle of appliance. Deployment and appliance related all the information is necessary.", 
  "extends": {
    "$ref": "BaseServiceInstance
  }, 
  "id": "ServiceInstance", 
  "module_id": "ServiceInsertionCommonTypes", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ServiceInstance"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "attachment_point": {
      "description": "Attachment point to be used by this service instance for deploying the Service-VM.", 
      "enum": [
        "TIER0_LR", 
        "TIER1_LR", 
        "SERVICE_PLANE", 
        "HOST"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Attachment Point", 
      "type": "string"
    }, 
    "deployed_to": {
      "description": "List of resource references where service instance be deployed. Ex. Tier 0 Logical Router in case of N-S ServiceInsertion.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "maxItems": 128, 
      "minItems": 1, 
      "readonly": false, 
      "required": true, 
      "title": "Deployed-to object list", 
      "type": "array"
    }, 
    "deployment_mode": {
      "default": "ACTIVE_STANDBY", 
      "description": "Deployment mode specifies where the partner appliance will be deployed in HA or non-HA i.e standalone mode.", 
      "enum": [
        "STAND_ALONE", 
        "ACTIVE_STANDBY"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Deployment Mode", 
      "type": "string"
    }, 
    "deployment_spec_name": {
      "description": "Name of the deployment spec to be used by this service instance.", 
      "readonly": false, 
      "required": true, 
      "title": "Deployment Spec Name", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "implementation_type": {
      "description": "Implementation to be used by this service instance for deploying the Service-VM.", 
      "enum": [
        "NORTH_SOUTH", 
        "EAST_WEST"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Implementation Type", 
      "type": "string"
    }, 
    "instance_deployment_config": {
      "$ref": "InstanceDeploymentConfig, 
      "description": "Instance Deployment Config contains the information to be injected during Service-VM deployment. This field is optional if the service only caters to functionality EPP(Endpoint Protection).", 
      "readonly": false, 
      "required": false, 
      "title": "Instance Deployment Config"
    }, 
    "instance_deployment_template": {
      "$ref": "DeploymentTemplate, 
      "description": "The deployment template to be used by this service instance. The attribute values specific to this instance can be added.", 
      "readonly": false, 
      "required": true, 
      "title": "Instance Deployment Template"
    }, 
    "on_failure_policy": {
      "description": "Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to.", 
      "enum": [
        "ALLOW", 
        "BLOCK"
      ], 
      "required": false, 
      "title": "On Failure Policy", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "ServiceInstanceResourceType, 
      "required": true
    }, 
    "service_deployment_id": {
      "description": "Id of the Service Deployment using which the instances were deployed. Its available only for instances that were deployed using service deployment API.", 
      "readonly": true, 
      "required": false, 
      "title": "Id of the Service Deployment using which the instances were deployed", 
      "type": "string"
    }, 
    "service_id": {
      "description": "The Service to which the service instance is associated.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Id", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_type": {
      "description": "Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection).", 
      "enum": [
        "L2_BRIDGE", 
        "L3_ROUTED", 
        "NSH", 
        "NA"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Transport Type", 
      "type": "string"
    }
  }, 
  "title": "Normal Instance of a service", 
  "type": "object"
}

ServiceInstanceEndpoint (type) 

{
  "additionalProperties": false, 
  "description": "A ServiceInstanceEndpoint belongs to one ByodPolicyServiceInstance and is attached to one ServiceInterface. A ServiceInstanceEndpoint represents a redirection target for a RedirectionPolicy.", 
  "extends": {
    "$ref": "BaseEndpoint
  }, 
  "id": "ServiceInstanceEndpoint", 
  "module_id": "PolicyServiceInsertion", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ServiceInstanceEndpoint"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "VirtualEndpoint", 
        "ServiceInstanceEndpoint"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "service_interface_path": {
      "description": "Path of Service Interface to which this ServiceInstanceEndpoint is connected.", 
      "readonly": false, 
      "required": true, 
      "title": "Service Interface path", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "target_ips": {
      "description": "IPs where either inbound or outbound traffic is to be redirected.", 
      "items": {
        "$ref": "IPInfo
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "IP addresses to redirect the traffic to", 
      "type": "array"
    }
  }, 
  "title": "Service EndPoint for Byod Policy Service Instance", 
  "type": "object"
}

ServiceInstanceEndpointListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "ServiceInstanceEndpointListRequestParameters", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "ServiceInstanceEndpoint list request parameters", 
  "type": "object"
}

ServiceInstanceEndpointListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceInstanceEndpointListResult", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ServiceInstanceEndpoint
      }, 
      "required": true, 
      "title": "ServiceInstanceEndpoint list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of ServiceInstanceEndpoint", 
  "type": "object"
}

ServiceInstanceHealthStatus (type) 

{
  "description": "Health Status of a third party partner VM.", 
  "id": "ServiceInstanceHealthStatus", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "connect_timestamp": {
      "description": "Latest timestamp when mux was connected to SVA.", 
      "required": false, 
      "title": "Timestamp when mux was connected to SVA", 
      "type": "string"
    }, 
    "is_stale": {
      "description": "The parameter is set if the last received health status is older than the predefined interval.", 
      "readonly": true, 
      "required": false, 
      "title": "Flag is true when health status is stale", 
      "type": "boolean"
    }, 
    "is_sva_mux_incompatible": {
      "description": "Protocol version might be different in both Mux and SVA.", 
      "required": false, 
      "title": "Flag is true when Mux and SVA are incompatible", 
      "type": "boolean"
    }, 
    "mux_connected_status": {
      "description": "Status of multiplexer which forwards the events from guest virtual machines to the partner appliance.", 
      "required": false, 
      "title": "Context Multiplexer Status", 
      "type": "string"
    }, 
    "mux_incompatible_version": {
      "description": "Mux version when Mux and SVA are incompatible", 
      "required": false, 
      "title": "Mux incompatible version", 
      "type": "string"
    }, 
    "solution_status": {
      "description": "Status of third party partner solution application.", 
      "required": false, 
      "title": "Third party partner solution status", 
      "type": "string"
    }, 
    "solution_version": {
      "description": "Version of third party partner solution application.", 
      "required": false, 
      "title": "Solution version of partner application", 
      "type": "string"
    }, 
    "sync_time": {
      "description": "Latest timestamp when health status is received.", 
      "required": false, 
      "title": "Health status timestamp", 
      "type": "string"
    }
  }, 
  "title": "Service instance health status", 
  "type": "object"
}

ServiceInstanceListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceInstanceListResult", 
  "module_id": "ServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of the Service-Insertion ServicesInstances. The list has to be homogenous.", 
      "items": {
        "$ref": "BaseServiceInstance
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Service-Instance list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service Instance List", 
  "type": "object"
}

ServiceInstanceNSGroups (type) 

{
  "description": "ServiceInstanceNSGroups contains list of NS Groups referenced in North-South Service Insertion Rules for a particular Service Instance.", 
  "id": "ServiceInstanceNSGroups", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "nsroups": {
      "description": "List of NSGroups Used in ServiceInsertion Rules.", 
      "items": {
        "$ref": "NSGroupInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "NSGroup List", 
      "type": "array"
    }
  }, 
  "title": "NSGroups referenced in North-South Service Instance", 
  "type": "object"
}

ServiceInstanceQueryParameters (type) 

{
  "id": "ServiceInstanceQueryParameters", 
  "module_id": "ServiceInsertion", 
  "properties": {
    "deployed_to": {
      "description": "The deployed_to attribute in Service Instance. Currently only Logical Router id is supported as deployed_to value. Single value is supported in current release.", 
      "required": false, 
      "title": "Deployed_to referenced by service instances present in system", 
      "type": "string"
    }, 
    "service_deployment_id": {
      "description": "Service Deployment Id using which the instances were deployed. Single value is supported in current release.", 
      "required": false, 
      "title": "Service Deployment Id using which the instances were deployed", 
      "type": "string"
    }
  }, 
  "title": "Service Instance query parameters", 
  "type": "object"
}

ServiceInstanceResourceType (type) 

{
  "additionalProperties": false, 
  "description": "ServiceInstance is used when NSX handles the lifecyle of   appliance. Deployment and appliance related all the information is necessary. ByodServiceInstance is a custom instance to be used when NSX is not handling   the lifecycles of appliance/s. User will manage their own appliance (BYOD)   to connect with NSX. VirtualServiceInstance is a a custom instance to be used when NSX is not   handling the lifecycle of an appliance and when the user is not bringing   their own appliance.", 
  "enum": [
    "ServiceInstance", 
    "ByodServiceInstance", 
    "VirtualServiceInstance"
  ], 
  "id": "ServiceInstanceResourceType", 
  "module_id": "ServiceInsertionCommonTypes", 
  "title": "Resource types of Service Instance", 
  "type": "string"
}

ServiceInstanceStatus (type) 

{
  "id": "ServiceInstanceStatus", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "configuration_issue": {
      "$ref": "SVMConfigureIssue, 
      "description": "This object contains the list of issues which might come during post deployment configuration for a particular service instance.", 
      "readonly": true, 
      "required": false, 
      "title": "Collection of configuration issues during service instance deployment"
    }, 
    "instance_deployment_status": {
      "$ref": "ServiceDeploymentStatus, 
      "description": "Deployment status of NXGI Partner Service-VM.", 
      "readonly": true, 
      "required": false, 
      "title": "Deployment status of a Service Instance"
    }, 
    "instance_health_status": {
      "$ref": "ServiceInstanceHealthStatus, 
      "description": "Health status of NXGI components on Partner Service-VM.", 
      "readonly": true, 
      "required": false, 
      "title": "Health status of a Service Instance"
    }, 
    "service_instance_id": {
      "description": "Id of an instantiation of a registered service.", 
      "readonly": true, 
      "required": false, 
      "title": "Service instance id", 
      "type": "string"
    }
  }, 
  "type": "object"
}

ServiceInterface (type) 

{
  "additionalProperties": false, 
  "description": "Service interface configuration for internal connectivity.", 
  "extends": {
    "$ref": "BaseTier0Interface
  }, 
  "id": "ServiceInterface", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "subnets": {
      "description": "Specify IP address and network prefix for interface.", 
      "items": {
        "$ref": "InterfaceSubnet
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "IP address and subnet specification for interface", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Service interface configuration", 
  "type": "object"
}

ServiceInterfaceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceInterfaceListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ServiceInterface
      }, 
      "required": true, 
      "title": "Service Interface list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Service Interfaces", 
  "type": "object"
}

ServiceListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "ServiceListRequestParameters", 
  "module_id": "Policy", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "default_service": {
      "description": "If set to true, then it will display only default services. If set to false, then it will display all user defined services. If it is not provided, then complete (default as well as user defined) list of services will be displayed.", 
      "title": "Fetch all default services", 
      "type": "boolean"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service list request parameters", 
  "type": "object"
}

ServiceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceListResult", 
  "module_id": "Policy", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Service
      }, 
      "required": true, 
      "title": "Service list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Services", 
  "type": "object"
}

ServiceManager (type) 

{
  "description": "Partner console endpoint information for enabling NSX to callback with events and status.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ServiceManager", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "authentication_scheme": {
      "$ref": "CallbackAuthenticationScheme, 
      "description": "A CallbackAuthenticationScheme that describes how notification requests/callbacks from NSX, should authenticate to the server.", 
      "readonly": false, 
      "required": true, 
      "title": "Scheme to authenticate requests sent to the server"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "port": {
      "description": "Integer port value to specify a standard/non-standard HTTPS port.", 
      "maximum": 65535, 
      "minimum": 0, 
      "readonly": false, 
      "required": true, 
      "title": "Integer port value to specify a HTTPS port", 
      "type": "integer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "server": {
      "description": "IP address or fully qualified domain name of the partner REST server.", 
      "readonly": false, 
      "required": true, 
      "title": "IP address or fully qualified domain name of server", 
      "type": "string"
    }, 
    "service_ids": {
      "description": "The IDs of services, provided by partner.", 
      "items": {
        "$ref": "ResourceReference
      }, 
      "readonly": false, 
      "required": true, 
      "title": "Service IDs", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "thumbprint": {
      "description": "Thumbprint (SHA-256 hash represented in lower case hex) for the certificate on the partner console. This will be required to establish secure communication with the console and to avoid man-in-the-middle attacks.", 
      "title": "Thumbprint of the certificate for partner console", 
      "type": "string"
    }, 
    "uri": {
      "description": "URI on which notification requests should be made on the specified server.", 
      "readonly": false, 
      "required": true, 
      "title": "URI notification requests should be made on the server", 
      "type": "string"
    }, 
    "vendor_id": {
      "description": "Id which is unique to a vendor or partner for which the service is created.", 
      "readonly": true, 
      "required": false, 
      "title": "Vendor ID", 
      "type": "string"
    }
  }, 
  "title": "Definition of a Service Manager", 
  "type": "object"
}

ServiceManagerListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceManagerListResult", 
  "module_id": "ServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of the Service-managers.", 
      "items": {
        "$ref": "ServiceManager
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Service manager list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service Manager List Result", 
  "type": "object"
}

ServicePath (type) 

{
  "description": "An instance of service chain that consists of forward and reverse service paths.", 
  "id": "ServicePath", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "forward_path": {
      "$ref": "UnidirectionalServicePath, 
      "description": "Forward service path if available that applies to ingress traffic.", 
      "readonly": true, 
      "required": false, 
      "title": "Forward service path"
    }, 
    "reverse_path": {
      "$ref": "UnidirectionalServicePath, 
      "description": "Reverse service path if available that applies to egress traffic.", 
      "readonly": true, 
      "required": false, 
      "title": "Reverse Service Path"
    }, 
    "service_chain_id": {
      "description": "A unique id of a service chain.", 
      "readonly": true, 
      "required": false, 
      "title": "Service chain id", 
      "type": "integer"
    }, 
    "service_chain_uuid": {
      "description": "Uuid of a service chain.", 
      "readonly": true, 
      "required": false, 
      "title": "Uuid of a service chain", 
      "type": "string"
    }, 
    "service_path_id": {
      "description": "Unique identifier of a service path.", 
      "readonly": true, 
      "required": false, 
      "title": "Service path id", 
      "type": "integer"
    }
  }, 
  "title": "Service path", 
  "type": "object"
}

ServicePathHop (type) 

{
  "description": "Represents a service VM implementing a particular service in a service chain", 
  "id": "ServicePathHop", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "action": {
      "description": "Action that will be taken by the corresponding service VM of the hop.", 
      "enum": [
        "SERVICE_ACTION_INVALID", 
        "COPY", 
        "REDIRECT"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Action", 
      "type": "string"
    }, 
    "can_decrement_si": {
      "description": "Indicating whether service is configured to decrement SI field in NSH metadata.", 
      "readonly": true, 
      "required": false, 
      "title": "SI decrement flag", 
      "type": "boolean"
    }, 
    "in_maintenance_mode": {
      "description": "Indicating the maintenance mode of the corresponding service VM.", 
      "readonly": true, 
      "required": false, 
      "title": "Maintenance mode flag", 
      "type": "boolean"
    }, 
    "is_active_from_ccp": {
      "description": "Indicating whether the corresponding service VM is active or not per CCP.", 
      "readonly": true, 
      "required": false, 
      "title": "Active flag managed by CCP", 
      "type": "boolean"
    }, 
    "is_active_from_dp": {
      "description": "Indicating whether the corresponding service VM is active or not per DP.", 
      "readonly": true, 
      "required": false, 
      "title": "Active flag managed by DP", 
      "type": "boolean"
    }, 
    "is_active_from_mp": {
      "description": "Indicating whether the corresponding service VM is active or not per MP.", 
      "readonly": true, 
      "required": false, 
      "title": "Active flag managed by MP", 
      "type": "boolean"
    }, 
    "mac_address": {
      "description": "MAC address of the virtual network interface.", 
      "readonly": true, 
      "required": false, 
      "title": "MAC address of the virtual network interface.", 
      "type": "string"
    }, 
    "nsh_liveness_support": {
      "description": "Indicating whether NSH liveness is supported or not by the corresponding service VM.", 
      "readonly": true, 
      "required": false, 
      "title": "NSH liveness flag", 
      "type": "boolean"
    }, 
    "vif": {
      "description": "ID of the virtual network interface.", 
      "readonly": true, 
      "required": false, 
      "title": "Virtual interface id", 
      "type": "string"
    }
  }, 
  "title": "Service path hop", 
  "type": "object"
}

ServicePathListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServicePathListResult", 
  "module_id": "ServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of homogenous service paths", 
      "items": {
        "$ref": "ServicePath
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Service Path list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service path list", 
  "type": "object"
}

ServiceProfileGroups (type) 

{
  "description": "ServiceProfileGroups contains list of Groups referenced in Service Insertion Rules.To be considered, Service profile must be part of a Service chain and that Service chain must be used in a Rule.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ServiceProfileGroups", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "groups": {
      "description": "List of Groups Used in ServiceInsertion Rules.", 
      "items": {
        "$ref": "GroupInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Group Info List", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Groups used in Service Profile", 
  "type": "object"
}

ServiceProfileNSGroups (type) 

{
  "description": "ServiceProfileNSGroups contains list of NS Groups referenced in Service Insertion Rules. To be considered, Service profile must be part of a Service Chain and that Service chain must be used in a Rule.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "ServiceProfileNSGroups", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "nsroups": {
      "description": "List of NSGroups Used in ServiceInsertion Rules.", 
      "items": {
        "$ref": "NSGroupInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "NSGroup List", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "NSGroups used in Service Profile", 
  "type": "object"
}

ServiceReference (type) 

{
  "description": "An anchor object representing the intent to consume a given 3rd party service.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "ServiceReference", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "A Service's operational state can be enabled or disabled. Note that would work only for NetX type of services and would not work for Guest Introsp- ection type of Services. TRUE - The Service should be enabled FALSE - The Service should be disabled", 
      "readonly": false, 
      "required": false, 
      "title": "Operational state of the Service.", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "partner_service_name": {
      "description": "Unique name of Partner Service to be consumed for redirection.", 
      "required": true, 
      "title": "Name of Partner Service", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "An anchor object representing the intent to consume a given 3rd party service.", 
  "type": "object"
}

ServiceReferenceListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "ServiceReferenceListRequestParameters", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service reference list request parameters", 
  "type": "object"
}

ServiceReferenceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceReferenceListResult", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ServiceReference
      }, 
      "required": true, 
      "title": "Service Reference list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service Reference List", 
  "type": "object"
}

ServiceRouterAllocationConfig (type) 

{
  "additionalProperties": false, 
  "id": "ServiceRouterAllocationConfig", 
  "module_id": "LogicalRouter", 
  "properties": {
    "allocation_pool": {
      "$ref": "EdgeClusterMemberAllocationPool, 
      "description": "Logical router allocation can be tracked for specific services and services may have their own hard limits and allocation sizes. For example load balancer pool should be specified if load balancer service will be attached to logical router.", 
      "required": false, 
      "title": "Edge Cluster Member Allocation Pool for logical router"
    }, 
    "edge_cluster_id": {
      "description": "To reallocate TIER1 logical router on new or existing edge cluster", 
      "required": true, 
      "title": "Edge cluster id to re allocate members", 
      "type": "string"
    }, 
    "edge_cluster_member_indices": {
      "description": "For TIER 1 logical router, for manual placement of service router within the cluster, edge cluster member indices needs to be provided else same will be auto-allocated. You can provide maximum two indices for HA ACTIVE_STANDBY.", 
      "items": {
        "type": "integer"
      }, 
      "required": false, 
      "title": "Member indices of the edge node on the cluster", 
      "type": "array"
    }
  }, 
  "type": "object"
}

ServiceSegment (type) 

{
  "additionalProperties": false, 
  "description": "Service Segment configuration to attach Service Insertion VM.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "ServiceSegment", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_zone_path": {
      "description": "Policy path to transport zone. Only overlay transport zone is supported.", 
      "required": true, 
      "title": "Policy path to the transport zone", 
      "type": "string"
    }
  }, 
  "title": "Service Segment configuration", 
  "type": "object"
}

ServiceSegmentListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "ServiceSegmentListRequestParameters", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service Segment list request parameters", 
  "type": "object"
}

ServiceSegmentListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "ServiceSegmentListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ServiceSegment
      }, 
      "required": true, 
      "title": "Service Segment list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Service Segment", 
  "type": "object"
}

ServiceType (type) 

{
  "enum": [
    "MGMT_CLUSTER", 
    "MGMT_PLANE", 
    "API", 
    "NOTIFICATION_COLLECTOR", 
    "SYSLOG_SERVER", 
    "RSYSLOG_CLIENT"
  ], 
  "id": "ServiceType", 
  "module_id": "CertificateManager", 
  "title": "Supported service types, that are using certificates.", 
  "type": "string"
}

ServiceVMStateParameters (type) 

{
  "id": "ServiceVMStateParameters", 
  "module_id": "ServiceInsertionVMDeployment", 
  "properties": {
    "action": {
      "description": "You could use this parameter to set a servcie VM in maintenance mode or exit from maintenance mode, or set a service VM health state to indicate whether the service VM is running properly or not. 'enable_maintenance_mode' will set service VM in maintenance mode. 'disable_maintenance_mode' will exit from maintenance mode. 'is_healthy' will set runtime health state by partner of a service VM to be healthy. 'is_stopped' will set runtime health state by partner of a service VM to be stopped. 'is_not_responding' will set runtime health state by partner of a service VM to be not responding.", 
      "enum": [
        "enable_maintenance_mode", 
        "disable_maintenance_mode", 
        "is_healthy", 
        "is_stopped", 
        "is_not_responding"
      ], 
      "type": "string"
    }, 
    "unhealthy_reason": {
      "description": "Reason for the unhealthy state.", 
      "maxLength": 500, 
      "required": false, 
      "title": "Reason for the unhealthy state", 
      "type": "string"
    }
  }, 
  "title": "Service VM maintenance mode setting parameters", 
  "type": "object"
}

SessionReclassificationParameter (type) 

{
  "Description": "Input parameter for Reclassifying a finished session.", 
  "id": "SessionReclassificationParameter", 
  "module_id": "AppDiscovery", 
  "properties": {
    "app_profile_ids": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "App Profile Ids", 
      "type": "array"
    }
  }, 
  "type": "object"
}

SessionSummaryParameters (type) 

{
  "additionalProperties": false, 
  "description": "IPSec VPN session summary parameters.", 
  "extends": {
    "$ref": "DataSourceParameters
  }, 
  "id": "SessionSummaryParameters", 
  "module_id": "VPNStatistics", 
  "properties": {
    "site_id": {
      "description": "Peer site id.", 
      "title": "Peer site id", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }
  }, 
  "title": "IPSec VPN session summary parameters", 
  "type": "object"
}

SessionTimerProfileBindingListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SessionTimerProfileBindingListResult", 
  "module_id": "PolicyProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "SessionTimerProfileBindingMap
      }, 
      "required": true, 
      "title": "Session timer profile binding maps list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of session timer profile binding maps", 
  "type": "object"
}

SessionTimerProfileBindingMap (type) 

{
  "additionalProperties": false, 
  "description": "This entity will be used to establish association between Session Timer profile and Logical Routers.", 
  "extends": {
    "$ref": "ProfileBindingMap
  }, 
  "id": "SessionTimerProfileBindingMap", 
  "module_id": "PolicyProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "SessionTimerProfileBindingMap"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "profile_path": {
      "description": "PolicyPath of associated Profile", 
      "required": true, 
      "title": "Profile Path", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Policy Session Timer Profile binding map", 
  "type": "object"
}

SetFields (type) 

{
  "additionalProperties": false, 
  "description": "Set Fields is an action to set fields of the source event.", 
  "extends": {
    "$ref": "Action
  }, 
  "id": "SetFields", 
  "module_id": "PolicyReaction", 
  "polymorphic-type-descriptor": {
    "type-identifier": "SetFields"
  }, 
  "properties": {
    "field_settings": {
      "description": "Field Settings.", 
      "items": {
        "$ref": "FieldSetting
      }, 
      "minItems": 1, 
      "title": "Field Settings", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "Reaction Action resource type.", 
      "enum": [
        "PatchResources", 
        "SetFields"
      ], 
      "required": true, 
      "title": "Resource Type", 
      "type": "string"
    }
  }, 
  "title": "Set Fields", 
  "type": "object"
}

SftpProtocol (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Protocol
  }, 
  "id": "SftpProtocol", 
  "polymorphic-type-descriptor": {
    "type-identifier": "sftp"
  }, 
  "properties": {
    "authentication_scheme": {
      "$ref": "PasswordAuthenticationScheme, 
      "required": true, 
      "title": "Scheme to authenticate if required"
    }, 
    "name": {
      "enum": [
        "http", 
        "https", 
        "scp", 
        "sftp"
      ], 
      "required": true, 
      "title": "Protocol name", 
      "type": "string"
    }, 
    "ssh_fingerprint": {
      "required": true, 
      "title": "SSH fingerprint of server", 
      "type": "string"
    }
  }, 
  "type": "object"
}

Site (type) 

{
  "description": "Logical grouping of enforcement points", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Site", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enforcement_points": {
      "items": {
        "$ref": "EnforcementPoint
      }, 
      "required": false, 
      "title": "Logical grouping of enforcement points", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Site", 
  "type": "object"
}

SiteListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Site list request parameters", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "SiteListRequestParameters", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Site list request parameters", 
  "type": "object"
}

SiteListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paged Collection of Sites", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SiteListResult", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Site
      }, 
      "required": true, 
      "title": "Site", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Sites", 
  "type": "object"
}

SnatTranslationType (type) 

{
  "additionalProperties": false, 
  "description": "Load balancers may need to perform SNAT to ensure reverse traffic from the server can be received and processed by them. There are two modes: LbSnatAutoMap uses the load balancer interface IP and an ephemeral port as the source IP and port of the server side connection. LbSnatIpPool allows user to specify one or more IP addresses along with their subnet masks that should be used for SNAT while connecting to any of the servers in the pool.", 
  "enum": [
    "LbSnatAutoMap", 
    "LbSnatIpPool"
  ], 
  "id": "SnatTranslationType", 
  "module_id": "LoadBalancer", 
  "title": "Snat translation type", 
  "type": "string"
}

SnmpServiceProperties (type) 

{
  "additionalProperties": false, 
  "id": "SnmpServiceProperties", 
  "module_id": "CentralNodeConfig", 
  "properties": {
    "communities": {
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "title": "SNMP v1, v2c community", 
      "type": "array"
    }, 
    "start_on_boot": {
      "required": true, 
      "title": "Start when system boots", 
      "type": "boolean"
    }
  }, 
  "title": "SNMP Service properties", 
  "type": "object"
}

SoftwareModule (type) 

{
  "id": "SoftwareModule", 
  "module_id": "FabricNode", 
  "properties": {
    "module_name": {
      "required": true, 
      "title": "Name of the module in the node", 
      "type": "string"
    }, 
    "module_version": {
      "required": true, 
      "title": "Version of the module in the node", 
      "type": "string"
    }
  }, 
  "title": "Software module details", 
  "type": "object"
}

SoftwareModuleResult (type) 

{
  "id": "SoftwareModuleResult", 
  "module_id": "FabricNode", 
  "properties": {
    "software_modules": {
      "items": {
        "$ref": "SoftwareModule
      }, 
      "required": true, 
      "title": "Software module results", 
      "type": "array"
    }
  }, 
  "title": "Software module result", 
  "type": "object"
}

SolutionConfig (type) 

{
  "description": "Solution Config would contain Vendor specific information required for configuring the NXGI partner Service after deployment.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "SolutionConfig", 
  "module_id": "Nxgi", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "control_ip": {
      "$ref": "IPv4Address, 
      "description": "Partner needs to specify their assigned control IP with which they have configured their OVFs.", 
      "readonly": false, 
      "required": true, 
      "title": "Control IP"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "listen_port": {
      "description": "Partner needs to specify their port on which their solution application which consumes NXGI EPSec library listens.", 
      "maximum": 48655, 
      "minimum": 48651, 
      "readonly": false, 
      "required": true, 
      "title": "Port", 
      "type": "int"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "service_id": {
      "description": "The service to which the service profile belongs.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Id", 
      "type": "string"
    }, 
    "solution_id": {
      "description": "Partner needs to specify Solution Id assigned by VMware.", 
      "readonly": false, 
      "required": true, 
      "title": "Solution Id", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Solution Configuration Info", 
  "type": "object"
}

SolutionConfigListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SolutionConfigListResult", 
  "module_id": "Nxgi", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of the Solution Config.", 
      "items": {
        "$ref": "SolutionConfig
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Solution Config List", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Solution Config List", 
  "type": "object"
}

Source (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "description": "Source that is logically deemed to be the \"object\" upon which the Event in question initially occurred upon. The Source is responsible for providing information of the occurred event. Some example sources include: - Resource. - API.", 
  "id": "Source", 
  "module_id": "PolicyReaction", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "resource_type": {
      "description": "Event Source resource type.", 
      "enum": [
        "ResourceOperation", 
        "ApiRequestBody"
      ], 
      "required": true, 
      "title": "Resource Type", 
      "type": "string"
    }
  }, 
  "title": "Event Source", 
  "type": "object"
}

SourceEntity (type) 

{
  "description": "Service insertion data path inserts unique 'source node id' value into each packet before it received by Service VM. This value can be resolved to multiple Source Entities. It represents source of the packets.", 
  "id": "SourceEntity", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "source_entity_id": {
      "description": "UUID of Source entity", 
      "readonly": true, 
      "required": true, 
      "title": "Source entity ID", 
      "type": "string"
    }, 
    "source_entity_type": {
      "description": "Type of source entity. Currently source value can be resolved to VIF and Virtual Machine.", 
      "enum": [
        "VIRTUAL_NETWORK_INTERFACE", 
        "VIRTUAL_MACHINE"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Source entity type", 
      "type": "string"
    }
  }, 
  "title": "Source entity", 
  "type": "object"
}

SourceEntityQueryParameters (type) 

{
  "id": "SourceEntityQueryParameters", 
  "module_id": "ServiceInsertion", 
  "properties": {
    "source_node_value": {
      "description": "unique value representing source node", 
      "required": true, 
      "title": "value", 
      "type": "string"
    }
  }, 
  "title": "Source entity query parameters", 
  "type": "object"
}

SourceEntityResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SourceEntityResult", 
  "module_id": "ServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of the Service Entities", 
      "items": {
        "$ref": "SourceEntity
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Service Entity List", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Service Entity List", 
  "type": "object"
}

SourceFieldEvaluation (type) 

{
  "additionalProperties": false, 
  "description": "Source Field Evaluation represents an evaluation on resource fields. A source field evaluation will be evaluated against an Event Source which is of type Resource Operation. For instance, the attribute constraint could be related to the necessity that one of the source fields equals one of the specified values.", 
  "extends": {
    "$ref": "Evaluation
  }, 
  "id": "SourceFieldEvaluation", 
  "module_id": "PolicyReaction", 
  "polymorphic-type-descriptor": {
    "type-identifier": "SourceFieldEvaluation"
  }, 
  "properties": {
    "expected": {
      "description": "Expected values necessary to apply the specified operation on the source field value.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "Operator Arguments", 
      "type": "array"
    }, 
    "field_pointer": {
      "description": "Field in the form of a pointer, describing the location of the attribute within the source of the event.", 
      "required": true, 
      "title": "Field Pointer", 
      "type": "string"
    }, 
    "operator": {
      "description": "Logical operator.", 
      "enum": [
        "EQ", 
        "NOT_EQ"
      ], 
      "required": true, 
      "title": "Logical Operator", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Criterion Evaluation resource type.", 
      "enum": [
        "SourceFieldEvaluation"
      ], 
      "required": true, 
      "title": "Resource Type", 
      "type": "string"
    }
  }, 
  "title": "Source Field Evaluation", 
  "type": "object"
}

SourceIpPersistencePurge (type) 

{
  "additionalProperties": false, 
  "description": "If the persistence table is full and a new connection without a matching persistence entry is received, then by default(FULL) oldest persistence entries are purged from the table to make space for new entries. Each time purging gets triggered, a small percentage of the entries are purged. If purging is disabled(NO_PURGE) and a new incoming connection requires a persistence entry to be created, then that connection is rejected even though backend servers are available.", 
  "enum": [
    "NO_PURGE", 
    "FULL"
  ], 
  "id": "SourceIpPersistencePurge", 
  "module_id": "LoadBalancer", 
  "title": "source ip persistence purge setting", 
  "type": "string"
}

SourceNsxApiEndpoint (type) 

{
  "additionalProperties": false, 
  "description": "Details about an existing NSX manager to be migrated", 
  "id": "SourceNsxApiEndpoint", 
  "module_id": "Migration", 
  "properties": {
    "auth_token": {
      "description": "Auth token used to make REST calls to source NSX API endpoint. This field is not applicable in case of vSphere network migration.", 
      "readonly": false, 
      "required": false, 
      "sensitive": true, 
      "title": "Source NSX auth token", 
      "type": "string"
    }, 
    "ip": {
      "description": "IP address or hostname of a source NSX API endpoint. This field is not applicable in case of vSphere network migration.", 
      "format": "hostname-or-ip", 
      "readonly": false, 
      "required": false, 
      "title": "Source NSX API endpoint IP address", 
      "type": "string"
    }, 
    "nsx_password": {
      "description": "Password for connecting to NSX manager. This field is not applicable in case of vSphere network migration.", 
      "readonly": false, 
      "required": false, 
      "sensitive": true, 
      "title": "Password for NSX manager", 
      "type": "string"
    }, 
    "nsx_syncrole": {
      "description": "Signifies Universal Sync role status (STANDALONE, PRIMARY, SECONDARY) of a source NSX API endpoint.", 
      "readonly": true, 
      "required": false, 
      "title": "Source NSX API endpoint Universal Sync role", 
      "type": "string"
    }, 
    "nsx_username": {
      "description": "Username for connecting to NSX manager. This field is not applicable in case of vSphere network migration.", 
      "readonly": false, 
      "required": false, 
      "title": "Username for NSX manager", 
      "type": "string"
    }, 
    "nsx_version": {
      "description": "Build version (major, minor, patch) of a source NSX API endpoint.", 
      "readonly": true, 
      "required": false, 
      "title": "Source NSX API endpoint build version", 
      "type": "string"
    }, 
    "vc_ip": {
      "description": "IP address or host name of VC.", 
      "format": "hostname-or-ip", 
      "readonly": false, 
      "required": true, 
      "title": "VC IP address or host name", 
      "type": "string"
    }, 
    "vc_password": {
      "description": "Password for connecting to VC.", 
      "readonly": false, 
      "required": true, 
      "sensitive": true, 
      "title": "Password for VC", 
      "type": "string"
    }, 
    "vc_port": {
      "default": 443, 
      "description": "VC port that will be used to fetch details.", 
      "readonly": false, 
      "required": false, 
      "title": "VC port", 
      "type": "int"
    }, 
    "vc_username": {
      "description": "Username for connecting to VC.", 
      "readonly": false, 
      "required": true, 
      "title": "Username for VC", 
      "type": "string"
    }, 
    "vc_version": {
      "description": "Build version of VC.", 
      "readonly": true, 
      "required": false, 
      "title": "VC build version", 
      "type": "string"
    }
  }, 
  "title": "Source NSX manager details", 
  "type": "object"
}

SpoofGuardProfile (type) 

{
  "additionalProperties": false, 
  "description": "SpoofGuard is a tool that is designed to prevent virtual machines in your environment from sending traffic with IP addresses which are not authorized to send traffic from. A SpoofGuard policy profile once enabled blocks the traffic determined to be spoofed.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "SpoofGuardProfile", 
  "module_id": "PolicySpoofGuard", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "address_binding_whitelist": {
      "default": false, 
      "description": "If true, enable the SpoofGuard, which only allows VM sending traffic with the IPs in the whitelist.", 
      "required": true, 
      "title": "Enable SpoofGuard", 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "search_dsl_name": [
    "spoof guard segment profile"
  ], 
  "title": "SpoofGuard Profile", 
  "type": "object"
}

SpoofGuardProfileListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "SpoofGuardProfileListRequestParameters", 
  "module_id": "PolicySpoofGuard", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "SpoofGuard profile request parameters", 
  "type": "object"
}

SpoofGuardProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SpoofGuardProfileListResult", 
  "module_id": "PolicySpoofGuard", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "SpoofGuardProfile
      }, 
      "required": true, 
      "title": "SpoofGuard profile list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of SpoofGuard profiles", 
  "type": "object"
}

SpoofGuardSwitchingProfile (type) 

{
  "extends": {
    "$ref": "BaseSwitchingProfile
  }, 
  "id": "SpoofGuardSwitchingProfile", 
  "module_id": "SpoofGuardSwitchingProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "SpoofGuardSwitchingProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "required_capabilities": {
      "help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "resource_type": {
      "help_summary": "Possible values are 'QosSwitchingProfile', 'PortMirroringSwitchingProfile',\n'IpDiscoverySwitchingProfile', 'MacManagementSwitchingProfile', 'SpoofGuardSwitchingProfile' and 'SwitchSecuritySwitchingProfile'\n'PortMirroringSwitchingProfile' is deprecated, please turn to\n\"Troubleshooting And Monitoring: Portmirroring\" and use\nPortMirroringSession API for port mirror function.\n", 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "white_list_providers": {
      "help_detail": "SpoofGuard is considered to be disabled if no white-list providers\nare specified in the profile.\nIf multiple providers of address bindings are specificed, then the effective\naddress bindings is the intersection of all specificed bindings. In case if\nsuch effective address bindings is empty, then all packets are dropped.\n", 
      "items": {
        "$ref": "WhiteListProvisionType
      }, 
      "readonly": false, 
      "required": true, 
      "title": "List of providers for white listed address bindings.", 
      "type": "array"
    }
  }, 
  "title": "SpoofGuard configuration", 
  "type": "object"
}

SshKeyBaseProperties (type) 

{
  "additionalProperties": {}, 
  "id": "SshKeyBaseProperties", 
  "properties": {
    "label": {
      "required": true, 
      "title": "SSH key label (used to identify the key)", 
      "type": "string"
    }, 
    "password": {
      "required": false, 
      "sensitive": true, 
      "title": "Current password for user (required for users root and admin)", 
      "type": "string"
    }
  }, 
  "type": "object"
}

SshKeyProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "SshKeyBaseProperties
  }, 
  "id": "SshKeyProperties", 
  "properties": {
    "label": {
      "required": true, 
      "title": "SSH key label (used to identify the key)", 
      "type": "string"
    }, 
    "password": {
      "required": false, 
      "sensitive": true, 
      "title": "Current password for user (required for users root and admin)", 
      "type": "string"
    }, 
    "type": {
      "pattern": "^(ecdsa-sha2-nistp256|ecdsa-sha2-nistp384|ecdsa-sha2-nistp521|ssh-dss|ssh-ed25519|ssh-rsa)$", 
      "required": true, 
      "title": "SSH key type", 
      "type": "string"
    }, 
    "value": {
      "required": true, 
      "title": "SSH key value", 
      "type": "string"
    }
  }, 
  "type": "object"
}

SshKeyPropertiesListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SshKeyPropertiesListResult", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "SshKeyProperties
      }, 
      "required": true, 
      "title": "SSH key properties query results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "SSH key properties query results", 
  "type": "object"
}

SshServiceProperties (type) 

{
  "additionalProperties": false, 
  "id": "SshServiceProperties", 
  "properties": {
    "start_on_boot": {
      "required": true, 
      "title": "Start service when system boots", 
      "type": "boolean"
    }
  }, 
  "title": "SSH Service properties", 
  "type": "object"
}

SslCipher (type) 

{
  "additionalProperties": false, 
  "enum": [
    "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", 
    "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", 
    "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", 
    "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", 
    "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", 
    "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", 
    "TLS_RSA_WITH_AES_256_CBC_SHA", 
    "TLS_RSA_WITH_AES_128_CBC_SHA", 
    "TLS_RSA_WITH_3DES_EDE_CBC_SHA", 
    "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", 
    "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", 
    "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", 
    "TLS_RSA_WITH_AES_128_CBC_SHA256", 
    "TLS_RSA_WITH_AES_128_GCM_SHA256", 
    "TLS_RSA_WITH_AES_256_CBC_SHA256", 
    "TLS_RSA_WITH_AES_256_GCM_SHA384", 
    "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", 
    "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", 
    "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", 
    "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", 
    "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", 
    "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", 
    "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", 
    "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", 
    "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", 
    "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", 
    "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", 
    "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", 
    "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", 
    "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", 
    "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
  ], 
  "id": "SslCipher", 
  "module_id": "LoadBalancer", 
  "title": "SSL cipher", 
  "type": "string"
}

SslCipherGroup (type) 

{
  "additionalProperties": false, 
  "enum": [
    "BALANCED", 
    "HIGH_SECURITY", 
    "HIGH_COMPATIBILITY", 
    "CUSTOM"
  ], 
  "id": "SslCipherGroup", 
  "module_id": "LoadBalancer", 
  "title": "SSL cipher group", 
  "type": "string"
}

SslProtocol (type) 

{
  "additionalProperties": false, 
  "enum": [
    "SSL_V2", 
    "SSL_V3", 
    "TLS_V1", 
    "TLS_V1_1", 
    "TLS_V1_2"
  ], 
  "id": "SslProtocol", 
  "module_id": "LoadBalancer", 
  "title": "SSL protocol", 
  "type": "string"
}

SslTrustObjectData (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "SslTrustObjectData", 
  "module_id": "TempPolicyLoadBalancer", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "key_algo": {
      "description": "Key algorithm contained in this certificate", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "passphrase": {
      "description": "Password for private key encryption", 
      "readonly": false, 
      "required": false, 
      "sensitive": true, 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "pem_encoded": {
      "description": "pem encoded certificate data", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "private_key": {
      "description": "private key data", 
      "readonly": false, 
      "required": false, 
      "sensitive": true, 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

StandaloneHostIdfwConfiguration (type) 

{
  "additionalProperties": false, 
  "description": "Idfw configuration for enable/disable idfw on standalone hosts.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "StandaloneHostIdfwConfiguration", 
  "module_id": "PolicyFirewallConfiguration", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "idfw_enabled": {
      "description": "If set to true, Idfw is enabled for standalone hosts", 
      "readonly": false, 
      "required": true, 
      "title": "Idfw enabled flag", 
      "type": "boolean"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Standalone host idfw configuration", 
  "type": "object"
}

StandardHostSwitch (type) 

{
  "id": "StandardHostSwitch", 
  "module_id": "TransportNode", 
  "properties": {
    "cpu_config": {
      "description": "CPU configuration specifies number of Logical cpu cores (Lcores) per Non Uniform Memory Access (NUMA) node dedicated to Enhanced Networking Stack enabled HostSwitch to get the best performance.", 
      "items": {
        "$ref": "CpuCoreConfigForEnhancedNetworkingStackSwitch
      }, 
      "readonly": false, 
      "required": false, 
      "title": "Enhanced Networking Stack enabled HostSwitch CPU configuration", 
      "type": "array"
    }, 
    "host_switch_name": {
      "default": "nsxDefaultHostSwitch", 
      "description": "If this name is unset or empty then the default host switch name will be used. The name must be unique among all host switches specified in a given transport node; unset name, empty name and the default host switch name are considered the same in terms of uniqueness.", 
      "required": false, 
      "title": "host switch name. This name will be used to reference this host switch.", 
      "type": "string"
    }, 
    "host_switch_profile_ids": {
      "description": "host switch profiles bound to this host switch. If a profile ID is not provided for any HostSwitchProfileType that is supported by the transport node, the corresponding default profile will be bound to the host switch.", 
      "items": {
        "$ref": "HostSwitchProfileTypeIdEntry
      }, 
      "required": false, 
      "title": "Identifiers of host switch profiles to be associated with this host switch.", 
      "type": "array"
    }, 
    "ip_assignment_spec": {
      "$ref": "IpAssignmentSpec, 
      "description": "IPs can come from either a static IP pool or an explicitly specified IP list or DHCP. In case a list of IP is specified, the number of IPs provided should be sufficient as per teaming policy associated with host switch uplink profile.", 
      "readonly": false, 
      "required": false, 
      "title": "Specification for IPs to be used with host switch virtual tunnel endpoints"
    }, 
    "is_migrate_pnics": {
      "default": false, 
      "description": "If the pnics specified in the pnics field are used by a single Vsphere Standard Switch or DVS, then migrate the pnics to N-VDS. If any two pnics are not used by the same Vsphere Standard Switch or DVS, it is not supported. In such cases, please migrate them in multiple steps, one Vsphere Standard Switch or DVS at a time.", 
      "required": false, 
      "title": "Migrate any pnics which are in use", 
      "type": "boolean"
    }, 
    "pnics": {
      "items": {
        "$ref": "Pnic
      }, 
      "required": false, 
      "title": "Physical NICs connected to the host switch", 
      "type": "array"
    }, 
    "pnics_uninstall_migration": {
      "description": "The pnics to be migrated out to a non N-VDS switch during transport node deletion.", 
      "items": {
        "$ref": "Pnic
      }, 
      "required": false, 
      "title": "Physical NICs connected to a switch", 
      "type": "array"
    }, 
    "vmk_install_migration": {
      "description": "The vmk interfaces and the associated logical switches on the host switch. The state of this field is realized on the transport node during creation and update.", 
      "items": {
        "$ref": "VmknicNetwork
      }, 
      "required": false, 
      "title": "The vmknic and logical switch mappings", 
      "type": "array"
    }, 
    "vmk_uninstall_migration": {
      "description": "The vmk interfaces and the associated portgroups on the VSS/DVS. This field is realized on the host during transport node deletion or NSX uninstallation to specify the destination for all vmks on N-VDS switches.", 
      "items": {
        "$ref": "VmknicNetwork
      }, 
      "required": false, 
      "title": "The vmknic and portgroup mappings", 
      "type": "array"
    }
  }, 
  "title": "Standard host switch specification", 
  "type": "object"
}

StandardHostSwitchSpec (type) 

{
  "description": "Standard host switch specification is used for NSX configured transport node.", 
  "extends": {
    "$ref": "HostSwitchSpec
  }, 
  "id": "StandardHostSwitchSpec", 
  "module_id": "TransportNode", 
  "polymorphic-type-descriptor": {
    "type-identifier": "StandardHostSwitchSpec"
  }, 
  "properties": {
    "host_switches": {
      "items": {
        "$ref": "StandardHostSwitch
      }, 
      "minItems": 0, 
      "required": true, 
      "title": "Transport Node host switches", 
      "type": "array"
    }, 
    "resource_type": {
      "enum": [
        "StandardHostSwitchSpec", 
        "PreconfiguredHostSwitchSpec"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "Specification of transport node standard host switch", 
  "type": "object"
}

StandbyRelocationConfig (type) 

{
  "id": "StandbyRelocationConfig", 
  "module_id": "EdgeHighAvailabilityProfile", 
  "properties": {
    "standby_relocation_threshold": {
      "default": 30, 
      "description": "The time interval (in minutes) to wait before starting the standby service context relocation process.", 
      "maximum": 20000, 
      "minimum": 10, 
      "required": false, 
      "title": "Standby service context relocation wait time", 
      "type": "integer"
    }
  }, 
  "title": "Standby service contexts relocation setting", 
  "type": "object"
}

StartAppDiscoverySessionParameters (type) 

{
  "description": "Parameters to start an application discovery session. It can have NSGroup Ids as well as the App Profile Ids.", 
  "id": "StartAppDiscoverySessionParameters", 
  "module_id": "AppDiscovery", 
  "properties": {
    "app_profile_ids": {
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "App Profile Ids", 
      "type": "array"
    }, 
    "ns_group_ids": {
      "items": {
        "type": "string"
      }, 
      "required": true, 
      "title": "NSGroup Ids", 
      "type": "array"
    }
  }, 
  "title": "Parameters to start an application discovery session", 
  "type": "object"
}

StatItem (type) 

{
  "additionalProperties": false, 
  "description": "Displayed as a single number. It can be used to show the characteristics of entities such as Logical Switches, Firewall Rules, and so on. For example, number of logical switches and their admin states.", 
  "id": "StatItem", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "drilldown_id": {
      "description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget.", 
      "title": "Id of drilldown widget", 
      "type": "string"
    }, 
    "tooltip": {
      "description": "Multi-line text to be shown on tooltip while hovering over the stat.", 
      "items": {
        "$ref": "Tooltip
      }, 
      "minItems": 0, 
      "title": "Multi-line tooltip", 
      "type": "array"
    }, 
    "total": {
      "description": "If expression for total is specified, it evaluates it. Total can be omitted if not needed to be shown.", 
      "title": "Total", 
      "type": "string"
    }, 
    "value": {
      "description": "Expression for stat to be displayed.", 
      "maxLength": 1024, 
      "required": true, 
      "title": "Stat", 
      "type": "string"
    }
  }, 
  "title": "Statistic of an entity", 
  "type": "object"
}

StaticARPConfig (type) 

{
  "additionalProperties": false, 
  "description": "Contains Static ARP configuration for Segment.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "StaticARPConfig", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "required": true, 
      "title": "IP Address"
    }, 
    "mac_address": {
      "$ref": "MACAddress, 
      "required": true, 
      "title": "MAC Address"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Static ARP Config", 
  "type": "object"
}

StaticHopBfdPeer (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "StaticHopBfdPeer", 
  "module_id": "Routing", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "bfd_config": {
      "$ref": "BfdConfigParameters, 
      "description": "If not specified then BFD peer will inherit configuration from the BFD global config.", 
      "required": false, 
      "title": "Configuration for the BFD peer"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Indicate BFD peer is enabled or disabled. Default is true.", 
      "required": false, 
      "title": "status of BFD peer", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "peer_ip_address": {
      "$ref": "IPAddress, 
      "description": "IP address of BFD peer. This should be same as next hop IP address.", 
      "required": true, 
      "title": "IP address of BFD peer"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "source_addresses": {
      "description": "BFD peers will be created from all these source addresses to this neighbour.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "maxItems": 1, 
      "required": false, 
      "title": "Array of Logical Router Uplink IP Addresses", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

StaticHopBfdPeerDeleteRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DeleteRequestParameters
  }, 
  "id": "StaticHopBfdPeerDeleteRequestParameters", 
  "module_id": "Routing", 
  "properties": {
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }
  }, 
  "title": "BFD peer delete request parameters", 
  "type": "object"
}

StaticHopBfdPeerListParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "StaticHopBfdPeerListParameters", 
  "module_id": "Routing", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "BFD Peers list parameters", 
  "type": "object"
}

StaticHopBfdPeerListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "StaticHopBfdPeerListResult", 
  "module_id": "Routing", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "StaticHopBfdPeer
      }, 
      "readonly": true, 
      "required": true, 
      "title": "static hop BFD peer list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

StaticIpListSpec (type) 

{
  "extends": {
    "$ref": "IpAssignmentSpec
  }, 
  "id": "StaticIpListSpec", 
  "module_id": "TransportNode", 
  "polymorphic-type-descriptor": {
    "type-identifier": "StaticIpListSpec"
  }, 
  "properties": {
    "default_gateway": {
      "$ref": "IPAddress, 
      "readonly": false, 
      "required": true, 
      "title": "Gateway IP"
    }, 
    "ip_list": {
      "items": {
        "$ref": "IPAddress
      }, 
      "maxItems": 32, 
      "readonly": false, 
      "required": true, 
      "title": "List of IPs for transport node host switch virtual tunnel endpoints", 
      "type": "array"
    }, 
    "resource_type": {
      "enum": [
        "StaticIpPoolSpec", 
        "StaticIpListSpec", 
        "AssignedByDhcp", 
        "StaticIpMacListSpec"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "subnet_mask": {
      "$ref": "IPAddress, 
      "readonly": false, 
      "required": true, 
      "title": "Subnet mask"
    }
  }, 
  "title": "IP assignment specification for Static IP List.", 
  "type": "object"
}

StaticIpMacListSpec (type) 

{
  "extends": {
    "$ref": "IpAssignmentSpec
  }, 
  "id": "StaticIpMacListSpec", 
  "module_id": "TransportNode", 
  "polymorphic-type-descriptor": {
    "type-identifier": "StaticIpMacListSpec"
  }, 
  "properties": {
    "default_gateway": {
      "$ref": "IPAddress, 
      "readonly": false, 
      "required": true, 
      "title": "Gateway IP"
    }, 
    "ip_mac_list": {
      "items": {
        "$ref": "IpMacPair
      }, 
      "maxItems": 32, 
      "readonly": false, 
      "required": true, 
      "title": "List of IPs and MACs for transport node host switch virtual tunnel endpoints", 
      "type": "array"
    }, 
    "resource_type": {
      "enum": [
        "StaticIpPoolSpec", 
        "StaticIpListSpec", 
        "AssignedByDhcp", 
        "StaticIpMacListSpec"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "subnet_mask": {
      "$ref": "IPAddress, 
      "readonly": false, 
      "required": true, 
      "title": "Subnet mask"
    }
  }, 
  "title": "IP and MAC assignment specification for Static IP List.", 
  "type": "object"
}

StaticIpPoolSpec (type) 

{
  "extends": {
    "$ref": "IpAssignmentSpec
  }, 
  "id": "StaticIpPoolSpec", 
  "module_id": "TransportNode", 
  "polymorphic-type-descriptor": {
    "type-identifier": "StaticIpPoolSpec"
  }, 
  "properties": {
    "ip_pool_id": {
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "StaticIpPoolSpec", 
        "StaticIpListSpec", 
        "AssignedByDhcp", 
        "StaticIpMacListSpec"
      ], 
      "required": true, 
      "type": "string"
    }
  }, 
  "title": "IP assignment specification for Static IP Pool.", 
  "type": "object"
}

StaticRoute (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "StaticRoute", 
  "module_id": "Routing", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "logical_router_id": {
      "readonly": true, 
      "required": false, 
      "title": "Logical router id", 
      "type": "string"
    }, 
    "network": {
      "$ref": "IPCIDRBlock, 
      "required": true, 
      "title": "CIDR"
    }, 
    "next_hops": {
      "items": {
        "$ref": "StaticRouteNextHop
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Next Hops", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

StaticRouteListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "StaticRouteListResult", 
  "module_id": "Routing", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "StaticRoute
      }, 
      "required": true, 
      "title": "Paginated list of static routes", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

StaticRouteNextHop (type) 

{
  "additionalProperties": false, 
  "id": "StaticRouteNextHop", 
  "module_id": "Routing", 
  "properties": {
    "administrative_distance": {
      "default": 1, 
      "maximum": 255, 
      "minimum": 1, 
      "required": false, 
      "title": "Administrative Distance for the next hop IP", 
      "type": "integer"
    }, 
    "bfd_enabled": {
      "default": false, 
      "readonly": true, 
      "required": false, 
      "title": "Status of bfd for this next hop where bfd_enabled = true indicate bfd is enabled for this next hop and bfd_enabled = false indicate bfd peer is disabled or not configured for this next hop.", 
      "type": "boolean"
    }, 
    "blackhole_action": {
      "$ref": "BlackholeAction, 
      "readonly": true, 
      "required": false, 
      "title": "Action to be taken on matching packets for NULL routes."
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "required": false, 
      "title": "Next Hop IP"
    }, 
    "logical_router_port_id": {
      "$ref": "ResourceReference, 
      "required": false, 
      "title": "Reference of logical router port to be used for next hop"
    }
  }, 
  "type": "object"
}

StaticRoutes (type) 

{
  "additionalProperties": false, 
  "description": "Static routes configuration on Tier-0 or Tier-1.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "StaticRoutes", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "network": {
      "$ref": "IPElement, 
      "description": "Specify network address in CIDR format.", 
      "required": true, 
      "title": "Network address in CIDR format"
    }, 
    "next_hops": {
      "description": "Specify next hop routes for network.", 
      "items": {
        "$ref": "RouterNexthop
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Next hop routes for network", 
      "type": "array"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Static routes configuration on Tier-0 or on Tier-1", 
  "type": "object"
}

StaticRoutesListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "StaticRoutesListRequestParameters", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Static Routes list request parameters", 
  "type": "object"
}

StaticRoutesListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "StaticRoutesListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "StaticRoutes
      }, 
      "required": true, 
      "title": "Static Routes list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Static Routes", 
  "type": "object"
}

StatisticsRequestParameters (type) 

{
  "description": "Request parameters that represents an enforcement point path. A request on statistics can be parameterized with this path and will be evaluated as follows: - no enforcement point path specified: the request is evaluated on all enforcement points. - {enforcement_point_path}: the request is evaluated only on the given enforcement point.", 
  "id": "StatisticsRequestParameters", 
  "module_id": "PolicyBaseStatistics", 
  "properties": {
    "enforcement_point_path": {
      "description": "enforcement point path, forward slashes must be escaped using %2F.", 
      "required": false, 
      "title": "String Path of the enforcement point", 
      "type": "string"
    }
  }, 
  "title": "Statistics Request Parameters", 
  "type": "object"
}

StatsConfiguration (type) 

{
  "additionalProperties": false, 
  "description": "Represents configuration of a statistic for an entity. Example, number of logical switches and their admin states.", 
  "extends": {
    "$ref": "WidgetConfiguration
  }, 
  "id": "StatsConfiguration", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "polymorphic-type-descriptor": {
    "type-identifier": "StatsConfiguration"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "datasources": {
      "description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.", 
      "items": {
        "$ref": "Datasource
      }, 
      "minItems": 0, 
      "title": "Array of Datasource Instances with their relative urls", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.", 
      "maxLength": 255, 
      "title": "Widget Title", 
      "type": "string"
    }, 
    "drilldown_id": {
      "description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.", 
      "maxLength": 255, 
      "title": "Id of drilldown widget", 
      "type": "string"
    }, 
    "footer": {
      "$ref": "Footer
    }, 
    "icons": {
      "description": "Icons to be applied at dashboard for widgets and UI elements.", 
      "items": {
        "$ref": "Icon
      }, 
      "title": "Icons", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_drilldown": {
      "default": false, 
      "description": "Set to true if this widget should be used as a drilldown.", 
      "title": "Set as a drilldown widget", 
      "type": "boolean"
    }, 
    "label": {
      "$ref": "Label, 
      "description": "Displayed at the sections, by default. It labels the entities of sections. If label is not provided, the sections are not labelled.", 
      "title": "Label of the Stats Configuration"
    }, 
    "legend": {
      "$ref": "Legend, 
      "description": "Legend to be displayed. If legend is not needed, do not include it.", 
      "title": "Legend for the widget"
    }, 
    "navigation": {
      "description": "Hyperlink of the specified UI page that provides details.", 
      "maxLength": 1024, 
      "title": "Navigation to a specified UI page", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration and ContainerConfiguration.", 
      "enum": [
        "LabelValueConfiguration", 
        "DonutConfiguration", 
        "MultiWidgetConfiguration", 
        "ContainerConfiguration", 
        "StatsConfiguration", 
        "GridConfiguration", 
        "GraphConfiguration"
      ], 
      "maxLength": 255, 
      "readonly": true, 
      "required": true, 
      "title": "Widget visualization type", 
      "type": "string"
    }, 
    "sections": {
      "decription": "High level logical grouping of portions or segments.", 
      "items": {
        "$ref": "DonutSection
      }, 
      "minItems": 0, 
      "title": "Sections", 
      "type": "array"
    }, 
    "shared": {
      "deprecated": true, 
      "description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.", 
      "title": "Visiblity of widgets to other users", 
      "type": "boolean"
    }, 
    "stat": {
      "$ref": "StatItem, 
      "description": "Expression that fetches statistic. It can be used to show the characteristics of entities such as Logical Switches, Firewall Rules, and so on. For example, number of logical switches and their admin states. If stat is not provided, then it will not be displayed.", 
      "title": "Expression for feching statistic of an entity"
    }, 
    "sub_type": {
      "description": "A sub-type of StatsConfiguration. If sub-type is not specified the parent type is rendered. The COMPACT sub_type, conserves the space for the widget. The statistic is placed on the right side on top of the status bar and the title of the widget is placed on the left side on the top of the status bar. The COMPACT style aligns itself horizontally as per the width of the container. If multiple widgets are placed insided the container then the widgets are placed one below the other to conserve the space.", 
      "enum": [
        "COMPACT"
      ], 
      "title": "Sub-type of the StatsConfiguration", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "weight": {
      "deprecated": true, 
      "description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.", 
      "title": "Weightage or placement of the widget or container", 
      "type": "int"
    }
  }, 
  "title": "Stats Configuration", 
  "type": "object"
}

StatusCount (type) 

{
  "additionalProperties": false, 
  "id": "StatusCount", 
  "module_id": "Heatmap", 
  "properties": {
    "degraded_count": {
      "title": "Degraded count", 
      "type": "int"
    }, 
    "down_count": {
      "title": "Down count", 
      "type": "int"
    }, 
    "status": {
      "enum": [
        "UP", 
        "DOWN", 
        "DEGRADED", 
        "UNKNOWN"
      ], 
      "title": "Roll-up status", 
      "type": "string"
    }, 
    "up_count": {
      "title": "Up count", 
      "type": "int"
    }
  }, 
  "type": "object"
}

StatusSummaryRequestParameters (type) 

{
  "additionalProperties": false, 
  "id": "StatusSummaryRequestParameters", 
  "module_id": "Upgrade", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": false, 
      "title": "Component type based on which upgrade units to be filtered", 
      "type": "string"
    }, 
    "selection_status": {
      "default": "ALL", 
      "enum": [
        "SELECTED", 
        "DESELECTED", 
        "ALL"
      ], 
      "required": false, 
      "title": "Flag to indicate whether to return status for only selected, only deselected or both type of upgrade units", 
      "type": "string"
    }, 
    "show_history": {
      "description": "Get details of the last 16 operations performed during the upgrade of a given component.", 
      "readonly": false, 
      "required": false, 
      "title": "Get upgrade activity for a given component", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

StructuredData (type) 

{
  "additionalProperties": false, 
  "id": "StructuredData", 
  "properties": {
    "audit": {
      "required": true, 
      "title": "Audit flag of the log", 
      "type": "string"
    }, 
    "comp": {
      "required": true, 
      "title": "Component value of the log", 
      "type": "string"
    }, 
    "ent_id": {
      "required": false, 
      "title": "Entity Id value of the log", 
      "type": "string"
    }, 
    "ereq_id": {
      "required": false, 
      "title": "External request Id value of the log", 
      "type": "string"
    }, 
    "error_code": {
      "required": false, 
      "title": "Error Code value of the log", 
      "type": "string"
    }, 
    "level": {
      "required": false, 
      "title": "Level value of the log", 
      "type": "string"
    }, 
    "req_id": {
      "required": false, 
      "title": "Request Id value of the log", 
      "type": "string"
    }, 
    "s2comp": {
      "required": false, 
      "title": "Sub-subcomponent value of the log", 
      "type": "string"
    }, 
    "security": {
      "required": false, 
      "title": "Security flag of the log", 
      "type": "string"
    }, 
    "subcomp": {
      "required": true, 
      "title": "Subcomponent value of the log", 
      "type": "string"
    }, 
    "username": {
      "required": false, 
      "title": "Username value of the log", 
      "type": "string"
    }
  }, 
  "title": "Structured data entry in RFC5424 log format", 
  "type": "object"
}

SubPool (type) 

{
  "additionalProperties": false, 
  "id": "SubPool", 
  "module_id": "EdgeClusters", 
  "properties": {
    "remaining_credit_number": {
      "description": "Credits remaining on the sub-pool that can be used to deploy services of corresponding sub-pool type.", 
      "readonly": true, 
      "title": "Remaining credit number of the sub-pool", 
      "type": "int"
    }, 
    "sub_pool_type": {
      "description": "Type of the sub-pool configured on edge node.", 
      "readonly": true, 
      "title": "Sub-pool Type", 
      "type": "string"
    }, 
    "usage_percentage": {
      "description": "Percentage utlization of sub-pool based on the number of services configured and the hard limits, if any.", 
      "readonly": true, 
      "title": "Percentage utlization of sub-pool", 
      "type": "number"
    }
  }, 
  "type": "object"
}

SuccessNodeSupportBundleResult (type) 

{
  "additionalProperties": false, 
  "id": "SuccessNodeSupportBundleResult", 
  "properties": {
    "bundle_name": {
      "readonly": true, 
      "required": true, 
      "title": "Name of support bundle, e.g. nsx_NODETYPE_UUID_YYYYMMDD_HHMMSS.tgz", 
      "type": "string"
    }, 
    "bundle_size": {
      "readonly": true, 
      "required": true, 
      "title": "Size of support bundle in bytes", 
      "type": "integer"
    }, 
    "node_display_name": {
      "readonly": true, 
      "required": true, 
      "title": "Display name of node", 
      "type": "string"
    }, 
    "node_id": {
      "readonly": true, 
      "required": true, 
      "title": "UUID of node", 
      "type": "string"
    }, 
    "sha256_thumbprint": {
      "readonly": true, 
      "required": true, 
      "title": "File's SHA256 thumbprint", 
      "type": "string"
    }
  }, 
  "type": "object"
}

SummaryMigrationFeedbackRequest (type) 

{
  "additionalProperties": false, 
  "description": "Minimal description of feedback requests.", 
  "id": "SummaryMigrationFeedbackRequest", 
  "module_id": "Migration", 
  "properties": {
    "details": {
      "description": "Details about this specific feedback request.", 
      "readonly": true, 
      "required": false, 
      "title": "Details about this specific feedback request", 
      "type": "string"
    }, 
    "id": {
      "description": "Identifier of the feedback request.", 
      "readonly": true, 
      "required": true, 
      "title": "UUID of the feedback request", 
      "type": "string"
    }, 
    "object_id": {
      "description": "Identifier of the object for which feedback is requested.", 
      "readonly": true, 
      "required": false, 
      "title": "UUID of the object", 
      "type": "string"
    }, 
    "rejected": {
      "description": "Indicates if previous response was invalid. Please provide a valid response.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates if the previous feedback response was rejected", 
      "type": "boolean"
    }, 
    "resolution": {
      "description": "If the feedback request was resolved earlier, provides details about the previous resolution.", 
      "readonly": true, 
      "required": false, 
      "title": "Previous resolution details for this feedback request", 
      "type": "string"
    }, 
    "resolved": {
      "description": "Indicates if a valid response already exist for this feedback request.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates if this feedback request has already been resolved", 
      "type": "boolean"
    }, 
    "v_object_id": {
      "description": "Identifier for this object in the source NSX endpoint.", 
      "readonly": true, 
      "required": true, 
      "title": "Id of this object in the source NSX endpoint", 
      "type": "string"
    }, 
    "v_object_name": {
      "description": "Name of this object in the source NSX endpoint.", 
      "readonly": true, 
      "required": true, 
      "title": "Name of this object in the source NSX endpoint", 
      "type": "string"
    }
  }, 
  "title": "Feedback detail required for Migration", 
  "type": "object"
}

SummaryRequest (type) 

{
  "additionalProperties": false, 
  "id": "SummaryRequest", 
  "module_id": "Migration", 
  "properties": {
    "summary": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Flag indicating whether to return the summary", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

SupportBundleFileTransferAuthenticationScheme (type) 

{
  "additionalProperties": false, 
  "id": "SupportBundleFileTransferAuthenticationScheme", 
  "properties": {
    "password": {
      "required": true, 
      "sensitive": true, 
      "title": "Password to authenticate with", 
      "type": "string"
    }, 
    "scheme_name": {
      "enum": [
        "PASSWORD"
      ], 
      "required": true, 
      "title": "Authentication scheme name", 
      "type": "string"
    }, 
    "username": {
      "required": true, 
      "title": "User name to authenticate with", 
      "type": "string"
    }
  }, 
  "type": "object"
}

SupportBundleFileTransferProtocol (type) 

{
  "additionalProperties": false, 
  "id": "SupportBundleFileTransferProtocol", 
  "properties": {
    "authentication_scheme": {
      "$ref": "SupportBundleFileTransferAuthenticationScheme, 
      "required": true, 
      "title": "Scheme to authenticate if required"
    }, 
    "name": {
      "enum": [
        "SCP", 
        "SFTP"
      ], 
      "required": true, 
      "title": "Protocol name", 
      "type": "string"
    }, 
    "ssh_fingerprint": {
      "required": true, 
      "title": "SSH fingerprint of server", 
      "type": "string"
    }
  }, 
  "type": "object"
}

SupportBundleQueryParameter (type) 

{
  "additionalProperties": false, 
  "id": "SupportBundleQueryParameter", 
  "properties": {
    "override_async_response": {
      "default": false, 
      "description": "Override an existing support bundle async response if it exists. If not set to true and an existing async response is available, the support bundle request results in 409 CONFLICT.", 
      "title": "Override any existing support bundle async response", 
      "type": "boolean"
    }, 
    "require_delete_or_override_async_response": {
      "default": false, 
      "description": "If the remote_file_server option has not been specified, save generated support bundle until a subsequent request either deletes or overrides the support bundle generated by the current request using the action=delete_async_response or override_async_response=true query parameters. Setting this property to true allows the NSX API client to re-download a support bundle if for example a previous download attempt fails.", 
      "title": "Suppress auto-deletion of generated support bundle", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

SupportBundleQueryParameters (type) 

{
  "additionalProperties": false, 
  "id": "SupportBundleQueryParameters", 
  "properties": {
    "all": {
      "default": false, 
      "description": "Include all files including files that may have sensitive information like core files.", 
      "title": "Include all files", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

SupportBundleRemoteFileServer (type) 

{
  "additionalProperties": false, 
  "id": "SupportBundleRemoteFileServer", 
  "properties": {
    "directory_path": {
      "required": true, 
      "title": "Remote server directory to copy bundle files to", 
      "type": "string"
    }, 
    "manager_upload_only": {
      "default": false, 
      "title": "Uploads to the remote file server performed by the manager", 
      "type": "boolean"
    }, 
    "port": {
      "default": 22, 
      "maximum": 65535, 
      "minimum": 1, 
      "title": "Server port", 
      "type": "integer"
    }, 
    "protocol": {
      "$ref": "SupportBundleFileTransferProtocol, 
      "required": true, 
      "title": "Protocol to use to copy file"
    }, 
    "server": {
      "required": true, 
      "title": "Remote server hostname or IP address", 
      "type": "string"
    }
  }, 
  "title": "Remote file server", 
  "type": "object"
}

SupportBundleRequest (type) 

{
  "additionalProperties": false, 
  "id": "SupportBundleRequest", 
  "properties": {
    "content_filters": {
      "default": [
        "DEFAULT"
      ], 
      "items": {
        "$ref": "ContentFilterValue
      }, 
      "minItems": 1, 
      "title": "Bundle should include content of specified type", 
      "type": "array"
    }, 
    "log_age_limit": {
      "minimum": 1, 
      "title": "Include log files with modified times not past the age limit in days", 
      "type": "integer"
    }, 
    "nodes": {
      "items": {
        "type": "string"
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "List of cluster/fabric node UUIDs processed in specified order", 
      "type": "array"
    }, 
    "remote_file_server": {
      "$ref": "SupportBundleRemoteFileServer, 
      "title": "Remote file server to copy bundles to, bundle in response body if not specified"
    }
  }, 
  "type": "object"
}

SupportBundleResult (type) 

{
  "additionalProperties": false, 
  "id": "SupportBundleResult", 
  "properties": {
    "failed_nodes": {
      "items": {
        "$ref": "FailedNodeSupportBundleResult
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Nodes where bundles were not generated or not copied to remote server", 
      "type": "array"
    }, 
    "remaining_nodes": {
      "items": {
        "$ref": "RemainingSupportBundleNode
      }, 
      "title": "Nodes where bundle generation is pending or in progress", 
      "type": "array"
    }, 
    "request_properties": {
      "$ref": "SupportBundleRequest, 
      "readonly": true, 
      "required": true, 
      "title": "Request properties"
    }, 
    "success_nodes": {
      "items": {
        "$ref": "SuccessNodeSupportBundleResult
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Nodes whose bundles were successfully copied to remote file server", 
      "type": "array"
    }
  }, 
  "type": "object"
}

SupportedHostOSListResult (type) 

{
  "additionalProperties": false, 
  "description": "REST interface for supported host OS types.", 
  "id": "SupportedHostOSListResult", 
  "module_id": "HostPrepServiceFabric", 
  "properties": {
    "results": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Supported host OS list results", 
      "type": "array"
    }
  }, 
  "title": "Supported host OS list result", 
  "type": "object"
}

SwitchSecuritySwitchingProfile (type) 

{
  "extends": {
    "$ref": "BaseSwitchingProfile
  }, 
  "id": "SwitchSecuritySwitchingProfile", 
  "module_id": "SwitchSecuritySwitchingProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "SwitchSecuritySwitchingProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "block_non_ip_traffic": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "A flag to block all traffic except IP/(G)ARP/BPDU", 
      "type": "boolean"
    }, 
    "bpdu_filter": {
      "$ref": "BpduFilter, 
      "description": "BPDU filtering is enabled by default. A pre-defined list of MAC addresses are automatically excluded from BPDU filtering.", 
      "readonly": false, 
      "required": false, 
      "title": "Enables or disables BPDU filtering"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "dhcp_filter": {
      "$ref": "DhcpFilter, 
      "description": "DHCP server blocking is enabled and client blocking is disabled by default", 
      "readonly": false, 
      "required": false, 
      "title": "Filters DHCP server and/or client traffic."
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ra_guard_enabled": {
      "default": true, 
      "description": "RA Guard when enabled blocks unauthorized/rogue Router Advertisement (RA) packets.", 
      "readonly": false, 
      "required": false, 
      "title": "Indicates whether ra guard should be enabled", 
      "type": "boolean"
    }, 
    "rate_limits": {
      "$ref": "RateLimits, 
      "description": "Rate limiting is disabled by default", 
      "readonly": false, 
      "required": false, 
      "title": "Allows configuration of rate limits for broadcast and multicast traffic"
    }, 
    "required_capabilities": {
      "help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "resource_type": {
      "help_summary": "Possible values are 'QosSwitchingProfile', 'PortMirroringSwitchingProfile',\n'IpDiscoverySwitchingProfile', 'MacManagementSwitchingProfile', 'SpoofGuardSwitchingProfile' and 'SwitchSecuritySwitchingProfile'\n'PortMirroringSwitchingProfile' is deprecated, please turn to\n\"Troubleshooting And Monitoring: Portmirroring\" and use\nPortMirroringSession API for port mirror function.\n", 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

SwitchingGlobalConfig (type) 

{
  "extends": {
    "$ref": "GlobalConfigs
  }, 
  "id": "SwitchingGlobalConfig", 
  "module_id": "GlobalConfigs", 
  "polymorphic-type-descriptor": {
    "type-identifier": "SwitchingGlobalConfig"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "global_replication_mode_enabled": {
      "default": false, 
      "description": "When this flag is set true, certain types of BUM packets will be sent to all VTEPs in the global VTEP table, ignoring the logical switching span.", 
      "title": "A flag to indicate if global replication mode is enabled", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "physical_uplink_mtu": {
      "default": 1700, 
      "description": "This is the global default MTU for all the physical uplinks in a NSX domain. This is the default value for the optional uplink profile MTU field. When the MTU value is not specified in the uplink profile, this global value will be used. This value can be overridden by providing a value for the optional MTU field in the uplink profile. Whenever this value is updated, the updated value will only be propagated to the uplinks that don't have the MTU value in their uplink profiles. If this value is not set, the default value of 1700 will be used. The Transport Node state can be monitored to confirm if the updated MTU value has been realized.", 
      "readonly": false, 
      "title": "MTU for the physical uplinks", 
      "type": "int"
    }, 
    "resource_type": {
      "$ref": "GlobalConfigType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "uplink_mtu_threshold": {
      "default": 9000, 
      "description": "This value defines the upper threshold for the MTU value that can be configured at a physical uplink level or a logical routing uplink level in a NSX domain. All Uplink profiles validate against this value so that the MTU specified in an Uplink profile does not exceed this global upper threshold. Similarly, when this value is modified, the new value must be greater than or equal to any existing Uplink profile's MTU. This value is also validated to be greater than or equal to physical_uplink_mtu in SwitchingGlobalConfig and logical_uplink_mtu in RoutingGlobalConfig.", 
      "readonly": false, 
      "required": false, 
      "title": "Upper threshold for MTU on physical and logical uplinks", 
      "type": "int"
    }
  }, 
  "title": "NSX global configs for switching", 
  "type": "object"
}

SwitchingProfileDeleteParameters (type) 

{
  "additionalProperties": false, 
  "id": "SwitchingProfileDeleteParameters", 
  "module_id": "BaseSwitchingProfile", 
  "properties": {
    "unbind": {
      "default": false, 
      "required": false, 
      "title": "force unbinding of logical switches and ports from a switching profile", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

SwitchingProfileListParameters (type) 

{
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "SwitchingProfileListParameters", 
  "module_id": "BaseSwitchingProfile", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_system_owned": {
      "default": false, 
      "required": false, 
      "title": "Whether the list result contains system resources", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "switching_profile_type": {
      "required": false, 
      "title": "comma-separated list of switching profile types, e.g. ?switching_profile_type=QosSwitchingProfile,IpDiscoverySwitchingProfile", 
      "type": "string"
    }
  }, 
  "title": "Switching profile list parameters", 
  "type": "object"
}

SwitchingProfileStatus (type) 

{
  "id": "SwitchingProfileStatus", 
  "module_id": "BaseSwitchingProfile", 
  "properties": {
    "num_logical_ports": {
      "readonly": true, 
      "required": true, 
      "title": "Number of logical ports using a switching profile", 
      "type": "integer"
    }, 
    "num_logical_switches": {
      "readonly": true, 
      "title": "Number of logical switches using a switching profile", 
      "type": "integer"
    }, 
    "switching_profile_id": {
      "title": "Identifier for the switching profile", 
      "type": "string"
    }
  }, 
  "type": "object"
}

SwitchingProfileType (type) 

{
  "description": "Supported switching profiles. 'PortMirroringSwitchingProfile' is deprecated, please turn to \"Troubleshooting And Monitoring: Portmirroring\" and use PortMirroringSession API for port mirror function.", 
  "enum": [
    "QosSwitchingProfile", 
    "PortMirroringSwitchingProfile", 
    "IpDiscoverySwitchingProfile", 
    "SpoofGuardSwitchingProfile", 
    "SwitchSecuritySwitchingProfile", 
    "MacManagementSwitchingProfile"
  ], 
  "id": "SwitchingProfileType", 
  "module_id": "BaseSwitchingProfile", 
  "title": "Supported switching profiles.", 
  "type": "string"
}

SwitchingProfileTypeIdEntry (type) 

{
  "id": "SwitchingProfileTypeIdEntry", 
  "module_id": "BaseSwitchingProfile", 
  "properties": {
    "key": {
      "$ref": "SwitchingProfileType
    }, 
    "value": {
      "description": "key value", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }
  }, 
  "type": "object"
}

SwitchingProfilesListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "SwitchingProfilesListResult", 
  "module_id": "BaseSwitchingProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "BaseSwitchingProfile
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Switching Profile Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Switching Profile queries result", 
  "type": "object"
}

SwitchingToVmcModeParameters (type) 

{
  "additionalProperties": {}, 
  "description": "Possible values of a mode in a \"/config/nsx_appliance_mode\" file", 
  "extends": {
    "$ref": "NodeMode
  }, 
  "id": "SwitchingToVmcModeParameters", 
  "module_id": "ApplianceModes", 
  "properties": {
    "auth_code": {
      "$ref": "Oauth2Credentials, 
      "description": "Client's credentials.", 
      "title": "Auth Code"
    }, 
    "base_url": {
      "description": "Protocol and domain name (or IP address) of a CSP server, like \"https://console-stg.cloud.vmware.com\".", 
      "title": "CSP base URL", 
      "type": "string"
    }, 
    "basic_auth_whitelist_ips": {
      "description": "List of whitelist IPs for basic auth", 
      "items": {
        "type": "string"
      }, 
      "title": "Whitelist IPs", 
      "type": "array"
    }, 
    "csp_client_credential": {
      "$ref": "Oauth2Credentials, 
      "description": "Client's credentials on CSP server", 
      "title": "CSP Client Credential"
    }, 
    "csp_client_incoming_credentials": {
      "description": "List of incoming client IDs", 
      "items": {
        "type": "string"
      }, 
      "title": "CSP client incoming credentials", 
      "type": "array"
    }, 
    "csp_org_uri": {
      "description": "Relative path on CSP server to the Org location. Can be \"/csp/gateway/am/api/orgs/\".", 
      "title": "Relative path to CSP Org", 
      "type": "string"
    }, 
    "csp_time_drift": {
      "description": "CSP time drift in milliseconds", 
      "title": "CSP time drift", 
      "type": "integer"
    }, 
    "default_org_id": {
      "description": "Org ID of a Client - commonly UUID.", 
      "title": "Org ID of a Client", 
      "type": "string"
    }, 
    "ea_org": {
      "$ref": "OrgInfo, 
      "description": "Org ID and role of \"Site Reliability Engineer\"", 
      "title": "Org Info for \"Site Reliability Engineer\""
    }, 
    "gss_org": {
      "$ref": "OrgInfo, 
      "description": "Org ID and role of \"Global Support Services\"", 
      "title": "Org Info for \"Global Support Services\""
    }, 
    "mode_change_only": {
      "description": "When this parameter is set to true, only a change of the node mode happens without any update to the auth properties. When this param is not set to true i.e. set to false or not provided, mode change and update to the auth properties will both happen.", 
      "title": "Only change node  mode", 
      "type": "boolean"
    }, 
    "mode_id": {
      "description": "Possible enum values in a \"/config/nsx_appliance_mode\" file", 
      "enum": [
        "ON_PREM", 
        "SERVICE", 
        "VMC", 
        "VMC_LOCAL"
      ], 
      "required": true, 
      "title": "Nsx node mode", 
      "type": "string"
    }, 
    "proxy_host": {
      "$ref": "HostnameOrIPv4Address, 
      "title": "IP/host of PoP (Point-of-Presence) HTTP proxy server", 
      "type": "string"
    }, 
    "proxy_port": {
      "maximum": 65535, 
      "minimum": 1, 
      "title": "Port of PoP (Point-of-Presence) Http proxy server", 
      "type": "integer"
    }, 
    "resource_type": {
      "default": "SwitchingToVmcModeParameters", 
      "enum": [
        "SwitchingToVmcModeParameters"
      ], 
      "title": "Node Mode type", 
      "type": "string"
    }, 
    "sddc_id": {
      "description": "SDDC id", 
      "title": "SDDC id", 
      "type": "string"
    }, 
    "service_definition_id": {
      "description": "Service definition id", 
      "title": "Service definition id", 
      "type": "string"
    }, 
    "sre_org": {
      "$ref": "OrgInfo, 
      "description": "Org ID and role of \"Enterprise Admin\"", 
      "title": "Org Info for \"Enterprise Admin\""
    }
  }, 
  "title": "Parameters required to switch to VMC nsx node mode", 
  "type": "object"
}

SyslogFacility (type) 

{
  "enum": [
    "KERN", 
    "USER", 
    "MAIL", 
    "DAEMON", 
    "AUTH", 
    "SYSLOG", 
    "LPR", 
    "NEWS", 
    "UUCP", 
    "AUTHPRIV", 
    "FTP", 
    "LOGALERT", 
    "CRON", 
    "LOCAL0", 
    "LOCAL1", 
    "LOCAL2", 
    "LOCAL3", 
    "LOCAL4", 
    "LOCAL5", 
    "LOCAL6", 
    "LOCAL7"
  ], 
  "id": "SyslogFacility", 
  "title": "Syslog facility", 
  "type": "string"
}

SystemHostname (type) 

{
  "id": "SystemHostname", 
  "maxLength": 255, 
  "pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\\.?$", 
  "title": "System host name", 
  "type": "string"
}

Tag (type) 

{
  "id": "Tag", 
  "module_id": "Common", 
  "properties": {
    "scope": {
      "default": "", 
      "description": "Tag searches may optionally be restricted by scope", 
      "display": {
        "order": 1
      }, 
      "maxLength": 128, 
      "readonly": false, 
      "title": "Tag scope", 
      "type": "string"
    }, 
    "tag": {
      "default": "", 
      "description": "Identifier meaningful to user with maximum length of 256 characters", 
      "display": {
        "order": 2
      }, 
      "readonly": false, 
      "title": "Tag value", 
      "type": "string"
    }
  }, 
  "title": "Arbitrary key-value pairs that may be attached to an entity", 
  "type": "object"
}

TargetResourceStatus (type) 

{
  "description": "Holds status of target resource in firewall context.", 
  "id": "TargetResourceStatus", 
  "module_id": "FirewallStatus", 
  "properties": {
    "target_id": {
      "description": "Identifier of the NSX resource.", 
      "maxLength": 64, 
      "readonly": false, 
      "required": false, 
      "title": "Target ID", 
      "type": "string"
    }, 
    "target_status": {
      "$ref": "FirewallStatusType, 
      "description": "Firewall status on a target logical resource.", 
      "readonly": false, 
      "required": true, 
      "title": "Firewall Status Type"
    }
  }, 
  "type": "object"
}

TaskListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "TaskListResult", 
  "module_id": "Tasks", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "TaskProperties
      }, 
      "required": true, 
      "title": "Task property results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Task query results", 
  "type": "object"
}

TaskProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "TaskProperties", 
  "module_id": "Common", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "async_response_available": {
      "display": {
        "order": 13
      }, 
      "readonly": true, 
      "title": "True if response for asynchronous request is available", 
      "type": "boolean"
    }, 
    "cancelable": {
      "display": {
        "order": 8
      }, 
      "readonly": true, 
      "title": "True if this task can be canceled", 
      "type": "boolean"
    }, 
    "description": {
      "display": {
        "order": 2
      }, 
      "readonly": true, 
      "title": "Description of the task", 
      "type": "string"
    }, 
    "end_time": {
      "$ref": "EpochMsTimestamp, 
      "display": {
        "order": 6
      }, 
      "readonly": true, 
      "title": "The end time of the task in epoch milliseconds"
    }, 
    "id": {
      "display": {
        "order": 1
      }, 
      "readonly": true, 
      "title": "Identifier for this task", 
      "type": "string"
    }, 
    "message": {
      "display": {
        "order": 4
      }, 
      "readonly": true, 
      "title": "A message describing the disposition of the task", 
      "type": "string"
    }, 
    "progress": {
      "display": {
        "order": 7
      }, 
      "maximum": 100, 
      "minimum": 0, 
      "readonly": true, 
      "title": "Task progress if known, from 0 to 100", 
      "type": "integer"
    }, 
    "request_method": {
      "display": {
        "order": 12
      }, 
      "readonly": true, 
      "title": "HTTP request method", 
      "type": "string"
    }, 
    "request_uri": {
      "display": {
        "order": 11
      }, 
      "readonly": true, 
      "title": "URI of the method invocation that spawned this task", 
      "type": "string"
    }, 
    "start_time": {
      "$ref": "EpochMsTimestamp, 
      "display": {
        "order": 5
      }, 
      "readonly": true, 
      "title": "The start time of the task in epoch milliseconds"
    }, 
    "status": {
      "$ref": "TaskStatus, 
      "display": {
        "order": 3
      }, 
      "readonly": true, 
      "title": "Current status of the task"
    }, 
    "user": {
      "display": {
        "order": 10
      }, 
      "readonly": true, 
      "title": "Name of the user who created this task", 
      "type": "string"
    }
  }, 
  "title": "Task properties", 
  "type": "object"
}

TaskQueryParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "TaskQueryParameters", 
  "module_id": "Tasks", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "request_uri": {
      "description": "Comma-separated request URIs to include in query result", 
      "title": "Request URI(s) to include in query result", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "status": {
      "description": "Comma-separated status values to include in query result", 
      "title": "Status(es) to include in query result", 
      "type": "string"
    }, 
    "user": {
      "description": "Comma-separated user names to include in query result", 
      "title": "Names of users to include in query result", 
      "type": "string"
    }
  }, 
  "type": "object"
}

TaskStatus (type) 

{
  "enum": [
    "running", 
    "error", 
    "success", 
    "canceling", 
    "canceled", 
    "killed"
  ], 
  "id": "TaskStatus", 
  "module_id": "Common", 
  "title": "Current status of the task", 
  "type": "string"
}

TcpHeader (type) 

{
  "additionalProperties": false, 
  "id": "TcpHeader", 
  "module_id": "Traceflow", 
  "properties": {
    "dst_port": {
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Destination port of tcp header", 
      "type": "integer"
    }, 
    "src_port": {
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Source port of tcp header", 
      "type": "integer"
    }, 
    "tcp_flags": {
      "maximum": 511, 
      "minimum": 0, 
      "required": false, 
      "title": "TCP flags (9bits)", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

TcpMaximumSegmentSizeClamping (type) 

{
  "additionalProperties": false, 
  "description": "TCP MSS Clamping Direction and Value.", 
  "id": "TcpMaximumSegmentSizeClamping", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "direction": {
      "default": "NONE", 
      "description": "Specifies the traffic direction for which to apply MSS Clamping.", 
      "enum": [
        "NONE", 
        "INBOUND_CONNECTION", 
        "OUTBOUND_CONNECTION", 
        "BOTH"
      ], 
      "required": false, 
      "title": "Maximum Segment Size Clamping Direction", 
      "type": "string"
    }, 
    "max_segment_size": {
      "description": "MSS defines the maximum amount of data that a host is willing to accept in a single TCP segment. This field is set in TCP header during connection establishment. To avoid packet fragmentation, you can set this field depending on uplink MTU and VPN overhead. This is an optional field and in case it is left unconfigured, best possible MSS value will be calculated based on effective mtu of uplink interface. Supported MSS range is 216 to 8960.", 
      "maximum": 8852, 
      "minimum": 108, 
      "required": false, 
      "title": "Maximum Segment Size Value", 
      "type": "integer"
    }
  }, 
  "title": "TCP MSS Clamping", 
  "type": "object"
}

TcpMssClamping (type) 

{
  "additionalProperties": false, 
  "description": "Tcp Mss Clamping Direction and value", 
  "id": "TcpMssClamping", 
  "module_id": "IPSecVPN", 
  "properties": {
    "direction": {
      "default": "NONE", 
      "description": "Specifies the traffic direction for which to apply MSS Clamping.", 
      "enum": [
        "NONE", 
        "INBOUND_CONNECTION", 
        "OUTBOUND_CONNECTION", 
        "BOTH"
      ], 
      "required": false, 
      "title": "MSS Clamping direction", 
      "type": "string"
    }, 
    "max_segment_size": {
      "description": "It defines the maximum amount of data that a host is willing to accept in a single TCP segment. This field is set in TCP header during connection establishment. To avoid packet fragmentation, you can set this field depending on uplink MTU and VPN overhead. This is optional field and in case it is left unconfigured, best possible MSS value will be calculated based on effective mtu of uplink interface. Supported MSS range is 108 to 8852.", 
      "maximum": 8852, 
      "minimum": 108, 
      "required": false, 
      "title": "Maximum Segment Size value", 
      "type": "integer"
    }
  }, 
  "title": "Tcp Mss Clamping Object", 
  "type": "object"
}

TcpPolicyLbMonitorProfile (type) 

{
  "additionalProperties": false, 
  "description": "Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the PolicyLbRule object. This represents active health monitoring over TCP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified  number of consecutive successful healthchecks (rise_count) will bring  the member back to UP state. After a healthcheck is initiated, if it  does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
  "extends": {
    "$ref": "PolicyLbMonitorProfile
  }, 
  "id": "TcpPolicyLbMonitorProfile", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "TcpPolicyLbMonitorProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.", 
      "required": false, 
      "title": "Monitor fall count for active healthchecks", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.", 
      "required": false, 
      "title": "Monitor interval in seconds for active healthchecks", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "monitor_port": {
      "description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Monitor port for active healthchecks", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "TcpPolicyLbMonitorProfile", 
        "UdpPolicyLbMonitorProfile", 
        "IcmpPolicyLbMonitorProfile", 
        "HttpPolicyLbMonitorProfile", 
        "HttpsPolicyLbMonitorProfile"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "rise_count": {
      "default": 3, 
      "description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.", 
      "required": false, 
      "title": "Monitor rise count for active healthchecks", 
      "type": "integer"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "description": "Timeout specified in seconds.  After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
      "required": false, 
      "title": "Monitor timeout in seconds for active healthchecks", 
      "type": "integer"
    }
  }, 
  "title": "PolicyLbMonitorProfile for active health checks over TCP", 
  "type": "object"
}

TcpPolicyLbVirtualServer (type) 

{
  "additionalProperties": false, 
  "description": "Virtual server acts as a facade to an application, receives all client connections over TCP and distributes them among the backend servers.", 
  "extends": {
    "$ref": "PolicyLbVirtualServer
  }, 
  "id": "TcpPolicyLbVirtualServer", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "TcpPolicyLbVirtualServer"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "access_log_enabled": {
      "default": false, 
      "description": "If access log is enabled, all HTTP requests sent to an L7 virtual server are logged to the access log file. Both successful requests (backend server returns 2xx) and unsuccessful requests (backend server returns 4xx or 5xx) are logged to access log, if enabled.", 
      "required": false, 
      "title": "Access log enabled setting", 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "description": "Configures the IP address of the PolicyLbVirtualServer where it receives all client connections and distributes them among the backend servers.", 
      "required": true, 
      "title": "IP address of the PolicyLbVirtualServer"
    }, 
    "lb_persistence_profile": {
      "description": "Path to optional object that enables persistence on a virtual server allowing related client connections to be sent to the same backend server. Persistence is disabled by default.", 
      "required": false, 
      "title": "Persistence Profile used by PolicyLbVirtualServer", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "ports": {
      "description": "Ports contains a list of at least one port or port range such as \"80\", \"1234-1236\". Each port element in the list should be a single port or a single port range.", 
      "items": {
        "$ref": "PortElement
      }, 
      "required": true, 
      "title": "Virtual server port number(s) or port range(s)", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "TcpPolicyLbVirtualServer", 
        "UdpPolicyLbVirtualServer", 
        "HttpPolicyLbVirtualServer", 
        "HttpsPolicyLbVirtualServer", 
        "CustomPolicyLbVirtualServer"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "router_path": {
      "description": "Path to router type object that PolicyLbVirtualServer connects to. The only supported router object is Network.", 
      "required": true, 
      "title": "Path to router type object for PolicyLbVirtualServer", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "traffic_source": {
      "type": "string"
    }
  }, 
  "title": "PolicyLbVirtualServer handling connections over TCP", 
  "type": "object"
}

TeamingPolicy (type) 

{
  "id": "TeamingPolicy", 
  "module_id": "UplinkHostSwitchProfile", 
  "properties": {
    "active_list": {
      "items": {
        "$ref": "Uplink
      }, 
      "required": true, 
      "title": "List of Uplinks used in active list", 
      "type": "array"
    }, 
    "policy": {
      "enum": [
        "FAILOVER_ORDER", 
        "LOADBALANCE_SRCID", 
        "LOADBALANCE_SRC_MAC"
      ], 
      "required": true, 
      "title": "Teaming policy", 
      "type": "string"
    }, 
    "standby_list": {
      "items": {
        "$ref": "Uplink
      }, 
      "required": false, 
      "title": "List of Uplinks used in standby list", 
      "type": "array"
    }
  }, 
  "title": "Uplink Teaming Policy", 
  "type": "object"
}

TelemetryAgreement (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "TelemetryAgreement", 
  "module_id": "TelemetryConfig", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "telemetry_agreement_displayed": {
      "description": "Determine if telemetry agreement has been displayed. If false, the agreement text will be displayed at login time.", 
      "required": true, 
      "title": "Flag to indicate if telemetry agreement has been displayed", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

TelemetryConfig (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "TelemetryConfig", 
  "module_id": "TelemetryConfig", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "ceip_acceptance": {
      "description": "Enable this flag to participate in the Customer Experience Improvement Program.", 
      "required": true, 
      "title": "Flag to indicate if CEIP has been accepted", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "proxy_enabled": {
      "default": false, 
      "description": "Enable this flag to specify a proxy, and provide the proxy settings.", 
      "required": false, 
      "title": "Flag to indicate if proxy has been configured", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "schedule_enabled": {
      "description": "Enable this to schedule data collection and upload times. If enabled, and a schedule is not provided, a default schedule (WEEKLY, Sunday at 2:00 a.m) will be applied.", 
      "required": true, 
      "title": "Flag to indicate if data collection is enabled", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "telemetry_proxy": {
      "$ref": "TelemetryProxy, 
      "description": "Specify the proxy configuration (scheme, server, port) here.", 
      "required": false, 
      "title": "Set config for proxy to be used to send out telemetry data"
    }, 
    "telemetry_schedule": {
      "$ref": "TelemetrySchedule, 
      "description": "Specify one of Daily, Weekly or Monthly schedules.", 
      "required": false, 
      "title": "Set schedule for when telemetry data should be collected"
    }
  }, 
  "type": "object"
}

TelemetryProxy (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "TelemetryProxy", 
  "module_id": "TelemetryConfig", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "hostname": {
      "description": "Specify the fully qualified domain name, or ip address, of the proxy server.", 
      "format": "hostname-or-ip", 
      "required": true, 
      "title": "FQDN or IP address of the proxy server", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "password": {
      "description": "Specify the password used to authenticate with the proxy server, if required. A GET call on /telemetry/config returns a non-meaningful password to maintain security. To change the password to a new value, issue a PUT call after updating this field. To remove the password, issue a PUT call after emptying this field. To retain a previously set password, issue a PUT call keeping the non-meaningful value obtained from the GET call.", 
      "required": false, 
      "sensitive": true, 
      "title": "Password", 
      "type": "string"
    }, 
    "port": {
      "description": "Specify the port of the proxy server.", 
      "required": true, 
      "title": "Configured port for proxy", 
      "type": "int"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "scheme": {
      "description": "The scheme accepted by the proxy server. Specify one of HTTP and HTTPS.", 
      "enum": [
        "HTTP", 
        "HTTPS"
      ], 
      "required": true, 
      "title": "The scheme accepted by the proxy server", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "username": {
      "description": "Specify the user name used to authenticate with the proxy server, if required.", 
      "required": false, 
      "title": "User name", 
      "type": "string"
    }
  }, 
  "type": "object"
}

TelemetrySchedule (type) 

{
  "abstract": true, 
  "id": "TelemetrySchedule", 
  "module_id": "TelemetryConfig", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "frequency_type"
  }, 
  "properties": {
    "frequency_type": {
      "description": "Specify one of DailyTelemetrySchedule, WeeklyTelemetrySchedule, or MonthlyTelemetrySchedule.", 
      "required": true, 
      "title": "Frequency at which data will be collected", 
      "type": "string"
    }
  }, 
  "title": "Abstract base type for telemetry schedule configuration", 
  "type": "object"
}

ThreatStatus (type) 

{
  "additionalProperties": false, 
  "id": "ThreatStatus", 
  "module_id": "Heatmap", 
  "properties": {
    "status": {
      "enum": [
        "NORMAL", 
        "ABNORMAL"
      ], 
      "title": "Transport node threat status", 
      "type": "string"
    }
  }, 
  "type": "object"
}

Tier0 (type) 

{
  "additionalProperties": false, 
  "description": "Tier-0 configuration for external connectivity.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Tier0", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "default_rule_logging": {
      "default": false, 
      "deprecated": true, 
      "description": "Indicates if logging should be enabled for the default whitelisting rule. This filed is deprecated and recommended to change Rule logging filed. Note that this filed is not synchornied with default logging field.", 
      "required": false, 
      "title": "Enable logging for whitelisted rule", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "dhcp_config_paths": {
      "description": "DHCP configuration for Segments connected to Tier-0. DHCP service is configured in relay mode.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "minItems": 0, 
      "required": false, 
      "title": "DHCP configuration for Segments connected to Tier-0", 
      "type": "array"
    }, 
    "disable_firewall": {
      "default": false, 
      "description": "Disable or enable gateway fiewall.", 
      "required": false, 
      "title": "Disable gateway firewall", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "failover_mode": {
      "default": "NON_PREEMPTIVE", 
      "description": "Determines the behavior when a Tier-0 instance in ACTIVE-STANDBY high-availability mode restarts after a failure. If set to PREEMPTIVE, the preferred node will take over, even if it causes another failure. If set to NON_PREEMPTIVE, then the instance that restarted will remain secondary. This property must not be populated unless the ha_mode property is set to ACTIVE_STANDBY.", 
      "enum": [
        "PREEMPTIVE", 
        "NON_PREEMPTIVE"
      ], 
      "required": false, 
      "title": "Failover mode", 
      "type": "string"
    }, 
    "force_whitelisting": {
      "default": false, 
      "deprecated": true, 
      "description": "This filed is deprecated and recommended to change Rule action filed. Note that this filed is not synchornied with default rule field.", 
      "required": false, 
      "title": "Flag to add whitelisting FW rule during realization", 
      "type": "boolean"
    }, 
    "ha_mode": {
      "default": "ACTIVE_ACTIVE", 
      "description": "Specify high-availability mode for Tier-0. Default is ACTIVE_ACTIVE.", 
      "enum": [
        "ACTIVE_ACTIVE", 
        "ACTIVE_STANDBY"
      ], 
      "required": false, 
      "title": "High-availability Mode for Tier-0", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "internal_transit_subnets": {
      "description": "Specify subnets that are used to assign addresses to logical links connecting service routers and distributed routers. Only IPv4 addresses are supported. When not specified, subnet 169.254.0.0/24 is assigned by default in ACTIVE_ACTIVE HA mode or 169.254.0.0/28 in ACTIVE_STANDBY mode.", 
      "items": {
        "format": "ip-cidr-block", 
        "type": "string"
      }, 
      "maxItems": 1, 
      "required": false, 
      "title": "Internal transit subnets in CIDR format", 
      "type": "array"
    }, 
    "ipv6_profile_paths": {
      "description": "IPv6 NDRA and DAD profiles configuration on Tier0. Either or both NDRA and/or DAD profiles can be configured.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 2, 
      "minItems": 0, 
      "required": false, 
      "title": "IPv6 NDRA and DAD profiles configuration", 
      "type": "array"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transit_subnets": {
      "description": "Specify transit subnets that are used to assign addresses to logical links connecting tier-0 and tier-1s. Both IPv4 and IPv6 addresses are supported. When not specified, subnet 100.64.0.0/16 is configured by default.", 
      "items": {
        "format": "ip-cidr-block", 
        "type": "string"
      }, 
      "required": false, 
      "title": "Transit subnets in CIDR format", 
      "type": "array"
    }
  }, 
  "title": "Tier-0 configuration", 
  "type": "object"
}

Tier0DeploymentMap (type) 

{
  "description": "Associate tier-0 to the enforcement point to realize policy intent", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Tier0DeploymentMap", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enforcement_point": {
      "description": "Path of enforcement point on which Tier-0 will be deployed", 
      "required": true, 
      "title": "Absolute path of enforcement point", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Tier-0 deployment map", 
  "type": "object"
}

Tier0DeploymentMapListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "Tier0DeploymentMap list request parameters", 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "Tier0DeploymentMapListRequestParameters", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Tier0DeploymentMap list request parameters", 
  "type": "object"
}

Tier0DeploymentMapListResult (type) 

{
  "additionalProperties": false, 
  "description": "Paged Collection of Tier-0 Deployment map", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "Tier0DeploymentMapListResult", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Tier0DeploymentMap
      }, 
      "required": true, 
      "title": "Tier-0 Deployment Maps", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of Tier-0 Deployment map", 
  "type": "object"
}

Tier0GatewayState (type) 

{
  "additionalProperties": false, 
  "id": "Tier0GatewayState", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "enforcement_point_path": {
      "description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned.", 
      "title": "Enforcement point path", 
      "type": "string"
    }, 
    "ipv6_status": {
      "description": "IPv6 DAD status for interfaces configured on Tier0", 
      "items": {
        "$ref": "IPv6Status
      }, 
      "title": "IPv6 DAD status for Tier0 interfaces", 
      "type": "array"
    }, 
    "tier0_state": {
      "$ref": "LogicalRouterState, 
      "description": "Detailed realized state information for Tier0", 
      "title": "Tier0 state"
    }, 
    "tier0_status": {
      "$ref": "LogicalRouterStatus, 
      "description": "Detailed realized status information for Tier0", 
      "title": "Tier0 status"
    }
  }, 
  "title": "Tier0 gateway state", 
  "type": "object"
}

Tier0HaVipConfig (type) 

{
  "additionalProperties": false, 
  "id": "Tier0HaVipConfig", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "enabled": {
      "default": true, 
      "required": false, 
      "title": "Flag to enable this HA VIP config.", 
      "type": "boolean"
    }, 
    "external_interface_paths": {
      "description": "Policy paths to Tier0 external interfaces which are to be paired to provide redundancy. Floating IP will be owned by one of these interfaces depending upon which edge node is Active.", 
      "items": {
        "type": "string"
      }, 
      "minItems": 2, 
      "required": true, 
      "title": "Policy paths to Tier0 external interfaces for providing redundancy", 
      "type": "array"
    }, 
    "vip_subnets": {
      "description": "Array of IP address subnets which will be used as floating IP addresses.", 
      "items": {
        "$ref": "InterfaceSubnet
      }, 
      "maxItems": 2, 
      "minItems": 1, 
      "required": true, 
      "title": "VIP floating IP address subnets", 
      "type": "array"
    }
  }, 
  "title": "Tier0 HA VIP Config", 
  "type": "object"
}

Tier0Interface (type) 

{
  "additionalProperties": false, 
  "description": "Tier-0 interface configuration for external connectivity.", 
  "extends": {
    "$ref": "BaseTier0Interface
  }, 
  "id": "Tier0Interface", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "edge_cluster_member_index": {
      "deprecated": true, 
      "description": "Specify association of interface with edge cluster member. This property is deprecated, use edge_path instead. When both properties are specifed, only edge_path property is used.", 
      "minimum": 0, 
      "required": false, 
      "title": "Association of interface with edge cluster member", 
      "type": "int"
    }, 
    "edge_path": {
      "description": "Policy path to edge node to handle external connectivity. Required when interface type is EXTERNAL.", 
      "required": false, 
      "title": "Policy path to edge node", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipv6_profile_paths": {
      "description": "Configuration IPv6 NDRA profile. Only one NDRA profile can be configured.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "minItems": 0, 
      "required": false, 
      "title": "IPv6 NDRA profile configuration", 
      "type": "array"
    }, 
    "ls_id": {
      "deprecated": true, 
      "description": "Specify logical switch to which tier-0 interface is connected for external access. This property is deprecated, use segment_path instead. Both properties cannot be used together.", 
      "required": false, 
      "title": "Logical switch id to attach tier-0 interface", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "mtu": {
      "description": "Maximum transmission unit (MTU) specifies the size of the largest packet that a network protocol can transmit.", 
      "minimum": 64, 
      "required": false, 
      "title": "MTU size", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "segment_path": {
      "description": "Specify Segment to which this interface is connected to. Either segment_path or ls_id property is required.", 
      "required": false, 
      "title": "Segment to attach tier-0 interface", 
      "type": "string"
    }, 
    "subnets": {
      "description": "Specify IP address and network prefix for interface.", 
      "items": {
        "$ref": "InterfaceSubnet
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "IP address and subnet specification for interface", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "type": {
      "default": "EXTERNAL", 
      "description": "Interface type", 
      "enum": [
        "EXTERNAL", 
        "SERVICE", 
        "LOOPBACK"
      ], 
      "required": false, 
      "title": "Interface type", 
      "type": "string"
    }
  }, 
  "title": "Tier-0 interface configuration", 
  "type": "object"
}

Tier0InterfaceListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "Tier0InterfaceListRequestParameters", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Tier-0 Interface list request parameters", 
  "type": "object"
}

Tier0InterfaceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "Tier0InterfaceListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Tier0Interface
      }, 
      "required": true, 
      "title": "Tier-0 Interface list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Tier-0 Interfaces", 
  "type": "object"
}

Tier0ListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "Tier0ListRequestParameters", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Tier-0 list request parameters", 
  "type": "object"
}

Tier0ListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "Tier0ListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Tier0
      }, 
      "required": true, 
      "title": "Tier-0 list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Tier-0s", 
  "type": "object"
}

Tier0RouteMap (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Tier0RouteMap", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "entries": {
      "description": "Ordered list of route map entries.", 
      "items": {
        "$ref": "RouteMapEntry
      }, 
      "maxItems": 1000, 
      "minItems": 1, 
      "required": true, 
      "title": "Ordered list of route map entries", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "RouteMap for redistributing routes to BGP and other routing protocols", 
  "type": "object"
}

Tier0RouteMapListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "Tier0RouteMapListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Tier0RouteMap
      }, 
      "required": true, 
      "title": "Tier0RouteMap results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of RouteMaps", 
  "type": "object"
}

Tier0RouteRedistributionTypes (type) 

{
  "additionalProperties": false, 
  "description": "Tier-0 route redistribution types.    TIER0_STATIC: Redistribute user added static routes.   TIER0_CONNECTED: Redistribute all subnets configured on Interfaces and   routes related to TIER0_ROUTER_LINK, TIER0_SEGMENT,   TIER0_DNS_FORWARDER_IP, TIER0_IPSEC_LOCAL_IP, TIER0_NAT types.   TIER1_STATIC: Redistribute all subnets and static routes advertised   by Tier-1s.   TIER0_EXTERNAL_INTERFACE: Redistribute external interface subnets   on Tier-0.   TIER0_LOOPBACK_INTERFACE: Redistribute loopback interface subnets   on Tier-0.   TIER0_SEGMENT: Redistribute subnets configured on Segments connected   to Tier-0.   TIER0_ROUTER_LINK: Redistribute router link port subnets on Tier-0   TIER0_SERVICE_INTERFACE: Redistribute Tier0 service interface subnets.   TIER0_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets.   TIER0_IPSEC_LOCAL_IP: Redistribute IPSec subnets.   TIER0_NAT: Redistribute NAT IPs owned by Tier-0.   TIER1_NAT: Redistribute NAT IPs advertised by Tier-1 instances.   TIER1_LB_VIP: Redistribute LB VIP IPs advertised by Tier-1 instances.   TIER1_LB_SNAT: Redistribute LB SNAT IPs advertised by Tier-1 instances.   TIER1_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets on Tier-1   instances.   TIER1_CONNECTED: Redistribute all subnets configured on Segments and   Service Interfaces.   TIER1_SERVICE_INTERFACE: Redistribute Tier1 service interface subnets.   TIER1_SEGMENT: Redistribute subnets configured on Segments connected   to Tier1.   TIER1_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint   subnets advertised by TIER1.     Route redistribution destination is BGP.", 
  "enum": [
    "TIER0_STATIC", 
    "TIER0_CONNECTED", 
    "TIER0_EXTERNAL_INTERFACE", 
    "TIER0_SEGMENT", 
    "TIER0_ROUTER_LINK", 
    "TIER0_SERVICE_INTERFACE", 
    "TIER0_LOOPBACK_INTERFACE", 
    "TIER0_DNS_FORWARDER_IP", 
    "TIER0_IPSEC_LOCAL_IP", 
    "TIER0_NAT", 
    "TIER1_NAT", 
    "TIER1_STATIC", 
    "TIER1_LB_VIP", 
    "TIER1_LB_SNAT", 
    "TIER1_DNS_FORWARDER_IP", 
    "TIER1_CONNECTED", 
    "TIER1_SERVICE_INTERFACE", 
    "TIER1_SEGMENT", 
    "TIER1_IPSEC_LOCAL_ENDPOINT"
  ], 
  "id": "Tier0RouteRedistributionTypes", 
  "module_id": "PolicyConnectivity", 
  "title": "Tier-0 route redistribution types", 
  "type": "string"
}

Tier0StateRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "Tier0StateRequestParameters", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "enforcement_point_path": {
      "description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned.", 
      "title": "Enforcement point path", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "interface_path": {
      "description": "String Path of interface on current Tier0 gateway for interface specified state such as IPv6 DAD state. When not specified, IPv6 NDRA state from from all interfaces is returned.", 
      "title": "Interface path for interface specific state such as IPv6 DAD state", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "State request parameters for Tier0 gateway", 
  "type": "object"
}

Tier1 (type) 

{
  "additionalProperties": false, 
  "description": "Tier-1 instance configuration.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Tier1", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "default_rule_logging": {
      "default": false, 
      "deprecated": true, 
      "description": "Indicates if logging should be enabled for the default whitelisting rule. This filed is deprecated and recommended to change Rule logging filed. Note that this filed is not synchornied with default logging field.", 
      "required": false, 
      "title": "Enable logging for whitelisted rule", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "dhcp_config_paths": {
      "description": "DHCP configuration for Segments connected to Tier-1. DHCP service is enabled in relay mode.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "minItems": 0, 
      "required": false, 
      "title": "DHCP configuration for Segments connected to Tier-1", 
      "type": "array"
    }, 
    "disable_firewall": {
      "default": false, 
      "description": "Disable or enable gateway fiewall.", 
      "required": false, 
      "title": "Disable gateway firewall", 
      "type": "boolean"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enable_standby_relocation": {
      "default": false, 
      "description": "Flag to enable standby service router relocation. Standby relocation is not enabled until edge cluster is configured for Tier1.", 
      "required": false, 
      "title": "Flag to enable standby service router relocation.", 
      "type": "boolean"
    }, 
    "failover_mode": {
      "default": "NON_PREEMPTIVE", 
      "description": "Determines the behavior when a Tier-1 instance in ACTIVE-STANDBY high-availability mode restarts after a failure. If set to PREEMPTIVE, the preferred node will take over, even if it causes another failure. If set to NON_PREEMPTIVE, then the instance that restarted will remain secondary. This property must not be populated unless the ha_mode property is set to ACTIVE_STANDBY.", 
      "enum": [
        "PREEMPTIVE", 
        "NON_PREEMPTIVE"
      ], 
      "required": false, 
      "title": "Failover mode", 
      "type": "string"
    }, 
    "force_whitelisting": {
      "default": false, 
      "deprecated": true, 
      "description": "This filed is deprecated and recommended to change Rule action filed. Note that this filed is not synchornied with default rule field.", 
      "required": false, 
      "title": "Flag to add whitelisting FW rule during realization", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipv6_profile_paths": {
      "description": "Configuration IPv6 NDRA and DAD profiles. Either or both NDRA and/or DAD profiles can be configured.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 2, 
      "minItems": 0, 
      "required": false, 
      "title": "IPv6 NDRA and DAD profiles configuration", 
      "type": "array"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "route_advertisement_rules": {
      "items": {
        "$ref": "RouteAdvertisementRule
      }, 
      "required": false, 
      "title": "Route advertisement rules and filtering", 
      "type": "array"
    }, 
    "route_advertisement_types": {
      "description": "Enable different types of route advertisements. When not specified, routes to IPSec VPN local-endpoint subnets (TIER1_IPSEC_LOCAL_ENDPOINT) are automatically advertised.", 
      "items": {
        "$ref": "Tier1RouteAdvertisentTypes
      }, 
      "required": false, 
      "title": "Enable different types of route advertisements", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tier0_path": {
      "description": "Specify Tier-1 connectivity to Tier-0 instance.", 
      "required": false, 
      "title": "Tier-1 connectivity to Tier-0", 
      "type": "string"
    }, 
    "type": {
      "description": "Tier1 connectivity type for reference. Property value is not validated with Tier1 configuration.   ROUTED: Tier1 is connected to Tier0 gateway and routing is enabled.   ISOLATED: Tier1 is not connected to any Tier0 gateway.   NATTED: Tier1 is in ROUTED type with NAT configured locally.", 
      "enum": [
        "ROUTED", 
        "ISOLATED", 
        "NATTED"
      ], 
      "required": false, 
      "title": "Tier1 type", 
      "type": "string"
    }
  }, 
  "title": "Tier-1", 
  "type": "object"
}

Tier1DeploymentMap (type) 

{
  "description": "Binding the Tier-1 and its associated child objects to the enforcement point for realization.", 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "Tier1DeploymentMap", 
  "module_id": "PolicyEnforcementPointManagement", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enforcement_point": {
      "description": "Path of enforcement point on which Tier-1 will be deployed", 
      "required": true, 
      "title": "Absolute path of enforcement point", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Tier-1 deployment map", 
  "type": "object"
}

Tier1GatewayState (type) 

{
  "additionalProperties": false, 
  "id": "Tier1GatewayState", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "enforcement_point_path": {
      "description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned.", 
      "title": "Enforcement point path", 
      "type": "string"
    }, 
    "ipv6_status": {
      "description": "IPv6 DAD status for interfaces configured on Tier1", 
      "items": {
        "$ref": "IPv6Status
      }, 
      "title": "IPv6 DAD status for Tier1 interfaces", 
      "type": "array"
    }, 
    "tier1_state": {
      "$ref": "LogicalRouterState, 
      "description": "Detailed realized state information for Tier1", 
      "title": "Tier1 state"
    }, 
    "tier1_status": {
      "$ref": "LogicalRouterStatus, 
      "description": "Detailed realized status information for Tier1", 
      "title": "Tier1 status"
    }
  }, 
  "title": "Tier1 gateway state", 
  "type": "object"
}

Tier1Interface (type) 

{
  "additionalProperties": false, 
  "description": "Tier-1 interface configuration for attaching services.", 
  "extends": {
    "$ref": "BaseTier0Interface
  }, 
  "id": "Tier1Interface", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipv6_profile_paths": {
      "description": "Configrue IPv6 NDRA profile. Only one NDRA profile can be configured.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "minItems": 0, 
      "required": false, 
      "title": "IPv6 NDRA profile configuration", 
      "type": "array"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "mtu": {
      "description": "Maximum transmission unit (MTU) specifies the size of the largest packet that a network protocol can transmit.", 
      "minimum": 64, 
      "required": false, 
      "title": "MTU size", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "segment_path": {
      "description": "Policy path of Segment to which interface is connected to.", 
      "required": true, 
      "title": "Policy path of Segment to attach interface", 
      "type": "string"
    }, 
    "subnets": {
      "description": "Specify IP address and network prefix for interface.", 
      "items": {
        "$ref": "InterfaceSubnet
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "IP address and subnet specification for interface", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Tier-1 interface configuration", 
  "type": "object"
}

Tier1InterfaceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "Tier1InterfaceListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Tier1Interface
      }, 
      "required": true, 
      "title": "Tier-1 Interface list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Tier-1 Interfaces", 
  "type": "object"
}

Tier1ListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyListRequestParameters
  }, 
  "id": "Tier1ListRequestParameters", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_mark_for_delete_objects": {
      "default": false, 
      "description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.", 
      "required": false, 
      "title": "Include objects that are marked for deletion in results", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Tier-1 list request parameters", 
  "type": "object"
}

Tier1ListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "Tier1ListResult", 
  "module_id": "PolicyConnectivity", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Tier1
      }, 
      "required": true, 
      "title": "Tier-1 list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged collection of Tier-1 instances", 
  "type": "object"
}

Tier1RouteAdvertisentTypes (type) 

{
  "additionalProperties": false, 
  "description": "Control routes advertised by Tier-1 instance.   TIER1_STATIC_ROUTES: Advertise all STATIC routes.   TIER1_CONNECTED: Advertise all subnets configured on connected   Interfaces and Segments.   TIER1_NAT: Advertise all NAT IP addresses.   TIER1_LB_VIP: Advertise all Load-balancer VIPs.   TIER1_LB_SNAT: Advertise all Loadbalancer SNAT IP addresses.   TIER1_DNS_FORWARDER_IP: Advertise DNS forwarder source and listener IPs   TIER1_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint subnets.", 
  "enum": [
    "TIER1_STATIC_ROUTES", 
    "TIER1_CONNECTED", 
    "TIER1_NAT", 
    "TIER1_LB_VIP", 
    "TIER1_LB_SNAT", 
    "TIER1_DNS_FORWARDER_IP", 
    "TIER1_IPSEC_LOCAL_ENDPOINT"
  ], 
  "id": "Tier1RouteAdvertisentTypes", 
  "module_id": "PolicyConnectivity", 
  "type": "string"
}

Tier1StateRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "Tier1StateRequestParameters", 
  "module_id": "PolicyConnectivityStatistics", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "enforcement_point_path": {
      "description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned.", 
      "title": "Enforcement point path", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "interface_path": {
      "description": "String Path of interface on current Tier1 gateway for interface specified state such as IPv6 DAD state. When not specified, IPv6 NDRA state from from all interfaces is returned.", 
      "title": "Interface path for interface specific state such as IPv6 DAD state", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "State request parameters for Tier1 gateway", 
  "type": "object"
}

TlsCertificate (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "TlsCertificate", 
  "module_id": "PolicyCertificate", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "details": {
      "description": "list of X509Certificates.", 
      "items": {
        "$ref": "X509Certificate
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "pem_encoded": {
      "description": "pem encoded certificate data.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

TlsCertificateList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "TlsCertificateList", 
  "module_id": "PolicyCertificate", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "TlsCertificate list.", 
      "items": {
        "$ref": "TlsCertificate
      }, 
      "readonly": true, 
      "required": true, 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Certificate queries result", 
  "type": "object"
}

TlsCrl (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "TlsCrl", 
  "module_id": "PolicyCertificate", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "details": {
      "$ref": "X509Crl, 
      "description": "Details of the X509Crl object.", 
      "readonly": true, 
      "required": false, 
      "title": "Details of the X509Crl object"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "pem_encoded": {
      "description": "Pem encoded crl data.", 
      "required": true, 
      "title": "Pem encoded crl data", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

TlsCrlListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "TlsCrlListResult", 
  "module_id": "PolicyCertificate", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "TlsCrl
      }, 
      "required": true, 
      "title": "TlsCrl list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Paged Collection of TlsCrl", 
  "type": "object"
}

TlsTrustData (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "PolicyConfigResource
  }, 
  "id": "TlsTrustData", 
  "module_id": "PolicyCertificate", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "key_algo": {
      "description": "Key algorithm contained in this certificate.", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "passphrase": {
      "description": "Password for private key encryption.", 
      "readonly": false, 
      "required": false, 
      "sensitive": true, 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "pem_encoded": {
      "description": "pem encoded certificate data.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "private_key": {
      "description": "private key data", 
      "readonly": false, 
      "required": false, 
      "sensitive": true, 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

Tooltip (type) 

{
  "additionalProperties": false, 
  "description": "Tooltip to be shown while hovering over the dashboard UI element.", 
  "id": "Tooltip", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "condition": {
      "description": "If the condition is met then the tooltip will be applied. If no condition is provided, then the tooltip will be applied unconditionally. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.", 
      "maxLength": 1024, 
      "title": "Expression for evaluating condition", 
      "type": "string"
    }, 
    "heading": {
      "description": "If true, displays tooltip text in bold", 
      "title": "Tooltip will be treated as header.", 
      "type": "boolean"
    }, 
    "text": {
      "description": "Text to be shown on tooltip while hovering over UI element. The text would be wrapped if it exceeds 80 chars.", 
      "maxLength": 1024, 
      "required": true, 
      "title": "Textbox shown at tooltip", 
      "type": "string"
    }
  }, 
  "title": "Tooltip", 
  "type": "object"
}

Traceflow (type) 

{
  "extends": {
    "$ref": "Resource
  }, 
  "id": "Traceflow", 
  "module_id": "Traceflow", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "analysis": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "title": "Traceflow result analysis notes", 
      "type": "array"
    }, 
    "counters": {
      "$ref": "TraceflowObservationCounters, 
      "readonly": true, 
      "required": false, 
      "title": "observation counters"
    }, 
    "id": {
      "readonly": true, 
      "required": true, 
      "title": "The id of the traceflow round", 
      "type": "string"
    }, 
    "logical_counters": {
      "$ref": "TraceflowObservationCounters, 
      "readonly": true, 
      "required": false, 
      "title": "counters of observations from logical components"
    }, 
    "lport_id": {
      "readonly": true, 
      "required": false, 
      "title": "id of the source logical port used for injecting the traceflow packet", 
      "type": "string"
    }, 
    "operation_state": {
      "enum": [
        "IN_PROGRESS", 
        "FINISHED", 
        "FAILED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Represents the traceflow operation state", 
      "type": "string"
    }, 
    "request_status": {
      "description": "The status of the traceflow RPC request. SUCCESS - The traceflow request is sent successfully. TIMEOUT - The traceflow request gets timeout. SOURCE_PORT_NOT_FOUND - The source port of the request cannot be found. DATA_PATH_NOT_READY - The datapath component cannot be ready to receive request. CONNECTION_ERROR - There is connection error on datapath component. UNKNOWN - The status of traceflow request cannot be determined.", 
      "enum": [
        "SUCCESS", 
        "TIMEOUT", 
        "SOURCE_PORT_NOT_FOUND", 
        "DATA_PATH_NOT_READY", 
        "CONNECTION_ERROR", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Traceflow request status", 
      "type": "string"
    }, 
    "result_overflowed": {
      "readonly": true, 
      "required": false, 
      "title": "A flag, when set true, indicates some observations were deleted from the result set.", 
      "type": "boolean"
    }, 
    "timeout": {
      "description": "Maximum time (in ms) the management plane will be waiting for this traceflow round.", 
      "maximum": 15000, 
      "minimum": 5000, 
      "readonly": true, 
      "required": false, 
      "title": "Timeout (in ms) for traceflow observations result list", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

TraceflowComponentSubType (type) 

{
  "enum": [
    "LR_TIER0", 
    "LR_TIER1", 
    "LR_VRF_TIER0", 
    "LS_TRANSIT", 
    "SI_CLASSIFIER", 
    "SI_PROXY", 
    "VDR", 
    "ENI", 
    "AWS_GATEWAY", 
    "EDGE_UPLINK", 
    "UNKNOWN"
  ], 
  "id": "TraceflowComponentSubType", 
  "module_id": "Traceflow", 
  "type": "string"
}

TraceflowComponentType (type) 

{
  "enum": [
    "PHYSICAL", 
    "LR", 
    "LS", 
    "DFW", 
    "BRIDGE", 
    "EDGE_TUNNEL", 
    "EDGE_HOSTSWITCH", 
    "FW_BRIDGE", 
    "LOAD_BALANCER", 
    "NAT", 
    "IPSEC", 
    "SERVICE_INSERTION", 
    "VMC", 
    "UNKNOWN"
  ], 
  "id": "TraceflowComponentType", 
  "module_id": "Traceflow", 
  "type": "string"
}

TraceflowListParameters (type) 

{
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "TraceflowListParameters", 
  "module_id": "Traceflow", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "lport_id": {
      "required": false, 
      "title": "id of the source logical port where the trace flows originated", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Traceflow list parameters", 
  "type": "object"
}

TraceflowListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "TraceflowListResult", 
  "module_id": "Traceflow", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "Traceflow
      }, 
      "readonly": true, 
      "title": "Traceflow Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Traceflow queries result", 
  "type": "object"
}

TraceflowObservation (type) 

{
  "abstract": true, 
  "id": "TraceflowObservation", 
  "module_id": "Traceflow", 
  "polymorphic-type-descriptor": {
    "mode": "enabled", 
    "property-name": "resource_type"
  }, 
  "properties": {
    "component_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the component that issued the observation.", 
      "type": "string"
    }, 
    "component_sub_type": {
      "$ref": "TraceflowComponentSubType, 
      "readonly": true, 
      "required": false, 
      "title": "The sub type of the component that issued the observation."
    }, 
    "component_type": {
      "$ref": "TraceflowComponentType, 
      "readonly": true, 
      "required": false, 
      "title": "The type of the component that issued the observation."
    }, 
    "resource_type": {
      "$ref": "TraceflowObservationType, 
      "default": "TraceflowObservationReceived", 
      "required": true
    }, 
    "sequence_no": {
      "description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.", 
      "readonly": true, 
      "required": true, 
      "title": "the sequence number is the traceflow observation hop count", 
      "type": "integer"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the observation was created by the transport node (milliseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node"
    }, 
    "timestamp_micro": {
      "description": "Timestamp when the observation was created by the transport node (microseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node", 
      "type": "integer"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": false, 
      "title": "id of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_name": {
      "readonly": true, 
      "required": false, 
      "title": "name of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_type": {
      "$ref": "TransportNodeType, 
      "readonly": true, 
      "required": false, 
      "title": "type of the transport node that observed a traceflow packet"
    }
  }, 
  "type": "object"
}

TraceflowObservationCounters (type) 

{
  "id": "TraceflowObservationCounters", 
  "module_id": "Traceflow", 
  "properties": {
    "delivered_count": {
      "description": "Total number of delivered observations for this traceflow round.", 
      "readonly": true, 
      "required": false, 
      "title": "Delivered observation count", 
      "type": "integer"
    }, 
    "dropped_count": {
      "description": "Total number of dropped observations for this round.", 
      "readonly": true, 
      "required": false, 
      "title": "Dropped observation count", 
      "type": "integer"
    }, 
    "forwarded_count": {
      "description": "Total number of forwarded observations for this traceflow round.", 
      "readonly": true, 
      "required": false, 
      "title": "Forwarded observation count", 
      "type": "integer"
    }, 
    "received_count": {
      "description": "Total number of received observations for this traceflow round.", 
      "readonly": true, 
      "required": false, 
      "title": "Received observation count", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

TraceflowObservationDelivered (type) 

{
  "extends": {
    "$ref": "TraceflowObservation
  }, 
  "id": "TraceflowObservationDelivered", 
  "module_id": "Traceflow", 
  "polymorphic-type-descriptor": {
    "type-identifier": "TraceflowObservationDelivered"
  }, 
  "properties": {
    "component_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the component that issued the observation.", 
      "type": "string"
    }, 
    "component_sub_type": {
      "$ref": "TraceflowComponentSubType, 
      "readonly": true, 
      "required": false, 
      "title": "The sub type of the component that issued the observation."
    }, 
    "component_type": {
      "$ref": "TraceflowComponentType, 
      "readonly": true, 
      "required": false, 
      "title": "The type of the component that issued the observation."
    }, 
    "lport_id": {
      "readonly": true, 
      "required": false, 
      "title": "The id of the logical port into which the traceflow packet was delivered", 
      "type": "string"
    }, 
    "lport_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the logical port into which the traceflow packet was delivered", 
      "type": "string"
    }, 
    "resolution_type": {
      "description": "This field specifies the resolution type of ARP ARP_SUPPRESSION_PORT_CACHE - ARP request is suppressed by port DB ARP_SUPPRESSION_TABLE - ARP request is suppressed by ARP table ARP_SUPPRESSION_CP_QUERY - ARP request is suppressed by info derived from CP ARP_VM - No suppression and the ARP request is resolved.", 
      "enum": [
        "UNKNOWN", 
        "ARP_SUPPRESSION_PORT_CACHE", 
        "ARP_SUPPRESSION_TABLE", 
        "ARP_SUPPRESSION_CP_QUERY", 
        "ARP_VM"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "The resolution type of the delivered message for ARP", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "TraceflowObservationType, 
      "default": "TraceflowObservationReceived", 
      "required": true
    }, 
    "sequence_no": {
      "description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.", 
      "readonly": true, 
      "required": true, 
      "title": "the sequence number is the traceflow observation hop count", 
      "type": "integer"
    }, 
    "target_mac": {
      "description": "The source MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.", 
      "readonly": true, 
      "required": false, 
      "title": "MAC address of the resolved IP by ARP", 
      "type": "string"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the observation was created by the transport node (milliseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node"
    }, 
    "timestamp_micro": {
      "description": "Timestamp when the observation was created by the transport node (microseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node", 
      "type": "integer"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": false, 
      "title": "id of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_name": {
      "readonly": true, 
      "required": false, 
      "title": "name of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_type": {
      "$ref": "TransportNodeType, 
      "readonly": true, 
      "required": false, 
      "title": "type of the transport node that observed a traceflow packet"
    }, 
    "vlan_id": {
      "$ref": "VlanID, 
      "required": false, 
      "title": "VLAN on bridged network"
    }
  }, 
  "type": "object"
}

TraceflowObservationDropped (type) 

{
  "extends": {
    "$ref": "TraceflowObservation
  }, 
  "id": "TraceflowObservationDropped", 
  "module_id": "Traceflow", 
  "polymorphic-type-descriptor": {
    "type-identifier": "TraceflowObservationDropped"
  }, 
  "properties": {
    "acl_rule_id": {
      "readonly": true, 
      "required": false, 
      "title": "The id of the acl rule that was applied to drop the traceflow packet", 
      "type": "integer"
    }, 
    "arp_fail_reason": {
      "description": "This field specifies the ARP fails reason ARP_TIMEOUT - ARP failure due to query control plane timeout ARP_CPFAIL - ARP failure due post ARP query message to control plane failure ARP_FROMCP - ARP failure due to deleting ARP entry from control plane ARP_PORTDESTROY - ARP failure due to port destruction ARP_TABLEDESTROY - ARP failure due to ARP table destruction ARP_NETDESTROY - ARP failure due to overlay network destruction", 
      "enum": [
        "ARP_UNKNOWN", 
        "ARP_TIMEOUT", 
        "ARP_CPFAIL", 
        "ARP_FROMCP", 
        "ARP_PORTDESTROY", 
        "ARP_TABLEDESTROY", 
        "ARP_NETDESTROY"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "The detailed drop reason of ARP traceflow packet", 
      "type": "string"
    }, 
    "component_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the component that issued the observation.", 
      "type": "string"
    }, 
    "component_sub_type": {
      "$ref": "TraceflowComponentSubType, 
      "readonly": true, 
      "required": false, 
      "title": "The sub type of the component that issued the observation."
    }, 
    "component_type": {
      "$ref": "TraceflowComponentType, 
      "readonly": true, 
      "required": false, 
      "title": "The type of the component that issued the observation."
    }, 
    "lport_id": {
      "readonly": true, 
      "required": false, 
      "title": "The id of the logical port at which the traceflow packet was dropped", 
      "type": "string"
    }, 
    "lport_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the logical port at which the traceflow packet was dropped", 
      "type": "string"
    }, 
    "reason": {
      "enum": [
        "ARP_FAIL", 
        "BFD", 
        "DHCP", 
        "FW_RULE", 
        "GENEVE", 
        "GRE", 
        "IFACE", 
        "IP", 
        "IP_REASS", 
        "IPSEC", 
        "IPSEC_VTI", 
        "L2VPN", 
        "L4PORT", 
        "LB", 
        "LROUTER", 
        "LSERVICE", 
        "LSWITCH", 
        "MD_PROXY", 
        "NAT", 
        "ND_NS_FAIL", 
        "NEIGH", 
        "NO_EIP_FOUND", 
        "NO_EIP_ASSOCIATION", 
        "NO_ENI_FOR_IP", 
        "NO_ENI_FOR_LIF", 
        "NO_ROUTE", 
        "NO_ROUTE_TABLE_FOUND", 
        "NO_UNDERLAY_ROUTE_FOUND", 
        "NOT_VDR_DOWNLINK,", 
        "NO_VDR_FOUND", 
        "NO_VDR_ON_HOST", 
        "NOT_VDR_UPLINK,", 
        "SERVICE_INSERT", 
        "TTL_ZERO", 
        "TUNNEL", 
        "VXLAN", 
        "VXSTT", 
        "VMC_NO_RESPONSE", 
        "WRONG_UPLINK", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "The reason traceflow packet was dropped", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "TraceflowObservationType, 
      "default": "TraceflowObservationReceived", 
      "required": true
    }, 
    "sequence_no": {
      "description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.", 
      "readonly": true, 
      "required": true, 
      "title": "the sequence number is the traceflow observation hop count", 
      "type": "integer"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the observation was created by the transport node (milliseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node"
    }, 
    "timestamp_micro": {
      "description": "Timestamp when the observation was created by the transport node (microseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node", 
      "type": "integer"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": false, 
      "title": "id of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_name": {
      "readonly": true, 
      "required": false, 
      "title": "name of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_type": {
      "$ref": "TransportNodeType, 
      "readonly": true, 
      "required": false, 
      "title": "type of the transport node that observed a traceflow packet"
    }
  }, 
  "type": "object"
}

TraceflowObservationDroppedLogical (type) 

{
  "extends": {
    "$ref": "TraceflowObservationDropped
  }, 
  "id": "TraceflowObservationDroppedLogical", 
  "module_id": "Traceflow", 
  "polymorphic-type-descriptor": {
    "type-identifier": "TraceflowObservationDroppedLogical"
  }, 
  "properties": {
    "acl_rule_id": {
      "readonly": true, 
      "required": false, 
      "title": "The id of the acl rule that was applied to drop the traceflow packet", 
      "type": "integer"
    }, 
    "arp_fail_reason": {
      "description": "This field specifies the ARP fails reason ARP_TIMEOUT - ARP failure due to query control plane timeout ARP_CPFAIL - ARP failure due post ARP query message to control plane failure ARP_FROMCP - ARP failure due to deleting ARP entry from control plane ARP_PORTDESTROY - ARP failure due to port destruction ARP_TABLEDESTROY - ARP failure due to ARP table destruction ARP_NETDESTROY - ARP failure due to overlay network destruction", 
      "enum": [
        "ARP_UNKNOWN", 
        "ARP_TIMEOUT", 
        "ARP_CPFAIL", 
        "ARP_FROMCP", 
        "ARP_PORTDESTROY", 
        "ARP_TABLEDESTROY", 
        "ARP_NETDESTROY"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "The detailed drop reason of ARP traceflow packet", 
      "type": "string"
    }, 
    "component_id": {
      "readonly": true, 
      "required": false, 
      "title": "The id of the component that dropped the traceflow packet.", 
      "type": "string"
    }, 
    "component_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the component that issued the observation.", 
      "type": "string"
    }, 
    "component_sub_type": {
      "$ref": "TraceflowComponentSubType, 
      "readonly": true, 
      "required": false, 
      "title": "The sub type of the component that issued the observation."
    }, 
    "component_type": {
      "$ref": "TraceflowComponentType, 
      "readonly": true, 
      "required": false, 
      "title": "The type of the component that issued the observation."
    }, 
    "lport_id": {
      "readonly": true, 
      "required": false, 
      "title": "The id of the logical port at which the traceflow packet was dropped", 
      "type": "string"
    }, 
    "lport_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the logical port at which the traceflow packet was dropped", 
      "type": "string"
    }, 
    "reason": {
      "enum": [
        "ARP_FAIL", 
        "BFD", 
        "DHCP", 
        "FW_RULE", 
        "GENEVE", 
        "GRE", 
        "IFACE", 
        "IP", 
        "IP_REASS", 
        "IPSEC", 
        "IPSEC_VTI", 
        "L2VPN", 
        "L4PORT", 
        "LB", 
        "LROUTER", 
        "LSERVICE", 
        "LSWITCH", 
        "MD_PROXY", 
        "NAT", 
        "ND_NS_FAIL", 
        "NEIGH", 
        "NO_EIP_FOUND", 
        "NO_EIP_ASSOCIATION", 
        "NO_ENI_FOR_IP", 
        "NO_ENI_FOR_LIF", 
        "NO_ROUTE", 
        "NO_ROUTE_TABLE_FOUND", 
        "NO_UNDERLAY_ROUTE_FOUND", 
        "NOT_VDR_DOWNLINK,", 
        "NO_VDR_FOUND", 
        "NO_VDR_ON_HOST", 
        "NOT_VDR_UPLINK,", 
        "SERVICE_INSERT", 
        "TTL_ZERO", 
        "TUNNEL", 
        "VXLAN", 
        "VXSTT", 
        "VMC_NO_RESPONSE", 
        "WRONG_UPLINK", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "The reason traceflow packet was dropped", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "TraceflowObservationType, 
      "default": "TraceflowObservationReceived", 
      "required": true
    }, 
    "sequence_no": {
      "description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.", 
      "readonly": true, 
      "required": true, 
      "title": "the sequence number is the traceflow observation hop count", 
      "type": "integer"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the observation was created by the transport node (milliseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node"
    }, 
    "timestamp_micro": {
      "description": "Timestamp when the observation was created by the transport node (microseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node", 
      "type": "integer"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": false, 
      "title": "id of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_name": {
      "readonly": true, 
      "required": false, 
      "title": "name of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_type": {
      "$ref": "TransportNodeType, 
      "readonly": true, 
      "required": false, 
      "title": "type of the transport node that observed a traceflow packet"
    }
  }, 
  "type": "object"
}

TraceflowObservationForwarded (type) 

{
  "extends": {
    "$ref": "TraceflowObservation
  }, 
  "id": "TraceflowObservationForwarded", 
  "module_id": "Traceflow", 
  "polymorphic-type-descriptor": {
    "type-identifier": "TraceflowObservationForwarded"
  }, 
  "properties": {
    "component_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the component that issued the observation.", 
      "type": "string"
    }, 
    "component_sub_type": {
      "$ref": "TraceflowComponentSubType, 
      "readonly": true, 
      "required": false, 
      "title": "The sub type of the component that issued the observation."
    }, 
    "component_type": {
      "$ref": "TraceflowComponentType, 
      "readonly": true, 
      "required": false, 
      "title": "The type of the component that issued the observation."
    }, 
    "context": {
      "required": false, 
      "title": "The 64bit tunnel context carried on the wire", 
      "type": "integer"
    }, 
    "dst_transport_node_id": {
      "description": "This field will not be always available. Use remote_ip_address when this field is not set.", 
      "readonly": true, 
      "required": false, 
      "title": "The id of the transport node to which the traceflow packet is forwarded", 
      "type": "string"
    }, 
    "dst_transport_node_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the transport node to which the traceflow packet is forwarded", 
      "type": "string"
    }, 
    "local_ip_address": {
      "$ref": "IPAddress, 
      "required": false, 
      "title": "IP address of the source end of the tunnel"
    }, 
    "remote_ip_address": {
      "$ref": "IPAddress, 
      "required": false, 
      "title": "IP address of the destination end of the tunnel"
    }, 
    "resource_type": {
      "$ref": "TraceflowObservationType, 
      "default": "TraceflowObservationReceived", 
      "required": true
    }, 
    "sequence_no": {
      "description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.", 
      "readonly": true, 
      "required": true, 
      "title": "the sequence number is the traceflow observation hop count", 
      "type": "integer"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the observation was created by the transport node (milliseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node"
    }, 
    "timestamp_micro": {
      "description": "Timestamp when the observation was created by the transport node (microseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node", 
      "type": "integer"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": false, 
      "title": "id of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_name": {
      "readonly": true, 
      "required": false, 
      "title": "name of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_type": {
      "$ref": "TransportNodeType, 
      "readonly": true, 
      "required": false, 
      "title": "type of the transport node that observed a traceflow packet"
    }, 
    "uplink_name": {
      "required": false, 
      "title": "The name of the uplink the traceflow packet is forwarded on", 
      "type": "string"
    }, 
    "vtep_label": {
      "required": false, 
      "title": "The virtual tunnel endpoint label", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

TraceflowObservationForwardedLogical (type) 

{
  "extends": {
    "$ref": "TraceflowObservation
  }, 
  "id": "TraceflowObservationForwardedLogical", 
  "module_id": "Traceflow", 
  "polymorphic-type-descriptor": {
    "type-identifier": "TraceflowObservationForwardedLogical"
  }, 
  "properties": {
    "acl_rule_id": {
      "readonly": true, 
      "required": false, 
      "title": "The id of the acl rule that was applied to forward the traceflow packet", 
      "type": "integer"
    }, 
    "component_id": {
      "readonly": true, 
      "required": false, 
      "title": "The id of the component that forwarded the traceflow packet.", 
      "type": "string"
    }, 
    "component_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the component that issued the observation.", 
      "type": "string"
    }, 
    "component_sub_type": {
      "$ref": "TraceflowComponentSubType, 
      "readonly": true, 
      "required": false, 
      "title": "The sub type of the component that issued the observation."
    }, 
    "component_type": {
      "$ref": "TraceflowComponentType, 
      "readonly": true, 
      "required": false, 
      "title": "The type of the component that issued the observation."
    }, 
    "dst_component_id": {
      "readonly": true, 
      "required": false, 
      "title": "The id of the destination component to which the traceflow packet was forwarded.", 
      "type": "string"
    }, 
    "dst_component_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the destination component to which the traceflow packet was forwarded.", 
      "type": "string"
    }, 
    "dst_component_type": {
      "$ref": "TraceflowComponentType, 
      "readonly": true, 
      "required": false, 
      "title": "The type of the destination component to which the traceflow packet was forwarded."
    }, 
    "lport_id": {
      "readonly": true, 
      "required": false, 
      "title": "The id of the logical port through which the traceflow packet was forwarded.", 
      "type": "string"
    }, 
    "lport_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the logical port through which the traceflow packet was forwarded.", 
      "type": "string"
    }, 
    "resend_type": {
      "description": "ARP_UNKNOWN_FROM_CP - Unknown ARP query result emitted by control plane ND_NS_UNKNOWN_FROM_CP - Unknown neighbor solicitation query result emitted by control plane UNKNOWN - Unknown resend type", 
      "enum": [
        "UNKNOWN", 
        "ARP_UNKNOWN_FROM_CP", 
        "ND_NS_UNKNWON_FROM_CP"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "The type of packet resending", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "TraceflowObservationType, 
      "default": "TraceflowObservationReceived", 
      "required": true
    }, 
    "sequence_no": {
      "description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.", 
      "readonly": true, 
      "required": true, 
      "title": "the sequence number is the traceflow observation hop count", 
      "type": "integer"
    }, 
    "service_index": {
      "readonly": true, 
      "required": false, 
      "title": "The index of the service insertion component", 
      "type": "integer"
    }, 
    "service_path_index": {
      "readonly": true, 
      "required": false, 
      "title": "The path index of the service insertion component", 
      "type": "integer"
    }, 
    "service_ttl": {
      "readonly": true, 
      "required": false, 
      "title": "The ttl of the service insertion component", 
      "type": "integer"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the observation was created by the transport node (milliseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node"
    }, 
    "timestamp_micro": {
      "description": "Timestamp when the observation was created by the transport node (microseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node", 
      "type": "integer"
    }, 
    "translated_dst_ip": {
      "$ref": "IPAddress, 
      "readonly": true, 
      "required": false, 
      "title": "The translated destination IP address of VNP/NAT"
    }, 
    "translated_src_ip": {
      "$ref": "IPAddress, 
      "readonly": true, 
      "required": false, 
      "title": "The translated source IP address of VPN/NAT"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": false, 
      "title": "id of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_name": {
      "readonly": true, 
      "required": false, 
      "title": "name of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_type": {
      "$ref": "TransportNodeType, 
      "readonly": true, 
      "required": false, 
      "title": "type of the transport node that observed a traceflow packet"
    }, 
    "vni": {
      "readonly": true, 
      "required": false, 
      "title": "VNI for the logical network on which the traceflow packet was forwarded.", 
      "type": "int"
    }
  }, 
  "type": "object"
}

TraceflowObservationListParameters (type) 

{
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "TraceflowObservationListParameters", 
  "module_id": "Traceflow", 
  "properties": {
    "component_name": {
      "description": "Observations of all component names will be listed if not given.", 
      "required": false, 
      "title": "Observations having the given component name will be listed.", 
      "type": "string"
    }, 
    "component_type": {
      "$ref": "TraceflowComponentType, 
      "description": "Observations of all component types will be listed if not given.", 
      "required": false, 
      "title": "Observations having the given component type will be listed."
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "resource_type": {
      "$ref": "TraceflowObservationType, 
      "description": "Prefix matching; e.g. TraceflowObservationReceived will also matches TraceflowObservationReceivedLogical. Observations of all types will be listed if not given.", 
      "required": false, 
      "title": "The type of observations that will be listed."
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "transport_node_name": {
      "description": "Observations of all transport node names will be listed if not given.", 
      "required": false, 
      "title": "Observations having the given transport node name will be listed.", 
      "type": "string"
    }
  }, 
  "title": "Traceflow Observation list parameters", 
  "type": "object"
}

TraceflowObservationListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "TraceflowObservationListResult", 
  "module_id": "Traceflow", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "TraceflowObservation
      }, 
      "required": false, 
      "title": "TraceflowObservation list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

TraceflowObservationReceived (type) 

{
  "extends": {
    "$ref": "TraceflowObservation
  }, 
  "id": "TraceflowObservationReceived", 
  "module_id": "Traceflow", 
  "polymorphic-type-descriptor": {
    "type-identifier": "TraceflowObservationReceived"
  }, 
  "properties": {
    "component_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the component that issued the observation.", 
      "type": "string"
    }, 
    "component_sub_type": {
      "$ref": "TraceflowComponentSubType, 
      "readonly": true, 
      "required": false, 
      "title": "The sub type of the component that issued the observation."
    }, 
    "component_type": {
      "$ref": "TraceflowComponentType, 
      "readonly": true, 
      "required": false, 
      "title": "The type of the component that issued the observation."
    }, 
    "local_ip_address": {
      "$ref": "IPAddress, 
      "required": false, 
      "title": "IP address of the destination end of the tunnel"
    }, 
    "remote_ip_address": {
      "$ref": "IPAddress, 
      "required": false, 
      "title": "IP address of the source end of the tunnel"
    }, 
    "resource_type": {
      "$ref": "TraceflowObservationType, 
      "default": "TraceflowObservationReceived", 
      "required": true
    }, 
    "sequence_no": {
      "description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.", 
      "readonly": true, 
      "required": true, 
      "title": "the sequence number is the traceflow observation hop count", 
      "type": "integer"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the observation was created by the transport node (milliseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node"
    }, 
    "timestamp_micro": {
      "description": "Timestamp when the observation was created by the transport node (microseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node", 
      "type": "integer"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": false, 
      "title": "id of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_name": {
      "readonly": true, 
      "required": false, 
      "title": "name of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_type": {
      "$ref": "TransportNodeType, 
      "readonly": true, 
      "required": false, 
      "title": "type of the transport node that observed a traceflow packet"
    }, 
    "uplink_name": {
      "required": false, 
      "title": "The name of the uplink the traceflow packet is received on", 
      "type": "string"
    }, 
    "vtep_label": {
      "required": false, 
      "title": "The virtual tunnel endpoint label", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

TraceflowObservationReceivedLogical (type) 

{
  "extends": {
    "$ref": "TraceflowObservation
  }, 
  "id": "TraceflowObservationReceivedLogical", 
  "module_id": "Traceflow", 
  "polymorphic-type-descriptor": {
    "type-identifier": "TraceflowObservationReceivedLogical"
  }, 
  "properties": {
    "component_id": {
      "readonly": true, 
      "required": false, 
      "title": "The id of the component that received the traceflow packet.", 
      "type": "string"
    }, 
    "component_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the component that issued the observation.", 
      "type": "string"
    }, 
    "component_sub_type": {
      "$ref": "TraceflowComponentSubType, 
      "readonly": true, 
      "required": false, 
      "title": "The sub type of the component that issued the observation."
    }, 
    "component_type": {
      "$ref": "TraceflowComponentType, 
      "readonly": true, 
      "required": false, 
      "title": "The type of the component that issued the observation."
    }, 
    "lport_id": {
      "readonly": true, 
      "required": false, 
      "title": "The id of the logical port at which the traceflow packet was received", 
      "type": "string"
    }, 
    "lport_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the logical port at which the traceflow packet was received", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "TraceflowObservationType, 
      "default": "TraceflowObservationReceived", 
      "required": true
    }, 
    "sequence_no": {
      "description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.", 
      "readonly": true, 
      "required": true, 
      "title": "the sequence number is the traceflow observation hop count", 
      "type": "integer"
    }, 
    "src_component_id": {
      "readonly": true, 
      "required": false, 
      "title": "The id of the source component from which the traceflow packet was received.", 
      "type": "string"
    }, 
    "src_component_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of source component from which the traceflow packet was received.", 
      "type": "string"
    }, 
    "src_component_type": {
      "$ref": "TraceflowComponentType, 
      "readonly": true, 
      "required": false, 
      "title": "The type of the source component from which the traceflow packet was received."
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the observation was created by the transport node (milliseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node"
    }, 
    "timestamp_micro": {
      "description": "Timestamp when the observation was created by the transport node (microseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node", 
      "type": "integer"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": false, 
      "title": "id of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_name": {
      "readonly": true, 
      "required": false, 
      "title": "name of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_type": {
      "$ref": "TransportNodeType, 
      "readonly": true, 
      "required": false, 
      "title": "type of the transport node that observed a traceflow packet"
    }, 
    "vni": {
      "readonly": true, 
      "required": false, 
      "title": "VNI for the logical network on which the traceflow packet was received.", 
      "type": "int"
    }
  }, 
  "type": "object"
}

TraceflowObservationRelayedLogical (type) 

{
  "extends": {
    "$ref": "TraceflowObservation
  }, 
  "id": "TraceflowObservationRelayedLogical", 
  "module_id": "Traceflow", 
  "polymorphic-type-descriptor": {
    "type-identifier": "TraceflowObservationRelayedLogical"
  }, 
  "properties": {
    "component_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the component that issued the observation.", 
      "type": "string"
    }, 
    "component_sub_type": {
      "$ref": "TraceflowComponentSubType, 
      "readonly": true, 
      "required": false, 
      "title": "The sub type of the component that issued the observation."
    }, 
    "component_type": {
      "$ref": "TraceflowComponentType, 
      "readonly": true, 
      "required": false, 
      "title": "The type of the component that issued the observation."
    }, 
    "dst_server_address": {
      "$ref": "IPAddress, 
      "description": "This field specified the IP address of the destination which the packet will be relayed.", 
      "readonly": true, 
      "required": true, 
      "title": "The IP address of the destination"
    }, 
    "logical_comp_uuid": {
      "description": "This field specified the logical component that relay service located.", 
      "readonly": true, 
      "required": false, 
      "title": "The id of the component which relay service located", 
      "type": "string"
    }, 
    "message_type": {
      "default": "REQUEST", 
      "description": "This field specified the message type of the relay service REQUEST - The relay service will relay a request message to the destination server REPLY - The relay service will relay a reply message to the client", 
      "enum": [
        "REQUEST", 
        "REPLY"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "The type of the relay service", 
      "type": "string"
    }, 
    "relay_server_address": {
      "$ref": "IPAddress, 
      "description": "This field specified the IP address of the relay service.", 
      "readonly": true, 
      "required": true, 
      "title": "The IP address of relay service"
    }, 
    "resource_type": {
      "$ref": "TraceflowObservationType, 
      "default": "TraceflowObservationReceived", 
      "required": true
    }, 
    "sequence_no": {
      "description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.", 
      "readonly": true, 
      "required": true, 
      "title": "the sequence number is the traceflow observation hop count", 
      "type": "integer"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the observation was created by the transport node (milliseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node"
    }, 
    "timestamp_micro": {
      "description": "Timestamp when the observation was created by the transport node (microseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node", 
      "type": "integer"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": false, 
      "title": "id of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_name": {
      "readonly": true, 
      "required": false, 
      "title": "name of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_type": {
      "$ref": "TransportNodeType, 
      "readonly": true, 
      "required": false, 
      "title": "type of the transport node that observed a traceflow packet"
    }
  }, 
  "type": "object"
}

TraceflowObservationReplicationLogical (type) 

{
  "extends": {
    "$ref": "TraceflowObservation
  }, 
  "id": "TraceflowObservationReplicationLogical", 
  "module_id": "Traceflow", 
  "polymorphic-type-descriptor": {
    "type-identifier": "TraceflowObservationReplicationLogical"
  }, 
  "properties": {
    "component_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of the component that issued the observation.", 
      "type": "string"
    }, 
    "component_sub_type": {
      "$ref": "TraceflowComponentSubType, 
      "readonly": true, 
      "required": false, 
      "title": "The sub type of the component that issued the observation."
    }, 
    "component_type": {
      "$ref": "TraceflowComponentType, 
      "readonly": true, 
      "required": false, 
      "title": "The type of the component that issued the observation."
    }, 
    "local_ip_address": {
      "$ref": "IPAddress, 
      "readonly": true, 
      "required": false, 
      "title": "Local IP address of the component that replicates the packet."
    }, 
    "replication_type": {
      "description": "This field specifies the type of replication message TX_VTEP - Transmit replication to all VTEPs TX_MTEP - Transmit replication to all MTEPs RX - Receive replication", 
      "enum": [
        "TX_VTEP", 
        "TX_MTEP", 
        "RX"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "The replication type of the message", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "TraceflowObservationType, 
      "default": "TraceflowObservationReceived", 
      "required": true
    }, 
    "sequence_no": {
      "description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.", 
      "readonly": true, 
      "required": true, 
      "title": "the sequence number is the traceflow observation hop count", 
      "type": "integer"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the observation was created by the transport node (milliseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node"
    }, 
    "timestamp_micro": {
      "description": "Timestamp when the observation was created by the transport node (microseconds epoch)", 
      "readonly": true, 
      "required": false, 
      "title": "Timestamp when the observation was created by the transport node", 
      "type": "integer"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": false, 
      "title": "id of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_name": {
      "readonly": true, 
      "required": false, 
      "title": "name of the transport node that observed a traceflow packet", 
      "type": "string"
    }, 
    "transport_node_type": {
      "$ref": "TransportNodeType, 
      "readonly": true, 
      "required": false, 
      "title": "type of the transport node that observed a traceflow packet"
    }, 
    "uplink_name": {
      "readonly": true, 
      "required": false, 
      "title": "The name of uplink", 
      "type": "string"
    }, 
    "vtep_label": {
      "readonly": true, 
      "required": false, 
      "title": "The label of VTEP", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

TraceflowObservationType (type) 

{
  "enum": [
    "TraceflowObservationForwarded", 
    "TraceflowObservationDropped", 
    "TraceflowObservationDelivered", 
    "TraceflowObservationReceived", 
    "TraceflowObservationForwardedLogical", 
    "TraceflowObservationDroppedLogical", 
    "TraceflowObservationReceivedLogical", 
    "TraceflowObservationReplicationLogical", 
    "TraceflowObservationRelayedLogical"
  ], 
  "id": "TraceflowObservationType", 
  "module_id": "Traceflow", 
  "type": "string"
}

TraceflowRequest (type) 

{
  "id": "TraceflowRequest", 
  "module_id": "Traceflow", 
  "properties": {
    "lport_id": {
      "required": true, 
      "title": "id of the source logical port to inject the traceflow packet into", 
      "type": "string"
    }, 
    "packet": {
      "$ref": "PacketData, 
      "required": true, 
      "title": "Packet configuration"
    }, 
    "timeout": {
      "default": 10000, 
      "description": "Maximum time (in ms) the management plane will wait for observation result list to be sent by controller plane.", 
      "maximum": 15000, 
      "minimum": 5000, 
      "required": false, 
      "title": "Timeout (in ms) for traceflow observations result list", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

TrafficRateLimits (type) 

{
  "description": "Enables traffic limit for incoming/outgoing broadcast and multicast packets. Use 0 to disable rate limiting for a specific traffic type", 
  "id": "TrafficRateLimits", 
  "module_id": "PolicySegmentSecurity", 
  "properties": {
    "rx_broadcast": {
      "default": 0, 
      "description": "Incoming broadcast traffic limit in packets per second", 
      "minimum": 0, 
      "readonly": false, 
      "required": false, 
      "title": "Broadcast receive limit", 
      "type": "int"
    }, 
    "rx_multicast": {
      "default": 0, 
      "description": "Incoming multicast traffic limit in packets per second", 
      "minimum": 0, 
      "readonly": false, 
      "required": false, 
      "title": "Multicast receive limit", 
      "type": "int"
    }, 
    "tx_broadcast": {
      "default": 0, 
      "description": "Outgoing broadcast traffic limit in packets per second", 
      "minimum": 0, 
      "readonly": false, 
      "required": false, 
      "title": "Broadcast transmit limit", 
      "type": "int"
    }, 
    "tx_multicast": {
      "default": 0, 
      "description": "Outgoing multicast traffic limit in packets per second", 
      "minimum": 0, 
      "readonly": false, 
      "required": false, 
      "title": "Multicast transmit limit", 
      "type": "int"
    }
  }, 
  "title": "Rate limiting configuration", 
  "type": "object"
}

TransportNode (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "TransportNode", 
  "module_id": "TransportNode", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "failure_domain_id": {
      "description": "Set failure domain of edge transport node which will help in auto placement of TIER1 logical routers, DHCP Servers and MDProxies, if failure domain based allocation is enabled in edge cluster API. It is only supported for edge transport node and not for host transport node. In case failure domain is not set by user explicitly, it will be always assigned with default system created failure domain.", 
      "required": false, 
      "title": "Id of the failure domain", 
      "type": "string"
    }, 
    "host_switch_spec": {
      "$ref": "HostSwitchSpec, 
      "description": "This property is used to either create standard host switches or to inform NSX about preconfigured host switches that already exist on the transport node.  Pass an array of either StandardHostSwitchSpec objects or PreconfiguredHostSwitchSpec objects. It is an error to pass an array containing different types of HostSwitchSpec objects.", 
      "required": false, 
      "title": "Transport node host switch specification"
    }, 
    "host_switches": {
      "deprecated": true, 
      "description": "This property is deprecated in favor of 'host_switch_spec'. Property 'host_switches' can only be used for NSX managed transport nodes. 'host_switch_spec' can be used for both NSX managed or manually preconfigured host switches.", 
      "items": {
        "$ref": "HostSwitch
      }, 
      "required": false, 
      "title": "Transport Node switch(s). Prefer host_switch_spec over this.", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_overridden": {
      "description": "This flag is relevant to only those hosts which are part of a compute collection which has transport node profile (TNP) applied on it. If you change the transport node configuration and it is different than cluster level TNP then this flag will be set to true", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates if config is different than compute collection.", 
      "type": "boolean"
    }, 
    "maintenance_mode": {
      "description": "The property is read-only, used for querying result. User could update transport node maintenance mode by UpdateTransportNodeMaintenanceMode call.", 
      "enum": [
        "ENABLED", 
        "FORCE_ENABLED", 
        "DISABLED"
      ], 
      "readonly": true, 
      "title": "transport node maintenance mode desired state", 
      "type": "string"
    }, 
    "node_deployment_info": {
      "$ref": "Node, 
      "required": false
    }, 
    "node_id": {
      "required": false, 
      "title": "Unique Id of the fabric node", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_zone_endpoints": {
      "items": {
        "$ref": "TransportZoneEndPoint
      }, 
      "required": false, 
      "title": "Transport zone endpoints.", 
      "type": "array"
    }
  }, 
  "title": "Transport Node", 
  "type": "object"
}

TransportNodeCollection (type) 

{
  "description": "Entity to indicate relation between Compute collection and Transport node template", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "TransportNodeCollection", 
  "module_id": "TransportNodeCollection", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "compute_collection_id": {
      "required": true, 
      "title": "Compute collection id", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_node_profile_id": {
      "required": true, 
      "title": "Transport Node Profile ID", 
      "type": "string"
    }
  }, 
  "title": "Compute collection transport node template", 
  "type": "object"
}

TransportNodeCollectionListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "TransportNodeCollectionListResult", 
  "module_id": "TransportNodeCollection", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "TransportNodeCollection
      }, 
      "readonly": true, 
      "title": "Transport Node collection results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Transport Node collections list result", 
  "type": "object"
}

TransportNodeCollectionState (type) 

{
  "additionalProperties": false, 
  "description": "Realization state of attaching or detaching Transport node profile on compute collection.", 
  "id": "TransportNodeCollectionState", 
  "module_id": "TransportNodeCollection", 
  "properties": {
    "aggregate_progress_percentage": {
      "description": "Average of all transport node deployment progress in a cluster. Applicable only if transport node profile is applied on a cluster.", 
      "readonly": true, 
      "required": false, 
      "title": "Aggregate percentage of compute collection deployment", 
      "type": "integer"
    }, 
    "state": {
      "description": "If the host preparation or transport node creation is going on for any host then state will be \"IN_PROGRESS\".  If setting desired state of the transport node failed for any of the host then state will be \"FAILED_TO_CREATE\"  If realization of transport node failed for any of the host then state will be \"FAILED_TO_REALIZE\"  If Transport node is successfully created for all of the hosts in compute collection then state will be \"SUCCESS\"  You can override the configuration for one or more hosts in the compute collection by update TN(transport node) request on individual TN. If TN is successfully created for all hosts in compute collection and one or more hosts have overridden configuration then transport node collection state will be \"PROFILE_MISMATCH\".", 
      "enum": [
        "FAILED_TO_CREATE", 
        "FAILED_TO_REALIZE", 
        "IN_PROGRESS", 
        "PROFILE_MISMATCH", 
        "SUCCESS"
      ], 
      "readonly": true, 
      "title": "Application state of transport node template on compute collection", 
      "type": "string"
    }
  }, 
  "title": "Transport node template application state", 
  "type": "object"
}

TransportNodeDeleteParameters (type) 

{
  "additionalProperties": {}, 
  "extends": {
    "$ref": "DeleteRequestParameters
  }, 
  "id": "TransportNodeDeleteParameters", 
  "module_id": "TransportNodeLcm", 
  "properties": {
    "force": {
      "default": false, 
      "description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.", 
      "title": "Force delete the resource even if it is being used somewhere\n", 
      "type": "boolean"
    }, 
    "unprepare_host": {
      "default": true, 
      "required": false, 
      "title": "Uninstall NSX components from host while deleting", 
      "type": "boolean"
    }
  }, 
  "title": "Parameters that affect how delete operations are processed", 
  "type": "object"
}

TransportNodeDeploymentProgressState (type) 

{
  "description": "Deployment progress state of transport node. Object has current deployment step title and progress in percentage.", 
  "id": "TransportNodeDeploymentProgressState", 
  "module_id": "TransportNode", 
  "properties": {
    "current_step_title": {
      "readonly": true, 
      "required": false, 
      "title": "Deployment step title", 
      "type": "string"
    }, 
    "progress": {
      "readonly": true, 
      "required": false, 
      "title": "Percentage of deployment completed", 
      "type": "integer"
    }
  }, 
  "title": "Deployment progress of transport node", 
  "type": "object"
}

TransportNodeFilter (type) 

{
  "additionalProperties": false, 
  "description": "Transport node filter", 
  "id": "TransportNodeFilter", 
  "module_id": "Heatmap", 
  "properties": {
    "node_type": {
      "description": "Transport node type", 
      "enum": [
        "HOST", 
        "EDGE"
      ], 
      "title": "Transport node type", 
      "type": "string"
    }
  }, 
  "title": "Transport node filter", 
  "type": "object"
}

TransportNodeIdParameters (type) 

{
  "extends": {
    "$ref": "DataSourceParameters
  }, 
  "id": "TransportNodeIdParameters", 
  "module_id": "AggSvcL2Types", 
  "properties": {
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }, 
    "transport_node_id": {
      "required": false, 
      "title": "TransportNode Id", 
      "type": "string"
    }
  }, 
  "type": "object"
}

TransportNodeListParameters (type) 

{
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "TransportNodeListParameters", 
  "module_id": "TransportNode", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "in_maintenance_mode": {
      "description": "If the flag is true, transport node with 'ENABLED' or 'FORCE_ENABLED' desired state will be returned, otherwise transport nodes in 'DISABLED' will be returned.", 
      "required": false, 
      "title": "maintenance mode flag", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "node_id": {
      "description": "This property can be used by itself or along with 'transport_zone_id'.", 
      "required": false, 
      "title": "node identifier", 
      "type": "string"
    }, 
    "node_ip": {
      "description": "This property can only be used alone. It can not be combined with other filtering properties.", 
      "required": false, 
      "title": "Fabric node IP address", 
      "type": "string"
    }, 
    "node_types": {
      "description": "The fabric node type is the resource_type of the Node such as HostNode, EdgeNode and PublicCloudGatewayNode. If a list of fabric node types are given, all transport nodes of all given types will be returned.", 
      "required": false, 
      "title": "a list of fabric node types separated by comma or a single type", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "transport_zone_id": {
      "description": "This propery can be used along with 'node_id'.", 
      "required": false, 
      "title": "Transport zone identifier", 
      "type": "string"
    }
  }, 
  "title": "Transport Node list parameters", 
  "type": "object"
}

TransportNodeListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "TransportNodeListResult", 
  "module_id": "TransportNode", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "TransportNode
      }, 
      "readonly": true, 
      "required": false, 
      "title": "TransportNode Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Transport Node queries result", 
  "type": "object"
}

TransportNodeProfile (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "TransportNodeProfile", 
  "module_id": "TransportNodeProfile", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "host_switch_spec": {
      "$ref": "HostSwitchSpec, 
      "description": "The HostSwitchSpec is the base class for standard and preconfigured host switch specifications. Only standard host switches are supported in the transport node profile.", 
      "required": false, 
      "title": "Transport node host switch specification"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_zone_endpoints": {
      "items": {
        "$ref": "TransportZoneEndPoint
      }, 
      "required": false, 
      "title": "Transport zone endpoints.", 
      "type": "array"
    }
  }, 
  "title": "Transport Node Profile", 
  "type": "object"
}

TransportNodeProfileListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "TransportNodeProfileListResult", 
  "module_id": "TransportNodeProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "TransportNodeProfile
      }, 
      "readonly": true, 
      "required": false, 
      "title": "TransportNodeProfile Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Transport Node Profile queries result", 
  "type": "object"
}

TransportNodeReportParameters (type) 

{
  "extends": {
    "$ref": "DataSourceParameters
  }, 
  "id": "TransportNodeReportParameters", 
  "module_id": "Heatmap", 
  "properties": {
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }, 
    "status": {
      "enum": [
        "UP", 
        "DOWN", 
        "DEGRADED"
      ], 
      "title": "Transport node", 
      "type": "string"
    }
  }, 
  "type": "object"
}

TransportNodeState (type) 

{
  "extends": {
    "$ref": "ConfigurationState
  }, 
  "id": "TransportNodeState", 
  "module_id": "TransportNode", 
  "properties": {
    "deployment_progress_state": {
      "$ref": "TransportNodeDeploymentProgressState, 
      "readonly": true, 
      "required": false, 
      "title": "Deployment progress state of transport node realization"
    }, 
    "details": {
      "items": {
        "$ref": "ConfigurationStateElement
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Array of configuration state of various sub systems", 
      "type": "array"
    }, 
    "failure_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code", 
      "type": "integer"
    }, 
    "failure_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message in case of failure", 
      "type": "string"
    }, 
    "host_switch_states": {
      "items": {
        "$ref": "HostSwitchState
      }, 
      "readonly": true, 
      "title": "States of HostSwitches on the host", 
      "type": "array"
    }, 
    "maintenance_mode_state": {
      "$ref": "MaintenanceModeState, 
      "readonly": true, 
      "title": "the present realized maintenance mode state"
    }, 
    "node_deployment_state": {
      "$ref": "ConfigurationState, 
      "readonly": true, 
      "title": "Deployment status of installation"
    }, 
    "state": {
      "description": "Gives details of state of desired configuration. Please note, failed state is deprecated. Additional enums with more details on progress/success/ error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures.", 
      "enum": [
        "pending", 
        "in_progress", 
        "success", 
        "failed", 
        "partial_success", 
        "orphaned", 
        "unknown", 
        "error", 
        "NOT_AVAILABLE", 
        "VM_DEPLOYMENT_QUEUED", 
        "VM_DEPLOYMENT_IN_PROGRESS", 
        "VM_DEPLOYMENT_FAILED", 
        "VM_POWER_ON_IN_PROGRESS", 
        "VM_POWER_ON_FAILED", 
        "REGISTRATION_PENDING", 
        "NODE_NOT_READY", 
        "NODE_READY", 
        "VM_POWER_OFF_IN_PROGRESS", 
        "VM_POWER_OFF_FAILED", 
        "VM_UNDEPLOY_IN_PROGRESS", 
        "VM_UNDEPLOY_FAILED", 
        "VM_UNDEPLOY_SUCCESSFUL", 
        "EDGE_CONFIG_ERROR", 
        "VM_DEPLOYMENT_RESTARTED", 
        "REGISTRATION_FAILED", 
        "TRANSPORT_NODE_SYNC_PENDING", 
        "TRANSPORT_NODE_CONFIGURATION_MISSING", 
        "EDGE_HARDWARE_NOT_SUPPORTED", 
        "MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED", 
        "TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER", 
        "TZ_ENDPOINTS_NOT_SPECIFIED", 
        "NO_PNIC_PREPARED_IN_EDGE", 
        "APPLIANCE_INTERNAL_ERROR", 
        "VTEP_DHCP_NOT_SUPPORTED", 
        "UNSUPPORTED_HOST_SWITCH_PROFILE", 
        "UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED", 
        "HOSTSWITCH_PROFILE_NOT_FOUND", 
        "LLDP_SEND_ENABLED_NOT_SUPPORTED", 
        "UNSUPPORTED_NAMED_TEAMING_POLICY", 
        "LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM", 
        "LACP_NOT_SUPPORTED_FOR_EDGE_VM", 
        "STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM", 
        "MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE", 
        "UNSUPPORTED_LACP_LB_ALGO_FOR_NODE", 
        "EDGE_NODE_VERSION_NOT_SUPPORTED", 
        "NO_PNIC_SPECIFIED_IN_TN", 
        "INVALID_PNIC_DEVICE_NAME", 
        "TRANSPORT_NODE_READY", 
        "VM_NETWORK_EDIT_PENDING", 
        "UNSUPPORTED_DEFAULT_TEAMING_POLICY", 
        "MPA_DISCONNECTED", 
        "VM_RENAME_PENDING", 
        "VM_CONFIG_EDIT_PENDING", 
        "VM_NETWORK_EDIT_FAILED", 
        "VM_RENAME_FAILED", 
        "VM_CONFIG_EDIT_FAILED", 
        "VM_CONFIG_DISCREPANCY", 
        "VM_NODE_REFRESH_FAILED", 
        "VM_PLACEMENT_REFRESH_FAILED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Overall state of desired configuration", 
      "type": "string"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "title": "Unique Id of the TransportNode", 
      "type": "string"
    }
  }, 
  "title": "Transport Node State", 
  "type": "object"
}

TransportNodeStateListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "TransportNodeStateListResult", 
  "module_id": "TransportNode", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "TransportNodeState
      }, 
      "readonly": true, 
      "title": "Transport Node State Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Transport node state queries result", 
  "type": "object"
}

TransportNodeStateParameters (type) 

{
  "additionalProperties": false, 
  "id": "TransportNodeStateParameters", 
  "module_id": "TransportNode", 
  "properties": {
    "mm_state": {
      "$ref": "MaintenanceModeState, 
      "required": false, 
      "title": "Realized maintenance node state"
    }, 
    "status": {
      "enum": [
        "PENDING", 
        "IN_PROGRESS", 
        "SUCCESS", 
        "PARTIAL_SUCCESS", 
        "FAILED", 
        "ORPHANED"
      ], 
      "required": false, 
      "title": "Realized state of transport nodes", 
      "type": "string"
    }, 
    "vtep_ip": {
      "required": false, 
      "title": "Virtual tunnel endpoint ip address of transport node", 
      "type": "string"
    }
  }, 
  "type": "object"
}

TransportNodeStatus (type) 

{
  "additionalProperties": false, 
  "id": "TransportNodeStatus", 
  "module_id": "Heatmap", 
  "properties": {
    "agent_status": {
      "$ref": "AgentStatusCount, 
      "title": "NSX agents status"
    }, 
    "control_connection_status": {
      "$ref": "StatusCount, 
      "title": "Control connection status"
    }, 
    "mgmt_connection_status": {
      "enum": [
        "UP", 
        "DOWN"
      ], 
      "title": "Management connection status", 
      "type": "string"
    }, 
    "node_display_name": {
      "description": "Transport node display name", 
      "title": "Display name", 
      "type": "string"
    }, 
    "node_status": {
      "$ref": "NodeStatus, 
      "title": "Node status"
    }, 
    "node_uuid": {
      "title": "Transport node uuid", 
      "type": "string"
    }, 
    "pnic_status": {
      "$ref": "StatusCount, 
      "title": "pNIC status"
    }, 
    "status": {
      "description": "Roll-up status of pNIC, management connection, control connection, tunnel status, agent status", 
      "enum": [
        "UP", 
        "DOWN", 
        "DEGRADED", 
        "UNKNOWN"
      ], 
      "title": "Roll-up status of connections", 
      "type": "string"
    }, 
    "threat_status": {
      "$ref": "ThreatStatus, 
      "title": "Threat status"
    }, 
    "tunnel_status": {
      "$ref": "TunnelStatusCount, 
      "title": "Tunnel Status"
    }
  }, 
  "type": "object"
}

TransportNodeStatusListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "TransportNodeStatusListResult", 
  "module_id": "Heatmap", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "TransportNodeStatus
      }, 
      "title": "List of transport node statuses", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

TransportNodeStatusParametersWithDataSource (type) 

{
  "extends": {
    "$ref": "ListWithDataSourceParameters
  }, 
  "id": "TransportNodeStatusParametersWithDataSource", 
  "module_id": "Heatmap", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "source": {
      "$ref": "DataSourceType, 
      "required": false, 
      "title": "The data source, either realtime or cached. If not provided, cached data is returned."
    }, 
    "status": {
      "description": "Rolled-up status of pNIC, management connection, control connection, tunnel status and agent status. UP means all of these are up; DOWN represents the state when pNIC or agent status is down. DEGRADED status here represents the state for a node when its pNIC bond status is DEGRADED, or, its Control connection status is either DEGRADED or DOWN. UNKNOWN is the case when both control connection, tunnel and agent status are unknown. If none of these conditions are true, the node status is considered DOWN.", 
      "enum": [
        "UP", 
        "DOWN", 
        "DEGRADED", 
        "UNKNOWN"
      ], 
      "title": "Transport node", 
      "type": "string"
    }
  }, 
  "type": "object"
}

TransportNodeTemplateListParameters (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.", 
  "id": "TransportNodeTemplateListParameters", 
  "module_id": "TransportNode", 
  "nsx_feature": "AutoTn", 
  "properties": {
    "compute_collection_id": {
      "required": false, 
      "title": "Compute collection id", 
      "type": "string"
    }
  }, 
  "type": "object"
}

TransportNodeTemplateListResult (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "TransportNodeTemplateListResult", 
  "module_id": "TransportNode", 
  "nsx_feature": "AutoTn", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "ComputeCollectionTransportNodeTemplate
      }, 
      "readonly": true, 
      "title": "Compute collection transport node template results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Compute collection transport node template list result", 
  "type": "object"
}

TransportNodeTemplateState (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.", 
  "id": "TransportNodeTemplateState", 
  "module_id": "TransportNode", 
  "nsx_feature": "AutoTn", 
  "properties": {
    "node_id": {
      "required": true, 
      "title": "node id", 
      "type": "string"
    }, 
    "state": {
      "description": "Transport node template state on individual hosts of ComputeCollection which enabled automated transport code creation. 'FAILED_TO_CREATE' means transport node isn't created. 'IN_PROGRESS' means transport node is in progress of creation. 'FAILED_TO_REALIZE' means transport node has been created, but failed on host realization, it will repush to host by NSX later. 'SUCCESS' means transport node creation is succeeded.", 
      "enum": [
        "FAILED_TO_CREATE", 
        "IN_PROGRESS", 
        "FAILED_TO_REALIZE", 
        "SUCCESS"
      ], 
      "readonly": true, 
      "title": "Application state of transport node template on this host", 
      "type": "string"
    }, 
    "transport_node_id": {
      "required": false, 
      "title": "transport node id", 
      "type": "string"
    }
  }, 
  "title": "transport node template application state", 
  "type": "object"
}

TransportNodeTemplateStateParameters (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "TransportNodeTemplateStateParameters", 
  "module_id": "TransportNode", 
  "nsx_feature": "AutoTn", 
  "properties": {
    "compute_collection_id": {
      "required": false, 
      "title": "Compute collection id", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Transport node template state parameters", 
  "type": "object"
}

TransportNodeType (type) 

{
  "enum": [
    "ESX", 
    "RHELKVM", 
    "UBUNTUKVM", 
    "EDGE", 
    "PUBLIC_CLOUD_GATEWAY_NODE", 
    "OTHERS", 
    "HYPERV"
  ], 
  "id": "TransportNodeType", 
  "module_id": "Traceflow", 
  "type": "string"
}

TransportNodeUpdateParameters (type) 

{
  "additionalProperties": false, 
  "description": "Transport node update parameters are mainly used for migrating ESX VMkernel (vmk) interfaces and VM NICs into or out-of logical switches. The 'esx_mgmt_if_migration_dest' and 'if_id' must be used as a pair to migrate vmk interfaces; they can not be used to migrate VM NICs. NSX manager will auto-create logical ports and vif ids for the vmk interfaces when they are used to migrate vmks into logical switches. The 'vnic' and 'vnic_migration_dest' must also be used as a pair; they can be used to migrate both vmk interfaces and VM NICs. When they are used to migrate interfaces into logical switches, logical ports and vif ids must be created in advance because 'vnic_migration_dest' must contain existing vif ids. These two paires can not be specified together.", 
  "id": "TransportNodeUpdateParameters", 
  "module_id": "TransportNode", 
  "properties": {
    "esx_mgmt_if_migration_dest": {
      "description": "A comma separated list of network ids. When migrating vmks into logical switches, the ids are the logical switches's ids. When migrating out of logical switches, the ids are vSphere Standard Switch portgroup names in a single vSphere Standard Switch, or distributed virtual portgroup names in a single distributed virtual switch (DVS). This property can only used together with 'if_id'.", 
      "required": false, 
      "title": "The network ids to which the ESX vmk interfaces will be migrated", 
      "type": "string"
    }, 
    "if_id": {
      "description": "A comma separated list of vmk interfaces (for example, vmk0,vmk1). This property can only used along with 'esx_mgmt_if_migration_dest'. If all vmk interfaces will be migrated into the same logical switch or DV portgroup, the 'esx_mgmt_if_migration_dest' can be just one logical switch id or DV portgroup name. Otherwise the number of vmks in this list must equal the number of ids in 'esx_mgmt_if_migration_dest' list, and the orders of the two lists are important because the vmks match the network ids one by one in the same order.", 
      "required": false, 
      "title": "The ESX vmk interfaces to migrate", 
      "type": "string"
    }, 
    "ping_ip": {
      "description": "A comma separated list of IP addresses that match the vmk interfaces given in property 'if_id\" or 'vnic' one-by-one in the same order. '0.0.0.0' is a special IP that indicates the pre-migration gateway of the vmk will be pinged post-migration. If a VMK does not need the ping ip or a VM NIC is given inside 'vnic', the ping ip must be skipped but the comma has to stay. For example, '0.0.0.0,,10.1.1.1' indicates the vmk or VM NIC at the 2nd position does not need ping post-migration. Right after all ESX vmk interfaces are migrated, ping packets will be sent through each vmk to its given ping_ip to check if the migraton will break the network connectivity or not. If any vmk_ping fails, the whole migration of all vmks will be rolled back and transport-node will be in failed state.", 
      "required": false, 
      "title": "IP Addresses to ping right after ESX vmk interfaces were migrated.", 
      "type": "string"
    }, 
    "vnic": {
      "description": "A comma separated list of vmk interfaces and/or one VM NIC. Only one VM NIC is allowed in the list; the format must be vmInstanceUuid:DeviceId like '50ca5f2d-1fa2-432d-991e-f01e0e16d182:4000'. An example list is 'vmk0,vmk1,50ca5f2d-1fa2-432d-991e-f01e0e16d182:4000'. The property can only be used along with 'vnic_migration_dest'.", 
      "required": false, 
      "title": "The ESX vmk interfaces and/or VM NIC to migrate", 
      "type": "string"
    }, 
    "vnic_migration_dest": {
      "description": "A comma separated list of vif ids, or port group names. When migrating into logical switches, the ids are vif ids in the logical ports created in the logical switches. When migrating out of logical switches, the ids are vSphere Standard Switch portgroup names in a single vSphere Standard Switch, or distributed virtual portgroup names in a single distributed virtual switch (DVS). The property can only be used in combination with property 'vnic'. The number of vnic interfaces in 'vnic' must equal the number of vif ids or port-group names in this list. The items in the two lists match by the the order.", 
      "required": false, 
      "title": "The migration destinations of ESX vmk interfaces and/or VM NIC", 
      "type": "string"
    }
  }, 
  "title": "Transport node update parameters", 
  "type": "object"
}

TransportProtocolHeader (type) 

{
  "additionalProperties": false, 
  "id": "TransportProtocolHeader", 
  "module_id": "Traceflow", 
  "properties": {
    "dhcp_header": {
      "$ref": "DhcpHeader, 
      "required": false, 
      "title": "DHCP header"
    }, 
    "dhcpv6_header": {
      "$ref": "Dhcpv6Header, 
      "required": false, 
      "title": "DHCP v6 header"
    }, 
    "dns_header": {
      "$ref": "DnsHeader, 
      "required": false, 
      "title": "DNS header"
    }, 
    "icmp_echo_request_header": {
      "$ref": "IcmpEchoRequestHeader, 
      "required": false, 
      "title": "ICMP echo request header"
    }, 
    "ndp_header": {
      "$ref": "NdpHeader, 
      "required": false, 
      "title": "Neighbor discovery protocol header"
    }, 
    "tcp_header": {
      "$ref": "TcpHeader, 
      "required": false, 
      "title": "TCP header"
    }, 
    "udp_header": {
      "$ref": "UdpHeader, 
      "required": false, 
      "title": "UDP header"
    }
  }, 
  "type": "object"
}

TransportTunnelResourceType (type) 

{
  "additionalProperties": false, 
  "enum": [
    "IPSecVPNTransportStatus"
  ], 
  "id": "TransportTunnelResourceType", 
  "module_id": "L2VPNStatistics", 
  "title": "Resource types of L2VPN Transport tunnels", 
  "type": "string"
}

TransportType (type) 

{
  "enum": [
    "OVERLAY", 
    "VLAN"
  ], 
  "id": "TransportType", 
  "module_id": "Switching", 
  "type": "string"
}

TransportZone (type) 

{
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "TransportZone", 
  "module_id": "TransportZone", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "host_switch_id": {
      "readonly": true, 
      "required": false, 
      "title": "the host switch id generated by the system.", 
      "type": "string"
    }, 
    "host_switch_mode": {
      "default": "STANDARD", 
      "description": "STANDARD mode applies to all the hypervisors. ENS mode stands for Enhanced Networking Stack. This feature is only available for ESX hypervisor. It is not available on KVM, EDGE and Public Cloud Gateway etc. When a Transport Zone mode is set to ENS, only Transport Nodes of type ESX can participate in such a Transport Zone.", 
      "enum": [
        "STANDARD", 
        "ENS"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Operational mode of Transport Zone.", 
      "type": "string"
    }, 
    "host_switch_name": {
      "default": "nsxDefaultHostSwitch", 
      "description": "If this name is unset or empty then the default host switch name will be used.", 
      "required": false, 
      "title": "Name of the host switch on all transport nodes in this transport zone that will be used to run NSX network traffic.", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_default": {
      "default": false, 
      "description": "Only one transport zone can be the default one for a given transport zone type. APIs that need transport zone can choose to use the default transport zone if a transport zone is not given by the user.", 
      "title": "Flag to indicate if the transport zone is the default one.", 
      "type": "boolean"
    }, 
    "nested_nsx": {
      "default": false, 
      "description": "The flag only need to be set in nested NSX environment.", 
      "required": false, 
      "title": "Flag to indicate if transport nodes in this transport zone are connected through nested NSX.", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_type": {
      "$ref": "TransportType, 
      "required": true, 
      "title": "The transport type of this transport zone."
    }, 
    "transport_zone_profile_ids": {
      "items": {
        "$ref": "TransportZoneProfileTypeIdEntry
      }, 
      "required": false, 
      "title": "Identifiers of the transport zone profiles associated with this TransportZone.", 
      "type": "array"
    }, 
    "uplink_teaming_policy_names": {
      "description": "The names of switching uplink teaming policies that all transport nodes in this transport zone must support. An exception will be thrown if a transport node within the transport zone does not support a named teaming policy. The user will need to first ensure all trasnport nodes support the desired named teaming policy before assigning it to the transport zone. If the field is not specified, the host switch's default teaming policy will be used.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Names of the switching uplink teaming policies that are supported by this transport zone.", 
      "type": "array"
    }
  }, 
  "type": "object"
}

TransportZoneEndPoint (type) 

{
  "description": "Specify which HostSwitch from this TransportNode is used handle traffic for given TransportZone", 
  "id": "TransportZoneEndPoint", 
  "module_id": "TransportNode", 
  "properties": {
    "transport_zone_id": {
      "required": true, 
      "title": "Unique ID identifying the transport zone for this endpoint", 
      "type": "string"
    }, 
    "transport_zone_profile_ids": {
      "items": {
        "$ref": "TransportZoneProfileTypeIdEntry
      }, 
      "required": false, 
      "title": "Identifiers of the transport zone profiles associated with this transport zone endpoint on this transport node.", 
      "type": "array"
    }
  }, 
  "title": "This object associates TransportNode to a certain TransportZone", 
  "type": "object"
}

TransportZoneInfo (type) 

{
  "additionalProperties": false, 
  "id": "TransportZoneInfo", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "is_underlay_transport_zone": {
      "readonly": true, 
      "required": false, 
      "title": "Flag to identify if this is the underlay transport zone", 
      "type": "boolean"
    }, 
    "logical_switches": {
      "items": {
        "$ref": "LogicalSwitchInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Logical switches for the transport zone", 
      "type": "array"
    }, 
    "segments": {
      "description": "List of segments created on this transport zone.", 
      "items": {
        "$ref": "SegmentInfo
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Segments of transport zone", 
      "type": "array"
    }, 
    "transport_zone_display_name": {
      "readonly": true, 
      "required": false, 
      "title": "Name of the transport zone", 
      "type": "string"
    }, 
    "transport_zone_id": {
      "readonly": true, 
      "required": false, 
      "title": "ID of the transport zone", 
      "type": "string"
    }
  }, 
  "type": "object"
}

TransportZoneListParameters (type) 

{
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "TransportZoneListParameters", 
  "module_id": "TransportZone", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "is_default": {
      "description": "If set to true, only the default transport zones will be returned. If set to false, all transport zones except the default ones will be returned. If unset, all transport zones will be returned.", 
      "title": "Filter to choose if default transport zones will be returned", 
      "type": "boolean"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "transport_type": {
      "$ref": "TransportType, 
      "description": "If set, only transport zones of the given type will be returned; otherwise transport zones of all types will be returned.", 
      "title": "Filter to choose the type of transport zones to return"
    }, 
    "uplink_teaming_policy_name": {
      "description": "All transport zone's with the specified uplink teaming policy name. Otherwise, transport zones with any uplink teaming policy will be returned.", 
      "required": false, 
      "title": "The transport zone's uplink teaming policy name", 
      "type": "string"
    }
  }, 
  "title": "Transport Zone list parameters", 
  "type": "object"
}

TransportZoneListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "TransportZoneListResult", 
  "module_id": "TransportZone", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "TransportZone
      }, 
      "required": true, 
      "title": "Transport Zone Results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Transport zone queries result", 
  "type": "object"
}

TransportZoneProfile (type) 

{
  "abstract": true, 
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "TransportZoneProfile", 
  "module_id": "TransportZoneProfile", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "BfdHealthMonitoringProfile"
      ], 
      "help_summary": "Possible value is 'BfdHealthMonitoringProfile'", 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

TransportZoneProfileListParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "TransportZoneProfileListParameters", 
  "module_id": "TransportZoneProfile", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "include_system_owned": {
      "default": false, 
      "required": false, 
      "title": "Whether the list result contains system resources", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "resource_type": {
      "required": false, 
      "title": "comma-separated list of transport zone profile types, e.g. ?resource_type=BfdHealthMonitoringProfile", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Transport zone profile list parameters", 
  "type": "object"
}

TransportZoneProfileListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "TransportZoneProfileListResult", 
  "module_id": "TransportZoneProfile", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "TransportZoneProfile
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Transport zone profile results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Transport zone profile queries result", 
  "type": "object"
}

TransportZoneProfileType (type) 

{
  "enum": [
    "BfdHealthMonitoringProfile"
  ], 
  "id": "TransportZoneProfileType", 
  "module_id": "TransportZoneProfile", 
  "title": "Supported transport zone profiles.", 
  "type": "string"
}

TransportZoneProfileTypeIdEntry (type) 

{
  "additionalProperties": false, 
  "id": "TransportZoneProfileTypeIdEntry", 
  "module_id": "TransportZoneProfile", 
  "properties": {
    "profile_id": {
      "description": "profile id of the resource type", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "TransportZoneProfileType, 
      "description": "Selects the type of the transport zone profile"
    }
  }, 
  "type": "object"
}

TransportZoneStatus (type) 

{
  "id": "TransportZoneStatus", 
  "module_id": "TransportZone", 
  "properties": {
    "num_logical_ports": {
      "readonly": true, 
      "required": true, 
      "title": "Count of logical ports in the transport zone", 
      "type": "int"
    }, 
    "num_logical_switches": {
      "readonly": true, 
      "required": true, 
      "title": "Count of logical switches in the transport zone", 
      "type": "int"
    }, 
    "num_transport_nodes": {
      "readonly": true, 
      "required": true, 
      "title": "Count of transport nodes in the transport zone", 
      "type": "int"
    }, 
    "transport_zone_id": {
      "readonly": true, 
      "required": true, 
      "title": "Unique ID identifying the transport zone", 
      "type": "string"
    }
  }, 
  "title": "Transport zone runtime status information", 
  "type": "object"
}

TrunkVlanRange (type) 

{
  "id": "TrunkVlanRange", 
  "module_id": "LogicalSwitch", 
  "properties": {
    "end": {
      "$ref": "VlanID, 
      "required": true
    }, 
    "start": {
      "$ref": "VlanID, 
      "required": true
    }
  }, 
  "title": "Trunk VLAN id range", 
  "type": "object"
}

TrustManagementData (type) 

{
  "additionalProperties": false, 
  "id": "TrustManagementData", 
  "module_id": "CertificateManager", 
  "properties": {
    "supported_algorithms": {
      "description": "list of supported algorithms", 
      "items": {
        "$ref": "CryptoAlgorithm
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }
  }, 
  "type": "object"
}

TrustObjectData (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "TrustObjectData", 
  "module_id": "CertificateManager", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "key_algo": {
      "description": "Key algorithm contained in this certificate", 
      "type": "string"
    }, 
    "passphrase": {
      "description": "Password for private key encryption", 
      "readonly": false, 
      "required": false, 
      "sensitive": true, 
      "type": "string"
    }, 
    "pem_encoded": {
      "description": "pem encoded certificate data", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "private_key": {
      "description": "private key data", 
      "readonly": false, 
      "required": false, 
      "sensitive": true, 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

TunnelDigestAlgorithm (type) 

{
  "additionalProperties": false, 
  "description": "The TunnelDigestAlgorithms are used to verify message integrity during IPSec VPN tunnel establishment. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.", 
  "enum": [
    "SHA1", 
    "SHA2_256", 
    "SHA2_384", 
    "SHA2_512"
  ], 
  "id": "TunnelDigestAlgorithm", 
  "module_id": "IPSecVPN", 
  "title": "Digest Algorithms used in tunnel establishment", 
  "type": "string"
}

TunnelEncryptionAlgorithm (type) 

{
  "additionalProperties": false, 
  "description": "TunnelEncryption algorithms are used to ensure confidentiality of the messages exchanged during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode (GCM) and is used to provide both confidentiality and data origin authentication. NO_ENCRYPTION_AUTH_AES_GMAC_* enables authentication on input data without encyption. Digest algorithm should be empty for this option.", 
  "enum": [
    "AES_128", 
    "AES_256", 
    "AES_GCM_128", 
    "AES_GCM_192", 
    "AES_GCM_256", 
    "NO_ENCRYPTION_AUTH_AES_GMAC_128", 
    "NO_ENCRYPTION_AUTH_AES_GMAC_192", 
    "NO_ENCRYPTION_AUTH_AES_GMAC_256", 
    "NO_ENCRYPTION"
  ], 
  "id": "TunnelEncryptionAlgorithm", 
  "module_id": "IPSecVPN", 
  "title": "Encryption algorithm used in tunnel", 
  "type": "string"
}

TunnelInterfaceIPSubnet (type) 

{
  "additionalProperties": false, 
  "id": "TunnelInterfaceIPSubnet", 
  "module_id": "PolicyIPSecVpn", 
  "properties": {
    "ip_addresses": {
      "items": {
        "$ref": "IPv4Address
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "IPv4 Addresses", 
      "type": "array"
    }, 
    "prefix_length": {
      "maximum": 31, 
      "minimum": 1, 
      "required": true, 
      "title": "Subnet Prefix Length", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

TunnelList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "TunnelList", 
  "module_id": "Tunnel", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "tunnels": {
      "items": {
        "$ref": "TunnelProperties
      }, 
      "readonly": true, 
      "title": "List of transport node tunnels", 
      "type": "array"
    }
  }, 
  "type": "object"
}

TunnelPortConfig (type) 

{
  "additionalProperties": false, 
  "description": "IP Tunnel port configuration.", 
  "id": "TunnelPortConfig", 
  "module_id": "IPSecVPN", 
  "properties": {
    "ip_subnets": {
      "description": "IP Tunnel port  (commonly referred as VTI) subnet.", 
      "items": {
        "$ref": "IPSubnet
      }, 
      "maxItems": 1, 
      "required": true, 
      "title": "IP Tunnel port subnet", 
      "type": "array"
    }, 
    "tunnel_port_id": {
      "description": "Logical route port identifier.", 
      "readonly": true, 
      "title": "Logical route port identifier", 
      "type": "string"
    }
  }, 
  "title": "IP Tunnel port configuration", 
  "type": "object"
}

TunnelProperties (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "TunnelProperties", 
  "module_id": "Tunnel", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "bfd": {
      "$ref": "BFDProperties, 
      "readonly": true, 
      "required": false, 
      "title": "Detailed information about BFD configured on interface"
    }, 
    "egress_interface": {
      "description": "Corresponds to the interface where local_ip_address is routed.", 
      "readonly": true, 
      "required": false, 
      "title": "Name of local transport interface carrying tunnel traffic", 
      "type": "string"
    }, 
    "encap": {
      "enum": [
        "STT", 
        "VXLAN", 
        "GENEVE", 
        "UNKNOWN_ENCAP"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Tunnel encap", 
      "type": "string"
    }, 
    "last_updated_time": {
      "$ref": "EpochMsTimestamp, 
      "readonly": true, 
      "required": false, 
      "title": "Time at which the Tunnel status has been fetched last time."
    }, 
    "latency_type": {
      "description": "Latency type.", 
      "enum": [
        "UNKNOWN_LATENCY", 
        "VALID", 
        "NOT_READY", 
        "TIMEOUT"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Latency type", 
      "type": "string"
    }, 
    "latency_value": {
      "description": "The latency value is set only when latency_type is VALID.", 
      "readonly": true, 
      "required": false, 
      "title": "Latency value", 
      "type": "integer"
    }, 
    "local_ip": {
      "format": "ip", 
      "readonly": true, 
      "required": false, 
      "title": "Local IP address of tunnel", 
      "type": "string"
    }, 
    "name": {
      "readonly": true, 
      "required": false, 
      "title": "Name of tunnel", 
      "type": "string"
    }, 
    "remote_ip": {
      "format": "ip", 
      "readonly": true, 
      "required": false, 
      "title": "Remote IP address of tunnel", 
      "type": "string"
    }, 
    "remote_node_display_name": {
      "description": "Represents the display name of the remote transport node at the other end of the tunnel.", 
      "readonly": true, 
      "title": "Display name of the remote transport node", 
      "type": "string"
    }, 
    "remote_node_id": {
      "readonly": true, 
      "required": false, 
      "title": "UUID of the remote transport node", 
      "type": "string"
    }, 
    "status": {
      "enum": [
        "UP", 
        "DOWN", 
        "UNKNOWN"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Status of tunnel", 
      "type": "string"
    }
  }, 
  "type": "object"
}

TunnelStatusCount (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "StatusCount
  }, 
  "id": "TunnelStatusCount", 
  "module_id": "Heatmap", 
  "properties": {
    "bfd_diagnostic": {
      "$ref": "BFDDiagnosticCount, 
      "title": "BFD Diagnostic"
    }, 
    "bfd_status": {
      "$ref": "BFDStatusCount, 
      "title": "BFD Status"
    }, 
    "degraded_count": {
      "title": "Degraded count", 
      "type": "int"
    }, 
    "down_count": {
      "title": "Down count", 
      "type": "int"
    }, 
    "status": {
      "enum": [
        "UP", 
        "DOWN", 
        "DEGRADED", 
        "UNKNOWN"
      ], 
      "title": "Roll-up status", 
      "type": "string"
    }, 
    "up_count": {
      "title": "Up count", 
      "type": "int"
    }
  }, 
  "type": "object"
}

TunnelSubnet (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "id": "TunnelSubnet", 
  "module_id": "PolicyL3Vpn", 
  "properties": {
    "ip_addresses": {
      "items": {
        "$ref": "IPv4Address
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "Subnet ip addresses", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "prefix_length": {
      "maximum": 31, 
      "minimum": 1, 
      "required": true, 
      "title": "Subnet Prefix Length", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

UcFunctionalState (type) 

{
  "additionalProperties": false, 
  "description": "Upgrade coordinator Uc functional State.", 
  "id": "UcFunctionalState", 
  "module_id": "Upgrade", 
  "properties": {
    "error_message": {
      "description": "error message that explains why UC is on standby mode.", 
      "readonly": true, 
      "required": false, 
      "title": "error message", 
      "type": "string"
    }, 
    "state": {
      "description": "function state of the upgrade coordinator", 
      "enum": [
        "RUNNING", 
        "STANDBY"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "State of UC UI", 
      "type": "string"
    }
  }, 
  "title": "Uc Functional State", 
  "type": "object"
}

UcStateProperties (type) 

{
  "additionalProperties": false, 
  "id": "UcStateProperties", 
  "properties": {
    "update_uc_state_properties": {
      "default": true, 
      "required": false, 
      "title": "Flag for updating upgrade-coodinator state properties to database", 
      "type": "boolean"
    }
  }, 
  "title": "Upgrade Coordinator state properties", 
  "type": "object"
}

UcUpgradeStatus (type) 

{
  "additionalProperties": false, 
  "description": "Upgrade status of upgrade-coordinator", 
  "id": "UcUpgradeStatus", 
  "module_id": "Upgrade", 
  "properties": {
    "state": {
      "description": "Current state of UC upgrade", 
      "enum": [
        "NOT_STARTED", 
        "IN_PROGRESS", 
        "SUCCESS", 
        "FAILED"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "State of UC upgrade", 
      "type": "string"
    }, 
    "status": {
      "description": "Status of UC upgrade", 
      "readonly": true, 
      "required": false, 
      "title": "Status of UC upgrade", 
      "type": "string"
    }
  }, 
  "title": "UC Upgrade status", 
  "type": "object"
}

UdpHeader (type) 

{
  "additionalProperties": false, 
  "id": "UdpHeader", 
  "module_id": "Traceflow", 
  "properties": {
    "dst_port": {
      "default": 0, 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Destination port of udp header", 
      "type": "integer"
    }, 
    "src_port": {
      "default": 0, 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Source port of udp header", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

UdpPolicyLbMonitorProfile (type) 

{
  "additionalProperties": false, 
  "description": "Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the PolicyLbRule object. This represents active health monitoring over UDP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
  "extends": {
    "$ref": "PolicyLbMonitorProfile
  }, 
  "id": "UdpPolicyLbMonitorProfile", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "UdpPolicyLbMonitorProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "fall_count": {
      "default": 3, 
      "description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.", 
      "required": false, 
      "title": "Monitor fall count for active healthchecks", 
      "type": "integer"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "interval": {
      "default": 5, 
      "description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.", 
      "required": false, 
      "title": "Monitor interval in seconds for active healthchecks", 
      "type": "integer"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "monitor_port": {
      "description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value.", 
      "maximum": 65535, 
      "minimum": 0, 
      "required": false, 
      "title": "Monitor port for active healthchecks", 
      "type": "int"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "receive": {
      "description": "Expected data, can be anywhere in the response and it has to be a string, regular expressions are not supported. UDP healthcheck is considered failed if there is no server response within the timeout period.", 
      "required": true, 
      "title": "expected data received from server", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "TcpPolicyLbMonitorProfile", 
        "UdpPolicyLbMonitorProfile", 
        "IcmpPolicyLbMonitorProfile", 
        "HttpPolicyLbMonitorProfile", 
        "HttpsPolicyLbMonitorProfile"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "rise_count": {
      "default": 3, 
      "description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.", 
      "required": false, 
      "title": "Monitor rise count for active healthchecks", 
      "type": "integer"
    }, 
    "send": {
      "description": "The data to be sent to the monitored server.", 
      "required": true, 
      "title": "data to send", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "timeout": {
      "default": 15, 
      "description": "Timeout specified in seconds.  After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.", 
      "required": false, 
      "title": "Monitor timeout in seconds for active healthchecks", 
      "type": "integer"
    }
  }, 
  "title": "PolicyLbMonitorProfile for active health checks over UDP", 
  "type": "object"
}

UdpPolicyLbVirtualServer (type) 

{
  "additionalProperties": false, 
  "description": "Virtual server acts as a facade to an application, receives all client connections over UDP and distributes them among the backend servers.", 
  "extends": {
    "$ref": "PolicyLbVirtualServer
  }, 
  "id": "UdpPolicyLbVirtualServer", 
  "module_id": "TempPolicyLoadBalancer", 
  "polymorphic-type-descriptor": {
    "type-identifier": "UdpPolicyLbVirtualServer"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "access_log_enabled": {
      "default": false, 
      "description": "If access log is enabled, all HTTP requests sent to an L7 virtual server are logged to the access log file. Both successful requests (backend server returns 2xx) and unsuccessful requests (backend server returns 4xx or 5xx) are logged to access log, if enabled.", 
      "required": false, 
      "title": "Access log enabled setting", 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ip_address": {
      "$ref": "IPAddress, 
      "description": "Configures the IP address of the PolicyLbVirtualServer where it receives all client connections and distributes them among the backend servers.", 
      "required": true, 
      "title": "IP address of the PolicyLbVirtualServer"
    }, 
    "lb_persistence_profile": {
      "description": "Path to optional object that enables persistence on a virtual server allowing related client connections to be sent to the same backend server. Persistence is disabled by default.", 
      "required": false, 
      "title": "Persistence Profile used by PolicyLbVirtualServer", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "ports": {
      "description": "Ports contains a list of at least one port or port range such as \"80\", \"1234-1236\". Each port element in the list should be a single port or a single port range.", 
      "items": {
        "$ref": "PortElement
      }, 
      "required": true, 
      "title": "Virtual server port number(s) or port range(s)", 
      "type": "array"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "TcpPolicyLbVirtualServer", 
        "UdpPolicyLbVirtualServer", 
        "HttpPolicyLbVirtualServer", 
        "HttpsPolicyLbVirtualServer", 
        "CustomPolicyLbVirtualServer"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "router_path": {
      "description": "Path to router type object that PolicyLbVirtualServer connects to. The only supported router object is Network.", 
      "required": true, 
      "title": "Path to router type object for PolicyLbVirtualServer", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "traffic_source": {
      "type": "string"
    }
  }, 
  "title": "PolicyLbVirtualServer handling connections over UDP", 
  "type": "object"
}

UnaryOperation (type) 

{
  "additionalProperties": false, 
  "description": "Unary Operation.", 
  "id": "UnaryOperation", 
  "module_id": "PolicyReaction", 
  "properties": {
    "operand": {
      "$ref": "ResourceFieldPointer, 
      "description": "Represents an argument of the operation pointing to a specific field value.", 
      "required": true, 
      "title": "Operand"
    }, 
    "operator": {
      "description": "Logical Operator describing the operation to apply to the operand.", 
      "enum": [
        "APPEND", 
        "SUBTRACT"
      ], 
      "required": true, 
      "title": "Operator", 
      "type": "string"
    }
  }, 
  "title": "Unary Operation", 
  "type": "object"
}

UnaryOperationBasedInjectionValue (type) 

{
  "additionalProperties": false, 
  "description": "Operation based Injection Value.", 
  "extends": {
    "$ref": "InjectionValue
  }, 
  "id": "UnaryOperationBasedInjectionValue", 
  "module_id": "PolicyReaction", 
  "polymorphic-type-descriptor": {
    "type-identifier": "UnaryOperationBasedInjectionValue"
  }, 
  "properties": {
    "initial_value": {
      "$ref": "ResourceFieldPointer, 
      "description": "Resource field pointer representing the initial value for the injection value. If an operation is supplied, the value is handed to the operation function to produce a final result.", 
      "required": true, 
      "title": "Intitial value"
    }, 
    "operation": {
      "$ref": "UnaryOperation, 
      "description": "Represents an optional operation to be done on the initial value.", 
      "title": "Operation Function"
    }, 
    "resource_type": {
      "description": "Injection Value resource type.", 
      "enum": [
        "UnaryOperationBasedInjectionValue"
      ], 
      "required": true, 
      "title": "Resource Type", 
      "type": "string"
    }
  }, 
  "title": "Operation based Injection Value", 
  "type": "object"
}

UnassociatedVMListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "UnassociatedVMListResult", 
  "module_id": "GroupingObjectsProviders", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of VMs which are not associated with any NSGroup", 
      "items": {
        "$ref": "VirtualMachine
      }, 
      "required": true, 
      "title": "Unassociated Vitual Machine list results\n", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UnidirectionalServicePath (type) 

{
  "description": "Representing either forward or reverse service path for ingress or egress traffic respectively.", 
  "id": "UnidirectionalServicePath", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "hops": {
      "description": "List of service path hops that constitutes the forward or reverse service path.", 
      "items": {
        "$ref": "ServicePathHop
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Forward or reverse service path hops", 
      "type": "array"
    }, 
    "host_cross_count": {
      "description": "The number of times the traffic needs to cross hosts for the given forward or reverse service path.", 
      "readonly": true, 
      "required": false, 
      "title": "Host crossing count", 
      "type": "integer"
    }, 
    "in_maintenance_mode": {
      "description": "Is forward or revserse service path in maintenance mode or not.", 
      "readonly": true, 
      "required": false, 
      "title": "Is in maintenance mode", 
      "type": "boolean"
    }, 
    "is_active": {
      "description": "Is forward or revserse service path active or not.", 
      "readonly": true, 
      "required": false, 
      "title": "Is active", 
      "type": "boolean"
    }, 
    "unidir_service_path_id": {
      "description": "Unique identifier of one directional service path.", 
      "readonly": true, 
      "required": false, 
      "title": "Unidirectional service path id", 
      "type": "integer"
    }
  }, 
  "title": "Forward or reverse service path", 
  "type": "object"
}

UpdatePrincipalIdentityCertificateRequest (type) 

{
  "additionalProperties": false, 
  "description": "Request to update the certificate of a principal identity with a new certificate", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "UpdatePrincipalIdentityCertificateRequest", 
  "module_id": "CertificateManager", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "certificate_id": {
      "description": "Id of the stored certificate", 
      "pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$", 
      "readonly": false, 
      "required": true, 
      "title": "Id of the stored certificate", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "principal_identity_id": {
      "description": "Unique ID of the principal", 
      "maxLength": 255, 
      "pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$", 
      "readonly": false, 
      "required": true, 
      "title": "Principal Identity ID", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Request to update the certificate of a principal identity", 
  "type": "object"
}

UpgradeBundle (type) 

{
  "additionalProperties": false, 
  "id": "UpgradeBundle", 
  "module_id": "Upgrade", 
  "properties": {
    "file": {
      "readonly": false, 
      "required": true, 
      "title": "Upgrade bundle file", 
      "type": "multipart_file"
    }
  }, 
  "type": "object"
}

UpgradeBundleFetchRequest (type) 

{
  "additionalProperties": false, 
  "description": "URL and other fetch requests of upgrade bundle", 
  "id": "UpgradeBundleFetchRequest", 
  "module_id": "Upgrade", 
  "properties": {
    "url": {
      "description": "URL for uploading upgrade bundle", 
      "readonly": false, 
      "required": true, 
      "title": "URL of upgrade bundle", 
      "type": "string"
    }
  }, 
  "title": "Fetch request for fetching upgrade bundle", 
  "type": "object"
}

UpgradeBundleId (type) 

{
  "additionalProperties": false, 
  "description": "Identifier of the upgrade bundle", 
  "id": "UpgradeBundleId", 
  "module_id": "Upgrade", 
  "properties": {
    "bundle_id": {
      "description": "Identifier of bundle upload", 
      "readonly": true, 
      "required": false, 
      "title": "Bundle Id of upgrade bundle uploaded", 
      "type": "string"
    }
  }, 
  "title": "Bundle id of upgrade bundle", 
  "type": "object"
}

UpgradeBundleInfo (type) 

{
  "additionalProperties": false, 
  "description": "Information about the upgrade bundle", 
  "id": "UpgradeBundleInfo", 
  "module_id": "Upgrade", 
  "properties": {
    "bundle_size": {
      "readonly": true, 
      "required": false, 
      "title": "size of upgrade bundle", 
      "type": "string"
    }, 
    "url": {
      "description": "URL for uploading upgrade bundle", 
      "readonly": true, 
      "required": false, 
      "title": "URL of the upgrade bundle", 
      "type": "string"
    }
  }, 
  "title": "Information about upgrade bundle", 
  "type": "object"
}

UpgradeBundleUploadStatus (type) 

{
  "additionalProperties": false, 
  "description": "Upload status of upgrade bundle uploaded from url", 
  "id": "UpgradeBundleUploadStatus", 
  "module_id": "Upgrade", 
  "properties": {
    "detailed_status": {
      "description": "Detailed status of upgrade bundle upload", 
      "readonly": true, 
      "required": false, 
      "title": "Detailed status of bundle upload", 
      "type": "string"
    }, 
    "percent": {
      "description": "Percent of bundle uploaded from URL", 
      "readonly": true, 
      "required": false, 
      "title": "Percent of upload completed", 
      "type": "number"
    }, 
    "status": {
      "description": "Current status of upgrade bundle upload", 
      "enum": [
        "UPLOADING", 
        "VERIFYING", 
        "SUCCESS", 
        "FAILED"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Status of upgrade bundle upload", 
      "type": "string"
    }, 
    "url": {
      "description": "URL for uploading upgrade bundle", 
      "readonly": true, 
      "required": false, 
      "title": "URL from which the bundle was uploaded", 
      "type": "string"
    }
  }, 
  "title": "Upload status of upgrade bundle", 
  "type": "object"
}

UpgradeCheck (type) 

{
  "additionalProperties": false, 
  "description": "Check to identify potential pre/post-upgrade issues", 
  "id": "UpgradeCheck", 
  "module_id": "Upgrade", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": true, 
      "title": "Component type", 
      "type": "string"
    }, 
    "display_name": {
      "readonly": false, 
      "required": false, 
      "title": "Name of the pre/post-upgrade check", 
      "type": "string"
    }, 
    "failure_messages": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of failure messages", 
      "type": "array"
    }, 
    "status": {
      "enum": [
        "SUCCESS", 
        "FAILURE", 
        "WARNING"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Status of pre/post-upgrade check", 
      "type": "string"
    }
  }, 
  "title": "Pre/post-upgrade check", 
  "type": "object"
}

UpgradeCheckCsvListResult (type) 

{
  "extends": {
    "$ref": "CsvListResult
  }, 
  "id": "UpgradeCheckCsvListResult", 
  "module_id": "Upgrade", 
  "properties": {
    "file_name": {
      "description": "File name set by HTTP server if API  returns CSV result as a file.", 
      "required": false, 
      "title": "File name", 
      "type": "string"
    }, 
    "results": {
      "items": {
        "$ref": "UpgradeCheckCsvRecord
      }, 
      "required": false, 
      "type": "array"
    }
  }, 
  "type": "object"
}

UpgradeCheckCsvRecord (type) 

{
  "additionalProperties": false, 
  "description": "CSV record for a pre/post-upgrade check", 
  "extends": {
    "$ref": "CsvRecord
  }, 
  "id": "UpgradeCheckCsvRecord", 
  "module_id": "Upgrade", 
  "properties": {
    "check_description": {
      "description": "Description of the pre/post-upgrade check", 
      "readonly": false, 
      "required": false, 
      "title": "Description of the upgrade check", 
      "type": "string"
    }, 
    "check_name": {
      "description": "Display name of the pre/post-upgrade check", 
      "readonly": false, 
      "required": true, 
      "title": "Name of the upgrade check", 
      "type": "string"
    }, 
    "failure_messages": {
      "description": "Space-separated list of failure messages", 
      "readonly": true, 
      "required": false, 
      "title": "Failure messages", 
      "type": "string"
    }, 
    "status": {
      "description": "Status of the pre/post-upgrade check", 
      "enum": [
        "SUCCESS", 
        "FAILURE", 
        "WARNING"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Status of the upgrade check", 
      "type": "string"
    }, 
    "upgrade_unit_id": {
      "description": "Identifier of the upgrade unit", 
      "readonly": true, 
      "required": true, 
      "title": "UUID of the upgrade unit", 
      "type": "string"
    }, 
    "upgrade_unit_metadata": {
      "description": "Meta-data of the upgrade-unit", 
      "readonly": true, 
      "required": false, 
      "title": "Meta-data of the upgrade-unit", 
      "type": "string"
    }, 
    "upgrade_unit_type": {
      "description": "Component type of the upgrade unit", 
      "readonly": false, 
      "required": true, 
      "title": "Component type", 
      "type": "string"
    }
  }, 
  "title": "CSV record for an upgrade-check", 
  "type": "object"
}

UpgradeCheckInfo (type) 

{
  "additionalProperties": false, 
  "description": "Meta-data of a pre/post-upgrade check", 
  "id": "UpgradeCheckInfo", 
  "module_id": "Upgrade", 
  "properties": {
    "component_type": {
      "description": "Component type of the pre/post-upgrade check", 
      "readonly": false, 
      "required": true, 
      "title": "Component type", 
      "type": "string"
    }, 
    "description": {
      "description": "Description of the pre/post-upgrade check", 
      "readonly": true, 
      "required": false, 
      "title": "Description", 
      "type": "string"
    }, 
    "name": {
      "description": "Display name of the pre/post-upgrade check", 
      "readonly": true, 
      "required": true, 
      "title": "Name of the upgrade check", 
      "type": "string"
    }
  }, 
  "title": "Meta-data of a pre/post-upgrade check", 
  "type": "object"
}

UpgradeCheckInfoListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "UpgradeCheckInfoListRequestParameters", 
  "module_id": "Upgrade", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": false, 
      "title": "Component type based on which upgrade checks are to be filtered", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeCheckListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "UpgradeCheckListResult", 
  "module_id": "Upgrade", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "checks": {
      "items": {
        "$ref": "UpgradeCheck
      }, 
      "required": true, 
      "title": "Paged Collection of pre/post-upgrade checks", 
      "type": "array"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeCheckListResults (type) 

{
  "additionalProperties": false, 
  "id": "UpgradeCheckListResults", 
  "module_id": "Upgrade", 
  "properties": {
    "checks_with_warnings": {
      "$ref": "UpgradeCheckListResult, 
      "readonly": true, 
      "required": false
    }, 
    "failed_checks": {
      "$ref": "UpgradeCheckListResult, 
      "readonly": true, 
      "required": false
    }, 
    "successful_checks": {
      "$ref": "UpgradeCheckListResult, 
      "readonly": true, 
      "required": false
    }
  }, 
  "type": "object"
}

UpgradeChecksExecutionStatus (type) 

{
  "additionalProperties": false, 
  "description": "Execution status of pre/post-upgrade checks", 
  "id": "UpgradeChecksExecutionStatus", 
  "module_id": "Upgrade", 
  "properties": {
    "details": {
      "readonly": true, 
      "required": false, 
      "title": "Details about current execution of pre/post-upgrade checks", 
      "type": "string"
    }, 
    "end_time": {
      "$ref": "EpochMsTimestamp, 
      "required": false, 
      "title": "Time (in milliseconds since epoch) when the execution of\npre/post-upgrade checks completed\n"
    }, 
    "node_with_issues_count": {
      "readonly": true, 
      "required": false, 
      "title": "Number of nodes which generated failures or warnings during\npre/post-upgrade checks\n", 
      "type": "int"
    }, 
    "start_time": {
      "$ref": "EpochMsTimestamp, 
      "required": false, 
      "title": "Time (in milliseconds since epoch) when the execution of\npre/post-upgrade checks started\n"
    }, 
    "status": {
      "enum": [
        "NOT_STARTED", 
        "IN_PROGRESS", 
        "COMPLETED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Status of execution of pre/post-upgrade checks", 
      "type": "string"
    }
  }, 
  "title": "Execution status of pre/post-upgrade checks", 
  "type": "object"
}

UpgradeHistory (type) 

{
  "additionalProperties": false, 
  "id": "UpgradeHistory", 
  "module_id": "UpgradeTypes", 
  "properties": {
    "initial_version": {
      "description": "Version before the upgrade started", 
      "required": true, 
      "title": "Initial Version", 
      "type": "string"
    }, 
    "target_version": {
      "description": "Version being upgraded to", 
      "required": true, 
      "title": "Target Version", 
      "type": "string"
    }, 
    "timestamp": {
      "$ref": "EpochMsTimestamp, 
      "required": true, 
      "title": "Timestamp (in milliseconds since epoch) when the upgrade was performed"
    }, 
    "upgrade_status": {
      "enum": [
        "STARTED", 
        "SUCCESS", 
        "FAILED"
      ], 
      "required": true, 
      "title": "Status of the upgrade", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeHistoryList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "UpgradeHistoryList", 
  "module_id": "UpgradeTypes", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "UpgradeHistory
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Upgrade history list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeInfraRequestParameters (type) 

{
  "additionalProperties": false, 
  "id": "UpgradeInfraRequestParameters", 
  "module_id": "HostPrepServiceFabric", 
  "properties": {
    "disable_vm_migration": {
      "default": false, 
      "required": false, 
      "title": "Should VM migration be disabled during upgrade", 
      "type": "boolean"
    }
  }, 
  "title": "Upgrade Infra request parameters.", 
  "type": "object"
}

UpgradePlanResetRequest (type) 

{
  "additionalProperties": false, 
  "id": "UpgradePlanResetRequest", 
  "module_id": "Upgrade", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": true, 
      "title": "Component type", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradePlanSettings (type) 

{
  "additionalProperties": false, 
  "id": "UpgradePlanSettings", 
  "module_id": "Upgrade", 
  "properties": {
    "parallel": {
      "default": true, 
      "readonly": false, 
      "required": false, 
      "title": "Upgrade Method to specify whether the upgrade is to be performed serially or in parallel", 
      "type": "boolean"
    }, 
    "pause_after_each_group": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Flag to indicate whether to pause the upgrade after upgrade of each group is completed", 
      "type": "boolean"
    }, 
    "pause_on_error": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Flag to indicate whether to pause the upgrade plan execution when an error occurs", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

UpgradeStatus (type) 

{
  "additionalProperties": false, 
  "id": "UpgradeStatus", 
  "module_id": "Upgrade", 
  "properties": {
    "ccp_status": {
      "$ref": "CCPUpgradeStatus, 
      "readonly": true, 
      "required": false, 
      "title": "CCP upgrade status"
    }, 
    "component_status": {
      "items": {
        "$ref": "ComponentUpgradeStatus
      }, 
      "readonly": true, 
      "required": true, 
      "title": "List of component statuses", 
      "type": "array"
    }, 
    "edge_status": {
      "$ref": "EdgeUpgradeStatus, 
      "readonly": true, 
      "required": false, 
      "title": "Edge upgrade status"
    }, 
    "host_status": {
      "$ref": "HostUpgradeStatus, 
      "readonly": true, 
      "required": false, 
      "title": "Host upgrade status"
    }, 
    "overall_upgrade_status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSING", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Status of upgrade", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeSummary (type) 

{
  "additionalProperties": false, 
  "id": "UpgradeSummary", 
  "module_id": "Upgrade", 
  "properties": {
    "component_target_versions": {
      "items": {
        "$ref": "ComponentTargetVersion
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "system_version": {
      "readonly": true, 
      "required": true, 
      "title": "Current system version", 
      "type": "string"
    }, 
    "target_version": {
      "readonly": true, 
      "required": true, 
      "title": "Target system version", 
      "type": "string"
    }, 
    "upgrade_bundle_file_name": {
      "readonly": true, 
      "required": false, 
      "title": "Name of the last successfully uploaded upgrade bundle file", 
      "type": "string"
    }, 
    "upgrade_coordinator_updated": {
      "readonly": true, 
      "required": false, 
      "title": "Has upgrade coordinator been updated after upload of upgrade bundle file", 
      "type": "boolean"
    }, 
    "upgrade_coordinator_version": {
      "readonly": true, 
      "required": true, 
      "title": "Current version of upgrade coordinator", 
      "type": "string"
    }, 
    "upgrade_status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSING", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Status of upgrade", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeTaskProperties (type) 

{
  "additionalProperties": false, 
  "id": "UpgradeTaskProperties", 
  "properties": {
    "bundle_name": {
      "required": true, 
      "title": "Name of Bundle", 
      "type": "string"
    }, 
    "parameters": {
      "readonly": true, 
      "required": false, 
      "title": "Bundle arguments", 
      "type": "object"
    }, 
    "step": {
      "required": false, 
      "title": "Step name", 
      "type": "string"
    }
  }, 
  "title": "Task properties", 
  "type": "object"
}

UpgradeTaskStatusQueryParameters (type) 

{
  "id": "UpgradeTaskStatusQueryParameters", 
  "properties": {
    "bundle_name": {
      "description": "Provide a bundle name", 
      "pattern": "^[a-zA-Z0-9-.]+$", 
      "title": "Bundle Name", 
      "type": "string"
    }, 
    "upgrade_task_id": {
      "description": "Provide a task id", 
      "pattern": "^[a-z0-9-]+$", 
      "title": "Upgrade Task ID", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeUnit (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "UpgradeUnit", 
  "module_id": "Upgrade", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "current_version": {
      "description": "This is component version e.g. if upgrade unit is of type edge, then this is edge version.", 
      "readonly": true, 
      "required": false, 
      "title": "Current version of upgrade unit", 
      "type": "string"
    }, 
    "display_name": {
      "readonly": false, 
      "required": false, 
      "title": "Name of the upgrade unit", 
      "type": "string"
    }, 
    "group": {
      "$ref": "UpgradeUnitGroupInfo, 
      "readonly": true, 
      "required": false, 
      "title": "Info of the group to which this upgrade unit belongs"
    }, 
    "id": {
      "description": "Identifier of the upgrade unit", 
      "readonly": true, 
      "required": true, 
      "title": "UUID of the upgrade unit", 
      "type": "string"
    }, 
    "metadata": {
      "items": {
        "$ref": "KeyValuePair
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Metadata about upgrade unit", 
      "type": "array"
    }, 
    "type": {
      "readonly": false, 
      "required": false, 
      "title": "Upgrade unit type", 
      "type": "string"
    }, 
    "warnings": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of warnings indicating issues with the upgrade unit that may result in upgrade failure", 
      "type": "array"
    }
  }, 
  "type": "object"
}

UpgradeUnitAggregateInfo (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "UpgradeUnitAggregateInfo", 
  "module_id": "Upgrade", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "current_version": {
      "description": "This is component version e.g. if upgrade unit is of type edge, then this is edge version.", 
      "readonly": true, 
      "required": false, 
      "title": "Current version of upgrade unit", 
      "type": "string"
    }, 
    "display_name": {
      "readonly": false, 
      "required": false, 
      "title": "Name of the upgrade unit", 
      "type": "string"
    }, 
    "errors": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of errors occurred during upgrade of this upgrade unit", 
      "type": "array"
    }, 
    "group": {
      "$ref": "UpgradeUnitGroupInfo, 
      "readonly": true, 
      "required": false, 
      "title": "Info of the group to which this upgrade unit belongs"
    }, 
    "id": {
      "description": "Identifier of the upgrade unit", 
      "readonly": true, 
      "required": true, 
      "title": "Identifier of the upgrade unit", 
      "type": "string"
    }, 
    "metadata": {
      "items": {
        "$ref": "KeyValuePair
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Metadata about upgrade unit", 
      "type": "array"
    }, 
    "percent_complete": {
      "readonly": true, 
      "required": true, 
      "title": "Indicator of upgrade progress in percentage", 
      "type": "number"
    }, 
    "post_upgrade_checks": {
      "$ref": "UpgradeCheckListResults, 
      "readonly": true, 
      "required": false
    }, 
    "pre_upgrade_checks": {
      "$ref": "UpgradeCheckListResults, 
      "readonly": true, 
      "required": false
    }, 
    "status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSING", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Status of upgrade unit", 
      "type": "string"
    }, 
    "type": {
      "readonly": false, 
      "required": false, 
      "title": "Upgrade unit type", 
      "type": "string"
    }, 
    "warnings": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of warnings indicating issues with the upgrade unit that may result in upgrade failure", 
      "type": "array"
    }
  }, 
  "type": "object"
}

UpgradeUnitAggregateInfoListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "UpgradeUnitAggregateInfoListRequestParameters", 
  "module_id": "Upgrade", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": false, 
      "title": "Component type based on which upgrade units to be filtered", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "group_id": {
      "readonly": false, 
      "required": false, 
      "title": "Identifier of group based on which upgrade units to be filtered", 
      "type": "string"
    }, 
    "has_errors": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Flag to indicate whether to return only upgrade units with errors", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "metadata": {
      "readonly": false, 
      "required": false, 
      "title": "Metadata about upgrade unit to filter on", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "selection_status": {
      "default": "ALL", 
      "enum": [
        "SELECTED", 
        "DESELECTED", 
        "ALL"
      ], 
      "required": false, 
      "title": "Flag to indicate whether to return only selected, only deselected or both type of upgrade units", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "upgrade_unit_display_name": {
      "description": "Display name of upgrade unit to filter the results on. String matching for the filter is case-insensitive.", 
      "readonly": false, 
      "required": false, 
      "title": "Display name of upgrade unit", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeUnitAggregateInfoListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "UpgradeUnitAggregateInfoListResult", 
  "module_id": "Upgrade", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "UpgradeUnitAggregateInfo
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Paged collection of UpgradeUnit AggregateInfo", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeUnitGroup (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "UpgradeUnitGroup", 
  "module_id": "Upgrade", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "readonly": false, 
      "required": false, 
      "title": "Flag to indicate whether upgrade of this group is enabled or not", 
      "type": "boolean"
    }, 
    "extended_configuration": {
      "items": {
        "$ref": "KeyValuePair
      }, 
      "maxItems": 100, 
      "readonly": false, 
      "required": false, 
      "title": "Extended configuration for the group", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "parallel": {
      "default": true, 
      "readonly": false, 
      "required": false, 
      "title": "Upgrade method to specify whether the upgrade is to be performed in parallel or serially", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "type": {
      "readonly": false, 
      "required": true, 
      "title": "Component type", 
      "type": "string"
    }, 
    "upgrade_unit_count": {
      "description": "Number of upgrade units in the group", 
      "readonly": true, 
      "required": false, 
      "title": "Count of upgrade units in the group", 
      "type": "int"
    }, 
    "upgrade_units": {
      "items": {
        "$ref": "UpgradeUnit
      }, 
      "maxItems": 100, 
      "readonly": false, 
      "required": false, 
      "title": "List of upgrade units in the group", 
      "type": "array"
    }
  }, 
  "type": "object"
}

UpgradeUnitGroupAggregateInfo (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "UpgradeUnitGroupAggregateInfo", 
  "module_id": "Upgrade", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "readonly": false, 
      "required": false, 
      "title": "Flag to indicate whether upgrade of this group is enabled or not", 
      "type": "boolean"
    }, 
    "extended_configuration": {
      "items": {
        "$ref": "KeyValuePair
      }, 
      "maxItems": 100, 
      "readonly": false, 
      "required": false, 
      "title": "Extended configuration for the group", 
      "type": "array"
    }, 
    "failed_count": {
      "readonly": true, 
      "required": false, 
      "title": "Number of nodes in the upgrade unit group that failed upgrade", 
      "type": "int"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "parallel": {
      "default": true, 
      "readonly": false, 
      "required": false, 
      "title": "Upgrade method to specify whether the upgrade is to be performed in parallel or serially", 
      "type": "boolean"
    }, 
    "percent_complete": {
      "readonly": true, 
      "required": true, 
      "title": "Indicator of upgrade progress in percentage", 
      "type": "number"
    }, 
    "post_upgrade_status": {
      "$ref": "UpgradeChecksExecutionStatus, 
      "readonly": true, 
      "required": false, 
      "title": "Post-upgrade status of group"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSING", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Upgrade status of upgrade unit group", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "type": {
      "readonly": false, 
      "required": true, 
      "title": "Component type", 
      "type": "string"
    }, 
    "upgrade_unit_count": {
      "description": "Number of upgrade units in the group", 
      "readonly": true, 
      "required": false, 
      "title": "Count of upgrade units in the group", 
      "type": "int"
    }, 
    "upgrade_units": {
      "items": {
        "$ref": "UpgradeUnit
      }, 
      "maxItems": 100, 
      "readonly": false, 
      "required": false, 
      "title": "List of upgrade units in the group", 
      "type": "array"
    }
  }, 
  "type": "object"
}

UpgradeUnitGroupAggregateInfoListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "UpgradeUnitGroupAggregateInfoListResult", 
  "module_id": "Upgrade", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "UpgradeUnitGroupAggregateInfo
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Paged collection of upgrade status for upgrade unit groups", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeUnitGroupInfo (type) 

{
  "additionalProperties": false, 
  "id": "UpgradeUnitGroupInfo", 
  "module_id": "Upgrade", 
  "properties": {
    "display_name": {
      "readonly": true, 
      "required": true, 
      "title": "Name of the group", 
      "type": "string"
    }, 
    "id": {
      "description": "Identifier of group", 
      "readonly": true, 
      "required": true, 
      "title": "UUID of group", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeUnitGroupListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "UpgradeUnitGroupListRequestParameters", 
  "module_id": "Upgrade", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": false, 
      "title": "Component type based on which upgrade unit groups to be filtered", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "summary": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Flag indicating whether to return summary", 
      "type": "boolean"
    }, 
    "sync": {
      "default": false, 
      "description": "If true, synchronize with the management plane before returning upgrade unit groups", 
      "required": false, 
      "title": "Synchronize before returning upgrade unit groups", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

UpgradeUnitGroupListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "UpgradeUnitGroupListResult", 
  "module_id": "Upgrade", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "UpgradeUnitGroup
      }, 
      "required": true, 
      "title": "Paged Collection of Upgrade unit groups", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeUnitGroupStatus (type) 

{
  "additionalProperties": false, 
  "id": "UpgradeUnitGroupStatus", 
  "module_id": "Upgrade", 
  "properties": {
    "failed_count": {
      "readonly": true, 
      "required": false, 
      "title": "Number of nodes in the upgrade unit group that failed upgrade", 
      "type": "int"
    }, 
    "group_id": {
      "description": "Identifier for upgrade unit group", 
      "readonly": true, 
      "required": true, 
      "title": "UUID of upgrade unit group", 
      "type": "string"
    }, 
    "group_name": {
      "description": "Name of the upgrade unit group", 
      "readonly": true, 
      "required": true, 
      "title": "Upgrade unit group Name", 
      "type": "string"
    }, 
    "percent_complete": {
      "readonly": true, 
      "required": true, 
      "title": "Indicator of upgrade progress in percentage", 
      "type": "number"
    }, 
    "status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSING", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Upgrade status of upgrade unit group", 
      "type": "string"
    }, 
    "upgrade_unit_count": {
      "readonly": true, 
      "required": true, 
      "title": "Number of upgrade units in the group", 
      "type": "int"
    }
  }, 
  "type": "object"
}

UpgradeUnitGroupStatusListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "UpgradeUnitGroupStatusListResult", 
  "module_id": "Upgrade", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "UpgradeUnitGroupStatus
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Paged collection of upgrade status for upgrade unit groups", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeUnitList (type) 

{
  "additionalProperties": false, 
  "id": "UpgradeUnitList", 
  "module_id": "Upgrade", 
  "properties": {
    "list": {
      "items": {
        "$ref": "UpgradeUnit
      }, 
      "required": true, 
      "title": "Collection of Upgrade units", 
      "type": "array"
    }
  }, 
  "type": "object"
}

UpgradeUnitListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "UpgradeUnitListRequestParameters", 
  "module_id": "Upgrade", 
  "properties": {
    "component_type": {
      "readonly": false, 
      "required": false, 
      "title": "Component type based on which upgrade units to be filtered", 
      "type": "string"
    }, 
    "current_version": {
      "readonly": false, 
      "required": false, 
      "title": "Current version of upgrade unit based on which upgrade units to be filtered", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "group_id": {
      "readonly": false, 
      "required": false, 
      "title": "UUID of group based on which upgrade units to be filtered", 
      "type": "string"
    }, 
    "has_warnings": {
      "default": false, 
      "readonly": false, 
      "required": false, 
      "title": "Flag to indicate whether to return only upgrade units with warnings", 
      "type": "boolean"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "metadata": {
      "readonly": false, 
      "required": false, 
      "title": "Metadata about upgrade unit to filter on", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "upgrade_unit_type": {
      "readonly": false, 
      "required": false, 
      "title": "Upgrade unit type based on which upgrade units to be filtered", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeUnitListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "UpgradeUnitListResult", 
  "module_id": "Upgrade", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "UpgradeUnit
      }, 
      "required": true, 
      "title": "Paged Collection of Upgrade units", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeUnitStatus (type) 

{
  "additionalProperties": false, 
  "id": "UpgradeUnitStatus", 
  "module_id": "Upgrade", 
  "properties": {
    "display_name": {
      "readonly": true, 
      "required": true, 
      "title": "Name of upgrade unit", 
      "type": "string"
    }, 
    "errors": {
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of errors occurred during upgrade of this upgrade unit", 
      "type": "array"
    }, 
    "id": {
      "description": "Identifier of upgrade unit", 
      "readonly": true, 
      "required": true, 
      "title": "UUID of upgrade unit", 
      "type": "string"
    }, 
    "metadata": {
      "items": {
        "$ref": "KeyValuePair
      }, 
      "readonly": true, 
      "required": false, 
      "title": "Metadata about upgrade unit", 
      "type": "array"
    }, 
    "percent_complete": {
      "readonly": true, 
      "required": true, 
      "title": "Indicator of upgrade progress in percentage", 
      "type": "number"
    }, 
    "status": {
      "enum": [
        "SUCCESS", 
        "FAILED", 
        "IN_PROGRESS", 
        "NOT_STARTED", 
        "PAUSING", 
        "PAUSED"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Status of upgrade unit", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeUnitStatusListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "UpgradeUnitStatusListResult", 
  "module_id": "Upgrade", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "UpgradeUnitStatus
      }, 
      "required": true, 
      "title": "Paged Collection of upgrade units status", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeUnitTypeStats (type) 

{
  "additionalProperties": false, 
  "id": "UpgradeUnitTypeStats", 
  "module_id": "Upgrade", 
  "properties": {
    "node_count": {
      "readonly": true, 
      "required": true, 
      "title": "Number of nodes", 
      "type": "int"
    }, 
    "node_with_issues_count": {
      "readonly": true, 
      "required": false, 
      "title": "Number of nodes with issues that may cause upgrade failure", 
      "type": "int"
    }, 
    "type": {
      "readonly": true, 
      "required": true, 
      "title": "Type of upgrade unit", 
      "type": "string"
    }, 
    "version": {
      "readonly": true, 
      "required": true, 
      "title": "Version of the upgrade unit", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeUnitTypeStatsList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "UpgradeUnitTypeStatsList", 
  "module_id": "Upgrade", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "UpgradeUnitTypeStats
      }, 
      "readonly": true, 
      "required": false, 
      "title": "List of upgrade unit type stats", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

UpgradeUnitsStatsRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "UpgradeUnitsStatsRequestParameters", 
  "module_id": "Upgrade", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "sync": {
      "default": false, 
      "description": "If true, synchronize with the management plane before returning upgrade unit stats", 
      "required": false, 
      "title": "Synchronize before returning upgrade unit stats", 
      "type": "boolean"
    }
  }, 
  "type": "object"
}

Uplink (type) 

{
  "id": "Uplink", 
  "module_id": "UplinkHostSwitchProfile", 
  "properties": {
    "uplink_name": {
      "help_summary": "the max length of the name is 47-byte in UTF-8 encoding", 
      "required": true, 
      "title": "Name of this uplink", 
      "type": "string"
    }, 
    "uplink_type": {
      "enum": [
        "PNIC", 
        "LAG"
      ], 
      "required": true, 
      "title": "Type of the uplink", 
      "type": "string"
    }
  }, 
  "title": "Object to identify an uplink based on its type and name", 
  "type": "object"
}

UplinkHostSwitchProfile (type) 

{
  "extends": {
    "$ref": "BaseHostSwitchProfile
  }, 
  "id": "UplinkHostSwitchProfile", 
  "module_id": "UplinkHostSwitchProfile", 
  "polymorphic-type-descriptor": {
    "type-identifier": "UplinkHostSwitchProfile"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "lags": {
      "items": {
        "$ref": "Lag
      }, 
      "maxItems": 64, 
      "required": false, 
      "title": "list of LACP group", 
      "type": "array"
    }, 
    "mtu": {
      "help_summary": "If this field is not provided, the value of the \"physical_uplink_mtu\" from the GlobalConfigs module will be used as the default.", 
      "minimum": 1280, 
      "required": false, 
      "title": "Maximum Transmission Unit used for uplinks", 
      "type": "int"
    }, 
    "named_teamings": {
      "help_summary": "If this field is not provided, logical switches will not have specific teaming policies applied to them; the default teaming policy will be used. For Non-ESX transport nodes that do not support specific uplink teaming policies on logical switches, their UplinkHostSwitchProfiles must NOT set this property; the default TeamingPolicy will always be used.", 
      "items": {
        "$ref": "NamedTeamingPolicy
      }, 
      "maxItems": 32, 
      "required": false, 
      "title": "List of named uplink teaming policies that can be used by logical switches", 
      "type": "array"
    }, 
    "overlay_encap": {
      "default": "GENEVE", 
      "enum": [
        "VXLAN", 
        "GENEVE"
      ], 
      "required": false, 
      "title": "The protocol used to encapsulate overlay traffic", 
      "type": "string"
    }, 
    "required_capabilities": {
      "help_summary": "List of capabilities required on the fabric node if this profile is used.\nThe required capabilities is determined by whether specific features are enabled in the profile.\n", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "resource_type": {
      "$ref": "HostSwitchProfileType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "teaming": {
      "$ref": "TeamingPolicy, 
      "help_summary": "This is the default TeamingPolicy used on TransportNodes that use this UplinkHostSwitchProfile for the logical switches that do not have any NamedTeamingPolicy assigned.", 
      "required": true, 
      "title": "Default TeamingPolicy associated with this UplinkProfile"
    }, 
    "transport_vlan": {
      "$ref": "VlanID, 
      "default": 0, 
      "required": false, 
      "title": "VLAN used for tagging Overlay traffic of associated HostSwitch"
    }
  }, 
  "title": "Profile for uplink policies", 
  "type": "object"
}

UpmEntityType (type) 

{
  "description": "All entity types supported.", 
  "enum": [
    "LogicalPort", 
    "LogicalSwitch", 
    "NSGroup"
  ], 
  "id": "UpmEntityType", 
  "module_id": "UpmCommon", 
  "title": "Supported Entity Types", 
  "type": "string"
}

UrlAlias (type) 

{
  "additionalProperties": false, 
  "description": "Short name or alias of a url. It is used to represent the url.", 
  "id": "UrlAlias", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "alias": {
      "description": "Short name or alias of url, if any. If not specified, the url can be referenced by its index in the array of urls of the datasource instance as $<index> (for example, $0).", 
      "maxLength": 255, 
      "title": "Url Alias Name", 
      "type": "string"
    }, 
    "query": {
      "description": "Search query to be applied, if any. If query string is not provided, it will be ignored.", 
      "maxLength": 1024, 
      "title": "Search query of the search api, if any", 
      "type": "string"
    }, 
    "url": {
      "description": "Url to fetch data from.", 
      "maxLength": 1024, 
      "required": true, 
      "title": "Url", 
      "type": "string"
    }
  }, 
  "title": "Url Alias", 
  "type": "object"
}

UrpfMode (type) 

{
  "enum": [
    "NONE", 
    "STRICT"
  ], 
  "id": "UrpfMode", 
  "module_id": "LogicalRouterPorts", 
  "title": "Unicast Reverse Path Forwarding mode", 
  "type": "string"
}

UserGroupType (type) 

{
  "enum": [
    "read_only_api_users", 
    "read_write_api_users", 
    "superusers", 
    "undefined"
  ], 
  "id": "UserGroupType", 
  "module_id": "CertificateManager", 
  "title": "Supported groups a principal identity can belong to.", 
  "type": "string"
}

UserInfo (type) 

{
  "id": "UserInfo", 
  "module_id": "AAA", 
  "properties": {
    "roles": {
      "items": {
        "$ref": "NsxRole
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Permissions", 
      "type": "array"
    }, 
    "user_name": {
      "readonly": true, 
      "required": true, 
      "title": "User Name", 
      "type": "string"
    }
  }, 
  "title": "Authenticated User Info", 
  "type": "object"
}

UserSession (type) 

{
  "additionalProperties": false, 
  "description": "User login session information", 
  "id": "UserSession", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "domain_name": {
      "description": "AD Domain of user.", 
      "required": true, 
      "title": "AD Domain", 
      "type": "string"
    }, 
    "login_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "Login time.", 
      "required": true, 
      "title": "Login time"
    }, 
    "logout_time": {
      "$ref": "EpochMsTimestamp, 
      "description": "Logout time if applicable.  An active user session has no logout time.", 
      "required": false, 
      "title": "Logout time if applicable"
    }, 
    "user_name": {
      "description": "AD user name.", 
      "required": true, 
      "title": "AD user name", 
      "type": "string"
    }, 
    "user_session_id": {
      "description": "User session ID. This also indicates whether this is VDI / RDSH.", 
      "required": true, 
      "title": "User session ID", 
      "type": "int"
    }
  }, 
  "type": "object"
}

UsernamePasswordLoginCredential (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LoginCredential
  }, 
  "id": "UsernamePasswordLoginCredential", 
  "module_id": "Types", 
  "polymorphic-type-descriptor": {
    "type-identifier": "UsernamePasswordLoginCredential"
  }, 
  "properties": {
    "credential_type": {
      "description": "Possible values are 'UsernamePasswordLoginCredential', 'VerifiableAsymmetricLoginCredential'.", 
      "required": true, 
      "title": "Login credential, for example username-password-thumbprint or certificate based, etc", 
      "type": "string"
    }, 
    "password": {
      "required": false, 
      "sensitive": true, 
      "title": "The authentication password for login", 
      "type": "string"
    }, 
    "thumbprint": {
      "pattern": "^(([0-9A-Fa-f]{2}[:])+([0-9A-Fa-f]{2}))?$", 
      "required": false, 
      "title": "Thumbprint of the login server", 
      "type": "string"
    }, 
    "username": {
      "required": false, 
      "title": "The username for login", 
      "type": "string"
    }
  }, 
  "title": "A login credential specifying a username and password", 
  "type": "object"
}

VIPSubnet (type) 

{
  "additionalProperties": false, 
  "id": "VIPSubnet", 
  "module_id": "LogicalRouter", 
  "properties": {
    "active_vip_addresses": {
      "description": "Array of IP address subnets which will be used as floating IP addresses. | These IPs will move and will be owned by Active node.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "IP Addresses which will be owned by uplink on active node.", 
      "type": "array"
    }, 
    "prefix_length": {
      "maximum": 128, 
      "minimum": 1, 
      "required": true, 
      "title": "Subnet Prefix Length", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

ValueConstraintExpression (type) 

{
  "additionalProperties": false, 
  "description": "Represents the leaf level value constraint to constrain specified attribute value to the set of values to be allowed/not-allowed. Example - sourceGroups allowed to have only with list of groups.   {     \"operator\":\"INCLUDES\",     \"values\":[\"/infra/services/HTTP\", \"/infra/services/HTTPS\"]   }", 
  "extends": {
    "$ref": "ConstraintExpression
  }, 
  "id": "ValueConstraintExpression", 
  "module_id": "PolicyConstraints", 
  "polymorphic-type-descriptor": {
    "type-identifier": "ValueConstraintExpression"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "operator": {
      "enum": [
        "INCLUDES", 
        "EXCLUDES", 
        "EQUALS"
      ], 
      "required": true, 
      "title": "Operation to check for value list for resource attribute of constraint.", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "ValueConstraintExpression", 
        "RelatedAttributeConditionalExpression", 
        "EntityInstanceCountConstraintExpression", 
        "FieldSanityConstraintExpression"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "values": {
      "description": "List of values.", 
      "items": {
        "type": "string"
      }, 
      "required": true, 
      "title": "Array of values to perform operation.", 
      "type": "array"
    }
  }, 
  "title": "Represents the leaf level value constraint.", 
  "type": "object"
}

VendorTemplate (type) 

{
  "description": "Vendor Templates are registered by the partner service manager to be used in the service profile. They contain named (k-v) pairs.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "VendorTemplate", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "attributes": {
      "description": "List of attributes specific to a partner for which the vendor template is created. There attributes are passed on to the partner appliance and is opaque to the NSX Manager. Attributes are not supported by guest introspection service.", 
      "items": {
        "$ref": "Attribute
      }, 
      "maxItems": 128, 
      "readonly": false, 
      "required": false, 
      "title": "Vendor Template attributes", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "functionality": {
      "description": "The capabilities provided by the services. Needs to be one of the following | NG_FW - Next Generation Firewall | IDS_IPS - Intrusion detection System / Intrusion Prevention System | NET_MON - Network Monitoring | HCX - Hybrid Cloud Exchange | BYOD - Bring Your Own Device | EPP - Endpoint Protection.(Third party AntiVirus partners using NXGI should use this functionality for the service)", 
      "enum": [
        "NG_FW", 
        "IDS_IPS", 
        "NET_MON", 
        "HCX", 
        "BYOD", 
        "EPP"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Functionality Type", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "redirection_action": {
      "default": "PUNT", 
      "description": "The redirection action represents if the packet is exclusively redirected to the service, or if a copy is forwarded to the service. Service profile inherits the redirection action specified at the vendor template and cannot override the action specified at the vendor template. Redirection action is not applicable to guest introspection service.", 
      "enum": [
        "PUNT", 
        "COPY"
      ], 
      "readonly": false, 
      "required": false, 
      "title": "Redirection action", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "service_id": {
      "description": "The service to which the vendor template belongs.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Id", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "vendor_template_key": {
      "description": "Different VMs in data center can have Different protection levels as specified by administrator in the policy. The identifier for the policy with which the partner appliance identifies this policy. This identifier will be passed to the partner appliance at runtime to specify which protection level is applicable for the VM being protected.", 
      "readonly": false, 
      "required": false, 
      "title": "Vendor template key", 
      "type": "string"
    }
  }, 
  "title": "Vendor Template registered for a service", 
  "type": "object"
}

VendorTemplateListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "VendorTemplateListResult", 
  "module_id": "ServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "List of the Service-Insertion Services. The list has to be homogenous.", 
      "items": {
        "$ref": "VendorTemplate
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Service list", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Vendor Template List", 
  "type": "object"
}

VendorTemplateQueryParameters (type) 

{
  "id": "VendorTemplateQueryParameters", 
  "module_id": "ServiceInsertion", 
  "properties": {
    "vendor_template_name": {
      "description": "The name of the vendor template, created by partner.", 
      "required": false, 
      "title": "Name of vendor template", 
      "type": "string"
    }
  }, 
  "title": "Vendor template query parameters", 
  "type": "object"
}

VerifiableAsymmetricLoginCredential (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "LoginCredential
  }, 
  "id": "VerifiableAsymmetricLoginCredential", 
  "module_id": "Types", 
  "polymorphic-type-descriptor": {
    "type-identifier": "VerifiableAsymmetricLoginCredential"
  }, 
  "properties": {
    "asymmetric_credential": {
      "required": false, 
      "sensitive": true, 
      "title": "Asymmetric login credential", 
      "type": "string"
    }, 
    "credential_key": {
      "required": false, 
      "sensitive": true, 
      "title": "Credential key", 
      "type": "string"
    }, 
    "credential_type": {
      "description": "Possible values are 'UsernamePasswordLoginCredential', 'VerifiableAsymmetricLoginCredential'.", 
      "required": true, 
      "title": "Login credential, for example username-password-thumbprint or certificate based, etc", 
      "type": "string"
    }, 
    "credential_verifier": {
      "required": false, 
      "sensitive": true, 
      "title": "Credential verifier", 
      "type": "string"
    }
  }, 
  "type": "object"
}

VersionList (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "VersionList", 
  "module_id": "VersionWhitelist", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "acceptable_versions": {
      "items": {
        "type": "string"
      }, 
      "required": true, 
      "title": "List of component versions", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

VidmInfo (type) 

{
  "id": "VidmInfo", 
  "module_id": "AAA", 
  "properties": {
    "display_name": {
      "readonly": true, 
      "required": true, 
      "title": "User's Full Name Or User Group's Display Name", 
      "type": "string"
    }, 
    "name": {
      "readonly": true, 
      "required": true, 
      "title": "Username Or Groupname", 
      "type": "string"
    }, 
    "type": {
      "enum": [
        "remote_user", 
        "remote_group"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Type", 
      "type": "string"
    }
  }, 
  "title": "Vidm Info", 
  "type": "object"
}

VidmInfoListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "VidmInfoListResult", 
  "module_id": "AAA", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "VidmInfo
      }, 
      "required": true, 
      "title": "List results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

VidmInfoSearchRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "VidmInfoSearchRequestParameters", 
  "module_id": "AAA", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "search_string": {
      "description": "This is a substring search that is case insensitive.", 
      "required": true, 
      "title": "Search string to search for.\n", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Vidm information search request parameters", 
  "type": "object"
}

View (type) 

{
  "additionalProperties": false, 
  "description": "Describes the configuration of a view to be displayed on the dashboard.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "View", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "description": "Title of the widget.", 
      "maxLength": 255, 
      "required": true, 
      "title": "Widget Title", 
      "type": "string"
    }, 
    "exclude_roles": {
      "description": "Comma separated list of roles to which the shared view is not visible. Allows user to prevent the visibility of a shared view to the specified roles. User defined roles can also be specified in the list. The roles can be obtained via GET /api/v1/aaa/roles. Please visit API documentation for details about roles. If include_roles is specified then exclude_roles cannot be specified.", 
      "maxLength": 1024, 
      "title": "Roles to which the shared view is not visible", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "include_roles": {
      "description": "Comma separated list of roles to which the shared view is visible. Allows user to specify the visibility of a shared view to the specified roles. User defined roles can also be specified in the list. The roles can be obtained via GET /api/v1/aaa/roles. Please visit API documentation for details about roles.", 
      "maxLength": 1024, 
      "title": "Roles to which the shared view is visible", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "shared": {
      "default": false, 
      "description": "Defaults to false. Set to true to publish the view to other users. The widgets of a shared view are visible to other users.", 
      "title": "Share the view with other users", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "weight": {
      "default": 10000, 
      "description": "Determines placement of view relative to other views. The lower the weight, the higher it is in the placement order.", 
      "title": "Weightage or placement of the view", 
      "type": "int"
    }, 
    "widgets": {
      "description": "Array of widgets that are part of the view.", 
      "items": {
        "$ref": "WidgetItem
      }, 
      "minItems": 0, 
      "required": true, 
      "title": "Widgets", 
      "type": "array"
    }
  }, 
  "title": "Dashboard View", 
  "type": "object"
}

ViewList (type) 

{
  "additionalProperties": false, 
  "description": "Represents a list of views.", 
  "id": "ViewList", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "views": {
      "description": "Array of views", 
      "items": {
        "$ref": "View
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Array of views", 
      "type": "array"
    }
  }, 
  "title": "List of Views", 
  "type": "object"
}

ViewQueryParameters (type) 

{
  "additionalProperties": false, 
  "id": "ViewQueryParameters", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "tag": {
      "description": "The tag for which associated views to be queried. For tags specified on views, scope is automatically set to 'nsx-dashboard' and hence scope is ignored for searching views based on tag.", 
      "readonly": true, 
      "title": "The tag for which associated views to be queried.", 
      "type": "string"
    }, 
    "view_ids": {
      "description": "Comma separated ids of views to be queried.", 
      "maxLength": 8192, 
      "readonly": true, 
      "title": "Ids of the Views", 
      "type": "string"
    }, 
    "widget_id": {
      "description": "Id of widget to be queried for all the views it is part of.", 
      "maxLength": 255, 
      "readonly": true, 
      "title": "Id of widget configuration", 
      "type": "string"
    }
  }, 
  "title": "Parameters for querying views", 
  "type": "object"
}

VifAttachmentContext (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "AttachmentContext
  }, 
  "id": "VifAttachmentContext", 
  "module_id": "LogicalPort", 
  "nsx_feature": "Container", 
  "polymorphic-type-descriptor": {
    "type-identifier": "VifAttachmentContext"
  }, 
  "properties": {
    "allocate_addresses": {
      "enum": [
        "IpPool", 
        "MacPool", 
        "Both", 
        "None"
      ], 
      "required": false, 
      "title": "A flag to indicate whether to allocate addresses from allocation\n    pools bound to the parent logical switch.\n", 
      "type": "string"
    }, 
    "app_id": {
      "description": "An application ID used to identify / look up a child VIF behind a parent VIF. Only effective when vif_type is CHILD.", 
      "required": false, 
      "title": "ID used to identify/look up a child VIF behind a parent VIF", 
      "type": "string"
    }, 
    "parent_vif_id": {
      "required": false, 
      "title": "VIF ID of the parent VIF if vif_type is CHILD", 
      "type": "string"
    }, 
    "resource_type": {
      "help_summary": "Possible values are 'VifAttachmentContext' or 'L2VpnAttachmentContext'\n", 
      "required": true, 
      "title": "Used to identify which concrete class it is", 
      "type": "string"
    }, 
    "traffic_tag": {
      "description": "Current we use VLAN id as the traffic tag. Only effective when vif_type is CHILD. Each logical port inside a container must have a unique traffic tag. If the traffic_tag is not unique, no error is generated, but traffic will not be delivered to any port with a non-unique tag.", 
      "required": false, 
      "title": "Tag used for the traffic between this VIF and parent VIF", 
      "type": "int"
    }, 
    "transport_node_uuid": {
      "description": "Only effective when vif_type is INDEPENDENT. Each logical port inside a bare metal server or container must have a transport node UUID. We use transport node ID as transport node UUID.", 
      "required": false, 
      "title": "The UUID of the transport node", 
      "type": "string"
    }, 
    "vif_type": {
      "enum": [
        "PARENT", 
        "CHILD", 
        "INDEPENDENT"
      ], 
      "required": true, 
      "title": "Type of the VIF attached to logical port", 
      "type": "string"
    }
  }, 
  "type": "object"
}

VifListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "VifListRequestParameters", 
  "module_id": "Inventory", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "host_id": {
      "required": false, 
      "title": "Id of the host where this vif is located.", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "lport_attachment_id": {
      "required": false, 
      "title": "LPort Attachment Id of the virtual network interface.", 
      "type": "string"
    }, 
    "owner_vm_id": {
      "required": false, 
      "title": "External id of the virtual machine.", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "vm_id": {
      "required": false, 
      "title": "External id of the virtual machine.", 
      "type": "string"
    }
  }, 
  "title": "VirtualNetworkInterface list request parameters.", 
  "type": "object"
}

VifsOnEPListRequestParams (type) 

{
  "additionalProperties": false, 
  "description": "Request parameter for listing VIFs for an enforcement point", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "VifsOnEPListRequestParams", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "lport_attachment_id": {
      "required": false, 
      "title": "LPort attachment ID of the VIF.", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Request parameters for listing VIFs for an enforcement point", 
  "type": "object"
}

VirtualEndpoint (type) 

{
  "additionalProperties": false, 
  "description": "A VirtualEndpoint represents an IP (or nexthop) which is outside SDDC. It represents a redirection target for RedirectionPolicy.", 
  "extends": {
    "$ref": "BaseEndpoint
  }, 
  "id": "VirtualEndpoint", 
  "module_id": "PolicyServiceInsertion", 
  "polymorphic-type-descriptor": {
    "type-identifier": "VirtualEndpoint"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "children": {
      "description": "subtree for this type within policy tree containing nested elements.", 
      "items": {
        "$ref": "ChildPolicyConfigResource
      }, 
      "required": false, 
      "title": "subtree for this type within policy tree", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "marked_for_delete": {
      "default": false, 
      "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", 
      "readonly": true, 
      "required": false, 
      "title": "Indicates whether the intent object is marked for deletion", 
      "type": "boolean"
    }, 
    "parent_path": {
      "description": "Path of its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Path of its parent", 
      "type": "string"
    }, 
    "path": {
      "description": "Absolute path of this object", 
      "readonly": true, 
      "required": false, 
      "title": "Absolute path of this object", 
      "type": "string"
    }, 
    "relative_path": {
      "description": "Path relative from its parent", 
      "readonly": true, 
      "required": false, 
      "title": "Relative path of this object", 
      "type": "string"
    }, 
    "resource_type": {
      "enum": [
        "VirtualEndpoint", 
        "ServiceInstanceEndpoint"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "service_names": {
      "description": "One VirtualEndpoint will be created per service name.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "readonly": false, 
      "required": true, 
      "title": "Services for which this endpoint to be created", 
      "type": "array"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "target_ips": {
      "description": "IPs where either inbound or outbound traffic is to be redirected.", 
      "items": {
        "$ref": "IPInfo
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": true, 
      "title": "IP addresses to redirect the traffic to", 
      "type": "array"
    }
  }, 
  "title": "This endpoint is strictly of the type Virtual", 
  "type": "object"
}

VirtualEndpointListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "VirtualEndpointListResult", 
  "module_id": "PolicyServiceInsertion", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "VirtualEndpoint
      }, 
      "required": true, 
      "title": "All virtual endpoints under a Tier0", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "Collection of vitual endpoints under a Tier0", 
  "type": "object"
}

VirtualMachine (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "VirtualMachine", 
  "module_id": "Inventory", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "compute_ids": {
      "items": {
        "type": "string"
      }, 
      "required": true, 
      "title": "List of external compute ids of the virtual machine in the format 'id-type-key:value' , list of external compute ids ['uuid:xxxx-xxxx-xxxx-xxxx', 'moIdOnHost:moref-11', 'instanceUuid:xxxx-xxxx-xxxx-xxxx']", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "required": true, 
      "title": "Current external id of this virtual machine in the system.", 
      "type": "string"
    }, 
    "guest_info": {
      "$ref": "GuestInfo, 
      "description": "Guest virtual machine details include OS name, computer name of guest VM. Currently this is supported for guests on ESXi that have VMware Tools installed.", 
      "required": false, 
      "title": "Guest virtual machine details"
    }, 
    "host_id": {
      "required": false, 
      "title": "Id of the host in which this virtual machine exists.", 
      "type": "string"
    }, 
    "local_id_on_host": {
      "required": true, 
      "title": "Id of the vm unique within the host.", 
      "type": "string"
    }, 
    "power_state": {
      "enum": [
        "VM_RUNNING", 
        "VM_STOPPED", 
        "VM_SUSPENDED", 
        "UNKNOWN"
      ], 
      "required": true, 
      "title": "Current power state of this virtual machine in the system.", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "source": {
      "$ref": "ResourceReference, 
      "required": false, 
      "title": "Reference of the Host or Public Cloud Gateway that reported the VM"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "type": {
      "enum": [
        "EDGE", 
        "SERVICE", 
        "REGULAR"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Virtual Machine type; Edge, Service VM or other.", 
      "type": "string"
    }
  }, 
  "type": "object"
}

VirtualMachineConfig (type) 

{
  "additionalProperties": false, 
  "description": "Stores the configurations for a virtual machine", 
  "id": "VirtualMachineConfig", 
  "module_id": "CloudVirtualMachineInformation", 
  "properties": {
    "vm_config_properties": {
      "$ref": "VmConfigProperties, 
      "title": "Properties to configure the way NSX manages virtual machine."
    }, 
    "vm_id": {
      "description": "Identifier for virtual machine.", 
      "title": "Instance ID", 
      "type": "string"
    }
  }, 
  "title": "Virtual Machine Configuration", 
  "type": "object"
}

VirtualMachineConfigList (type) 

{
  "additionalProperties": false, 
  "id": "VirtualMachineConfigList", 
  "module_id": "CloudVirtualMachineInformation", 
  "properties": {
    "virtual_machines": {
      "description": "Stores a list of configuration of virtual machines.", 
      "items": {
        "$ref": "VirtualMachineConfig
      }, 
      "title": "Virtual machine configuration list", 
      "type": "array"
    }
  }, 
  "type": "object"
}

VirtualMachineDetails (type) 

{
  "descriptions": "Virtual Machine details. Currently contains user last login sessions for a virtual machine", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "VirtualMachineDetails", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "active_sessions": {
      "description": "List of active (still logged in) user login/session data (no limit).", 
      "items": {
        "$ref": "UserSession
      }, 
      "required": false, 
      "title": "List of active (still logged in) user login/sessions data (no limit)", 
      "type": "array"
    }, 
    "archived_sessions": {
      "description": "Optional list of up to 5 most recent archived (previously logged in) user login/session data.", 
      "items": {
        "$ref": "UserSession
      }, 
      "required": false, 
      "title": "Optional list of archived (previously logged in) user login/session data (maximum 5)", 
      "type": "array"
    }
  }, 
  "title": "Virtual Machine Details", 
  "type": "object"
}

VirtualMachineListRequestParameters (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "VirtualMachineListRequestParameters", 
  "module_id": "Inventory", 
  "properties": {
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "display_name": {
      "required": false, 
      "title": "Display Name of the virtual machine", 
      "type": "string"
    }, 
    "external_id": {
      "required": false, 
      "title": "External id of the virtual machine", 
      "type": "string"
    }, 
    "host_id": {
      "required": false, 
      "title": "Id of the host where this vif is located", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "VirtualMachine list request parameters.", 
  "type": "object"
}

VirtualMachineListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "VirtualMachineListResult", 
  "module_id": "Inventory", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "VirtualMachine
      }, 
      "required": true, 
      "title": "VirtualMachine list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

VirtualMachineTagUpdate (type) 

{
  "additionalProperties": false, 
  "id": "VirtualMachineTagUpdate", 
  "module_id": "Inventory", 
  "properties": {
    "external_id": {
      "required": true, 
      "title": "External id of the virtual machine to which tags are to be applied", 
      "type": "string"
    }, 
    "tags": {
      "help_detail": "The list includes both user defined and system defined tags.", 
      "items": {
        "$ref": "Tag
      }, 
      "required": true, 
      "title": "List of tags to be applied to the virtual machine", 
      "type": "array"
    }
  }, 
  "type": "object"
}

VirtualMachineTagsUpdate (type) 

{
  "additionalProperties": false, 
  "description": "List of tags applied to the virtual machine. Based on the enforcement point, the virtual_machine_id will be different. It could be an external id for NSX T or a moid for NSX V", 
  "id": "VirtualMachineTagsUpdate", 
  "module_id": "PolicyRealizedState", 
  "properties": {
    "tags": {
      "description": "List of tags to be applied on the virtual machine", 
      "help_detail": "The list includes both user defined and system defined tags. The\nexisting tags will be replaced by the ones passed.\n", 
      "items": {
        "$ref": "Tag
      }, 
      "required": true, 
      "title": "List of tags to be applied to the virtual machine", 
      "type": "array"
    }, 
    "virtual_machine_id": {
      "description": "The identifier that is used in the enforcement point that uniquely identifies the virtual machine. In case of NSXT it would be the value of the external_id of the virtual machine.", 
      "required": true, 
      "title": "This is the value of the identifier on the enforcement point that\nuniquely identifies the virtual machine\n", 
      "type": "string"
    }
  }, 
  "title": "Payload to update the tags on a Virtual Machine", 
  "type": "object"
}

VirtualNetworkInterface (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "VirtualNetworkInterface", 
  "module_id": "Inventory", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "device_key": {
      "required": true, 
      "title": "Device key of the virtual network interface.", 
      "type": "string"
    }, 
    "device_name": {
      "required": false, 
      "title": "Device name of the virtual network interface.", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "required": true, 
      "title": "External Id of the virtual network inferface.", 
      "type": "string"
    }, 
    "host_id": {
      "required": true, 
      "title": "Id of the host on which the vm exists.", 
      "type": "string"
    }, 
    "ip_address_info": {
      "items": {
        "$ref": "IpAddressInfo
      }, 
      "required": false, 
      "title": "IP Addresses of the the virtual network interface, from various sources.", 
      "type": "array"
    }, 
    "lport_attachment_id": {
      "required": false, 
      "title": "LPort Attachment Id of the virtual network interface.", 
      "type": "string"
    }, 
    "mac_address": {
      "required": true, 
      "title": "MAC address of the virtual network interface.", 
      "type": "string"
    }, 
    "owner_vm_id": {
      "required": true, 
      "title": "Id of the vm to which this virtual network interface belongs.", 
      "type": "string"
    }, 
    "owner_vm_type": {
      "enum": [
        "EDGE", 
        "SERVICE", 
        "REGULAR"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Owner virtual machine type; Edge, Service VM or other.", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "vm_local_id_on_host": {
      "required": true, 
      "title": "Id of the vm unique within the host.", 
      "type": "string"
    }
  }, 
  "type": "object"
}

VirtualNetworkInterfaceListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "VirtualNetworkInterfaceListResult", 
  "module_id": "Inventory", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "VirtualNetworkInterface
      }, 
      "required": true, 
      "title": "VirtualNetworkInterface list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

VirtualPrivateCloudConfig (type) 

{
  "additionalProperties": false, 
  "description": "Stores configuration of the virtual private cloud managed using a transit virtual private cloud.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "VirtualPrivateCloudConfig", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "cloud_fallback_security_group_id": {
      "description": "Id of security group where the VMs should be moved after last gateway undeployed. This field is required only when default_quarantine_policy_enabled field is set to false.", 
      "title": "Id of Cloud Security Group", 
      "type": "string"
    }, 
    "default_quarantine_policy_enabled": {
      "default": false, 
      "description": "Flag to convey if virtual machines belonging to the compute virtual private cloud should be quarantined or not.", 
      "title": "Flag to Identify if Default Quarantine Policy is Enabled", 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "managed_without_agents": {
      "default": false, 
      "description": "This flag determines if this compute virtual private cloud is managed with or without NSX agents.", 
      "required": false, 
      "title": "Managed Without NSX Agents", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Virtual Private Cloud Config", 
  "type": "object"
}

VirtualPrivateCloudInfo (type) 

{
  "additionalProperties": false, 
  "description": "Stores the array of account IDs and virtual private cloud ID related to the cloud account.", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "VirtualPrivateCloudInfo", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "associated_account_ids": {
      "description": "Cloud account ID related to the virtual private cloud.", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Array of Cloud Account IDs", 
      "type": "array"
    }, 
    "virtual_private_cloud_id": {
      "description": "Virtual private cloud ID of the corresponding cloud.", 
      "readonly": true, 
      "required": true, 
      "title": "Virtual Private Cloud ID", 
      "type": "string"
    }, 
    "virtual_private_cloud_name": {
      "description": "Virtual private cloud name of the corresponding cloud.", 
      "readonly": true, 
      "required": true, 
      "title": "Virtual Private Cloud name", 
      "type": "string"
    }
  }, 
  "title": "Virtual Private Cloud Information", 
  "type": "object"
}

VirtualPrivateCloudStatus (type) 

{
  "additionalProperties": false, 
  "description": "Stores the information related to onboard and offboard status of virtual private cloud.", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "VirtualPrivateCloudStatus", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "error_code": {
      "description": "Error code related to virtual private cloud Onboard/Offboard failure.", 
      "readonly": true, 
      "required": false, 
      "title": "Error Code", 
      "type": "integer"
    }, 
    "error_message": {
      "description": "Error message related to virtual private cloud Onboard/Offboard failure.", 
      "readonly": true, 
      "required": false, 
      "title": "Error Message", 
      "type": "string"
    }, 
    "offboard_step": {
      "description": "Stores the different states of virtual private cloud while offboarding from a transit virtual private cloud.", 
      "enum": [
        "UNCONFIGURING_GATEWAY", 
        "DELETING_SECURITY_GROUPS", 
        "OFFBOARD_SUCCESSFUL", 
        "OFFBOARD_FAILED", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "States of Virtual Private Cloud While OffBoard", 
      "type": "string"
    }, 
    "onboard_step": {
      "description": "Stores the different states of virtual private cloud while onboarding using a transit virtual private cloud.", 
      "enum": [
        "VALIDATING_ENVIRONMENT", 
        "CREATING_SECURITY_GROUPS", 
        "CONFIGURING_GATEWAY", 
        "ONBOARD_SUCCESSFUL", 
        "ONBOARD_FAILED", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "States of Virtual Private Cloud While Onboard", 
      "type": "string"
    }, 
    "status": {
      "description": "Indicates the status of a virtual private cloud. UP: virtual private cloud is NSX managed. DOWN: virtual private cloud is NSX managed with errors. ONBOARDING: virtual private cloud is in the process of   onboarding using a transit virtual private cloud. OFFBOARDING: virtual private cloud is in the process of    offboarding from a transit virtual private cloud. NOT_APPLICABLE: virtual private cloud is NSX unmanaged.", 
      "enum": [
        "UP", 
        "DOWN", 
        "ONBOARDING", 
        "OFFBOARDING", 
        "NOT_APPLICABLE"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Virtual Private Cloud Status", 
      "type": "string"
    }, 
    "virtual_private_cloud_name": {
      "description": "Name of the transit virtual private cloud.", 
      "readonly": true, 
      "title": "Virtual Private Cloud Name", 
      "type": "string"
    }
  }, 
  "title": "Virtual Private Cloud Status", 
  "type": "object"
}

VirtualServerIpProtocol (type) 

{
  "additionalProperties": false, 
  "description": "Assigned Internet protocol in IP header, TCP and UDP are supported.", 
  "enum": [
    "TCP", 
    "UDP"
  ], 
  "id": "VirtualServerIpProtocol", 
  "module_id": "LoadBalancer", 
  "title": "IP protocol of virtual server", 
  "type": "string"
}

VirtualServiceInstance (type) 

{
  "description": "VirtualServiceInstance is a custom instance to be used when NSX is not handling the lifecycles of appliance/s and the user is not bringing their own appliance (BYOD).", 
  "extends": {
    "$ref": "BaseServiceInstance
  }, 
  "id": "VirtualServiceInstance", 
  "module_id": "ServiceInsertionCommonTypes", 
  "polymorphic-type-descriptor": {
    "type-identifier": "VirtualServiceInstance"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "on_failure_policy": {
      "description": "Failure policy of the service instance - if it has to be different from the service. By default the service instance inherits the FailurePolicy of the service it belongs to.", 
      "enum": [
        "ALLOW", 
        "BLOCK"
      ], 
      "required": false, 
      "title": "On Failure Policy", 
      "type": "string"
    }, 
    "resource_type": {
      "$ref": "ServiceInstanceResourceType, 
      "required": true
    }, 
    "service_id": {
      "description": "The Service to which the service instance is associated.", 
      "readonly": true, 
      "required": false, 
      "title": "Service Id", 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "transport_type": {
      "description": "Transport to be used by this service instance for deploying the Service-VM. This field is to be set Not Applicable(NA) if the service only caters to functionality EPP(Endpoint Protection).", 
      "enum": [
        "L2_BRIDGE", 
        "L3_ROUTED", 
        "NSH", 
        "NA"
      ], 
      "readonly": false, 
      "required": true, 
      "title": "Transport Type", 
      "type": "string"
    }
  }, 
  "title": "Custom Instance of a service", 
  "type": "object"
}

VlanID (type) 

{
  "id": "VlanID", 
  "maximum": 4094, 
  "minimum": 0, 
  "module_id": "Types", 
  "title": "Virtual Local Area Network Identifier", 
  "type": "integer"
}

VlanMirrorSource (type) 

{
  "extends": {
    "$ref": "MirrorSource
  }, 
  "id": "VlanMirrorSource", 
  "module_id": "PortMirroring", 
  "polymorphic-type-descriptor": {
    "type-identifier": "VlanMirrorSource"
  }, 
  "properties": {
    "resource_type": {
      "$ref": "MirrorSourceResourceType, 
      "help_summary": "Possible values are 'LogicalPortMirrorSource', 'PnicMirrorSource'", 
      "required": true
    }, 
    "vlan_ids": {
      "items": {
        "$ref": "VlanID
      }, 
      "minItems": 1, 
      "required": true, 
      "title": "Source VLAN ID list", 
      "type": "array"
    }
  }, 
  "type": "object"
}

VlanMtuHealthCheckResultStatus (type) 

{
  "description": "Status of VLAN-MTU health check result; TRUNKED - all specified VLAN IDs are allowed by VLAN and MTU settings; UNTRUNKED - some/all specified VLAN IDs may be disallowed by VLAN or MTU settings; UNKNOWN - some/all health check result are unknown due to infrastructure issues.", 
  "enum": [
    "TRUNKED", 
    "UNTRUNKED", 
    "UNKNOWN"
  ], 
  "id": "VlanMtuHealthCheckResultStatus", 
  "module_id": "HealthCheck", 
  "title": "VLAN-MTU Health Check Result Status", 
  "type": "string"
}

VlanTrunkSpec (type) 

{
  "description": "VlanTrunkspec is used for specifying trunk VLAN id ranges.", 
  "id": "VlanTrunkSpec", 
  "module_id": "LogicalSwitch", 
  "properties": {
    "vlan_ranges": {
      "items": {
        "$ref": "TrunkVlanRange
      }, 
      "required": true, 
      "title": "Trunk VLAN id ranges", 
      "type": "array"
    }
  }, 
  "title": "VLAN trunk range specification", 
  "type": "object"
}

VmConfigError (type) 

{
  "description": "Error in realising vm config property.", 
  "id": "VmConfigError", 
  "module_id": "CloudVirtualMachineInformation", 
  "properties": {
    "error_code": {
      "readonly": true, 
      "required": false, 
      "title": "Error code for vm config operation failure", 
      "type": "integer"
    }, 
    "error_message": {
      "readonly": true, 
      "required": false, 
      "title": "Error message for vm config operation failure", 
      "type": "string"
    }
  }, 
  "title": "Error in realising vm config property", 
  "type": "object"
}

VmConfigProperties (type) 

{
  "additionalProperties": false, 
  "description": "Properties to configure the way NSX manages virtual machine.", 
  "id": "VmConfigProperties", 
  "module_id": "CloudVirtualMachineInformation", 
  "properties": {
    "whitelisted": {
      "description": "Setting this flag to true means NSX will not consider this virtual machine while performing quarantine operation.", 
      "required": true, 
      "title": "Flag to identify if this VM is whitelisted or not.", 
      "type": "boolean"
    }
  }, 
  "title": "User configurable properties", 
  "type": "object"
}

VmConfigStatus (type) 

{
  "additionalProperties": false, 
  "description": "Status for user configurable properties.", 
  "id": "VmConfigStatus", 
  "module_id": "CloudVirtualMachineInformation", 
  "properties": {
    "whitelist": {
      "$ref": "WhitelistingStatus, 
      "readonly": true, 
      "required": false, 
      "title": "Status for whitelisting operation."
    }
  }, 
  "title": "Status for user configurable properties", 
  "type": "object"
}

VmNicInfo (type) 

{
  "description": "Contains a set of information of a VM on the network interfaces present on the partner appliance that needs to be configured by the NSX Manager.", 
  "id": "VmNicInfo", 
  "module_id": "ServiceInsertionCommonTypes", 
  "properties": {
    "nic_infos": {
      "description": "Set of information of a VM on the network interfaces present on the partner appliance that needs to be configured by the NSX Manager.", 
      "items": {
        "$ref": "NicInfo
      }, 
      "readonly": false, 
      "required": true, 
      "title": "Set of NIC information of a VM", 
      "type": "array"
    }
  }, 
  "title": "Set of NIC information of a VM", 
  "type": "object"
}

VmToolsInfo (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "DiscoveredResource
  }, 
  "id": "VmToolsInfo", 
  "module_id": "VmToolsInfo", 
  "properties": {
    "_last_sync_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "external_id": {
      "description": "Current external id of this virtual machine in the system.", 
      "readonly": true, 
      "required": false, 
      "title": "VM external ID", 
      "type": "string"
    }, 
    "file_agent_version": {
      "description": "Version of file agent on the VM of a third party partner solution.", 
      "readonly": true, 
      "required": false, 
      "title": "File agent version on the VM", 
      "type": "string"
    }, 
    "host_local_id": {
      "description": "Id of the VM which is assigned locally by the host. It is the VM-moref on ESXi hosts, in other environments it is VM UUID.", 
      "readonly": true, 
      "required": false, 
      "title": "VM ID given by the host", 
      "type": "string"
    }, 
    "network_agent_version": {
      "description": "Version of network agent on the VM of a third party partner solution.", 
      "readonly": true, 
      "required": false, 
      "title": "Network agent version on the VM", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "required": true, 
      "type": "string"
    }, 
    "source": {
      "$ref": "ResourceReference, 
      "readonly": true, 
      "required": false, 
      "title": "Reference of the Host or Public Cloud Gateway that reported the VM."
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tools_version": {
      "description": "Version of VMTools installed on the VM.", 
      "readonly": true, 
      "required": false, 
      "title": "VM tools version on the VM", 
      "type": "string"
    }, 
    "vm_type": {
      "description": "Type of VM - Edge, Service or other.", 
      "enum": [
        "EDGE", 
        "SERVICE", 
        "REGULAR"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "Virtual Machine type", 
      "type": "string"
    }
  }, 
  "type": "object"
}

VmToolsInfoListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "VmToolsInfoListResult", 
  "module_id": "VmToolsInfo", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "VmToolsInfo
      }, 
      "required": true, 
      "title": "VmToolsInfo list results.", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

VmkToLogicalSwitchMapping (type) (Deprecated) 

{
  "additionalProperties": false, 
  "deprecated": true, 
  "description": "Note- transport node templates APIs are deprecated and user is recommended to use transport node profiles APIs instead.", 
  "id": "VmkToLogicalSwitchMapping", 
  "module_id": "TransportNode", 
  "nsx_feature": "HostProfileSupport", 
  "properties": {
    "dest_network_id": {
      "description": "Only VLAN type of logical switch can be specified here, as migration operation is only supported for these types.", 
      "required": true, 
      "title": "The ID of the NSX logical switch to which source vmkernal interface needs to be migrated to.", 
      "type": "string"
    }, 
    "src_interface_id": {
      "required": true, 
      "title": "The ID (for example, vmk0) of the vmkernal interface on ESX to migrate.", 
      "type": "string"
    }
  }, 
  "title": "Holds VMkernal to logical switch mapping. This will be used for network migration.", 
  "type": "object"
}

VmknicNetwork (type) 

{
  "description": "Mapping of all vmk interfaces to destination networks", 
  "id": "VmknicNetwork", 
  "module_id": "TransportNode", 
  "properties": {
    "destination_network": {
      "description": "When migrating vmks to N-VDS/logical switches, the id is the logical switch id. When migrating out of N-VDS/logical switches, the id is the vSphere Switch portgroup name in a single vSphere Standard Switch (VSS), or distributed virtual portgroup name in a single distributed virtual switch (DVS).", 
      "readonly": false, 
      "required": true, 
      "title": "The network id to which the ESX vmk interface will be migrated.", 
      "type": "string"
    }, 
    "device_name": {
      "description": "The vmk interface name, e.g., vmk0, vmk1; the id assigned by vCenter.", 
      "readonly": false, 
      "required": true, 
      "title": "ESX vmk interface name", 
      "type": "string"
    }
  }, 
  "title": "Vmknic network specification", 
  "type": "object"
}

VnetStats (type) 

{
  "additionalProperties": false, 
  "description": "Stores statistics of the number of MANAGED and UNMANAGED virtual networks.", 
  "id": "VnetStats", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "error": {
      "description": "The number of VNets with status NSX_GATEWAY_ERROR and NSX_COMPUTE_ERROR.", 
      "readonly": true, 
      "required": false, 
      "title": "Erroneous virtual networks", 
      "type": "integer"
    }, 
    "managed": {
      "description": "The number of virtual networks with status NSX_MANAGED.", 
      "readonly": true, 
      "required": false, 
      "title": "Managed virtual networks", 
      "type": "integer"
    }, 
    "unmanaged": {
      "description": "The number of vitual networks with status NSX_UNMANAGED.", 
      "readonly": true, 
      "required": false, 
      "title": "Unmanaged virtual networks", 
      "type": "integer"
    }
  }, 
  "title": "Virtual Network statistics", 
  "type": "object"
}

VniPool (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "VniPool", 
  "module_id": "Vnim", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ranges": {
      "items": {
        "$ref": "VniRange
      }, 
      "required": true, 
      "title": "VNI range list results", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

VniPoolListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "VniPoolListResult", 
  "module_id": "Vnim", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "VniPool
      }, 
      "required": true, 
      "title": "VNI pool list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

VniRange (type) 

{
  "additionalProperties": false, 
  "description": "A range of virtual network identifiers (VNIs)", 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "VniRange", 
  "module_id": "Vnim", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "end": {
      "description": "End value for vni range to be used for virtual networks", 
      "maximum": 16777215, 
      "minimum": 5000, 
      "readonly": false, 
      "required": true, 
      "title": "End value of vni range", 
      "type": "integer"
    }, 
    "start": {
      "description": "Start value for vni range to be used for virtual networks", 
      "maximum": 16777215, 
      "minimum": 5000, 
      "readonly": false, 
      "required": true, 
      "title": "Start value of vni range", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

VpcStats (type) 

{
  "additionalProperties": false, 
  "description": "Stores statistics of the number of MANAGED and UNMANAGED VPCs.", 
  "id": "VpcStats", 
  "module_id": "CloudServiceManager", 
  "properties": {
    "error": {
      "description": "The number of VPCs with status NSX_GATEWAY_ERROR and NSX_COMPUTE_ERROR.", 
      "readonly": true, 
      "required": false, 
      "title": "Erroneous VPCs", 
      "type": "integer"
    }, 
    "managed": {
      "description": "The number of VPCs with status NSX_MANAGED.", 
      "readonly": true, 
      "required": false, 
      "title": "Managed VPCs", 
      "type": "integer"
    }, 
    "unmanaged": {
      "description": "The number of VPCs with status NSX_UNMANAGED.", 
      "readonly": true, 
      "required": false, 
      "title": "Unmanaged VPCs", 
      "type": "integer"
    }
  }, 
  "title": "VPC statistics", 
  "type": "object"
}

VpnRoutingTableState (type) 

{
  "description": "State of a public cloud routing table from VPN point of view", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "VpnRoutingTableState", 
  "module_id": "VpnCloudRoutingTables", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "account_id": {
      "required": true, 
      "title": "Identifier for account based on which routing tables are to be filtered", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "description": "The identifier of the public cloud routing table", 
      "required": true, 
      "title": "Public Cloud Routing Table Identifier", 
      "type": "string"
    }, 
    "managed_for_vpn": {
      "description": "Flag to identify whether the routing table is actually managed by NSX for VPN", 
      "required": true, 
      "title": "NSX Managed Routing Table", 
      "type": "boolean"
    }, 
    "network_id": {
      "required": true, 
      "title": "Identifier for a network based on which the list are to be filtered\n", 
      "type": "string"
    }, 
    "reason_for_not_managed": {
      "description": "Reason why a routing table is not being managed for VPN", 
      "enum": [
        "RT_CONTAINS_MGMT_SUBNET", 
        "RT_CONTAINS_UPLINK_SUBNET", 
        "RT_CONTAINS_MGMT_UPLINK_SUBNET", 
        "NONSELECTED"
      ], 
      "required": false, 
      "title": "Unmanaged Table Reason", 
      "type": "string"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "title": "Public Cloud Routing Table State", 
  "type": "object"
}

VpnRoutingTableStateListResult (type) 

{
  "description": "List of public cloud routing tables and their state. It contains the state information relevant for VPN.", 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "VpnRoutingTableStateListResult", 
  "module_id": "VpnCloudRoutingTables", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "description": "Set of public cloud routing tables and their state", 
      "items": {
        "$ref": "VpnRoutingTableState
      }, 
      "required": true, 
      "title": "Public Cloud Routing State Tables", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "title": "List of Public Cloud Routing State", 
  "type": "object"
}

VpnRoutingTablesStateListRequestParameters (type) 

{
  "additionalProperties": false, 
  "description": "These parameters can be used to filter the list of routing table states. Multiple parameters can be given as input. Different parameters are implicitly 'AND'ed.", 
  "extends": {
    "$ref": "ListRequestParameters
  }, 
  "id": "VpnRoutingTablesStateListRequestParameters", 
  "module_id": "VpnCloudRoutingTables", 
  "properties": {
    "account_id": {
      "required": false, 
      "title": "Identifier for account based on which routing tables are to be filtered", 
      "type": "string"
    }, 
    "cursor": {
      "readonly": false, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "included_fields": {
      "title": "Comma separated list of fields that should be included in query result", 
      "type": "string"
    }, 
    "managed_for_vpn": {
      "required": false, 
      "title": "Flag to identify whether the routing table is actually managed by NSX for VPN", 
      "type": "boolean"
    }, 
    "network_id": {
      "required": false, 
      "title": "Identifier for a network based on which the list is to be filtered\n", 
      "type": "string"
    }, 
    "page_size": {
      "default": 1000, 
      "maximum": 1000, 
      "minimum": 0, 
      "title": "Maximum number of results to return in this page (server may return fewer)", 
      "type": "integer"
    }, 
    "reason_for_not_managed": {
      "enum": [
        "RT_CONTAINS_MGMT_SUBNET", 
        "RT_CONTAINS_UPLINK_SUBNET", 
        "RT_CONTAINS_MGMT_UPLINK_SUBNET", 
        "NONSELECTED"
      ], 
      "required": false, 
      "title": "Reason why a routing table is not being managed for VPN", 
      "type": "string"
    }, 
    "sort_ascending": {
      "type": "boolean"
    }, 
    "sort_by": {
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

VsphereClusterNodeVMDeploymentConfig (type) 

{
  "description": "The Vsphere deployment configuration determines where to deploy the cluster node VM through a vCenter server. It contains settings that are applied during install time. If using DHCP, the following fields must be left unset - dns_servers, management_port_subnets, and default_gateway_addresses", 
  "extends": {
    "$ref": "ClusterNodeVMDeploymentConfig
  }, 
  "id": "VsphereClusterNodeVMDeploymentConfig", 
  "module_id": "ClusterNodeVMDeployment", 
  "polymorphic-type-descriptor": {
    "type-identifier": "VsphereClusterNodeVMDeploymentConfig"
  }, 
  "properties": {
    "allow_ssh_root_login": {
      "default": false, 
      "description": "If true, the root user will be allowed to log into the VM. Allowing root SSH logins is not recommended for security reasons.", 
      "required": false, 
      "title": "Allow root SSH logins", 
      "type": "boolean"
    }, 
    "compute_id": {
      "description": "The cluster node VM will be deployed on the specified cluster or resourcepool for specified VC server.", 
      "required": true, 
      "title": "Cluster identifier or resourcepool identifier", 
      "type": "string"
    }, 
    "default_gateway_addresses": {
      "description": "The default gateway for the VM to be deployed must be specified if all the other VMs it communicates with are not in the same subnet. Do not specify this field and management_port_subnets to use DHCP. Note: only single IPv4 default gateway address is supported and it must belong to management network. IMPORTANT: VMs deployed using DHCP are currently not supported, so this parameter should be specified.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": false, 
      "title": "Default gateway for the VM", 
      "type": "array"
    }, 
    "dns_servers": {
      "description": "List of DNS servers. If DHCP is used, the default DNS servers associated with the DHCP server will be used instead. Required if using static IP.", 
      "items": {
        "$ref": "IPv4Address
      }, 
      "minItems": 1, 
      "required": false, 
      "title": "DNS servers", 
      "type": "array"
    }, 
    "enable_ssh": {
      "default": false, 
      "description": "If true, the SSH service will automatically be started on the VM. Enabling SSH service is not recommended for security reasons.", 
      "required": false, 
      "title": "Enable SSH", 
      "type": "boolean"
    }, 
    "host_id": {
      "description": "The cluster node VM will be deployed on the specified host in the specified VC server within the cluster if host_id is specified. Note: User must ensure that storage and specified networks are accessible by this host.", 
      "required": false, 
      "title": "Host identifier", 
      "type": "string"
    }, 
    "hostname": {
      "description": "Desired host name/FQDN for the VM to be deployed", 
      "pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*?$", 
      "required": true, 
      "title": "Host name or FQDN for the VM", 
      "type": "string"
    }, 
    "management_network_id": {
      "description": "Distributed portgroup identifier to which the management vnic of cluster node VM will be connected.", 
      "required": true, 
      "title": "Portgroup identifier for management network connectivity", 
      "type": "string"
    }, 
    "management_port_subnets": {
      "description": "IP Address and subnet configuration for the management port. Do not specify this field and default_gateway_addresses to use DHCP. Note: only one IPv4 address is supported for the management port. IMPORTANT: VMs deployed using DHCP are currently not supported, so this parameter should be specified.", 
      "items": {
        "$ref": "IPSubnet
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": false, 
      "title": "Port subnets for management port", 
      "type": "array"
    }, 
    "ntp_servers": {
      "description": "List of NTP servers. To use hostnames, a DNS server must be defined. If not using DHCP, a DNS server should be specified under dns_servers.", 
      "items": {
        "$ref": "HostnameOrIPv4Address
      }, 
      "required": false, 
      "title": "NTP servers", 
      "type": "array"
    }, 
    "placement_type": {
      "description": "Specifies the config for the platform through which to deploy the VM", 
      "enum": [
        "VsphereClusterNodeVMDeploymentConfig"
      ], 
      "required": true, 
      "title": "Type of deployment", 
      "type": "string"
    }, 
    "search_domains": {
      "description": "List of domain names that are used to complete unqualified host names.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "DNS search domain names", 
      "type": "array"
    }, 
    "storage_id": {
      "description": "The cluster node VM will be deployed on the specified datastore in the specified VC server. User must ensure that storage is accessible by the specified cluster/host.", 
      "required": true, 
      "title": "Storage/datastore identifier", 
      "type": "string"
    }, 
    "vc_id": {
      "description": "The VC-specific identifiers will be resolved on this VC, so all other identifiers specified in the config must belong to this vCenter server.", 
      "required": true, 
      "title": "Vsphere compute identifier for identifying VC server", 
      "type": "string"
    }
  }, 
  "title": "Deployment config on the Vsphere platform", 
  "type": "object"
}

VsphereDeploymentConfig (type) 

{
  "additionalProperties": false, 
  "description": "The Vsphere deployment configuration determines where to deploy the edge node. It contains settings that are applied during install time. If using DHCP, you must leave the following fields unset: search_domains, management_port_subnets, dns_servers and default_gateway_addresses. Use EdgeNodeSettings to specify host name, SSH, NTP and DNS settings for both deployment and consequent update. These settings are editable for manually deployed edge nodes as well. EdgeNodeSettings reports current values configured on the edge node. The following fields are deprecated Hostname, SSH, NTP and DNS settings.", 
  "extends": {
    "$ref": "DeploymentConfig
  }, 
  "id": "VsphereDeploymentConfig", 
  "module_id": "FabricNode", 
  "polymorphic-type-descriptor": {
    "type-identifier": "VsphereDeploymentConfig"
  }, 
  "properties": {
    "allow_ssh_root_login": {
      "default": false, 
      "deprecated": true, 
      "description": "Allowing root SSH logins is not recommended for security reasons. This field is deprecated. Use allow_ssh_root_login property in EdgeNodeSettings section when creating transport nodes.", 
      "required": false, 
      "title": "Allow root SSH logins.", 
      "type": "boolean"
    }, 
    "compute_id": {
      "description": "The edge node vm will be deployed on the specified cluster or resourcepool. Note - all the hosts must have nsx fabric prepared in the specified cluster.", 
      "required": true, 
      "title": "Cluster identifier or resourcepool identifier for specified vcenter server.", 
      "type": "string"
    }, 
    "data_network_ids": {
      "description": "List of distributed portgroup or VLAN logical identifiers to which the datapath serving vnics of edge node vm will be connected.", 
      "items": {
        "type": "string"
      }, 
      "maxItems": 3, 
      "minItems": 1, 
      "required": true, 
      "title": "Portgroup or logical switch identifiers for datapath connectivity.", 
      "type": "array"
    }, 
    "default_gateway_addresses": {
      "description": "The default gateway for edge node must be specified if all the nodes it communicates with are not in the same subnet. Note: Only single IPv4 default gateway address is supported and it must belong to management network.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": false, 
      "title": "Default gateway for the node.", 
      "type": "array"
    }, 
    "dns_servers": {
      "deprecated": true, 
      "description": "List of DNS servers. This field is deprecated. Use dns_servers property in EdgeNodeSettings section when creating or updating transport nodes.", 
      "items": {
        "$ref": "IPAddress
      }, 
      "required": false, 
      "title": "DNS servers.", 
      "type": "array"
    }, 
    "enable_ssh": {
      "default": false, 
      "deprecated": true, 
      "description": "Enabling SSH service is not recommended for security reasons. This field is deprecated. Use enable_ssh property in EdgeNodeSettings section when creating or updating transport nodes.", 
      "required": false, 
      "title": "Enable SSH.", 
      "type": "boolean"
    }, 
    "host_id": {
      "description": "The edge node vm will be deployed on the specified Host within the cluster if host_id is specified. Note - User must ensure that storage and specified networks are accessible by this host.", 
      "required": false, 
      "title": "Host identifier in the specified vcenter server.", 
      "type": "string"
    }, 
    "hostname": {
      "deprecated": true, 
      "pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*?$", 
      "required": false, 
      "title": "Host name or FQDN for edge node.", 
      "type": "string"
    }, 
    "management_network_id": {
      "description": "Distributed portgroup identifier to which the management vnic of edge node vm will be connected. This portgroup must have connectivity with MP and CCP. A VLAN logical switch identifier may also be specified.", 
      "required": true, 
      "title": "Portgroup or logical switch identifier for management network connectivity.", 
      "type": "string"
    }, 
    "management_port_subnets": {
      "description": "IP Address and subnet configuration for the management port. Note: only one IPv4 address is supported for the management port.", 
      "items": {
        "$ref": "IPSubnet
      }, 
      "maxItems": 1, 
      "minItems": 1, 
      "required": false, 
      "title": "Port subnets for management port. Only one IPv4 Address is supported.", 
      "type": "array"
    }, 
    "ntp_servers": {
      "deprecated": true, 
      "description": "List of NTP servers. This field is deprecated. Use ntp_servers property in EdgeNodeSettings section when creating or updating transport nodes.", 
      "items": {
        "$ref": "HostnameOrIPv4Address
      }, 
      "required": false, 
      "title": "NTP servers.", 
      "type": "array"
    }, 
    "placement_type": {
      "enum": [
        "VsphereDeploymentConfig"
      ], 
      "required": true, 
      "type": "string"
    }, 
    "search_domains": {
      "deprecated": true, 
      "description": "List of domain names that are used to complete unqualified host names. This field is deprecated. Use search_domains property in EdgeNodeSettings section when creating or updating transport nodes.", 
      "items": {
        "type": "string"
      }, 
      "required": false, 
      "title": "Search domain names.", 
      "type": "array"
    }, 
    "storage_id": {
      "description": "The edge node vm will be deployed on the specified datastore. User must ensure that storage is accessible by the specified cluster/host.", 
      "required": true, 
      "title": "Storage/datastore identifier in the specified vcenter server.", 
      "type": "string"
    }, 
    "vc_id": {
      "description": "The vc specific identifiers will be resolved on this VC. So all other identifiers specified here must belong to this vcenter server.", 
      "required": true, 
      "title": "Vsphere compute identifier for identifying the vcenter server.", 
      "type": "string"
    }
  }, 
  "type": "object"
}

VtepCsvListResult (type) 

{
  "extends": {
    "$ref": "CsvListResult
  }, 
  "id": "VtepCsvListResult", 
  "module_id": "AggSvcLogicalSwitch", 
  "properties": {
    "file_name": {
      "description": "File name set by HTTP server if API  returns CSV result as a file.", 
      "required": false, 
      "title": "File name", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "results": {
      "items": {
        "$ref": "VtepTableCsvRecord
      }, 
      "required": false, 
      "type": "array"
    }
  }, 
  "type": "object"
}

VtepLabelPool (type) 

{
  "additionalProperties": false, 
  "description": "A collection of ranges of virtual tunnel endpoint labels", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "VtepLabelPool", 
  "module_id": "VtepLabel", 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "pool_usage": {
      "$ref": "VtepLabelPoolUsage, 
      "readonly": true, 
      "title": "Pool usage statistics"
    }, 
    "ranges": {
      "items": {
        "$ref": "VtepLabelRange
      }, 
      "required": true, 
      "title": "Array of ranges for virtual tunnel endpoint labels", 
      "type": "array"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }
  }, 
  "type": "object"
}

VtepLabelPoolListResult (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "VtepLabelPoolListResult", 
  "module_id": "VtepLabel", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "VtepLabelPool
      }, 
      "required": true, 
      "title": "Virtual tunnel endpoint label pool list results", 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }
  }, 
  "type": "object"
}

VtepLabelPoolUsage (type) 

{
  "additionalProperties": false, 
  "description": "Pool usage statistics in a pool", 
  "id": "VtepLabelPoolUsage", 
  "module_id": "VtepLabel", 
  "properties": {
    "allocated_ids": {
      "readonly": true, 
      "title": "Total number of allocated IDs in a pool", 
      "type": "integer"
    }, 
    "free_ids": {
      "readonly": true, 
      "title": "Total number of free IDs in a pool", 
      "type": "integer"
    }, 
    "total_ids": {
      "readonly": true, 
      "title": "Total number of IDs in a pool", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

VtepLabelRange (type) 

{
  "additionalProperties": false, 
  "extends": {
    "$ref": "Resource
  }, 
  "id": "VtepLabelRange", 
  "module_id": "VtepLabel", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "end": {
      "description": "End value for virtual tunnel endpoint label range", 
      "maximum": 131071, 
      "minimum": 1, 
      "readonly": false, 
      "required": true, 
      "title": "Virtual tunnel endpoint label range end", 
      "type": "integer"
    }, 
    "start": {
      "description": "Start value for virtual tunnel endpoint label range", 
      "maximum": 131071, 
      "minimum": 1, 
      "readonly": false, 
      "required": true, 
      "title": "Virtual tunnel endpoint label range start", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

VtepListResult (type) 

{
  "extends": {
    "$ref": "ListResult
  }, 
  "id": "VtepListResult", 
  "module_id": "AggSvcLogicalSwitch", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "cursor": {
      "readonly": true, 
      "title": "Opaque cursor to be used for getting next page of records (supplied by current result page)", 
      "type": "string"
    }, 
    "last_update_timestamp": {
      "$ref": "EpochMsTimestamp, 
      "description": "Timestamp when the data was last updated; unset if data source has never updated the data.", 
      "readonly": true
    }, 
    "logical_switch_id": {
      "readonly": true, 
      "required": true, 
      "title": "The id of the logical Switch", 
      "type": "string"
    }, 
    "result_count": {
      "readonly": true, 
      "title": "Count of results found (across all pages), set only on first page", 
      "type": "integer"
    }, 
    "results": {
      "items": {
        "$ref": "VtepTableEntry
      }, 
      "required": false, 
      "type": "array"
    }, 
    "sort_ascending": {
      "readonly": true, 
      "title": "If true, results are sorted in ascending order", 
      "type": "boolean"
    }, 
    "sort_by": {
      "readonly": true, 
      "title": "Field by which records are sorted", 
      "type": "string"
    }, 
    "transport_node_id": {
      "readonly": true, 
      "required": false, 
      "title": "Transport node identifier", 
      "type": "string"
    }
  }, 
  "type": "object"
}

VtepTableCsvRecord (type) 

{
  "extends": {
    "$ref": "CsvRecord
  }, 
  "id": "VtepTableCsvRecord", 
  "module_id": "AggSvcLogicalSwitch", 
  "properties": {
    "segment_id": {
      "required": false, 
      "title": "The segment Id", 
      "type": "string"
    }, 
    "vtep_ip": {
      "$ref": "IPAddress, 
      "required": false, 
      "title": "The virtual tunnel endpoint IP address"
    }, 
    "vtep_label": {
      "required": true, 
      "title": "The virtual tunnel endpoint label", 
      "type": "integer"
    }, 
    "vtep_mac_address": {
      "required": true, 
      "title": "The virtual tunnel endpoint MAC address", 
      "type": "string"
    }
  }, 
  "type": "object"
}

VtepTableEntry (type) 

{
  "id": "VtepTableEntry", 
  "module_id": "AggSvcLogicalSwitch", 
  "properties": {
    "segment_id": {
      "required": false, 
      "title": "The segment Id", 
      "type": "string"
    }, 
    "vtep_ip": {
      "$ref": "IPAddress, 
      "required": false, 
      "title": "The virtual tunnel endpoint IP address"
    }, 
    "vtep_label": {
      "required": false, 
      "title": "The virtual tunnel endpoint label", 
      "type": "integer"
    }, 
    "vtep_mac_address": {
      "required": false, 
      "title": "The virtual tunnel endpoint MAC address", 
      "type": "string"
    }
  }, 
  "type": "object"
}

WeeklyBackupSchedule (type) 

{
  "extends": {
    "$ref": "BackupSchedule
  }, 
  "id": "WeeklyBackupSchedule", 
  "module_id": "BackupConfiguration", 
  "polymorphic-type-descriptor": {
    "type-identifier": "WeeklyBackupSchedule"
  }, 
  "properties": {
    "days_of_week": {
      "items": {
        "type": "integer"
      }, 
      "maxItems": 7, 
      "minItems": 1, 
      "required": true, 
      "title": "Days of week when backup is taken. 0 - Sunday, 1 - Monday, 2 - Tuesday, 3 - Wednesday ...", 
      "type": "array", 
      "uniqueItems": true
    }, 
    "hour_of_day": {
      "maximum": 23, 
      "minimum": 0, 
      "required": true, 
      "title": "Time of day when backup is taken", 
      "type": "integer"
    }, 
    "minute_of_day": {
      "maximum": 59, 
      "minimum": 0, 
      "required": true, 
      "title": "Time of day when backup is taken", 
      "type": "integer"
    }, 
    "resource_type": {
      "enum": [
        "WeeklyBackupSchedule", 
        "IntervalBackupSchedule"
      ], 
      "required": true, 
      "title": "Schedule type", 
      "type": "string"
    }
  }, 
  "title": "Schedule to specify day of the week and time to take automated backup", 
  "type": "object"
}

WeeklyTelemetrySchedule (type) 

{
  "extends": {
    "$ref": "TelemetrySchedule
  }, 
  "id": "WeeklyTelemetrySchedule", 
  "module_id": "TelemetryConfig", 
  "polymorphic-type-descriptor": {
    "type-identifier": "WeeklyTelemetrySchedule"
  }, 
  "properties": {
    "day_of_week": {
      "description": "Day of week on which data will be collected. Specify one of SUNDAY through SATURDAY.", 
      "enum": [
        "SUNDAY", 
        "MONDAY", 
        "TUESDAY", 
        "WEDNESDAY", 
        "THURSDAY", 
        "FRIDAY", 
        "SATURDAY"
      ], 
      "required": true, 
      "title": "Day of week on which data will be collected", 
      "type": "string"
    }, 
    "frequency_type": {
      "description": "Specify one of DailyTelemetrySchedule, WeeklyTelemetrySchedule, or MonthlyTelemetrySchedule.", 
      "required": true, 
      "title": "Frequency at which data will be collected", 
      "type": "string"
    }, 
    "hour_of_day": {
      "description": "Hour at which data will be collected. Specify a value between 0 through 23.", 
      "maximum": 23, 
      "minimum": 0, 
      "required": true, 
      "title": "Hour at which data will be collected", 
      "type": "integer"
    }, 
    "minutes": {
      "default": 0, 
      "description": "Minute at which data will be collected. Specify a value between 0 through 59.", 
      "maximum": 59, 
      "minimum": 0, 
      "required": false, 
      "title": "Minute at which data will be collected", 
      "type": "integer"
    }
  }, 
  "type": "object"
}

WhiteListProvisionType (type) 

{
  "enum": [
    "LPORT_BINDINGS", 
    "LSWITCH_BINDINGS"
  ], 
  "id": "WhiteListProvisionType", 
  "module_id": "SpoofGuardSwitchingProfile", 
  "title": "Ways to provide white listed addresses for SpoofGuard", 
  "type": "string"
}

WhitelistingStatus (type) 

{
  "additionalProperties": false, 
  "description": "Status for whitelisting operation.", 
  "id": "WhitelistingStatus", 
  "module_id": "CloudVirtualMachineInformation", 
  "properties": {
    "whitelist_errors": {
      "$ref": "VmConfigError, 
      "readonly": true, 
      "required": false
    }, 
    "whitelisted": {
      "description": "Property whitelisted YES means NSX will not consider this virtual machine while performing quarantine operation. Value IN_PROGRESS signifies the state change is under progress.", 
      "enum": [
        true, 
        false, 
        "IN_PROGRESS"
      ], 
      "required": true, 
      "title": "Property to identify if this VM is whitelisted or not\nwhitelisted.\n", 
      "type": "string"
    }
  }, 
  "title": "Status for whitelisting operation", 
  "type": "object"
}

WidgetConfiguration (type) 

{
  "additionalProperties": false, 
  "description": "Describes the configuration of a widget to be displayed on the dashboard. WidgetConfiguration is a base type that provides attributes of a widget in-general.", 
  "extends": {
    "$ref": "ManagedResource
  }, 
  "id": "WidgetConfiguration", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "polymorphic-type-descriptor": {
    "mode": "enabled"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "datasources": {
      "description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.", 
      "items": {
        "$ref": "Datasource
      }, 
      "minItems": 0, 
      "title": "Array of Datasource Instances with their relative urls", 
      "type": "array"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.", 
      "maxLength": 255, 
      "title": "Widget Title", 
      "type": "string"
    }, 
    "drilldown_id": {
      "description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.", 
      "maxLength": 255, 
      "title": "Id of drilldown widget", 
      "type": "string"
    }, 
    "footer": {
      "$ref": "Footer
    }, 
    "icons": {
      "description": "Icons to be applied at dashboard for widgets and UI elements.", 
      "items": {
        "$ref": "Icon
      }, 
      "title": "Icons", 
      "type": "array"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "is_drilldown": {
      "default": false, 
      "description": "Set to true if this widget should be used as a drilldown.", 
      "title": "Set as a drilldown widget", 
      "type": "boolean"
    }, 
    "legend": {
      "$ref": "Legend, 
      "description": "Legend to be displayed. If legend is not needed, do not include it.", 
      "title": "Legend for the widget"
    }, 
    "resource_type": {
      "description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration and ContainerConfiguration.", 
      "enum": [
        "LabelValueConfiguration", 
        "DonutConfiguration", 
        "MultiWidgetConfiguration", 
        "ContainerConfiguration", 
        "StatsConfiguration", 
        "GridConfiguration", 
        "GraphConfiguration"
      ], 
      "maxLength": 255, 
      "readonly": true, 
      "required": true, 
      "title": "Widget visualization type", 
      "type": "string"
    }, 
    "shared": {
      "deprecated": true, 
      "description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.", 
      "title": "Visiblity of widgets to other users", 
      "type": "boolean"
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "weight": {
      "deprecated": true, 
      "description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.", 
      "title": "Weightage or placement of the widget or container", 
      "type": "int"
    }
  }, 
  "title": "Dashboard Widget Configuration", 
  "type": "object"
}

WidgetConfigurationList (type) 

{
  "additionalProperties": false, 
  "description": "Represents a list of widget configurations.", 
  "id": "WidgetConfigurationList", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "widgetconfigurations": {
      "description": "Array of widget configurations", 
      "items": {
        "$ref": "WidgetConfiguration
      }, 
      "readonly": true, 
      "required": true, 
      "title": "Array of widget configurations", 
      "type": "array"
    }
  }, 
  "title": "List of Widget Configurations", 
  "type": "object"
}

WidgetItem (type) 

{
  "additionalProperties": false, 
  "description": "Represents a reference to a widget that is held by a container or a multi-widget or a View.", 
  "id": "WidgetItem", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "alignment": {
      "default": "LEFT", 
      "description": "Aligns widget either left or right.", 
      "enum": [
        "LEFT", 
        "RIGHT"
      ], 
      "title": "Alignment of widget inside container", 
      "type": "string"
    }, 
    "label": {
      "$ref": "Label, 
      "description": "Applicable for 'DonutConfiguration' and 'StatsConfiguration' reports only. If label is not specified, then it defaults to the label of the donut or stats report.", 
      "title": "Label of the the report"
    }, 
    "separator": {
      "default": false, 
      "description": "If true, separates this widget in a container.", 
      "title": "A separator after this widget", 
      "type": "boolean"
    }, 
    "weight": {
      "default": 10000, 
      "description": "Determines placement of widget or container relative to other widgets and containers. The lower the weight, the higher it is in the placement order.", 
      "title": "Weightage or placement of the widget or container", 
      "type": "int"
    }, 
    "widget_id": {
      "description": "Id of the widget configuration that is held by a multi-widget or a container or a view.", 
      "maxLength": 255, 
      "required": true, 
      "title": "Id of the widget configuration", 
      "type": "string"
    }
  }, 
  "title": "Widget held by MultiWidgetConfiguration or Container or a View", 
  "type": "object"
}

WidgetQueryParameters (type) 

{
  "additionalProperties": false, 
  "id": "WidgetQueryParameters", 
  "module_id": "NsxDashboard", 
  "nsx_feature": "NsxDashboardWidgetConfig", 
  "properties": {
    "container": {
      "description": "Id of the container whose widget configurations are to be queried.", 
      "maxLength": 255, 
      "readonly": true, 
      "title": "Id of the container", 
      "type": "string"
    }, 
    "widget_ids": {
      "description": "Comma separated ids of WidgetConfigurations to be queried.", 
      "maxLength": 8192, 
      "readonly": true, 
      "title": "Ids of the WidgetConfigurations", 
      "type": "string"
    }
  }, 
  "title": "Parameters for querying widget configurations", 
  "type": "object"
}

X509Certificate (type) 

{
  "additionalProperties": false, 
  "id": "X509Certificate", 
  "module_id": "CertificateManager", 
  "properties": {
    "dsa_public_key_g": {
      "description": "One of the DSA cryptogaphic algorithm's strength parameters, base", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "dsa_public_key_p": {
      "description": "One of the DSA cryptogaphic algorithm's strength parameters, prime", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "dsa_public_key_q": {
      "description": "One of the DSA cryptogaphic algorithm's strength parameters, sub-prime", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "dsa_public_key_y": {
      "description": "One of the DSA cryptogaphic algorithm's strength parameters", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "ecdsa_curve_name": {
      "description": "The Curve name for the ECDSA certificate.", 
      "readonly": true, 
      "required": false, 
      "title": "ECDSA Curve Name", 
      "type": "string"
    }, 
    "ecdsa_ec_field": {
      "description": "Represents an elliptic curve (EC) finite field in ECDSA.", 
      "enum": [
        "F2M", 
        "FP"
      ], 
      "readonly": true, 
      "required": false, 
      "title": "ECDSA Elliptic Curve Finite Field", 
      "type": "string"
    }, 
    "ecdsa_ec_field_f2mks": {
      "description": "The order of the middle term(s) of the reduction polynomial in elliptic curve (EC) | characteristic 2 finite field.| Contents of this array are copied to protect against subsequent modification in ECDSA.", 
      "items": {
        "type": "integer"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "ECDSA Elliptic Curve F2MKS", 
      "type": "array"
    }, 
    "ecdsa_ec_field_f2mm": {
      "description": "The first coefficient of this elliptic curve in elliptic curve (EC) | characteristic 2 finite field for ECDSA.", 
      "readonly": true, 
      "required": false, 
      "title": "ECDSA Elliptic Curve F2MM", 
      "type": "integer"
    }, 
    "ecdsa_ec_field_f2mrp": {
      "description": "The value whose i-th bit corresponds to the i-th coefficient of the reduction polynomial | in elliptic curve (EC) characteristic 2 finite field for ECDSA.", 
      "readonly": true, 
      "required": false, 
      "title": "ECDSA Elliptic Curve F2MRP", 
      "type": "string"
    }, 
    "ecdsa_ec_field_f2pp": {
      "description": "The specified prime for the elliptic curve prime finite field in ECDSA.", 
      "readonly": true, 
      "required": false, 
      "title": "ECDSA Elliptic Curve F2PP", 
      "type": "string"
    }, 
    "ecdsa_public_key_a": {
      "description": "The first coefficient of this elliptic curve in ECDSA.", 
      "readonly": true, 
      "required": false, 
      "title": "ECDSA Elliptic Curve Public Key A", 
      "type": "string"
    }, 
    "ecdsa_public_key_b": {
      "description": "The second coefficient of this elliptic curve in ECDSA.", 
      "readonly": true, 
      "required": false, 
      "title": "ECDSA Elliptic Curve Public Key B", 
      "type": "string"
    }, 
    "ecdsa_public_key_cofactor": {
      "description": "The co-factor in ECDSA.", 
      "readonly": true, 
      "required": false, 
      "title": "ECDSA Elliptic Curve Public Key Cofactor", 
      "type": "integer"
    }, 
    "ecdsa_public_key_generator_x": {
      "description": "x co-ordinate of G (the generator which is also known as the base point) in ECDSA.", 
      "readonly": true, 
      "required": false, 
      "title": "ECDSA Elliptic Curve Public Key X", 
      "type": "string"
    }, 
    "ecdsa_public_key_generator_y": {
      "description": "y co-ordinate of G (the generator which is also known as the base point) in ECDSA.", 
      "readonly": true, 
      "required": false, 
      "title": "ECDSA Elliptic Curve Public Key Y", 
      "type": "string"
    }, 
    "ecdsa_public_key_order": {
      "description": "The order of generator G in ECDSA.", 
      "readonly": true, 
      "required": false, 
      "title": "ECDSA Elliptic Curve Public Key Order", 
      "type": "string"
    }, 
    "ecdsa_public_key_seed": {
      "description": "The bytes used during curve generation for later validation in ECDSA.| Contents of this array are copied to protect against subsequent modification.", 
      "items": {
        "type": "string"
      }, 
      "readonly": true, 
      "required": false, 
      "title": "ECDSA Elliptic Curve Public Key Seed", 
      "type": "array"
    }, 
    "is_ca": {
      "description": "True if this is a CA certificate.", 
      "readonly": true, 
      "required": true, 
      "type": "boolean"
    }, 
    "is_valid": {
      "description": "True if this certificate is valid.", 
      "readonly": true, 
      "required": true, 
      "type": "boolean"
    }, 
    "issuer": {
      "description": "the certificate issuers complete distinguished name", 
      "readonly": true, 
      "required": true, 
      "type": "string"
    }, 
    "issuer_cn": {
      "description": "the certificate issuer's common name", 
      "readonly": true, 
      "required": true, 
      "type": "string"
    }, 
    "not_after": {
      "$ref": "EpochMsTimestamp, 
      "description": "the time in epoch milliseconds at which the certificate becomes invalid", 
      "readonly": true, 
      "required": true
    }, 
    "not_before": {
      "$ref": "EpochMsTimestamp, 
      "description": "the time in epoch milliseconds at which the certificate becomes valid", 
      "readonly": true, 
      "required": true
    }, 
    "public_key_algo": {
      "description": "Cryptographic algorithm used by the public key for data encryption.", 
      "enum": [
        "RSA", 
        "DSA", 
        "ECDSA"
      ], 
      "readonly": true, 
      "required": true, 
      "title": "Public Key Algorithm", 
      "type": "string"
    }, 
    "public_key_length": {
      "description": "size measured in bits of the public/private keys used in a cryptographic algorithm", 
      "readonly": true, 
      "required": true, 
      "type": "integer"
    }, 
    "rsa_public_key_exponent": {
      "description": "An RSA public key is made up of the modulus and the public exponent. Exponent is a power number", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "rsa_public_key_modulus": {
      "description": "An RSA public key is made up of the modulus and the public exponent. Modulus is wrap around number", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "serial_number": {
      "description": "certificate's serial number", 
      "readonly": true, 
      "required": true, 
      "type": "string"
    }, 
    "signature": {
      "description": "the signature value(the raw signature bits) used for signing and validate the cert", 
      "readonly": true, 
      "required": true, 
      "type": "string"
    }, 
    "signature_algorithm": {
      "description": "the algorithm used by the Certificate Authority to sign the certificate", 
      "readonly": true, 
      "required": true, 
      "type": "string"
    }, 
    "subject": {
      "description": "the certificate owners complete distinguished name", 
      "readonly": true, 
      "required": true, 
      "type": "string"
    }, 
    "subject_cn": {
      "description": "the certificate owner's common name", 
      "readonly": true, 
      "required": true, 
      "type": "string"
    }, 
    "version": {
      "description": "Certificate version (default v1)", 
      "readonly": true, 
      "required": true, 
      "type": "string"
    }
  }, 
  "type": "object"
}

X509Crl (type) 

{
  "additionalProperties": false, 
  "id": "X509Crl", 
  "module_id": "CertificateManager", 
  "properties": {
    "crl_entries": {
      "description": "list of X509CrlEntry", 
      "items": {
        "$ref": "X509CrlEntry
      }, 
      "readonly": true, 
      "required": false, 
      "type": "array"
    }, 
    "issuer": {
      "description": "Issuer's distinguished name(DN)", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "next_update": {
      "description": "Next update time for the CRL", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "version": {
      "description": "CRL's version number either 1 or 2", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }
  }, 
  "title": "A CRL is a time-stamped list identifying revoked certificates.", 
  "type": "object"
}

X509CrlEntry (type) 

{
  "additionalProperties": false, 
  "id": "X509CrlEntry", 
  "module_id": "CertificateManager", 
  "properties": {
    "revocation_date": {
      "description": "Revocation date", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }, 
    "serial_number": {
      "description": "the revoked certificate's serial number", 
      "readonly": true, 
      "required": false, 
      "type": "string"
    }
  }, 
  "title": "Each revoked certificate is identified in a CRL by its certificate serial number.", 
  "type": "object"
}

XForwardedForType (type) 

{
  "additionalProperties": false, 
  "enum": [
    "INSERT", 
    "REPLACE"
  ], 
  "id": "XForwardedForType", 
  "module_id": "LoadBalancer", 
  "title": "x-forwarded-for type", 
  "type": "string"
}


API Errors

301 - Moved Permanently

Request must be reissued to a different controller node.

The controller node has been replaced by a new node that should be used for this and all future requests.

Response Code 301 Moved Permanently
Response Headers Content-Type: text/plain
Location: <URI for new request>
Response Body Additional information about the error, if available.

303 - See Other

The response to the request can be found under a different URI identified by the Location response header.

Response Code 303 See Other
Response Headers Content-Type: text/plain
Location: <URI for new request>
Response Body Additional information about the error, if available.

307 - Temporary Redirect

Request should be reissued to a different controller node.

The controller node is requesting the client make further requests against the controller node specified in the Location header. Clients should continue to use the new server until directed otherwise by the new controller node.

Response Code 307 Temporary Redirect
Response Headers Content-Type: text/plain
Location: <URI for new request>
Response Body Additional information about the error, if available.

400 - Bad Request

Request was improperly formatted or contained an invalid parameter.

Response Code 400 Bad Request
Response Headers Content-Type: text/plain
Response Body Additional information about the error, if available.

401 - Unauthorized

Response Code 401 Unauthorized
Response Headers
Response Body Additional information about the error, if available.

403 - Forbidden

The client does not have sufficient privileges to execute the request.

The API is likely in read-only mode, or a request was made to modify a read-only property.

Response Code 403 Forbidden
Response Headers Content-Type: text/plain
Response Body Additional information about the error, if available.

404 - Not Found

An entity referenced in the request does not exist.

Create the referenced resource first, then reissue the request.

Response Code 404 Not Found
Response Headers Content-Type: text/plain
Response Body Additional information about the error, if available.

409 - Conflict

The request can not be performed because it conflicts with configuration on a different entity, or because another client modified the same entity.

If the conflict arose because of a conflict with a different entity, modify the conflicting configuration. If the problem is due to a concurrent update, re-fetch the resource, apply the desired update, and reissue the request.

Response Code 409 Conflict
Response Headers Content-Type: text/plain
Response Body Additional information about the error, if available.

410 - Gone

Response Code 410 Gone
Response Headers
Response Body Additional information about the error, if available.

423 -

Response Code 423
Response Headers
Response Body Additional information about the error, if available.

500 - Internal Server Error

An internal error occurred while executing the request. If the problem persists, perform diagnostic system tests, or contact your support representative.

Response Code 500 Internal Server Error
Response Headers Content-Type: text/plain
Response Body Additional information about the error, if available.

502 - Bad Gateway

Response Code 502 Bad Gateway
Response Headers
Response Body Additional information about the error, if available.

503 - Service Unavailable

The request can not be performed because the associatedresource could not be reached or is temporarily busy. Verify theassociated resource is connected, then reissue the request.

Response Code 503 Service Unavailable
Response Headers Content-Type: text/plain
Response Body Additional information about the error, if available.

504 - Gateway Timeout

Response Code 504 Gateway Timeout
Response Headers
Response Body Additional information about the error, if available.


Deprecated Types and Methods

** Deprecated Type Definitions

DeploymentZoneListResult:
    Paged Collection of Deployment Zones. This is a deprecated type.
    DeploymentZone has been renamed to Site. Use SiteListResult.
ChildL2Vpn:
    Child wrapper object for L2Vpn, used in hierarchical API.
NetworkMigrationSpecType:
    Note- transport node templates APIs are deprecated and user is recommended
    to use transport node profiles APIs instead.
L2VpnContext:
    L2Vpn Context provides meta-data information about the parent Tier-0.
NodeActionParameters:
    Fabric node action parameters
PortMirroringSwitchingProfile:
    (missing)
TransportNodeTemplateListResult:
    Note- transport node templates APIs are deprecated and user is recommended
    to use transport node profiles APIs instead.
PolicyDHGroup:
    Diffie-Hellman groups represent algorithm used to derive shared keys between
    IPSec VPN initiator and responder over an unsecured network. GROUP2 uses
    1024-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP
    group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group.
    GROUP16 uses 4096-bit MODP group.
CommunicationMap:
    Ordered list of CommunicationEntries. This object is created by default
    along with the Domain. This type is deprecated. Use the type SecurityPolicy
    instead.
IpfixObsPointsListResult:
    This is deprecated. Please use UpmProfileListResult instead.
CommunicationEntry:
    A communication entry indicates the action to be performed for various types
    of traffic flowing between workload groups. This type is deprecated. Use the
    type Rule instead.
CommunicationMapListResult:
    This type is deprecated. Use the type SecurityPolicyListResult instead.
PolicyIPAddressInfo:
    Used to specify the display name and value of the IPv4Address.
ChildCommunicationMap:
    Child wrapper object for CommunicationMap, used in hierarchical API This
    type is deprecated. Use the type ChildSecurityPolicy instead.
NetworkMigrationSpec:
    The NetworkMigrationSpec is the base class for any types of network
    migration specifications to be handled by transport node. Note- transport
    node templates APIs are deprecated and user is recommended to use transport
    node profiles APIs instead.
L3VpnSessionResourceType:
    - A Policy Based L3Vpn is a configuration in which protect rules to match
    local and remote subnet needs to be defined. Tunnel is established for each
    pair of local and remote subnet defined in protect rules. - A Route Based
    L3Vpn is more flexible, more powerful and recommended over policy based. IP
    Tunnel subnet is created and all traffic routed through tunnel subnet
    (commonly known as VTI) is sent over tunnel. Routes can be learned through
    BGP. A route based L3Vpn is required when using redundant L3Vpn.
CommunicationEntryListResult:
    This type is deprecated. Use the type RuleListResult instead.
ComputeCollectionTransportNodeTemplateStateList:
    Note- transport node templates APIs are deprecated and user is recommended
    to use transport node profiles APIs instead.
TransportNodeTemplateState:
    Note- transport node templates APIs are deprecated and user is recommended
    to use transport node profiles APIs instead.
ChildL3VpnContext:
    Child wrapper object for L3VpnContext, used in hierarchical API.
ComputeCollectionTransportNodeTemplateState:
    Note- transport node templates APIs are deprecated and user is recommended
    to use transport node profiles APIs instead.
NetworkMigrationSpecTypeIdEntry:
    Note- transport node templates APIs are deprecated and user is recommended
    to use transport node profiles APIs instead.
CommunicationMapInsertParameters:
    Parameters to let the admin specify a relative position of a communication
    map w.r.t to another one. This type is deprecated. Use the type
    SecurityPolicyInsertParameters instead.
L3VpnContext:
    L3Vpn Context provides the configuration context that different L3Vpns can
    consume.
PolicyTunnelDigestAlgorithm:
    The TunnelDigestAlgorithms are used to verify message integrity during
    tunnel establishment. SHA1 produces 160 bits hash and SHA2_256 produces 256
    bit hash.
L3VpnSubnet:
    Used to specify subnets in L3Vpn rule.
ChildL2VpnContext:
    Child wrapper object for L2VpnContext, used in hierarchical API.
ChildCommunicationEntry:
    Child wrapper object for CommunicationEntry, used in hierarchical API This
    type is deprecated. Use the type ChildRule instead.
ChildDeploymentZone:
    Child wrapper object for DeploymentZone, used in hierarchical API
L3Vpn:
    Contains information necessary to configure IPSec VPN.
IpfixObsPointConfig:
    IpfixObsPointConfig (i.e. global switch IPFIX config) is deprecated. Please
    use IpfixSwitchUpmProfile & IpfixCollectorUpmProfile instead. With them,
    switch IPFIX profile can be applied to specific entities, such as logical
    switch, logical port and so on.
TunnelSubnet:
    (missing)
L3VpnRule:
    For policy-based L3Vpn sessions, a rule specifies as its action the vpn
    tunnel to be used for transit traffic that meets the rule's match criteria.
PolicyTunnelEncryptionAlgorithm:
    TunnelEncryption algorithms are used to ensure confidentiality of the
    messages exchanged during Tunnel negotiations. AES stands for Advanced
    Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit
    keys for encryption and decryption. AES_GCM stands for Advanced Encryption
    Standard(AES) in Galois/Counter Mode (GCM) and is used to provide both
    confidentiality and data origin authentication.
L3VpnSession:
    Contains information about L3Vpn session.
L2Vpn:
    Contains information necessary to configure L2Vpn.
CommunicationMapListRequestParameters:
    This type is deprecated. Use the type SecurityPolicyListRequestParameters
    instead.
NetworkMigrationSpecListResult:
    Note- transport node templates APIs are deprecated and user is recommended
    to use transport node profiles APIs instead.
ChildL3Vpn:
    Child wrapper object for L3Vpn, used in hierarchical API.
PolicyBasedL3VpnSession:
    A Policy-based L3Vpn session is a configuration in which a specific vpn
    tunnel is referenced in a policy whose action is set as tunnel.
DeploymentZoneListRequestParameters:
    DeploymentZone list request parameters. This is a deprecated type.
    DeploymentZone has been renamed to Site. Use SiteListRequestParameters.
PolicyIKEDigestAlgorithm:
    The IKEDigestAlgorithms are used to verify message integrity during IKE
    negotiation. SHA1 produces 160 bits hash and SHA2_256 produces 256 bit hash.
DeploymentZone:
    Logical grouping of enforcement points. This is a deprecated type.
    DeploymentZone has been renamed to Site. Use Site.
CommunicationEntryListRequestParameters:
    This type is deprecated. Use the type RuleListRequestParameters instead.
NetworkMigrationSpecListParameters:
    Note- transport node templates APIs are deprecated and user is recommended
    to use transport node profiles APIs instead.
RouteBasedL3VpnSession:
    A Route Based L3Vpn is more flexible, more powerful and recommended over
    policy based. IP Tunnel subnet is created and all traffic routed through
    tunnel subnet is sent over tunnel. Routes can be learned through BGP. A
    route based L3Vpn is required when using redundant L3Vpn.
HostProfileNetworkMigrationSpec:
    This specification should be used to define which VMK adapters need to be
    migrated to NSX logical switches from VC network switches. Migrations
    specified here should match with those from associated Host Profiles from
    VC. Mismatch will result in migration failures. This specification only
    supports migration vmkernal adapters to NSX logical switches. Note-
    transport node templates APIs are deprecated and user is recommended to use
    transport node profiles APIs instead.
TransportNodeTemplateListParameters:
    Note- transport node templates APIs are deprecated and user is recommended
    to use transport node profiles APIs instead.
PolicyIKEVersion:
    IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds
    to both IKE-V1 and IKE-V2.
TransportNodeTemplateStateParameters:
    Note- transport node templates APIs are deprecated and user is recommended
    to use transport node profiles APIs instead.
CommunicationEntryInsertParameters:
    Parameters to let the admin specify a relative position of a communication
    entry w.r.t to another one in the same communication map. If the
    communication entry specified in the anchor_path belongs to another
    communication map an error will be thrown This type is deprecated. Use the
    type RuleInsertParameters instead.
ComputeCollectionTransportNodeTemplate:
    Note- transport node templates APIs are deprecated and user is recommended
    to use transport node profiles APIs instead.
PolicyIKEEncryptionAlgorithm:
    IKEEncryption algorithms are used to ensure confidentiality of the messages
    exchanged during IKE negotiations. AES stands for Advanced Encryption
    Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for
    encryption and decryption. AES_GCM stands for Advanced Encryption
    Standard(AES) in Galois/Counter Mode(GCM) and is used to provide both
    confidentiality and data origin authentication. AES_GCM composed of two
    separate functions one for encryption(AES) and one for authentication(GMAC).
    AES_GCM algorithms will be available with IKE_V2 version only. AES_GMAC_128
    uses 128-bit keys. AES_GMAC_192 uses 192-bit keys. AES_GMAC_256 uses 256-bit
    keys.
VmkToLogicalSwitchMapping:
    Note- transport node templates APIs are deprecated and user is recommended
    to use transport node profiles APIs instead.
CommunicationInsertParameters:
    Parameters to let the admin specify a relative position of a communication
    map or communication entry w.r.t to another one. This type is deprecated.
    Use the type RuleInsertParameters instead.
GroupDeleteRequestParameters:
    Group delete request parameters
IpfixSwitchConfig:
    This is deprecated. Please use IpfixSwitchUpmProfile instead which can
    specify its own collectors and observation ID.


** Deprecated Property Definitions

LbVirtualServer.default_pool_member_port:
    This is a deprecated property, please use 'default_pool_member_ports'
    instead. If default_pool_member_port is configured and
    default_pool_member_ports are not specified, both default_pool_member_port
    and default_pool_member_ports in response payload would return the same port
    value. If both are specified, default_pool_member_ports setting would take
    effect with higher priority.
LbVirtualServer.port:
    This is a deprecated property, please use 'ports' instead. Port setting
    could be single port for both L7 mode and L4 mode. For L4 mode, a single
    port range is also supported. The port setting could be a single port or
    port range such as "80", "1234-1236". If port is configured and ports are
    not specified, both port and ports in response payload would return the same
    port value. If both port and ports are configured, ports setting would take
    effect with higher priority.
Segment.ls_id:
    This property is deprecated. The property will continue to work as expected
    for existing segments. The segments that are newly created with ls_id will
    be ignored. Sepcify pre-creted logical switch id for Segment.
AwsSubnetListRequestParameters.region_name:
    This field is DEPRECATED. region_name will be learnt from vpc_id
    information.
LbSnatTranslation.port_overload:
    Both SNAT automap and SNAT IP list modes support port overloading which
    allows the same SNAT IP and port to be used for multiple backend connections
    as long as the tuple (source IP, source port, destination IP, destination
    port, IP protocol) after SNAT is performed is unique. The valid number is 1,
    2, 4, 8, 16, 32. This is a deprecated property. The port overload factor is
    fixed to 32 in load balancer engine. If it is upgraded from an old version,
    the value would be changed to 32 automatically.
BgpConfig.as_number:
    This is a deprecated property, Please use 'as_num' instead.
BgpConfig.graceful_restart:
    Flag to enable graceful restart. This field is deprecated, kindly use
    graceful_restart_config parameter for graceful restart configuration. If
    both parameters are set and consistent with each other [i.e.
    graceful_restart=false and graceful_restart_mode=HELPER_ONLY OR
    graceful_restart=true and graceful_restart_mode=GR_AND_HELPER] then this is
    allowed, but if inconsistent with each other then this is not allowed and
    validation error will be thrown.
L2VpnService.enable_full_mesh:
    Full mesh topology auto disables traffic replication between connected
    peers. However, this property is deprecated. Please refer enable_hub
    property instead to control client to client forwarding via the server. The
    value of enable_full_mesh will not be used anymore. If enable_hub is not
    provided explicitly, the default value of it will be used.
WidgetConfiguration.weight:
    Specify relavite weight in WidgetItem for placement in a view. Please see
    WidgetItem for details.
WidgetConfiguration.shared:
    Please use the property 'shared' of View instead of this. The widgets of a
    shared view are visible to other users.
ContainerConfiguration.weight:
    Specify relavite weight in WidgetItem for placement in a view. Please see
    WidgetItem for details.
ContainerConfiguration.shared:
    Please use the property 'shared' of View instead of this. The widgets of a
    shared view are visible to other users.
L2Extension.l2vpn_path:
    This property has been deprecated. Please use the property l2vpn_paths for
    setting the paths of associated L2 VPN session. This property will continue
    to work as expected to provide backwards compatibility. However, when both
    l2vpn_path and l2vpn_paths properties are specified, only l2vpn_paths is
    used.
LBService.access_log_enabled:
    Flag to enable access log
BgpRoutingConfig.graceful_restart:
    Flag to enable graceful restart. This field is deprecated, please use
    graceful_restart_config parameter for graceful restart configuration. If
    both parameters are set and consistent with each other (i.e.
    graceful_restart=false and graceful_restart_mode=HELPER_ONLY OR
    graceful_restart=true and graceful_restart_mode=GR_AND_HELPER) then this is
    allowed, but if inconsistent with each other then this is not allowed and
    validation error will be thrown.
GridConfiguration.weight:
    Specify relavite weight in WidgetItem for placement in a view. Please see
    WidgetItem for details.
GridConfiguration.shared:
    Please use the property 'shared' of View instead of this. The widgets of a
    shared view are visible to other users.
BgpNeighborStatus.graceful_restart:
    Current state of graceful restart where graceful_restart = true indicates
    graceful restart is enabled and graceful_restart = false indicates graceful
    restart is disabled. This is deprecated field, use graceful_restart_mode
    instead.
AzureAccount.has_managed_vnet:
    This field is DEPRECATED. Please use vnet_stats to get the number of managed
    virtual networks.
MultiWidgetConfiguration.weight:
    Specify relavite weight in WidgetItem for placement in a view. Please see
    WidgetItem for details.
MultiWidgetConfiguration.shared:
    Please use the property 'shared' of View instead of this. The widgets of a
    shared view are visible to other users.
LabelValueConfiguration.weight:
    Specify relavite weight in WidgetItem for placement in a view. Please see
    WidgetItem for details.
LabelValueConfiguration.shared:
    Please use the property 'shared' of View instead of this. The widgets of a
    shared view are visible to other users.
PortConnectionHypervisor.pnics:
    (missing)
LbSnatIpPool.port_overload:
    Both SNAT automap and SNAT IP list modes support port overloading which
    allows the same SNAT IP and port to be used for multiple backend connections
    as long as the tuple (source IP, source port, destination IP, destination
    port, IP protocol) after SNAT is performed is unique. The valid number is 1,
    2, 4, 8, 16, 32. This is a deprecated property. The port overload factor is
    fixed to 32 in load balancer engine. If it is upgraded from an old version,
    the value would be changed to 32 automatically.
NatRule.nat_pass:
    Default is true. If the nat_pass is set to true, the following firewall
    stage will be skipped. Please note, if action is NO_SNAT or NO_DNAT, then
    nat_pass must be set to true or omitted.  Nat_pass was deprecated with an
    alternative firewall_match. Please stop using nat_pass to specify whether
    firewall stage is skipped. if you want to skip, please set firewall_match to
    BYPASS. If you do not want to skip, please set the firewall_match to
    MATCH_EXTERNAL_ADDRESS or MATCH_INTERNAL_ADDRESS.  Please note, the
    firewall_match will take priority over the nat_pass. If both are provided,
    the nat_pass is ignored. If firewall_match is not provided while the
    nat_pass is specified, the nat_pass will still be picked up. In this case,
    if nat_pass is set to false, firewall rule will be applied on internall
    address of a packet, i.e. MATCH_INTERNAL_ADDRESS.
LbSnatAutoMap.port_overload:
    Both SNAT automap and SNAT IP list modes support port overloading which
    allows the same SNAT IP and port to be used for multiple backend connections
    as long as the tuple (source IP, source port, destination IP, destination
    port, IP protocol) after SNAT is performed is unique. The valid number is 1,
    2, 4, 8, 16, 32. This is a deprecated property. The port overload factor is
    fixed to 32 in load balancer engine. If it is upgraded from an old version,
    the value would be changed to 32 automatically.
NSXTConnectionInfo.edge_cluster_ids:
    Edge Cluster UUIDs on enforcement point. Edge cluster information is
    required for creating logical L2, L3 constructs on enforcement point. Max 1
    edge cluster ID. This is a deprecated property. The edge cluster id is now
    auto populated from enforcement point and its value can be read using APIs
    GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/edge-
    clusters and GET /infra/sites/site-id/enforcement-points/enforcementpoint-1
    /edge-clusters/edge-cluster-id. The value passed through this property will
    be ignored.
NSXTConnectionInfo.transport_zone_ids:
    Transport Zone UUIDs on enforcement point. Transport zone information is
    required for creating logical L2, L3 constructs on enforcement point. Max 1
    transport zone ID. This is a deprecated property. The transport zone id is
    now auto populated from enforcement point and its value can be read using
    APIs GET /infra/sites/site-id/enforcement-points/enforcementpoint-id
    /transport-zones and GET /infra/sites/site-id/enforcement-points
    /enforcementpoint-id/transport-zones/transport-zone-id. The value passed
    through this property will be ignored.
AwsAccountsListResult.all_accounts_instance_stats:
    This field is DEPRECATED. To obtain statistics about instances, use the GET
    /csm/accounts/statistics API.
AwsAccountsListResult.all_accounts_vpc_stats:
    This field is DEPRECATED. To obtain statistics about VPCs, use the GET
    /csm/accounts/statistics API.
AddClusterNodeVMInfo.clustering_config:
    This property is deprecated since ClusteringConfig is no longer needed for
    auto-installation and will be ignored if provided.
AwsTransitVpcConfig.account_id:
    AWS account ID of the transit VPC. This field is deprecated. Field
    account_id can be learnt using vpc_id. GET /csm/aws/vpcs/ API
    returns associated_account_ids. Hence, this field is optional.
AzureComputeVNetConfig.account_id:
    Azure account ID related to the compute VNet. This field is deprecated.
    Field account_id can be learnt using vnet_id. GET /csm/azure/vnets/
    API returns associated_account_ids. Hence, this field is optional.
DonutConfiguration.weight:
    Specify relavite weight in WidgetItem for placement in a view. Please see
    WidgetItem for details.
DonutConfiguration.shared:
    Please use the property 'shared' of View instead of this. The widgets of a
    shared view are visible to other users.
AwsAccount.gateway_role_name:
    This field is DEPRECATED. Please use the field credentials.
AwsAccount.iam_role_arn:
    This field is DEPRECATED. Please use the field credentials.
AwsAccount.auth_mechanism_iam:
    This field is DEPRECATED. Please use the field auth_method.
AwsAccount.access_key:
    This field is DEPRECATED. Please use the field credentials.
AwsAccount.has_managed_vpc:
    This field is DEPRECATED. Please use vpc_stats to get the number of managed
    VPCs.
AwsAccount.secret_key:
    This field is DEPRECATED. Please use the field credentials.
AwsAccount.external_id:
    This field is DEPRECATED. Please use the field credentials.
PrincipalIdentity.permission_group:
    Use the 'role' field instead and pass in 'auditor' for read_only_api_users
    or 'enterprise_admin' for the others.
GraphConfiguration.weight:
    Specify relavite weight in WidgetItem for placement in a view. Please see
    WidgetItem for details.
GraphConfiguration.shared:
    Please use the property 'shared' of View instead of this. The widgets of a
    shared view are visible to other users.
AwsVpc.cidr:
    This field is DEPRECATED as AWS started supporting multiple CIDR blocks per
    VPC. This field will return only the first CIDR block from the response
    received from AWS. Please use cidr_blocks to see the multiple CIDR blocks
    associated with the VPC.
HostSwitch.static_ip_pool_id:
    ID of configured Static IP Pool. If specified allocate IP for Endpoints from
    Pool. Else assume IP will be assigned for Endpoints from DHCP. This field is
    deprecated, use ip_assignment_spec field instead.
LbService.access_log_enabled:
    whether access log is enabled
AddControllerNodeSpec.control_plane_server_certificate:
    Deprecated. Do not supply a value for this property.
RealizationStateQueryParameters.barrier_id:
    The system checks to ensure that the logical entity is realized or not at
    least at the given barrier number. This parameter has been deprecated.
    Please use request_id instead.
StatsConfiguration.weight:
    Specify relavite weight in WidgetItem for placement in a view. Please see
    WidgetItem for details.
StatsConfiguration.shared:
    Please use the property 'shared' of View instead of this. The widgets of a
    shared view are visible to other users.
LogicalRouterLinkPortOnTIER1.edge_cluster_member_index:
    Please use logical router API to pass edge cluster members indexes manually.
TransportNode.host_switches:
    This property is deprecated in favor of 'host_switch_spec'. Property
    'host_switches' can only be used for NSX managed transport nodes.
    'host_switch_spec' can be used for both NSX managed or manually
    preconfigured host switches.
VsphereDeploymentConfig.dns_servers:
    List of DNS servers. This field is deprecated. Use dns_servers property in
    EdgeNodeSettings section when creating or updating transport nodes.
VsphereDeploymentConfig.search_domains:
    List of domain names that are used to complete unqualified host names. This
    field is deprecated. Use search_domains property in EdgeNodeSettings section
    when creating or updating transport nodes.
VsphereDeploymentConfig.enable_ssh:
    Enabling SSH service is not recommended for security reasons. This field is
    deprecated. Use enable_ssh property in EdgeNodeSettings section when
    creating or updating transport nodes.
VsphereDeploymentConfig.allow_ssh_root_login:
    Allowing root SSH logins is not recommended for security reasons. This field
    is deprecated. Use allow_ssh_root_login property in EdgeNodeSettings section
    when creating transport nodes.
VsphereDeploymentConfig.ntp_servers:
    List of NTP servers. This field is deprecated. Use ntp_servers property in
    EdgeNodeSettings section when creating or updating transport nodes.
VsphereDeploymentConfig.hostname:
    Host name or FQDN for edge node.
ChildServiceEntry.Service:
    This is a deprecated property, Please use 'ServiceEntry' instead.
BgpNeighbor.filter_in_routemap_id:
    This is a deprecated property, Please use 'address_family' instead.
BgpNeighbor.filter_out_ipprefixlist_id:
    This is a deprecated property, Please use 'address_family' instead.
BgpNeighbor.filter_out_routemap_id:
    This is a deprecated property, Please use 'address_family' instead.
BgpNeighbor.source_address:
    Deprecated - do not provide a value for this field. Use source_addresses
    instead.
BgpNeighbor.remote_as:
    This is a deprecated property, Please use 'remote_as_num' instead.
BgpNeighbor.filter_in_ipprefixlist_id:
    This is a deprecated property, Please  use 'address_family' instead.
Tier1.default_rule_logging:
    Indicates if logging should be enabled for the default whitelisting rule.
    This filed is deprecated and recommended to change Rule logging filed. Note
    that this filed is not synchornied with default logging field.
Tier1.force_whitelisting:
    This filed is deprecated and recommended to change Rule action filed. Note
    that this filed is not synchornied with default rule field.
Tier0.default_rule_logging:
    Indicates if logging should be enabled for the default whitelisting rule.
    This filed is deprecated and recommended to change Rule logging filed. Note
    that this filed is not synchornied with default logging field.
Tier0.force_whitelisting:
    This filed is deprecated and recommended to change Rule action filed. Note
    that this filed is not synchornied with default rule field.
AwsComputeVpcConfig.account_id:
    AWS account ID related to the compute VPC. This field is deprecated. Field
    account_id can be learnt using vpc_id. GET /csm/aws/vpcs/ API
    returns associated_account_ids. Hence, this field is optional.
RouteBasedL3VpnSession.routing_config_path:
    This is a deprecated field. Any specified value is not saved and will be
    ignored.
AzureTransitVnetConfig.account_id:
    Azure account ID of the transit VNet. This field is deprecated. Field
    account_id can be learnt using vnet_id. GET /csm/azure/vnets/ API
    returns associated_account_ids. Hence, this field is optional.
DnsAnswer.authoritative_answers:
    Authotitative answers of the query. This is a deprecated property, please
    use 'answers' instead.
DnsAnswer.non_authoritative_answers:
    Non-authotitative answers of the query. This is a deprecated property,
    please use 'answers' instead.
BgpNeighborConfig.in_route_filters:
    Specify path of prefix-list or route map to filter routes for IN direction.
    This property is deprecated, use route_filtering instead. Specifying
    different values for both properties will result in error.
BgpNeighborConfig.out_route_filters:
    Specify path of prefix-list or route map to filter routes for OUT direction.
    When not specified, a built-in prefix-list named 'prefixlist-out-default' is
    automatically applied. This property is deprecated, use route_filtering
    instead. Specifying different values for both properties will result in
    error.
NsxRole.permissions:
    Please use the /user-info/permissions api to get the permission that the
    user has on each feature.
PrincipalIdentityWithCertificate.permission_group:
    Use the 'role' field instead and pass in 'auditor' for read_only_api_users
    or 'enterprise_admin' for the others.
AzureSubnetListRequestParameters.region_id:
    This field is DEPRECATED. region_id will be learnt from vnet_id information.
Tier0Interface.edge_cluster_member_index:
    Specify association of interface with edge cluster member. This property is
    deprecated, use edge_path instead. When both properties are specifed, only
    edge_path property is used.
Tier0Interface.ls_id:
    Specify logical switch to which tier-0 interface is connected for external
    access. This property is deprecated, use segment_path instead. Both
    properties cannot be used together.
RouteBasedIPSecVpnSession.force_whitelisting:
    If true the default firewall rule Action is set to DROP, otherwise set to
    ALLOW. This filed is deprecated and recommended to change Rule action filed.
    Note that this filed is not synchornied with default rule field.


** Deprecated APIs

AddClusterNode (POST /cluster/nodes):
    Add a new controller to the NSX cluster. Deprecated. Use POST
    /cluster?action=join_cluster to join a node to cluster. The controller comes
    with the new node.
ReadNodesStatus (GET /fabric/nodes/status):
    Returns connectivity, heartbeat, and version information about all fabric
    nodes (host or edge). This api is deprecated as part of FN+TN unification.
    Please use Transport Node Status API /transport-nodes/<node-id>/status
    to get status information of a node and to get all transport nodes ids use
    GET /transport-nodes.
ListSecurityGroupRealizedStates (GET /infra/realized-state/enforcement-points//groups/securitygroups):
    Paginated list of all Security Groups. Returns populated Security Groups.
ReadClusterNodeConfig (GET /cluster/nodes/):
    Returns information about the specified NSX cluster node. Deprecated. Use
    GET /cluster/ to get cluster node configuration.
ClearClusterCertificate (POST /cluster/api-certificate?action=clear_cluster_certificate):
    Clears the certificate used for the MP cluster. This does not affect the
    certificate itself. This API is deprecated. Instead use the  /api/v1/cluster
    /api-certificate?action=set_cluster_certificate API to set the cluster
    certificate to a different one. It just means that from now on, individual
    certificates will be used on each MP node. This affects all nodes in the
    cluster.
UpdateBGPCommunityListOld (PUT /logical-routers//routing/bgp/communty-lists/):
    Update a specific BGP community list from a Logical Router
ListVirtualMachinesOnEnforcementPoint (GET /infra/realized-state/enforcement-points//virtual-machines):
    This API filters objects of type virtual machines from the specified NSX
    Manager. This API has been deprecated. Please use the new API GET /infra
    /realized-state/virtual-machines
GetLicense (GET /license):
    Deprecated. Use the GET /licenses API instead.
ReadNodeStatus (GET /fabric/nodes//status):
    Returns connectivity, heartbeat, and version information about a fabric node
    (host or edge). Note that the LCP connectivity status remains down until
    after the fabric node has been added as a transpot node and the NSX host
    switch has been successfully installed. See POST /api/v1/transport-nodes.
    This api is deprecated, use GET /api/v1/transport-nodes/<node-
    id>/status to get status information of a node with constraint FN is
    converted to TN.
GetIpfixObsPoints (GET /ipfix-obs-points):
    Deprecated - Please use /ipfix-profiles for switch IPFIX profile and /ipfix-
    collector-profiles for IPFIX collector profile.
GetComputeCollectionTransportNodeTemplate (GET /compute-collection-transport-node-templates/):
    Returns compute collection transportnode template by id Note- transport node
    templates APIs are deprecated and user is recommended to use transport node
    profiles APIs instead.
ReadNSServiceRealizedState (GET /infra/realized-state/enforcement-points//services/nsservices/):
    Read a NSService.
ListFirewallSectionRealizedStates (GET /infra/realized-state/enforcement-points//firewalls/firewall-sections):
    Paginated list of all Firewalls. Returns populated Firewalls.
GetFabricNodeState (GET /fabric/nodes//state):
    For edge nodes, returns the current install state when deployment is in
    progress, NODE_READY when deployment is complete and the failure state when
    deployment has failed. This api is deprecated. Please use /transport-
    nodes/<transportnode-id>/state to get realized state of a Fabric Node.
ListFabricNodeInterfaces (GET /fabric/nodes//network/interfaces):
    Returns the number of interfaces on the node and detailed information about
    each interface. Interface information includes MTU, broadcast and host IP
    addresses, link and admin status, MAC address, network mask, and the IP
    configuration method (static or DHCP). This api is deprecated. Please use
    Transport Node API GET /transport-nodes//network/interfaces to list node network interfaces for the corresponding
    TN.
DeleteClusterNodeConfig (DELETE /cluster/nodes/):
    Removes the specified controller from the NSX cluster. Before you can remove
    a controller from the cluster, you must shut down the controller service
    with the "stop service controller" command. Deprecated. Use POST /cluster
    /?action=remove_node to detach a node from cluster. The controller
    is removed with the node.
PatchCommunicationMapForDomain (PATCH /infra/domains//communication-maps/):
    Patch the communication map for a domain. If a communication map for the
    given communication-map-id is not present, the object will get created and
    if it is present it will be updated. This is a full replace This API is
    deprecated. Please use the following API instead. PATCH /infra/domains
    /domain-id/security-policies/security-policy-id
ReadSecurityGroupRealizedState (GET /infra/realized-state/enforcement-points//groups/securitygroups/):
    Read a Security Group and the complete tree underneath. Returns the
    populated Security Group object.
PatchCommunicationEntry (PATCH /infra/domains//communication-maps//communication-entries/):
    Patch the CommunicationEntry. If a communication entry for the given
    communication-entry-id is not present, the object will get created and if it
    is present it will be updated. This is a full replace  This API is
    deprecated. Please use the following API instead. PATCH /infra/domains
    /domain-id/security-policies/security-policy-id/rules/rule-id
GetSwitchIpfixConfig (GET /ipfix-obs-points/switch-global):
    Deprecated - Please use /ipfix-profiles/ for switch IPFIX
    profile and /ipfix-collector-profiles/ for IPFIX
    collector profile.
ReadFabricNodeInterfaceStatistics (GET /fabric/nodes//network/interfaces//stats):
    On the specified interface, returns the number of received (rx), transmitted
    (tx), and dropped packets; the number of bytes and errors received and
    transmitted on the interface; and the number of detected collisions. This
    api is deprecated as part of FN+TN unification. Please use /transport-nodes
    //network/interfaces//stats to read network
    interface statistics with contraint FN is converted to TN.
ListComputeCollectionTransportNodeTemplates (GET /compute-collection-transport-node-templates):
    Returns all eligible compute collection transportnode templates Note-
    transport node templates APIs are deprecated and user is recommended to use
    transport node profiles APIs instead.
PerformNodeAction (POST /fabric/nodes/):
    The supported fabric node actions are enter_maintenance_mode,
    exit_maintenance_mode for EdgeNode. This API is deprecated, please call
    TransportNode maintenance mode API to update maintenance mode, refer to
    "Update transport node maintenance mode".
UpdateNetworkMigrationSpec (PUT /network-migration-specs/):
    Network migration specification once created and can be used as a template
    to indicate associated component which networks should be migrated and
    where. Currently migration template can be associated with compute
    collections which are managed by vCenter host profiles, to trigger automatic
    migration of networks for Stateless ESX hosts. Currently we only support
    creation of HostProfileNetworkMigrationSpec type of specification. For a
    HostProfileNetworkMigrationSpec which is already associated with a compute
    collection, updating it would mean next time the system needs to trigger
    migration for hosts managed by compute collection, it will use the updated
    migration specification. Note- transport node templates APIs are deprecated
    and user is recommended to use transport node profiles APIs instead.
DeleteCommunicationMapForDomain (DELETE /infra/domains//communication-maps/):
    Deletes the communication map along with all the communication entries This
    API is deprecated. Please use the following API instead. DELETE
    /infra/domains/domain-id/security-policies/security-policy-id
GetLogicalRouterRouteTableInCsvFormat (GET /logical-routers//routing/route-table?format=csv):
    Deprecated - Please use /logical-routers//routing
    /routing-table for RIB and /logical-routers//routing
    /forwarding-table for FIB. Returns the route table in CSV format for the
    logical router on a node of the given transport-node-id. Query parameter
    "transport_node_id=" is required. Query parameter
    "source=realtime" is the only supported source.
GetComputeCollectionTransportNodeTemplateState (GET /compute-collection-transport-node-templates//state):
    Returns detailed transport node states for this compute collection Note-
    transport node templates APIs are deprecated and user is recommended to use
    transport node profiles APIs instead.
DeleteCommunicationEntry (DELETE /infra/domains//communication-maps//communication-entries/):
    Delete CommunicationEntry This API is deprecated. Please use the following
    API instead. DELETE /infra/domains/domain-id/security-policies/security-
    policy-id/rules/rule-id
GetAwsGatewayAmiInfo (GET /csm/aws/gateway-amis/):
    DEPRECATED. This API is needed only in NSX Cloud as a Service workflow,
    which is discontinued. Returns AWS Gateway AMI for a particular region.
ListNodes (GET /fabric/nodes):
    Returns information about all fabric nodes (hosts and edges). This api is
    deprecated as part of FN+TN unification. Please use Transport Node API GET
    /transport-nodes to list all fabric nodes.
CreateNetworkMigrationSpec (POST /network-migration-specs):
    Network migration specification once created and can be used as a template
    to indicate associated component which networks should be migrated and
    where. Currently migration template can be associated with compute
    collections which are managed by vCenter host profiles, to trigger automatic
    migration of networks for Stateless ESX hosts. Currently we only support
    creation of HostProfileNetworkMigrationSpec type of specification. Note-
    transport node templates APIs are deprecated and user is recommended to use
    transport node profiles APIs instead.
UpdateSwitchIpfixConfig (PUT /ipfix-obs-points/switch-global):
    Deprecated - Please use /ipfix-profiles/ for switch IPFIX
    profile and /ipfix-collector-profiles/ for IPFIX
    collector profile.
ListNodeCapabilities (GET /fabric/nodes//capabilities):
    Returns information about capabilities of a single fabric host node. Edge
    nodes do not have capabilities. This api is deprecated, use GET /transport-
    nodes/<transportnode-id>/capabilities if FN is converted to TN.
RegisterAwsGatewayAmi (POST /csm/aws/gateway-amis):
    DEPRECATED. This API is needed only in NSX Cloud as a Service workflow,
    which is discontinued. Registers a AWS Gateway AMI for the region specified
    in the body. One can register only one gateway AMI ID per region. If a
    gateway AMI is already registered with a region, user is expected to use
    update API to overwrite the registerd AMI for a region.
DeleteLicense (DELETE /licenses/):
    Deprecated. Use POST /licenses?action=delete API instead.
ReadFirewallSectionRealizedState (GET /infra/realized-state/enforcement-points//firewalls/firewall-sections/):
    Read a Firewall and the complete tree underneath. Returns the populated
    Firewall object.
ListEnforcementPointForInfra (GET /infra/deployment-zones//enforcement-points):
    Paginated list of all enforcementpoints for infra. This is a deprecated API.
    DeploymentZone has been renamed to Site. Use GET /infra/sites/site-id
    /enforcement-points.
ReadNode (GET /fabric/nodes/):
    Returns information about a specific fabric node (host or edge). This api is
    deprecated, use Transport Node API GET /transport-nodes/<transport-node-
    id> to get fabric node information.
UpdateLicense (PUT /license):
    Deprecated. Use the POST /licenses API instead
RegisterPrincipalIdentity (POST /trust-management/principal-identities):
    Associates a principal's name with a certificate that is used to
    authenticate. Deprecated, use POST /trust-management/principal-identities
    /with-certificate instead.
ReadEnforcementPointForInfra (GET /infra/deployment-zones//enforcement-points/):
    Read an Enforcement Point. This is a deprecated API. DeploymentZone has been
    renamed to Site. Use GET /infra/sites/site-id/enforcement-points
    /enforcementpoint-id.
GetGroupVMStatistics (GET /infra/domains//groups//statistics/virtual-machines):
    Get the effective VM membership for the Group. This API also gives some VM
    details such as VM name, IDs and the current state of the VMs.
ListNetworkMigrationSpecs (GET /network-migration-specs):
    Network migration specification once created and can be used as a template
    to indicate associated component which networks should be migrated and
    where. Currently migration template can be associated with compute
    collections which are managed by vCenter host profiles, to trigger automatic
    migration of networks for Stateless ESX hosts. Currently we only support
    creation of HostProfileNetworkMigrationSpec type of specification. Note-
    transport node templates APIs are deprecated and user is recommended to use
    transport node profiles APIs instead.
ReadFabricNodeInterface (GET /fabric/nodes//network/interfaces/):
    Returns detailed information about the specified interface. Interface
    information includes MTU, broadcast and host IP addresses, link and admin
    status, MAC address, network  mask, and the IP configuration method (static
    or DHCP). This api is deprecated as part of FN+TN unification. Please use
    Transport Node API GET /transport-nodes//network/interfaces/ to get interface details of a node.
UpdateCommunicationMapForDomain (PUT /infra/domains//communication-maps/):
    Create or Update the communication map for a domain. This is a full replace.
    All the CommunicationEntries are replaced. This API is deprecated. Please
    use the following API instead. PUT /infra/domains/domain-id/security-
    policies/security-policy-id
ListClusterNodeConfigs (GET /cluster/nodes):
    Returns information about all NSX cluster nodes. Deprecated. Use GET
    /cluster to get cluster configuration.
UpdateNode (PUT /fabric/nodes/):
    Modifies attributes of a fabric node (host or edge). This api is deprecated
    as part of FN+TN unification. Please use Transport Node API PUT /transport-
    nodes/<transport-node-id> to update fabric node details. API PUT
    /transport-nodes/ to update fabric node details.
ReadCommunicationEntry (GET /infra/domains//communication-maps//communication-entries/):
    Read CommunicationEntry This API is deprecated. Please use the following API
    instead. GET /infra/domains/domain-id/security-policies/security-policy-
    id/rules/rule-id
DeleteComputeCollectionTransportNodeTemplateAndTNCollection (DELETE /compute-collection-transport-node-templates/):
    Delete the specified compute collection transport node template. Note-
    transport node templates APIs are deprecated and user is recommended to use
    transport node profiles APIs instead.
UpdateAwsGatewayAmi (PUT /csm/aws/gateway-amis/):
    DEPRECATED. This API is needed only in NSX Cloud as a Service workflow,
    which is discontinued. Update a AWS Gateway AMI.
DeleteEnforcementPoint (DELETE /infra/deployment-zones//enforcement-points/):
    Delete EnforcementPoint. This is a deprecated API. DeploymentZone has been
    renamed to Site. Use DELETE /infra/sites/site-id/enforcement-points
    /enforcementpoint-id.
IncrementRealizationStateBarrier (POST /realization-state-barrier/current?action=increment):
    Increment the current barrier number by 1 for NSX. This method has been
    deprecated. To track realization state, use X-NSX-REQUESTID request header
    instead.
ListAwsGatewayAmis (GET /csm/aws/gateway-amis):
    DEPRECATED. This API is needed only in NSX Cloud as a Service workflow,
    which is discontinued. Returns a list of Aws Gateway Amis.
ReadNSGroupRealizedState (GET /infra/realized-state/enforcement-points//groups/nsgroups/):
    Read a NSGroup and the complete tree underneath. Returns the populated
    NSgroup object.
ListDeploymentZonesForInfra (GET /infra/deployment-zones):
    Paginated list of all Deployment zones for infra. This is a deprecated API.
    DeploymentZone has been renamed to Site. Use GET /infra/sites.
ListNSServiceRealizedStates (GET /infra/realized-state/enforcement-points//services/nsservices):
    Paginated list of all Realized NSService.
DeleteNode (DELETE /fabric/nodes/):
    Removes a specified fabric node (host or edge). A fabric node may only be
    deleted when it is no longer referenced by a Transport Node. If
    unprepare_host option is set to false, the host will be deleted without
    uninstalling the NSX components from the host. This api is deprecated, use
    Transport Node API DELETE /transport-nodes/<transport-node-id> to
    delete FN. DELETE /transport-nodes/ to delete FN.
ListIPSetRealizedStates (GET /infra/realized-state/enforcement-points//ip-sets/ip-sets-nsxt):
    Paginated list of all Realized IPSets
UpdateCommunicationEntry (PUT /infra/domains//communication-maps//communication-entries/):
    Update the CommunicationEntry. If a CommunicationEntry with the
    communication-entry-id is not already present, this API fails with a 404.
    Creation of CommunicationEntries is not allowed using this API. This API is
    deprecated. Please use the following API instead PUT /infra/domains/domain-
    id/security-policies/securit-policy-id/rules/rule-id
ListCommunicationMapsForDomain (GET /infra/domains//communication-maps):
    List all communication maps for a domain. This API is deprecated. Please use
    the following API instead. GET /infra/domains/domain-id/security-policies
HostPrepDiscoveredNode (POST /fabric/discovered-nodes/?action=hostprep):
    Prepares(hostprep) discovered node for NSX. NSX LCP bundles are installed on
    this discovered node. This API is deprecated. Use /fabric/discovered-nodes
    /?action=create_transport_node
ReviseCommunicationMaps (POST /infra/domains//communication-maps/?action=revise):
    This is used to set a precedence of a communication map w.r.t others. This
    API is deprecated. Please use the following API instead. POST /infra/domains
    /domain-id/security-policies/security-policy-id?action=revise
ListNSGroupRealizedStates (GET /infra/realized-state/enforcement-points//groups/nsgroups):
    Paginated list of all NSGroups. Returns populated NSGroups.
ReadCommunicationMapForDomain (GET /infra/domains//communication-maps/):
    Read communication-map for a domain. This API is deprecated. Please use the
    following API instead. GET /infra/domains/domain-id/security-policies
    /security-policy-id
GetLicenseByKey (GET /licenses/):
    Deprecated. Use GET /licenses API instead.
UpdateProxyService (PUT /node/services/http):
    This API is deprecated.  Make changes to the http service configuration by
    calling the PUT /api/v1/cluster/api-service API.
GetFabricNodeModules (GET /fabric/nodes//modules):
    Get the module details of a Fabric Node This api is deprecated, use
    Transport Node API GET /transport-nodes/<transportnode-id>/modules to
    get fabric node modules.
UploadUpgradeBundle (POST /upgrade/bundle?action=upload):
    Upload the upgrade bundle. The call returns after upload is initiated. User
    needs to check upload status periodically by retrieving upgrade bundle
    upload status to find out if the upload is completed. This API is
    deprecated, please use /upgrade/bundles?action=upload API to upload the
    upgrade bundle.
ReadProxyService (GET /node/services/http):
    This API is deprecated.  Read the configuration of the http service by
    calling the GET /api/v1/cluster/api-service API.
DeleteNetworkMigrationSpec (DELETE /network-migration-specs/):
    Delete the specified network migration specification template. Delete will
    fail if this is a HostProfileNetworkMigrationSpec and is associated with
    certain compute collection. Note- transport node templates APIs are
    deprecated and user is recommended to use transport node profiles APIs
    instead.
DeleteAwsGatewayAmi (DELETE /csm/aws/gateway-amis/):
    DEPRECATED. This API is needed only in NSX Cloud as a Service workflow,
    which is discontinued. Delete a AWS Gateway AMI.
GetCurrentBarrier (GET /realization-state-barrier/current):
    Returns the current global realization barrier number for NSX. This method
    has been deprecated. To track realization state, use X-NSX-REQUESTID request
    header instead.
ReadClusterNodesAggregateStatus (GET /cluster/nodes/status):
    Read aggregated runtime status of all cluster nodes. Deprecated. Use GET
    /cluster/status instead.
ListCommunicationEntry (GET /infra/domains//communication-maps//communication-entries):
    List CommunicationEntries This API is deprecated. Please use the following
    API instead. GET /infra/domains/domain-id/security-policies/security-policy-
    id/rules
ListAwsSecurityGroups (GET /csm/aws/vpcs/security-groups):
    Returns a list of AWS security groups. Deprecated: Please use /csm/aws/vpcs
    //security-groups instead.
ReadDeploymentZoneInfra (GET /infra/deployment-zones/):
    Read a Deployment Zone. This is a deprecated API. DeploymentZone has been
    renamed to Site. Use GET /infra/sites/site-id.
ReviseCommunicationEntry (POST /infra/domains//communication-maps//communication-entries/?action=revise):
    This is used to re-order a communictation entry within a communication map.
    This API is deprecated. Please use the following API instead. POST
    /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-
    id?action=revise
CreateComputeCollectionTransportNodeTemplateAndTNCollection (POST /compute-collection-transport-node-templates):
    If automated transport node creation is configured on compute collection,
    this template will serve as the default setting for transport node creation.
    Note- transport node templates APIs are deprecated and user is recommended
    to use transport node profiles APIs instead.
RestartInventorySync (POST /fabric/nodes/?action=restart_inventory_sync):
    Restart the inventory sync for the node if it is currently internally
    paused. After this action the next inventory sync coming from the node is
    processed. This api is deprecated as part of FN+TN unification. Please use
    Transport Node API POST /transport-nodes/<transport-node-
    id>?action=restart_inventory_sync to restart inventory sync of node.
AddNode (POST /fabric/nodes):
    Creates a host node (hypervisor) or edge node (router) in the transport
    network.  When you run this command for a host, NSX Manager attempts to
    install the NSX kernel modules, which are packaged as VIB, RPM, or DEB
    files. For the installation to succeed, you must provide the host login
    credentials and the host thumbprint.  To get the ESXi host thumbprint, SSH
    to the host and run the openssl x509 -in /etc/vmware/ssl/rui.crt
    -fingerprint -sha256 -noout command.  To generate host key thumbprint
    using SHA-256 algorithm please follow the steps below.  Log into the host,
    making sure that the connection is not vulnerable to a man in the middle
    attack. Check whether a public key already exists. Host public key is
    generally located at '/etc/ssh/ssh_host_rsa_key.pub'. If the key is not
    present then generate a new key by running the following command and follow
    the instructions.  ssh-keygen -t rsa  Now generate a SHA256 hash of
    the key using the following command. Please make sure to pass the
    appropriate file name if the public key is stored with a different file name
    other than the default 'id_rsa.pub'.  awk '{print $2}' id_rsa.pub |
    base64 -d | sha256sum -b | sed 's/ .*$//' | xxd -r -p | base64 This api
    is deprecated as part of FN+TN unification. Please use Transport Node API
    POST /transport-nodes to install NSX components on a node.
ReadIPSetRealizedState (GET /infra/realized-state/enforcement-points//ip-sets/ip-sets-nsxt/):
    Read an IPSet
ReadMACSetRealizedState (GET /infra/realized-state/enforcement-points//mac-sets/mac-sets-nsxt/):
    Read an MACSet
GetNetworkMigrationSpec (GET /network-migration-specs/):
    Network migration specification once created and can be used as a template
    to indicate associated component which networks should be migrated and
    where. Currently migration template can be associated with compute
    collections which are managed by vCenter host profiles, to trigger automatic
    migration of networks for Stateless ESX hosts. Currently we only support
    creation of HostProfileNetworkMigrationSpec type of specification. Note-
    transport node templates APIs are deprecated and user is recommended to use
    transport node profiles APIs instead.
ListMACSetRealizedStates (GET /infra/realized-state/enforcement-points//mac-sets/mac-sets-nsxt):
    Paginated list of all Realized MACSets
GetLogicalRouterRouteTable (GET /logical-routers//routing/route-table):
    Deprecated - Please use /logical-routers//routing
    /routing-table for RIB and /logical-routers//routing
    /forwarding-table for FIB. Returns the route table for the logical router on
    a node of the given transport-node-id. Query parameter "transport_node_id
    =" is required. Query parameter "source=realtime" is the
    only supported source.
UpdateComputeCollectionTransportNodeTemplateAndTNCollection (PUT /compute-collection-transport-node-templates/):
    Update configuration of compute collection transportnode template.
    Compute_collection_id isn't allowed to be changed since it represents the
    association between ComputeCollection and this template. This is determined
    when ComputeCollectionTransportNodeTemplate got created. Note- transport
    node templates APIs are deprecated and user is recommended to use transport
    node profiles APIs instead.
CreateOrUpdateEnforcementPointForInfra (PUT /infra/deployment-zones//enforcement-points/):
    If the passed Enforcement Point does not already exist, create a new
    Enforcement Point. If it already exists, replace it. This is a deprecated
    API. DeploymentZone has been renamed to Site. Use PUT /infra/sites/site-id
    /enforcement-points/enforcementpoint-id.
PatchEnforcementPointForInfra (PATCH /infra/deployment-zones//enforcement-points/):
    If the passed Enforcement Point does not already exist, create a new
    Enforcement Point. If it already exists, patch it. This is a deprecated API.
    DeploymentZone has been renamed to Site. Use PATCH /infra/sites/site-1
    /enforcement-points/enforcementpoint-1.